Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
dlawt.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsq995B.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Algae62\plkkers\Reputation\network-cellular-4g-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Arbejdskraftproblemer\CoverEdCtrl.manifest
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (923), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Arbejdskraftproblemer\Lakridset.bmp
|
PC bitmap, Windows 3.x format, 72 x 399 x 24, image size 86184, cbSize 86238, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Bacin\Besjlings\network-wireless-connected-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Baggesen\audio-x-generic-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Baggesen\changes-prevent-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\dialog-information-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\drive-harddisk-solidstate-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\folder-download.png
|
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\folder-drag-accept-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\folder-visiting.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\format-text-bold-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\format-text-direction-symbolic-rtl.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\go-previous-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\idxcaption.xsl
|
exported SGML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\media-playback-stop-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\media-playlist-repeat.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Buyback\preguiltiness\Hydroxytryptamine\Forlben\mmapwarm.c
|
C source, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\Isdkkede\Charterrejsens\phone-apple-iphone-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\preferences-desktop-theme.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\text-x-generic.png
|
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\user-offline.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Begravedes\Viewer\Rammedes\view-wrapped-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 15 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\dlawt.exe
|
"C:\Users\user\Desktop\dlawt.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://sun.com/2000/XMLSearch
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://creativecommons.org/licenses/by-sa/4.0/
|
unknown
|
||
|
http://openoffice.org/2000/chart
|
unknown
|
||
|
http://openoffice.org/2000/style
|
unknown
|
||
|
http://openoffice.org/2000/help
|
unknown
|
||
|
http://openoffice.org/2000/table
|
unknown
|
||
|
http://jimmac.musichall.czif
|
unknown
|
||
|
http://openoffice.org/2000/drawing
|
unknown
|
||
|
http://openoffice.org/2000/meta
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://openoffice.org/2000/text
|
unknown
|
||
|
http://openoffice.org/2000/datastyle
|
unknown
|
||
|
http://mozilla.org/MPL/2.0/.
|
unknown
|
||
|
http://openoffice.org/2000/office
|
unknown
|
There are 5 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3208000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
1D673D36000
|
heap
|
page read and write
|
||
|
2203C64D000
|
heap
|
page read and write
|
||
|
5C8D27B000
|
stack
|
page read and write
|
||
|
1D6733A0000
|
trusted library allocation
|
page read and write
|
||
|
1D674140000
|
remote allocation
|
page read and write
|
||
|
492E99F000
|
stack
|
page read and write
|
||
|
1D673D00000
|
heap
|
page read and write
|
||
|
1D67344A000
|
heap
|
page read and write
|
||
|
1CD8CA43000
|
heap
|
page read and write
|
||
|
1D673C02000
|
heap
|
page read and write
|
||
|
1D6734E0000
|
heap
|
page read and write
|
||
|
1CD8D600000
|
heap
|
page read and write
|
||
|
2203C658000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
25732602000
|
trusted library allocation
|
page read and write
|
||
|
54ADAFF000
|
stack
|
page read and write
|
||
|
CB1C08B000
|
stack
|
page read and write
|
||
|
1CD8D343000
|
heap
|
page read and write
|
||
|
20DE25C0000
|
heap
|
page read and write
|
||
|
25731B50000
|
heap
|
page read and write
|
||
|
1D673D4E000
|
heap
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
2955000
|
trusted library allocation
|
page read and write
|
||
|
1CD8D630000
|
heap
|
page read and write
|
||
|
29A36DE0000
|
remote allocation
|
page read and write
|
||
|
54ADC79000
|
stack
|
page read and write
|
||
|
1D673429000
|
heap
|
page read and write
|
||
|
AB560FF000
|
stack
|
page read and write
|
||
|
2203C64C000
|
heap
|
page read and write
|
||
|
20DE286A000
|
heap
|
page read and write
|
||
|
492E91B000
|
stack
|
page read and write
|
||
|
1D673D5B000
|
heap
|
page read and write
|
||
|
20DE285A000
|
heap
|
page read and write
|
||
|
1D673D90000
|
heap
|
page read and write
|
||
|
1D673D5B000
|
heap
|
page read and write
|
||
|
CD2587B000
|
stack
|
page read and write
|
||
|
2203C700000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
2203C3A0000
|
heap
|
page read and write
|
||
|
1801A200000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1D673D92000
|
heap
|
page read and write
|
||
|
92DB87F000
|
stack
|
page read and write
|
||
|
28650913000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
1D673D45000
|
heap
|
page read and write
|
||
|
85C73FE000
|
stack
|
page read and write
|
||
|
28650828000
|
heap
|
page read and write
|
||
|
1B6C9FD000
|
stack
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
1D673DB2000
|
heap
|
page read and write
|
||
|
1B25F800000
|
heap
|
page read and write
|
||
|
2957000
|
trusted library allocation
|
page read and write
|
||
|
1CD8CA43000
|
heap
|
page read and write
|
||
|
2203C68F000
|
heap
|
page read and write
|
||
|
CB1C77E000
|
stack
|
page read and write
|
||
|
16F61013000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
1D673D27000
|
heap
|
page read and write
|
||
|
19420A0C000
|
heap
|
page read and write
|
||
|
92DB5FB000
|
stack
|
page read and write
|
||
|
16F61802000
|
heap
|
page read and write
|
||
|
1D6734D3000
|
heap
|
page read and write
|
||
|
20DE2863000
|
heap
|
page read and write
|
||
|
1D6734FA000
|
heap
|
page read and write
|
||
|
2955000
|
trusted library allocation
|
page read and write
|
||
|
1D674140000
|
remote allocation
|
page read and write
|
||
|
3AA2FF000
|
stack
|
page read and write
|
||
|
16F60DD0000
|
heap
|
page read and write
|
||
|
54AD9FB000
|
stack
|
page read and write
|
||
|
2203C670000
|
heap
|
page read and write
|
||
|
1D673D9A000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
25731AF0000
|
heap
|
page read and write
|
||
|
CB1C97C000
|
stack
|
page read and write
|
||
|
1CD8CBB9000
|
heap
|
page read and write
|
||
|
2504000
|
heap
|
page read and write
|
||
|
AB55EFE000
|
stack
|
page read and write
|
||
|
20DE2865000
|
heap
|
page read and write
|
||
|
B89A4FE000
|
stack
|
page read and write
|
||
|
28650813000
|
heap
|
page read and write
|
||
|
1D673D9E000
|
heap
|
page read and write
|
||
|
1CD8D602000
|
heap
|
page read and write
|
||
|
20DE287B000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
1D673D94000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
19420A0C000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
85C797F000
|
stack
|
page read and write
|
||
|
29A353C0000
|
trusted library allocation
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
2203C656000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
1D673413000
|
heap
|
page read and write
|
||
|
1D673D4E000
|
heap
|
page read and write
|
||
|
20DE286D000
|
heap
|
page read and write
|
||
|
608000
|
heap
|
page read and write
|
||
|
1801A302000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
2203C410000
|
heap
|
page read and write
|
||
|
85C78F7000
|
stack
|
page read and write
|
||
|
29A35500000
|
heap
|
page read and write
|
||
|
1D673D4E000
|
heap
|
page read and write
|
||
|
1CD8CA89000
|
heap
|
page read and write
|
||
|
CB1C67F000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
16F61000000
|
heap
|
page read and write
|
||
|
608000
|
heap
|
page read and write
|
||
|
1801AA02000
|
trusted library allocation
|
page read and write
|
||
|
1D6734EB000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
2954000
|
trusted library allocation
|
page read and write
|
||
|
25731C02000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
2203C600000
|
heap
|
page read and write
|
||
|
25731C13000
|
heap
|
page read and write
|
||
|
1801A202000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
1B6C7FE000
|
stack
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
2957000
|
trusted library allocation
|
page read and write
|
||
|
1CD8D3B1000
|
heap
|
page read and write
|
||
|
194209F8000
|
heap
|
page read and write
|
||
|
29A351C0000
|
heap
|
page read and write
|
||
|
20DE3002000
|
trusted library allocation
|
page read and write
|
||
|
1CDE2C46000
|
heap
|
page read and write
|
||
|
1D673513000
|
heap
|
page read and write
|
||
|
3AA57D000
|
stack
|
page read and write
|
||
|
1CD8CA75000
|
heap
|
page read and write
|
||
|
373D000
|
stack
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
20DE2867000
|
heap
|
page read and write
|
||
|
16F61029000
|
heap
|
page read and write
|
||
|
1D6734C6000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
19420A01000
|
heap
|
page read and write
|
||
|
1D673D8F000
|
heap
|
page read and write
|
||
|
AB557FB000
|
stack
|
page read and write
|
||
|
295D000
|
trusted library allocation
|
page read and write
|
||
|
1D6734B2000
|
heap
|
page read and write
|
||
|
1CD8CA58000
|
heap
|
page read and write
|
||
|
1D673240000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
1CD8C8B0000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
29A35461000
|
heap
|
page read and write
|
||
|
2203C702000
|
heap
|
page read and write
|
||
|
3A9BAB000
|
stack
|
page read and write
|
||
|
1801A21F000
|
heap
|
page read and write
|
||
|
1D673DA9000
|
heap
|
page read and write
|
||
|
1B25F650000
|
heap
|
page read and write
|
||
|
2957000
|
trusted library allocation
|
page read and write
|
||
|
25731C00000
|
heap
|
page read and write
|
||
|
54ADE7A000
|
stack
|
page read and write
|
||
|
20DE2877000
|
heap
|
page read and write
|
||
|
1B25F6B0000
|
heap
|
page read and write
|
||
|
3AA67E000
|
stack
|
page read and write
|
||
|
1D673D89000
|
heap
|
page read and write
|
||
|
1B6CA7E000
|
stack
|
page read and write
|
||
|
B89A1FE000
|
stack
|
page read and write
|
||
|
20DE2829000
|
heap
|
page read and write
|
||
|
492EC7F000
|
stack
|
page read and write
|
||
|
29A36DE0000
|
remote allocation
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
25731C29000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
B89A2FE000
|
stack
|
page read and write
|
||
|
1D673D4E000
|
heap
|
page read and write
|
||
|
1D673D6E000
|
heap
|
page read and write
|
||
|
1CD8CA00000
|
heap
|
page read and write
|
||
|
AB55DFF000
|
stack
|
page read and write
|
||
|
28650720000
|
heap
|
page read and write
|
||
|
2203C629000
|
heap
|
page read and write
|
||
|
1D6734BF000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
1801A110000
|
trusted library allocation
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
54AE07F000
|
stack
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
20DE2840000
|
heap
|
page read and write
|
||
|
2203CE02000
|
trusted library allocation
|
page read and write
|
||
|
1CD8D623000
|
heap
|
page read and write
|
||
|
241F000
|
stack
|
page read and write
|
||
|
1CDE2D08000
|
heap
|
page read and write
|
||
|
CB1CC7D000
|
stack
|
page read and write
|
||
|
3AA3FC000
|
stack
|
page read and write
|
||
|
1D673D27000
|
heap
|
page read and write
|
||
|
3F63D7F000
|
stack
|
page read and write
|
||
|
16F60E40000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
1D673D42000
|
heap
|
page read and write
|
||
|
1D673D1B000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
1D6734BF000
|
heap
|
page read and write
|
||
|
29A35518000
|
heap
|
page read and write
|
||
|
2203C63C000
|
heap
|
page read and write
|
||
|
5C8D67A000
|
stack
|
page read and write
|
||
|
1D673D9C000
|
heap
|
page read and write
|
||
|
25731C77000
|
heap
|
page read and write
|
||
|
2953000
|
trusted library allocation
|
page read and write
|
||
|
3F63BF9000
|
stack
|
page read and write
|
||
|
1D673D36000
|
heap
|
page read and write
|
||
|
1D673D1D000
|
heap
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
20DE284E000
|
heap
|
page read and write
|
||
|
5DC000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1D673D27000
|
heap
|
page read and write
|
||
|
2203C651000
|
heap
|
page read and write
|
||
|
85C7CFC000
|
stack
|
page read and write
|
||
|
1D673D8B000
|
heap
|
page read and write
|
||
|
29A35513000
|
heap
|
page read and write
|
||
|
1D673D8C000
|
heap
|
page read and write
|
||
|
1D673D9E000
|
heap
|
page read and write
|
||
|
1D673D1D000
|
heap
|
page read and write
|
||
|
1D673D85000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
3F63AFF000
|
stack
|
page read and write
|
||
|
20DE2826000
|
heap
|
page read and write
|
||
|
1CDE33C0000
|
trusted library allocation
|
page read and write
|
||
|
16F6107F000
|
heap
|
page read and write
|
||
|
85C737E000
|
stack
|
page read and write
|
||
|
1CDE2AB0000
|
heap
|
page read and write
|
||
|
1D673451000
|
heap
|
page read and write
|
||
|
1CD8D322000
|
heap
|
page read and write
|
||
|
1801A231000
|
heap
|
page read and write
|
||
|
1CDE3402000
|
trusted library allocation
|
page read and write
|
||
|
1B25F813000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
492EE7B000
|
stack
|
page read and write
|
||
|
2203C659000
|
heap
|
page read and write
|
||
|
1CD8CA70000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
20DE2630000
|
heap
|
page read and write
|
||
|
1D673D4E000
|
heap
|
page read and write
|
||
|
286507B0000
|
trusted library allocation
|
page read and write
|
||
|
1801A213000
|
heap
|
page read and write
|
||
|
85C72FC000
|
stack
|
page read and write
|
||
|
1B25F829000
|
heap
|
page read and write
|
||
|
1D673D4E000
|
heap
|
page read and write
|
||
|
1CDE2D13000
|
heap
|
page read and write
|
||
|
1CD8D36F000
|
heap
|
page read and write
|
||
|
2203C668000
|
heap
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
1D6734A8000
|
heap
|
page read and write
|
||
|
29A35413000
|
heap
|
page read and write
|
||
|
5C8D47E000
|
stack
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
295D000
|
trusted library allocation
|
page read and write
|
||
|
29A35400000
|
heap
|
page read and write
|
||
|
1D673D18000
|
heap
|
page read and write
|
||
|
92DB16E000
|
stack
|
page read and write
|
||
|
1CDE2D02000
|
heap
|
page read and write
|
||
|
1D673D36000
|
heap
|
page read and write
|
||
|
1D673D27000
|
heap
|
page read and write
|
||
|
1801A223000
|
heap
|
page read and write
|
||
|
1B6CCFE000
|
stack
|
page read and write
|
||
|
2203C510000
|
trusted library allocation
|
page read and write
|
||
|
1801A010000
|
heap
|
page read and write
|
||
|
AB55CFF000
|
stack
|
page read and write
|
||
|
28650802000
|
heap
|
page read and write
|
||
|
29A35448000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2203C653000
|
heap
|
page read and write
|
||
|
92DB0EC000
|
stack
|
page read and write
|
||
|
3A9FFC000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1D673D86000
|
heap
|
page read and write
|
||
|
1D673D93000
|
heap
|
page read and write
|
||
|
2500000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
1CD8D322000
|
heap
|
page read and write
|
||
|
29A35230000
|
heap
|
page read and write
|
||
|
28650864000
|
heap
|
page read and write
|
||
|
194209F9000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
19420A0C000
|
heap
|
page read and write
|
||
|
1CD8CA13000
|
heap
|
page read and write
|
||
|
19420A0F000
|
heap
|
page read and write
|
||
|
1B25F7B0000
|
trusted library allocation
|
page read and write
|
||
|
29A35458000
|
heap
|
page read and write
|
||
|
92DB97E000
|
stack
|
page read and write
|
||
|
54AD5BB000
|
stack
|
page read and write
|
||
|
6F561000
|
unkown
|
page execute read
|
||
|
1D673D4C000
|
heap
|
page read and write
|
||
|
3F63A7A000
|
stack
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
16F610CB000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
20DE2800000
|
heap
|
page read and write
|
||
|
1D673D8F000
|
heap
|
page read and write
|
||
|
2203C67B000
|
heap
|
page read and write
|
||
|
1B6CB7D000
|
stack
|
page read and write
|
||
|
1801A252000
|
heap
|
page read and write
|
||
|
20DE285C000
|
heap
|
page read and write
|
||
|
16F6106D000
|
heap
|
page read and write
|
||
|
194208E0000
|
heap
|
page read and write
|
||
|
1B6C77C000
|
stack
|
page read and write
|
||
|
1D673D91000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
16F6103E000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
AB558FF000
|
stack
|
page read and write
|
||
|
492F17F000
|
stack
|
page read and write
|
||
|
28650900000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
16F61088000
|
heap
|
page read and write
|
||
|
295A000
|
trusted library allocation
|
page read and write
|
||
|
19420C95000
|
heap
|
page read and write
|
||
|
2203C65A000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
295A000
|
trusted library allocation
|
page read and write
|
||
|
92DBA7E000
|
stack
|
page read and write
|
||
|
1801A229000
|
heap
|
page read and write
|
||
|
1D673481000
|
heap
|
page read and write
|
||
|
1D673D5C000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
1CD8CB8E000
|
heap
|
page read and write
|
||
|
1D673D8B000
|
heap
|
page read and write
|
||
|
1B25F640000
|
heap
|
page read and write
|
||
|
AB55FFE000
|
stack
|
page read and write
|
||
|
1D6734A7000
|
heap
|
page read and write
|
||
|
228E000
|
stack
|
page read and write
|
||
|
1D673D91000
|
heap
|
page read and write
|
||
|
16F60DE0000
|
heap
|
page read and write
|
||
|
1D673508000
|
heap
|
page read and write
|
||
|
1D674140000
|
remote allocation
|
page read and write
|
||
|
1D673D8B000
|
heap
|
page read and write
|
||
|
29A35330000
|
trusted library allocation
|
page read and write
|
||
|
1D673D67000
|
heap
|
page read and write
|
||
|
1CDE2C56000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
29A35458000
|
heap
|
page read and write
|
||
|
1CD8D302000
|
heap
|
page read and write
|
||
|
29A35402000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
1D673D85000
|
heap
|
page read and write
|
||
|
1CDE2C4C000
|
heap
|
page read and write
|
||
|
295D000
|
trusted library allocation
|
page read and write
|
||
|
1D673D6B000
|
heap
|
page read and write
|
||
|
20DE283B000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1CD8C8A0000
|
heap
|
page read and write
|
||
|
AB55BFD000
|
stack
|
page read and write
|
||
|
1CD8CA52000
|
heap
|
page read and write
|
||
|
1801A23A000
|
heap
|
page read and write
|
||
|
1D673D27000
|
heap
|
page read and write
|
||
|
19420C90000
|
heap
|
page read and write
|
||
|
1CD8CA29000
|
heap
|
page read and write
|
||
|
2316000
|
heap
|
page read and write
|
||
|
CD25A7F000
|
stack
|
page read and write
|
||
|
16F61113000
|
heap
|
page read and write
|
||
|
20DE285F000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1D673D91000
|
heap
|
page read and write
|
||
|
1D673D22000
|
heap
|
page read and write
|
||
|
16F610E3000
|
heap
|
page read and write
|
||
|
19420A12000
|
heap
|
page read and write
|
||
|
2203C649000
|
heap
|
page read and write
|
||
|
20DE2842000
|
heap
|
page read and write
|
||
|
1D6734E7000
|
heap
|
page read and write
|
||
|
CD2577B000
|
stack
|
page read and write
|
||
|
CD2547B000
|
stack
|
page read and write
|
||
|
3AA87E000
|
stack
|
page read and write
|
||
|
20DE2844000
|
heap
|
page read and write
|
||
|
85C7A7E000
|
stack
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
2203C648000
|
heap
|
page read and write
|
||
|
2203C655000
|
heap
|
page read and write
|
||
|
492F07F000
|
stack
|
page read and write
|
||
|
1D673D27000
|
heap
|
page read and write
|
||
|
29A3543D000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
20DE286B000
|
heap
|
page read and write
|
||
|
1B260002000
|
trusted library allocation
|
page read and write
|
||
|
AB553DC000
|
stack
|
page read and write
|
||
|
20DE287E000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
25731C5B000
|
heap
|
page read and write
|
||
|
1CDE2C13000
|
heap
|
page read and write
|
||
|
1B25F7E0000
|
remote allocation
|
page read and write
|
||
|
6F565000
|
unkown
|
page readonly
|
||
|
1D673D4E000
|
heap
|
page read and write
|
||
|
1CD8D613000
|
heap
|
page read and write
|
||
|
20DE2902000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
19420A01000
|
heap
|
page read and write
|
||
|
1D673D31000
|
heap
|
page read and write
|
||
|
28650780000
|
heap
|
page read and write
|
||
|
1CD8CB13000
|
heap
|
page read and write
|
||
|
1CDE2C86000
|
heap
|
page read and write
|
||
|
1CD8D1D0000
|
trusted library allocation
|
page read and write
|
||
|
1CDE2C4F000
|
heap
|
page read and write
|
||
|
1D673D5B000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19420A01000
|
heap
|
page read and write
|
||
|
3AA1FB000
|
stack
|
page read and write
|
||
|
54ADD7E000
|
stack
|
page read and write
|
||
|
20DE2856000
|
heap
|
page read and write
|
||
|
1CD8D627000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20DE287A000
|
heap
|
page read and write
|
||
|
1CD8CA92000
|
heap
|
page read and write
|
||
|
5C8D579000
|
stack
|
page read and write
|
||
|
1CDE2C52000
|
heap
|
page read and write
|
||
|
92DB6F7000
|
stack
|
page read and write
|
||
|
16F60F40000
|
trusted library allocation
|
page read and write
|
||
|
194209D0000
|
heap
|
page read and write
|
||
|
CD2597E000
|
stack
|
page read and write
|
||
|
20DE2857000
|
heap
|
page read and write
|
||
|
18019FB0000
|
heap
|
page read and write
|
||
|
29A35448000
|
heap
|
page read and write
|
||
|
194209E2000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1CD8C910000
|
heap
|
page read and write
|
||
|
28650800000
|
heap
|
page read and write
|
||
|
29A35502000
|
heap
|
page read and write
|
||
|
1D673D27000
|
heap
|
page read and write
|
||
|
29A35447000
|
heap
|
page read and write
|
||
|
1CD8CA3C000
|
heap
|
page read and write
|
||
|
1CDE2C7C000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
20DE2730000
|
trusted library allocation
|
page read and write
|
||
|
1CD8CBE5000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
28650868000
|
heap
|
page read and write
|
||
|
16F610BA000
|
heap
|
page read and write
|
||
|
25731C3D000
|
heap
|
page read and write
|
||
|
20DE2860000
|
heap
|
page read and write
|
||
|
1CDE2C53000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
6F560000
|
unkown
|
page readonly
|
||
|
AB559FB000
|
stack
|
page read and write
|
||
|
1D67344F000
|
heap
|
page read and write
|
||
|
3F63C7A000
|
stack
|
page read and write
|
||
|
18019FC0000
|
heap
|
page read and write
|
||
|
2203C668000
|
heap
|
page read and write
|
||
|
295B000
|
trusted library allocation
|
page read and write
|
||
|
1CD8D300000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
1D673DA3000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1CD8D354000
|
heap
|
page read and write
|
||
|
1801A258000
|
heap
|
page read and write
|
||
|
16F610EA000
|
heap
|
page read and write
|
||
|
295C000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
20DE2845000
|
heap
|
page read and write
|
||
|
20DE2858000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2203C3B0000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
B899D4B000
|
stack
|
page read and write
|
||
|
2203C685000
|
heap
|
page read and write
|
||
|
B89A17E000
|
stack
|
page read and write
|
||
|
1D673D85000
|
heap
|
page read and write
|
||
|
1D673D85000
|
heap
|
page read and write
|
||
|
85C7BFE000
|
stack
|
page read and write
|
||
|
19420A0F000
|
heap
|
page read and write
|
||
|
6F563000
|
unkown
|
page readonly
|
||
|
1CDE2B20000
|
heap
|
page read and write
|
||
|
25731D13000
|
heap
|
page read and write
|
||
|
16F61900000
|
heap
|
page read and write
|
||
|
1B25F7E0000
|
remote allocation
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
29A35471000
|
heap
|
page read and write
|
||
|
3F63B7F000
|
stack
|
page read and write
|
||
|
1D673D80000
|
heap
|
page read and write
|
||
|
1D6734B2000
|
heap
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
29A351D0000
|
heap
|
page read and write
|
||
|
16F61023000
|
heap
|
page read and write
|
||
|
1CD8CA86000
|
heap
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
194209E7000
|
heap
|
page read and write
|
||
|
1801A23C000
|
heap
|
page read and write
|
||
|
1D67344C000
|
heap
|
page read and write
|
||
|
1D673D5B000
|
heap
|
page read and write
|
||
|
2203C713000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
54ADBFB000
|
stack
|
page read and write
|
||
|
16F610C1000
|
heap
|
page read and write
|
||
|
1D673D74000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
1D6734EA000
|
heap
|
page read and write
|
||
|
1D673D1C000
|
heap
|
page read and write
|
||
|
1D673D85000
|
heap
|
page read and write
|
||
|
194207B0000
|
heap
|
page read and write
|
||
|
B89A3FE000
|
stack
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
1CDE2C70000
|
heap
|
page read and write
|
||
|
2203C650000
|
heap
|
page read and write
|
||
|
2865083C000
|
heap
|
page read and write
|
||
|
1B25F7E0000
|
remote allocation
|
page read and write
|
||
|
1D673D8C000
|
heap
|
page read and write
|
||
|
224E000
|
stack
|
page read and write
|
||
|
1D673D4C000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
20DE2832000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
3AA77C000
|
stack
|
page read and write
|
||
|
28650710000
|
heap
|
page read and write
|
||
|
194209DB000
|
heap
|
page read and write
|
||
|
1B25F802000
|
heap
|
page read and write
|
||
|
194209E6000
|
heap
|
page read and write
|
||
|
1D673D4C000
|
heap
|
page read and write
|
||
|
1CD8D1B0000
|
trusted library allocation
|
page read and write
|
||
|
492EF77000
|
stack
|
page read and write
|
||
|
16F61102000
|
heap
|
page read and write
|
||
|
28650879000
|
heap
|
page read and write
|
||
|
54ADF7F000
|
stack
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
29A36DE0000
|
remote allocation
|
page read and write
|
||
|
20DE25D0000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
1CDE2C2A000
|
heap
|
page read and write
|
||
|
25731B80000
|
trusted library allocation
|
page read and write
|
||
|
20DE2884000
|
heap
|
page read and write
|
||
|
CB1C87F000
|
stack
|
page read and write
|
||
|
1D673D8B000
|
heap
|
page read and write
|
||
|
1CD8CA90000
|
heap
|
page read and write
|
||
|
1D673D9C000
|
heap
|
page read and write
|
||
|
1CD8CA73000
|
heap
|
page read and write
|
||
|
1D673230000
|
heap
|
page read and write
|
||
|
1CDE2C3C000
|
heap
|
page read and write
|
||
|
2203C708000
|
heap
|
page read and write
|
||
|
2956000
|
trusted library allocation
|
page read and write
|
||
|
20DE2813000
|
heap
|
page read and write
|
||
|
85C7DF8000
|
stack
|
page read and write
|
||
|
1CD8D392000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
25731AE0000
|
heap
|
page read and write
|
||
|
16F610E8000
|
heap
|
page read and write
|
||
|
1D673D27000
|
heap
|
page read and write
|
||
|
1D673502000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
1CDE2C8C000
|
heap
|
page read and write
|
||
|
28651202000
|
trusted library allocation
|
page read and write
|
||
|
1CDE2AC0000
|
heap
|
page read and write
|
||
|
1B25F85C000
|
heap
|
page read and write
|
||
|
29A36E02000
|
trusted library allocation
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
1CD8D202000
|
heap
|
page read and write
|
||
|
85C7B78000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1D6732A0000
|
heap
|
page read and write
|
||
|
1D673D91000
|
heap
|
page read and write
|
||
|
29A3542A000
|
heap
|
page read and write
|
||
|
29A35350000
|
trusted library allocation
|
page read and write
|
||
|
19420900000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
20DE2848000
|
heap
|
page read and write
|
||
|
25731D02000
|
heap
|
page read and write
|
||
|
28650902000
|
heap
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
2956000
|
trusted library allocation
|
page read and write
|
||
|
3F63CFF000
|
stack
|
page read and write
|
||
|
1CD8D3C9000
|
heap
|
page read and write
|
||
|
28650857000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
29A35380000
|
trusted library allocation
|
page read and write
|
||
|
383E000
|
stack
|
page read and write
|
||
|
29A35457000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
19420A0F000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
B899DCE000
|
stack
|
page read and write
|
||
|
1D67343C000
|
heap
|
page read and write
|
||
|
1D673D5B000
|
heap
|
page read and write
|
||
|
2951000
|
trusted library allocation
|
page read and write
|
||
|
3A9F7F000
|
stack
|
page read and write
|
||
|
85C76FB000
|
stack
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
294F000
|
stack
|
page read and write
|
||
|
25731C67000
|
heap
|
page read and write
|
||
|
1CDE2C00000
|
heap
|
page read and write
|
||
|
1D673D48000
|
heap
|
page read and write
|
||
|
3AA47B000
|
stack
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
1CDE2D00000
|
heap
|
page read and write
|
||
|
CB1C4FD000
|
stack
|
page read and write
|
||
|
1D673D91000
|
heap
|
page read and write
|
||
|
2203C64E000
|
heap
|
page read and write
|
||
|
1D673462000
|
heap
|
page read and write
|
||
|
92DB77F000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
85C77F7000
|
stack
|
page read and write
|
||
|
20DE283D000
|
heap
|
page read and write
|
||
|
92DB1EE000
|
stack
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
2203C613000
|
heap
|
page read and write
|
||
|
1B25F840000
|
heap
|
page read and write
|
||
|
1B25F823000
|
heap
|
page read and write
|
||
|
1CD8CA7D000
|
heap
|
page read and write
|
||
|
CB1CA7C000
|
stack
|
page read and write
|
||
|
20DE2862000
|
heap
|
page read and write
|
||
|
1B6C28B000
|
stack
|
page read and write
|
||
|
1CD8D3BD000
|
heap
|
page read and write
|
||
|
1D673516000
|
heap
|
page read and write
|
||
|
54ADFFE000
|
stack
|
page read and write
|
||
|
25731C75000
|
heap
|
page read and write
|
||
|
1B25F902000
|
heap
|
page read and write
|
||
|
5C8D77F000
|
stack
|
page read and write
|
||
|
1D673400000
|
heap
|
page read and write
|
||
|
29A35489000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
There are 620 hidden memdumps, click here to show them.