Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
diatomaceous.dat.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\Desktop\diatomaceous.dat.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\diatomaceous.dat.dll"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\diatomaceous.dat.dll",#1
|
|
|
|
C:\Windows\SysWOW64\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\diatomaceous.dat.dll
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\diatomaceous.dat.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\diatomaceous.dat.dll,DllRegisterServer
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\diatomaceous.dat.dll,DllUnregisterServer
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
101366b1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
258cb6ff
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
27cd9683
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
9f71f1e6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
e279be6c
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
5ac5d909
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
9d30d19a
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
6f5a0947
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Ifwliuvmpg
|
101366b1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
b501c7c4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
809e178a
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
82df37f6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
3a635093
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
476b1f19
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
ffd7787c
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
382270ef
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
ca48a832
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
b501c7c4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Eaiaomldskz
|
b501c7c4
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
B90000
|
trusted library allocation
|
page read and write
|
|
|
|
4820000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
2CC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
730000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
1000000
|
system
|
page execute and read and write
|
|
|
|
400000
|
trusted library allocation
|
page read and write
|
|
|
|
E00000
|
system
|
page execute and read and write
|
|
|
|
E00000
|
system
|
page execute and read and write
|
|
|
|
E00000
|
system
|
page execute and read and write
|
|
|
|
E00000
|
system
|
page execute and read and write
|
|
|
|
24420660000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4E32000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
24420768000
|
heap
|
page read and write
|
||
|
3004000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
BBC000
|
stack
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
unkown
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
163F000
|
stack
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
6DAB3000
|
unkown
|
page read and write
|
||
|
244209F0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
4AE000
|
stack
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
49E1000
|
heap
|
page read and write
|
||
|
460BE7C000
|
stack
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
460C1FF000
|
stack
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
244206F0000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
2E04000
|
heap
|
page read and write
|
||
|
BBF000
|
stack
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
10C000
|
stack
|
page read and write
|
||
|
61CC000
|
trusted library allocation
|
page read and write
|
||
|
D4C000
|
stack
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
475F000
|
stack
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
14B000
|
stack
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
2E04000
|
heap
|
page read and write
|
||
|
6DA80000
|
unkown
|
page readonly
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
24420700000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
9FB000
|
stack
|
page read and write
|
||
|
47FF000
|
heap
|
page read and write
|
||
|
460C079000
|
stack
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
2E04000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
79B000
|
stack
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
remote allocation
|
page read and write
|
||
|
EDE000
|
unkown
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page read and write
|
||
|
4BA1000
|
trusted library allocation
|
page read and write
|
||
|
244207B4000
|
heap
|
page read and write
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
1030000
|
remote allocation
|
page read and write
|
||
|
6DA80000
|
unkown
|
page readonly
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
4C3F000
|
heap
|
page read and write
|
||
|
61CC000
|
trusted library allocation
|
page read and write
|
||
|
244215C0000
|
heap
|
page readonly
|
||
|
6DAD6000
|
unkown
|
page readonly
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
6DAB3000
|
unkown
|
page read and write
|
||
|
6DA81000
|
unkown
|
page execute read
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
BE0000
|
unkown
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4E32000
|
trusted library allocation
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
unkown
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
remote allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
24420760000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
BE0000
|
unkown
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
244207AC000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
244207B4000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
6CBE000
|
trusted library allocation
|
page read and write
|
||
|
6DAA4000
|
unkown
|
page readonly
|
||
|
24420A50000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
1B0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
trusted library allocation
|
page read and write
|
||
|
F7D000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
A84000
|
heap
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
83C000
|
stack
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
6DAB4000
|
unkown
|
page write copy
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
4C3F000
|
heap
|
page read and write
|
||
|
4E32000
|
trusted library allocation
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page execute and read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
4E32000
|
trusted library allocation
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
4D73000
|
trusted library allocation
|
page read and write
|
||
|
4D56000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
unkown
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
24420A30000
|
trusted library allocation
|
page read and write
|
||
|
4621000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
49E1000
|
heap
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
BE0000
|
unkown
|
page read and write
|
||
|
BAC000
|
stack
|
page read and write
|
||
|
4FD000
|
heap
|
page read and write
|
||
|
5411000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
67A1000
|
trusted library allocation
|
page read and write
|
||
|
2E04000
|
heap
|
page read and write
|
||
|
49BF000
|
heap
|
page read and write
|
||
|
24420680000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
67A7000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
6DAD4000
|
unkown
|
page read and write
|
||
|
B7D000
|
stack
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
300D000
|
heap
|
page read and write
|
||
|
24420520000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
4780000
|
heap
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
67AC000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
5AD9000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
24420A40000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
C2F000
|
heap
|
page read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
6DA81000
|
unkown
|
page execute read
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
A0000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
47FF000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4BA0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
EEF000
|
unkown
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
619C000
|
trusted library allocation
|
page read and write
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
C51000
|
heap
|
page read and write
|
||
|
244207BE000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
3011000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
87B000
|
stack
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4E32000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
61CC000
|
trusted library allocation
|
page read and write
|
||
|
6DAA4000
|
unkown
|
page readonly
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4D98000
|
trusted library allocation
|
page read and write
|
||
|
24420530000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
460BFFC000
|
stack
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
2E04000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
6CB3000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
49BF000
|
heap
|
page read and write
|
||
|
6DA81000
|
unkown
|
page execute read
|
||
|
B30000
|
heap
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
460C0FE000
|
stack
|
page read and write
|
||
|
244213B0000
|
trusted library allocation
|
page read and write
|
||
|
2E04000
|
heap
|
page read and write
|
||
|
980000
|
trusted library allocation
|
page read and write
|
||
|
6CB1000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4720000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
6DAD6000
|
unkown
|
page readonly
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
153F000
|
stack
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page read and write
|
||
|
4DAC000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
1030000
|
remote allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
C50000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
F18000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
75C000
|
stack
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
BE0000
|
unkown
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
unkown
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
67AD000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4860000
|
direct allocation
|
page execute and read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
unkown
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
49E0000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
6DA81000
|
unkown
|
page execute read
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
E9E000
|
unkown
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
6E0000
|
direct allocation
|
page execute and read and write
|
||
|
4D98000
|
trusted library allocation
|
page read and write
|
||
|
6DAD6000
|
unkown
|
page readonly
|
||
|
6DAD6000
|
unkown
|
page readonly
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
301B000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
C51000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
BF0000
|
remote allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
61CC000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
C2F000
|
heap
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
471E000
|
stack
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
unkown
|
page read and write
|
||
|
56BF000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
24420770000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
BE0000
|
unkown
|
page read and write
|
||
|
3004000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
B6C000
|
stack
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DA000
|
heap
|
page read and write
|
||
|
244207B4000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
3640000
|
trusted library allocation
|
page read and write
|
||
|
4DE1000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
24421630000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
BD0000
|
unkown
|
page read and write
|
||
|
67AE000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
61CC000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
4621000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
6CB4000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
BD0000
|
unkown
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4D98000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
6DF000
|
stack
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2DCA000
|
heap
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
5411000
|
heap
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
115F000
|
stack
|
page read and write
|
||
|
6DAB3000
|
unkown
|
page read and write
|
||
|
67A2000
|
trusted library allocation
|
page read and write
|
||
|
5411000
|
heap
|
page read and write
|
||
|
6DAA4000
|
unkown
|
page readonly
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
6DAA4000
|
unkown
|
page readonly
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
2E04000
|
heap
|
page read and write
|
||
|
2FDA000
|
heap
|
page read and write
|
||
|
61CC000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4D98000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page read and write
|
||
|
61CC000
|
trusted library allocation
|
page read and write
|
||
|
EAE000
|
unkown
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
5411000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
BE0000
|
remote allocation
|
page read and write
|
||
|
6DA80000
|
unkown
|
page readonly
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
6DA80000
|
unkown
|
page readonly
|
||
|
9BC000
|
stack
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
244215E0000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
remote allocation
|
page read and write
|
||
|
4D71000
|
trusted library allocation
|
page read and write
|
||
|
4E32000
|
trusted library allocation
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4B7F000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4B7F000
|
heap
|
page read and write
|
||
|
244215D0000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
heap
|
page read and write
|
||
|
4D7F000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page read and write
|
||
|
2E04000
|
heap
|
page read and write
|
||
|
5BDD000
|
trusted library allocation
|
page read and write
|
||
|
460C17A000
|
stack
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
67AA000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4D98000
|
trusted library allocation
|
page read and write
|
||
|
24420A49000
|
heap
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
6184000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
remote allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
C4F000
|
stack
|
page read and write
|
||
|
6DAB3000
|
unkown
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
6CB1000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
127B000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
24420A45000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
61CC000
|
trusted library allocation
|
page read and write
|
There are 611 hidden memdumps, click here to show them.