Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
En3ZIyuYdw.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\En3ZIyuYdw.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\En3ZIyuYdw.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\En3ZIyuYdw.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\En3ZIyuYdw.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LkpZARPPMYxrpnAus\oSMG.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\QkeveKELwVTIid\eYjpj.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\CVFdhpNOtsemq\TpsMttdDUpxciwO.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\Alnqcua\qiwFWDzKBdg.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\LkpZARPPMYxrpnAus\oSMG.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\RGgdaHRy\SOHUjYiDXi.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\En3ZIyuYdw.dll",#1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/E
|
unknown
|
||
|
https://172.105.115.71:8080/gumktuwcdwjgjgt/xmwkrcvtq/hnafdgsuhec/
|
unknown
|
||
|
https://172.105.115.71:8080/gumktuwcdwjgjgt/xmwkrcvtq/hnafdgsuhec/T
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
172.105.115.71
|
unknown
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
640000
|
direct allocation
|
page execute and read and write
|
|
|
|
1280000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E98A250000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
20D28BC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1E4C44E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1E98A387000
|
heap
|
page read and write
|
||
|
9F9000
|
stack
|
page read and write
|
||
|
7FFA0AEFE000
|
unkown
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
1E98A37F000
|
heap
|
page read and write
|
||
|
2488000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page readonly
|
||
|
11A9000
|
heap
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
2D11000
|
heap
|
page read and write
|
||
|
DE9000
|
heap
|
page read and write
|
||
|
2A50000
|
remote allocation
|
page read and write
|
||
|
2CF1000
|
heap
|
page read and write
|
||
|
2733000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
D79000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
717000
|
heap
|
page read and write
|
||
|
1FDF000
|
stack
|
page read and write
|
||
|
B9C000
|
heap
|
page read and write
|
||
|
7FFA0AF02000
|
unkown
|
page readonly
|
||
|
728000
|
heap
|
page read and write
|
||
|
1E98A220000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
20D28C1C000
|
heap
|
page read and write
|
||
|
20D28B50000
|
heap
|
page read and write
|
||
|
7FFA0AE80000
|
unkown
|
page readonly
|
||
|
1E98A367000
|
heap
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
12CFB7F000
|
stack
|
page read and write
|
||
|
914000
|
heap
|
page read and write
|
||
|
2A50000
|
remote allocation
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
2CF1000
|
heap
|
page read and write
|
||
|
B43000
|
heap
|
page read and write
|
||
|
12CFBFE000
|
stack
|
page read and write
|
||
|
7FFA0AF05000
|
unkown
|
page readonly
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
9E0000
|
remote allocation
|
page read and write
|
||
|
2D11000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
20DE000
|
stack
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
20D28C5A000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2A50000
|
remote allocation
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
705000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
26AD000
|
stack
|
page read and write
|
||
|
146D000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FFA0AF05000
|
unkown
|
page readonly
|
||
|
70E000
|
heap
|
page read and write
|
||
|
1E4C4568000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
1184000
|
heap
|
page read and write
|
||
|
6F7000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
7FFA0AE80000
|
unkown
|
page readonly
|
||
|
E12000
|
heap
|
page read and write
|
||
|
7FFA0AEB8000
|
unkown
|
page readonly
|
||
|
1E98A280000
|
direct allocation
|
page execute and read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
D4564FE000
|
stack
|
page read and write
|
||
|
2419000
|
heap
|
page read and write
|
||
|
61FF000
|
stack
|
page read and write
|
||
|
D455FEC000
|
stack
|
page read and write
|
||
|
20D28C48000
|
heap
|
page read and write
|
||
|
7FFA0AF05000
|
unkown
|
page readonly
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
97B000
|
heap
|
page read and write
|
||
|
11BB000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7FFA0AE81000
|
unkown
|
page execute read
|
||
|
8BE000
|
heap
|
page read and write
|
||
|
145F000
|
heap
|
page read and write
|
||
|
1635000
|
heap
|
page read and write
|
||
|
7FFA0AF05000
|
unkown
|
page readonly
|
||
|
DFB000
|
stack
|
page read and write
|
||
|
1E98A2D0000
|
trusted library allocation
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
2CC8000
|
heap
|
page read and write
|
||
|
1E4C4330000
|
heap
|
page read and write
|
||
|
20D28F80000
|
heap
|
page read and write
|
||
|
E12000
|
heap
|
page read and write
|
||
|
7FFA0AEFE000
|
unkown
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
20D28BF7000
|
heap
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
8E1000
|
heap
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
7FFA0AF07000
|
unkown
|
page readonly
|
||
|
210000
|
heap
|
page read and write
|
||
|
20D28AE0000
|
heap
|
page read and write
|
||
|
427EFC000
|
stack
|
page read and write
|
||
|
670000
|
direct allocation
|
page execute and read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
6F7000
|
heap
|
page read and write
|
||
|
1E4C45B9000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
D4562FE000
|
stack
|
page read and write
|
||
|
1E98A2A0000
|
heap
|
page read and write
|
||
|
1E4C4510000
|
direct allocation
|
page execute and read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
8DE000
|
heap
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
D45637E000
|
stack
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
118F000
|
heap
|
page read and write
|
||
|
1E4C5E00000
|
heap
|
page read and write
|
||
|
7FFA0AE80000
|
unkown
|
page readonly
|
||
|
1E98A3A1000
|
heap
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
73A000
|
heap
|
page read and write
|
||
|
7FFA0AF07000
|
unkown
|
page readonly
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
4282F9000
|
stack
|
page read and write
|
||
|
1186000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
98A000
|
heap
|
page read and write
|
||
|
880000
|
remote allocation
|
page read and write
|
||
|
1E4C5FD0000
|
trusted library allocation
|
page read and write
|
||
|
8B8D000
|
stack
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
DFF000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
205F000
|
stack
|
page read and write
|
||
|
7FFA0AE81000
|
unkown
|
page execute read
|
||
|
26C3000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
1E4C457F000
|
heap
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
20D2A780000
|
trusted library allocation
|
page read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
1E4C4520000
|
heap
|
page readonly
|
||
|
1E98A2F0000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
1E4C6030000
|
heap
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
1E98A36D000
|
heap
|
page read and write
|
||
|
717000
|
heap
|
page read and write
|
||
|
7FFA0AF07000
|
unkown
|
page readonly
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
1448000
|
heap
|
page read and write
|
||
|
1290000
|
remote allocation
|
page read and write
|
||
|
20D28F60000
|
heap
|
page readonly
|
||
|
690000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
1E4C45CB000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
98A000
|
heap
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
2492000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
7FFA0AEB8000
|
unkown
|
page readonly
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
7FFA0AE81000
|
unkown
|
page execute read
|
||
|
7FFA0AEFE000
|
unkown
|
page read and write
|
||
|
20D2A810000
|
heap
|
page read and write
|
||
|
698000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
1E98A3B3000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
1E98A353000
|
heap
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
880000
|
remote allocation
|
page read and write
|
||
|
1E4C45B4000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
8C09000
|
stack
|
page read and write
|
||
|
4281FE000
|
stack
|
page read and write
|
||
|
12CFA7C000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
12CFD7E000
|
stack
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
7FFA0AEB8000
|
unkown
|
page readonly
|
||
|
7FFA0AF07000
|
unkown
|
page readonly
|
||
|
1E98A2A5000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1E98BBE0000
|
heap
|
page read and write
|
||
|
2CC8000
|
heap
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
1E98A367000
|
heap
|
page read and write
|
||
|
20D28C20000
|
heap
|
page read and write
|
||
|
1E98A36B000
|
heap
|
page read and write
|
||
|
D2C000
|
heap
|
page read and write
|
||
|
20D28BF0000
|
heap
|
page read and write
|
||
|
D25000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
12B0000
|
direct allocation
|
page execute and read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
12CFAFF000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
8B0F000
|
stack
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
8BE000
|
heap
|
page read and write
|
||
|
6F7000
|
heap
|
page read and write
|
||
|
5B0000
|
remote allocation
|
page read and write
|
||
|
427FFF000
|
stack
|
page read and write
|
||
|
7FFA0AF02000
|
unkown
|
page readonly
|
||
|
D45647C000
|
stack
|
page read and write
|
||
|
974000
|
heap
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
8C8E000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
20D28C1F000
|
heap
|
page read and write
|
||
|
107C000
|
heap
|
page read and write
|
||
|
1E4C4490000
|
heap
|
page read and write
|
||
|
708000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
1075000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
7FFA0AEFE000
|
unkown
|
page read and write
|
||
|
12F5000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
270F000
|
stack
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
97D000
|
heap
|
page read and write
|
||
|
20D28C1C000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
74B000
|
heap
|
page read and write
|
||
|
1E4C4550000
|
heap
|
page read and write
|
||
|
C7A000
|
stack
|
page read and write
|
||
|
8BE000
|
heap
|
page read and write
|
||
|
1E98A2B0000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
D50000
|
heap
|
page read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
90D000
|
heap
|
page read and write
|
||
|
945000
|
heap
|
page read and write
|
||
|
6F7000
|
heap
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
146D000
|
heap
|
page read and write
|
||
|
1E98A340000
|
heap
|
page read and write
|
||
|
4280FF000
|
stack
|
page read and write
|
||
|
986000
|
heap
|
page read and write
|
||
|
7FFA0AEB8000
|
unkown
|
page readonly
|
||
|
7FFA0AF02000
|
unkown
|
page readonly
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
22B7000
|
stack
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
1E4C4590000
|
heap
|
page read and write
|
||
|
6F7000
|
heap
|
page read and write
|
||
|
20E0000
|
trusted library allocation
|
page read and write
|
||
|
DC8000
|
heap
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
D4563F7000
|
stack
|
page read and write
|
||
|
2B1F000
|
stack
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
E12000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
20D28F85000
|
heap
|
page read and write
|
||
|
7FFA0AF02000
|
unkown
|
page readonly
|
||
|
1200000
|
heap
|
page read and write
|
||
|
589000
|
stack
|
page read and write
|
||
|
7FFA0AE80000
|
unkown
|
page readonly
|
||
|
1167000
|
heap
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
1E98A290000
|
trusted library allocation
|
page read and write
|
||
|
7FFA0AEFE000
|
unkown
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
6F7000
|
heap
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
24DA000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
1E4C4470000
|
heap
|
page read and write
|
||
|
12CFC79000
|
stack
|
page read and write
|
||
|
2461000
|
heap
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
9E0000
|
remote allocation
|
page read and write
|
||
|
163C000
|
heap
|
page read and write
|
||
|
4283FE000
|
stack
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
1E4C45A5000
|
heap
|
page read and write
|
||
|
1E98A3A1000
|
heap
|
page read and write
|
||
|
20D28C17000
|
heap
|
page read and write
|
||
|
2E82000
|
heap
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
D45627F000
|
stack
|
page read and write
|
||
|
20D28B70000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
1E4C457F000
|
heap
|
page read and write
|
||
|
1E98A0E0000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
20D28C17000
|
heap
|
page read and write
|
||
|
97D000
|
heap
|
page read and write
|
||
|
20D28C48000
|
heap
|
page read and write
|
||
|
97B000
|
heap
|
page read and write
|
||
|
7FFA0AEB8000
|
unkown
|
page readonly
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
277B000
|
stack
|
page read and write
|
||
|
D58000
|
heap
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
20D28C0E000
|
heap
|
page read and write
|
||
|
958000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
7FFA0AF02000
|
unkown
|
page readonly
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
7FFA0AF05000
|
unkown
|
page readonly
|
||
|
98E000
|
heap
|
page read and write
|
||
|
7FFA0AE81000
|
unkown
|
page execute read
|
||
|
2CB000
|
stack
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page readonly
|
||
|
DED000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
C20000
|
remote allocation
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
1290000
|
remote allocation
|
page read and write
|
||
|
1E4C5E2C000
|
heap
|
page read and write
|
||
|
1E98A34D000
|
heap
|
page read and write
|
||
|
1E4C5FD0000
|
trusted library allocation
|
page read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
1E98A380000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFA0AF07000
|
unkown
|
page readonly
|
||
|
1E98BC0C000
|
heap
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
1476000
|
heap
|
page read and write
|
||
|
6200000
|
trusted library allocation
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
97B000
|
heap
|
page read and write
|
||
|
146D000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
1175000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1E4C4560000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
127A000
|
stack
|
page read and write
|
||
|
1E4C4555000
|
heap
|
page read and write
|
||
|
1E98A375000
|
heap
|
page read and write
|
||
|
617E000
|
stack
|
page read and write
|
||
|
97D000
|
heap
|
page read and write
|
||
|
20D2A5A0000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1E4C457F000
|
heap
|
page read and write
|
||
|
20D2A780000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
remote allocation
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
20D28C1F000
|
heap
|
page read and write
|
||
|
7FFA0AE80000
|
unkown
|
page readonly
|
||
|
20D2A5CC000
|
heap
|
page read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1E98A367000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
20D28C0E000
|
heap
|
page read and write
|
||
|
6C2000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
1E4C45B9000
|
heap
|
page read and write
|
||
|
7FFA0AE81000
|
unkown
|
page execute read
|
||
|
1186000
|
heap
|
page read and write
|
||
|
C20000
|
remote allocation
|
page read and write
|
||
|
240C000
|
heap
|
page read and write
|
||
|
12CFCFE000
|
stack
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
1E98A373000
|
heap
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
4380000
|
heap
|
page read and write
|
||
|
D45657C000
|
stack
|
page read and write
|
||
|
1E98BC0C000
|
heap
|
page read and write
|
||
|
20D28C28000
|
heap
|
page read and write
|
||
|
20D28F50000
|
direct allocation
|
page execute and read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
D8F000
|
heap
|
page read and write
|
||
|
1E4C45A9000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
There are 433 hidden memdumps, click here to show them.