Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
En3ZIyuYdw.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\En3ZIyuYdw.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\En3ZIyuYdw.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\En3ZIyuYdw.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\En3ZIyuYdw.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\RJsEQYV\DCGMIKhx.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\KkpTOJipNydtZ\ukztcGVtQBo.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HVTkRBUydWHs\wOpoKzU.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IASGzYkaksn\BFlBQr.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\RJsEQYV\DCGMIKhx.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\QYzAfBQRbM\CtOPL.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LkpZARPPMYxrpnAus\oSMG.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\QkeveKELwVTIid\eYjpj.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\CVFdhpNOtsemq\TpsMttdDUpxciwO.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\Alnqcua\qiwFWDzKBdg.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\LkpZARPPMYxrpnAus\oSMG.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\RGgdaHRy\SOHUjYiDXi.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\En3ZIyuYdw.dll",#1
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/lgtwttxoush/zjavbsyvuswch/zmcgteyprilxxwqk/
|
unknown
|
||
|
https://172.105.115.71:8080/E
|
unknown
|
||
|
https://172.105.115.71:8080/gumktuwcdwjgjgt/xmwkrcvtq/hnafdgsuhec/
|
unknown
|
||
|
https://172.105.115.71:8080/gumktuwcdwjgjgt/xmwkrcvtq/hnafdgsuhec/T
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
DCGMIKhx.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
20E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1F1B4D30000
|
direct allocation
|
page execute and read and write
|
|
|
|
20509D30000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2750000
|
direct allocation
|
page execute and read and write
|
|
|
|
2660000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1F592EC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2708000
|
heap
|
page read and write
|
||
|
2093000
|
heap
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
267C000
|
heap
|
page read and write
|
||
|
20508390000
|
heap
|
page read and write
|
||
|
E14000
|
heap
|
page read and write
|
||
|
DDD000
|
heap
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
205083BF000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
107A000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
2708000
|
heap
|
page read and write
|
||
|
7FFA0AEE7000
|
unkown
|
page readonly
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
864D000
|
stack
|
page read and write
|
||
|
7FFA0AE98000
|
unkown
|
page readonly
|
||
|
205083C4000
|
heap
|
page read and write
|
||
|
205083B7000
|
heap
|
page read and write
|
||
|
5E30000
|
heap
|
page read and write
|
||
|
1F1B336F000
|
heap
|
page read and write
|
||
|
7FFA0AEDE000
|
unkown
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2F59000
|
heap
|
page read and write
|
||
|
DDD000
|
heap
|
page read and write
|
||
|
C9F000
|
heap
|
page read and write
|
||
|
BE0000
|
remote allocation
|
page read and write
|
||
|
B0D1EF9000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
205083F2000
|
heap
|
page read and write
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
7FFA0AEDE000
|
unkown
|
page read and write
|
||
|
1086000
|
heap
|
page read and write
|
||
|
1F592DC3000
|
heap
|
page read and write
|
||
|
CAD000
|
heap
|
page read and write
|
||
|
E7D000
|
heap
|
page read and write
|
||
|
A54155C000
|
stack
|
page read and write
|
||
|
1F1B4D60000
|
direct allocation
|
page execute and read and write
|
||
|
205083D7000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
205083B7000
|
heap
|
page read and write
|
||
|
270B000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
7FFA0AEE5000
|
unkown
|
page readonly
|
||
|
E70000
|
heap
|
page read and write
|
||
|
C9F000
|
heap
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
E7D000
|
heap
|
page read and write
|
||
|
205083C4000
|
heap
|
page read and write
|
||
|
20508403000
|
heap
|
page read and write
|
||
|
DCB000
|
heap
|
page read and write
|
||
|
7FFA0AE98000
|
unkown
|
page readonly
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
47B000
|
stack
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
26F8000
|
heap
|
page read and write
|
||
|
7FFA0AE61000
|
unkown
|
page execute read
|
||
|
DD9000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
1F1B33A9000
|
heap
|
page read and write
|
||
|
1F1B3615000
|
heap
|
page read and write
|
||
|
1F592D77000
|
heap
|
page read and write
|
||
|
1F1B33C8000
|
heap
|
page read and write
|
||
|
10A1000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
2F0C000
|
stack
|
page read and write
|
||
|
2703000
|
heap
|
page read and write
|
||
|
B0D1FFF000
|
stack
|
page read and write
|
||
|
C18000
|
heap
|
page read and write
|
||
|
A541CFD000
|
stack
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
CAD000
|
heap
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
E17000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
E14000
|
heap
|
page read and write
|
||
|
164F57F000
|
stack
|
page read and write
|
||
|
7FFA0AEE7000
|
unkown
|
page readonly
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
255F000
|
stack
|
page read and write
|
||
|
12FC000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
61B0000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
E81000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
DCC000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
CA8000
|
heap
|
page read and write
|
||
|
108E000
|
heap
|
page read and write
|
||
|
1F592DBA000
|
heap
|
page read and write
|
||
|
E26000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
5FB000
|
heap
|
page read and write
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
E81000
|
heap
|
page read and write
|
||
|
DE3000
|
heap
|
page read and write
|
||
|
26AD000
|
stack
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
87CF000
|
stack
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
E82000
|
heap
|
page read and write
|
||
|
1F592EF0000
|
direct allocation
|
page execute and read and write
|
||
|
2880000
|
trusted library allocation
|
page read and write
|
||
|
7FFA0AE98000
|
unkown
|
page readonly
|
||
|
1F1B4E70000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
5D8000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
781000
|
heap
|
page read and write
|
||
|
D98000
|
heap
|
page read and write
|
||
|
7FFA0AEE7000
|
unkown
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1F1B33C8000
|
heap
|
page read and write
|
||
|
164F477000
|
stack
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
781000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
1075000
|
heap
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
DD9000
|
heap
|
page read and write
|
||
|
7FFA0AE60000
|
unkown
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2F38000
|
heap
|
page read and write
|
||
|
205083B7000
|
heap
|
page read and write
|
||
|
1FDF000
|
stack
|
page read and write
|
||
|
2229000
|
stack
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
1F1B3350000
|
heap
|
page read and write
|
||
|
DF8000
|
heap
|
page read and write
|
||
|
1F1B4C30000
|
heap
|
page read and write
|
||
|
164F4FE000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
1087000
|
heap
|
page read and write
|
||
|
C88000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
1F592DCE000
|
heap
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
2E0F000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
7FFA0AEE5000
|
unkown
|
page readonly
|
||
|
270B000
|
heap
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
2703000
|
heap
|
page read and write
|
||
|
1F592F40000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
1F1B4D70000
|
heap
|
page readonly
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
C41000
|
heap
|
page read and write
|
||
|
7FFA0AE98000
|
unkown
|
page readonly
|
||
|
A541AFE000
|
stack
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2C4C000
|
stack
|
page read and write
|
||
|
85C7000
|
stack
|
page read and write
|
||
|
3D0000
|
remote allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
1F592DC9000
|
heap
|
page read and write
|
||
|
1F1B33A9000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
7FFA0AEE7000
|
unkown
|
page readonly
|
||
|
7FFA0AEE2000
|
unkown
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page readonly
|
||
|
D80000
|
direct allocation
|
page execute and read and write
|
||
|
2CF0000
|
remote allocation
|
page read and write
|
||
|
874E000
|
stack
|
page read and write
|
||
|
205083BF000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
7FFA0AEDE000
|
unkown
|
page read and write
|
||
|
E7D000
|
heap
|
page read and write
|
||
|
7FFA0AE60000
|
unkown
|
page readonly
|
||
|
7FFA0AE98000
|
unkown
|
page readonly
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
C97000
|
heap
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
20509C5C000
|
heap
|
page read and write
|
||
|
884B000
|
stack
|
page read and write
|
||
|
7FFA0AEE7000
|
unkown
|
page readonly
|
||
|
1F592DDB000
|
heap
|
page read and write
|
||
|
BF5000
|
heap
|
page read and write
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
270B000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
1F592D70000
|
heap
|
page read and write
|
||
|
BC6000
|
heap
|
page read and write
|
||
|
2703000
|
heap
|
page read and write
|
||
|
7FFA0AEE7000
|
unkown
|
page readonly
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
7FFA0AE61000
|
unkown
|
page execute read
|
||
|
B0D1B3F000
|
stack
|
page read and write
|
||
|
C85000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
2703000
|
heap
|
page read and write
|
||
|
DFE000
|
heap
|
page read and write
|
||
|
577000
|
heap
|
page read and write
|
||
|
164F5FC000
|
stack
|
page read and write
|
||
|
10A9000
|
heap
|
page read and write
|
||
|
1F5948D0000
|
trusted library allocation
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
5CF000
|
heap
|
page read and write
|
||
|
1035000
|
heap
|
page read and write
|
||
|
1086000
|
heap
|
page read and write
|
||
|
2708000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
920000
|
remote allocation
|
page read and write
|
||
|
7FFA0AEE2000
|
unkown
|
page readonly
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
BE2000
|
heap
|
page read and write
|
||
|
7FFA0AEE5000
|
unkown
|
page readonly
|
||
|
1F1B3330000
|
heap
|
page read and write
|
||
|
E14000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
107E000
|
heap
|
page read and write
|
||
|
1F1B3359000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
205083A3000
|
heap
|
page read and write
|
||
|
C95000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
7FFA0AE60000
|
unkown
|
page readonly
|
||
|
A00000
|
heap
|
page read and write
|
||
|
262E000
|
stack
|
page read and write
|
||
|
A5418FE000
|
stack
|
page read and write
|
||
|
739000
|
stack
|
page read and write
|
||
|
74F000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
E14000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page readonly
|
||
|
7FFA0AE98000
|
unkown
|
page readonly
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
1086000
|
heap
|
page read and write
|
||
|
2CF0000
|
remote allocation
|
page read and write
|
||
|
54B000
|
heap
|
page read and write
|
||
|
E1A000
|
heap
|
page read and write
|
||
|
7FFA0AE60000
|
unkown
|
page readonly
|
||
|
A541BF9000
|
stack
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
107E000
|
heap
|
page read and write
|
||
|
1075000
|
heap
|
page read and write
|
||
|
1F592C10000
|
heap
|
page read and write
|
||
|
1F1B31D0000
|
heap
|
page read and write
|
||
|
205083C5000
|
heap
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1F1B337B000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
1F592DA0000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
107E000
|
heap
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
1F1B4C5C000
|
heap
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page read and write
|
||
|
1F592D8F000
|
heap
|
page read and write
|
||
|
2689000
|
heap
|
page read and write
|
||
|
20508360000
|
heap
|
page read and write
|
||
|
7FFA0AE60000
|
unkown
|
page readonly
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
781000
|
heap
|
page read and write
|
||
|
760000
|
remote allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
E7D000
|
heap
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
7FFA0AE60000
|
unkown
|
page readonly
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
287B000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1086000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
20509EE0000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
1F592DC9000
|
heap
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
E5F000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
1F1B4E70000
|
trusted library allocation
|
page read and write
|
||
|
790000
|
trusted library allocation
|
page read and write
|
||
|
BE1000
|
heap
|
page read and write
|
||
|
B0D1E7E000
|
stack
|
page read and write
|
||
|
24C0000
|
heap
|
page readonly
|
||
|
205083CC000
|
heap
|
page read and write
|
||
|
20509EE5000
|
heap
|
page read and write
|
||
|
7FFA0AEE5000
|
unkown
|
page readonly
|
||
|
7FFA0AEDE000
|
unkown
|
page read and write
|
||
|
1F1B33EB000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
2880000
|
trusted library allocation
|
page read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
E01000
|
heap
|
page read and write
|
||
|
205083C6000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
DCF000
|
heap
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
7FFA0AEDE000
|
unkown
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
205E000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
B0D1F7E000
|
stack
|
page read and write
|
||
|
164F27E000
|
stack
|
page read and write
|
||
|
BBA000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
1F1B3610000
|
heap
|
page read and write
|
||
|
1F1B33A9000
|
heap
|
page read and write
|
||
|
573000
|
heap
|
page read and write
|
||
|
1F594710000
|
heap
|
page read and write
|
||
|
205083BB000
|
heap
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
20509D70000
|
heap
|
page read and write
|
||
|
BC6000
|
heap
|
page read and write
|
||
|
DCF000
|
heap
|
page read and write
|
||
|
DD7000
|
heap
|
page read and write
|
||
|
3D0000
|
remote allocation
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
1F592DB6000
|
heap
|
page read and write
|
||
|
DDE000
|
heap
|
page read and write
|
||
|
20509D90000
|
trusted library allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
DF8000
|
heap
|
page read and write
|
||
|
1FE0000
|
heap
|
page read and write
|
||
|
1F1B33C6000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
1F1B33A9000
|
heap
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
E82000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
854E000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
5C4000
|
heap
|
page read and write
|
||
|
DDD000
|
heap
|
page read and write
|
||
|
1F1B33A9000
|
heap
|
page read and write
|
||
|
1F59473C000
|
heap
|
page read and write
|
||
|
1F592E70000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
2F81000
|
heap
|
page read and write
|
||
|
2650000
|
heap
|
page read and write
|
||
|
7FFA0AE61000
|
unkown
|
page execute read
|
||
|
1F592D50000
|
heap
|
page read and write
|
||
|
1F1B33BF000
|
heap
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
7FFA0AEE2000
|
unkown
|
page readonly
|
||
|
20508220000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
E01000
|
heap
|
page read and write
|
||
|
20509D60000
|
direct allocation
|
page execute and read and write
|
||
|
24B0000
|
direct allocation
|
page execute and read and write
|
||
|
920000
|
remote allocation
|
page read and write
|
||
|
1F592F60000
|
heap
|
page read and write
|
||
|
760000
|
remote allocation
|
page read and write
|
||
|
7FFA0AEE2000
|
unkown
|
page readonly
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
DFC000
|
heap
|
page read and write
|
||
|
2708000
|
heap
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
21AE000
|
stack
|
page read and write
|
||
|
1F1B3376000
|
heap
|
page read and write
|
||
|
164F2FF000
|
stack
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
311F000
|
heap
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
1F592DA3000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
2F11000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1F592D8F000
|
heap
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
CBA000
|
heap
|
page read and write
|
||
|
2050839D000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
1F594960000
|
heap
|
page read and write
|
||
|
1F1B33B7000
|
heap
|
page read and write
|
||
|
E82000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
7FFA0AEE5000
|
unkown
|
page readonly
|
||
|
164F3FC000
|
stack
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
1F1B3310000
|
heap
|
page read and write
|
||
|
5E9000
|
heap
|
page read and write
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
B0D1ABC000
|
stack
|
page read and write
|
||
|
3DAE000
|
stack
|
page read and write
|
||
|
205083C7000
|
heap
|
page read and write
|
||
|
E7A000
|
stack
|
page read and write
|
||
|
1F1B33DA000
|
heap
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
1F592DE4000
|
heap
|
page read and write
|
||
|
DE8000
|
heap
|
page read and write
|
||
|
164EFDC000
|
stack
|
page read and write
|
||
|
DCF000
|
heap
|
page read and write
|
||
|
1F1B3389000
|
heap
|
page read and write
|
||
|
E82000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
C88000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
26F8000
|
heap
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
10A2000
|
heap
|
page read and write
|
||
|
20509C30000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
7FFA0AEDE000
|
unkown
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
DDD000
|
heap
|
page read and write
|
||
|
1F592D8F000
|
heap
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
1F592F00000
|
heap
|
page readonly
|
||
|
DD9000
|
heap
|
page read and write
|
||
|
20509C5C000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
5CC0000
|
heap
|
page read and write
|
||
|
781000
|
heap
|
page read and write
|
||
|
AD0000
|
remote allocation
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
E0A000
|
heap
|
page read and write
|
||
|
B9A000
|
heap
|
page read and write
|
||
|
7FFA0AEE2000
|
unkown
|
page readonly
|
||
|
AD0000
|
remote allocation
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
20509D90000
|
trusted library allocation
|
page read and write
|
||
|
7FFA0AE61000
|
unkown
|
page execute read
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
86CE000
|
stack
|
page read and write
|
||
|
1F1B33D1000
|
heap
|
page read and write
|
||
|
DD9000
|
heap
|
page read and write
|
||
|
C97000
|
heap
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
5D8000
|
heap
|
page read and write
|
||
|
E14000
|
heap
|
page read and write
|
||
|
A9B000
|
stack
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
7FFA0AE61000
|
unkown
|
page execute read
|
||
|
520000
|
direct allocation
|
page execute and read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1F1B4F90000
|
heap
|
page read and write
|
||
|
DDD000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
3AA000
|
stack
|
page read and write
|
||
|
164F37F000
|
stack
|
page read and write
|
||
|
2CF0000
|
remote allocation
|
page read and write
|
||
|
107E000
|
heap
|
page read and write
|
||
|
1F592F65000
|
heap
|
page read and write
|
||
|
2CCC000
|
stack
|
page read and write
|
||
|
20509E30000
|
heap
|
page read and write
|
||
|
7FFA0AEE2000
|
unkown
|
page readonly
|
||
|
CAD000
|
heap
|
page read and write
|
||
|
E01000
|
heap
|
page read and write
|
||
|
7FFA0AEE5000
|
unkown
|
page readonly
|
||
|
738000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
E65000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
205083F2000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
AB9000
|
stack
|
page read and write
|
||
|
BE0000
|
remote allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
CA8000
|
heap
|
page read and write
|
||
|
2D7B000
|
stack
|
page read and write
|
||
|
CCB000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
A5419FE000
|
stack
|
page read and write
|
||
|
C69000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
270B000
|
heap
|
page read and write
|
||
|
7FFA0AE61000
|
unkown
|
page execute read
|
||
|
E75000
|
heap
|
page read and write
|
||
|
12F5000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1058000
|
heap
|
page read and write
|
||
|
B0D1BBE000
|
stack
|
page read and write
|
||
|
1F1B33BA000
|
heap
|
page read and write
|
There are 528 hidden memdumps, click here to show them.