Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BUgAyPXboK.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Microsoft\ykbxzh.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\21c8026919fd094ab07ec3c180a9f210_d06ed635-68f6-4e9a-955c-4899f5f57b9a
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\BUgAyPXboK.exe
|
"C:\Users\user\Desktop\BUgAyPXboK.exe"
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup emsisoft.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\ykbxzh.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\ykbxzh.exe"
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup emsisoft.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\ykbxzh.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\ykbxzh.exe"
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup emsisoft.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup emsisoft.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup emsisoft.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup emsisoft.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup emsisoft.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup emsisoft.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 39 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://gdcbghvjyqy7jclk.onion.casa/e644d32fec6144de
|
unknown
|
|
|
|
http://gdcbghvjyqy7jclk.onion.top/e644d32fec6144de
|
unknown
|
|
|
|
http://gdcbghvjyqy7jclk.onion/e644d32fec6144de
|
unknown
|
|
|
|
https://www.torproject.org/
|
unknown
|
||
|
http://gdcbghvjyqy7jclk.onion.guide/e644d32fec6144de
|
unknown
|
||
|
http://gdcbghvjyqy7jclk.onion.plus/e644d32fec6144de
|
unknown
|
||
|
http://gdcbghvjyqy7jclk.onion.rip/e644d32fec6144de
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
emsisoft.bit
|
unknown
|
|
|
|
nomoreransom.bit
|
unknown
|
|
|
|
gandcrab.bit
|
unknown
|
|
|
|
dns1.soprodns.ru
|
unknown
|
|
|
|
ipv4bot.whatismyipaddress.com
|
unknown
|
||
|
8.8.8.8.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
|
cmskpbujpyb
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
412000
|
unkown
|
page write copy
|
|
|
|
40E000
|
unkown
|
page read and write
|
|
|
|
40E000
|
unkown
|
page write copy
|
|
|
|
40E000
|
unkown
|
page write copy
|
|
|
|
40E000
|
unkown
|
page write copy
|
|
|
|
40E000
|
unkown
|
page read and write
|
|
|
|
412000
|
unkown
|
page write copy
|
|
|
|
40E000
|
unkown
|
page read and write
|
|
|
|
2120000
|
direct allocation
|
page read and write
|
||
|
1A342000000
|
heap
|
page read and write
|
||
|
24DBBE3F000
|
heap
|
page read and write
|
||
|
2F195113000
|
heap
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
149427A000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
233B5440000
|
heap
|
page read and write
|
||
|
20193650000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A33B713000
|
heap
|
page read and write
|
||
|
2F195994000
|
heap
|
page read and write
|
||
|
200E5B08000
|
heap
|
page read and write
|
||
|
2F19596F000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
AC3E87E000
|
stack
|
page read and write
|
||
|
1A33BDA0000
|
trusted library section
|
page readonly
|
||
|
1A340BF4000
|
trusted library allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340EEE000
|
heap
|
page read and write
|
||
|
200E5A3C000
|
heap
|
page read and write
|
||
|
20193702000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
64F000
|
stack
|
page read and write
|
||
|
1A33BDD0000
|
trusted library section
|
page readonly
|
||
|
1A33C5E0000
|
trusted library allocation
|
page read and write
|
||
|
2CC01468000
|
heap
|
page read and write
|
||
|
2C30000
|
direct allocation
|
page execute and read and write
|
||
|
50A000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A33B65A000
|
heap
|
page read and write
|
||
|
2CC0146D000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
200E5A51000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2CC01447000
|
heap
|
page read and write
|
||
|
233B564E000
|
heap
|
page read and write
|
||
|
F7F94F9000
|
stack
|
page read and write
|
||
|
EAD607F000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
EAD617B000
|
stack
|
page read and write
|
||
|
AC3E07C000
|
stack
|
page read and write
|
||
|
F7F987F000
|
stack
|
page read and write
|
||
|
2CC0145A000
|
heap
|
page read and write
|
||
|
2CC0147A000
|
heap
|
page read and write
|
||
|
4C0000
|
direct allocation
|
page read and write
|
||
|
372BAF7000
|
stack
|
page read and write
|
||
|
2CC01461000
|
heap
|
page read and write
|
||
|
20193655000
|
heap
|
page read and write
|
||
|
1A2AA450000
|
heap
|
page read and write
|
||
|
2CC0146F000
|
heap
|
page read and write
|
||
|
2F19518E000
|
heap
|
page read and write
|
||
|
2F195057000
|
heap
|
page read and write
|
||
|
233B5702000
|
heap
|
page read and write
|
||
|
24DBBE7B000
|
heap
|
page read and write
|
||
|
2CC01434000
|
heap
|
page read and write
|
||
|
2CC01400000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340CF0000
|
trusted library allocation
|
page read and write
|
||
|
2CC01460000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340EAF000
|
heap
|
page read and write
|
||
|
24DBC602000
|
trusted library allocation
|
page read and write
|
||
|
1A340EBA000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
20193708000
|
heap
|
page read and write
|
||
|
20B0000
|
direct allocation
|
page read and write
|
||
|
20B0000
|
direct allocation
|
page read and write
|
||
|
33BE5FF000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
233CB1A0000
|
trusted library allocation
|
page read and write
|
||
|
1A2AA402000
|
heap
|
page read and write
|
||
|
F7F927B000
|
stack
|
page read and write
|
||
|
2CC0147D000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
1A340BF1000
|
trusted library allocation
|
page read and write
|
||
|
2CC0143D000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
1A33B68B000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
20193600000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340CE0000
|
trusted library allocation
|
page read and write
|
||
|
1A340E9B000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
B26157B000
|
stack
|
page read and write
|
||
|
2CC0144E000
|
heap
|
page read and write
|
||
|
F7F95FF000
|
stack
|
page read and write
|
||
|
1493AF7000
|
stack
|
page read and write
|
||
|
1A340A40000
|
trusted library allocation
|
page read and write
|
||
|
2F195A13000
|
heap
|
page read and write
|
||
|
1A340AC0000
|
trusted library allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
20193700000
|
heap
|
page read and write
|
||
|
200E5A7F000
|
heap
|
page read and write
|
||
|
233CAA29000
|
heap
|
page read and write
|
||
|
F7F947C000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
233CA890000
|
heap
|
page read and write
|
||
|
21FE000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
372B6FE000
|
stack
|
page read and write
|
||
|
1A2AA46E000
|
heap
|
page read and write
|
||
|
233CAA02000
|
heap
|
page read and write
|
||
|
2CC01463000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
20193680000
|
heap
|
page read and write
|
||
|
1A340D30000
|
trusted library allocation
|
page read and write
|
||
|
1A340D30000
|
remote allocation
|
page read and write
|
||
|
2CC01457000
|
heap
|
page read and write
|
||
|
1493DFE000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340D30000
|
remote allocation
|
page read and write
|
||
|
1A33B66F000
|
heap
|
page read and write
|
||
|
1A340E3F000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
2CC01445000
|
heap
|
page read and write
|
||
|
1A2AA429000
|
heap
|
page read and write
|
||
|
233B562F000
|
heap
|
page read and write
|
||
|
20193629000
|
heap
|
page read and write
|
||
|
2F1959C5000
|
heap
|
page read and write
|
||
|
233B5600000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
233B55A0000
|
trusted library allocation
|
page read and write
|
||
|
200E58D0000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1493CFA000
|
stack
|
page read and write
|
||
|
1A2AA47A000
|
heap
|
page read and write
|
||
|
420000
|
trusted library allocation
|
page read and write
|
||
|
233CB1D0000
|
remote allocation
|
page read and write
|
||
|
414000
|
unkown
|
page readonly
|
||
|
1A33CA30000
|
trusted library allocation
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
1A33B690000
|
heap
|
page read and write
|
||
|
149407F000
|
stack
|
page read and write
|
||
|
4E0000
|
direct allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
2CC0146B000
|
heap
|
page read and write
|
||
|
EAD677F000
|
stack
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
200E5A89000
|
heap
|
page read and write
|
||
|
4F0000
|
trusted library allocation
|
page read and write
|
||
|
1A2AAC70000
|
trusted library allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
14943FB000
|
stack
|
page read and write
|
||
|
1493BFB000
|
stack
|
page read and write
|
||
|
2019364A000
|
heap
|
page read and write
|
||
|
24DBBBA0000
|
heap
|
page read and write
|
||
|
2019368A000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A33CA01000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
1A340F00000
|
heap
|
page read and write
|
||
|
2C7D000
|
stack
|
page read and write
|
||
|
1A2AA360000
|
heap
|
page read and write
|
||
|
1A33BE02000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2110000
|
heap
|
page read and write
|
||
|
1A2AA370000
|
heap
|
page read and write
|
||
|
EAD657F000
|
stack
|
page read and write
|
||
|
2F195A00000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
200E5A71000
|
heap
|
page read and write
|
||
|
233B5629000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
2140000
|
trusted library allocation
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
6F9367C000
|
stack
|
page read and write
|
||
|
2019367E000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page execute read
|
||
|
24DBBE29000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
233CA8A0000
|
heap
|
page read and write
|
||
|
149417E000
|
stack
|
page read and write
|
||
|
2F194F40000
|
trusted library allocation
|
page read and write
|
||
|
2CC01458000
|
heap
|
page read and write
|
||
|
1A33B600000
|
heap
|
page read and write
|
||
|
233B5602000
|
heap
|
page read and write
|
||
|
2F1959BD000
|
heap
|
page read and write
|
||
|
1A2AA43C000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340BD0000
|
trusted library allocation
|
page read and write
|
||
|
24DBBD00000
|
trusted library allocation
|
page read and write
|
||
|
14936FC000
|
stack
|
page read and write
|
||
|
B260FAB000
|
stack
|
page read and write
|
||
|
1A33B613000
|
heap
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
1A33BE15000
|
heap
|
page read and write
|
||
|
200E5860000
|
heap
|
page read and write
|
||
|
2F194F20000
|
trusted library allocation
|
page read and write
|
||
|
53D000
|
heap
|
page read and write
|
||
|
1A33BF00000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2F195076000
|
heap
|
page read and write
|
||
|
1A33B726000
|
heap
|
page read and write
|
||
|
1A340C10000
|
trusted library allocation
|
page read and write
|
||
|
2F195A02000
|
heap
|
page read and write
|
||
|
2F1951B9000
|
heap
|
page read and write
|
||
|
B2613FB000
|
stack
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
DC877FF000
|
stack
|
page read and write
|
||
|
20193560000
|
heap
|
page read and write
|
||
|
24DBBE60000
|
heap
|
page read and write
|
||
|
1A33BF18000
|
heap
|
page read and write
|
||
|
1A33BDB0000
|
trusted library section
|
page readonly
|
||
|
200E5A13000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
F7F907B000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
372BBFF000
|
stack
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
2F195029000
|
heap
|
page read and write
|
||
|
200E5870000
|
heap
|
page read and write
|
||
|
2F195902000
|
heap
|
page read and write
|
||
|
1A33B674000
|
heap
|
page read and write
|
||
|
200E5A58000
|
heap
|
page read and write
|
||
|
20193647000
|
heap
|
page read and write
|
||
|
1A33B657000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
200E5B13000
|
heap
|
page read and write
|
||
|
2F194E20000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2060000
|
direct allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2F195A30000
|
heap
|
page read and write
|
||
|
1A340E0E000
|
heap
|
page read and write
|
||
|
200E5A4C000
|
heap
|
page read and write
|
||
|
2F194DC0000
|
heap
|
page read and write
|
||
|
EAD5ABC000
|
stack
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2CC01300000
|
heap
|
page read and write
|
||
|
1A2AA500000
|
heap
|
page read and write
|
||
|
1A33B629000
|
heap
|
page read and write
|
||
|
B261677000
|
stack
|
page read and write
|
||
|
20194002000
|
trusted library allocation
|
page read and write
|
||
|
4E0000
|
direct allocation
|
page read and write
|
||
|
2F195922000
|
heap
|
page read and write
|
||
|
2CC01474000
|
heap
|
page read and write
|
||
|
1A2AA508000
|
heap
|
page read and write
|
||
|
2F195043000
|
heap
|
page read and write
|
||
|
24DBBF13000
|
heap
|
page read and write
|
||
|
2F195A23000
|
heap
|
page read and write
|
||
|
528000
|
heap
|
page read and write
|
||
|
2F195065000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page execute read
|
||
|
2CC01484000
|
heap
|
page read and write
|
||
|
2070000
|
trusted library allocation
|
page read and write
|
||
|
200E5A55000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2CC01475000
|
heap
|
page read and write
|
||
|
233CAA13000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
530000
|
direct allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
AC3E47E000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A33BDC0000
|
trusted library section
|
page readonly
|
||
|
1A33BF18000
|
heap
|
page read and write
|
||
|
2F195922000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
1A33B3D0000
|
heap
|
page read and write
|
||
|
2F19508B000
|
heap
|
page read and write
|
||
|
1A33CA20000
|
trusted library allocation
|
page read and write
|
||
|
1A340C00000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1A2AA457000
|
heap
|
page read and write
|
||
|
6F93C7C000
|
stack
|
page read and write
|
||
|
DC876FE000
|
stack
|
page read and write
|
||
|
1A340BD0000
|
trusted library allocation
|
page read and write
|
||
|
2F195A27000
|
heap
|
page read and write
|
||
|
DC875FE000
|
stack
|
page read and write
|
||
|
233B5450000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
53B000
|
heap
|
page read and write
|
||
|
2CC01429000
|
heap
|
page read and write
|
||
|
200E59D0000
|
trusted library allocation
|
page read and write
|
||
|
233CAA3C000
|
heap
|
page read and write
|
||
|
4F0000
|
direct allocation
|
page read and write
|
||
|
1A2AAE02000
|
trusted library allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
1A33BDE0000
|
trusted library section
|
page readonly
|
||
|
B26187E000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2210000
|
direct allocation
|
page execute and read and write
|
||
|
1493FFF000
|
stack
|
page read and write
|
||
|
6F93A77000
|
stack
|
page read and write
|
||
|
200E5A00000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2F19503C000
|
heap
|
page read and write
|
||
|
2170000
|
heap
|
page read and write
|
||
|
2CC0145F000
|
heap
|
page read and write
|
||
|
1A33BF13000
|
heap
|
page read and write
|
||
|
2F195090000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
233CB1D0000
|
remote allocation
|
page read and write
|
||
|
233B5649000
|
heap
|
page read and write
|
||
|
372B67B000
|
stack
|
page read and write
|
||
|
2CC01390000
|
trusted library allocation
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
33BE6FF000
|
stack
|
page read and write
|
||
|
2CC01465000
|
heap
|
page read and write
|
||
|
4C0000
|
direct allocation
|
page execute and read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
24DBBE02000
|
heap
|
page read and write
|
||
|
200E5A53000
|
heap
|
page read and write
|
||
|
2CC01432000
|
heap
|
page read and write
|
||
|
1A33BE00000
|
heap
|
page read and write
|
||
|
1A33B540000
|
trusted library section
|
page read and write
|
||
|
2CC0143B000
|
heap
|
page read and write
|
||
|
2019364D000
|
heap
|
page read and write
|
||
|
4C0000
|
direct allocation
|
page read and write
|
||
|
6F93B7F000
|
stack
|
page read and write
|
||
|
200E5B00000
|
heap
|
page read and write
|
||
|
1A2AA452000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page execute read
|
||
|
2CC01446000
|
heap
|
page read and write
|
||
|
33BDF9C000
|
stack
|
page read and write
|
||
|
20193670000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340D30000
|
remote allocation
|
page read and write
|
||
|
402000
|
unkown
|
page execute read
|
||
|
2070000
|
heap
|
page read and write
|
||
|
B26127E000
|
stack
|
page read and write
|
||
|
200E5A4E000
|
heap
|
page read and write
|
||
|
4E0000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
24DBBE13000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
2221000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
F7F937F000
|
stack
|
page read and write
|
||
|
24DBBB90000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
200E5A7D000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A33B3C0000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
4E0000
|
direct allocation
|
page read and write
|
||
|
33BE4F9000
|
stack
|
page read and write
|
||
|
414000
|
unkown
|
page readonly
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2F195943000
|
heap
|
page read and write
|
||
|
2CC0145C000
|
heap
|
page read and write
|
||
|
24DBBF02000
|
heap
|
page read and write
|
||
|
1A2AA48D000
|
heap
|
page read and write
|
||
|
2CC01413000
|
heap
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
2019363C000
|
heap
|
page read and write
|
||
|
1A33B702000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page execute read
|
||
|
2CC01479000
|
heap
|
page read and write
|
||
|
2CC01502000
|
heap
|
page read and write
|
||
|
4C0000
|
direct allocation
|
page read and write
|
||
|
DC8737E000
|
stack
|
page read and write
|
||
|
4C0000
|
direct allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1A33B69D000
|
heap
|
page read and write
|
||
|
1A2AA502000
|
heap
|
page read and write
|
||
|
14945FE000
|
stack
|
page read and write
|
||
|
AC3E5FF000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
4C0000
|
direct allocation
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
1A340BDE000
|
trusted library allocation
|
page read and write
|
||
|
21BE000
|
stack
|
page read and write
|
||
|
1493EFB000
|
stack
|
page read and write
|
||
|
233B5613000
|
heap
|
page read and write
|
||
|
1A33B530000
|
trusted library allocation
|
page read and write
|
||
|
1A33B430000
|
heap
|
page read and write
|
||
|
6F9377E000
|
stack
|
page read and write
|
||
|
20193550000
|
heap
|
page read and write
|
||
|
6F936FF000
|
stack
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
F7F96FA000
|
stack
|
page read and write
|
||
|
2CC01442000
|
heap
|
page read and write
|
||
|
24DBBE60000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
1A2AA513000
|
heap
|
page read and write
|
||
|
2CC01440000
|
heap
|
page read and write
|
||
|
1A340EF0000
|
heap
|
page read and write
|
||
|
2130000
|
direct allocation
|
page read and write
|
||
|
233CAA26000
|
heap
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
EAD637D000
|
stack
|
page read and write
|
||
|
233B54A0000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
372B9FE000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2227000
|
heap
|
page read and write
|
||
|
233CAA57000
|
heap
|
page read and write
|
||
|
1A340D00000
|
trusted library allocation
|
page read and write
|
||
|
1A340C00000
|
trusted library allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
4E0000
|
direct allocation
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
1A340CA0000
|
trusted library allocation
|
page read and write
|
||
|
201935F0000
|
trusted library allocation
|
page read and write
|
||
|
20193613000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page execute read
|
||
|
2221000
|
heap
|
page read and write
|
||
|
33BE3FE000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2CC0147E000
|
heap
|
page read and write
|
||
|
24DBBE00000
|
heap
|
page read and write
|
||
|
EAD667F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2221000
|
heap
|
page read and write
|
||
|
14942FE000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A33B69B000
|
heap
|
page read and write
|
||
|
1A33B642000
|
heap
|
page read and write
|
||
|
1A340E1F000
|
heap
|
page read and write
|
||
|
2CC01360000
|
heap
|
page read and write
|
||
|
DC872FE000
|
stack
|
page read and write
|
||
|
540000
|
direct allocation
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
F7F97FE000
|
stack
|
page read and write
|
||
|
200E5A29000
|
heap
|
page read and write
|
||
|
24DBBE6A000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page readonly
|
||
|
2221000
|
heap
|
page read and write
|
||
|
24DBBE70000
|
heap
|
page read and write
|
||
|
20193713000
|
heap
|
page read and write
|
||
|
1A340E64000
|
heap
|
page read and write
|
||
|
2CC0146A000
|
heap
|
page read and write
|
||
|
233CAB02000
|
heap
|
page read and write
|
||
|
1A33BF02000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
24DBBE5B000
|
heap
|
page read and write
|
||
|
2CC01464000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
2CC01E02000
|
trusted library allocation
|
page read and write
|
||
|
2CC01444000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
24DBBE76000
|
heap
|
page read and write
|
||
|
2F195900000
|
heap
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
14940FE000
|
stack
|
page read and write
|
||
|
24DBBC00000
|
heap
|
page read and write
|
||
|
275F000
|
stack
|
page read and write
|
||
|
B26147E000
|
stack
|
page read and write
|
||
|
285F000
|
stack
|
page read and write
|
||
|
2F1959B1000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
AC3E37C000
|
stack
|
page read and write
|
||
|
1A2AA3D0000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2CC01441000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2F19506C000
|
heap
|
page read and write
|
||
|
1A340F02000
|
heap
|
page read and write
|
||
|
2F1951E5000
|
heap
|
page read and write
|
||
|
1A2AA413000
|
heap
|
page read and write
|
||
|
1A33B677000
|
heap
|
page read and write
|
||
|
2ADF000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
1A33CA23000
|
trusted library allocation
|
page read and write
|
||
|
2F195013000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A2AA482000
|
heap
|
page read and write
|
||
|
2CC01462000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340D20000
|
trusted library allocation
|
page read and write
|
||
|
233CB202000
|
trusted library allocation
|
page read and write
|
||
|
2140000
|
direct allocation
|
page execute and read and write
|
||
|
B2612FE000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2F195078000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page readonly
|
||
|
2F195802000
|
heap
|
page read and write
|
||
|
DC8727C000
|
stack
|
page read and write
|
||
|
1A340C14000
|
trusted library allocation
|
page read and write
|
||
|
2F195000000
|
heap
|
page read and write
|
||
|
4F0000
|
direct allocation
|
page read and write
|
||
|
AC3E6FD000
|
stack
|
page read and write
|
||
|
1A340BD8000
|
trusted library allocation
|
page read and write
|
||
|
DC874FE000
|
stack
|
page read and write
|
||
|
201935C0000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
1A340EE8000
|
heap
|
page read and write
|
||
|
1A33B679000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2221000
|
heap
|
page read and write
|
||
|
372B97B000
|
stack
|
page read and write
|
||
|
2CC012F0000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A33B6FB000
|
heap
|
page read and write
|
||
|
200E6202000
|
trusted library allocation
|
page read and write
|
||
|
1A33B689000
|
heap
|
page read and write
|
||
|
233CAA00000
|
heap
|
page read and write
|
||
|
EAD647F000
|
stack
|
page read and write
|
||
|
2EE0000
|
direct allocation
|
page execute and read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
2F195086000
|
heap
|
page read and write
|
||
|
2CC01459000
|
heap
|
page read and write
|
||
|
2050000
|
direct allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1A340E4C000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
233B5656000
|
heap
|
page read and write
|
||
|
2EEB000
|
direct allocation
|
page execute and read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
F7F997F000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
569000
|
heap
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
1A340D10000
|
trusted library allocation
|
page read and write
|
||
|
1A33BDF0000
|
trusted library section
|
page readonly
|
||
|
200E5B02000
|
heap
|
page read and write
|
||
|
1A340E2D000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
526000
|
heap
|
page read and write
|
||
|
372B77E000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
4C0000
|
direct allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2259000
|
heap
|
page read and write
|
||
|
1A340A30000
|
trusted library allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2F194DB0000
|
heap
|
page read and write
|
||
|
1A340AB0000
|
trusted library allocation
|
page read and write
|
||
|
EAD687F000
|
stack
|
page read and write
|
||
|
AC3E2FF000
|
stack
|
page read and write
|
||
|
1A2AA44C000
|
heap
|
page read and write
|
||
|
AC3E57D000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
233B563E000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page readonly
|
||
|
EAD5EFB000
|
stack
|
page read and write
|
||
|
2F195091000
|
heap
|
page read and write
|
||
|
1A340EB9000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1A340E00000
|
heap
|
page read and write
|
||
|
4C0000
|
direct allocation
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
372BCFC000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
57B000
|
heap
|
page read and write
|
||
|
2D7A000
|
stack
|
page read and write
|
||
|
1A2AA400000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
233CA900000
|
heap
|
page read and write
|
||
|
1493F7F000
|
stack
|
page read and write
|
||
|
2F195954000
|
heap
|
page read and write
|
||
|
4E0000
|
direct allocation
|
page read and write
|
||
|
B26177E000
|
stack
|
page read and write
|
||
|
1A340BF0000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
trusted library allocation
|
page read and write
|
||
|
233B5E02000
|
trusted library allocation
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
1A340F0A000
|
heap
|
page read and write
|
||
|
233CB1D0000
|
remote allocation
|
page read and write
|
||
|
414000
|
unkown
|
page readonly
|
||
|
2221000
|
heap
|
page read and write
|
||
|
2CC0147B000
|
heap
|
page read and write
|
||
|
6F9397B000
|
stack
|
page read and write
|
||
|
6F93D7F000
|
stack
|
page read and write
|
There are 611 hidden memdumps, click here to show them.