Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
UNUy8dUYWp.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\UNUy8dUYWp.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\UNUy8dUYWp.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\UNUy8dUYWp.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\UNUy8dUYWp.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ZWpHraPiSSirRmt\eJPBXUgBzVlFM.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HqxIOWhu\iwDMK.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LhPRdzdtIG\UwTqVItszcvDL.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\OSbbRH\JNviIfIAbu.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\ZWpHraPiSSirRmt\eJPBXUgBzVlFM.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\XkUZzl\jVHLVoJmMjstBzLj.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\UNUy8dUYWp.dll",#1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/ifjgeqljeeoagd/80/
|
unknown
|
||
|
https://172.105.115.71:8080/ifjgeqljeeoagd/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
eJPBXUgBzVlFM.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B00000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
CF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
239F3680000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
18426F90000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1A64A260000
|
direct allocation
|
page execute and read and write
|
|
|
|
239F370F000
|
heap
|
page read and write
|
||
|
18428B60000
|
trusted library allocation
|
page read and write
|
||
|
94F000
|
heap
|
page read and write
|
||
|
9315C7E000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
9315B7E000
|
stack
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
18428950000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
239F3707000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
93157BC000
|
stack
|
page read and write
|
||
|
1AF035D0000
|
heap
|
page read and write
|
||
|
239F5115000
|
heap
|
page read and write
|
||
|
2698000
|
heap
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
C2E000
|
heap
|
page read and write
|
||
|
BAB000
|
heap
|
page read and write
|
||
|
37A97F9000
|
stack
|
page read and write
|
||
|
7FF87C2E0000
|
unkown
|
page readonly
|
||
|
7FF87C365000
|
unkown
|
page readonly
|
||
|
E27000
|
heap
|
page read and write
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
539000
|
stack
|
page read and write
|
||
|
E7B000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
E3A6AF9000
|
stack
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
3A0000
|
remote allocation
|
page read and write
|
||
|
9DF000
|
heap
|
page read and write
|
||
|
3A0000
|
remote allocation
|
page read and write
|
||
|
1AF036EF000
|
heap
|
page read and write
|
||
|
BB1000
|
heap
|
page read and write
|
||
|
1A64A0D9000
|
heap
|
page read and write
|
||
|
E58000
|
heap
|
page read and write
|
||
|
239F3716000
|
heap
|
page read and write
|
||
|
1AF039E5000
|
heap
|
page read and write
|
||
|
A80000
|
remote allocation
|
page read and write
|
||
|
1349000
|
heap
|
page read and write
|
||
|
2D3F000
|
stack
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
DCB000
|
heap
|
page read and write
|
||
|
18426EB0000
|
heap
|
page read and write
|
||
|
239F3726000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
1301000
|
heap
|
page read and write
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
7FF87C367000
|
unkown
|
page readonly
|
||
|
948000
|
heap
|
page read and write
|
||
|
1337000
|
heap
|
page read and write
|
||
|
BD1000
|
heap
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
97B000
|
stack
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
C2E000
|
heap
|
page read and write
|
||
|
299E000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
97C000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
7FF87C2E1000
|
unkown
|
page execute read
|
||
|
2EF9000
|
heap
|
page read and write
|
||
|
9315BF9000
|
stack
|
page read and write
|
||
|
7B3000
|
heap
|
page read and write
|
||
|
1A64A0C5000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
E58000
|
heap
|
page read and write
|
||
|
1A64A050000
|
heap
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
7FF87C2E1000
|
unkown
|
page execute read
|
||
|
94E000
|
stack
|
page read and write
|
||
|
7FF87C35E000
|
unkown
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1A64A0A8000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
37A000
|
stack
|
page read and write
|
||
|
3B3E000
|
stack
|
page read and write
|
||
|
7FF87C318000
|
unkown
|
page readonly
|
||
|
2363000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page readonly
|
||
|
7FF87C362000
|
unkown
|
page readonly
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
1A64A058000
|
heap
|
page read and write
|
||
|
7FF87C35E000
|
unkown
|
page read and write
|
||
|
2780000
|
remote allocation
|
page read and write
|
||
|
1A64A076000
|
heap
|
page read and write
|
||
|
1A64A0A8000
|
heap
|
page read and write
|
||
|
18428B40000
|
heap
|
page read and write
|
||
|
239F5110000
|
heap
|
page read and write
|
||
|
18426FFF000
|
heap
|
page read and write
|
||
|
560000
|
remote allocation
|
page read and write
|
||
|
2650000
|
heap
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
1A64BA8D000
|
heap
|
page read and write
|
||
|
7FF87C365000
|
unkown
|
page readonly
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
2780000
|
remote allocation
|
page read and write
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
BAC000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
E27000
|
heap
|
page read and write
|
||
|
12FD000
|
heap
|
page read and write
|
||
|
C27000
|
heap
|
page read and write
|
||
|
469207F000
|
stack
|
page read and write
|
||
|
1A64A0C7000
|
heap
|
page read and write
|
||
|
7FF87C2E0000
|
unkown
|
page readonly
|
||
|
1A64A020000
|
heap
|
page read and write
|
||
|
7FF87C2E1000
|
unkown
|
page execute read
|
||
|
7FF87C35E000
|
unkown
|
page read and write
|
||
|
1A64A0B8000
|
heap
|
page read and write
|
||
|
E3A69FD000
|
stack
|
page read and write
|
||
|
1AF039E9000
|
heap
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
1A64BB90000
|
trusted library allocation
|
page read and write
|
||
|
E3A67FE000
|
stack
|
page read and write
|
||
|
B6F000
|
heap
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
1A64A0BE000
|
heap
|
page read and write
|
||
|
1AF03910000
|
trusted library allocation
|
page read and write
|
||
|
12D8000
|
heap
|
page read and write
|
||
|
239F370C000
|
heap
|
page read and write
|
||
|
239F3741000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
7FF87C35E000
|
unkown
|
page read and write
|
||
|
E44000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
A11000
|
heap
|
page read and write
|
||
|
7FF87C2E0000
|
unkown
|
page readonly
|
||
|
1842897C000
|
heap
|
page read and write
|
||
|
95D000
|
heap
|
page read and write
|
||
|
18426FEE000
|
heap
|
page read and write
|
||
|
95D000
|
heap
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
7FF87C362000
|
unkown
|
page readonly
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
37A93DB000
|
stack
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
9FC000
|
heap
|
page read and write
|
||
|
26A2000
|
heap
|
page read and write
|
||
|
7FF87C35E000
|
unkown
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
1A64A0D0000
|
heap
|
page read and write
|
||
|
18426FE0000
|
heap
|
page read and write
|
||
|
2E10000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
18426FE9000
|
heap
|
page read and write
|
||
|
E3A66FE000
|
stack
|
page read and write
|
||
|
7FF87C367000
|
unkown
|
page readonly
|
||
|
276C000
|
stack
|
page read and write
|
||
|
131C000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
1AF03970000
|
trusted library allocation
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
239F4F80000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
E4F000
|
heap
|
page read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
7FF87C362000
|
unkown
|
page readonly
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
2F19000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page readonly
|
||
|
18428A50000
|
heap
|
page readonly
|
||
|
BB1000
|
heap
|
page read and write
|
||
|
7FF87C318000
|
unkown
|
page readonly
|
||
|
BA8000
|
heap
|
page read and write
|
||
|
12FD000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7FF87C2E1000
|
unkown
|
page execute read
|
||
|
93B000
|
heap
|
page read and write
|
||
|
C32000
|
heap
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
1AF03640000
|
heap
|
page read and write
|
||
|
239F371C000
|
heap
|
page read and write
|
||
|
1A64A087000
|
heap
|
page read and write
|
||
|
26A2000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
BAB000
|
heap
|
page read and write
|
||
|
18428B60000
|
trusted library allocation
|
page read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
2698000
|
heap
|
page read and write
|
||
|
1A64A075000
|
heap
|
page read and write
|
||
|
239F3753000
|
heap
|
page read and write
|
||
|
18427036000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
26A2000
|
heap
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
239F370F000
|
heap
|
page read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
7FF87C2E0000
|
unkown
|
page readonly
|
||
|
18427010000
|
heap
|
page read and write
|
||
|
B88000
|
heap
|
page read and write
|
||
|
2651000
|
heap
|
page read and write
|
||
|
12FD000
|
heap
|
page read and write
|
||
|
7FF87C2E0000
|
unkown
|
page readonly
|
||
|
564E000
|
stack
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
18426F40000
|
heap
|
page read and write
|
||
|
283F000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
26C6000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
239F4FAC000
|
heap
|
page read and write
|
||
|
1A64A2B0000
|
heap
|
page read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
7FF87C367000
|
unkown
|
page readonly
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
239F3741000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
BA8000
|
heap
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
560000
|
remote allocation
|
page read and write
|
||
|
224F000
|
stack
|
page read and write
|
||
|
397D000
|
stack
|
page read and write
|
||
|
B7F000
|
heap
|
page read and write
|
||
|
1A64A290000
|
direct allocation
|
page execute and read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
4691CCC000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
127B000
|
stack
|
page read and write
|
||
|
1AF03660000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
308A000
|
heap
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
18426F20000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
261C000
|
heap
|
page read and write
|
||
|
B30000
|
direct allocation
|
page execute and read and write
|
||
|
7FF87C318000
|
unkown
|
page readonly
|
||
|
1A64A0A8000
|
heap
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
1337000
|
heap
|
page read and write
|
||
|
B7E000
|
heap
|
page read and write
|
||
|
1AF036A0000
|
heap
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
239F371C000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
BCB000
|
heap
|
page read and write
|
||
|
1A64A07B000
|
heap
|
page read and write
|
||
|
37A9779000
|
stack
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
23B3000
|
heap
|
page read and write
|
||
|
510000
|
remote allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
1AF039E0000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
1A64A06E000
|
heap
|
page read and write
|
||
|
1AF044E0000
|
trusted library allocation
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
B7A000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
1AF036EF000
|
heap
|
page read and write
|
||
|
1AF035E0000
|
trusted library allocation
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
239F5080000
|
trusted library allocation
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
7FF87C318000
|
unkown
|
page readonly
|
||
|
130B000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
966000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
18426FD5000
|
heap
|
page read and write
|
||
|
26B7000
|
heap
|
page read and write
|
||
|
7FF87C365000
|
unkown
|
page readonly
|
||
|
283E000
|
stack
|
page read and write
|
||
|
18427014000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
26DF000
|
stack
|
page read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
B86000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
1AF039D0000
|
trusted library allocation
|
page read and write
|
||
|
2F19000
|
heap
|
page read and write
|
||
|
26A7000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
2A19000
|
stack
|
page read and write
|
||
|
2FB7000
|
stack
|
page read and write
|
||
|
275E000
|
stack
|
page read and write
|
||
|
239F3715000
|
heap
|
page read and write
|
||
|
5B0000
|
remote allocation
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
1A64A07E000
|
heap
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
1306000
|
heap
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
2E7F000
|
stack
|
page read and write
|
||
|
18427039000
|
heap
|
page read and write
|
||
|
7FF87C365000
|
unkown
|
page readonly
|
||
|
A90000
|
heap
|
page read and write
|
||
|
1A64A0A8000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
7FF87C35E000
|
unkown
|
page read and write
|
||
|
74C000
|
heap
|
page read and write
|
||
|
1A64BA60000
|
heap
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
D20000
|
direct allocation
|
page execute and read and write
|
||
|
1AF03950000
|
trusted library allocation
|
page read and write
|
||
|
1A64BB90000
|
trusted library allocation
|
page read and write
|
||
|
95D000
|
heap
|
page read and write
|
||
|
4E9000
|
stack
|
page read and write
|
||
|
2C7D000
|
stack
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
239F3717000
|
heap
|
page read and write
|
||
|
239F36E0000
|
heap
|
page read and write
|
||
|
1AF03980000
|
trusted library allocation
|
page read and write
|
||
|
1AF038A0000
|
trusted library allocation
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
239F36ED000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page readonly
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
46920F7000
|
stack
|
page read and write
|
||
|
37A98F9000
|
stack
|
page read and write
|
||
|
56CF000
|
stack
|
page read and write
|
||
|
18426FC0000
|
direct allocation
|
page execute and read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
2E6C000
|
heap
|
page read and write
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
8FC000
|
heap
|
page read and write
|
||
|
239F3707000
|
heap
|
page read and write
|
||
|
7FF87C367000
|
unkown
|
page readonly
|
||
|
2671000
|
heap
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
7FF87C362000
|
unkown
|
page readonly
|
||
|
5600000
|
trusted library allocation
|
page read and write
|
||
|
18426FFF000
|
heap
|
page read and write
|
||
|
E3A68FB000
|
stack
|
page read and write
|
||
|
5B0000
|
remote allocation
|
page read and write
|
||
|
26A8000
|
heap
|
page read and write
|
||
|
239F3510000
|
heap
|
page read and write
|
||
|
1A649FB0000
|
heap
|
page read and write
|
||
|
E3A637C000
|
stack
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
1A64A2B5000
|
heap
|
page read and write
|
||
|
1AF036E7000
|
heap
|
page read and write
|
||
|
239F3707000
|
heap
|
page read and write
|
||
|
A11000
|
heap
|
page read and write
|
||
|
BBA000
|
heap
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
353B000
|
stack
|
page read and write
|
||
|
469217C000
|
stack
|
page read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
26B8000
|
heap
|
page read and write
|
||
|
BAB000
|
heap
|
page read and write
|
||
|
1A64A0C7000
|
heap
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
7FF87C2E1000
|
unkown
|
page execute read
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
239F4FAC000
|
heap
|
page read and write
|
||
|
7FF87C367000
|
unkown
|
page readonly
|
||
|
1A64A0EA000
|
heap
|
page read and write
|
||
|
B7C000
|
heap
|
page read and write
|
||
|
2EF8000
|
heap
|
page read and write
|
||
|
283B000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
B95000
|
heap
|
page read and write
|
||
|
B88000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
B7E000
|
heap
|
page read and write
|
||
|
7FF87C318000
|
unkown
|
page readonly
|
||
|
1A64A2A0000
|
heap
|
page readonly
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
7DB000
|
heap
|
page read and write
|
||
|
A7B000
|
stack
|
page read and write
|
||
|
58A000
|
stack
|
page read and write
|
||
|
B93000
|
heap
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
7FF87C365000
|
unkown
|
page readonly
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
2D70000
|
direct allocation
|
page execute and read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
37A987E000
|
stack
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
A80000
|
remote allocation
|
page read and write
|
||
|
9315A7F000
|
stack
|
page read and write
|
||
|
1A64A07B000
|
heap
|
page read and write
|
||
|
BC8000
|
heap
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
510000
|
remote allocation
|
page read and write
|
||
|
26B7000
|
heap
|
page read and write
|
||
|
9315AFF000
|
stack
|
page read and write
|
||
|
1A64A0B5000
|
heap
|
page read and write
|
||
|
C31000
|
heap
|
page read and write
|
||
|
239F50E0000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
1AF03960000
|
heap
|
page readonly
|
||
|
7FF87C2E1000
|
unkown
|
page execute read
|
||
|
5CC000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
1A64A220000
|
heap
|
page read and write
|
||
|
469227B000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
1AF038B0000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
239F3714000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
7FF87C2E0000
|
unkown
|
page readonly
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
1AF039F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF87C365000
|
unkown
|
page readonly
|
||
|
975000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
130E000
|
heap
|
page read and write
|
||
|
18427039000
|
heap
|
page read and write
|
||
|
239F36F3000
|
heap
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
BB1000
|
heap
|
page read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
2273000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
28BE000
|
stack
|
page read and write
|
||
|
1A64A07F000
|
heap
|
page read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
7FF87C367000
|
unkown
|
page readonly
|
||
|
239F36B0000
|
direct allocation
|
page execute and read and write
|
||
|
18426FD0000
|
heap
|
page read and write
|
||
|
1A64BBC0000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
18426FFF000
|
heap
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
2780000
|
remote allocation
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
1AF036EF000
|
heap
|
page read and write
|
||
|
E3E000
|
heap
|
page read and write
|
||
|
E69000
|
heap
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
7FF87C362000
|
unkown
|
page readonly
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
4691DCE000
|
stack
|
page read and write
|
||
|
1842704B000
|
heap
|
page read and write
|
||
|
E35000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2BFC000
|
stack
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
806000
|
heap
|
page read and write
|
||
|
26A2000
|
heap
|
page read and write
|
||
|
4691D4E000
|
stack
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
7FF87C318000
|
unkown
|
page readonly
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
BAB000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
239F3714000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
239F5080000
|
trusted library allocation
|
page read and write
|
||
|
1A64A0A8000
|
heap
|
page read and write
|
||
|
2629000
|
heap
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
239F3650000
|
heap
|
page read and write
|
||
|
7FF87C362000
|
unkown
|
page readonly
|
||
|
1280000
|
heap
|
page read and write
|
||
|
239F36C0000
|
heap
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
2EF9000
|
heap
|
page read and write
|
||
|
46921FE000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
There are 517 hidden memdumps, click here to show them.