Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DVvzRulsoR.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\DVvzRulsoR.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\DVvzRulsoR.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\DVvzRulsoR.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\DVvzRulsoR.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\XbzeDYiEMjhuDu\OFkfcZsheb.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\OjshMzvO\drOxhskRmolSyam.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\XvLyRsZAjXO\BWic.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HAZEhjzZpU\MdCGCivK.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\XbzeDYiEMjhuDu\OFkfcZsheb.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\PbznyUjcmjZG\mlrNU.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\DVvzRulsoR.dll",#1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/dwhiakgtheb/puspmvuhrxeol/
|
unknown
|
||
|
https://172.105.115.71:8080/s.dll
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
OFkfcZsheb.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1D380100000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2190000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2A20000
|
direct allocation
|
page execute and read and write
|
|
|
|
20F583F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
970000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1D0BF950000
|
direct allocation
|
page execute and read and write
|
|
|
|
20F584BC000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
F7D000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
E4E000
|
heap
|
page read and write
|
||
|
12A1000
|
heap
|
page read and write
|
||
|
869000
|
heap
|
page read and write
|
||
|
1D0BDFC3000
|
heap
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
7FFA09577000
|
unkown
|
page readonly
|
||
|
4530000
|
heap
|
page read and write
|
||
|
7FFA09575000
|
unkown
|
page readonly
|
||
|
20F5A070000
|
heap
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
F0A000
|
heap
|
page read and write
|
||
|
1D3FC940000
|
heap
|
page read and write
|
||
|
1D0BE003000
|
heap
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
2959000
|
heap
|
page read and write
|
||
|
1D3FC8B0000
|
heap
|
page read and write
|
||
|
83C000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
C4BF0FF000
|
stack
|
page read and write
|
||
|
ECA000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
20F584B0000
|
heap
|
page read and write
|
||
|
F0A000
|
heap
|
page read and write
|
||
|
DB3000
|
heap
|
page read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
2E79000
|
heap
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
58DCAFE000
|
stack
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
1D0BDFB7000
|
heap
|
page read and write
|
||
|
20F58497000
|
heap
|
page read and write
|
||
|
20F58380000
|
heap
|
page read and write
|
||
|
5EB000
|
stack
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
E80000
|
remote allocation
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
3D0F000
|
stack
|
page read and write
|
||
|
1D0BDFBE000
|
heap
|
page read and write
|
||
|
20F58501000
|
heap
|
page read and write
|
||
|
F5A000
|
heap
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
A6B000
|
heap
|
page read and write
|
||
|
AEF000
|
heap
|
page read and write
|
||
|
A59000
|
heap
|
page read and write
|
||
|
2A60000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
1D0BF87C000
|
heap
|
page read and write
|
||
|
29C9000
|
heap
|
page read and write
|
||
|
8A0B000
|
stack
|
page read and write
|
||
|
2DD0000
|
remote allocation
|
page read and write
|
||
|
7FFA09575000
|
unkown
|
page readonly
|
||
|
1D380300000
|
heap
|
page read and write
|
||
|
8A8C000
|
stack
|
page read and write
|
||
|
58DC7CC000
|
stack
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
22E0000
|
trusted library allocation
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
58DCCF9000
|
stack
|
page read and write
|
||
|
7FFA09577000
|
unkown
|
page readonly
|
||
|
2E99000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
7FFA09577000
|
unkown
|
page readonly
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
1D3FCB35000
|
heap
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
F29000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
F29000
|
heap
|
page read and write
|
||
|
20F58430000
|
heap
|
page readonly
|
||
|
F14000
|
heap
|
page read and write
|
||
|
F51000
|
heap
|
page read and write
|
||
|
A36000
|
heap
|
page read and write
|
||
|
20F586E5000
|
heap
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
30B000
|
stack
|
page read and write
|
||
|
10D0000
|
direct allocation
|
page execute and read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
898E000
|
stack
|
page read and write
|
||
|
84BE000
|
stack
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
BD0000
|
remote allocation
|
page read and write
|
||
|
29D4000
|
heap
|
page read and write
|
||
|
7FFA09577000
|
unkown
|
page readonly
|
||
|
7FFA09575000
|
unkown
|
page readonly
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
1D0BDFF2000
|
heap
|
page read and write
|
||
|
12A1000
|
heap
|
page read and write
|
||
|
E1C000
|
heap
|
page read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
8B8C000
|
stack
|
page read and write
|
||
|
7FFA094F1000
|
unkown
|
page execute read
|
||
|
F04000
|
heap
|
page read and write
|
||
|
20F584CA000
|
heap
|
page read and write
|
||
|
7FFA09577000
|
unkown
|
page readonly
|
||
|
F1A000
|
heap
|
page read and write
|
||
|
EF2000
|
heap
|
page read and write
|
||
|
29A2000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
1D3FC95F000
|
heap
|
page read and write
|
||
|
5CE0000
|
trusted library allocation
|
page read and write
|
||
|
AD8000
|
heap
|
page read and write
|
||
|
127A000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
20F584EA000
|
heap
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
22C0000
|
trusted library allocation
|
page read and write
|
||
|
E7B000
|
stack
|
page read and write
|
||
|
1D0BF87C000
|
heap
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
C4BF279000
|
stack
|
page read and write
|
||
|
20F584EA000
|
heap
|
page read and write
|
||
|
F07000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
F09000
|
heap
|
page read and write
|
||
|
F09000
|
heap
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
20F584EA000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
A48000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1D0BDE40000
|
heap
|
page read and write
|
||
|
2DD0000
|
remote allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page readonly
|
||
|
40FE000
|
stack
|
page read and write
|
||
|
8309AFB000
|
stack
|
page read and write
|
||
|
8439000
|
stack
|
page read and write
|
||
|
7FFA09572000
|
unkown
|
page readonly
|
||
|
F47000
|
heap
|
page read and write
|
||
|
1D0BFA20000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
20F584B7000
|
heap
|
page read and write
|
||
|
58DCBFE000
|
stack
|
page read and write
|
||
|
1D0BF990000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
7FFA094F0000
|
unkown
|
page readonly
|
||
|
7FFA09572000
|
unkown
|
page readonly
|
||
|
2350000
|
heap
|
page read and write
|
||
|
1D0BDFCD000
|
heap
|
page read and write
|
||
|
7FFA09528000
|
unkown
|
page readonly
|
||
|
3002000
|
heap
|
page read and write
|
||
|
7FFA094F1000
|
unkown
|
page execute read
|
||
|
1D3FCB30000
|
heap
|
page read and write
|
||
|
1D3FC770000
|
heap
|
page read and write
|
||
|
7DF000
|
heap
|
page read and write
|
||
|
1D380130000
|
direct allocation
|
page execute and read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
1D0BDFB7000
|
heap
|
page read and write
|
||
|
20F584B7000
|
heap
|
page read and write
|
||
|
1D0BDFB7000
|
heap
|
page read and write
|
||
|
7FFA09572000
|
unkown
|
page readonly
|
||
|
F0A000
|
heap
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
7E4000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
20F586E0000
|
heap
|
page read and write
|
||
|
F20000
|
remote allocation
|
page read and write
|
||
|
7FFA0956E000
|
unkown
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
142C000
|
heap
|
page read and write
|
||
|
2C93000
|
heap
|
page read and write
|
||
|
830987F000
|
stack
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
1D0BDF9D000
|
heap
|
page read and write
|
||
|
C4BF2FE000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
F29000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
7FFA0956E000
|
unkown
|
page read and write
|
||
|
7FFA09528000
|
unkown
|
page readonly
|
||
|
1425000
|
heap
|
page read and write
|
||
|
F29000
|
heap
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
F4A000
|
heap
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
83095BE000
|
stack
|
page read and write
|
||
|
FB2000
|
heap
|
page read and write
|
||
|
7FFA09577000
|
unkown
|
page readonly
|
||
|
1D0BDFBB000
|
heap
|
page read and write
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
9BB000
|
heap
|
page read and write
|
||
|
223E000
|
stack
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
20F58512000
|
heap
|
page read and write
|
||
|
7BC000
|
heap
|
page read and write
|
||
|
E57000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
7E0000
|
remote allocation
|
page read and write
|
||
|
508E000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
29DA000
|
heap
|
page read and write
|
||
|
8309A7E000
|
stack
|
page read and write
|
||
|
2A60000
|
trusted library allocation
|
page read and write
|
||
|
27BB000
|
stack
|
page read and write
|
||
|
3E0000
|
heap
|
page readonly
|
||
|
7FFA09572000
|
unkown
|
page readonly
|
||
|
F47000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
F94000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
1D380240000
|
trusted library allocation
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
7FFA0956E000
|
unkown
|
page read and write
|
||
|
82B000
|
heap
|
page read and write
|
||
|
20BC000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
3F0000
|
remote allocation
|
page read and write
|
||
|
F29000
|
heap
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
E4E000
|
heap
|
page read and write
|
||
|
21A3000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
2E99000
|
heap
|
page read and write
|
||
|
20F58240000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
20F584FB000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
1D380000000
|
heap
|
page read and write
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
20F58470000
|
trusted library allocation
|
page read and write
|
||
|
7FFA09575000
|
unkown
|
page readonly
|
||
|
1D3FC8D0000
|
heap
|
page read and write
|
||
|
BA9000
|
stack
|
page read and write
|
||
|
20F58509000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7FFA09528000
|
unkown
|
page readonly
|
||
|
7FFA094F1000
|
unkown
|
page execute read
|
||
|
E45000
|
heap
|
page read and write
|
||
|
3C0000
|
direct allocation
|
page execute and read and write
|
||
|
E80000
|
remote allocation
|
page read and write
|
||
|
310000
|
heap
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
C4BF17E000
|
stack
|
page read and write
|
||
|
7FFA094F0000
|
unkown
|
page readonly
|
||
|
910000
|
heap
|
page read and write
|
||
|
58DCEFE000
|
stack
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
7FFA0956E000
|
unkown
|
page read and write
|
||
|
C4BF1FE000
|
stack
|
page read and write
|
||
|
1D3FC999000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
250000
|
heap
|
page read and write
|
||
|
397D000
|
stack
|
page read and write
|
||
|
1D3FC970000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
1275000
|
heap
|
page read and write
|
||
|
F8E000
|
heap
|
page read and write
|
||
|
1D0BDF90000
|
heap
|
page read and write
|
||
|
D3D000
|
stack
|
page read and write
|
||
|
E53000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1D0BF850000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
EFF000
|
heap
|
page read and write
|
||
|
2DD0000
|
remote allocation
|
page read and write
|
||
|
E4E000
|
heap
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
83098FC000
|
stack
|
page read and write
|
||
|
20F58420000
|
direct allocation
|
page execute and read and write
|
||
|
7FFA094F1000
|
unkown
|
page execute read
|
||
|
1D0BDFD7000
|
heap
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
F19000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1275000
|
heap
|
page read and write
|
||
|
1D3FC9AB000
|
heap
|
page read and write
|
||
|
F37000
|
heap
|
page read and write
|
||
|
83BE000
|
stack
|
page read and write
|
||
|
C4BEDCC000
|
stack
|
page read and write
|
||
|
EFF000
|
heap
|
page read and write
|
||
|
3CA000
|
stack
|
page read and write
|
||
|
20F5852D000
|
heap
|
page read and write
|
||
|
7FFA094F1000
|
unkown
|
page execute read
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
C4BF07E000
|
stack
|
page read and write
|
||
|
20F585BC000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
1D0BE090000
|
heap
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
1D3FC994000
|
heap
|
page read and write
|
||
|
1D380140000
|
heap
|
page readonly
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
1D0BDFC5000
|
heap
|
page read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
7FFA09575000
|
unkown
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
20F58490000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
1D3FC983000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
1D3FC95F000
|
heap
|
page read and write
|
||
|
2923000
|
heap
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
83099FE000
|
stack
|
page read and write
|
||
|
1D0BFA80000
|
heap
|
page read and write
|
||
|
E56000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
126F000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
1D3FC999000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
22B7000
|
stack
|
page read and write
|
||
|
1D0BF9B0000
|
trusted library allocation
|
page read and write
|
||
|
11AC000
|
heap
|
page read and write
|
||
|
E56000
|
heap
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
F20000
|
remote allocation
|
page read and write
|
||
|
1D0BDFF2000
|
heap
|
page read and write
|
||
|
5C5E000
|
stack
|
page read and write
|
||
|
F94000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
7FFA094F0000
|
unkown
|
page readonly
|
||
|
20F583A0000
|
heap
|
page read and write
|
||
|
F8F000
|
heap
|
page read and write
|
||
|
29D4000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
A28000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
1258000
|
heap
|
page read and write
|
||
|
9A0000
|
direct allocation
|
page execute and read and write
|
||
|
830953C000
|
stack
|
page read and write
|
||
|
1D3FC95F000
|
heap
|
page read and write
|
||
|
1D0BF980000
|
direct allocation
|
page execute and read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
11A5000
|
heap
|
page read and write
|
||
|
8B0D000
|
stack
|
page read and write
|
||
|
29C9000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
58DCFFE000
|
stack
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
2A50000
|
heap
|
page readonly
|
||
|
58DCDFE000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
8C0F000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
7E0000
|
remote allocation
|
page read and write
|
||
|
7FFA094F0000
|
unkown
|
page readonly
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
7FFA09528000
|
unkown
|
page readonly
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
7FFA09575000
|
unkown
|
page readonly
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
6430000
|
heap
|
page read and write
|
||
|
7FFA0956E000
|
unkown
|
page read and write
|
||
|
20F58590000
|
heap
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
20F584EA000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
7FFA09528000
|
unkown
|
page readonly
|
||
|
E56000
|
heap
|
page read and write
|
||
|
3D8F000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
2E78000
|
heap
|
page read and write
|
||
|
5EA0000
|
heap
|
page read and write
|
||
|
F4D000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
1D0BDFA3000
|
heap
|
page read and write
|
||
|
1D3FC948000
|
heap
|
page read and write
|
||
|
F5A000
|
heap
|
page read and write
|
||
|
F6C000
|
heap
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
22CE000
|
stack
|
page read and write
|
||
|
BD0000
|
remote allocation
|
page read and write
|
||
|
EE5000
|
heap
|
page read and write
|
||
|
7FFA094F0000
|
unkown
|
page readonly
|
||
|
2980000
|
heap
|
page read and write
|
||
|
22E0000
|
trusted library allocation
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
1175000
|
heap
|
page read and write
|
||
|
20F5851B000
|
heap
|
page read and write
|
||
|
F35000
|
heap
|
page read and write
|
||
|
20F58509000
|
heap
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
1D0BFA85000
|
heap
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
5C30000
|
trusted library allocation
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
7FFA09572000
|
unkown
|
page readonly
|
||
|
E56000
|
heap
|
page read and write
|
||
|
7C8000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
3F0000
|
trusted library allocation
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
12A9000
|
heap
|
page read and write
|
||
|
A36000
|
heap
|
page read and write
|
||
|
7FFA0956E000
|
unkown
|
page read and write
|
||
|
1D380240000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
7FFA094F0000
|
unkown
|
page readonly
|
||
|
EFB000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
385000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page readonly
|
||
|
833E000
|
stack
|
page read and write
|
||
|
E4A000
|
heap
|
page read and write
|
||
|
F8F000
|
heap
|
page read and write
|
||
|
20F584EA000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page read and write
|
||
|
7FFA09572000
|
unkown
|
page readonly
|
||
|
F29000
|
heap
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
8309976000
|
stack
|
page read and write
|
||
|
F94000
|
heap
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
20F584F8000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1D0BF9B0000
|
trusted library allocation
|
page read and write
|
||
|
A7A000
|
stack
|
page read and write
|
||
|
20F58690000
|
trusted library allocation
|
page read and write
|
||
|
FB3000
|
heap
|
page read and write
|
||
|
F3A000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
C4BF37E000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
20F58508000
|
heap
|
page read and write
|
||
|
7FFA094F1000
|
unkown
|
page execute read
|
||
|
3F0000
|
remote allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
29C9000
|
heap
|
page read and write
|
||
|
F35000
|
heap
|
page read and write
|
||
|
29DA000
|
heap
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
839000
|
heap
|
page read and write
|
||
|
29DD000
|
heap
|
page read and write
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
1D38002C000
|
heap
|
page read and write
|
||
|
7FFA09528000
|
unkown
|
page readonly
|
||
|
F14000
|
heap
|
page read and write
|
||
|
1D3FC94E000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
There are 502 hidden memdumps, click here to show them.