Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Contract - Wipak Oy.xlsx
|
Microsoft Excel 2007+
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\qGTGx[1].exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
downloaded
|
|
|
|
C:\Users\user\AppData\Roaming\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\~$Contract - Wipak Oy.xlsx
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\84E7CB3E.png
|
PNG image data, 410 x 243, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_powershell_ise.e_21ed43beb8f55ccf28a91ce407abfb7d5b6e611_02d11d32\Report.wer
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\WER1334.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
|
"C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE" -Embedding
|
|
|
|
C:\Users\user\AppData\Roaming\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc.exe
|
C:\Users\user\AppData\Roaming\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc.exe
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
|
|
|
|
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
||
|
C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
|
dw20.exe -x -s 536
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://109.206.241.81/htdocs/zTALg.exe
|
109.206.241.81
|
|
|
|
https://pkusukoharjo.com/giving/qGTGx.exe
|
136.243.86.20
|
|
|
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
https://pkusukoharjo.com/y
|
unknown
|
||
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
https://pkusukoharjo.com/giving/qGTGx.exej
|
unknown
|
||
|
https://cdn.discordapp.com/attachments/1001850193580392480/1002961152617222144/seven.dll
|
162.159.129.233
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
https://pkusukoharjo.com/
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
https://api.telegram.org/bot5520247480:AAEoBq-eVV-KfON2FKSf_2riekCozVDdnus/
|
unknown
|
||
|
https://pkusukoharjo.com/giving/qGTGx.exejjC:
|
unknown
|
||
|
https://cdn.discordapp.com
|
unknown
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
http://109.206.241.81P
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pkusukoharjo.com
|
136.243.86.20
|
|
|
|
cdn.discordapp.com
|
162.159.129.233
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
136.243.86.20
|
pkusukoharjo.com
|
Germany
|
|
|
|
162.159.129.233
|
cdn.discordapp.com
|
United States
|
||
|
109.206.241.81
|
unknown
|
Germany
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
*6/
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\6AA62
|
6AA62
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
a</
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
EquationEditorFilesIntl_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
EquationEditorFilesIntl_1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc_RASMANCS
|
FileDirectory
|
There are 23 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
349E000
|
trusted library allocation
|
page read and write
|
|
|
|
3429000
|
trusted library allocation
|
page read and write
|
|
|
|
631E000
|
stack
|
page read and write | page guard
|
||
|
295A000
|
trusted library allocation
|
page read and write
|
||
|
EB4000
|
heap
|
page read and write
|
||
|
260F000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
2540000
|
trusted library allocation
|
page read and write
|
||
|
16B000
|
trusted library allocation
|
page execute and read and write
|
||
|
94AD000
|
trusted library allocation
|
page read and write
|
||
|
27C2000
|
trusted library allocation
|
page read and write
|
||
|
255B000
|
trusted library allocation
|
page read and write
|
||
|
2537000
|
trusted library allocation
|
page read and write
|
||
|
25D0000
|
trusted library allocation
|
page read and write
|
||
|
25F1000
|
trusted library allocation
|
page read and write
|
||
|
27AF000
|
trusted library allocation
|
page read and write
|
||
|
9D80000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page execute and read and write
|
||
|
24DC000
|
trusted library allocation
|
page read and write
|
||
|
3409000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
25DA000
|
trusted library allocation
|
page read and write
|
||
|
3A8000
|
stack
|
page read and write
|
||
|
B0000
|
heap
|
page read and write
|
||
|
2D34000
|
heap
|
page read and write
|
||
|
9BBC000
|
stack
|
page read and write
|
||
|
2550000
|
trusted library allocation
|
page read and write
|
||
|
25C6000
|
trusted library allocation
|
page read and write
|
||
|
24E8000
|
trusted library allocation
|
page read and write
|
||
|
25EB000
|
trusted library allocation
|
page read and write
|
||
|
24D1000
|
trusted library allocation
|
page read and write
|
||
|
2518000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
2648000
|
trusted library allocation
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
152000
|
trusted library allocation
|
page read and write
|
||
|
2552000
|
trusted library allocation
|
page read and write
|
||
|
2945000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
trusted library allocation
|
page read and write
|
||
|
9ABF000
|
stack
|
page read and write
|
||
|
27C6000
|
trusted library allocation
|
page read and write
|
||
|
537E000
|
stack
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
2636000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
260C000
|
trusted library allocation
|
page read and write
|
||
|
6050000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
2401000
|
trusted library allocation
|
page read and write
|
||
|
2922000
|
trusted library allocation
|
page read and write
|
||
|
255F000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
2749000
|
trusted library allocation
|
page read and write
|
||
|
2762000
|
trusted library allocation
|
page read and write
|
||
|
165000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ACE000
|
stack
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
261F000
|
stack
|
page read and write
|
||
|
547000
|
heap
|
page read and write
|
||
|
263A000
|
trusted library allocation
|
page read and write
|
||
|
264B000
|
trusted library allocation
|
page read and write
|
||
|
261F000
|
trusted library allocation
|
page read and write
|
||
|
2979000
|
trusted library allocation
|
page read and write
|
||
|
2523000
|
trusted library allocation
|
page read and write
|
||
|
253D000
|
trusted library allocation
|
page read and write
|
||
|
A3D0000
|
trusted library allocation
|
page read and write
|
||
|
CD000
|
stack
|
page read and write
|
||
|
32F000
|
stack
|
page read and write
|
||
|
25CE000
|
trusted library allocation
|
page read and write
|
||
|
1A8000
|
heap
|
page read and write
|
||
|
261B000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
2971000
|
trusted library allocation
|
page read and write
|
||
|
4420000
|
trusted library allocation
|
page read and write
|
||
|
534000
|
trusted library section
|
page readonly
|
||
|
2977000
|
trusted library allocation
|
page read and write
|
||
|
716000
|
heap
|
page read and write
|
||
|
9490000
|
trusted library allocation
|
page read and write
|
||
|
994F000
|
stack
|
page read and write
|
||
|
2998000
|
trusted library allocation
|
page read and write
|
||
|
264D000
|
trusted library allocation
|
page read and write
|
||
|
278A000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
275A000
|
trusted library allocation
|
page read and write
|
||
|
2A0000
|
heap
|
page read and write
|
||
|
2507000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
262D000
|
trusted library allocation
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
978C000
|
stack
|
page read and write
|
||
|
7E0000
|
trusted library allocation
|
page read and write
|
||
|
274F000
|
trusted library allocation
|
page read and write
|
||
|
27B3000
|
trusted library allocation
|
page read and write
|
||
|
586000
|
heap
|
page read and write
|
||
|
25D4000
|
trusted library allocation
|
page read and write
|
||
|
298C000
|
trusted library allocation
|
page read and write
|
||
|
1CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2551000
|
trusted library allocation
|
page read and write
|
||
|
133000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
2525000
|
trusted library allocation
|
page read and write
|
||
|
539000
|
trusted library section
|
page readonly
|
||
|
1A6000
|
heap
|
page read and write
|
||
|
990E000
|
stack
|
page read and write
|
||
|
89000
|
stack
|
page read and write
|
||
|
18A000
|
stack
|
page read and write
|
||
|
292A000
|
trusted library allocation
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
2768000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
trusted library allocation
|
page read and write
|
||
|
FF2000
|
unkown
|
page execute read
|
||
|
2947000
|
trusted library allocation
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
36E000
|
stack
|
page read and write
|
||
|
24E6000
|
trusted library allocation
|
page read and write
|
||
|
637000
|
heap
|
page read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3C0000
|
trusted library allocation
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
296000
|
heap
|
page read and write
|
||
|
2754000
|
trusted library allocation
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
43E000
|
stack
|
page read and write
|
||
|
2623000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
2C2E000
|
stack
|
page read and write
|
||
|
396000
|
stack
|
page read and write | page guard
|
||
|
613000
|
heap
|
page read and write
|
||
|
631F000
|
stack
|
page read and write
|
||
|
4C10000
|
trusted library allocation
|
page read and write
|
||
|
2958000
|
trusted library allocation
|
page read and write
|
||
|
2792000
|
trusted library allocation
|
page read and write
|
||
|
243F000
|
trusted library allocation
|
page read and write
|
||
|
2617000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
50AE000
|
stack
|
page read and write
|
||
|
263C000
|
trusted library allocation
|
page read and write
|
||
|
970E000
|
stack
|
page read and write
|
||
|
298E000
|
trusted library allocation
|
page read and write
|
||
|
15A000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D000
|
trusted library allocation
|
page execute and read and write
|
||
|
730000
|
trusted library allocation
|
page read and write
|
||
|
25D8000
|
trusted library allocation
|
page read and write
|
||
|
25D2000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
1ED0000
|
remote allocation
|
page read and write
|
||
|
2D3B000
|
heap
|
page read and write
|
||
|
24F0000
|
trusted library allocation
|
page read and write
|
||
|
292C000
|
trusted library allocation
|
page read and write
|
||
|
25E9000
|
trusted library allocation
|
page read and write
|
||
|
2745000
|
trusted library allocation
|
page read and write
|
||
|
2558000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
24D3000
|
trusted library allocation
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
134000
|
trusted library allocation
|
page read and write
|
||
|
477000
|
unkown
|
page read and write
|
||
|
24F5000
|
trusted library allocation
|
page read and write
|
||
|
2653000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
heap
|
page execute and read and write
|
||
|
297B000
|
trusted library allocation
|
page read and write
|
||
|
5E5000
|
trusted library allocation
|
page read and write
|
||
|
2619000
|
trusted library allocation
|
page read and write
|
||
|
9E90000
|
trusted library allocation
|
page read and write
|
||
|
25DE000
|
trusted library allocation
|
page read and write
|
||
|
25E5000
|
trusted library allocation
|
page read and write
|
||
|
23FF000
|
stack
|
page read and write
|
||
|
24F3000
|
trusted library allocation
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
25E7000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
trusted library allocation
|
page read and write
|
||
|
2502000
|
heap
|
page read and write
|
||
|
296F000
|
trusted library allocation
|
page read and write
|
||
|
27BA000
|
trusted library allocation
|
page read and write
|
||
|
2912000
|
trusted library allocation
|
page read and write
|
||
|
290B000
|
trusted library allocation
|
page read and write
|
||
|
167000
|
heap
|
page read and write
|
||
|
2527000
|
trusted library allocation
|
page read and write
|
||
|
117000
|
heap
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page read and write
|
||
|
263E000
|
trusted library allocation
|
page read and write
|
||
|
60A000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
4DCE000
|
stack
|
page read and write
|
||
|
2501000
|
trusted library allocation
|
page read and write
|
||
|
3551000
|
trusted library allocation
|
page read and write
|
||
|
293000
|
trusted library allocation
|
page read and write
|
||
|
24EE000
|
trusted library allocation
|
page read and write
|
||
|
2443000
|
trusted library allocation
|
page read and write
|
||
|
2889000
|
trusted library allocation
|
page read and write
|
||
|
27BE000
|
trusted library allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
2D38000
|
heap
|
page read and write
|
||
|
255D000
|
trusted library allocation
|
page read and write
|
||
|
274D000
|
trusted library allocation
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
790000
|
trusted library allocation
|
page read and write
|
||
|
25F9000
|
trusted library allocation
|
page read and write
|
||
|
276A000
|
trusted library allocation
|
page read and write
|
||
|
2926000
|
trusted library allocation
|
page read and write
|
||
|
604F000
|
stack
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
2994000
|
trusted library allocation
|
page read and write
|
||
|
2276000
|
heap
|
page read and write
|
||
|
24D5000
|
trusted library allocation
|
page read and write
|
||
|
2548000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
275C000
|
trusted library allocation
|
page read and write
|
||
|
261D000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
2531000
|
trusted library allocation
|
page read and write
|
||
|
2952000
|
trusted library allocation
|
page read and write
|
||
|
222000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
870000
|
trusted library allocation
|
page read and write
|
||
|
262B000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
2973000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
790000
|
trusted library allocation
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
95CE000
|
stack
|
page read and write
|
||
|
2503000
|
trusted library allocation
|
page read and write
|
||
|
2956000
|
trusted library allocation
|
page read and write
|
||
|
2764000
|
trusted library allocation
|
page read and write
|
||
|
273F000
|
trusted library allocation
|
page read and write
|
||
|
25F5000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
252D000
|
trusted library allocation
|
page read and write
|
||
|
2760000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
trusted library allocation
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
94D4000
|
trusted library allocation
|
page read and write
|
||
|
2640000
|
trusted library allocation
|
page read and write
|
||
|
2655000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
trusted library allocation
|
page read and write
|
||
|
251C000
|
trusted library allocation
|
page read and write
|
||
|
9980000
|
heap
|
page read and write
|
||
|
216F000
|
stack
|
page read and write
|
||
|
494000
|
unkown
|
page read and write
|
||
|
24000
|
heap
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
254A000
|
trusted library allocation
|
page read and write
|
||
|
278E000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
2909000
|
trusted library allocation
|
page read and write
|
||
|
94CF000
|
trusted library allocation
|
page read and write
|
||
|
3C5000
|
trusted library allocation
|
page read and write
|
||
|
27C8000
|
trusted library allocation
|
page read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
1F00000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
810000
|
trusted library allocation
|
page read and write
|
||
|
2777000
|
trusted library allocation
|
page read and write
|
||
|
296D000
|
trusted library allocation
|
page read and write
|
||
|
67D000
|
heap
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
9790000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
130000
|
trusted library allocation
|
page read and write
|
||
|
7F3000
|
trusted library allocation
|
page read and write
|
||
|
74A000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
FF2000
|
unkown
|
page execute read
|
||
|
496F000
|
stack
|
page read and write
|
||
|
24DE000
|
trusted library allocation
|
page read and write
|
||
|
1B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2516000
|
trusted library allocation
|
page read and write
|
||
|
56F000
|
heap
|
page read and write
|
||
|
2747000
|
trusted library allocation
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
2554000
|
trusted library allocation
|
page read and write
|
||
|
478D000
|
trusted library allocation
|
page read and write
|
||
|
290000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
heap
|
page execute and read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
2505000
|
trusted library allocation
|
page read and write
|
||
|
621000
|
heap
|
page read and write
|
||
|
96CD000
|
stack
|
page read and write
|
||
|
792000
|
heap
|
page read and write
|
||
|
279B000
|
trusted library allocation
|
page read and write
|
||
|
2615000
|
trusted library allocation
|
page read and write
|
||
|
3ED000
|
stack
|
page read and write
|
||
|
275E000
|
trusted library allocation
|
page read and write
|
||
|
2608000
|
trusted library allocation
|
page read and write
|
||
|
2521000
|
trusted library allocation
|
page read and write
|
||
|
2796000
|
trusted library allocation
|
page read and write
|
||
|
14B000
|
trusted library allocation
|
page read and write
|
||
|
278C000
|
trusted library allocation
|
page read and write
|
||
|
4410000
|
trusted library allocation
|
page read and write
|
||
|
25FD000
|
trusted library allocation
|
page read and write
|
||
|
4CD000
|
stack
|
page read and write
|
||
|
9450000
|
heap
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
2629000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
trusted library allocation
|
page read and write
|
||
|
DCF000
|
stack
|
page read and write
|
||
|
292E000
|
trusted library allocation
|
page read and write
|
||
|
27A9000
|
trusted library allocation
|
page read and write
|
||
|
2625000
|
trusted library allocation
|
page read and write
|
||
|
2996000
|
trusted library allocation
|
page read and write
|
||
|
FF4000
|
unkown
|
page readonly
|
||
|
24E4000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
25E1000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
24EC000
|
trusted library allocation
|
page read and write
|
||
|
25EF000
|
trusted library allocation
|
page read and write
|
||
|
82E000
|
stack
|
page read and write
|
||
|
82D000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
2627000
|
trusted library allocation
|
page read and write
|
||
|
3FE000
|
stack
|
page read and write
|
||
|
253B000
|
trusted library allocation
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
6DA000
|
heap
|
page read and write
|
||
|
27AD000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
456E000
|
stack
|
page read and write
|
||
|
295D000
|
trusted library allocation
|
page read and write
|
||
|
ED2000
|
heap
|
page read and write
|
||
|
24FF000
|
trusted library allocation
|
page read and write
|
||
|
5D3000
|
trusted library allocation
|
page read and write
|
||
|
24E4000
|
heap
|
page read and write
|
||
|
2887000
|
trusted library allocation
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
14D000
|
trusted library allocation
|
page execute and read and write
|
||
|
538000
|
trusted library allocation
|
page read and write
|
||
|
1E40000
|
trusted library allocation
|
page read and write
|
||
|
226E000
|
stack
|
page read and write
|
||
|
250B000
|
trusted library allocation
|
page read and write
|
||
|
2535000
|
trusted library allocation
|
page read and write
|
||
|
2BEF000
|
stack
|
page read and write
|
||
|
27B7000
|
trusted library allocation
|
page read and write
|
||
|
293F000
|
trusted library allocation
|
page read and write
|
||
|
27BC000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
740000
|
trusted library allocation
|
page read and write
|
||
|
1ED0000
|
remote allocation
|
page read and write
|
||
|
276C000
|
trusted library allocation
|
page read and write
|
||
|
974E000
|
stack
|
page read and write
|
||
|
2743000
|
trusted library allocation
|
page read and write
|
||
|
1C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2766000
|
trusted library allocation
|
page read and write
|
||
|
490000
|
trusted library section
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
237000
|
trusted library allocation
|
page execute and read and write
|
||
|
2646000
|
trusted library allocation
|
page read and write
|
||
|
1A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2794000
|
trusted library allocation
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
277D000
|
trusted library allocation
|
page read and write
|
||
|
50E000
|
stack
|
page read and write
|
||
|
4E1000
|
unkown
|
page read and write
|
||
|
21A000
|
stack
|
page read and write
|
||
|
2642000
|
trusted library allocation
|
page read and write
|
||
|
2621000
|
trusted library allocation
|
page read and write
|
||
|
5D8000
|
trusted library allocation
|
page read and write
|
||
|
252B000
|
trusted library allocation
|
page read and write
|
||
|
254C000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
unkown
|
page read and write
|
||
|
3DF000
|
stack
|
page read and write
|
||
|
279D000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
98CF000
|
stack
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
7E0000
|
trusted library allocation
|
page read and write
|
||
|
25F3000
|
trusted library allocation
|
page read and write
|
||
|
274B000
|
trusted library allocation
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
2651000
|
trusted library allocation
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
1BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
730000
|
trusted library allocation
|
page read and write
|
||
|
250000
|
heap
|
page execute and read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
120000
|
trusted library allocation
|
page read and write
|
||
|
2533000
|
trusted library allocation
|
page read and write
|
||
|
167000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EF0000
|
heap
|
page read and write
|
||
|
436000
|
remote allocation
|
page execute and read and write
|
||
|
790000
|
trusted library allocation
|
page execute and read and write
|
||
|
9CBF000
|
stack
|
page read and write
|
||
|
1CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
53FE000
|
stack
|
page read and write
|
||
|
94BF000
|
trusted library allocation
|
page read and write
|
||
|
140000
|
trusted library allocation
|
page read and write
|
||
|
24CF000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
trusted library allocation
|
page read and write
|
||
|
9D70000
|
heap
|
page read and write
|
||
|
5E70000
|
heap
|
page read and write
|
||
|
2451000
|
trusted library allocation
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
B3F000
|
stack
|
page read and write
|
||
|
162000
|
trusted library allocation
|
page read and write
|
||
|
27CA000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
trusted library allocation
|
page read and write
|
||
|
5DC000
|
trusted library allocation
|
page read and write
|
||
|
2758000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
trusted library allocation
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
2514000
|
trusted library allocation
|
page read and write
|
||
|
2779000
|
trusted library allocation
|
page read and write
|
||
|
398000
|
stack
|
page read and write
|
||
|
5DD000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2634000
|
trusted library allocation
|
page read and write
|
||
|
293D000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2644000
|
trusted library allocation
|
page read and write
|
||
|
24EA000
|
trusted library allocation
|
page read and write
|
||
|
46E000
|
stack
|
page read and write
|
||
|
25F7000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A7000
|
heap
|
page read and write
|
||
|
2756000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
trusted library allocation
|
page read and write
|
||
|
290F000
|
trusted library allocation
|
page read and write
|
||
|
25E3000
|
trusted library allocation
|
page read and write
|
||
|
25DC000
|
trusted library allocation
|
page read and write
|
||
|
2975000
|
trusted library allocation
|
page read and write
|
||
|
6D1000
|
heap
|
page read and write
|
||
|
730000
|
trusted library allocation
|
page read and write
|
||
|
277B000
|
trusted library allocation
|
page read and write
|
||
|
A8E0000
|
trusted library allocation
|
page read and write
|
||
|
2433000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
24DA000
|
trusted library allocation
|
page read and write
|
||
|
2798000
|
trusted library allocation
|
page read and write
|
||
|
2431000
|
trusted library allocation
|
page read and write
|
||
|
7FA000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
trusted library allocation
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
24FD000
|
trusted library allocation
|
page read and write
|
||
|
CAD000
|
stack
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
5DB000
|
trusted library allocation
|
page read and write
|
||
|
240000
|
heap
|
page execute and read and write
|
||
|
9FA0000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page execute and read and write
|
||
|
5AF000
|
stack
|
page read and write
|
||
|
297D000
|
trusted library allocation
|
page read and write
|
||
|
20B000
|
stack
|
page read and write
|
||
|
25FB000
|
trusted library allocation
|
page read and write
|
||
|
2784000
|
trusted library allocation
|
page read and write
|
||
|
2928000
|
trusted library allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page read and write
|
||
|
27AB000
|
trusted library allocation
|
page read and write
|
||
|
254E000
|
trusted library allocation
|
page read and write
|
||
|
273B000
|
trusted library allocation
|
page read and write
|
||
|
23B000
|
trusted library allocation
|
page execute and read and write
|
||
|
73A000
|
trusted library allocation
|
page read and write
|
||
|
1A0000
|
trusted library allocation
|
page read and write
|
||
|
4400000
|
trusted library allocation
|
page read and write
|
||
|
27B5000
|
trusted library allocation
|
page read and write
|
||
|
4B9000
|
unkown
|
page read and write
|
||
|
2544000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
730000
|
trusted library allocation
|
page read and write
|
||
|
290D000
|
trusted library allocation
|
page read and write
|
||
|
7EFE0000
|
unkown
|
page readonly
|
||
|
260000
|
heap
|
page read and write
|
||
|
5F9000
|
heap
|
page read and write
|
||
|
2AEF000
|
stack
|
page read and write
|
||
|
2924000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
19D000
|
heap
|
page read and write
|
||
|
530000
|
trusted library section
|
page readonly
|
||
|
50CD000
|
trusted library allocation
|
page read and write
|
||
|
2546000
|
trusted library allocation
|
page read and write
|
||
|
2429000
|
trusted library allocation
|
page read and write
|
||
|
9E8F000
|
stack
|
page read and write
|
||
|
2539000
|
trusted library allocation
|
page read and write
|
||
|
25D6000
|
trusted library allocation
|
page read and write
|
||
|
2752000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
2937000
|
trusted library allocation
|
page read and write
|
||
|
885000
|
trusted library allocation
|
page read and write
|
||
|
27B1000
|
trusted library allocation
|
page read and write
|
||
|
252F000
|
trusted library allocation
|
page read and write
|
||
|
4E2D000
|
stack
|
page read and write
|
||
|
156000
|
trusted library allocation
|
page execute and read and write
|
||
|
740000
|
trusted library allocation
|
page read and write
|
||
|
2556000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
588F000
|
stack
|
page read and write
|
There are 499 hidden memdumps, click here to show them.