Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
U9M1w8FHBW.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\U9M1w8FHBW.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\U9M1w8FHBW.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\U9M1w8FHBW.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\U9M1w8FHBW.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\DChihhZAEIop\NZICbhYKmnAVT.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\YKYTbOgY\pyluVjQOzYMsbAJk.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\DahdrCXRHjoqlqPu\vvcfbAnuZpuTsj.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\AvyZUmIIeGJLvcye\aPdTkvBLdrznCXG.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\DChihhZAEIop\NZICbhYKmnAVT.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\OQOuTpy\WqdnfVdfYCxIlc.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\U9M1w8FHBW.dll",#1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/cwaajpktaow/wluuqgbutatftfws/jndwc/hjilgypgsuce/
|
unknown
|
||
|
https://172.105.115.71:8080/s.dll6
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
NZICbhYKmnAVT.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1040000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2080000
|
direct allocation
|
page execute and read and write
|
|
|
|
188495D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2A683620000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2735FB40000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1106000
|
heap
|
page read and write
|
||
|
12D0000
|
remote allocation
|
page read and write
|
||
|
18181B70000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
1249EC60000
|
heap
|
page read and write
|
||
|
1CA61040000
|
heap
|
page read and write
|
||
|
180F89D0000
|
trusted library allocation
|
page read and write
|
||
|
10CC000
|
heap
|
page read and write
|
||
|
18847B99000
|
heap
|
page read and write
|
||
|
1249EE56000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
2B4A000
|
heap
|
page read and write
|
||
|
7FFD146DE000
|
unkown
|
page read and write
|
||
|
50F000
|
heap
|
page read and write
|
||
|
7FFD146E2000
|
unkown
|
page readonly
|
||
|
1249EE6B000
|
heap
|
page read and write
|
||
|
2B3B000
|
heap
|
page read and write
|
||
|
2735FBA6000
|
heap
|
page read and write
|
||
|
180F8A3E000
|
heap
|
page read and write
|
||
|
25E2F7F0000
|
trusted library allocation
|
page read and write
|
||
|
18181C3C000
|
heap
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
25E2F902000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
18182522000
|
heap
|
page read and write
|
||
|
7FFD14660000
|
unkown
|
page readonly
|
||
|
547000
|
heap
|
page read and write
|
||
|
1F60000
|
heap
|
page readonly
|
||
|
18849600000
|
direct allocation
|
page execute and read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
18847BB7000
|
heap
|
page read and write
|
||
|
BAA19FE000
|
stack
|
page read and write
|
||
|
7FFD146E7000
|
unkown
|
page readonly
|
||
|
1249EE60000
|
heap
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
2735FBC9000
|
heap
|
page read and write
|
||
|
CCA767B000
|
stack
|
page read and write
|
||
|
18181C65000
|
heap
|
page read and write
|
||
|
181825BC000
|
heap
|
page read and write
|
||
|
11DD000
|
heap
|
page read and write
|
||
|
1249EE47000
|
heap
|
page read and write
|
||
|
21A9000
|
stack
|
page read and write
|
||
|
BAA1B7F000
|
stack
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
1249EE77000
|
heap
|
page read and write
|
||
|
1249EE63000
|
heap
|
page read and write
|
||
|
1172000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
180F9300000
|
heap
|
page read and write
|
||
|
10CD000
|
heap
|
page read and write
|
||
|
10AD000
|
heap
|
page read and write
|
||
|
749000
|
stack
|
page read and write
|
||
|
33FC000
|
heap
|
page read and write
|
||
|
E05000
|
heap
|
page read and write
|
||
|
7FFD146E7000
|
unkown
|
page readonly
|
||
|
D37000
|
heap
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
2CAE0FF0000
|
heap
|
page read and write
|
||
|
18847D20000
|
heap
|
page read and write
|
||
|
1249EE65000
|
heap
|
page read and write
|
||
|
92A53F9000
|
stack
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
BF21BF7000
|
stack
|
page read and write
|
||
|
2A683735000
|
heap
|
page read and write
|
||
|
7FFD146E2000
|
unkown
|
page readonly
|
||
|
1016000
|
heap
|
page read and write
|
||
|
55E000
|
heap
|
page read and write
|
||
|
18849710000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
25E2F802000
|
heap
|
page read and write
|
||
|
D7636FE000
|
stack
|
page read and write
|
||
|
1249EE7E000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
1026000
|
heap
|
page read and write
|
||
|
180F8AE2000
|
heap
|
page read and write
|
||
|
770000
|
remote allocation
|
page read and write
|
||
|
D09000
|
heap
|
page read and write
|
||
|
10AD000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7FFD14698000
|
unkown
|
page readonly
|
||
|
547000
|
heap
|
page read and write
|
||
|
18181DE6000
|
heap
|
page read and write
|
||
|
18182600000
|
heap
|
page read and write
|
||
|
BF21B7E000
|
stack
|
page read and write
|
||
|
BDC000
|
heap
|
page read and write
|
||
|
2A683713000
|
heap
|
page read and write
|
||
|
1E5B57F000
|
stack
|
page read and write
|
||
|
2B47000
|
heap
|
page read and write
|
||
|
D2A000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
2735FBC9000
|
heap
|
page read and write
|
||
|
180F8A88000
|
heap
|
page read and write
|
||
|
25E2F852000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
1249EE40000
|
heap
|
page read and write
|
||
|
18182543000
|
heap
|
page read and write
|
||
|
1249EE7B000
|
heap
|
page read and write
|
||
|
2A685205000
|
heap
|
page read and write
|
||
|
59B000
|
heap
|
page read and write
|
||
|
FF8000
|
heap
|
page read and write
|
||
|
18847E20000
|
heap
|
page read and write
|
||
|
EA5000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
2A683762000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
2A6835F0000
|
heap
|
page read and write
|
||
|
116F000
|
heap
|
page read and write
|
||
|
10C6000
|
heap
|
page read and write
|
||
|
2A09BC000
|
stack
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
1CA61029000
|
heap
|
page read and write
|
||
|
1E5AC7B000
|
stack
|
page read and write
|
||
|
1249EE6D000
|
heap
|
page read and write
|
||
|
2735FDC0000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
180F8AE7000
|
heap
|
page read and write
|
||
|
1249F602000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
810000
|
remote allocation
|
page read and write
|
||
|
4E77BCF000
|
stack
|
page read and write
|
||
|
3261000
|
heap
|
page read and write
|
||
|
D38000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
2CAE1313000
|
heap
|
page read and write
|
||
|
A26000
|
heap
|
page read and write
|
||
|
BF21CFF000
|
stack
|
page read and write
|
||
|
18181D13000
|
heap
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
1249EE84000
|
heap
|
page read and write
|
||
|
AF0000
|
remote allocation
|
page read and write
|
||
|
18847B69000
|
heap
|
page read and write
|
||
|
1249EE62000
|
heap
|
page read and write
|
||
|
4810000
|
heap
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
1088000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
5D00000
|
heap
|
page read and write
|
||
|
13DC000
|
heap
|
page read and write
|
||
|
18847BDC000
|
heap
|
page read and write
|
||
|
810000
|
remote allocation
|
page read and write
|
||
|
1CA618B0000
|
remote allocation
|
page read and write
|
||
|
7FFD146E2000
|
unkown
|
page readonly
|
||
|
181825B0000
|
heap
|
page read and write
|
||
|
2A683747000
|
heap
|
page read and write
|
||
|
7FFD146E7000
|
unkown
|
page readonly
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
12D0000
|
remote allocation
|
page read and write
|
||
|
4E77B4F000
|
stack
|
page read and write
|
||
|
10C8000
|
heap
|
page read and write
|
||
|
2735FD90000
|
trusted library allocation
|
page read and write
|
||
|
2CAE123C000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
180F8ABA000
|
heap
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
F0C000
|
heap
|
page read and write
|
||
|
18847A70000
|
heap
|
page read and write
|
||
|
4E77ACC000
|
stack
|
page read and write
|
||
|
2735FBB5000
|
heap
|
page read and write
|
||
|
18847BB9000
|
heap
|
page read and write
|
||
|
2CAE1213000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
E4967E000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
1F50000
|
direct allocation
|
page execute and read and write
|
||
|
180F8ACB000
|
heap
|
page read and write
|
||
|
2B3B000
|
heap
|
page read and write
|
||
|
7FFD14660000
|
unkown
|
page readonly
|
||
|
7FFD146E5000
|
unkown
|
page readonly
|
||
|
1157000
|
heap
|
page read and write
|
||
|
11D6000
|
heap
|
page read and write
|
||
|
18181C87000
|
heap
|
page read and write
|
||
|
10CC000
|
heap
|
page read and write
|
||
|
180F9202000
|
heap
|
page read and write
|
||
|
1249EC00000
|
heap
|
page read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
111D000
|
heap
|
page read and write
|
||
|
5EA000
|
stack
|
page read and write
|
||
|
1249EE59000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
58E0000
|
trusted library allocation
|
page read and write
|
||
|
BF217AC000
|
stack
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
1E5B47E000
|
stack
|
page read and write
|
||
|
25E30202000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1249EE5A000
|
heap
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
2735FD40000
|
direct allocation
|
page execute and read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
547000
|
heap
|
page read and write
|
||
|
1CA60F70000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7FFD146E5000
|
unkown
|
page readonly
|
||
|
10CC000
|
heap
|
page read and write
|
||
|
18847B6F000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1175000
|
heap
|
page read and write
|
||
|
304C000
|
stack
|
page read and write
|
||
|
BA5000
|
heap
|
page read and write
|
||
|
2A0E7E000
|
stack
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
18181C78000
|
heap
|
page read and write
|
||
|
4EB000
|
heap
|
page read and write
|
||
|
E497FD000
|
stack
|
page read and write
|
||
|
BAA16FC000
|
stack
|
page read and write
|
||
|
18181C75000
|
heap
|
page read and write
|
||
|
18847BA7000
|
heap
|
page read and write
|
||
|
2735FB8F000
|
heap
|
page read and write
|
||
|
18182628000
|
heap
|
page read and write
|
||
|
AF0000
|
remote allocation
|
page read and write
|
||
|
2AED000
|
heap
|
page read and write
|
||
|
11B8000
|
heap
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
18847B71000
|
heap
|
page read and write
|
||
|
7FFD146E5000
|
unkown
|
page readonly
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
2CAE1270000
|
heap
|
page read and write
|
||
|
7FFD14660000
|
unkown
|
page readonly
|
||
|
18182511000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
92A50FA000
|
stack
|
page read and write
|
||
|
7FFD146E2000
|
unkown
|
page readonly
|
||
|
92A4BCB000
|
stack
|
page read and write
|
||
|
2CAE122A000
|
heap
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
2CAE1060000
|
heap
|
page read and write
|
||
|
18182522000
|
heap
|
page read and write
|
||
|
18847B6E000
|
heap
|
page read and write
|
||
|
BA5000
|
heap
|
page read and write
|
||
|
D7634FC000
|
stack
|
page read and write
|
||
|
2C0C000
|
stack
|
page read and write
|
||
|
7FFD14661000
|
unkown
|
page execute read
|
||
|
1F4F000
|
stack
|
page read and write
|
||
|
18181DBA000
|
heap
|
page read and write
|
||
|
25E2F843000
|
heap
|
page read and write
|
||
|
116F000
|
heap
|
page read and write
|
||
|
2A6856F0000
|
heap
|
page read and write
|
||
|
7FFD146DE000
|
unkown
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
18849610000
|
heap
|
page readonly
|
||
|
1249EE4D000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
18181C43000
|
heap
|
page read and write
|
||
|
2A683728000
|
heap
|
page read and write
|
||
|
18181B90000
|
trusted library allocation
|
page read and write
|
||
|
E496FC000
|
stack
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
2A683774000
|
heap
|
page read and write
|
||
|
10CC000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
4E77E7E000
|
stack
|
page read and write
|
||
|
18847BC2000
|
heap
|
page read and write
|
||
|
1CA61002000
|
heap
|
page read and write
|
||
|
18181C90000
|
heap
|
page read and write
|
||
|
18182623000
|
heap
|
page read and write
|
||
|
116F000
|
heap
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
18182602000
|
heap
|
page read and write
|
||
|
2735FB78000
|
heap
|
page read and write
|
||
|
2735FBA0000
|
heap
|
page read and write
|
||
|
10D6000
|
heap
|
page read and write
|
||
|
D5C000
|
heap
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
116F000
|
heap
|
page read and write
|
||
|
1CA61024000
|
heap
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
7FFD14698000
|
unkown
|
page readonly
|
||
|
18849800000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
566000
|
heap
|
page read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
10DD000
|
heap
|
page read and write
|
||
|
7FFD14660000
|
unkown
|
page readonly
|
||
|
D7639FE000
|
stack
|
page read and write
|
||
|
1CA60FE0000
|
heap
|
page read and write
|
||
|
18181C6F000
|
heap
|
page read and write
|
||
|
25E2F846000
|
heap
|
page read and write
|
||
|
E49B7C000
|
stack
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
25E2F7C0000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
18181C13000
|
heap
|
page read and write
|
||
|
7FFD14661000
|
unkown
|
page execute read
|
||
|
18182513000
|
heap
|
page read and write
|
||
|
11DD000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
BAA147B000
|
stack
|
page read and write
|
||
|
2A683700000
|
heap
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
2C8B000
|
stack
|
page read and write
|
||
|
1CA60F80000
|
heap
|
page read and write
|
||
|
7FFD14661000
|
unkown
|
page execute read
|
||
|
2735FA60000
|
heap
|
page read and write
|
||
|
2AEE000
|
heap
|
page read and write
|
||
|
BAA177E000
|
stack
|
page read and write
|
||
|
1249EE41000
|
heap
|
page read and write
|
||
|
E49A7E000
|
stack
|
page read and write
|
||
|
2A683739000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
D7638F9000
|
stack
|
page read and write
|
||
|
BAA1AFD000
|
stack
|
page read and write
|
||
|
5B70000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
7FFD14698000
|
unkown
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
B8F000
|
heap
|
page read and write
|
||
|
1249EE3A000
|
heap
|
page read and write
|
||
|
11DD000
|
heap
|
page read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
1157000
|
heap
|
page read and write
|
||
|
18182554000
|
heap
|
page read and write
|
||
|
180F8A13000
|
heap
|
page read and write
|
||
|
111D000
|
heap
|
page read and write
|
||
|
2A6834B0000
|
heap
|
page read and write
|
||
|
7FFD146E7000
|
unkown
|
page readonly
|
||
|
1249EE6A000
|
heap
|
page read and write
|
||
|
18181C57000
|
heap
|
page read and write
|
||
|
BF21C7C000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
E4997D000
|
stack
|
page read and write
|
||
|
D7635FE000
|
stack
|
page read and write
|
||
|
1E5B4FF000
|
stack
|
page read and write
|
||
|
7FFD14698000
|
unkown
|
page readonly
|
||
|
E49C7E000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
CCA727C000
|
stack
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
2CAE1259000
|
heap
|
page read and write
|
||
|
139D000
|
stack
|
page read and write
|
||
|
18182631000
|
heap
|
page read and write
|
||
|
1CA61051000
|
heap
|
page read and write
|
||
|
2A68371D000
|
heap
|
page read and write
|
||
|
18847B99000
|
heap
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
2735FBC6000
|
heap
|
page read and write
|
||
|
180F8A70000
|
heap
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4C5000
|
heap
|
page read and write
|
||
|
BF21A7F000
|
stack
|
page read and write
|
||
|
2B0B000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
2CAE1160000
|
trusted library allocation
|
page read and write
|
||
|
1F70000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
1249EE55000
|
heap
|
page read and write
|
||
|
10D6000
|
heap
|
page read and write
|
||
|
547000
|
heap
|
page read and write
|
||
|
2B47000
|
heap
|
page read and write
|
||
|
1249EE57000
|
heap
|
page read and write
|
||
|
CCA787D000
|
stack
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
2500000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
10F6000
|
heap
|
page read and write
|
||
|
4E77EF9000
|
stack
|
page read and write
|
||
|
2A683735000
|
heap
|
page read and write
|
||
|
2735FB8F000
|
heap
|
page read and write
|
||
|
4E77F7E000
|
stack
|
page read and write
|
||
|
CCA7A7E000
|
stack
|
page read and write
|
||
|
1CA61880000
|
trusted library allocation
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
10F9000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
1E5B0FB000
|
stack
|
page read and write
|
||
|
10BB000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
2735FB8F000
|
heap
|
page read and write
|
||
|
7FFD146DE000
|
unkown
|
page read and write
|
||
|
1200000
|
heap
|
page readonly
|
||
|
CCA7D7E000
|
stack
|
page read and write
|
||
|
2A684FA0000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
58A000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
18181C91000
|
heap
|
page read and write
|
||
|
2A107F000
|
stack
|
page read and write
|
||
|
30CC000
|
stack
|
page read and write
|
||
|
7FFD14660000
|
unkown
|
page readonly
|
||
|
D27000
|
heap
|
page read and write
|
||
|
11E6000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
18182508000
|
heap
|
page read and write
|
||
|
A1D000
|
heap
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
1249EE13000
|
heap
|
page read and write
|
||
|
10CC000
|
heap
|
page read and write
|
||
|
E4957E000
|
stack
|
page read and write
|
||
|
60E0000
|
heap
|
page read and write
|
||
|
1249EE31000
|
heap
|
page read and write
|
||
|
2AC9000
|
heap
|
page read and write
|
||
|
7FFD146E7000
|
unkown
|
page readonly
|
||
|
7FFD14661000
|
unkown
|
page execute read
|
||
|
CCA7C7F000
|
stack
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
273617B0000
|
heap
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
BAA197D000
|
stack
|
page read and write
|
||
|
18181A70000
|
heap
|
page read and write
|
||
|
CA0000
|
direct allocation
|
page execute and read and write
|
||
|
2503000
|
heap
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
2CAE1202000
|
heap
|
page read and write
|
||
|
BA6000
|
heap
|
page read and write
|
||
|
A21000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
E493FB000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1818256D000
|
heap
|
page read and write
|
||
|
1CA61013000
|
heap
|
page read and write
|
||
|
315B000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
1CA618B0000
|
remote allocation
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
1168000
|
heap
|
page read and write
|
||
|
A1D000
|
heap
|
page read and write
|
||
|
2CAE1A02000
|
trusted library allocation
|
page read and write
|
||
|
2A683736000
|
heap
|
page read and write
|
||
|
CCB000
|
stack
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
18181D8F000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
18182502000
|
heap
|
page read and write
|
||
|
7FFD146E5000
|
unkown
|
page readonly
|
||
|
18182613000
|
heap
|
page read and write
|
||
|
1E5B179000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
18181C29000
|
heap
|
page read and write
|
||
|
12D0000
|
remote allocation
|
page read and write
|
||
|
2DAB000
|
stack
|
page read and write
|
||
|
E4987B000
|
stack
|
page read and write
|
||
|
47B000
|
stack
|
page read and write
|
||
|
7FFD146DE000
|
unkown
|
page read and write
|
||
|
CF0000
|
remote allocation
|
page read and write
|
||
|
BF21D7C000
|
stack
|
page read and write
|
||
|
2A0CFE000
|
stack
|
page read and write
|
||
|
25E2F800000
|
heap
|
page read and write
|
||
|
28C7000
|
stack
|
page read and write
|
||
|
A41000
|
heap
|
page read and write
|
||
|
1249EE3C000
|
heap
|
page read and write
|
||
|
180F8A00000
|
heap
|
page read and write
|
||
|
2735FD90000
|
trusted library allocation
|
page read and write
|
||
|
1F80000
|
heap
|
page read and write
|
||
|
E48FEB000
|
stack
|
page read and write
|
||
|
2736159C000
|
heap
|
page read and write
|
||
|
1157000
|
heap
|
page read and write
|
||
|
18849710000
|
trusted library allocation
|
page read and write
|
||
|
180F8AC9000
|
heap
|
page read and write
|
||
|
2B47000
|
heap
|
page read and write
|
||
|
18181A10000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
18847B70000
|
heap
|
page read and write
|
||
|
CF0000
|
remote allocation
|
page read and write
|
||
|
1249EE26000
|
heap
|
page read and write
|
||
|
E0C000
|
heap
|
page read and write
|
||
|
7FFD146E2000
|
unkown
|
page readonly
|
||
|
1E5AFFF000
|
stack
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
18847BB9000
|
heap
|
page read and write
|
||
|
180F933A000
|
heap
|
page read and write
|
||
|
18181C8A000
|
heap
|
page read and write
|
||
|
2735FBDB000
|
heap
|
page read and write
|
||
|
2CAE1287000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
2A68373D000
|
heap
|
page read and write
|
||
|
2B4E000
|
heap
|
page read and write
|
||
|
1249EE00000
|
heap
|
page read and write
|
||
|
1CA61020000
|
heap
|
page read and write
|
||
|
770000
|
remote allocation
|
page read and write
|
||
|
180F8B13000
|
heap
|
page read and write
|
||
|
2735FBB9000
|
heap
|
page read and write
|
||
|
1CA61000000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
18847BAA000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
7F3000
|
heap
|
page read and write
|
||
|
25E2F837000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
1E5AE7A000
|
stack
|
page read and write
|
||
|
7FFD146DE000
|
unkown
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
18847B99000
|
heap
|
page read and write
|
||
|
10DE000
|
heap
|
page read and write
|
||
|
26CF000
|
stack
|
page read and write
|
||
|
D7637FE000
|
stack
|
page read and write
|
||
|
D38000
|
heap
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
1CA618B0000
|
remote allocation
|
page read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
212D000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
180F88D0000
|
heap
|
page read and write
|
||
|
18847E25000
|
heap
|
page read and write
|
||
|
109A000
|
stack
|
page read and write
|
||
|
2A83000
|
heap
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
1249EE58000
|
heap
|
page read and write
|
||
|
1313000
|
heap
|
page read and write
|
||
|
2A685200000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
111D000
|
heap
|
page read and write
|
||
|
10F6000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page readonly
|
||
|
25E2F829000
|
heap
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
547000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
295F000
|
stack
|
page read and write
|
||
|
18182402000
|
heap
|
page read and write
|
||
|
1E5B27A000
|
stack
|
page read and write
|
||
|
18181C00000
|
heap
|
page read and write
|
||
|
2A117E000
|
stack
|
page read and write
|
||
|
18181C6C000
|
heap
|
page read and write
|
||
|
7FFD14661000
|
unkown
|
page execute read
|
||
|
7FFD146DE000
|
unkown
|
page read and write
|
||
|
180F8860000
|
heap
|
page read and write
|
||
|
2A68372E000
|
heap
|
page read and write
|
||
|
CCA7B7E000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
2A683730000
|
heap
|
page read and write
|
||
|
7FFD14698000
|
unkown
|
page readonly
|
||
|
2A683762000
|
heap
|
page read and write
|
||
|
2A683680000
|
trusted library allocation
|
page read and write
|
||
|
1CA61075000
|
heap
|
page read and write
|
||
|
25E2F813000
|
heap
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
555000
|
heap
|
page read and write
|
||
|
180F8A2A000
|
heap
|
page read and write
|
||
|
566000
|
heap
|
page read and write
|
||
|
7FFD146E5000
|
unkown
|
page readonly
|
||
|
BF21AFF000
|
stack
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2735FAD0000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
18847B48000
|
heap
|
page read and write
|
||
|
AC9000
|
stack
|
page read and write
|
||
|
7FFD146E2000
|
unkown
|
page readonly
|
||
|
5EC0000
|
trusted library allocation
|
page read and write
|
||
|
CE2000
|
heap
|
page read and write
|
||
|
18847B99000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
2ABC000
|
heap
|
page read and write
|
||
|
10D6000
|
heap
|
page read and write
|
||
|
1249EE5E000
|
heap
|
page read and write
|
||
|
2CAE1200000
|
heap
|
page read and write
|
||
|
3261000
|
heap
|
page read and write
|
||
|
7FFD14698000
|
unkown
|
page readonly
|
||
|
18182500000
|
heap
|
page read and write
|
||
|
1070000
|
direct allocation
|
page execute and read and write
|
||
|
2735FDC5000
|
heap
|
page read and write
|
||
|
CCA757F000
|
stack
|
page read and write
|
||
|
2E4F000
|
stack
|
page read and write
|
||
|
18847BB0000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
536F000
|
stack
|
page read and write
|
||
|
2A684FCC000
|
heap
|
page read and write
|
||
|
2CAE1000000
|
heap
|
page read and write
|
||
|
7FFD14661000
|
unkown
|
page execute read
|
||
|
CCA797F000
|
stack
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
2D2F000
|
stack
|
page read and write
|
||
|
180F8AC1000
|
heap
|
page read and write
|
||
|
2B2E000
|
heap
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
10D3000
|
heap
|
page read and write
|
||
|
10B0000
|
remote allocation
|
page read and write
|
||
|
110C000
|
heap
|
page read and write
|
||
|
CFA000
|
heap
|
page read and write
|
||
|
10B0000
|
remote allocation
|
page read and write
|
||
|
18847BCA000
|
heap
|
page read and write
|
||
|
1249EE7A000
|
heap
|
page read and write
|
||
|
180F9313000
|
heap
|
page read and write
|
||
|
18847AE0000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
1E5B37E000
|
stack
|
page read and write
|
||
|
A1D000
|
heap
|
page read and write
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
1249EE29000
|
heap
|
page read and write
|
||
|
10AD000
|
heap
|
page read and write
|
||
|
1249ED60000
|
trusted library allocation
|
page read and write
|
||
|
180F8A23000
|
heap
|
page read and write
|
||
|
2A0F7E000
|
stack
|
page read and write
|
||
|
1249EBF0000
|
heap
|
page read and write
|
||
|
2735FD50000
|
heap
|
page readonly
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
2CAE125B000
|
heap
|
page read and write
|
||
|
180F8870000
|
heap
|
page read and write
|
||
|
18847B77000
|
heap
|
page read and write
|
||
|
2B3B000
|
heap
|
page read and write
|
||
|
25E2F770000
|
heap
|
page read and write
|
||
|
10D6000
|
heap
|
page read and write
|
||
|
25E2F82F000
|
heap
|
page read and write
|
||
|
1249EE67000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
92A52FE000
|
stack
|
page read and write
|
||
|
18181A00000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2A683728000
|
heap
|
page read and write
|
||
|
CCA747B000
|
stack
|
page read and write
|
||
|
2CAE1302000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
18847B99000
|
heap
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
2A683650000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD14660000
|
unkown
|
page readonly
|
||
|
18847B40000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
92A51FF000
|
stack
|
page read and write
|
||
|
1157000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
111D000
|
heap
|
page read and write
|
||
|
25E2F760000
|
heap
|
page read and write
|
||
|
2735FB70000
|
heap
|
page read and write
|
||
|
BA5000
|
heap
|
page read and write
|
||
|
7FFD146E7000
|
unkown
|
page readonly
|
||
|
116F000
|
heap
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
2A683660000
|
heap
|
page read and write
|
||
|
558000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
10C8000
|
heap
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
2A0C7E000
|
stack
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
A16000
|
heap
|
page read and write
|
||
|
28C0000
|
heap
|
page read and write
|
||
|
547000
|
heap
|
page read and write
|
||
|
E2F000
|
stack
|
page read and write
|
||
|
2735FAF0000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
10BA000
|
heap
|
page read and write
|
||
|
25E2F83C000
|
heap
|
page read and write
|
||
|
1CA61A02000
|
trusted library allocation
|
page read and write
|
||
|
116F000
|
heap
|
page read and write
|
||
|
1249EF02000
|
heap
|
page read and write
|
||
|
56F000
|
heap
|
page read and write
|
||
|
18847B00000
|
heap
|
page read and write
|
||
|
D41000
|
heap
|
page read and write
|
||
|
27361570000
|
heap
|
page read and write
|
||
|
18182592000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
1249EE42000
|
heap
|
page read and write
|
||
|
18847B69000
|
heap
|
page read and write
|
||
|
1CA61102000
|
heap
|
page read and write
|
||
|
180F8B02000
|
heap
|
page read and write
|
||
|
2A683708000
|
heap
|
page read and write
|
||
|
1ECF000
|
stack
|
page read and write
|
||
|
7FFD146E5000
|
unkown
|
page readonly
|
||
|
2B2E000
|
heap
|
page read and write
|
||
|
222E000
|
stack
|
page read and write
|
||
|
2A683680000
|
trusted library allocation
|
page read and write
|
There are 697 hidden memdumps, click here to show them.