Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
jYzNEOocXJ.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\jYzNEOocXJ.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\jYzNEOocXJ.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\jYzNEOocXJ.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\jYzNEOocXJ.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\YhqMukqR\WKPbtCt.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\CnOJxSOHoIZ\XLOPNLSQKFeGDobG.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LeIpJFXeWNrKp\WDkCewjz.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\JrmcekIAugfRaJga\wZoiQYtaqTdQWiU.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\YhqMukqR\WKPbtCt.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\QsPhJsYAcWyHWDlz\rCROaieYUHXY.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\SlbehL\VFRyzv.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IGITGYfeMHnijDRfh\YUPGSgcOA.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\MTGBtRnw\JNSgzavrCOAZ.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\NiLEPseQYt\GYKBfnsNfiUmNl.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\SlbehL\VFRyzv.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\DjbPAkHwGwShv\clUEIwbdI.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\jYzNEOocXJ.dll",#1
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/li.dll
|
unknown
|
||
|
https://172.105.115.71:8080/bdelrzrlgxme/diymyxue/
|
unknown
|
||
|
https://112.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/bdelrzrlgxme/diymyxue/tJZyzW
|
unknown
|
||
|
https://172.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/daynvy/lwep/gvpqtdecbbocnir/mhitp/$V
|
unknown
|
||
|
https://172.105.115.71:8080/daynvy/lwep/gvpqtdecbbocnir/mhitp/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
WKPbtCt.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
VFRyzv.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2600000
|
direct allocation
|
page execute and read and write
|
|
|
|
23F52B30000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1060000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
E60000
|
direct allocation
|
page execute and read and write
|
|
|
|
1A258030000
|
direct allocation
|
page execute and read and write
|
|
|
|
27431870000
|
direct allocation
|
page execute and read and write
|
|
|
|
112C000
|
heap
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
2742FDE0000
|
heap
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FF875F3E000
|
unkown
|
page read and write
|
||
|
C28000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FF875F45000
|
unkown
|
page readonly
|
||
|
1D7E43F0000
|
trusted library allocation
|
page read and write
|
||
|
27BDAF9000
|
stack
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
3AD43BE000
|
stack
|
page read and write
|
||
|
7FF875F45000
|
unkown
|
page readonly
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
EA1000
|
heap
|
page read and write
|
||
|
1A2566AA000
|
heap
|
page read and write
|
||
|
E58000
|
heap
|
page read and write
|
||
|
F08000
|
heap
|
page read and write
|
||
|
2B39000
|
heap
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
27BDA7E000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
110C000
|
heap
|
page read and write
|
||
|
A341EFF000
|
stack
|
page read and write
|
||
|
1A256668000
|
heap
|
page read and write
|
||
|
7FF875F47000
|
unkown
|
page readonly
|
||
|
E90000
|
heap
|
page read and write
|
||
|
23F510D8000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
23F52A5C000
|
heap
|
page read and write
|
||
|
27431990000
|
trusted library allocation
|
page read and write
|
||
|
1D7E44C9000
|
heap
|
page read and write
|
||
|
E5D000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
2AFE000
|
stack
|
page read and write
|
||
|
1A256679000
|
heap
|
page read and write
|
||
|
1113000
|
heap
|
page read and write
|
||
|
2742FE1F000
|
heap
|
page read and write
|
||
|
2743179C000
|
heap
|
page read and write
|
||
|
E9B000
|
heap
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
5BA0000
|
heap
|
page read and write
|
||
|
12EA000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
110C000
|
heap
|
page read and write
|
||
|
E54000
|
heap
|
page read and write
|
||
|
1A256636000
|
heap
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
10D0000
|
remote allocation
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
7FF875EC1000
|
unkown
|
page execute read
|
||
|
23F510F8000
|
heap
|
page read and write
|
||
|
2B61000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
2742FE00000
|
heap
|
page read and write
|
||
|
10FF000
|
heap
|
page read and write
|
||
|
F1F000
|
heap
|
page read and write
|
||
|
7FF875EF8000
|
unkown
|
page readonly
|
||
|
E65000
|
heap
|
page read and write
|
||
|
12EE000
|
heap
|
page read and write
|
||
|
7467E7B000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
C79000
|
heap
|
page read and write
|
||
|
23F51113000
|
heap
|
page read and write
|
||
|
1151000
|
heap
|
page read and write
|
||
|
333B000
|
stack
|
page read and write
|
||
|
1A256685000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page readonly
|
||
|
E60000
|
heap
|
page read and write
|
||
|
10EE000
|
heap
|
page read and write
|
||
|
1D7E4290000
|
heap
|
page read and write
|
||
|
2833000
|
heap
|
page read and write
|
||
|
1125000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
F39000
|
heap
|
page read and write
|
||
|
23F51124000
|
heap
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
2742FE30000
|
heap
|
page read and write
|
||
|
11A7000
|
heap
|
page read and write
|
||
|
5AA000
|
stack
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
1A25663C000
|
heap
|
page read and write
|
||
|
1A256643000
|
heap
|
page read and write
|
||
|
1D7E42AE000
|
heap
|
page read and write
|
||
|
12F6000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1D7E4080000
|
trusted library allocation
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
1295000
|
heap
|
page read and write
|
||
|
7FF875F3E000
|
unkown
|
page read and write
|
||
|
1113000
|
heap
|
page read and write
|
||
|
1A256643000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
1A256618000
|
heap
|
page read and write
|
||
|
23F510D8000
|
heap
|
page read and write
|
||
|
7FF875EF8000
|
unkown
|
page readonly
|
||
|
23F52BB0000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
12D5000
|
heap
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
2742FE08000
|
heap
|
page read and write
|
||
|
23F52B90000
|
trusted library allocation
|
page read and write
|
||
|
1A25663F000
|
heap
|
page read and write
|
||
|
86EF000
|
stack
|
page read and write
|
||
|
2BB9000
|
heap
|
page read and write
|
||
|
2B81000
|
heap
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
1A258070000
|
heap
|
page readonly
|
||
|
7FF875F47000
|
unkown
|
page readonly
|
||
|
5D2F000
|
stack
|
page read and write
|
||
|
A3422FE000
|
stack
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
1A25663E000
|
heap
|
page read and write
|
||
|
33B9000
|
heap
|
page read and write
|
||
|
7FF875F47000
|
unkown
|
page readonly
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
1090000
|
direct allocation
|
page execute and read and write
|
||
|
7FF875F45000
|
unkown
|
page readonly
|
||
|
5D0000
|
remote allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
7FF875EC1000
|
unkown
|
page execute read
|
||
|
1197000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
74679BF000
|
stack
|
page read and write
|
||
|
23F510E9000
|
heap
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
7FF875EF8000
|
unkown
|
page readonly
|
||
|
4580000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
240D000
|
stack
|
page read and write
|
||
|
1270000
|
remote allocation
|
page read and write
|
||
|
7FF875F47000
|
unkown
|
page readonly
|
||
|
1D7E428E000
|
heap
|
page read and write
|
||
|
23F530A0000
|
heap
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
1A256687000
|
heap
|
page read and write
|
||
|
1A256668000
|
heap
|
page read and write
|
||
|
7FF875EC1000
|
unkown
|
page execute read
|
||
|
110D000
|
heap
|
page read and write
|
||
|
C68000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
12F6000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1D7E4410000
|
trusted library allocation
|
page read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
7FF875F45000
|
unkown
|
page readonly
|
||
|
2742FE55000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
11F0000
|
direct allocation
|
page execute and read and write
|
||
|
2742FE5B000
|
heap
|
page read and write
|
||
|
2630000
|
heap
|
page readonly
|
||
|
1150000
|
heap
|
page read and write
|
||
|
A3421F9000
|
stack
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
1A256730000
|
heap
|
page read and write
|
||
|
27431770000
|
heap
|
page read and write
|
||
|
1A256636000
|
heap
|
page read and write
|
||
|
B10000
|
remote allocation
|
page read and write
|
||
|
7FF875F45000
|
unkown
|
page readonly
|
||
|
1105000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
7FF875F3E000
|
unkown
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
27BDB79000
|
stack
|
page read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
115B000
|
heap
|
page read and write
|
||
|
1A2564D0000
|
heap
|
page read and write
|
||
|
1A25667E000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
1D7E42A8000
|
heap
|
page read and write
|
||
|
7FF875EC0000
|
unkown
|
page readonly
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
1D7E4FC0000
|
trusted library allocation
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
27BD9FA000
|
stack
|
page read and write
|
||
|
2BF9000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
10EE000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
10B9000
|
stack
|
page read and write
|
||
|
C56000
|
heap
|
page read and write
|
||
|
11EC000
|
heap
|
page read and write
|
||
|
3AD433C000
|
stack
|
page read and write
|
||
|
23F510D8000
|
heap
|
page read and write
|
||
|
1D7E43B0000
|
trusted library allocation
|
page read and write
|
||
|
23F52A65000
|
heap
|
page read and write
|
||
|
7FF875EF8000
|
unkown
|
page readonly
|
||
|
E20000
|
remote allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
10FA000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
7FF875EC0000
|
unkown
|
page readonly
|
||
|
7FF875F42000
|
unkown
|
page readonly
|
||
|
1197000
|
heap
|
page read and write
|
||
|
5D0000
|
remote allocation
|
page read and write
|
||
|
414F000
|
stack
|
page read and write
|
||
|
8EB000
|
heap
|
page read and write
|
||
|
12F6000
|
heap
|
page read and write
|
||
|
1D7E44C0000
|
heap
|
page read and write
|
||
|
110E000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
A7B000
|
stack
|
page read and write
|
||
|
1D7E44D0000
|
trusted library allocation
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
E66000
|
heap
|
page read and write
|
||
|
5F7F000
|
stack
|
page read and write
|
||
|
3AD46FF000
|
stack
|
page read and write
|
||
|
7FF875F45000
|
unkown
|
page readonly
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
84EF000
|
stack
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
2BA8000
|
heap
|
page read and write
|
||
|
23F51090000
|
heap
|
page read and write
|
||
|
1D7E44C5000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
12F6000
|
heap
|
page read and write
|
||
|
1D7E4420000
|
trusted library allocation
|
page read and write
|
||
|
E9B000
|
heap
|
page read and write
|
||
|
7FF875F42000
|
unkown
|
page readonly
|
||
|
10FE000
|
heap
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
24FF000
|
stack
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
B10000
|
remote allocation
|
page read and write
|
||
|
7FF875F3E000
|
unkown
|
page read and write
|
||
|
23F510CC000
|
heap
|
page read and write
|
||
|
7FF875EF8000
|
unkown
|
page readonly
|
||
|
23F510ED000
|
heap
|
page read and write
|
||
|
7FF875F47000
|
unkown
|
page readonly
|
||
|
8DD000
|
heap
|
page read and write
|
||
|
E86000
|
heap
|
page read and write
|
||
|
23F510E6000
|
heap
|
page read and write
|
||
|
1D7E4470000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FF875EF8000
|
unkown
|
page readonly
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
7FF875EC1000
|
unkown
|
page execute read
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
23F510FA000
|
heap
|
page read and write
|
||
|
A3420FE000
|
stack
|
page read and write
|
||
|
1D7E4400000
|
heap
|
page readonly
|
||
|
23F510FA000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
2742FD60000
|
heap
|
page read and write
|
||
|
2BB4000
|
heap
|
page read and write
|
||
|
E9B000
|
heap
|
page read and write
|
||
|
E9B000
|
heap
|
page read and write
|
||
|
1D7E4252000
|
heap
|
page read and write
|
||
|
23F510E5000
|
heap
|
page read and write
|
||
|
2533000
|
heap
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1108000
|
heap
|
page read and write
|
||
|
2BB4000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
E81000
|
heap
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
A341BEC000
|
stack
|
page read and write
|
||
|
1A256915000
|
heap
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
2500000
|
heap
|
page read and write
|
||
|
10C8000
|
heap
|
page read and write
|
||
|
274319D0000
|
heap
|
page read and write
|
||
|
1D7E428E000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
7FF875F42000
|
unkown
|
page readonly
|
||
|
7FF875EC1000
|
unkown
|
page execute read
|
||
|
C45000
|
heap
|
page read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
115B000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
8DD000
|
heap
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
1A257F30000
|
heap
|
page read and write
|
||
|
115B000
|
heap
|
page read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
2742FE1F000
|
heap
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
866E000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
1D7E4291000
|
heap
|
page read and write
|
||
|
1A256668000
|
heap
|
page read and write
|
||
|
F16000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
F16000
|
heap
|
page read and write
|
||
|
746793F000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page readonly
|
||
|
1D7E41D0000
|
heap
|
page read and write
|
||
|
2BB4000
|
heap
|
page read and write
|
||
|
27BD979000
|
stack
|
page read and write
|
||
|
3341000
|
heap
|
page read and write
|
||
|
1151000
|
heap
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
1128000
|
heap
|
page read and write
|
||
|
7FF875EC1000
|
unkown
|
page execute read
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
E5D000
|
heap
|
page read and write
|
||
|
23F510B0000
|
heap
|
page read and write
|
||
|
12EE000
|
heap
|
page read and write
|
||
|
27BD5DB000
|
stack
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
12DF000
|
heap
|
page read and write
|
||
|
7FF875F42000
|
unkown
|
page readonly
|
||
|
7FF875EC0000
|
unkown
|
page readonly
|
||
|
E4F000
|
heap
|
page read and write
|
||
|
1A256690000
|
heap
|
page read and write
|
||
|
33D9000
|
heap
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
7FF875F42000
|
unkown
|
page readonly
|
||
|
876B000
|
stack
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
2742FDD0000
|
direct allocation
|
page execute and read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
10FE000
|
heap
|
page read and write
|
||
|
23F52B60000
|
direct allocation
|
page execute and read and write
|
||
|
1D7E4248000
|
heap
|
page read and write
|
||
|
2640000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
direct allocation
|
page execute and read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1103000
|
heap
|
page read and write
|
||
|
12C8000
|
heap
|
page read and write
|
||
|
A341FFF000
|
stack
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
12FC000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
1A256635000
|
heap
|
page read and write
|
||
|
1A256687000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2BB4000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
1A258060000
|
direct allocation
|
page execute and read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
7FF875F3E000
|
unkown
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
E89000
|
heap
|
page read and write
|
||
|
111D000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
3AD47F9000
|
stack
|
page read and write
|
||
|
1A25663C000
|
heap
|
page read and write
|
||
|
E20000
|
remote allocation
|
page read and write
|
||
|
111C000
|
heap
|
page read and write
|
||
|
129C000
|
heap
|
page read and write
|
||
|
12EE000
|
heap
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
1A256910000
|
heap
|
page read and write
|
||
|
8DD000
|
heap
|
page read and write
|
||
|
1A2580B0000
|
trusted library allocation
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
23F510EB000
|
heap
|
page read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
1A2580B0000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
2742FE1F000
|
heap
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
1A256610000
|
heap
|
page read and write
|
||
|
856E000
|
stack
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
EB5000
|
heap
|
page read and write
|
||
|
1A2580E0000
|
heap
|
page read and write
|
||
|
1A257F5D000
|
heap
|
page read and write
|
||
|
2742FE59000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
23F52BA0000
|
heap
|
page read and write
|
||
|
BEC000
|
heap
|
page read and write
|
||
|
E7D000
|
heap
|
page read and write
|
||
|
3AD477E000
|
stack
|
page read and write
|
||
|
E81000
|
heap
|
page read and write
|
||
|
1A256668000
|
heap
|
page read and write
|
||
|
2BD8000
|
heap
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
7FF875F42000
|
unkown
|
page readonly
|
||
|
23F51020000
|
heap
|
page read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
E5D000
|
heap
|
page read and write
|
||
|
C04000
|
heap
|
page read and write
|
||
|
2CFB000
|
stack
|
page read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
C5F000
|
heap
|
page read and write
|
||
|
12F6000
|
heap
|
page read and write
|
||
|
D10000
|
remote allocation
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1D7E4340000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2742FE48000
|
heap
|
page read and write
|
||
|
1144000
|
heap
|
page read and write
|
||
|
1D7E4350000
|
trusted library allocation
|
page read and write
|
||
|
1D7E4070000
|
heap
|
page read and write
|
||
|
2BF9000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
23F510C3000
|
heap
|
page read and write
|
||
|
1151000
|
heap
|
page read and write
|
||
|
10D0000
|
remote allocation
|
page read and write
|
||
|
7467DFE000
|
stack
|
page read and write
|
||
|
1D7E429B000
|
heap
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
115B000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
2742FE6B000
|
heap
|
page read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
3AD487E000
|
stack
|
page read and write
|
||
|
12EE000
|
heap
|
page read and write
|
||
|
23F52BA5000
|
heap
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
2B2C000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
7FF875EC0000
|
unkown
|
page readonly
|
||
|
B40000
|
heap
|
page read and write
|
||
|
CEB000
|
stack
|
page read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
2BCA000
|
heap
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
AEA000
|
stack
|
page read and write
|
||
|
7FF875F47000
|
unkown
|
page readonly
|
||
|
F28000
|
heap
|
page read and write
|
||
|
33B9000
|
heap
|
page read and write
|
||
|
1151000
|
heap
|
page read and write
|
||
|
338F000
|
heap
|
page read and write
|
||
|
BBB000
|
stack
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
C4D000
|
heap
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
7467D7E000
|
stack
|
page read and write
|
||
|
1D7E4240000
|
heap
|
page read and write
|
||
|
12F6000
|
heap
|
page read and write
|
||
|
7467CF7000
|
stack
|
page read and write
|
||
|
2C7C000
|
stack
|
page read and write
|
||
|
10FC000
|
heap
|
page read and write
|
||
|
110C000
|
heap
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
23F51113000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
8DD000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1A256644000
|
heap
|
page read and write
|
||
|
1D7E4287000
|
heap
|
page read and write
|
||
|
D10000
|
remote allocation
|
page read and write
|
||
|
85E7000
|
stack
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
1146000
|
heap
|
page read and write
|
||
|
5CE0000
|
trusted library allocation
|
page read and write
|
||
|
10EE000
|
heap
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
1D7E41B0000
|
heap
|
page read and write
|
||
|
2953000
|
heap
|
page read and write
|
||
|
2742FDF5000
|
heap
|
page read and write
|
||
|
1A256676000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
1A256668000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
800000
|
heap
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
E70000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
3368000
|
heap
|
page read and write
|
||
|
313D000
|
stack
|
page read and write
|
||
|
E7D000
|
heap
|
page read and write
|
||
|
1270000
|
remote allocation
|
page read and write
|
||
|
31BC000
|
stack
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
7467C7C000
|
stack
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
C68000
|
heap
|
page read and write
|
||
|
2BA8000
|
heap
|
page read and write
|
||
|
114B000
|
heap
|
page read and write
|
||
|
74678BC000
|
stack
|
page read and write
|
||
|
28EF000
|
stack
|
page read and write
|
||
|
1A256710000
|
heap
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
7FF875EC0000
|
unkown
|
page readonly
|
||
|
113E000
|
heap
|
page read and write
|
||
|
E81000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
1263000
|
heap
|
page read and write
|
||
|
30BC000
|
stack
|
page read and write
|
||
|
F4B000
|
heap
|
page read and write
|
||
|
23F52A30000
|
heap
|
page read and write
|
||
|
110E000
|
heap
|
page read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
1D7E4290000
|
heap
|
page read and write
|
||
|
7FF875EC0000
|
unkown
|
page readonly
|
||
|
23F52A5C000
|
heap
|
page read and write
|
||
|
1A25662E000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
115B000
|
heap
|
page read and write
|
||
|
2B79000
|
stack
|
page read and write
|
||
|
296F000
|
stack
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
1311000
|
heap
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
3548000
|
heap
|
page read and write
|
||
|
2742FDF0000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
7FF875F3E000
|
unkown
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
23F52B70000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
1A256699000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
1151000
|
heap
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
27431990000
|
trusted library allocation
|
page read and write
|
||
|
1311000
|
heap
|
page read and write
|
||
|
E81000
|
heap
|
page read and write
|
||
|
1D7E428F000
|
heap
|
page read and write
|
||
|
1270000
|
remote allocation
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
2742FCF0000
|
heap
|
page read and write
|
||
|
5D30000
|
trusted library allocation
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
3AD467F000
|
stack
|
page read and write
|
||
|
2742FE59000
|
heap
|
page read and write
|
||
|
6000000
|
trusted library allocation
|
page read and write
|
||
|
E7D000
|
heap
|
page read and write
|
||
|
BF9000
|
stack
|
page read and write
|
||
|
23F510E0000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
23F510BD000
|
heap
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
C56000
|
heap
|
page read and write
|
||
|
2742FD80000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
1128000
|
heap
|
page read and write
|
||
|
2640000
|
trusted library allocation
|
page read and write
|
||
|
10F3000
|
heap
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
There are 585 hidden memdumps, click here to show them.