IOC Report
hBB2KnTndI.exe

loading gif

Files

File Path
Type
Category
Malicious
hBB2KnTndI.exe
PE32 executable (console) Intel 80386, for MS Windows
initial sample
malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_hBB2KnTndI.exe_ad2fc02f1e967b8af8cf5fed27f1f4916534b2_362a01e9_1b4c45b6\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
dropped
malicious
C:\Users\user\AppData\Local\Temp\a10b8dfb5f\orxds.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_hBB2KnTndI.exe_ad2fc02f1e967b8af8cf5fed27f1f4916534b2_362a01e9_181a7760\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
dropped
malicious
C:\ProgramData\Microsoft\Windows\WER\Temp\WER325D.tmp.dmp
Mini DuMP crash report, 14 streams, Mon May 30 02:43:39 2022, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER36B3.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3A6D.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER66C6.tmp.dmp
Mini DuMP crash report, 14 streams, Mon May 30 02:33:16 2022, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6957.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6B7B.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\hBB2KnTndI.exe
"C:\Users\user\Desktop\hBB2KnTndI.exe"
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
malicious
C:\Users\user\AppData\Local\Temp\a10b8dfb5f\orxds.exe
"C:\Users\user\AppData\Local\Temp\a10b8dfb5f\orxds.exe"
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6464 -s 148
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6828 -s 272

URLs

Name
IP
Malicious
http://gcc.gnu.org/bugs.html):
unknown

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
AmiHivePermissionsCorrect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
AmiHiveOwnerCorrect
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
ProgramId
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
FileId
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
LowerCaseLongPath
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
LongPathHash
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Name
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Publisher
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Version
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
BinFileVersion
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
BinaryType
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
ProductName
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
ProductVersion
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
LinkDate
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
BinProductVersion
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Size
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Language
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
IsPeFile
\REGISTRY\A\{cba929a6-e2cc-96a7-edd2-4309e4d6570c}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
IsOsComponent
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
ExceptionRecord
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
0018800453F4626F
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
ProgramId
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
FileId
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
LowerCaseLongPath
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
LongPathHash
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Name
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Publisher
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Version
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
BinFileVersion
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
BinaryType
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
ProductName
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
ProductVersion
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
LinkDate
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
BinProductVersion
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Size
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
Language
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
IsPeFile
\REGISTRY\A\{b1c2ab10-7ad8-8a2c-ed85-65085f84b8ad}\Root\InventoryApplicationFile\hbb2kntndi.exe|3bf43472
IsOsComponent
There are 31 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
8A0000
direct allocation
page execute and read and write
malicious
4B7000
unkown
page read and write
malicious
4B7000
unkown
page read and write
malicious
4B7000
unkown
page read and write
malicious
401000
remote allocation
page execute read
malicious
26C712D0000
heap
page read and write
26C72900000
heap
page read and write
1E408E53000
heap
page read and write
29A63920000
trusted library allocation
page read and write
2087AA85000
heap
page read and write
B8AAC8B000
stack
page read and write
2087AA60000
heap
page read and write
2384F020000
heap
page read and write
2087AA55000
heap
page read and write
2384EB84000
heap
page read and write
53B000
unkown
page readonly
2087AA56000
heap
page read and write
29A642D0000
trusted library allocation
page read and write
8E67B7F000
stack
page read and write
2384EBA8000
heap
page read and write
1E2CA930000
heap
page read and write
26C72865000
heap
page read and write
2384EB69000
heap
page read and write
A6D000
stack
page read and write
26C712EB000
heap
page read and write
29A63771000
heap
page read and write
B6C000
stack
page read and write
2087AA65000
heap
page read and write
75C000
stack
page read and write
2384F002000
heap
page read and write
29A6375C000
heap
page read and write
B8AAD0E000
stack
page read and write
2384E25A000
heap
page read and write
1E6EAC67000
heap
page read and write
2384EB86000
heap
page read and write
2384E302000
heap
page read and write
30000
unkown
page read and write
26C72740000
trusted library allocation
page read and write
1467E980000
heap
page read and write
2384EB8C000
heap
page read and write
29A6377B000
heap
page read and write
26C712B7000
heap
page read and write
2087B130000
trusted library allocation
page read and write
2384E990000
remote allocation
page read and write
77C80EB000
stack
page read and write
2384EB14000
heap
page read and write
29A64590000
trusted library allocation
page read and write
D3B3EFF000
stack
page read and write
9D000
stack
page read and write
EEF2EFA000
stack
page read and write
2004C22A000
heap
page read and write
1E408E49000
heap
page read and write
50AF000
stack
page read and write
26C72671000
trusted library allocation
page read and write
9EA5DAF000
stack
page read and write
1E408F13000
heap
page read and write
77C85FB000
stack
page read and write
30000
heap
page read and write
2384EB97000
heap
page read and write
1467F170000
remote allocation
page read and write
26C76B10000
trusted library allocation
page read and write
2384F000000
heap
page read and write
29A63890000
trusted library allocation
page read and write
2087AA57000
heap
page read and write
1082CFC000
stack
page read and write
26C76C80000
trusted library allocation
page read and write
39965FD000
stack
page read and write
EA393FD000
stack
page read and write
1FF0FC13000
heap
page read and write
2384E229000
heap
page read and write
1467EA13000
heap
page read and write
1FF0FB90000
trusted library allocation
page read and write
D5F000
stack
page read and write
26C72902000
heap
page read and write
2384EB84000
heap
page read and write
2087A960000
heap
page read and write
1E6EAC6B000
heap
page read and write
DD2000
unkown
page write copy
26C76B21000
trusted library allocation
page read and write
1FF10500000
heap
page read and write
26C72784000
trusted library allocation
page read and write
26C72720000
trusted library allocation
page read and write
D3B447C000
stack
page read and write
2384E2C7000
heap
page read and write
77C81EE000
stack
page read and write
26C72854000
heap
page read and write
890000
trusted library allocation
page read and write
12E4EB21000
heap
page read and write
1C0000
trusted library allocation
page read and write
26C76B24000
trusted library allocation
page read and write
1E408CA0000
heap
page read and write
160BE7B000
stack
page read and write
29A6375C000
heap
page read and write
D3B417C000
stack
page read and write
4DDA7D000
stack
page read and write
DD2000
unkown
page read and write
2384E308000
heap
page read and write
2384EB70000
heap
page read and write
29A63900000
trusted library allocation
page read and write
26C71A00000
heap
page read and write
D5F000
stack
page read and write
12E4EB21000
heap
page read and write
DC1000
unkown
page execute read
26C72847000
heap
page read and write
39969FE000
stack
page read and write
2087AA7F000
heap
page read and write
4BDA000
heap
page read and write
2087AA5F000
heap
page read and write
29A635D0000
trusted library allocation
page read and write
2384EB6B000
heap
page read and write
12E4EB26000
heap
page read and write
13189802000
trusted library allocation
page read and write
1467E9E0000
heap
page read and write
2384EBA3000
heap
page read and write
EA3927D000
stack
page read and write
D60000
heap
page read and write
2087AA59000
heap
page read and write
1E6EAD00000
heap
page read and write
6780000
heap
page read and write
2004C100000
heap
page read and write
537000
unkown
page read and write
2384E227000
heap
page read and write
4B70000
heap
page read and write
2384EB95000
heap
page read and write
2384EB98000
heap
page read and write
1082AFE000
stack
page read and write
26C71A02000
heap
page read and write
2384EB00000
heap
page read and write
4A90000
heap
page read and write
4B77000
heap
page read and write
EEF2C7E000
stack
page read and write
1467EA40000
heap
page read and write
9EA6279000
stack
page read and write
DC0000
unkown
page readonly
26C71229000
heap
page read and write
EA392FB000
stack
page read and write
44F0000
trusted library allocation
page read and write
26C728AB000
heap
page read and write
B8AAD8E000
stack
page read and write
1E2CAA56000
heap
page read and write
2384E255000
heap
page read and write
2384EB8C000
heap
page read and write
2384EB96000
heap
page read and write
4EE000
unkown
page execute and read and write
A00000
trusted library allocation
page read and write
53B000
unkown
page readonly
2384E2AB000
heap
page read and write
29A63780000
heap
page read and write
2384EBBC000
heap
page read and write
2384EB98000
heap
page read and write
26C76B10000
trusted library allocation
page read and write
13189066000
heap
page read and write
2384EBA6000
heap
page read and write
26C72904000
heap
page read and write
26C71B13000
heap
page read and write
2384F002000
heap
page read and write
2087AA62000
heap
page read and write
2384E288000
heap
page read and write
2384EB84000
heap
page read and write
2384E2DA000
heap
page read and write
2087AA75000
heap
page read and write
39968FF000
stack
page read and write
4EE000
unkown
page execute and read and write
2384EB84000
heap
page read and write
1FF0FC29000
heap
page read and write
2004C213000
heap
page read and write
7F0000
heap
page read and write
1FF0FD13000
heap
page read and write
B90000
remote allocation
page read and write
1E6EAC62000
heap
page read and write
1FF0FC89000
heap
page read and write
26C72750000
trusted library allocation
page read and write
26C728F8000
heap
page read and write
2384E100000
heap
page read and write
12E4EB3D000
heap
page read and write
7DE000
stack
page read and write
26C728FD000
heap
page read and write
26C728DB000
heap
page read and write
26C71B59000
heap
page read and write
2384E990000
remote allocation
page read and write
8E6767E000
stack
page read and write
2384EB86000
heap
page read and write
78E65CE000
stack
page read and write
555000
unkown
page readonly
401000
unkown
page execute read
26C72780000
trusted library allocation
page read and write
1E6EAC60000
heap
page read and write
2384EB50000
heap
page read and write
26C71328000
heap
page read and write
2384E24C000
heap
page read and write
400000
unkown
page readonly
1318906A000
heap
page read and write
A6A000
heap
page read and write
42B000
remote allocation
page readonly
2384EB84000
heap
page read and write
26C76CA0000
trusted library allocation
page read and write
2384E24D000
heap
page read and write
2087AA13000
heap
page read and write
1E2CAA29000
heap
page read and write
26C71B04000
heap
page read and write
4DD67C000
stack
page read and write
39964FC000
stack
page read and write
3996CFE000
stack
page read and write
26C712AE000
heap
page read and write
2384EB6E000
heap
page read and write
6CDE000
stack
page read and write
12E4EAFB000
heap
page read and write
2384EBA8000
heap
page read and write
2384EB64000
heap
page read and write
12E4EB16000
heap
page read and write
1FF0FC72000
heap
page read and write
4F1000
unkown
page readonly
2384E2E1000
heap
page read and write
2087AA4A000
heap
page read and write
1E2CAA00000
heap
page read and write
26C728E0000
heap
page read and write
6E1E000
stack
page read and write
2384EB16000
heap
page read and write
2087A970000
heap
page read and write
1FF0FCBC000
heap
page read and write
F5F000
stack
page read and write
2384EB95000
heap
page read and write
2384EB68000
heap
page read and write
DC0000
unkown
page readonly
12E4E930000
heap
page read and write
9E9000
heap
page read and write
160BF7B000
stack
page read and write
673E000
stack
page read and write
2087AA64000
heap
page read and write
1467EA2A000
heap
page read and write
5120000
heap
page read and write
2087AA68000
heap
page read and write
9EA5D2B000
stack
page read and write
12E4EB33000
heap
page read and write
7DE000
stack
page read and write
39967FD000
stack
page read and write
4E6E000
stack
page read and write
1467F202000
trusted library allocation
page read and write
53B000
unkown
page readonly
13189052000
heap
page read and write
2004C226000
heap
page read and write
EA3917C000
stack
page read and write
2087AA58000
heap
page read and write
1C0000
trusted library allocation
page read and write
26C72852000
heap
page read and write
13188F10000
heap
page read and write
1E6EAC69000
heap
page read and write
555000
unkown
page readonly
1E2CAA87000
heap
page read and write
12E4EB14000
heap
page read and write
2384E200000
heap
page read and write
2384E250000
heap
page read and write
26C72902000
heap
page read and write
2384E259000
heap
page read and write
26C71B02000
heap
page read and write
1E2CA9A0000
heap
page read and write
D5F000
stack
page read and write
2384EB96000
heap
page read and write
2384E23C000
heap
page read and write
1082A7E000
stack
page read and write
8E676FE000
stack
page read and write
2087AA6C000
heap
page read and write
12E4EA60000
heap
page read and write
DC0000
unkown
page readonly
2384EB84000
heap
page read and write
F5F000
stack
page read and write
2384EBAC000
heap
page read and write
2384EBAF000
heap
page read and write
26C71299000
heap
page read and write
78E6B7F000
stack
page read and write
13188FB0000
trusted library allocation
page read and write
890000
trusted library allocation
page read and write
26C71302000
heap
page read and write
48F9000
stack
page read and write
79E000
stack
page read and write
29A64540000
trusted library allocation
page read and write
1467EA5C000
heap
page read and write
1E6EAA10000
heap
page read and write
B90000
remote allocation
page read and write
29A63718000
heap
page read and write
1E408F02000
heap
page read and write
26C71200000
heap
page read and write
26C72800000
heap
page read and write
1FF0FCC4000
heap
page read and write
8E67A77000
stack
page read and write
26C712EB000
heap
page read and write
2384EB71000
heap
page read and write
26C76BA0000
remote allocation
page read and write
2087AA76000
heap
page read and write
2384F003000
heap
page read and write
1E6EAC7F000
heap
page read and write
1FF0FCE2000
heap
page read and write
2384F003000
heap
page read and write
12E4EA90000
heap
page read and write
1E2CAB00000
heap
page read and write
29A63785000
heap
page read and write
2087AA63000
heap
page read and write
12E4EB01000
heap
page read and write
1E6EAC3C000
heap
page read and write
2384EBD6000
heap
page read and write
12E4EA85000
heap
page read and write
26C726B0000
trusted library allocation
page read and write
160C07B000
stack
page read and write
29A638A0000
trusted library allocation
page read and write
1467F140000
trusted library allocation
page read and write
26C72847000
heap
page read and write
1E6EAC13000
heap
page read and write
26C72A00000
trusted library allocation
page read and write
78E697E000
stack
page read and write
4EE000
unkown
page execute and read and write
D3B4277000
stack
page read and write
2384EB64000
heap
page read and write
1318903C000
heap
page read and write
26C71316000
heap
page read and write
1E2CAA2E000
heap
page read and write
555000
unkown
page readonly
12E4EB21000
heap
page read and write
3996BFE000
stack
page read and write
B8AB17E000
stack
page read and write
401000
unkown
page execute read
870000
heap
page read and write
C20000
heap
page read and write
9EA657A000
stack
page read and write
26C76B60000
trusted library allocation
page read and write
2384E2B5000
heap
page read and write
4B7000
unkown
page write copy
439000
remote allocation
page readonly
12E4EB26000
heap
page read and write
9EA637B000
stack
page read and write
8E67C7F000
stack
page read and write
1E408E4E000
heap
page read and write
26C71180000
heap
page read and write
26C728A4000
heap
page read and write
8E677FC000
stack
page read and write
26C71226000
heap
page read and write
26C728F1000
heap
page read and write
2004C110000
heap
page read and write
9EA6177000
stack
page read and write
2384F002000
heap
page read and write
26C712E6000
heap
page read and write
13189000000
heap
page read and write
2087AA5A000
heap
page read and write
8E678FB000
stack
page read and write
2087AA6A000
heap
page read and write
C2A000
heap
page read and write
2384EB72000
heap
page read and write
1FF0FB60000
heap
page read and write
2384E1A0000
trusted library allocation
page read and write
29A6377C000
heap
page read and write
2004C258000
heap
page read and write
26C712E7000
heap
page read and write
2384EB84000
heap
page read and write
EA395FD000
stack
page read and write
26C72770000
trusted library allocation
page read and write
1E6EA9B0000
heap
page read and write
1E2CAA3C000
heap
page read and write
F5F000
stack
page read and write
EEF2CFE000
stack
page read and write
12E4EB12000
heap
page read and write
26C712BC000
heap
page read and write
2384EB64000
heap
page read and write
26C71B59000
heap
page read and write
26C71289000
heap
page read and write
7DE000
stack
page read and write
26C712F6000
heap
page read and write
1FF0FC00000
heap
page read and write
26C7129E000
heap
page read and write
2004C23D000
heap
page read and write
4DD97F000
stack
page read and write
D3B437E000
stack
page read and write
79E000
stack
page read and write
26C72730000
trusted library allocation
page read and write
2384EB84000
heap
page read and write
26C728FC000
heap
page read and write
26C71B18000
heap
page read and write
26C712CA000
heap
page read and write
2384EBA3000
heap
page read and write
1082BF8000
stack
page read and write
10827EA000
stack
page read and write
77C87F7000
stack
page read and write
A6A000
heap
page read and write
4BA6000
heap
page read and write
26C71170000
heap
page read and write
13189100000
heap
page read and write
890000
trusted library allocation
page read and write
26C728A2000
heap
page read and write
2004C202000
heap
page read and write
2384E313000
heap
page read and write
4A0E000
stack
page read and write
1E408C90000
heap
page read and write
2384EBB5000
heap
page read and write
2004C254000
heap
page read and write
2384E213000
heap
page read and write
2384EB84000
heap
page read and write
26C72852000
heap
page read and write
29A63772000
heap
page read and write
160B8AC000
stack
page read and write
29A63830000
heap
page read and write
1467EA02000
heap
page read and write
D3B3E7B000
stack
page read and write
2384E170000
heap
page read and write
26C76B80000
trusted library allocation
page read and write
2384EB98000
heap
page read and write
12E4EAF0000
heap
page read and write
12E4EA80000
heap
page read and write
1E408F00000
heap
page read and write
2384EBAF000
heap
page read and write
D3B407C000
stack
page read and write
1E2CAA7B000
heap
page read and write
B8AB0F9000
stack
page read and write
2087AA2A000
heap
page read and write
1E6EB202000
trusted library allocation
page read and write
13188F80000
heap
page read and write
29A635C0000
heap
page read and write
2384E252000
heap
page read and write
4DD57E000
stack
page read and write
26C721F0000
trusted library allocation
page read and write
4F0000
unkown
page read and write
1E2CAB08000
heap
page read and write
1E408E7C000
heap
page read and write
1E2CB202000
trusted library allocation
page read and write
2384EB64000
heap
page read and write
29A63754000
heap
page read and write
1E408E6A000
heap
page read and write
2384E2EB000
heap
page read and write
1FF0FC69000
heap
page read and write
2004C302000
heap
page read and write
1318907B000
heap
page read and write
4DD1EC000
stack
page read and write
26C76B30000
trusted library allocation
page read and write
1E6EABE0000
trusted library allocation
page read and write
4F1000
unkown
page readonly
77C88FF000
stack
page read and write
12E4EB42000
heap
page read and write
1E6EAC6C000
heap
page read and write
1E6EA9A0000
heap
page read and write
8C0000
remote allocation
page read and write
EEF32FE000
unkown
page read and write
2384E2AE000
heap
page read and write
9E9000
heap
page read and write
2384E990000
remote allocation
page read and write
2384E24F000
heap
page read and write
EEF299B000
stack
page read and write
4F0000
unkown
page read and write
2384EA02000
heap
page read and write
9EA647F000
stack
page read and write
12E4EB17000
heap
page read and write
1FF0FAF0000
heap
page read and write
1E6EAC8A000
heap
page read and write
2384EB95000
heap
page read and write
DD4000
unkown
page readonly
12E4EB41000
heap
page read and write
2384E270000
heap
page read and write
9E0000
heap
page read and write
1E2CA940000
heap
page read and write
2384F002000
heap
page read and write
1FF0FD02000
heap
page read and write
2384EB84000
heap
page read and write
1C0000
trusted library allocation
page read and write
1E408F08000
heap
page read and write
2004C170000
heap
page read and write
1E408E13000
heap
page read and write
2384EB8E000
heap
page read and write
2004CA02000
trusted library allocation
page read and write
26C76B10000
trusted library allocation
page read and write
2004C313000
heap
page read and write
29A6375C000
heap
page read and write
8D9000
direct allocation
page execute and read and write
2384EB7B000
heap
page read and write
B90000
remote allocation
page read and write
DD4000
unkown
page readonly
78E6C7F000
stack
page read and write
29A63785000
heap
page read and write
4DD8FD000
stack
page read and write
2087AA00000
heap
page read and write
6BDE000
stack
page read and write
2384EBA7000
heap
page read and write
1467F170000
remote allocation
page read and write
29A63710000
heap
page read and write
26C72770000
trusted library allocation
page read and write
2087A9D0000
heap
page read and write
1E6EAC29000
heap
page read and write
DD2000
unkown
page write copy
1E6EAC53000
heap
page read and write
1E408E2E000
heap
page read and write
1467F170000
remote allocation
page read and write
9EA6C7F000
stack
page read and write
9D000
stack
page read and write
401000
unkown
page execute read
4B9A000
heap
page read and write
870000
heap
page read and write
12E4EB3C000
heap
page read and write
2384F019000
heap
page read and write
13189029000
heap
page read and write
26C712BC000
heap
page read and write
2384EB7B000
heap
page read and write
2087B202000
trusted library allocation
page read and write
26C71286000
heap
page read and write
2384E2C1000
heap
page read and write
26C7123D000
heap
page read and write
79E000
stack
page read and write
26C72750000
trusted library allocation
page read and write
26C76B00000
trusted library allocation
page read and write
1E6EAC63000
heap
page read and write
DD4000
unkown
page readonly
75C000
stack
page read and write
1FF0FC3E000
heap
page read and write
6790000
heap
page read and write
1E6EAC65000
heap
page read and write
78E64CC000
stack
page read and write
9E9000
heap
page read and write
77C84FB000
stack
page read and write
26C76B70000
trusted library allocation
page read and write
A60000
heap
page read and write
2004C27B000
heap
page read and write
1E408E3C000
heap
page read and write
400000
unkown
page readonly
77C816E000
stack
page read and write
D5E000
stack
page read and write
2384EB12000
heap
page read and write
2087AB02000
heap
page read and write
4DD7FE000
stack
page read and write
1467E970000
heap
page read and write
8E6797E000
stack
page read and write
2087AA61000
heap
page read and write
4FAF000
stack
page read and write
2004C25B000
heap
page read and write
29A63910000
heap
page read and write
29A64510000
trusted library allocation
page read and write
1467EB02000
heap
page read and write
12E4EB06000
heap
page read and write
66FD000
stack
page read and write
26C76BA0000
remote allocation
page read and write
400000
unkown
page readonly
A6A000
heap
page read and write
8C0000
remote allocation
page read and write
3995FAC000
stack
page read and write
2087AA3C000
heap
page read and write
1082C7E000
stack
page read and write
1FF10402000
heap
page read and write
13189113000
heap
page read and write
DD2000
unkown
page write copy
2384EB85000
heap
page read and write
29A63810000
heap
page read and write
2004C200000
heap
page read and write
4F1000
unkown
page readonly
29A6375E000
heap
page read and write
8E673DB000
stack
page read and write
26C72740000
trusted library allocation
page read and write
2384F002000
heap
page read and write
2087AA7B000
heap
page read and write
2087AA5C000
heap
page read and write
2087AA7A000
heap
page read and write
400000
remote allocation
page readonly
2384EB66000
heap
page read and write
26C76B08000
trusted library allocation
page read and write
1E408E86000
heap
page read and write
1E408E00000
heap
page read and write
2087AA42000
heap
page read and write
2384EB98000
heap
page read and write
1FF0FCCD000
heap
page read and write
2384F002000
heap
page read and write
26C71257000
heap
page read and write
9E0000
heap
page read and write
2384E257000
heap
page read and write
A60000
heap
page read and write
EA396FF000
stack
page read and write
1E2CAA50000
heap
page read and write
2384EBA6000
heap
page read and write
13189002000
heap
page read and write
13189013000
heap
page read and write
EEF2DFB000
stack
page read and write
29A64530000
trusted library allocation
page read and write
DD2000
unkown
page write copy
1E6EAC5F000
heap
page read and write
2384EBB6000
heap
page read and write
2384EB72000
heap
page read and write
9EA667B000
stack
page read and write
2004C26B000
heap
page read and write
26C71307000
heap
page read and write
537000
unkown
page write copy
4D6E000
stack
page read and write
2384E110000
heap
page read and write
400000
unkown
page readonly
2087AA52000
heap
page read and write
DC1000
unkown
page execute read
13188F20000
heap
page read and write
1E6EAC7F000
heap
page read and write
4DD6FE000
stack
page read and write
2384EB64000
heap
page read and write
2384EB96000
heap
page read and write
9E0000
heap
page read and write
DC1000
unkown
page execute read
44E0000
heap
page read and write
12E4EB06000
heap
page read and write
1FF0FC6B000
heap
page read and write
26C71B00000
heap
page read and write
401000
unkown
page execute read
2384EBAC000
heap
page read and write
555000
unkown
page readonly
12E4EB33000
heap
page read and write
39963FB000
stack
page read and write
26C76B0E000
trusted library allocation
page read and write
3996AFE000
stack
page read and write
26C76BA0000
remote allocation
page read and write
26C712DB000
heap
page read and write
9D000
stack
page read and write
2087AA40000
heap
page read and write
1082B7E000
stack
page read and write
29A63915000
heap
page read and write
12E4EB33000
heap
page read and write
2384EB9F000
heap
page read and write
30000
unkown
page read and write
2384EB8B000
heap
page read and write
EEF2FF7000
stack
page read and write
26C712B9000
heap
page read and write
29A63919000
heap
page read and write
EA394FF000
stack
page read and write
1E6EAD02000
heap
page read and write
DD4000
unkown
page readonly
1E2CAA13000
heap
page read and write
2384E316000
heap
page read and write
26C7129C000
heap
page read and write
2384EBC0000
heap
page read and write
677E000
stack
page read and write
EA38DFC000
stack
page read and write
4F1000
unkown
page readonly
EA390FF000
stack
page read and write
29A64520000
heap
page readonly
2384EB84000
heap
page read and write
1E2CAB02000
heap
page read and write
537000
unkown
page read and write
2384EBA9000
heap
page read and write
6DDF000
stack
page read and write
537000
unkown
page read and write
B8AB079000
stack
page read and write
6F1C000
stack
page read and write
B8AB1F9000
stack
page read and write
2087AA78000
heap
page read and write
1467EA00000
heap
page read and write
1E408E29000
heap
page read and write
870000
heap
page read and write
9EA6A7C000
stack
page read and write
4A95000
heap
page read and write
DD4000
unkown
page readonly
2384EB85000
heap
page read and write
1E408E4C000
heap
page read and write
26C712A3000
heap
page read and write
26C76B50000
trusted library allocation
page read and write
DC0000
unkown
page readonly
1E6EAD13000
heap
page read and write
EA38FFF000
stack
page read and write
1E6EAC00000
heap
page read and write
2384EB7F000
heap
page read and write
EEF33F8000
stack
page read and write
DC1000
unkown
page execute read
26C72690000
trusted library allocation
page read and write
A60000
heap
page read and write
75C000
stack
page read and write
434000
remote allocation
page read and write
2384EB95000
heap
page read and write
13189102000
heap
page read and write
DAE000
stack
page read and write
1E6EAD08000
heap
page read and write
1E6EAC5D000
heap
page read and write
2087AA6E000
heap
page read and write
1E408D00000
heap
page read and write
26C726A0000
trusted library allocation
page read and write
2384E2F3000
heap
page read and write
26C71940000
trusted library allocation
page read and write
1E409602000
trusted library allocation
page read and write
EA389FB000
stack
page read and write
2384EB77000
heap
page read and write
26C72693000
trusted library allocation
page read and write
26C728F9000
heap
page read and write
2384E24B000
heap
page read and write
26C71280000
heap
page read and write
DC1000
unkown
page execute read
1467EA66000
heap
page read and write
2004C224000
heap
page read and write
26C71213000
heap
page read and write
EEF31F8000
stack
page read and write
EEF327E000
stack
page read and write
EEF30FE000
stack
page read and write
1E2CA9D0000
trusted library allocation
page read and write
1E6EAC5B000
heap
page read and write
1E2CAA6D000
heap
page read and write
26C71A15000
heap
page read and write
77C86FE000
stack
page read and write
26C711E0000
heap
page read and write
4A60000
heap
page read and write
2087AA41000
heap
page read and write
160C17E000
stack
page read and write
D3B3F7F000
stack
page read and write
1FF0FB00000
heap
page read and write
4F0000
unkown
page read and write
455C000
stack
page read and write
DC0000
unkown
page readonly
2384F002000
heap
page read and write
1E6EAC81000
heap
page read and write
2004C1A0000
trusted library allocation
page read and write
26C71B18000
heap
page read and write
2087AA7C000
heap
page read and write
6990000
heap
page read and write
53B000
unkown
page readonly
26C728FA000
heap
page read and write
78E654E000
stack
page read and write
78E6A7E000
stack
page read and write
12E4EB26000
heap
page read and write
1E409460000
trusted library allocation
page read and write
4A4E000
stack
page read and write
1E2CAA7D000
heap
page read and write
1E2CAB13000
heap
page read and write
There are 703 hidden memdumps, click here to show them.