Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
jYzNEOocXJ.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\jYzNEOocXJ.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\jYzNEOocXJ.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\jYzNEOocXJ.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\jYzNEOocXJ.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\SlbehL\VFRyzv.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IGITGYfeMHnijDRfh\YUPGSgcOA.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\MTGBtRnw\JNSgzavrCOAZ.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\NiLEPseQYt\GYKBfnsNfiUmNl.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\SlbehL\VFRyzv.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\DjbPAkHwGwShv\clUEIwbdI.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\jYzNEOocXJ.dll",#1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/daynvy/lwep/gvpqtdecbbocnir/mhitp/$V
|
unknown
|
||
|
https://172.105.115.71:8080/daynvy/lwep/gvpqtdecbbocnir/mhitp/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
VFRyzv.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2A925490000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
B00000
|
direct allocation
|
page execute and read and write
|
|
|
|
1F70000
|
direct allocation
|
page execute and read and write
|
|
|
|
208C4B40000
|
direct allocation
|
page execute and read and write
|
|
|
|
2BF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1E780100000
|
direct allocation
|
page execute and read and write
|
|
|
|
C39000
|
heap
|
page read and write
|
||
|
112B000
|
heap
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
1200000
|
remote allocation
|
page read and write
|
||
|
14DE000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
1C4992E0000
|
trusted library allocation
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
208C4999000
|
heap
|
page read and write
|
||
|
2A925573000
|
heap
|
page read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
208C4890000
|
heap
|
page read and write
|
||
|
208C49D7000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
DDF000
|
heap
|
page read and write
|
||
|
2E21000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
C39000
|
heap
|
page read and write
|
||
|
1FC0000
|
heap
|
page read and write
|
||
|
2A925320000
|
heap
|
page read and write
|
||
|
2A926DDC000
|
heap
|
page read and write
|
||
|
DCB000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
150C000
|
heap
|
page read and write
|
||
|
208C4986000
|
heap
|
page read and write
|
||
|
4F6047B000
|
stack
|
page read and write
|
||
|
2A92553C000
|
heap
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
1E7F9989000
|
heap
|
page read and write
|
||
|
4D9000
|
heap
|
page read and write
|
||
|
208C499E000
|
heap
|
page read and write
|
||
|
58A0000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2530000
|
remote allocation
|
page read and write
|
||
|
2530000
|
remote allocation
|
page read and write
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
7FF875EA1000
|
unkown
|
page execute read
|
||
|
BAC000
|
heap
|
page read and write
|
||
|
1238000
|
heap
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
1E7F9989000
|
heap
|
page read and write
|
||
|
E11000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
208C6570000
|
heap
|
page read and write
|
||
|
8CA000
|
stack
|
page read and write
|
||
|
69D000
|
heap
|
page read and write
|
||
|
7FF875F27000
|
unkown
|
page readonly
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
1E7F9870000
|
heap
|
page read and write
|
||
|
260B000
|
heap
|
page read and write
|
||
|
2A925546000
|
heap
|
page read and write
|
||
|
DB5000
|
heap
|
page read and write
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
C29000
|
heap
|
page read and write
|
||
|
2A925538000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
21C9000
|
stack
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
C39000
|
heap
|
page read and write
|
||
|
4F603FE000
|
stack
|
page read and write
|
||
|
2CAF000
|
stack
|
page read and write
|
||
|
C29000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
62B0000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
FB8DA7E000
|
stack
|
page read and write
|
||
|
1E780130000
|
direct allocation
|
page execute and read and write
|
||
|
208C6360000
|
heap
|
page read and write
|
||
|
DC8000
|
heap
|
page read and write
|
||
|
B86000
|
heap
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
B73000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
1269000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
208C49E0000
|
heap
|
page read and write
|
||
|
1E780310000
|
heap
|
page read and write
|
||
|
1C4983AC000
|
heap
|
page read and write
|
||
|
BC1000
|
heap
|
page read and write
|
||
|
7FF875F1E000
|
unkown
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
1266000
|
heap
|
page read and write
|
||
|
21B3000
|
heap
|
page read and write
|
||
|
208C49B8000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
8F0000
|
remote allocation
|
page read and write
|
||
|
7FF875ED8000
|
unkown
|
page readonly
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
507000
|
heap
|
page read and write
|
||
|
7FF875F25000
|
unkown
|
page readonly
|
||
|
7FF875F22000
|
unkown
|
page readonly
|
||
|
7FF875F1E000
|
unkown
|
page read and write
|
||
|
C29000
|
heap
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
2D47000
|
stack
|
page read and write
|
||
|
78B000
|
stack
|
page read and write
|
||
|
2913000
|
heap
|
page read and write
|
||
|
B7C000
|
heap
|
page read and write
|
||
|
1E780240000
|
trusted library allocation
|
page read and write
|
||
|
F7020FE000
|
stack
|
page read and write
|
||
|
2608000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page readonly
|
||
|
7FF875EA0000
|
unkown
|
page readonly
|
||
|
BB3000
|
heap
|
page read and write
|
||
|
FB8DAFF000
|
stack
|
page read and write
|
||
|
F701EFC000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
2B9C000
|
stack
|
page read and write
|
||
|
1151000
|
heap
|
page read and write
|
||
|
1C498310000
|
heap
|
page read and write
|
||
|
507000
|
heap
|
page read and write
|
||
|
1C4983AC000
|
heap
|
page read and write
|
||
|
4F601FE000
|
stack
|
page read and write
|
||
|
1E7F994F000
|
heap
|
page read and write
|
||
|
1E780140000
|
heap
|
page readonly
|
||
|
1E7F9850000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
FB8DBF9000
|
stack
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
208C4B80000
|
heap
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
299F000
|
stack
|
page read and write
|
||
|
208C49FA000
|
heap
|
page read and write
|
||
|
BBA000
|
heap
|
page read and write
|
||
|
125D000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
2621000
|
heap
|
page read and write
|
||
|
7FF875F25000
|
unkown
|
page readonly
|
||
|
2A925523000
|
heap
|
page read and write
|
||
|
CB0000
|
remote allocation
|
page read and write
|
||
|
1C4983CC000
|
heap
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
BAC000
|
heap
|
page read and write
|
||
|
1E7F994F000
|
heap
|
page read and write
|
||
|
507000
|
heap
|
page read and write
|
||
|
2623000
|
heap
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
F88DFD000
|
stack
|
page read and write
|
||
|
1E7F9987000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
526000
|
heap
|
page read and write
|
||
|
1156000
|
heap
|
page read and write
|
||
|
C39000
|
heap
|
page read and write
|
||
|
4F6017E000
|
stack
|
page read and write
|
||
|
2A9254D0000
|
heap
|
page read and write
|
||
|
1C4984A0000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
BB3000
|
heap
|
page read and write
|
||
|
FDA000
|
stack
|
page read and write
|
||
|
FB8DC7E000
|
stack
|
page read and write
|
||
|
8F0000
|
remote allocation
|
page read and write
|
||
|
518000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
21D0000
|
trusted library allocation
|
page read and write
|
||
|
125D000
|
heap
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
2E49000
|
heap
|
page read and write
|
||
|
538000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
20C0000
|
heap
|
page readonly
|
||
|
C00000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
69D000
|
heap
|
page read and write
|
||
|
68F000
|
heap
|
page read and write
|
||
|
2A925545000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
2E48000
|
heap
|
page read and write
|
||
|
2A925549000
|
heap
|
page read and write
|
||
|
1E7F9710000
|
heap
|
page read and write
|
||
|
BB3000
|
heap
|
page read and write
|
||
|
F701FFF000
|
stack
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
7FF875F22000
|
unkown
|
page readonly
|
||
|
670000
|
heap
|
page read and write
|
||
|
208C4900000
|
heap
|
page read and write
|
||
|
1E780240000
|
trusted library allocation
|
page read and write
|
||
|
DEA000
|
heap
|
page read and write
|
||
|
52F000
|
heap
|
page read and write
|
||
|
DB5000
|
heap
|
page read and write
|
||
|
2A926EB0000
|
trusted library allocation
|
page read and write
|
||
|
C39000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
26DB000
|
stack
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
2608000
|
heap
|
page read and write
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
1E7F9938000
|
heap
|
page read and write
|
||
|
208C4992000
|
heap
|
page read and write
|
||
|
2E69000
|
heap
|
page read and write
|
||
|
208C49A2000
|
heap
|
page read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
25E1000
|
heap
|
page read and write
|
||
|
4F6037E000
|
stack
|
page read and write
|
||
|
4F600FE000
|
stack
|
page read and write
|
||
|
D23000
|
heap
|
page read and write
|
||
|
1C4983CD000
|
heap
|
page read and write
|
||
|
479000
|
stack
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
BAC000
|
heap
|
page read and write
|
||
|
2A92551D000
|
heap
|
page read and write
|
||
|
1F6F000
|
stack
|
page read and write
|
||
|
326B000
|
stack
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
4C5000
|
heap
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page read and write
|
||
|
7FF875F22000
|
unkown
|
page readonly
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
2613000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
208C4968000
|
heap
|
page read and write
|
||
|
208C4986000
|
heap
|
page read and write
|
||
|
208C49D7000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
208C49CE000
|
heap
|
page read and write
|
||
|
25FF000
|
stack
|
page read and write
|
||
|
2A925584000
|
heap
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
208C6530000
|
trusted library allocation
|
page read and write
|
||
|
7FF875F27000
|
unkown
|
page readonly
|
||
|
507000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
4AB000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
C3C000
|
heap
|
page read and write
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
115B000
|
heap
|
page read and write
|
||
|
47B000
|
stack
|
page read and write
|
||
|
7FF875F22000
|
unkown
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FF875F27000
|
unkown
|
page readonly
|
||
|
1199000
|
heap
|
page read and write
|
||
|
2A9254F0000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
direct allocation
|
page execute and read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
2A925558000
|
heap
|
page read and write
|
||
|
6C2000
|
heap
|
page read and write
|
||
|
2520000
|
trusted library allocation
|
page read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
2A926F95000
|
heap
|
page read and write
|
||
|
1E7F999B000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
BD3000
|
heap
|
page read and write
|
||
|
4F6007C000
|
stack
|
page read and write
|
||
|
55B000
|
heap
|
page read and write
|
||
|
7FF875EA1000
|
unkown
|
page execute read
|
||
|
2A925460000
|
heap
|
page read and write
|
||
|
2A925510000
|
heap
|
page read and write
|
||
|
1E7F9930000
|
heap
|
page read and write
|
||
|
2B1C000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
2A926DDC000
|
heap
|
page read and write
|
||
|
1C498560000
|
heap
|
page read and write
|
||
|
260A000
|
heap
|
page read and write
|
||
|
208C4BB5000
|
heap
|
page read and write
|
||
|
2A92552C000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
D98000
|
heap
|
page read and write
|
||
|
25C1000
|
heap
|
page read and write
|
||
|
7FF875F1E000
|
unkown
|
page read and write
|
||
|
1C4983A4000
|
heap
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
1E7F9960000
|
heap
|
page read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
7FF875F25000
|
unkown
|
page readonly
|
||
|
208C498B000
|
heap
|
page read and write
|
||
|
7FF875ED8000
|
unkown
|
page readonly
|
||
|
BA8000
|
heap
|
page read and write
|
||
|
126C000
|
heap
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
116C000
|
heap
|
page read and write
|
||
|
C39000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
7FF875EA1000
|
unkown
|
page execute read
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
F88E7E000
|
stack
|
page read and write
|
||
|
1C498565000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
C39000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
B89000
|
heap
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
1E7F9B45000
|
heap
|
page read and write
|
||
|
60BE000
|
stack
|
page read and write
|
||
|
5E40000
|
heap
|
page read and write
|
||
|
208C4999000
|
heap
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
7FF875F1E000
|
unkown
|
page read and write
|
||
|
BA8000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
7FF875EA0000
|
unkown
|
page readonly
|
||
|
7B0000
|
remote allocation
|
page read and write
|
||
|
1C4984B0000
|
trusted library allocation
|
page read and write
|
||
|
261A000
|
heap
|
page read and write
|
||
|
1C498360000
|
heap
|
page read and write
|
||
|
549000
|
heap
|
page read and write
|
||
|
2A9254C0000
|
direct allocation
|
page execute and read and write
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
1FB0000
|
heap
|
page read and write
|
||
|
1E7F994F000
|
heap
|
page read and write
|
||
|
BD3000
|
heap
|
page read and write
|
||
|
538000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
1FA0000
|
direct allocation
|
page execute and read and write
|
||
|
208C4BB0000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
F7023F9000
|
stack
|
page read and write
|
||
|
1C499280000
|
trusted library allocation
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
1200000
|
remote allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
E05000
|
heap
|
page read and write
|
||
|
B7E000
|
heap
|
page read and write
|
||
|
C35000
|
heap
|
page read and write
|
||
|
2530000
|
remote allocation
|
page read and write
|
||
|
4F6027C000
|
stack
|
page read and write
|
||
|
2E49000
|
heap
|
page read and write
|
||
|
DFC000
|
heap
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page read and write
|
||
|
1E780000000
|
heap
|
page read and write
|
||
|
7FF875F25000
|
unkown
|
page readonly
|
||
|
1255000
|
heap
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
B7E000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2E21000
|
heap
|
page read and write
|
||
|
275B000
|
stack
|
page read and write
|
||
|
1EEF000
|
stack
|
page read and write
|
||
|
20DE000
|
stack
|
page read and write
|
||
|
BAF000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
1187000
|
heap
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
7FF875F27000
|
unkown
|
page readonly
|
||
|
208C49B8000
|
heap
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
1C4981E0000
|
trusted library allocation
|
page read and write
|
||
|
DCC000
|
heap
|
page read and write
|
||
|
BD3000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FF875F25000
|
unkown
|
page readonly
|
||
|
B88000
|
heap
|
page read and write
|
||
|
1C4983AC000
|
heap
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
21D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF875F1E000
|
unkown
|
page read and write
|
||
|
7FF875EA0000
|
unkown
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
2B1C000
|
heap
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
208C49E9000
|
heap
|
page read and write
|
||
|
7FF875ED8000
|
unkown
|
page readonly
|
||
|
1179000
|
heap
|
page read and write
|
||
|
B7F000
|
heap
|
page read and write
|
||
|
C2C000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
F88EF9000
|
stack
|
page read and write
|
||
|
7FF875EA0000
|
unkown
|
page readonly
|
||
|
54CE000
|
stack
|
page read and write
|
||
|
1C498569000
|
heap
|
page read and write
|
||
|
515000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
1C499060000
|
trusted library allocation
|
page read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
F7021FE000
|
stack
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
208C49C5000
|
heap
|
page read and write
|
||
|
2A926DB0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1281000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
507000
|
heap
|
page read and write
|
||
|
208C49B8000
|
heap
|
page read and write
|
||
|
2A92554E000
|
heap
|
page read and write
|
||
|
51E000
|
heap
|
page read and write
|
||
|
208C4960000
|
heap
|
page read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
208C4920000
|
heap
|
page read and write
|
||
|
2599000
|
heap
|
page read and write
|
||
|
F8899C000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
FB8DB7E000
|
stack
|
page read and write
|
||
|
2A926F90000
|
heap
|
page read and write
|
||
|
1E7F9963000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
F7022FD000
|
stack
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
7FF875ED8000
|
unkown
|
page readonly
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
7FF875EA0000
|
unkown
|
page readonly
|
||
|
C29000
|
heap
|
page read and write
|
||
|
613E000
|
stack
|
page read and write
|
||
|
E11000
|
heap
|
page read and write
|
||
|
1C498368000
|
heap
|
page read and write
|
||
|
2E69000
|
heap
|
page read and write
|
||
|
1187000
|
heap
|
page read and write
|
||
|
DBA000
|
heap
|
page read and write
|
||
|
2C30000
|
heap
|
page readonly
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
208C49C8000
|
heap
|
page read and write
|
||
|
7FF875F27000
|
unkown
|
page readonly
|
||
|
7FF875ED8000
|
unkown
|
page readonly
|
||
|
4A0000
|
remote allocation
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
C10000
|
heap
|
page read and write
|
||
|
214E000
|
stack
|
page read and write
|
||
|
DAF000
|
heap
|
page read and write
|
||
|
69D000
|
heap
|
page read and write
|
||
|
1C499270000
|
heap
|
page readonly
|
||
|
208C49B8000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
7FF875F22000
|
unkown
|
page readonly
|
||
|
B95000
|
heap
|
page read and write
|
||
|
2C20000
|
direct allocation
|
page execute and read and write
|
||
|
25CE000
|
stack
|
page read and write
|
||
|
FB8D7BC000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
7FF875EA0000
|
unkown
|
page readonly
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
2A925538000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
CB0000
|
remote allocation
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
7FF875F27000
|
unkown
|
page readonly
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
208C6530000
|
trusted library allocation
|
page read and write
|
||
|
C29000
|
heap
|
page read and write
|
||
|
7FF875EA1000
|
unkown
|
page execute read
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
526000
|
heap
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
7FF875F22000
|
unkown
|
page readonly
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page read and write
|
||
|
1E78002C000
|
heap
|
page read and write
|
||
|
7FF875F25000
|
unkown
|
page readonly
|
||
|
1400000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
2A925573000
|
heap
|
page read and write
|
||
|
7FF875EA1000
|
unkown
|
page execute read
|
||
|
1C498570000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
FAC000
|
heap
|
page read and write
|
||
|
208C499E000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
B93000
|
heap
|
page read and write
|
||
|
208C49A2000
|
heap
|
page read and write
|
||
|
4F602F7000
|
stack
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
7FF875EA1000
|
unkown
|
page execute read
|
||
|
1259000
|
heap
|
page read and write
|
||
|
1C499290000
|
trusted library allocation
|
page read and write
|
||
|
1C498330000
|
heap
|
page read and write
|
||
|
2A925540000
|
heap
|
page read and write
|
||
|
125D000
|
heap
|
page read and write
|
||
|
258C000
|
heap
|
page read and write
|
||
|
1E7F9B40000
|
heap
|
page read and write
|
||
|
2E53000
|
heap
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
208C497E000
|
heap
|
page read and write
|
||
|
1C498550000
|
trusted library allocation
|
page read and write
|
||
|
C99000
|
stack
|
page read and write
|
||
|
F88D79000
|
stack
|
page read and write
|
||
|
208C638D000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
1C498510000
|
trusted library allocation
|
page read and write
|
||
|
7FF875ED8000
|
unkown
|
page readonly
|
||
|
7B0000
|
remote allocation
|
page read and write
|
||
|
208C49D5000
|
heap
|
page read and write
|
||
|
2520000
|
trusted library allocation
|
page read and write
|
||
|
BAC000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
1C4981D0000
|
heap
|
page read and write
|
||
|
208C4B70000
|
direct allocation
|
page execute and read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
208C49B8000
|
heap
|
page read and write
|
||
|
507000
|
heap
|
page read and write
|
||
|
2A925538000
|
heap
|
page read and write
|
||
|
B7A000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2A926F10000
|
heap
|
page read and write
|
||
|
7FF875F1E000
|
unkown
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
There are 534 hidden memdumps, click here to show them.