Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
5CUFfVMSaQ.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x555eccf5, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\5CUFfVMSaQ.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\5CUFfVMSaQ.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\5CUFfVMSaQ.dll,ABeFtrnwmgAedx
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\5CUFfVMSaQ.dll,AEjATaIExpQg
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\NCybOKcMqaEIN\jnEWIdoCfnPf.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\5CUFfVMSaQ.dll,AbfBlUFQKbpevAFdaCpElBdscB
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\5CUFfVMSaQ.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\5CUFfVMSaQ.dll",#1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://188.165.79.151/
|
188.165.79.151
|
|
|
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://188.165.79.151/oA~
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
There are 1 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
121.247.2.0
|
unknown
|
India
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
120.247.2.0
|
unknown
|
China
|
|
|
|
4.4.0.0
|
unknown
|
United States
|
|
|
|
8.4.0.0
|
unknown
|
United States
|
|
|
|
232.3.0.0
|
unknown
|
Reserved
|
|
|
|
139.247.2.0
|
unknown
|
United States
|
|
|
|
133.247.2.0
|
unknown
|
Japan
|
|
|
|
224.146.244.0
|
unknown
|
Reserved
|
|
|
|
160.156.244.0
|
unknown
|
Tunisia
|
|
|
|
108.194.0.0
|
unknown
|
United States
|
|
|
|
160.153.244.0
|
unknown
|
United States
|
|
|
|
145.247.2.0
|
unknown
|
Finland
|
|
|
|
40.4.0.0
|
unknown
|
United States
|
|
|
|
20.4.0.0
|
unknown
|
United States
|
|
|
|
143.247.2.0
|
unknown
|
United States
|
|
|
|
160.154.244.0
|
unknown
|
Cote D'ivoire
|
|
|
|
141.247.2.0
|
unknown
|
United States
|
|
|
|
36.4.0.0
|
unknown
|
China
|
|
|
|
4.1.0.0
|
unknown
|
United States
|
|
|
|
160.147.244.0
|
unknown
|
United States
|
|
|
|
224.150.244.0
|
unknown
|
Reserved
|
|
|
|
236.3.0.0
|
unknown
|
Reserved
|
|
|
|
24.4.0.0
|
unknown
|
United States
|
|
|
|
21.115.0.0
|
unknown
|
United States
|
|
|
|
153.247.2.0
|
unknown
|
Japan
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
There are 17 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2841000
|
direct allocation
|
page execute read
|
|
|
|
237550F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
25326DA1000
|
direct allocation
|
page execute read
|
|
|
|
2810000
|
direct allocation
|
page execute and read and write
|
|
|
|
F3B000
|
heap
|
page read and write
|
|
|
|
1130000
|
direct allocation
|
page execute and read and write
|
|
|
|
23755221000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
unkown
|
page execute read
|
|
|
|
180001000
|
unkown
|
page execute read
|
|
|
|
25325750000
|
direct allocation
|
page execute and read and write
|
|
|
|
2911000
|
direct allocation
|
page execute read
|
|
|
|
218E37E000
|
stack
|
page read and write
|
||
|
24E70AF3000
|
heap
|
page read and write
|
||
|
1FFA0118000
|
heap
|
page read and write
|
||
|
24E70AF0000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
583395E000
|
stack
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
1FFA4E10000
|
trusted library allocation
|
page read and write
|
||
|
14406DC0000
|
heap
|
page read and write
|
||
|
24E712F0000
|
remote allocation
|
page read and write
|
||
|
24E70A70000
|
heap
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
24E71592000
|
heap
|
page read and write
|
||
|
1FFA4DF1000
|
trusted library allocation
|
page read and write
|
||
|
24E71A18000
|
heap
|
page read and write
|
||
|
27146A7A000
|
heap
|
page read and write
|
||
|
1FFA4F10000
|
trusted library allocation
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
24E70A49000
|
heap
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
1FFA0C30000
|
trusted library allocation
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
24E7158E000
|
heap
|
page read and write
|
||
|
1C672913000
|
heap
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
2532CD02000
|
heap
|
page read and write
|
||
|
20A760E0000
|
trusted library allocation
|
page read and write
|
||
|
14406B9C000
|
heap
|
page read and write
|
||
|
1FFA4EE0000
|
trusted library allocation
|
page read and write
|
||
|
8EE3BB000
|
stack
|
page read and write
|
||
|
240FFB00000
|
heap
|
page read and write
|
||
|
24E70AC3000
|
heap
|
page read and write
|
||
|
24E7158E000
|
heap
|
page read and write
|
||
|
14406B89000
|
heap
|
page read and write
|
||
|
24075A70000
|
heap
|
page read and write
|
||
|
C4B0FEE000
|
stack
|
page read and write
|
||
|
1FFA5011000
|
heap
|
page read and write
|
||
|
180088000
|
unkown
|
page readonly
|
||
|
218E27B000
|
stack
|
page read and write
|
||
|
24E71595000
|
heap
|
page read and write
|
||
|
20A76380000
|
trusted library allocation
|
page read and write
|
||
|
14406DCB000
|
heap
|
page read and write
|
||
|
20A76138000
|
heap
|
page read and write
|
||
|
2D2EED08000
|
heap
|
page read and write
|
||
|
20A76ED0000
|
trusted library allocation
|
page read and write
|
||
|
18005E000
|
unkown
|
page readonly
|
||
|
1FFA4EA0000
|
trusted library allocation
|
page read and write
|
||
|
14406DC5000
|
heap
|
page read and write
|
||
|
1C66F885000
|
heap
|
page read and write
|
||
|
24E7158E000
|
heap
|
page read and write
|
||
|
24E715A8000
|
heap
|
page read and write
|
||
|
27146900000
|
heap
|
page read and write
|
||
|
24E71595000
|
heap
|
page read and write
|
||
|
DEE492A000
|
stack
|
page read and write
|
||
|
3190000
|
remote allocation
|
page read and write
|
||
|
25325780000
|
heap
|
page read and write
|
||
|
1FF9F800000
|
heap
|
page read and write
|
||
|
24E7158C000
|
heap
|
page read and write
|
||
|
24E70A29000
|
heap
|
page read and write
|
||
|
1FFA4F30000
|
remote allocation
|
page read and write
|
||
|
240FFB13000
|
heap
|
page read and write
|
||
|
1C66F850000
|
heap
|
page read and write
|
||
|
FB24B3F000
|
stack
|
page read and write
|
||
|
20471DE0000
|
heap
|
page read and write
|
||
|
2D2EEB40000
|
heap
|
page read and write
|
||
|
24E715A9000
|
heap
|
page read and write
|
||
|
14406BA1000
|
heap
|
page read and write
|
||
|
FDC000
|
heap
|
page read and write
|
||
|
20A763E0000
|
trusted library allocation
|
page read and write
|
||
|
20A75FD0000
|
heap
|
page read and write
|
||
|
14409DE0000
|
heap
|
page read and write
|
||
|
1FFA4DF4000
|
trusted library allocation
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
24E71A44000
|
heap
|
page read and write
|
||
|
24E70A13000
|
heap
|
page read and write
|
||
|
240FFA6F000
|
heap
|
page read and write
|
||
|
24075930000
|
heap
|
page read and write
|
||
|
1FF9F813000
|
heap
|
page read and write
|
||
|
24E715CC000
|
heap
|
page read and write
|
||
|
24E71589000
|
heap
|
page read and write
|
||
|
14406B70000
|
heap
|
page read and write
|
||
|
2938000
|
direct allocation
|
page read and write
|
||
|
23755249000
|
direct allocation
|
page readonly
|
||
|
27146B13000
|
heap
|
page read and write
|
||
|
2459DFE000
|
stack
|
page read and write
|
||
|
24E70AF3000
|
heap
|
page read and write
|
||
|
14406AD0000
|
heap
|
page read and write
|
||
|
2D2EF602000
|
trusted library allocation
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
24E71A21000
|
heap
|
page read and write
|
||
|
24E71500000
|
heap
|
page read and write
|
||
|
240FF960000
|
heap
|
page read and write
|
||
|
24E71598000
|
heap
|
page read and write
|
||
|
23755070000
|
heap
|
page read and write
|
||
|
20471EA5000
|
heap
|
page read and write
|
||
|
92F5E7B000
|
stack
|
page read and write
|
||
|
24E715A6000
|
heap
|
page read and write
|
||
|
1FFA5017000
|
heap
|
page read and write
|
||
|
27146A57000
|
heap
|
page read and write
|
||
|
24E71570000
|
heap
|
page read and write
|
||
|
240FFB08000
|
heap
|
page read and write
|
||
|
B58D67A000
|
stack
|
page read and write
|
||
|
BD5000
|
stack
|
page read and write
|
||
|
25326DC7000
|
direct allocation
|
page readonly
|
||
|
24E715CE000
|
heap
|
page read and write
|
||
|
23756A9D000
|
heap
|
page read and write
|
||
|
23755090000
|
heap
|
page read and write
|
||
|
2EAC000
|
stack
|
page read and write
|
||
|
24E70A34000
|
heap
|
page read and write
|
||
|
24E71592000
|
heap
|
page read and write
|
||
|
180072000
|
unkown
|
page read and write
|
||
|
B58D578000
|
stack
|
page read and write
|
||
|
24E71590000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
2A7E000
|
heap
|
page read and write
|
||
|
1FFA50A8000
|
heap
|
page read and write
|
||
|
24E7156E000
|
heap
|
page read and write
|
||
|
3190000
|
remote allocation
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
1FFA4DF0000
|
trusted library allocation
|
page read and write
|
||
|
A24D8FD000
|
stack
|
page read and write
|
||
|
1FF9F914000
|
heap
|
page read and write
|
||
|
14406B8D000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
2D2EEB30000
|
heap
|
page read and write
|
||
|
1FFA4DD0000
|
trusted library allocation
|
page read and write
|
||
|
24E7156A000
|
heap
|
page read and write
|
||
|
1FFA4DD8000
|
trusted library allocation
|
page read and write
|
||
|
2D2EEBD0000
|
trusted library allocation
|
page read and write
|
||
|
8806000
|
heap
|
page read and write
|
||
|
2D2EEC29000
|
heap
|
page read and write
|
||
|
1FFA4E00000
|
trusted library allocation
|
page read and write
|
||
|
240FFA29000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
14409DE3000
|
heap
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
1FFA50FE000
|
heap
|
page read and write
|
||
|
24100002000
|
trusted library allocation
|
page read and write
|
||
|
23755247000
|
direct allocation
|
page readonly
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
24E70AB0000
|
heap
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
1FFA4EB0000
|
trusted library allocation
|
page read and write
|
||
|
2D2EED02000
|
heap
|
page read and write
|
||
|
24E70A88000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
240FFA4B000
|
heap
|
page read and write
|
||
|
FDC000
|
heap
|
page read and write
|
||
|
20471E85000
|
heap
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
24E715AD000
|
heap
|
page read and write
|
||
|
1FFA4EA0000
|
trusted library allocation
|
page read and write
|
||
|
180075000
|
unkown
|
page readonly
|
||
|
24E7158E000
|
heap
|
page read and write
|
||
|
92F5C7B000
|
stack
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
18005E000
|
unkown
|
page readonly
|
||
|
1FFA50A6000
|
heap
|
page read and write
|
||
|
27146990000
|
trusted library allocation
|
page read and write
|
||
|
2DFC000
|
stack
|
page read and write
|
||
|
DEE4D78000
|
stack
|
page read and write
|
||
|
24E71583000
|
heap
|
page read and write
|
||
|
1FF9F5C0000
|
heap
|
page read and write
|
||
|
2375C9FB000
|
heap
|
page read and write
|
||
|
1FFA50F2000
|
heap
|
page read and write
|
||
|
14406970000
|
heap
|
page read and write
|
||
|
25326DA0000
|
direct allocation
|
page read and write
|
||
|
20471E8F000
|
heap
|
page read and write
|
||
|
24E715A6000
|
heap
|
page read and write
|
||
|
27147402000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
1FF9F8BA000
|
heap
|
page read and write
|
||
|
2939000
|
direct allocation
|
page readonly
|
||
|
DEE4DFF000
|
stack
|
page read and write
|
||
|
8EE97A000
|
stack
|
page read and write
|
||
|
204721F5000
|
heap
|
page read and write
|
||
|
8EEB7E000
|
stack
|
page read and write
|
||
|
1FFA0100000
|
heap
|
page read and write
|
||
|
1C672910000
|
heap
|
page read and write
|
||
|
F7C000
|
heap
|
page read and write
|
||
|
24E7159A000
|
heap
|
page read and write
|
||
|
24E71558000
|
heap
|
page read and write
|
||
|
2D2EEC3C000
|
heap
|
page read and write
|
||
|
1440A5F0000
|
heap
|
page read and write
|
||
|
24E71516000
|
heap
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
1FF9F5D0000
|
heap
|
page read and write
|
||
|
24E71570000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
1C66F523000
|
heap
|
page read and write
|
||
|
1FFA504A000
|
heap
|
page read and write
|
||
|
240FFA13000
|
heap
|
page read and write
|
||
|
1C66F51E000
|
heap
|
page read and write
|
||
|
24E71A19000
|
heap
|
page read and write
|
||
|
8EF27A000
|
stack
|
page read and write
|
||
|
1FFA4F30000
|
trusted library allocation
|
page read and write
|
||
|
F52000
|
heap
|
page read and write
|
||
|
1FFA50E1000
|
heap
|
page read and write
|
||
|
25326DC9000
|
direct allocation
|
page readonly
|
||
|
245995B000
|
stack
|
page read and write
|
||
|
1FFA502D000
|
heap
|
page read and write
|
||
|
24E7156E000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
24E7151A000
|
heap
|
page read and write
|
||
|
20471E84000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
1C66F51F000
|
heap
|
page read and write
|
||
|
24E70ADC000
|
heap
|
page read and write
|
||
|
20A7613F000
|
heap
|
page read and write
|
||
|
253254A6000
|
heap
|
page read and write
|
||
|
20A76060000
|
heap
|
page read and write
|
||
|
20A7613F000
|
heap
|
page read and write
|
||
|
1FFA5102000
|
heap
|
page read and write
|
||
|
1C66F440000
|
heap
|
page read and write
|
||
|
8A8737E000
|
stack
|
page read and write
|
||
|
24E715A1000
|
heap
|
page read and write
|
||
|
1FF9F8FC000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
1C66F546000
|
heap
|
page read and write
|
||
|
240FFA56000
|
heap
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
1120000
|
direct allocation
|
page execute and read and write
|
||
|
F52000
|
heap
|
page read and write
|
||
|
FDC000
|
heap
|
page read and write
|
||
|
24E71569000
|
heap
|
page read and write
|
||
|
1FFA50DC000
|
heap
|
page read and write
|
||
|
14406AB0000
|
heap
|
page read and write
|
||
|
25325490000
|
heap
|
page read and write
|
||
|
EE1B7F7000
|
stack
|
page read and write
|
||
|
1C66F4D0000
|
heap
|
page read and write
|
||
|
EE1B47E000
|
stack
|
page read and write
|
||
|
24E715B7000
|
heap
|
page read and write
|
||
|
24E71592000
|
heap
|
page read and write
|
||
|
25326DD0000
|
heap
|
page readonly
|
||
|
24E7159D000
|
heap
|
page read and write
|
||
|
1FFA4DD0000
|
trusted library allocation
|
page read and write
|
||
|
24E715BB000
|
heap
|
page read and write
|
||
|
24E715AA000
|
heap
|
page read and write
|
||
|
24E7158E000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
2880000
|
trusted library allocation
|
page read and write
|
||
|
20A76350000
|
trusted library allocation
|
page read and write
|
||
|
27146B00000
|
heap
|
page read and write
|
||
|
27146A29000
|
heap
|
page read and write
|
||
|
F18000
|
heap
|
page read and write
|
||
|
1FFA4C40000
|
trusted library allocation
|
page read and write
|
||
|
24E70B08000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
F55000
|
heap
|
page read and write
|
||
|
2869000
|
direct allocation
|
page readonly
|
||
|
24E709C0000
|
trusted library allocation
|
page read and write
|
||
|
24E70AE4000
|
heap
|
page read and write
|
||
|
24E715B8000
|
heap
|
page read and write
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
1C66F88B000
|
heap
|
page read and write
|
||
|
27146A6F000
|
heap
|
page read and write
|
||
|
237552E0000
|
heap
|
page read and write
|
||
|
58339DD000
|
stack
|
page read and write
|
||
|
1FFA4EA0000
|
trusted library allocation
|
page read and write
|
||
|
24E71A03000
|
heap
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
EE1B9FF000
|
stack
|
page read and write
|
||
|
24E70990000
|
heap
|
page read and write
|
||
|
27146A13000
|
heap
|
page read and write
|
||
|
92F5F7F000
|
stack
|
page read and write
|
||
|
24E71575000
|
heap
|
page read and write
|
||
|
14406B92000
|
heap
|
page read and write
|
||
|
1FFA4F30000
|
remote allocation
|
page read and write
|
||
|
20471E8F000
|
heap
|
page read and write
|
||
|
1C66F52D000
|
heap
|
page read and write
|
||
|
1FFA4EF0000
|
trusted library allocation
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
24E71570000
|
heap
|
page read and write
|
||
|
EE1B4FE000
|
stack
|
page read and write
|
||
|
8EE7F8000
|
stack
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
24E7158E000
|
heap
|
page read and write
|
||
|
2D2EEC6F000
|
heap
|
page read and write
|
||
|
20471E82000
|
heap
|
page read and write
|
||
|
20471E86000
|
heap
|
page read and write
|
||
|
1C66F51A000
|
heap
|
page read and write
|
||
|
24E71570000
|
heap
|
page read and write
|
||
|
24E71570000
|
heap
|
page read and write
|
||
|
1FFA50F8000
|
heap
|
page read and write
|
||
|
24E70920000
|
heap
|
page read and write
|
||
|
3190000
|
remote allocation
|
page read and write
|
||
|
1FF9F630000
|
heap
|
page read and write
|
||
|
2910000
|
direct allocation
|
page read and write
|
||
|
DEE49AF000
|
stack
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
180072000
|
unkown
|
page read and write
|
||
|
1FFA505E000
|
heap
|
page read and write
|
||
|
1FF9F86F000
|
heap
|
page read and write
|
||
|
8EF47E000
|
stack
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
24E71569000
|
heap
|
page read and write
|
||
|
1FF9F902000
|
heap
|
page read and write
|
||
|
25325440000
|
heap
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
1C672920000
|
trusted library allocation
|
page read and write
|
||
|
24E715A7000
|
heap
|
page read and write
|
||
|
25325785000
|
heap
|
page read and write
|
||
|
24E70930000
|
heap
|
page read and write
|
||
|
2459CFF000
|
stack
|
page read and write
|
||
|
27146A02000
|
heap
|
page read and write
|
||
|
24E71595000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
240FFA3C000
|
heap
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
1FFA0104000
|
heap
|
page read and write
|
||
|
24E7158C000
|
heap
|
page read and write
|
||
|
20471EA6000
|
heap
|
page read and write
|
||
|
24E70B16000
|
heap
|
page read and write
|
||
|
204721F0000
|
heap
|
page read and write
|
||
|
20471E76000
|
heap
|
page read and write
|
||
|
2F3B000
|
stack
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
240FFB02000
|
heap
|
page read and write
|
||
|
1FFA4F30000
|
remote allocation
|
page read and write
|
||
|
27146B02000
|
heap
|
page read and write
|
||
|
24E70B13000
|
heap
|
page read and write
|
||
|
240FF900000
|
heap
|
page read and write
|
||
|
24E715D7000
|
heap
|
page read and write
|
||
|
B58D377000
|
stack
|
page read and write
|
||
|
1FFA0102000
|
heap
|
page read and write
|
||
|
237550E0000
|
direct allocation
|
page execute and read and write
|
||
|
58338DC000
|
stack
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
24E715AA000
|
heap
|
page read and write
|
||
|
EE1B8FF000
|
stack
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
24E715A8000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
20A76370000
|
trusted library allocation
|
page read and write
|
||
|
1FF9F875000
|
heap
|
page read and write
|
||
|
24E71598000
|
heap
|
page read and write
|
||
|
B58D47F000
|
stack
|
page read and write
|
||
|
8EEF7E000
|
stack
|
page read and write
|
||
|
1FFA0000000
|
heap
|
page read and write
|
||
|
20A76360000
|
heap
|
page readonly
|
||
|
253254AF000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
25326DA4000
|
heap
|
page read and write
|
||
|
20A75FE0000
|
trusted library allocation
|
page read and write
|
||
|
F66000
|
heap
|
page read and write
|
||
|
1C66F51A000
|
heap
|
page read and write
|
||
|
24E70AB5000
|
heap
|
page read and write
|
||
|
1FFA4F00000
|
trusted library allocation
|
page read and write
|
||
|
25325740000
|
direct allocation
|
page execute and read and write
|
||
|
2D2EEC02000
|
heap
|
page read and write
|
||
|
2867000
|
direct allocation
|
page readonly
|
||
|
27146960000
|
heap
|
page read and write
|
||
|
1FF9F88D000
|
heap
|
page read and write
|
||
|
24E70A4B000
|
heap
|
page read and write
|
||
|
1FFA4CB0000
|
trusted library allocation
|
page read and write
|
||
|
8EEC7B000
|
stack
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
8EF0FC000
|
stack
|
page read and write
|
||
|
1FF9F83F000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page readonly
|
||
|
24E7157B000
|
heap
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
B58CDCF000
|
stack
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
240FFA00000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
1FFA50DA000
|
heap
|
page read and write
|
||
|
24E71590000
|
heap
|
page read and write
|
||
|
2868000
|
direct allocation
|
page read and write
|
||
|
B58D17F000
|
stack
|
page read and write
|
||
|
24E7159A000
|
heap
|
page read and write
|
||
|
1FFA4C30000
|
trusted library allocation
|
page read and write
|
||
|
583417C000
|
stack
|
page read and write
|
||
|
24E71402000
|
heap
|
page read and write
|
||
|
24E71595000
|
heap
|
page read and write
|
||
|
1C66F529000
|
heap
|
page read and write
|
||
|
20471E76000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
1FFA6000000
|
heap
|
page read and write
|
||
|
FB24ABC000
|
stack
|
page read and write
|
||
|
20A763D9000
|
heap
|
page read and write
|
||
|
2800000
|
direct allocation
|
page execute and read and write
|
||
|
14406B50000
|
heap
|
page read and write
|
||
|
1FFA5260000
|
trusted library allocation
|
page read and write
|
||
|
271468F0000
|
heap
|
page read and write
|
||
|
DEE4E7C000
|
stack
|
page read and write
|
||
|
24E715AA000
|
heap
|
page read and write
|
||
|
C4B0EEB000
|
stack
|
page read and write
|
||
|
1FFA5020000
|
heap
|
page read and write
|
||
|
1C66F547000
|
heap
|
page read and write
|
||
|
20A763D0000
|
heap
|
page read and write
|
||
|
24E715BB000
|
heap
|
page read and write
|
||
|
EE1B6FB000
|
stack
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
24E71592000
|
heap
|
page read and write
|
||
|
24E71516000
|
heap
|
page read and write
|
||
|
23754F30000
|
heap
|
page read and write
|
||
|
23755128000
|
heap
|
page read and write
|
||
|
24E715AA000
|
heap
|
page read and write
|
||
|
20A76040000
|
heap
|
page read and write
|
||
|
1FFA4F20000
|
trusted library allocation
|
page read and write
|
||
|
FB24BBF000
|
stack
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
20471E60000
|
heap
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
14406B8E000
|
heap
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
24E71594000
|
heap
|
page read and write
|
||
|
24E715A9000
|
heap
|
page read and write
|
||
|
20A76140000
|
heap
|
page read and write
|
||
|
24E70AA4000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
5833D7F000
|
stack
|
page read and write
|
||
|
8EEA79000
|
stack
|
page read and write
|
||
|
1FFA5000000
|
heap
|
page read and write
|
||
|
1FF9F856000
|
heap
|
page read and write
|
||
|
24E715C6000
|
heap
|
page read and write
|
||
|
2D2EEC00000
|
heap
|
page read and write
|
||
|
24E70ACA000
|
heap
|
page read and write
|
||
|
24E71590000
|
heap
|
page read and write
|
||
|
1C66F517000
|
heap
|
page read and write
|
||
|
24E7158E000
|
heap
|
page read and write
|
||
|
8EE67F000
|
stack
|
page read and write
|
||
|
23755220000
|
direct allocation
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
299F000
|
stack
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
8A872FF000
|
stack
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
EE1B5FB000
|
stack
|
page read and write
|
||
|
583407E000
|
stack
|
page read and write
|
||
|
24E715A9000
|
heap
|
page read and write
|
||
|
24E715A6000
|
heap
|
page read and write
|
||
|
20A76310000
|
trusted library allocation
|
page read and write
|
||
|
1FFA504C000
|
heap
|
page read and write
|
||
|
27146A3C000
|
heap
|
page read and write
|
||
|
24E70A3C000
|
heap
|
page read and write
|
||
|
1FFA503F000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
1C6727C0000
|
heap
|
page read and write
|
||
|
14406B92000
|
heap
|
page read and write
|
||
|
27146A00000
|
heap
|
page read and write
|
||
|
14409DF0000
|
trusted library allocation
|
page read and write
|
||
|
B58D277000
|
stack
|
page read and write
|
||
|
24E712F0000
|
remote allocation
|
page read and write
|
||
|
240FF990000
|
trusted library allocation
|
page read and write
|
||
|
20471E71000
|
heap
|
page read and write
|
||
|
EE1B1CB000
|
stack
|
page read and write
|
||
|
B58D6FE000
|
stack
|
page read and write
|
||
|
2D2EEBA0000
|
heap
|
page read and write
|
||
|
24E70A35000
|
heap
|
page read and write
|
||
|
24E71592000
|
heap
|
page read and write
|
||
|
1FFA0118000
|
heap
|
page read and write
|
||
|
1FFA07E0000
|
trusted library allocation
|
page read and write
|
||
|
8A8727C000
|
stack
|
page read and write
|
||
|
1FFA508B000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
14406BAD000
|
heap
|
page read and write
|
||
|
23755250000
|
heap
|
page readonly
|
||
|
25325498000
|
heap
|
page read and write
|
||
|
1FFA0C23000
|
trusted library allocation
|
page read and write
|
||
|
14406BB7000
|
heap
|
page read and write
|
||
|
1C66F52D000
|
heap
|
page read and write
|
||
|
24E71506000
|
heap
|
page read and write
|
||
|
24E715C2000
|
heap
|
page read and write
|
||
|
2840000
|
direct allocation
|
page read and write
|
||
|
2D2EEC8C000
|
heap
|
page read and write
|
||
|
1FFA5102000
|
heap
|
page read and write
|
||
|
24E7156E000
|
heap
|
page read and write
|
||
|
18007C000
|
unkown
|
page readonly
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
1FF9F89D000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
C4B0F6E000
|
stack
|
page read and write
|
||
|
1FFA5220000
|
trusted library allocation
|
page read and write
|
||
|
2D2EEC4E000
|
heap
|
page read and write
|
||
|
1FF9F730000
|
trusted library allocation
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
24E715BB000
|
heap
|
page read and write
|
||
|
20471D80000
|
heap
|
page read and write
|
||
|
240FFA50000
|
heap
|
page read and write
|
||
|
14406B9C000
|
heap
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
24E715AA000
|
heap
|
page read and write
|
||
|
20471E8F000
|
heap
|
page read and write
|
||
|
24E7156E000
|
heap
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page readonly
|
||
|
24E715B7000
|
heap
|
page read and write
|
||
|
2F2B000
|
stack
|
page read and write
|
||
|
24E71595000
|
heap
|
page read and write
|
||
|
92F5D7B000
|
stack
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
ED0000
|
remote allocation
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
20A760D0000
|
trusted library allocation
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
24E715AA000
|
heap
|
page read and write
|
||
|
24E715A6000
|
heap
|
page read and write
|
||
|
24E71570000
|
heap
|
page read and write
|
||
|
20471EA1000
|
heap
|
page read and write
|
||
|
1FFA0C20000
|
trusted library allocation
|
page read and write
|
||
|
24E70A4E000
|
heap
|
page read and write
|
||
|
20A763D5000
|
heap
|
page read and write
|
||
|
24E7156C000
|
heap
|
page read and write
|
||
|
180088000
|
unkown
|
page readonly
|
||
|
240FFA85000
|
heap
|
page read and write
|
||
|
24E71573000
|
heap
|
page read and write
|
||
|
24075B36000
|
heap
|
page read and write
|
||
|
1FF9F926000
|
heap
|
page read and write
|
||
|
89DC000
|
heap
|
page read and write
|
||
|
24E71593000
|
heap
|
page read and write
|
||
|
180075000
|
unkown
|
page readonly
|
||
|
20A770E0000
|
trusted library allocation
|
page read and write
|
||
|
2D2EED13000
|
heap
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
23755120000
|
heap
|
page read and write
|
||
|
18007C000
|
unkown
|
page readonly
|
||
|
1FFA4CC0000
|
trusted library allocation
|
page read and write
|
||
|
1C66F523000
|
heap
|
page read and write
|
||
|
2459D79000
|
stack
|
page read and write
|
||
|
20471EA0000
|
heap
|
page read and write
|
||
|
24E70A00000
|
heap
|
page read and write
|
||
|
24E71570000
|
heap
|
page read and write
|
||
|
1FFA0015000
|
heap
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
24E7158E000
|
heap
|
page read and write
|
||
|
237552E5000
|
heap
|
page read and write
|
||
|
1FF9F902000
|
heap
|
page read and write
|
||
|
24075B20000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
1C66F4B0000
|
heap
|
page read and write
|
||
|
1FFA4E00000
|
trusted library allocation
|
page read and write
|
||
|
FF3000
|
heap
|
page read and write
|
||
|
1FF9F89F000
|
heap
|
page read and write
|
||
|
25326FA0000
|
heap
|
page read and write
|
||
|
24E70AAB000
|
heap
|
page read and write
|
||
|
28A8000
|
heap
|
page read and write
|
||
|
24E71A00000
|
heap
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
1C66F500000
|
heap
|
page read and write
|
||
|
24E7158C000
|
heap
|
page read and write
|
||
|
24E7156E000
|
heap
|
page read and write
|
||
|
1C66F53E000
|
heap
|
page read and write
|
||
|
1FF9F907000
|
heap
|
page read and write
|
||
|
24075B2D000
|
heap
|
page read and write
|
||
|
24E70AFC000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
2FAD000
|
stack
|
page read and write
|
||
|
23756BF0000
|
heap
|
page read and write
|
||
|
1FF9F829000
|
heap
|
page read and write
|
||
|
24E71592000
|
heap
|
page read and write
|
||
|
1C66F532000
|
heap
|
page read and write
|
||
|
24E70A47000
|
heap
|
page read and write
|
||
|
24E715CE000
|
heap
|
page read and write
|
||
|
24E71A18000
|
heap
|
page read and write
|
||
|
1FF9F88B000
|
heap
|
page read and write
|
||
|
25325460000
|
heap
|
page read and write
|
||
|
1FFA5104000
|
heap
|
page read and write
|
||
|
DEE4CFF000
|
stack
|
page read and write
|
||
|
24E71590000
|
heap
|
page read and write
|
||
|
218E2FE000
|
stack
|
page read and write
|
||
|
24E70A4A000
|
heap
|
page read and write
|
||
|
DEE4C7E000
|
stack
|
page read and write
|
||
|
25325300000
|
heap
|
page read and write
|
||
|
5833E7B000
|
stack
|
page read and write
|
||
|
92F572C000
|
stack
|
page read and write
|
||
|
24E715A7000
|
heap
|
page read and write
|
||
|
24E71568000
|
heap
|
page read and write
|
||
|
2D2EEC55000
|
heap
|
page read and write
|
||
|
24E70A4D000
|
heap
|
page read and write
|
||
|
24E715AA000
|
heap
|
page read and write
|
||
|
1FFA0002000
|
heap
|
page read and write
|
||
|
2D2EED00000
|
heap
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
24E7158C000
|
heap
|
page read and write
|
||
|
14406B78000
|
heap
|
page read and write
|
||
|
2D2EEC13000
|
heap
|
page read and write
|
||
|
24E7158F000
|
heap
|
page read and write
|
||
|
2459EF9000
|
stack
|
page read and write
|
||
|
1FFA0113000
|
heap
|
page read and write
|
||
|
1FF9F8FC000
|
heap
|
page read and write
|
||
|
2937000
|
direct allocation
|
page readonly
|
||
|
24E70A48000
|
heap
|
page read and write
|
||
|
5833F77000
|
stack
|
page read and write
|
||
|
EBA000
|
stack
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
2D7E000
|
stack
|
page read and write
|
||
|
1FFA5100000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
B58CD4F000
|
stack
|
page read and write
|
||
|
92F57AF000
|
stack
|
page read and write
|
||
|
1FFA4DDE000
|
trusted library allocation
|
page read and write
|
||
|
1FF9F891000
|
heap
|
page read and write
|
||
|
2D2EEC80000
|
heap
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
24E71590000
|
heap
|
page read and write
|
||
|
24E70B02000
|
heap
|
page read and write
|
||
|
24E715BC000
|
heap
|
page read and write
|
||
|
24E71A02000
|
heap
|
page read and write
|
||
|
20A760F0000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1FF9F879000
|
heap
|
page read and write
|
||
|
14406B86000
|
heap
|
page read and write
|
||
|
5833CFC000
|
stack
|
page read and write
|
||
|
24E71A21000
|
heap
|
page read and write
|
||
|
240FF8F0000
|
heap
|
page read and write
|
||
|
14406B89000
|
heap
|
page read and write
|
||
|
14406BB6000
|
heap
|
page read and write
|
||
|
20471E00000
|
heap
|
page read and write
|
||
|
B58CCCB000
|
stack
|
page read and write
|
||
|
24E71571000
|
heap
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
24E712F0000
|
remote allocation
|
page read and write
|
||
|
14406B98000
|
heap
|
page read and write
|
||
|
ED0000
|
remote allocation
|
page read and write
|
||
|
24E715B7000
|
heap
|
page read and write
|
||
|
24E715B3000
|
heap
|
page read and write
|
||
|
1C66F880000
|
heap
|
page read and write
|
||
|
1FFA4E14000
|
trusted library allocation
|
page read and write
|
There are 636 hidden memdumps, click here to show them.