Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
UNUy8dUYWp.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\UNUy8dUYWp.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\UNUy8dUYWp.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\UNUy8dUYWp.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\UNUy8dUYWp.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\MKDOLrYWnU\ZnvQHBfFrAXKVU.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\CoOkhAHrtQc\nRwgXrJuSZa.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\GoWbi\ladheq.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\RQcUhJCVUMzw\oVbDosZga.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\MKDOLrYWnU\ZnvQHBfFrAXKVU.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\FWERpTiWwMFl\CxZPHYYNr.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ZWpHraPiSSirRmt\eJPBXUgBzVlFM.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HqxIOWhu\iwDMK.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LhPRdzdtIG\UwTqVItszcvDL.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\OSbbRH\JNviIfIAbu.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\ZWpHraPiSSirRmt\eJPBXUgBzVlFM.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\XkUZzl\jVHLVoJmMjstBzLj.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\UNUy8dUYWp.dll",#1
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/s.dll
|
unknown
|
||
|
https://172.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/ifjgeqljeeoagd/80/
|
unknown
|
||
|
https://172.105.115.71:8080/ifjgeqljeeoagd/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ZnvQHBfFrAXKVU.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
eJPBXUgBzVlFM.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
15CC5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2C323270000
|
direct allocation
|
page execute and read and write
|
|
|
|
6B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
FA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
A00000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
225B3AC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
225B3926000
|
heap
|
page read and write
|
||
|
26E6000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
2C3232B0000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
7FF87C17E000
|
unkown
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
CD0000
|
remote allocation
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
15CC5340000
|
heap
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
128A000
|
heap
|
page read and write
|
||
|
D4E000
|
heap
|
page read and write
|
||
|
12B1000
|
heap
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
7F3000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
2C3233D0000
|
heap
|
page read and write
|
||
|
3D3E000
|
stack
|
page read and write
|
||
|
7BF000
|
heap
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
15CC6ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF87C182000
|
unkown
|
page readonly
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
740000
|
remote allocation
|
page read and write
|
||
|
EA6000
|
heap
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
7FF87C182000
|
unkown
|
page readonly
|
||
|
15CC52A0000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
899E000
|
stack
|
page read and write
|
||
|
26D8000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
2F4C27C000
|
stack
|
page read and write
|
||
|
16309108000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
7FF87C17E000
|
unkown
|
page read and write
|
||
|
2C3219A0000
|
heap
|
page read and write
|
||
|
D71000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
286E000
|
stack
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
7FF87C101000
|
unkown
|
page execute read
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
26ED000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
16308FA0000
|
heap
|
page read and write
|
||
|
7FF87C101000
|
unkown
|
page execute read
|
||
|
2C321831000
|
heap
|
page read and write
|
||
|
225B3939000
|
heap
|
page read and write
|
||
|
C99000
|
stack
|
page read and write
|
||
|
225B5440000
|
heap
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
2E01000
|
heap
|
page read and write
|
||
|
5CDF000
|
stack
|
page read and write
|
||
|
D632DF9000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
ADF000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
E05000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
26E6000
|
heap
|
page read and write
|
||
|
221E000
|
stack
|
page read and write
|
||
|
2DB9000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
E9E000
|
heap
|
page read and write
|
||
|
219F000
|
stack
|
page read and write
|
||
|
225B3928000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
EC9000
|
heap
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
2DE1000
|
heap
|
page read and write
|
||
|
8899000
|
stack
|
page read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
7FF87C17E000
|
unkown
|
page read and write
|
||
|
2D98000
|
heap
|
page read and write
|
||
|
225B391F000
|
heap
|
page read and write
|
||
|
26ED000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
225B3908000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
E21000
|
heap
|
page read and write
|
||
|
16308FC0000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
225B3880000
|
heap
|
page read and write
|
||
|
7FF87C101000
|
unkown
|
page execute read
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
B49000
|
heap
|
page read and write
|
||
|
59D0000
|
trusted library allocation
|
page read and write
|
||
|
E05000
|
heap
|
page read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
CC0000
|
remote allocation
|
page read and write
|
||
|
D63277C000
|
stack
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
A9F000
|
heap
|
page read and write
|
||
|
879F000
|
stack
|
page read and write
|
||
|
2F4C37E000
|
stack
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1268000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
7FF87C185000
|
unkown
|
page readonly
|
||
|
7A5000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
7FF87C187000
|
unkown
|
page readonly
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
7FF87C101000
|
unkown
|
page execute read
|
||
|
2F4C3FE000
|
stack
|
page read and write
|
||
|
7FF87C100000
|
unkown
|
page readonly
|
||
|
FEA000
|
stack
|
page read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
2C321760000
|
heap
|
page read and write
|
||
|
2C321843000
|
heap
|
page read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
B05327E000
|
stack
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
AE8000
|
heap
|
page read and write
|
||
|
2C321816000
|
heap
|
page read and write
|
||
|
23C7000
|
stack
|
page read and write
|
||
|
5D10000
|
heap
|
page read and write
|
||
|
2F4C4FC000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
E09000
|
heap
|
page read and write
|
||
|
1495000
|
heap
|
page read and write
|
||
|
7FF87C100000
|
unkown
|
page readonly
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
225B3B50000
|
heap
|
page read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
15CC5399000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
CD0000
|
remote allocation
|
page read and write
|
||
|
67B000
|
stack
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
710000
|
trusted library allocation
|
page read and write
|
||
|
2C3217E3000
|
heap
|
page read and write
|
||
|
2C323465000
|
heap
|
page read and write
|
||
|
E10000
|
direct allocation
|
page execute and read and write
|
||
|
E95000
|
heap
|
page read and write
|
||
|
2C32180E000
|
heap
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
225B3930000
|
heap
|
page read and write
|
||
|
225B38E7000
|
heap
|
page read and write
|
||
|
950000
|
remote allocation
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
740000
|
remote allocation
|
page read and write
|
||
|
DF9000
|
heap
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
7DA000
|
heap
|
page read and write
|
||
|
15CC6E00000
|
heap
|
page read and write
|
||
|
225B3B40000
|
trusted library allocation
|
page read and write
|
||
|
7FF87C182000
|
unkown
|
page readonly
|
||
|
790000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
E1C000
|
heap
|
page read and write
|
||
|
D57000
|
heap
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
149C000
|
heap
|
page read and write
|
||
|
2C3217DD000
|
heap
|
page read and write
|
||
|
2C3217D0000
|
heap
|
page read and write
|
||
|
2F75000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7B7000
|
heap
|
page read and write
|
||
|
163090B0000
|
trusted library allocation
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
2C3232A0000
|
direct allocation
|
page execute and read and write
|
||
|
CD0000
|
remote allocation
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
16309040000
|
heap
|
page read and write
|
||
|
7FF87C185000
|
unkown
|
page readonly
|
||
|
26EF000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
B0531F9000
|
stack
|
page read and write
|
||
|
B1D000
|
heap
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
28BF000
|
stack
|
page read and write
|
||
|
16308E70000
|
trusted library allocation
|
page read and write
|
||
|
7FF87C187000
|
unkown
|
page readonly
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
7B7000
|
heap
|
page read and write
|
||
|
FE5000
|
heap
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
129C000
|
heap
|
page read and write
|
||
|
719000
|
stack
|
page read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
163091C0000
|
trusted library allocation
|
page read and write
|
||
|
1005000
|
heap
|
page read and write
|
||
|
26D8000
|
heap
|
page read and write
|
||
|
1630910F000
|
heap
|
page read and write
|
||
|
15CC5330000
|
direct allocation
|
page execute and read and write
|
||
|
7FF87C138000
|
unkown
|
page readonly
|
||
|
2C321805000
|
heap
|
page read and write
|
||
|
2C321831000
|
heap
|
page read and write
|
||
|
2F4C5FE000
|
stack
|
page read and write
|
||
|
929000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
225B38D5000
|
heap
|
page read and write
|
||
|
D632BFF000
|
stack
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
225B3919000
|
heap
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
7FF87C17E000
|
unkown
|
page read and write
|
||
|
2B6C000
|
stack
|
page read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
225B3B00000
|
heap
|
page readonly
|
||
|
7FF87C100000
|
unkown
|
page readonly
|
||
|
E87000
|
heap
|
page read and write
|
||
|
2C32319C000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
AA1000
|
heap
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
7FF87C185000
|
unkown
|
page readonly
|
||
|
E98000
|
heap
|
page read and write
|
||
|
27AB000
|
stack
|
page read and write
|
||
|
2C323460000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
225B3908000
|
heap
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
225B3810000
|
heap
|
page read and write
|
||
|
5A700FE000
|
stack
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
AB4000
|
heap
|
page read and write
|
||
|
1630910D000
|
heap
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
2C321803000
|
heap
|
page read and write
|
||
|
EA6000
|
heap
|
page read and write
|
||
|
15CC535F000
|
heap
|
page read and write
|
||
|
75B000
|
stack
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
15CC53AB000
|
heap
|
page read and write
|
||
|
7FF87C185000
|
unkown
|
page readonly
|
||
|
5B40000
|
trusted library allocation
|
page read and write
|
||
|
2F4C477000
|
stack
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7FF87C182000
|
unkown
|
page readonly
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
16309126000
|
heap
|
page read and write
|
||
|
7FF87C185000
|
unkown
|
page readonly
|
||
|
E0C000
|
heap
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
B0530FE000
|
stack
|
page read and write
|
||
|
D3F000
|
heap
|
page read and write
|
||
|
163090C0000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
1630910F000
|
heap
|
page read and write
|
||
|
7FF87C187000
|
unkown
|
page readonly
|
||
|
163090C8000
|
heap
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
891E000
|
stack
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
7FF87C138000
|
unkown
|
page readonly
|
||
|
16308E60000
|
heap
|
page read and write
|
||
|
15CC5386000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
D4E000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
AA7000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
D632EFE000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
15CC5280000
|
heap
|
page read and write
|
||
|
7FF87C100000
|
unkown
|
page readonly
|
||
|
E50000
|
heap
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
12B1000
|
heap
|
page read and write
|
||
|
2F4C67B000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
780000
|
remote allocation
|
page read and write
|
||
|
7FF87C182000
|
unkown
|
page readonly
|
||
|
E20000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
D632AFF000
|
stack
|
page read and write
|
||
|
6F0000
|
direct allocation
|
page execute and read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
225B38B0000
|
heap
|
page read and write
|
||
|
15CC6CB0000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
780000
|
remote allocation
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
15CC5397000
|
heap
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
26E6000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
A9F000
|
heap
|
page read and write
|
||
|
2C323170000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
15CC5370000
|
heap
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
15CC5210000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page readonly
|
||
|
225B38DB000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
2C3217F7000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
7FF87C100000
|
unkown
|
page readonly
|
||
|
AF1000
|
heap
|
page read and write
|
||
|
225B3908000
|
heap
|
page read and write
|
||
|
225B5300000
|
heap
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
2F4C57F000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
211F000
|
stack
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
7C8000
|
heap
|
page read and write
|
||
|
7FF87C138000
|
unkown
|
page readonly
|
||
|
A9B000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
225B3908000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
DD8000
|
heap
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page readonly
|
||
|
2CB3000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
15CC535F000
|
heap
|
page read and write
|
||
|
16309045000
|
heap
|
page read and write
|
||
|
7FF87C101000
|
unkown
|
page execute read
|
||
|
881E000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
2C3217F7000
|
heap
|
page read and write
|
||
|
F9F000
|
stack
|
page read and write
|
||
|
D15000
|
heap
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
7FF87C182000
|
unkown
|
page readonly
|
||
|
2C6C000
|
stack
|
page read and write
|
||
|
16309050000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
EDB000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
163090D0000
|
heap
|
page read and write
|
||
|
ADA000
|
heap
|
page read and write
|
||
|
5A70079000
|
stack
|
page read and write
|
||
|
25BD000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7FF87C187000
|
unkown
|
page readonly
|
||
|
127F000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
293B000
|
stack
|
page read and write
|
||
|
225B38B8000
|
heap
|
page read and write
|
||
|
2BEC000
|
stack
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
16309107000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
7FF87C185000
|
unkown
|
page readonly
|
||
|
D56000
|
heap
|
page read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
15CC6DF0000
|
trusted library allocation
|
page read and write
|
||
|
225B3A80000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
16309F20000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
16309049000
|
heap
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
7FF87C138000
|
unkown
|
page readonly
|
||
|
5A6FCDC000
|
stack
|
page read and write
|
||
|
2C3232D0000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
remote allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
B052DCC000
|
stack
|
page read and write
|
||
|
225B3AF0000
|
direct allocation
|
page execute and read and write
|
||
|
26ED000
|
heap
|
page read and write
|
||
|
E05000
|
heap
|
page read and write
|
||
|
2CEF000
|
stack
|
page read and write
|
||
|
A30000
|
direct allocation
|
page execute and read and write
|
||
|
B05317E000
|
stack
|
page read and write
|
||
|
16309F00000
|
heap
|
page readonly
|
||
|
225B394B000
|
heap
|
page read and write
|
||
|
16309030000
|
trusted library allocation
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
2F4C2FE000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
15CC5220000
|
heap
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
B4F000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page readonly
|
||
|
15CC5225000
|
heap
|
page read and write
|
||
|
7FF87C17E000
|
unkown
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
225B5400000
|
trusted library allocation
|
page read and write
|
||
|
7FF87C17E000
|
unkown
|
page read and write
|
||
|
AA1000
|
heap
|
page read and write
|
||
|
15CC6CDC000
|
heap
|
page read and write
|
||
|
225B3908000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
247E000
|
stack
|
page read and write
|
||
|
7FF87C100000
|
unkown
|
page readonly
|
||
|
26ED000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
16309F70000
|
trusted library allocation
|
page read and write
|
||
|
7C8000
|
heap
|
page read and write
|
||
|
7AE000
|
heap
|
page read and write
|
||
|
15CC535F000
|
heap
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
D4E000
|
heap
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
5DD0000
|
trusted library allocation
|
page read and write
|
||
|
D632CFE000
|
stack
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
AD7000
|
heap
|
page read and write
|
||
|
5A7017E000
|
stack
|
page read and write
|
||
|
104C000
|
heap
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
2C3217FE000
|
heap
|
page read and write
|
||
|
2C3232D0000
|
trusted library allocation
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
16309CB0000
|
trusted library allocation
|
page read and write
|
||
|
D28000
|
heap
|
page read and write
|
||
|
D4E000
|
heap
|
page read and write
|
||
|
7FF87C187000
|
unkown
|
page readonly
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
D73000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
2C32319C000
|
heap
|
page read and write
|
||
|
7FF87C138000
|
unkown
|
page readonly
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
AE8000
|
heap
|
page read and write
|
||
|
225B3928000
|
heap
|
page read and write
|
||
|
2C3217F7000
|
heap
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
225B3916000
|
heap
|
page read and write
|
||
|
26E6000
|
heap
|
page read and write
|
||
|
15CC6DB0000
|
heap
|
page readonly
|
||
|
E06000
|
heap
|
page read and write
|
||
|
225B38D6000
|
heap
|
page read and write
|
||
|
ADA000
|
heap
|
page read and write
|
||
|
7FF87C187000
|
unkown
|
page readonly
|
||
|
5D5E000
|
stack
|
page read and write
|
||
|
1210000
|
remote allocation
|
page read and write
|
||
|
5A701F9000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
23D0000
|
trusted library allocation
|
page read and write
|
||
|
550E000
|
stack
|
page read and write
|
||
|
15CC5399000
|
heap
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
B34000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FF87C138000
|
unkown
|
page readonly
|
||
|
AE8000
|
heap
|
page read and write
|
||
|
2669000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
1296000
|
heap
|
page read and write
|
||
|
1630910F000
|
heap
|
page read and write
|
||
|
7FF87C101000
|
unkown
|
page execute read
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
2691000
|
heap
|
page read and write
|
||
|
AE1000
|
heap
|
page read and write
|
||
|
C9B000
|
stack
|
page read and write
|
||
|
1210000
|
remote allocation
|
page read and write
|
||
|
16309EF0000
|
trusted library allocation
|
page read and write
|
||
|
A58000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
15CC5348000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
7EB000
|
heap
|
page read and write
|
||
|
2953000
|
heap
|
page read and write
|
||
|
16309F10000
|
trusted library allocation
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
7A8000
|
heap
|
page read and write
|
||
|
65D0000
|
heap
|
page read and write
|
||
|
B05307F000
|
stack
|
page read and write
|
||
|
CC0000
|
remote allocation
|
page read and write
|
||
|
225B3B55000
|
heap
|
page read and write
|
There are 555 hidden memdumps, click here to show them.