Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
IVO2cpEukR.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\ipXroBUdMG\svcupdater.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
\Device\Mup\computer\PIPE\samr
|
GLS_BINARY_LSB_FIRST
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\IVO2cpEukR.exe
|
C:\Users\user\Desktop\IVO2cpEukR.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe "/C schtasks /create /tn \ipXroBUdMG /tr \"C:\Users\user\AppData\Roaming\ipXroBUdMG\svcupdater.exe\" /st 00:00 /du
9999:59 /sc once /ri 1 /f"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /create /tn \ipXroBUdMG /tr \"C:\Users\user\AppData\Roaming\ipXroBUdMG\svcupdater.exe\" /st 00:00 /du 9999:59 /sc
once /ri 1 /f"
|
|
|
|
C:\Users\user\AppData\Roaming\ipXroBUdMG\svcupdater.exe
|
C:\Users\user\AppData\Roaming\ipXroBUdMG\svcupdater.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://clipper.guru/bot/online?guid=computer\user&key=0f183cb4288647960d1c458ed8456bf6524ebfbc16ebc53caab66c2376fd0eef
|
45.159.189.115
|
||
|
http://clipper.guru/bot/online?guid=computer
|
unknown
|
||
|
http://clipper.guru/bot/regex?key=0f183cb4288647960d1c458ed8456bf6524ebfbc16ebc53caab66c2376fd0eef
|
45.159.189.115
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
clipper.guru
|
45.159.189.115
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.159.189.115
|
clipper.guru
|
Netherlands
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
C0001D0000
|
direct allocation
|
page read and write
|
||
|
2507AF13000
|
heap
|
page read and write
|
||
|
2507AD20000
|
heap
|
page read and write
|
||
|
2507BA30000
|
heap
|
page read and write
|
||
|
B7F55FF000
|
stack
|
page read and write
|
||
|
192FBAC0000
|
heap
|
page read and write
|
||
|
23E76FD0000
|
heap
|
page read and write
|
||
|
411E07D000
|
stack
|
page read and write
|
||
|
2507AF8E000
|
heap
|
page read and write
|
||
|
C00001B000
|
direct allocation
|
page read and write
|
||
|
23E7C4F5000
|
direct allocation
|
page read and write
|
||
|
2507B902000
|
heap
|
page read and write
|
||
|
23E77075000
|
heap
|
page read and write
|
||
|
28D55BF4000
|
direct allocation
|
page read and write
|
||
|
173A2813000
|
heap
|
page read and write
|
||
|
173A2918000
|
heap
|
page read and write
|
||
|
C0000E6000
|
direct allocation
|
page read and write
|
||
|
C00002A000
|
direct allocation
|
page read and write
|
||
|
C0000E2000
|
direct allocation
|
page read and write
|
||
|
C00019A000
|
direct allocation
|
page read and write
|
||
|
C0000DE000
|
direct allocation
|
page read and write
|
||
|
C000100000
|
direct allocation
|
page read and write
|
||
|
173A2720000
|
heap
|
page read and write
|
||
|
C00008E000
|
direct allocation
|
page read and write
|
||
|
C0001C2000
|
direct allocation
|
page read and write
|
||
|
1FDB6C3B000
|
heap
|
page read and write
|
||
|
1FDB6C29000
|
heap
|
page read and write
|
||
|
2507B802000
|
heap
|
page read and write
|
||
|
1FDB6C50000
|
heap
|
page read and write
|
||
|
28D5E9C000
|
stack
|
page read and write
|
||
|
18A51A02000
|
heap
|
page read and write
|
||
|
192FBC3E000
|
heap
|
page read and write
|
||
|
C0000AE000
|
direct allocation
|
page read and write
|
||
|
C000002000
|
direct allocation
|
page read and write
|
||
|
C000184000
|
direct allocation
|
page read and write
|
||
|
28D55E50000
|
direct allocation
|
page read and write
|
||
|
743000
|
unkown
|
page read and write
|
||
|
C000014000
|
direct allocation
|
page read and write
|
||
|
C0001BA000
|
direct allocation
|
page read and write
|
||
|
28D55B50000
|
heap
|
page read and write
|
||
|
1FDB6C4E000
|
heap
|
page read and write
|
||
|
DE8F1FE000
|
stack
|
page read and write
|
||
|
173A2858000
|
heap
|
page read and write
|
||
|
2507B96F000
|
heap
|
page read and write
|
||
|
C000014000
|
direct allocation
|
page read and write
|
||
|
23E7C4F0000
|
direct allocation
|
page read and write
|
||
|
DE8F3FF000
|
stack
|
page read and write
|
||
|
C00011A000
|
direct allocation
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
2507AE43000
|
heap
|
page read and write
|
||
|
C00018A000
|
direct allocation
|
page read and write
|
||
|
28D63F9000
|
stack
|
page read and write
|
||
|
C000084000
|
direct allocation
|
page read and write
|
||
|
DE8EBFD000
|
stack
|
page read and write
|
||
|
C000112000
|
direct allocation
|
page read and write
|
||
|
B405FFF000
|
stack
|
page read and write
|
||
|
252BBB00000
|
heap
|
page read and write
|
||
|
1FDB6C6D000
|
heap
|
page read and write
|
||
|
28D55BF9000
|
direct allocation
|
page read and write
|
||
|
C0001B0000
|
direct allocation
|
page read and write
|
||
|
1FDB6C75000
|
heap
|
page read and write
|
||
|
C0000F0000
|
direct allocation
|
page read and write
|
||
|
C000180000
|
direct allocation
|
page read and write
|
||
|
173A2880000
|
heap
|
page read and write
|
||
|
70E000
|
unkown
|
page write copy
|
||
|
18A51B02000
|
heap
|
page read and write
|
||
|
20C05A3F000
|
heap
|
page read and write
|
||
|
CE29DFE000
|
stack
|
page read and write
|
||
|
C000244000
|
direct allocation
|
page read and write
|
||
|
20C05A28000
|
heap
|
page read and write
|
||
|
1FDB6C13000
|
heap
|
page read and write
|
||
|
28D55E60000
|
direct allocation
|
page read and write
|
||
|
2507B900000
|
heap
|
page read and write
|
||
|
2507BA23000
|
heap
|
page read and write
|
||
|
697087F000
|
stack
|
page read and write
|
||
|
C000102000
|
direct allocation
|
page read and write
|
||
|
25FF123D000
|
heap
|
page read and write
|
||
|
C0001B0000
|
direct allocation
|
page read and write
|
||
|
1FDB6C4B000
|
heap
|
page read and write
|
||
|
192FBC50000
|
heap
|
page read and write
|
||
|
C000000000
|
direct allocation
|
page read and write
|
||
|
C000040000
|
direct allocation
|
page read and write
|
||
|
F635E7D000
|
stack
|
page read and write
|
||
|
C000184000
|
direct allocation
|
page read and write
|
||
|
173A2710000
|
heap
|
page read and write
|
||
|
252BB013000
|
heap
|
page read and write
|
||
|
173A2858000
|
heap
|
page read and write
|
||
|
C0000E0000
|
direct allocation
|
page read and write
|
||
|
C00008F000
|
direct allocation
|
page read and write
|
||
|
1FDB6C67000
|
heap
|
page read and write
|
||
|
2507AD80000
|
heap
|
page read and write
|
||
|
F635F7E000
|
stack
|
page read and write
|
||
|
6970BFF000
|
stack
|
page read and write
|
||
|
4FB000
|
unkown
|
page readonly
|
||
|
23E7E020000
|
direct allocation
|
page read and write
|
||
|
79E000
|
unkown
|
page write copy
|
||
|
1FDB6C61000
|
heap
|
page read and write
|
||
|
C000082000
|
direct allocation
|
page read and write
|
||
|
C000196000
|
direct allocation
|
page read and write
|
||
|
23E77255000
|
heap
|
page read and write
|
||
|
25FF1202000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
C000094000
|
direct allocation
|
page read and write
|
||
|
C0000C6000
|
direct allocation
|
page read and write
|
||
|
77D000
|
unkown
|
page write copy
|
||
|
C000200000
|
direct allocation
|
page read and write
|
||
|
C000054000
|
direct allocation
|
page read and write
|
||
|
C00012A000
|
direct allocation
|
page read and write
|
||
|
F2535FE000
|
stack
|
page read and write
|
||
|
1FDB6C60000
|
heap
|
page read and write
|
||
|
C0001D4000
|
direct allocation
|
page read and write
|
||
|
23E7C4FA000
|
direct allocation
|
page read and write
|
||
|
1FDB6C7B000
|
heap
|
page read and write
|
||
|
1FDB6C2E000
|
heap
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
192FC3C0000
|
trusted library allocation
|
page read and write
|
||
|
C000088000
|
direct allocation
|
page read and write
|
||
|
28D55E65000
|
direct allocation
|
page read and write
|
||
|
252BB029000
|
heap
|
page read and write
|
||
|
C000188000
|
direct allocation
|
page read and write
|
||
|
C000000000
|
direct allocation
|
page read and write
|
||
|
4130C7D000
|
stack
|
page read and write
|
||
|
F635B7C000
|
stack
|
page read and write
|
||
|
C0000EA000
|
direct allocation
|
page read and write
|
||
|
C00018C000
|
direct allocation
|
page read and write
|
||
|
252BB066000
|
heap
|
page read and write
|
||
|
18A51820000
|
heap
|
page read and write
|
||
|
C0001CC000
|
direct allocation
|
page read and write
|
||
|
C0000CE000
|
direct allocation
|
page read and write
|
||
|
80C000
|
unkown
|
page read and write
|
||
|
6970CFE000
|
stack
|
page read and write
|
||
|
C0001A0000
|
direct allocation
|
page read and write
|
||
|
C00001C000
|
direct allocation
|
page read and write
|
||
|
23E77086000
|
heap
|
page read and write
|
||
|
C000130000
|
direct allocation
|
page read and write
|
||
|
173A282A000
|
heap
|
page read and write
|
||
|
411DD7D000
|
stack
|
page read and write
|
||
|
77E000
|
unkown
|
page readonly
|
||
|
192FBC29000
|
heap
|
page read and write
|
||
|
1FDB6C41000
|
heap
|
page read and write
|
||
|
23E77260000
|
direct allocation
|
page read and write
|
||
|
1FDB6C64000
|
heap
|
page read and write
|
||
|
C000086000
|
direct allocation
|
page read and write
|
||
|
20C05A13000
|
heap
|
page read and write
|
||
|
C00011F000
|
direct allocation
|
page read and write
|
||
|
7D3000
|
unkown
|
page read and write
|
||
|
C00000E000
|
direct allocation
|
page read and write
|
||
|
F25347E000
|
stack
|
page read and write
|
||
|
411E47F000
|
stack
|
page read and write
|
||
|
C0000AA000
|
direct allocation
|
page read and write
|
||
|
2507AE91000
|
heap
|
page read and write
|
||
|
C000218000
|
direct allocation
|
page read and write
|
||
|
411DAFB000
|
stack
|
page read and write
|
||
|
F63597F000
|
stack
|
page read and write
|
||
|
B7F51FA000
|
stack
|
page read and write
|
||
|
18A51A5B000
|
heap
|
page read and write
|
||
|
C000198000
|
direct allocation
|
page read and write
|
||
|
192FBC00000
|
heap
|
page read and write
|
||
|
173A2913000
|
heap
|
page read and write
|
||
|
252BB03E000
|
heap
|
page read and write
|
||
|
C0000A6000
|
direct allocation
|
page read and write
|
||
|
C000160000
|
direct allocation
|
page read and write
|
||
|
25FF1140000
|
remote allocation
|
page read and write
|
||
|
173A2780000
|
heap
|
page read and write
|
||
|
173A2848000
|
heap
|
page read and write
|
||
|
C0000F4000
|
direct allocation
|
page read and write
|
||
|
C0000D0000
|
direct allocation
|
page read and write
|
||
|
2507AFE5000
|
heap
|
page read and write
|
||
|
28D55BF0000
|
direct allocation
|
page read and write
|
||
|
C0001B4000
|
direct allocation
|
page read and write
|
||
|
F635AFE000
|
stack
|
page read and write
|
||
|
C000080000
|
direct allocation
|
page read and write
|
||
|
173A4330000
|
remote allocation
|
page read and write
|
||
|
C0000FC000
|
direct allocation
|
page read and write
|
||
|
C0000E6000
|
direct allocation
|
page read and write
|
||
|
2507B992000
|
heap
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
252BAEE0000
|
heap
|
page read and write
|
||
|
C0000F6000
|
direct allocation
|
page read and write
|
||
|
697097B000
|
stack
|
page read and write
|
||
|
1FDB6C68000
|
heap
|
page read and write
|
||
|
C0001C6000
|
direct allocation
|
page read and write
|
||
|
C0001AE000
|
direct allocation
|
page read and write
|
||
|
6970D7F000
|
stack
|
page read and write
|
||
|
23E77269000
|
direct allocation
|
page read and write
|
||
|
23E76FE0000
|
direct allocation
|
page read and write
|
||
|
B7F4FFE000
|
stack
|
page read and write
|
||
|
77D000
|
unkown
|
page write copy
|
||
|
C000025000
|
direct allocation
|
page read and write
|
||
|
28D55EA5000
|
heap
|
page read and write
|
||
|
C0000B2000
|
direct allocation
|
page read and write
|
||
|
192FBC52000
|
heap
|
page read and write
|
||
|
1FDB73C0000
|
trusted library allocation
|
page read and write
|
||
|
192FC402000
|
trusted library allocation
|
page read and write
|
||
|
C0000C6000
|
direct allocation
|
page read and write
|
||
|
C0001A8000
|
direct allocation
|
page read and write
|
||
|
2507AE89000
|
heap
|
page read and write
|
||
|
192FBC2F000
|
heap
|
page read and write
|
||
|
C000228000
|
direct allocation
|
page read and write
|
||
|
28D55C40000
|
heap
|
page read and write
|
||
|
C000032000
|
direct allocation
|
page read and write
|
||
|
2507AE53000
|
heap
|
page read and write
|
||
|
173A27B0000
|
trusted library allocation
|
page read and write
|
||
|
C00009E000
|
direct allocation
|
page read and write
|
||
|
C000182000
|
direct allocation
|
page read and write
|
||
|
173A4402000
|
trusted library allocation
|
page read and write
|
||
|
1FDB6B20000
|
heap
|
page read and write
|
||
|
1FDB6D02000
|
heap
|
page read and write
|
||
|
6970AFA000
|
stack
|
page read and write
|
||
|
20C05A76000
|
heap
|
page read and write
|
||
|
20C05A02000
|
heap
|
page read and write
|
||
|
C0001AC000
|
direct allocation
|
page read and write
|
||
|
DE8EDFE000
|
stack
|
page read and write
|
||
|
252BB06E000
|
heap
|
page read and write
|
||
|
DE8F9FF000
|
stack
|
page read and write
|
||
|
C0000A0000
|
direct allocation
|
page read and write
|
||
|
C000086000
|
direct allocation
|
page read and write
|
||
|
291000
|
unkown
|
page execute read
|
||
|
192FBC13000
|
heap
|
page read and write
|
||
|
C00019A000
|
direct allocation
|
page read and write
|
||
|
C0000EE000
|
direct allocation
|
page read and write
|
||
|
F25377E000
|
stack
|
page read and write
|
||
|
2507AE6F000
|
heap
|
page read and write
|
||
|
778000
|
unkown
|
page read and write
|
||
|
C000002000
|
direct allocation
|
page read and write
|
||
|
18A51A77000
|
heap
|
page read and write
|
||
|
C0000B6000
|
direct allocation
|
page read and write
|
||
|
20C05A7B000
|
heap
|
page read and write
|
||
|
411DF7D000
|
stack
|
page read and write
|
||
|
C000125000
|
direct allocation
|
page read and write
|
||
|
C0000F6000
|
direct allocation
|
page read and write
|
||
|
C0000B8000
|
direct allocation
|
page read and write
|
||
|
20C05A6B000
|
heap
|
page read and write
|
||
|
2507BA13000
|
heap
|
page read and write
|
||
|
1FDB6AB0000
|
heap
|
page read and write
|
||
|
B7F4DFE000
|
stack
|
page read and write
|
||
|
C00009A000
|
direct allocation
|
page read and write
|
||
|
18A51A8C000
|
heap
|
page read and write
|
||
|
173A2800000
|
heap
|
page read and write
|
||
|
C000190000
|
direct allocation
|
page read and write
|
||
|
C000030000
|
direct allocation
|
page read and write
|
||
|
C0000C8000
|
direct allocation
|
page read and write
|
||
|
18A51A6C000
|
heap
|
page read and write
|
||
|
18A51B13000
|
heap
|
page read and write
|
||
|
173A2902000
|
heap
|
page read and write
|
||
|
C000194000
|
direct allocation
|
page read and write
|
||
|
20C06202000
|
trusted library allocation
|
page read and write
|
||
|
25FF1010000
|
heap
|
page read and write
|
||
|
C000012000
|
direct allocation
|
page read and write
|
||
|
25FF1A02000
|
trusted library allocation
|
page read and write
|
||
|
F63587F000
|
stack
|
page read and write
|
||
|
C000012000
|
direct allocation
|
page read and write
|
||
|
28D55EA0000
|
heap
|
page read and write
|
||
|
28D66FE000
|
stack
|
page read and write
|
||
|
C000048000
|
direct allocation
|
page read and write
|
||
|
290000
|
unkown
|
page readonly
|
||
|
2507B922000
|
heap
|
page read and write
|
||
|
C00008D000
|
direct allocation
|
page read and write
|
||
|
192FBC45000
|
heap
|
page read and write
|
||
|
F2532FF000
|
stack
|
page read and write
|
||
|
411D6AC000
|
stack
|
page read and write
|
||
|
704000
|
unkown
|
page write copy
|
||
|
4130B7C000
|
stack
|
page read and write
|
||
|
7D0000
|
unkown
|
page read and write
|
||
|
C0001C4000
|
direct allocation
|
page read and write
|
||
|
F25337E000
|
stack
|
page read and write
|
||
|
173A2857000
|
heap
|
page read and write
|
||
|
F2536FD000
|
stack
|
page read and write
|
||
|
28D65FF000
|
stack
|
page read and write
|
||
|
413097E000
|
stack
|
page read and write
|
||
|
1FDB6C84000
|
heap
|
page read and write
|
||
|
18A51A56000
|
heap
|
page read and write
|
||
|
411E17E000
|
stack
|
page read and write
|
||
|
2507BA27000
|
heap
|
page read and write
|
||
|
C0001C0000
|
direct allocation
|
page read and write
|
||
|
C000186000
|
direct allocation
|
page read and write
|
||
|
741000
|
unkown
|
page write copy
|
||
|
18A51A75000
|
heap
|
page read and write
|
||
|
80E000
|
unkown
|
page readonly
|
||
|
58B000
|
unkown
|
page readonly
|
||
|
23E7C3E0000
|
direct allocation
|
page read and write
|
||
|
173A2848000
|
heap
|
page read and write
|
||
|
C0000B8000
|
direct allocation
|
page read and write
|
||
|
411E57F000
|
stack
|
page read and write
|
||
|
1FDB6C47000
|
heap
|
page read and write
|
||
|
411E37F000
|
stack
|
page read and write
|
||
|
28D55E34000
|
direct allocation
|
page read and write
|
||
|
F25357D000
|
stack
|
page read and write
|
||
|
C0000B0000
|
direct allocation
|
page read and write
|
||
|
794000
|
unkown
|
page write copy
|
||
|
F635D7E000
|
stack
|
page read and write
|
||
|
252BB0BA000
|
heap
|
page read and write
|
||
|
1FDB6C42000
|
heap
|
page read and write
|
||
|
1FDB6C49000
|
heap
|
page read and write
|
||
|
23E77040000
|
heap
|
page read and write
|
||
|
C000070000
|
direct allocation
|
page read and write
|
||
|
23E77048000
|
heap
|
page read and write
|
||
|
2507AE79000
|
heap
|
page read and write
|
||
|
80D000
|
unkown
|
page write copy
|
||
|
C000010000
|
direct allocation
|
page read and write
|
||
|
252BB000000
|
heap
|
page read and write
|
||
|
18A51A65000
|
heap
|
page read and write
|
||
|
770000
|
unkown
|
page read and write
|
||
|
1FDB6C7E000
|
heap
|
page read and write
|
||
|
C0001BC000
|
direct allocation
|
page read and write
|
||
|
C00008B000
|
direct allocation
|
page read and write
|
||
|
C000046000
|
direct allocation
|
page read and write
|
||
|
C0000D8000
|
direct allocation
|
page read and write
|
||
|
CE29AFB000
|
stack
|
page read and write
|
||
|
321000
|
unkown
|
page execute read
|
||
|
704000
|
unkown
|
page read and write
|
||
|
20C05A57000
|
heap
|
page read and write
|
||
|
411DE7F000
|
stack
|
page read and write
|
||
|
173A2847000
|
heap
|
page read and write
|
||
|
173A4270000
|
trusted library allocation
|
page read and write
|
||
|
2507AE76000
|
heap
|
page read and write
|
||
|
23E77230000
|
heap
|
page read and write
|
||
|
1FDB6C46000
|
heap
|
page read and write
|
||
|
2507AFB9000
|
heap
|
page read and write
|
||
|
18A51A13000
|
heap
|
page read and write
|
||
|
C00008A000
|
direct allocation
|
page read and write
|
||
|
20C05820000
|
heap
|
page read and write
|
||
|
252BBB13000
|
heap
|
page read and write
|
||
|
252BB0C9000
|
heap
|
page read and write
|
||
|
411E27F000
|
stack
|
page read and write
|
||
|
23E77264000
|
direct allocation
|
page read and write
|
||
|
252BB113000
|
heap
|
page read and write
|
||
|
25FF1302000
|
heap
|
page read and write
|
||
|
18A52202000
|
trusted library allocation
|
page read and write
|
||
|
28D55E3C000
|
direct allocation
|
page read and write
|
||
|
4130A7E000
|
stack
|
page read and write
|
||
|
C00000E000
|
direct allocation
|
page read and write
|
||
|
4130E7C000
|
stack
|
page read and write
|
||
|
C0001B6000
|
direct allocation
|
page read and write
|
||
|
252BBB3A000
|
heap
|
page read and write
|
||
|
C0001A4000
|
direct allocation
|
page read and write
|
||
|
C0001BE000
|
direct allocation
|
page read and write
|
||
|
B405CFE000
|
stack
|
page read and write
|
||
|
192FBAD0000
|
heap
|
page read and write
|
||
|
73C000
|
unkown
|
page write copy
|
||
|
23E77250000
|
heap
|
page read and write
|
||
|
C0000E4000
|
direct allocation
|
page read and write
|
||
|
25FF0FA0000
|
heap
|
page read and write
|
||
|
C000092000
|
direct allocation
|
page read and write
|
||
|
7D1000
|
unkown
|
page write copy
|
||
|
2507BA00000
|
heap
|
page read and write
|
||
|
20C05B13000
|
heap
|
page read and write
|
||
|
697033B000
|
stack
|
page read and write
|
||
|
C000192000
|
direct allocation
|
page read and write
|
||
|
B405A7B000
|
stack
|
page read and write
|
||
|
C000090000
|
direct allocation
|
page read and write
|
||
|
C000138000
|
direct allocation
|
page read and write
|
||
|
69709F9000
|
stack
|
page read and write
|
||
|
18A51A41000
|
heap
|
page read and write
|
||
|
C0001B8000
|
direct allocation
|
page read and write
|
||
|
173A2842000
|
heap
|
page read and write
|
||
|
C0000A0000
|
direct allocation
|
page read and write
|
||
|
C000027000
|
direct allocation
|
page read and write
|
||
|
C000194000
|
direct allocation
|
page read and write
|
||
|
F635C7D000
|
stack
|
page read and write
|
||
|
77E000
|
unkown
|
page readonly
|
||
|
173A2900000
|
heap
|
page read and write
|
||
|
C000010000
|
direct allocation
|
page read and write
|
||
|
C0001C8000
|
direct allocation
|
page read and write
|
||
|
C0001A2000
|
direct allocation
|
page read and write
|
||
|
740000
|
unkown
|
page read and write
|
||
|
C0001DC000
|
direct allocation
|
page read and write
|
||
|
25FF1251000
|
heap
|
page read and write
|
||
|
C00012E000
|
direct allocation
|
page read and write
|
||
|
321000
|
unkown
|
page execute read
|
||
|
1FDB6C56000
|
heap
|
page read and write
|
||
|
C000035000
|
direct allocation
|
page read and write
|
||
|
4FB000
|
unkown
|
page readonly
|
||
|
18A51A8A000
|
heap
|
page read and write
|
||
|
2507ADD0000
|
trusted library allocation
|
page read and write
|
||
|
B7F4BFF000
|
stack
|
page read and write
|
||
|
291000
|
unkown
|
page execute read
|
||
|
1FDB6C6A000
|
heap
|
page read and write
|
||
|
C0000BA000
|
direct allocation
|
page read and write
|
||
|
1FDB6C2D000
|
heap
|
page read and write
|
||
|
28D55BFB000
|
direct allocation
|
page read and write
|
||
|
C000096000
|
direct allocation
|
page read and write
|
||
|
2507B954000
|
heap
|
page read and write
|
||
|
80E000
|
unkown
|
page readonly
|
||
|
C000084000
|
direct allocation
|
page read and write
|
||
|
2507AE5B000
|
heap
|
page read and write
|
||
|
2507AE92000
|
heap
|
page read and write
|
||
|
23E77210000
|
heap
|
page read and write
|
||
|
C000019000
|
direct allocation
|
page read and write
|
||
|
173A4330000
|
remote allocation
|
page read and write
|
||
|
1FDB6C00000
|
heap
|
page read and write
|
||
|
2507AE00000
|
heap
|
page read and write
|
||
|
2507ADB0000
|
trusted library allocation
|
page read and write
|
||
|
1FDB6C63000
|
heap
|
page read and write
|
||
|
C0000A2000
|
direct allocation
|
page read and write
|
||
|
C0001C4000
|
direct allocation
|
page read and write
|
||
|
C000123000
|
direct allocation
|
page read and write
|
||
|
2507BA02000
|
heap
|
page read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
C0000F2000
|
direct allocation
|
page read and write
|
||
|
C000025000
|
direct allocation
|
page read and write
|
||
|
C00018E000
|
direct allocation
|
page read and write
|
||
|
18A51A29000
|
heap
|
page read and write
|
||
|
C00006A000
|
direct allocation
|
page read and write
|
||
|
C0000E2000
|
direct allocation
|
page read and write
|
||
|
4130D7E000
|
stack
|
page read and write
|
||
|
18A51A00000
|
heap
|
page read and write
|
||
|
CE29CFB000
|
stack
|
page read and write
|
||
|
C000144000
|
direct allocation
|
page read and write
|
||
|
20C05980000
|
trusted library allocation
|
page read and write
|
||
|
1FDB6C6B000
|
heap
|
page read and write
|
||
|
173A27D0000
|
trusted library allocation
|
page read and write
|
||
|
B7F57FF000
|
stack
|
page read and write
|
||
|
1FDB6C48000
|
heap
|
page read and write
|
||
|
28D62FE000
|
stack
|
page read and write
|
||
|
C000027000
|
direct allocation
|
page read and write
|
||
|
25FF1200000
|
heap
|
page read and write
|
||
|
20C05B00000
|
heap
|
page read and write
|
||
|
C0000A8000
|
direct allocation
|
page read and write
|
||
|
2507AE13000
|
heap
|
page read and write
|
||
|
794000
|
unkown
|
page read and write
|
||
|
C00004E000
|
direct allocation
|
page read and write
|
||
|
1FDB6AC0000
|
heap
|
page read and write
|
||
|
C000198000
|
direct allocation
|
page read and write
|
||
|
252BB0CB000
|
heap
|
page read and write
|
||
|
C0000B6000
|
direct allocation
|
page read and write
|
||
|
1FDB6C44000
|
heap
|
page read and write
|
||
|
25FF1140000
|
remote allocation
|
page read and write
|
||
|
C00009E000
|
direct allocation
|
page read and write
|
||
|
73B000
|
unkown
|
page read and write
|
||
|
B405AFE000
|
stack
|
page read and write
|
||
|
173A2824000
|
heap
|
page read and write
|
||
|
C000036000
|
direct allocation
|
page read and write
|
||
|
F6359FC000
|
stack
|
page read and write
|
||
|
25FF0FB0000
|
heap
|
page read and write
|
||
|
C0000DA000
|
direct allocation
|
page read and write
|
||
|
CE295CC000
|
stack
|
page read and write
|
||
|
C0001A0000
|
direct allocation
|
page read and write
|
||
|
173A2862000
|
heap
|
page read and write
|
||
|
1FDB6C7A000
|
heap
|
page read and write
|
||
|
20C05B02000
|
heap
|
page read and write
|
||
|
C000192000
|
direct allocation
|
page read and write
|
||
|
2507B9CB000
|
heap
|
page read and write
|
||
|
C00000A000
|
direct allocation
|
page read and write
|
||
|
18A51990000
|
trusted library allocation
|
page read and write
|
||
|
20C05810000
|
heap
|
page read and write
|
||
|
41306FF000
|
stack
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
B405DFE000
|
stack
|
page read and write
|
||
|
C00012C000
|
direct allocation
|
page read and write
|
||
|
B7F45FA000
|
stack
|
page read and write
|
||
|
1FDB6C40000
|
heap
|
page read and write
|
||
|
C000020000
|
direct allocation
|
page read and write
|
||
|
1FDB6C45000
|
heap
|
page read and write
|
||
|
25FF1229000
|
heap
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
290000
|
unkown
|
page readonly
|
||
|
F6356FC000
|
stack
|
page read and write
|
||
|
808000
|
unkown
|
page read and write
|
||
|
C000020000
|
direct allocation
|
page read and write
|
||
|
DE8F7FF000
|
stack
|
page read and write
|
||
|
C00002A000
|
direct allocation
|
page read and write
|
||
|
252BAF70000
|
trusted library allocation
|
page read and write
|
||
|
C00018A000
|
direct allocation
|
page read and write
|
||
|
2507AE43000
|
heap
|
page read and write
|
||
|
1FDB6C3A000
|
heap
|
page read and write
|
||
|
C0000F0000
|
direct allocation
|
page read and write
|
||
|
25FF1110000
|
trusted library allocation
|
page read and write
|
||
|
25FF1213000
|
heap
|
page read and write
|
||
|
18A51830000
|
heap
|
page read and write
|
||
|
1FDB6C4F000
|
heap
|
page read and write
|
||
|
2507AE3C000
|
heap
|
page read and write
|
||
|
C000180000
|
direct allocation
|
page read and write
|
||
|
252BBA02000
|
heap
|
page read and write
|
||
|
18A51890000
|
heap
|
page read and write
|
||
|
C00018C000
|
direct allocation
|
page read and write
|
||
|
2507B9BD000
|
heap
|
page read and write
|
||
|
23E7707E000
|
heap
|
page read and write
|
||
|
C0000CB000
|
direct allocation
|
page read and write
|
||
|
2507B943000
|
heap
|
page read and write
|
||
|
1FDB6C39000
|
heap
|
page read and write
|
||
|
2507AD10000
|
heap
|
page read and write
|
||
|
2507B922000
|
heap
|
page read and write
|
||
|
B405EFE000
|
stack
|
page read and write
|
||
|
23E77083000
|
heap
|
page read and write
|
||
|
2507AE29000
|
heap
|
page read and write
|
||
|
23E7C3C0000
|
direct allocation
|
page read and write
|
||
|
192FBC02000
|
heap
|
page read and write
|
||
|
173A2889000
|
heap
|
page read and write
|
||
|
252BAF40000
|
heap
|
page read and write
|
||
|
C000150000
|
direct allocation
|
page read and write
|
||
|
28D55BB0000
|
heap
|
page read and write
|
||
|
B405B7E000
|
stack
|
page read and write
|
||
|
DE8F5FF000
|
stack
|
page read and write
|
||
|
1FDB6C30000
|
heap
|
page read and write
|
||
|
25FF1140000
|
remote allocation
|
page read and write
|
||
|
C000108000
|
direct allocation
|
page read and write
|
||
|
C000017000
|
direct allocation
|
page read and write
|
||
|
1FDB6C62000
|
heap
|
page read and write
|
||
|
173A4330000
|
remote allocation
|
page read and write
|
||
|
C000038000
|
direct allocation
|
page read and write
|
||
|
CE29BFE000
|
stack
|
page read and write
|
||
|
B7F53FE000
|
stack
|
page read and write
|
||
|
1FDB6C3D000
|
heap
|
page read and write
|
||
|
C0000E8000
|
direct allocation
|
page read and write
|
||
|
20C05A73000
|
heap
|
page read and write
|
||
|
C00003C000
|
direct allocation
|
page read and write
|
||
|
192FBC48000
|
heap
|
page read and write
|
||
|
1FDB6C77000
|
heap
|
page read and write
|
||
|
28D55BD0000
|
heap
|
page read and write
|
||
|
18A51A69000
|
heap
|
page read and write
|
||
|
C0001B4000
|
direct allocation
|
page read and write
|
||
|
697077A000
|
stack
|
page read and write
|
||
|
1FDB6C79000
|
heap
|
page read and write
|
||
|
C0000FC000
|
direct allocation
|
page read and write
|
||
|
C000052000
|
direct allocation
|
page read and write
|
||
|
2507AE56000
|
heap
|
page read and write
|
||
|
41302CB000
|
stack
|
page read and write
|
||
|
411DC7F000
|
stack
|
page read and write
|
||
|
C0001C0000
|
direct allocation
|
page read and write
|
||
|
28D55C4C000
|
heap
|
page read and write
|
||
|
2507B9B1000
|
heap
|
page read and write
|
||
|
C000098000
|
direct allocation
|
page read and write
|
||
|
C000068000
|
direct allocation
|
page read and write
|
||
|
173A42B0000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
unkown
|
page read and write
|
||
|
C000096000
|
direct allocation
|
page read and write
|
||
|
DE8EFFF000
|
stack
|
page read and write
|
||
|
6970DFE000
|
stack
|
page read and write
|
||
|
1FDB6C74000
|
heap
|
page read and write
|
||
|
80D000
|
unkown
|
page write copy
|
||
|
C000089000
|
direct allocation
|
page read and write
|
||
|
252BAED0000
|
heap
|
page read and write
|
||
|
58B000
|
unkown
|
page readonly
|
||
|
F25387D000
|
stack
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
C000148000
|
direct allocation
|
page read and write
|
||
|
C000092000
|
direct allocation
|
page read and write
|
||
|
C000100000
|
direct allocation
|
page read and write
|
||
|
2507AE84000
|
heap
|
page read and write
|
||
|
C0000A2000
|
direct allocation
|
page read and write
|
||
|
252BB102000
|
heap
|
page read and write
|
||
|
C000121000
|
direct allocation
|
page read and write
|
||
|
252BB0C1000
|
heap
|
page read and write
|
||
|
28D64FC000
|
stack
|
page read and write
|
||
|
28D55B60000
|
direct allocation
|
page read and write
|
||
|
C000182000
|
direct allocation
|
page read and write
|
||
|
20C05880000
|
heap
|
page read and write
|
||
|
252BB087000
|
heap
|
page read and write
|
||
|
C000196000
|
direct allocation
|
page read and write
|
||
|
C0000A6000
|
direct allocation
|
page read and write
|
||
|
C0001BC000
|
direct allocation
|
page read and write
|
||
|
1FDB6C65000
|
heap
|
page read and write
|
||
|
F6352FB000
|
stack
|
page read and write
|
||
|
20C05A00000
|
heap
|
page read and write
|
||
|
C000108000
|
direct allocation
|
page read and write
|
||
|
C000186000
|
direct allocation
|
page read and write
|
||
|
C0000D2000
|
direct allocation
|
page read and write
|
||
|
C00004A000
|
direct allocation
|
page read and write
|
||
|
252BB0E1000
|
heap
|
page read and write
|
||
|
C0000CA000
|
direct allocation
|
page read and write
|
||
|
28D55E30000
|
direct allocation
|
page read and write
|
||
|
192FBB20000
|
heap
|
page read and write
|
||
|
413087F000
|
stack
|
page read and write
|
||
|
192FBD02000
|
heap
|
page read and write
|
||
|
F25307B000
|
stack
|
page read and write
|
||
|
C00006C000
|
direct allocation
|
page read and write
|
||
|
C00018E000
|
direct allocation
|
page read and write
|
||
|
C000110000
|
direct allocation
|
page read and write
|
||
|
1FDB7402000
|
trusted library allocation
|
page read and write
|
There are 561 hidden memdumps, click here to show them.