Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BiiRGnhWx8.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\BiiRGnhWx8.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\BiiRGnhWx8.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\BiiRGnhWx8.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\BiiRGnhWx8.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\YqXIJg\DVtVhKE.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\TgFfmbMXYVib\UjQs.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\OHxoym\IFbwNJIPHCLRsyw.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\NXFhDxP\qQByLosQZRktrA.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\YqXIJg\DVtVhKE.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\TJwwRjRVRG\fmtWLlvSoR.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\JEHCjtepagfsrQz\jHBB.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HdSKRzl\HIWJamnkzbbhMRYe.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IDqnZePrFBC\qFcZEWbJbr.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\FTRWInMVKbBAM\OqXi.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\JEHCjtepagfsrQz\jHBB.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\CFQcAaf\alGqQjfnqeipsC.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\BiiRGnhWx8.dll",#1
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/exxsavonh/eocojilqywj/zliicjm/hatbre/b
|
unknown
|
||
|
http://ctl2.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/exxsavonh/eocojilqywj/zliicjm/hatbre/
|
unknown
|
||
|
https://112.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/s.dll
|
unknown
|
||
|
https://172.105.115.71:8080/fhbapco/qwoqdrltpngtcons/xmltlyltysiyxdbk/rxucyoknpgrotxw/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
windowsupdatebg.s.llnwi.net
|
178.79.242.0
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
DVtVhKE.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
jHBB.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1A76F930000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1270000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1A790D80000
|
direct allocation
|
page execute and read and write
|
|
|
|
21EE5EB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
F10000
|
direct allocation
|
page execute and read and write
|
|
|
|
1030000
|
direct allocation
|
page execute and read and write
|
|
|
|
36F51FE000
|
stack
|
page read and write
|
||
|
1A76F737000
|
heap
|
page read and write
|
||
|
1A76F74E000
|
heap
|
page read and write
|
||
|
1A76F9B0000
|
trusted library allocation
|
page read and write
|
||
|
1426000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
133F000
|
stack
|
page read and write
|
||
|
CDE000
|
heap
|
page read and write
|
||
|
13B8000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
CD7000
|
heap
|
page read and write
|
||
|
954F67E000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
111E000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
7FFA0AEE8000
|
unkown
|
page readonly
|
||
|
839B8FE000
|
stack
|
page read and write
|
||
|
310000
|
heap
|
page read and write
|
||
|
1A7711FC000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
21EE5EE0000
|
direct allocation
|
page execute and read and write
|
||
|
7FFA0AF35000
|
unkown
|
page readonly
|
||
|
1A76F760000
|
heap
|
page read and write
|
||
|
1A790DDB000
|
heap
|
page read and write
|
||
|
21EE4490000
|
heap
|
page read and write
|
||
|
21EE4705000
|
heap
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
2681000
|
heap
|
page read and write
|
||
|
C88000
|
heap
|
page read and write
|
||
|
26CC000
|
heap
|
page read and write
|
||
|
1A76F79A000
|
heap
|
page read and write
|
||
|
839B6FE000
|
stack
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
12C6000
|
heap
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
20DE000
|
stack
|
page read and write
|
||
|
CCE000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
21EE4539000
|
heap
|
page read and write
|
||
|
12CE000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
21EE44FF000
|
heap
|
page read and write
|
||
|
310000
|
remote allocation
|
page read and write
|
||
|
310000
|
remote allocation
|
page read and write
|
||
|
5FA0000
|
trusted library allocation
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
CD7000
|
heap
|
page read and write
|
||
|
142F000
|
heap
|
page read and write
|
||
|
D0E000
|
heap
|
page read and write
|
||
|
1437000
|
heap
|
page read and write
|
||
|
310F000
|
heap
|
page read and write
|
||
|
262E000
|
stack
|
page read and write
|
||
|
1126000
|
heap
|
page read and write
|
||
|
36F537E000
|
stack
|
page read and write
|
||
|
A7B000
|
stack
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
7E4000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
839BAFD000
|
stack
|
page read and write
|
||
|
1126000
|
heap
|
page read and write
|
||
|
1A76FA25000
|
heap
|
page read and write
|
||
|
2E9000
|
stack
|
page read and write
|
||
|
279D000
|
stack
|
page read and write
|
||
|
D21000
|
heap
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
21EE4350000
|
heap
|
page read and write
|
||
|
7FFA0AEE8000
|
unkown
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1A790DEB000
|
heap
|
page read and write
|
||
|
1A790CE0000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
1107000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
7FFA0AEE8000
|
unkown
|
page readonly
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
1A76F788000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
1A76F75F000
|
heap
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
3F0000
|
remote allocation
|
page read and write
|
||
|
EEB000
|
stack
|
page read and write
|
||
|
21EE4510000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
D51000
|
heap
|
page read and write
|
||
|
1A76F74E000
|
heap
|
page read and write
|
||
|
7FFA0AF32000
|
unkown
|
page readonly
|
||
|
954F6FF000
|
stack
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
21EE44E9000
|
heap
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
21EE4512000
|
heap
|
page read and write
|
||
|
1A792830000
|
heap
|
page read and write
|
||
|
7FFA0AF35000
|
unkown
|
page readonly
|
||
|
7FFA0AEB0000
|
unkown
|
page readonly
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
7FFA0AF2E000
|
unkown
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
1A76F970000
|
heap
|
page readonly
|
||
|
7FFA0AEB0000
|
unkown
|
page readonly
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
12C6000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
72C000
|
heap
|
page read and write
|
||
|
AD0000
|
remote allocation
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
1A76F9B0000
|
trusted library allocation
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7C8000
|
heap
|
page read and write
|
||
|
281B000
|
stack
|
page read and write
|
||
|
26C8000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
1A792720000
|
heap
|
page read and write
|
||
|
12C7000
|
heap
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
7FFA0AF37000
|
unkown
|
page readonly
|
||
|
1060000
|
direct allocation
|
page execute and read and write
|
||
|
1295000
|
heap
|
page read and write
|
||
|
CFE000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
115B000
|
heap
|
page read and write
|
||
|
1437000
|
heap
|
page read and write
|
||
|
1298000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
CD5000
|
heap
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
1A790E12000
|
heap
|
page read and write
|
||
|
13E8000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
36F547B000
|
stack
|
page read and write
|
||
|
12E1000
|
heap
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
21EE462C000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
954F3DC000
|
stack
|
page read and write
|
||
|
A90000
|
remote allocation
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
21EE6000000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
21EE44FF000
|
heap
|
page read and write
|
||
|
36F517F000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
F45000
|
heap
|
page read and write
|
||
|
7FFA0AF32000
|
unkown
|
page readonly
|
||
|
1A76F730000
|
heap
|
page read and write
|
||
|
1A790DC3000
|
heap
|
page read and write
|
||
|
CAF000
|
heap
|
page read and write
|
||
|
1A76F768000
|
heap
|
page read and write
|
||
|
1A76F680000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
12AF000
|
heap
|
page read and write
|
||
|
36F52FC000
|
stack
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
26CC000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
53CE000
|
stack
|
page read and write
|
||
|
7FFA0AEB1000
|
unkown
|
page execute read
|
||
|
D56000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
1A792850000
|
trusted library allocation
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
CF9000
|
heap
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
1473000
|
heap
|
page read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
D06000
|
heap
|
page read and write
|
||
|
1A76F75D000
|
heap
|
page read and write
|
||
|
1A792850000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
CD7000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
1A790DDE000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
1A790DD7000
|
heap
|
page read and write
|
||
|
339B000
|
stack
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
811000
|
heap
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1A790E23000
|
heap
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
954F77F000
|
stack
|
page read and write
|
||
|
CAD000
|
heap
|
page read and write
|
||
|
D0A000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
1A790DE4000
|
heap
|
page read and write
|
||
|
CEF000
|
heap
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
21EE44B0000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
112F000
|
heap
|
page read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
811000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
121F000
|
stack
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
1A790E12000
|
heap
|
page read and write
|
||
|
12E9000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
12C6000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
954F8FE000
|
stack
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
26DA000
|
heap
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
145B000
|
heap
|
page read and write
|
||
|
21EE4539000
|
heap
|
page read and write
|
||
|
7FFA0AF2E000
|
unkown
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2718000
|
heap
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
1A76F710000
|
heap
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
1A7711D0000
|
heap
|
page read and write
|
||
|
CBF000
|
heap
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
7FFA0AF2E000
|
unkown
|
page read and write
|
||
|
7FFA0AEB1000
|
unkown
|
page execute read
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
1A790DBD000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
7FFA0AF32000
|
unkown
|
page readonly
|
||
|
2F47000
|
stack
|
page read and write
|
||
|
1A790DF7000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
7FFA0AEB1000
|
unkown
|
page execute read
|
||
|
7FFA0AF2E000
|
unkown
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
13E3000
|
heap
|
page read and write
|
||
|
CFD000
|
heap
|
page read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
21EE5EF0000
|
heap
|
page readonly
|
||
|
1124000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
ABA000
|
stack
|
page read and write
|
||
|
21EE4700000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
21EE454B000
|
heap
|
page read and write
|
||
|
7FFA0AEB1000
|
unkown
|
page execute read
|
||
|
2C60000
|
remote allocation
|
page read and write
|
||
|
26F8000
|
heap
|
page read and write
|
||
|
954F879000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
1A792E10000
|
heap
|
page read and write
|
||
|
2C5C000
|
stack
|
page read and write
|
||
|
12E1000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7FFA0AEB0000
|
unkown
|
page readonly
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
21EE5FE0000
|
heap
|
page read and write
|
||
|
CCE000
|
heap
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
7FFA0AF35000
|
unkown
|
page readonly
|
||
|
1A76F6F0000
|
heap
|
page read and write
|
||
|
7FFA0AF32000
|
unkown
|
page readonly
|
||
|
1A76F74E000
|
heap
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
A90000
|
remote allocation
|
page read and write
|
||
|
7FFA0AF37000
|
unkown
|
page readonly
|
||
|
D04000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
2680000
|
heap
|
page read and write
|
||
|
14D5000
|
heap
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
1149000
|
heap
|
page read and write
|
||
|
21EE4527000
|
heap
|
page read and write
|
||
|
AD0000
|
remote allocation
|
page read and write
|
||
|
1A79274C000
|
heap
|
page read and write
|
||
|
7FFA0AEB0000
|
unkown
|
page readonly
|
||
|
821000
|
heap
|
page read and write
|
||
|
1A771420000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
805000
|
heap
|
page read and write
|
||
|
1A790DE4000
|
heap
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
3C9000
|
stack
|
page read and write
|
||
|
7FFA0AF37000
|
unkown
|
page readonly
|
||
|
21EE4538000
|
heap
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
1A790D50000
|
heap
|
page read and write
|
||
|
D0C000
|
heap
|
page read and write
|
||
|
1A790DDE000
|
heap
|
page read and write
|
||
|
7FFA0AF32000
|
unkown
|
page readonly
|
||
|
D56000
|
heap
|
page read and write
|
||
|
20EE000
|
stack
|
page read and write
|
||
|
1A792995000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
1118000
|
heap
|
page read and write
|
||
|
36F507C000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
21EE44E0000
|
heap
|
page read and write
|
||
|
D0A000
|
heap
|
page read and write
|
||
|
D21000
|
heap
|
page read and write
|
||
|
1A79274C000
|
heap
|
page read and write
|
||
|
2703000
|
heap
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
26A1000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FFA0AF35000
|
unkown
|
page readonly
|
||
|
CED000
|
heap
|
page read and write
|
||
|
839B7FE000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
264C000
|
heap
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
EBB000
|
stack
|
page read and write
|
||
|
1A790DD7000
|
heap
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2659000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
2BDC000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1A790DEC000
|
heap
|
page read and write
|
||
|
1A76F757000
|
heap
|
page read and write
|
||
|
CBF000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
7FFA0AF2E000
|
unkown
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
7FFA0AEB0000
|
unkown
|
page readonly
|
||
|
36F5277000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
675000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
D37000
|
heap
|
page read and write
|
||
|
7FFA0AF37000
|
unkown
|
page readonly
|
||
|
7DF000
|
heap
|
page read and write
|
||
|
CD5000
|
heap
|
page read and write
|
||
|
CCE000
|
heap
|
page read and write
|
||
|
21EE4600000
|
heap
|
page read and write
|
||
|
CBE000
|
heap
|
page read and write
|
||
|
1449000
|
heap
|
page read and write
|
||
|
1A76F755000
|
heap
|
page read and write
|
||
|
CD7000
|
heap
|
page read and write
|
||
|
CCE000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
7FFA0AF35000
|
unkown
|
page readonly
|
||
|
C60000
|
direct allocation
|
page execute and read and write
|
||
|
7FFA0AEB0000
|
unkown
|
page readonly
|
||
|
2F28000
|
heap
|
page read and write
|
||
|
CFD000
|
heap
|
page read and write
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
7FFA0AEE8000
|
unkown
|
page readonly
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page readonly
|
||
|
CAD000
|
heap
|
page read and write
|
||
|
7FFA0AF32000
|
unkown
|
page readonly
|
||
|
839B3AC000
|
stack
|
page read and write
|
||
|
14DC000
|
heap
|
page read and write
|
||
|
36F50FE000
|
stack
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
2CEC000
|
stack
|
page read and write
|
||
|
2123000
|
heap
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
140A000
|
heap
|
page read and write
|
||
|
CFD000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page readonly
|
||
|
D21000
|
heap
|
page read and write
|
||
|
CAD000
|
heap
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page read and write
|
||
|
1A76F75F000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1A790DE5000
|
heap
|
page read and write
|
||
|
13FD000
|
heap
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
67C000
|
heap
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
1A790DB0000
|
heap
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
CD7000
|
heap
|
page read and write
|
||
|
954F7FE000
|
stack
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
1A76F788000
|
heap
|
page read and write
|
||
|
2E7D000
|
stack
|
page read and write
|
||
|
1436000
|
heap
|
page read and write
|
||
|
26C8000
|
heap
|
page read and write
|
||
|
10AB000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
7FFA0AEB1000
|
unkown
|
page execute read
|
||
|
12A0000
|
direct allocation
|
page execute and read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page readonly
|
||
|
2700000
|
heap
|
page read and write
|
||
|
230000
|
heap
|
page read and write
|
||
|
12C6000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
2ECD000
|
stack
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
7FFA0AF37000
|
unkown
|
page readonly
|
||
|
811000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
80B000
|
heap
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
1A76F960000
|
direct allocation
|
page execute and read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
F8C000
|
heap
|
page read and write
|
||
|
1429000
|
heap
|
page read and write
|
||
|
F20000
|
remote allocation
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
21EE6000000
|
trusted library allocation
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
839B9F9000
|
stack
|
page read and write
|
||
|
7FFA0AEE8000
|
unkown
|
page readonly
|
||
|
1A792820000
|
direct allocation
|
page execute and read and write
|
||
|
D21000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1A76F75D000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
1A76FA20000
|
heap
|
page read and write
|
||
|
811000
|
heap
|
page read and write
|
||
|
1A790DD7000
|
heap
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
7FFA0AF35000
|
unkown
|
page readonly
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
CDF000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
7D8000
|
heap
|
page read and write
|
||
|
12BA000
|
heap
|
page read and write
|
||
|
3F0000
|
remote allocation
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
21EE44FF000
|
heap
|
page read and write
|
||
|
26CD000
|
heap
|
page read and write
|
||
|
2CE9000
|
stack
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
36F53FE000
|
stack
|
page read and write
|
||
|
7FFA0AF2E000
|
unkown
|
page read and write
|
||
|
2C60000
|
remote allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
7FFA0AEB1000
|
unkown
|
page execute read
|
||
|
1A792990000
|
heap
|
page read and write
|
||
|
F20000
|
remote allocation
|
page read and write
|
||
|
D07000
|
heap
|
page read and write
|
||
|
25F0000
|
trusted library allocation
|
page read and write
|
||
|
2F4F000
|
heap
|
page read and write
|
||
|
146C000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
7FFA0AF37000
|
unkown
|
page readonly
|
||
|
D04000
|
heap
|
page read and write
|
||
|
2C60000
|
remote allocation
|
page read and write
|
||
|
7FFA0AEE8000
|
unkown
|
page readonly
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
CC3000
|
heap
|
page read and write
|
||
|
1449000
|
heap
|
page read and write
|
||
|
2223000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
There are 522 hidden memdumps, click here to show them.