IOC Report
OatAFVzm15.exe

loading gif

Files

File Path
Type
Category
Malicious
OatAFVzm15.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_OatAFVzm15.exe_a26318744316683b0d1fe53934c2b47109f797_532d33bc_179a95d5\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_OatAFVzm15.exe_a26318744316683b0d1fe53934c2b47109f797_532d33bc_08651c8c\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8AB9.tmp.dmp
Mini DuMP crash report, 14 streams, Sat Aug 27 10:59:51 2022, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8E06.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8FCC.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1103.tmp.dmp
Mini DuMP crash report, 14 streams, Sat Aug 27 10:54:27 2022, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER13C3.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER154A.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\OatAFVzm15.exe
"C:\Users\user\Desktop\OatAFVzm15.exe"
malicious
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 772 -s 212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3988 -s 224

URLs

Name
IP
Malicious
http://www.google.com/webhp
unknown
http://www.google.com/webhpbcU
unknown

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
AmiHivePermissionsCorrect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
AmiHiveOwnerCorrect
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
ProgramId
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
FileId
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
LowerCaseLongPath
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
LongPathHash
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Name
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Publisher
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Version
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
BinFileVersion
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
BinaryType
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
ProductName
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
ProductVersion
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
LinkDate
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
BinProductVersion
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Size
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Language
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
IsPeFile
\REGISTRY\A\{522e3623-668e-c9a3-6fdc-8b4048ff1dbe}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
IsOsComponent
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
ExceptionRecord
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
0018800453F4626F
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
ProgramId
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
FileId
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
LowerCaseLongPath
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
LongPathHash
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Name
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Publisher
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Version
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
BinFileVersion
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
BinaryType
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
ProductName
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
ProductVersion
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
LinkDate
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
BinProductVersion
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Size
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
Language
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
IsPeFile
\REGISTRY\A\{87c51688-9fe7-32c4-9e1a-3201cc3589c5}\Root\InventoryApplicationFile\oatafvzm15.exe|77839bf3
IsOsComponent
There are 31 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
401000
unkown
page execute read
 malicious
401000
unkown
page execute read
 malicious
401000
unkown
page execute read
 malicious
401000
unkown
page execute read
 malicious
2BA70F80000
trusted library allocation
page read and write
25EDC802000
heap
page read and write
9B5DEFF000
stack
page read and write
2209F648000
heap
page read and write
21072C00000
trusted library allocation
page read and write
13EC6300000
heap
page read and write
2BA6B890000
heap
page read and write
24D79550000
heap
page read and write
9B5DA7E000
stack
page read and write
5EA000
heap
page read and write
2BA6B7D0000
heap
page read and write
9D000
stack
page read and write
2BA6B854000
heap
page read and write
2BA6B88A000
heap
page read and write
F407AFA000
stack
page read and write
2BA71290000
trusted library allocation
page read and write
2BA6B760000
heap
page read and write
25EDC802000
heap
page read and write
2A91E550000
heap
page read and write
25EDC800000
heap
page read and write
2BA70E60000
trusted library allocation
page read and write
2A029630000
heap
page read and write
E8CC7FA000
stack
page read and write
25EDC802000
heap
page read and write
2A91E64E000
heap
page read and write
13EC6508000
heap
page read and write
2209F65C000
heap
page read and write
1DDB3900000
heap
page read and write
DA1377E000
stack
page read and write
2BA70E60000
trusted library allocation
page read and write
1DDB32BA000
heap
page read and write
2A91EE02000
trusted library allocation
page read and write
400B17F000
stack
page read and write
204E53B0000
heap
page read and write
25EDC3AB000
heap
page read and write
2BA6C100000
heap
page read and write
21071D9C000
heap
page read and write
5D0000
remote allocation
page read and write
9D000
stack
page read and write
DA1387F000
stack
page read and write
19B000
stack
page read and write
21072BD0000
trusted library allocation
page read and write
1DDB31F0000
trusted library allocation
page read and write
2209F63A000
heap
page read and write
F407BFF000
stack
page read and write
25EDBD02000
heap
page read and write
F40727D000
stack
page read and write
9B5D70B000
stack
page read and write
C5BEC77000
stack
page read and write
400000
unkown
page readonly
ED33EFE000
stack
page read and write
2BA6B876000
heap
page read and write
9B5D78E000
stack
page read and write
204E5654000
heap
page read and write
20A56289000
heap
page read and write
204E5644000
heap
page read and write
5BE000
stack
page read and write
ED33FFD000
stack
page read and write
C1B11FE000
stack
page read and write
2BA6B86C000
heap
page read and write
2209F490000
heap
page read and write
25EDC358000
heap
page read and write
2209F629000
heap
page read and write
E8CC179000
stack
page read and write
2A91E651000
heap
page read and write
24D796F1000
heap
page read and write
204E5644000
heap
page read and write
13EC6461000
heap
page read and write
25EDBC88000
heap
page read and write
25EDC359000
heap
page read and write
25EDBC4D000
heap
page read and write
25EDC38A000
heap
page read and write
2BA70F50000
trusted library allocation
page read and write
2209F642000
heap
page read and write
25EDC790000
remote allocation
page read and write
13EC642D000
heap
page read and write
400B3FE000
stack
page read and write
2BA70E50000
trusted library allocation
page read and write
2A029902000
heap
page read and write
2A91E676000
heap
page read and write
24D796C6000
heap
page read and write
25EDBC53000
heap
page read and write
9B5DCFE000
stack
page read and write
2209F64B000
heap
page read and write
210720E0000
trusted library allocation
page read and write
EADA8F9000
stack
page read and write
1DDB3213000
heap
page read and write
2BA710FA000
heap
page read and write
25EDBD08000
heap
page read and write
406000
unkown
page write copy
24D79805000
heap
page read and write
2209F702000
heap
page read and write
400000
unkown
page readonly
25EDC361000
heap
page read and write
25EDBC29000
heap
page read and write
25EDC391000
heap
page read and write
57E000
stack
page read and write
25EDC360000
heap
page read and write
2BA70F00000
trusted library allocation
page read and write
13EC6526000
heap
page read and write
5E0000
heap
page read and write
25EDC31F000
heap
page read and write
25EDBCC7000
heap
page read and write
F4072FE000
stack
page read and write
41C000
unkown
page write copy
2BA71104000
heap
page read and write
25EDBCE3000
heap
page read and write
25EDC398000
heap
page read and write
2BA70F90000
remote allocation
page read and write
13EC6469000
heap
page read and write
20A55FD0000
heap
page read and write
2209F660000
heap
page read and write
2A91E682000
heap
page read and write
C5BE97E000
stack
page read and write
E8CC97D000
stack
page read and write
400B4FA000
stack
page read and write
30000
unkown
page read and write
20A56281000
heap
page read and write
25EDC396000
heap
page read and write
2BA70F40000
trusted library allocation
page read and write
25EDC380000
heap
page read and write
DA1317F000
stack
page read and write
25EDC802000
heap
page read and write
400B27B000
stack
page read and write
2A0295C0000
heap
page read and write
25EDC34B000
heap
page read and write
8DF000
stack
page read and write
F4076FF000
stack
page read and write
25EDC3B9000
heap
page read and write
400B2FF000
stack
page read and write
13EC6463000
heap
page read and write
13EC6429000
heap
page read and write
25EDBC4A000
heap
page read and write
30000
heap
page read and write
25EDC392000
heap
page read and write
2A029802000
heap
page read and write
204E55F0000
trusted library allocation
page read and write
25EDC844000
heap
page read and write
2BA70E70000
trusted library allocation
page read and write
406000
unkown
page write copy
2A029DC0000
remote allocation
page read and write
24D796E6000
heap
page read and write
1DDB3802000
heap
page read and write
2209F661000
heap
page read and write
2A91E64C000
heap
page read and write
E8CBE7B000
stack
page read and write
C5BE8FE000
stack
page read and write
20A5622A000
heap
page read and write
2209F65A000
heap
page read and write
25EDC300000
heap
page read and write
2CDE57B000
stack
page read and write
1DDB326E000
heap
page read and write
2BA71064000
heap
page read and write
2209F637000
heap
page read and write
2209F644000
heap
page read and write
2BA71102000
heap
page read and write
25EDC361000
heap
page read and write
25EDBC4B000
heap
page read and write
2209F667000
heap
page read and write
1DDB3020000
heap
page read and write
ED3417D000
stack
page read and write
21071D9C000
heap
page read and write
2209F65E000
heap
page read and write
2BA6B856000
heap
page read and write
20A5625B000
heap
page read and write
2209F646000
heap
page read and write
25EDBCE6000
heap
page read and write
2CDE0FC000
stack
page read and write
1DDB3288000
heap
page read and write
25EDC393000
heap
page read and write
405000
unkown
page readonly
20A56213000
heap
page read and write
25EDC385000
heap
page read and write
2A02985C000
heap
page read and write
2209F674000
heap
page read and write
2209F420000
heap
page read and write
2CDE97F000
stack
page read and write
20A56040000
heap
page read and write
2BA70F60000
trusted library allocation
page read and write
25EDC387000
heap
page read and write
25EDBCF6000
heap
page read and write
F4077FA000
stack
page read and write
21071D58000
heap
page read and write
2BA6B8B9000
heap
page read and write
EADA6FF000
stack
page read and write
440000
unkown
page read and write
25EDBC13000
heap
page read and write
3CED27E000
stack
page read and write
25EDBD16000
heap
page read and write
3CED77F000
stack
page read and write
2CDE3FF000
stack
page read and write
C5BEA7B000
stack
page read and write
20A567A0000
trusted library allocation
page read and write
204E53C0000
heap
page read and write
25EDC3AE000
heap
page read and write
2BA6B928000
heap
page read and write
1F0000
trusted library allocation
page read and write
400B6FB000
stack
page read and write
25EDBC3C000
heap
page read and write
ED3407F000
stack
page read and write
25EDBC00000
heap
page read and write
2209F600000
heap
page read and write
2A91E700000
heap
page read and write
2BA70CA0000
trusted library allocation
page read and write
13EC6C02000
trusted library allocation
page read and write
1F0000
trusted library allocation
page read and write
2BA6B902000
heap
page read and write
F40797E000
stack
page read and write
25EDC374000
heap
page read and write
2BA6CC80000
trusted library allocation
page read and write
25EDC3A3000
heap
page read and write
24D796E3000
heap
page read and write
24D796F2000
heap
page read and write
25EDC361000
heap
page read and write
440000
unkown
page write copy
25EDC3D9000
heap
page read and write
C1B117E000
stack
page read and write
2209F658000
heap
page read and write
20A56270000
heap
page read and write
25EDC3CB000
heap
page read and write
406000
unkown
page write copy
EADA7FB000
stack
page read and write
C1B107A000
stack
page read and write
25EDC38A000
heap
page read and write
530000
heap
page read and write
2A0295D0000
heap
page read and write
2BA71031000
heap
page read and write
EADA779000
stack
page read and write
EADA87E000
stack
page read and write
2BA70E3E000
trusted library allocation
page read and write
F40787E000
stack
page read and write
DA12E7B000
stack
page read and write
2BA6B916000
heap
page read and write
3CED577000
stack
page read and write
24D796C1000
heap
page read and write
21072120000
trusted library allocation
page read and write
25EDBCB0000
heap
page read and write
2BA6C118000
heap
page read and write
2A91E653000
heap
page read and write
EADA3EB000
stack
page read and write
25EDBC52000
heap
page read and write
E8CC37E000
stack
page read and write
25EDBCBF000
heap
page read and write
13EC6413000
heap
page read and write
24D796E6000
heap
page read and write
25EDC360000
heap
page read and write
2BA6B770000
heap
page read and write
1DDB32CB000
heap
page read and write
DA1367F000
stack
page read and write
2BA71000000
heap
page read and write
DA1347D000
stack
page read and write
2A91E680000
heap
page read and write
2209F66E000
heap
page read and write
2209F662000
heap
page read and write
25EDC398000
heap
page read and write
3CECF9E000
stack
page read and write
204E5713000
heap
page read and write
41C000
unkown
page write copy
25EDC394000
heap
page read and write
2BA6B89C000
heap
page read and write
EADA67E000
stack
page read and write
C1B12FE000
stack
page read and write
2A029840000
heap
page read and write
1DDB3302000
heap
page read and write
2209F683000
heap
page read and write
2209F590000
trusted library allocation
page read and write
2BA710A9000
heap
page read and write
2BA71100000
heap
page read and write
2BA6B872000
heap
page read and write
20A5623D000
heap
page read and write
DA1357F000
stack
page read and write
13EC6500000
heap
page read and write
2209F67C000
heap
page read and write
5EA000
heap
page read and write
20A56302000
heap
page read and write
440000
unkown
page read and write
C1B1279000
stack
page read and write
7DF000
stack
page read and write
25EDC360000
heap
page read and write
3CED37C000
stack
page read and write
2BA70D20000
trusted library allocation
page read and write
25EDC361000
heap
page read and write
25EDC3A7000
heap
page read and write
25EDC802000
heap
page read and write
2A91E713000
heap
page read and write
1DDB32C5000
heap
page read and write
F4079FE000
stack
page read and write
20A55FE0000
heap
page read and write
2BA710E3000
heap
page read and write
25EDC316000
heap
page read and write
2BA70F90000
trusted library allocation
page read and write
2BA70F90000
remote allocation
page read and write
24D797B0000
heap
page read and write
25EDC802000
heap
page read and write
2A029824000
heap
page read and write
25EDC802000
heap
page read and write
2BA710B0000
heap
page read and write
25EDC790000
remote allocation
page read and write
2BA70F00000
trusted library allocation
page read and write
25EDC385000
heap
page read and write
2209F657000
heap
page read and write
E8CC47B000
stack
page read and write
2BA6CC61000
trusted library allocation
page read and write
2BA6B8FB000
heap
page read and write
13EC643C000
heap
page read and write
5D0000
remote allocation
page read and write
2A029800000
heap
page read and write
2BA72000000
heap
page read and write
440000
unkown
page read and write
3CECF1B000
stack
page read and write
21071D10000
heap
page read and write
21072110000
heap
page read and write
13EC6400000
heap
page read and write
13EC6481000
heap
page read and write
2BA70F00000
trusted library allocation
page read and write
25EDB9C0000
heap
page read and write
25EDC802000
heap
page read and write
2BA70E30000
trusted library allocation
page read and write
25EDC35F000
heap
page read and write
204E5420000
heap
page read and write
21072119000
heap
page read and write
25EDC398000
heap
page read and write
21071D9C000
heap
page read and write
2BA6B800000
heap
page read and write
2BA6B83D000
heap
page read and write
25EDBD13000
heap
page read and write
24D79680000
heap
page read and write
2A029DC0000
remote allocation
page read and write
2BA70F10000
trusted library allocation
page read and write
E8CC27B000
stack
page read and write
8DF000
stack
page read and write
5E0000
heap
page read and write
13EC62F0000
heap
page read and write
21071D98000
heap
page read and write
ED33DFC000
stack
page read and write
2CDE07F000
stack
page read and write
2A91E5E0000
trusted library allocation
page read and write
25EDC190000
trusted library allocation
page read and write
204E5602000
heap
page read and write
13EC6475000
heap
page read and write
25EDC790000
remote allocation
page read and write
2209F659000
heap
page read and write
25EDC391000
heap
page read and write
400AF7F000
stack
page read and write
25EDC803000
heap
page read and write
1DDB3932000
heap
page read and write
2BA6C7E0000
trusted library allocation
page read and write
20A56200000
heap
page read and write
2BA710A6000
heap
page read and write
7DF000
stack
page read and write
1DDB2FC0000
heap
page read and write
204E5650000
heap
page read and write
2CDE77F000
stack
page read and write
C1B137E000
stack
page read and write
20A56313000
heap
page read and write
2BA6B902000
heap
page read and write
2A029DC0000
remote allocation
page read and write
25EDC35F000
heap
page read and write
20A56259000
heap
page read and write
2BA6B88C000
heap
page read and write
25EDC398000
heap
page read and write
405000
unkown
page readonly
E8CC077000
stack
page read and write
406000
unkown
page write copy
13EC645E000
heap
page read and write
C1B10FF000
stack
page read and write
C5BE87B000
stack
page read and write
25EDC3AE000
heap
page read and write
2BA7104B000
heap
page read and write
25EDC820000
heap
page read and write
21072100000
trusted library allocation
page read and write
2209F64E000
heap
page read and write
2A91E671000
heap
page read and write
F406FAC000
stack
page read and write
24D796E6000
heap
page read and write
21072990000
trusted library allocation
page read and write
2CDE4FE000
stack
page read and write
2BA6B8AB000
heap
page read and write
2BA70E51000
trusted library allocation
page read and write
25EDC802000
heap
page read and write
2BA6C000000
heap
page read and write
13EC6466000
heap
page read and write
21071C90000
trusted library allocation
page read and write
2BA71060000
heap
page read and write
2BA70E54000
trusted library allocation
page read and write
1DDB3200000
heap
page read and write
2209F641000
heap
page read and write
2209F663000
heap
page read and write
2209F67D000
heap
page read and write
24D796D6000
heap
page read and write
57E000
stack
page read and write
3CED67D000
stack
page read and write
9B5DBFE000
stack
page read and write
25EDC802000
heap
page read and write
2BA70E30000
trusted library allocation
page read and write
21072BF0000
trusted library allocation
page read and write
2BA6B813000
heap
page read and write
2BA6C015000
heap
page read and write
2BA6B8FB000
heap
page read and write
2BA70F90000
remote allocation
page read and write
2209FE02000
trusted library allocation
page read and write
24D796D7000
heap
page read and write
2BA6CC83000
trusted library allocation
page read and write
13EC6427000
heap
page read and write
25EDBC4F000
heap
page read and write
21071C80000
heap
page read and write
530000
heap
page read and write
25EDC361000
heap
page read and write
2BA6B907000
heap
page read and write
25EDBC55000
heap
page read and write
21072BE0000
heap
page readonly
24D796BB000
heap
page read and write
2A91E602000
heap
page read and write
5EA000
heap
page read and write
2209F673000
heap
page read and write
2A029813000
heap
page read and write
25EDBA30000
heap
page read and write
25EDB9D0000
heap
page read and write
20A56241000
heap
page read and write
25EDBCE0000
heap
page read and write
2A91E600000
heap
page read and write
204E5702000
heap
page read and write
2209F66A000
heap
page read and write
2CDDCCB000
stack
page read and write
204E565C000
heap
page read and write
13EC6493000
heap
page read and write
25EDBCA6000
heap
page read and write
13EC6459000
heap
page read and write
2CDE2FC000
stack
page read and write
2A91E629000
heap
page read and write
2BA6BF30000
trusted library allocation
page read and write
400000
unkown
page readonly
405000
unkown
page readonly
25EDBC9F000
heap
page read and write
204E5BA0000
trusted library allocation
page read and write
19B000
stack
page read and write
204E5672000
heap
page read and write
2BA70E74000
trusted library allocation
page read and write
2A91E5B0000
heap
page read and write
9B5DDFE000
stack
page read and write
2CDE87C000
stack
page read and write
13EC6360000
heap
page read and write
F4075F7000
stack
page read and write
DA1307B000
stack
page read and write
2BA710E9000
heap
page read and write
2209F631000
heap
page read and write
2BA71270000
trusted library allocation
page read and write
21071D60000
heap
page read and write
2209F640000
heap
page read and write
2209F63D000
heap
page read and write
2CDE67B000
stack
page read and write
405000
unkown
page readonly
2A029E02000
trusted library allocation
page read and write
25EDBC50000
heap
page read and write
2209F430000
heap
page read and write
21071DA6000
heap
page read and write
2209F666000
heap
page read and write
2209F613000
heap
page read and write
25EDBC6C000
heap
page read and write
2A91E613000
heap
page read and write
C5BEE7E000
stack
page read and write
1DDB32E1000
heap
page read and write
25EDC38A000
heap
page read and write
210720F0000
trusted library allocation
page read and write
204E5629000
heap
page read and write
204E5613000
heap
page read and write
2BA710E3000
heap
page read and write
21071DA6000
heap
page read and write
5BE000
stack
page read and write
2BA70F70000
trusted library allocation
page read and write
25EDC372000
heap
page read and write
ED33D7E000
stack
page read and write
2209F67A000
heap
page read and write
25EDC385000
heap
page read and write
2A02982A000
heap
page read and write
2BA6C118000
heap
page read and write
204E5600000
heap
page read and write
25EDC314000
heap
page read and write
2A029D90000
trusted library allocation
page read and write
DA1327B000
stack
page read and write
2209F66C000
heap
page read and write
2BA710BB000
heap
page read and write
21072115000
heap
page read and write
25EDBCE7000
heap
page read and write
C5BEB7B000
stack
page read and write
13EC6502000
heap
page read and write
2BA70E38000
trusted library allocation
page read and write
19B000
stack
page read and write
1DDB3313000
heap
page read and write
ED342FE000
stack
page read and write
2BA6C158000
heap
page read and write
2BA71107000
heap
page read and write
25EDC394000
heap
page read and write
21071D50000
heap
page read and write
400000
unkown
page readonly
2BA6C104000
heap
page read and write
25EDC398000
heap
page read and write
25EDC360000
heap
page read and write
21071CF0000
heap
page read and write
25EDC202000
heap
page read and write
2BA71018000
heap
page read and write
2209F664000
heap
page read and write
30000
unkown
page read and write
2209F65F000
heap
page read and write
2BA6C113000
heap
page read and write
2BA70C90000
trusted library allocation
page read and write
25EDC361000
heap
page read and write
2209F669000
heap
page read and write
25EDBC4E000
heap
page read and write
C5BED7E000
stack
page read and write
25EDC34D000
heap
page read and write
2A91E708000
heap
page read and write
F4074F8000
stack
page read and write
EADA979000
stack
page read and write
DA1397E000
stack
page read and write
204E5700000
heap
page read and write
2209F645000
heap
page read and write
25EDC381000
heap
page read and write
2BA7103E000
heap
page read and write
25EDC38A000
heap
page read and write
25EDC380000
heap
page read and write
2209F602000
heap
page read and write
13EC6390000
trusted library allocation
page read and write
E8CCB7E000
stack
page read and write
ED338BC000
stack
page read and write
2BA6C002000
heap
page read and write
2A91E68D000
heap
page read and write
2BA6C102000
heap
page read and write
24D796E3000
heap
page read and write
24D796B0000
heap
page read and write
25EDC38A000
heap
page read and write
204E563C000
heap
page read and write
2A91E540000
heap
page read and write
1DDB2FB0000
heap
page read and write
41C000
unkown
page write copy
2A91E702000
heap
page read and write
25EDC35A000
heap
page read and write
1F0000
trusted library allocation
page read and write
25EDBCA7000
heap
page read and write
21071D9C000
heap
page read and write
13EC6513000
heap
page read and write
21072C50000
trusted library allocation
page read and write
2BA6B829000
heap
page read and write
25EDC392000
heap
page read and write
20A56802000
trusted library allocation
page read and write
24D796E3000
heap
page read and write
400ABBB000
stack
page read and write
2BA70D10000
trusted library allocation
page read and write
3CED47B000
stack
page read and write
2BA6CC90000
trusted library allocation
page read and write
1DDB3229000
heap
page read and write
1DDB3242000
heap
page read and write
5E0000
heap
page read and write
24D79800000
heap
page read and write
25EDC35F000
heap
page read and write
25EDC398000
heap
page read and write
204E5C02000
trusted library allocation
page read and write
41C000
unkown
page write copy
9D000
stack
page read and write
2A91E63C000
heap
page read and write
25EDC38A000
heap
page read and write
530000
heap
page read and write
There are 556 hidden memdumps, click here to show them.