Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
DVvzRulsoR.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\DVvzRulsoR.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\DVvzRulsoR.dll
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\DVvzRulsoR.dll",#1
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\DVvzRulsoR.dll,DllRegisterServer
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\BBtfDITJMLhY\HkJOPwKLEPOb.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LvIwYhCVKH\jtinUyBvITUVMo.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\MlZgEhEmvETvuuKKb\FtRB.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\YXMhjfj\dQLLbSGEfyZr.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\BBtfDITJMLhY\HkJOPwKLEPOb.dll
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\XtBBL\BJjqJz.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\XbzeDYiEMjhuDu\OFkfcZsheb.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\OjshMzvO\drOxhskRmolSyam.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\XvLyRsZAjXO\BWic.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HAZEhjzZpU\MdCGCivK.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\XbzeDYiEMjhuDu\OFkfcZsheb.dll
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\PbznyUjcmjZG\mlrNU.dll"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\DVvzRulsoR.dll",#1
|
There are 8 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://172.105.115.71:8080/wwyvvucvxqws/mizawg/mkzlwgu/
|
unknown
|
||
https://172.105.115.71:8080/
|
unknown
|
||
https://172.105.115.71:8080/wwyvvucvxqws/mizawg/mkzlwgu/s.dll
|
unknown
|
||
https://172.105.115.71:8080/dwhiakgtheb/puspmvuhrxeol/
|
unknown
|
||
https://172.105.115.71:8080/s.dll
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.105.115.71
|
unknown
|
United States
|
||
188.165.79.151
|
unknown
|
France
|
||
196.44.98.190
|
unknown
|
Ghana
|
||
174.138.33.49
|
unknown
|
United States
|
||
36.67.23.59
|
unknown
|
Indonesia
|
||
103.41.204.169
|
unknown
|
Indonesia
|
||
85.214.67.203
|
unknown
|
Germany
|
||
83.229.80.93
|
unknown
|
United Kingdom
|
||
198.199.70.22
|
unknown
|
United States
|
||
93.104.209.107
|
unknown
|
Germany
|
||
186.250.48.5
|
unknown
|
Brazil
|
||
209.239.112.82
|
unknown
|
United States
|
||
175.126.176.79
|
unknown
|
Korea Republic of
|
||
128.199.242.164
|
unknown
|
United Kingdom
|
||
178.238.225.252
|
unknown
|
Germany
|
||
46.101.98.60
|
unknown
|
Netherlands
|
||
190.145.8.4
|
unknown
|
Colombia
|
||
82.98.180.154
|
unknown
|
Spain
|
||
103.71.99.57
|
unknown
|
India
|
||
87.106.97.83
|
unknown
|
Germany
|
||
103.254.12.236
|
unknown
|
Viet Nam
|
||
103.85.95.4
|
unknown
|
Indonesia
|
||
202.134.4.210
|
unknown
|
Indonesia
|
||
165.22.254.236
|
unknown
|
United States
|
||
78.47.204.80
|
unknown
|
Germany
|
||
118.98.72.86
|
unknown
|
Indonesia
|
||
139.59.80.108
|
unknown
|
Singapore
|
||
104.244.79.94
|
unknown
|
United States
|
||
37.44.244.177
|
unknown
|
Germany
|
||
51.75.33.122
|
unknown
|
France
|
||
160.16.143.191
|
unknown
|
Japan
|
||
103.56.149.105
|
unknown
|
Indonesia
|
||
85.25.120.45
|
unknown
|
Germany
|
||
139.196.72.155
|
unknown
|
China
|
||
115.178.55.22
|
unknown
|
Indonesia
|
||
103.126.216.86
|
unknown
|
Bangladesh
|
||
128.199.217.206
|
unknown
|
United Kingdom
|
||
114.79.130.68
|
unknown
|
India
|
||
103.224.241.74
|
unknown
|
India
|
||
210.57.209.142
|
unknown
|
Indonesia
|
||
202.28.34.99
|
unknown
|
Thailand
|
||
80.211.107.116
|
unknown
|
Italy
|
||
54.37.228.122
|
unknown
|
France
|
||
218.38.121.17
|
unknown
|
Korea Republic of
|
||
185.148.169.10
|
unknown
|
Germany
|
||
195.77.239.39
|
unknown
|
Spain
|
||
178.62.112.199
|
unknown
|
European Union
|
||
62.171.178.147
|
unknown
|
United Kingdom
|
||
64.227.55.231
|
unknown
|
United States
|
There are 39 hidden IPs, click here to show them.
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
HkJOPwKLEPOb.dll
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
OFkfcZsheb.dll
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
AB0000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
15728870000
|
direct allocation
|
page execute and read and write
|
||
20F1C530000
|
direct allocation
|
page execute and read and write
|
||
660000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
A70000
|
direct allocation
|
page execute and read and write
|
||
27280100000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
80EE000
|
stack
|
page read and write
|
||
765000
|
heap
|
page read and write
|
||
536147A000
|
stack
|
page read and write
|
||
1BB80A48000
|
heap
|
page read and write
|
||
7FFE35567000
|
unkown
|
page readonly
|
||
1BB80910000
|
heap
|
page read and write
|
||
4910000
|
heap
|
page read and write
|
||
2A82606A000
|
heap
|
page read and write
|
||
A20000
|
heap
|
page read and write
|
||
14D0000
|
heap
|
page read and write
|
||
2728002C000
|
heap
|
page read and write
|
||
5D0507F000
|
stack
|
page read and write
|
||
B5D000
|
heap
|
page read and write
|
||
18348030000
|
heap
|
page read and write
|
||
27280000000
|
heap
|
page read and write
|
||
B88000
|
heap
|
page read and write
|
||
B94000
|
heap
|
page read and write
|
||
1BB80A5B000
|
heap
|
page read and write
|
||
4ED000
|
heap
|
page read and write
|
||
F7C000
|
heap
|
page read and write
|
||
18347C70000
|
trusted library allocation
|
page read and write
|
||
B3E000
|
heap
|
page read and write
|
||
B4D000
|
heap
|
page read and write
|
||
AF0000
|
heap
|
page readonly
|
||
183473D0000
|
trusted library allocation
|
page read and write
|
||
1FC000
|
heap
|
page read and write
|
||
7FFE35562000
|
unkown
|
page readonly
|
||
12D2AABC000
|
heap
|
page read and write
|
||
20F1DF20000
|
trusted library allocation
|
page read and write
|
||
BB0000
|
heap
|
page readonly
|
||
27280160000
|
trusted library allocation
|
page read and write
|
||
C61000
|
heap
|
page read and write
|
||
B53000
|
heap
|
page read and write
|
||
12D2B300000
|
heap
|
page read and write
|
||
2C1E000
|
stack
|
page read and write
|
||
272FDCE1000
|
heap
|
page read and write
|
||
B8E000
|
heap
|
page read and write
|
||
272FDAA0000
|
heap
|
page read and write
|
||
4F5000
|
heap
|
page read and write
|
||
4F5000
|
heap
|
page read and write
|
||
1F2C000
|
heap
|
page read and write
|
||
C45000
|
heap
|
page read and write
|
||
1BB808B0000
|
heap
|
page read and write
|
||
AD2000
|
heap
|
page read and write
|
||
15726EC0000
|
heap
|
page readonly
|
||
B53000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
C3D000
|
heap
|
page read and write
|
||
9326EAC000
|
stack
|
page read and write
|
||
B40000
|
heap
|
page read and write
|
||
1E0000
|
remote allocation
|
page read and write
|
||
7FFE354E1000
|
unkown
|
page execute read
|
||
272227D000
|
stack
|
page read and write
|
||
BBF000
|
heap
|
page read and write
|
||
4ED000
|
heap
|
page read and write
|
||
12D2A9F0000
|
trusted library allocation
|
page read and write
|
||
2A825DC0000
|
heap
|
page read and write
|
||
1433000
|
heap
|
page read and write
|
||
B2E000
|
heap
|
page read and write
|
||
B2E000
|
heap
|
page read and write
|
||
15A5462A000
|
heap
|
page read and write
|
||
766000
|
heap
|
page read and write
|
||
7FFE354E1000
|
unkown
|
page execute read
|
||
2EBE000
|
stack
|
page read and write
|
||
4F8000
|
heap
|
page read and write
|
||
B5D000
|
heap
|
page read and write
|
||
755000
|
heap
|
page read and write
|
||
1BB81202000
|
trusted library allocation
|
page read and write
|
||
15726EFD000
|
heap
|
page read and write
|
||
5D0479B000
|
stack
|
page read and write
|
||
C10000
|
heap
|
page read and write
|
||
3B0000
|
remote allocation
|
page read and write
|
||
24F0000
|
heap
|
page read and write
|
||
B9C000
|
heap
|
page read and write
|
||
B7A000
|
heap
|
page read and write
|
||
37906FE000
|
stack
|
page read and write
|
||
7FFE35567000
|
unkown
|
page readonly
|
||
34BD4FE000
|
stack
|
page read and write
|
||
4C0000
|
heap
|
page read and write
|
||
B79000
|
heap
|
page read and write
|
||
7FFE35518000
|
unkown
|
page readonly
|
||
B3A000
|
heap
|
page read and write
|
||
1BB80A57000
|
heap
|
page read and write
|
||
27220FE000
|
stack
|
page read and write
|
||
520000
|
heap
|
page read and write
|
||
480000
|
heap
|
page read and write
|
||
5D04BFF000
|
stack
|
page read and write
|
||
C3D000
|
heap
|
page read and write
|
||
18347F22000
|
heap
|
page read and write
|
||
BBF000
|
heap
|
page read and write
|
||
B3E000
|
heap
|
page read and write
|
||
7B0000
|
remote allocation
|
page read and write
|
||
75D000
|
heap
|
page read and write
|
||
BBF000
|
heap
|
page read and write
|
||
1BB80A6B000
|
heap
|
page read and write
|
||
B3F000
|
heap
|
page read and write
|
||
4E5000
|
heap
|
page read and write
|
||
15726EEE000
|
heap
|
page read and write
|
||
B94000
|
heap
|
page read and write
|
||
1E0000
|
remote allocation
|
page read and write
|
||
5D04F7A000
|
stack
|
page read and write
|
||
93273FF000
|
stack
|
page read and write
|
||
1BB80A6E000
|
heap
|
page read and write
|
||
7FFE35565000
|
unkown
|
page readonly
|
||
18347476000
|
heap
|
page read and write
|
||
2721E7E000
|
stack
|
page read and write
|
||
1572879C000
|
heap
|
page read and write
|
||
B5D000
|
heap
|
page read and write
|
||
51D000
|
heap
|
page read and write
|
||
B9C000
|
heap
|
page read and write
|
||
B28000
|
heap
|
page read and write
|
||
27280250000
|
heap
|
page read and write
|
||
1BB80A63000
|
heap
|
page read and write
|
||
26EE000
|
stack
|
page read and write
|
||
5F0000
|
heap
|
page read and write
|
||
7FFE354E0000
|
unkown
|
page readonly
|
||
7FFE354E1000
|
unkown
|
page execute read
|
||
1BB80A78000
|
heap
|
page read and write
|
||
F70000
|
heap
|
page read and write
|
||
640000
|
heap
|
page read and write
|
||
C45000
|
heap
|
page read and write
|
||
1612B4E000
|
stack
|
page read and write
|
||
F75000
|
heap
|
page read and write
|
||
C45000
|
heap
|
page read and write
|
||
2D3B000
|
heap
|
page read and write
|
||
269C000
|
heap
|
page read and write
|
||
20F1C5B0000
|
heap
|
page read and write
|
||
F20000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
20F1C560000
|
direct allocation
|
page execute and read and write
|
||
18348030000
|
heap
|
page read and write
|
||
15728770000
|
heap
|
page read and write
|
||
18347429000
|
heap
|
page read and write
|
||
BD6000
|
heap
|
page read and write
|
||
180000
|
heap
|
page read and write
|
||
1B085D80000
|
heap
|
page read and write
|
||
25F0000
|
heap
|
page read and write
|
||
51D000
|
heap
|
page read and write
|
||
1B085E3D000
|
heap
|
page read and write
|
||
15A54702000
|
heap
|
page read and write
|
||
53C000
|
heap
|
page read and write
|
||
B9C000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
7FFE354E1000
|
unkown
|
page execute read
|
||
18347452000
|
heap
|
page read and write
|
||
8F0000
|
heap
|
page read and write
|
||
272FDCFF000
|
heap
|
page read and write
|
||
14D5000
|
heap
|
page read and write
|
||
272802E0000
|
heap
|
page read and write
|
||
2A826029000
|
heap
|
page read and write
|
||
5F70000
|
heap
|
page read and write
|
||
BA0000
|
direct allocation
|
page execute and read and write
|
||
7FFE35562000
|
unkown
|
page readonly
|
||
1BB80A43000
|
heap
|
page read and write
|
||
15A54590000
|
remote allocation
|
page read and write
|
||
1612E7E000
|
stack
|
page read and write
|
||
5360F2C000
|
stack
|
page read and write
|
||
B09000
|
heap
|
page read and write
|
||
15726EEE000
|
heap
|
page read and write
|
||
D5CECFB000
|
stack
|
page read and write
|
||
18348013000
|
heap
|
page read and write
|
||
20F1C449000
|
heap
|
page read and write
|
||
2A826000000
|
heap
|
page read and write
|
||
9608EFF000
|
stack
|
page read and write
|
||
BD6000
|
heap
|
page read and write
|
||
B4D000
|
heap
|
page read and write
|
||
18347F95000
|
heap
|
page read and write
|
||
7FFE35518000
|
unkown
|
page readonly
|
||
15726EFC000
|
heap
|
page read and write
|
||
B46000
|
heap
|
page read and write
|
||
272FDC80000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
AA8000
|
heap
|
page read and write
|
||
266E000
|
stack
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
569000
|
heap
|
page read and write
|
||
557000
|
heap
|
page read and write
|
||
18347FC7000
|
heap
|
page read and write
|
||
1BB80A3C000
|
heap
|
page read and write
|
||
9C9000
|
stack
|
page read and write
|
||
15A55002000
|
trusted library allocation
|
page read and write
|
||
9326FAF000
|
stack
|
page read and write
|
||
B56000
|
heap
|
page read and write
|
||
1BB80A32000
|
heap
|
page read and write
|
||
1BB80A7B000
|
heap
|
page read and write
|
||
D5CF47F000
|
stack
|
page read and write
|
||
EC0000
|
heap
|
page read and write
|
||
9326F2F000
|
stack
|
page read and write
|
||
1612F7E000
|
stack
|
page read and write
|
||
18347490000
|
heap
|
page read and write
|
||
7FFE35567000
|
unkown
|
page readonly
|
||
272FDCE1000
|
heap
|
page read and write
|
||
BBF000
|
heap
|
page read and write
|
||
C18000
|
heap
|
page read and write
|
||
15A544C0000
|
heap
|
page read and write
|
||
272237E000
|
stack
|
page read and write
|
||
15A544D0000
|
heap
|
page read and write
|
||
15A54640000
|
heap
|
page read and write
|
||
15726EB5000
|
heap
|
page read and write
|
||
AF7000
|
heap
|
page read and write
|
||
15726EF7000
|
heap
|
page read and write
|
||
B94000
|
heap
|
page read and write
|
||
5361579000
|
stack
|
page read and write
|
||
1BB80A58000
|
heap
|
page read and write
|
||
B85000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
7FFE35562000
|
unkown
|
page readonly
|
||
12F0000
|
heap
|
page read and write
|
||
738000
|
heap
|
page read and write
|
||
2A826089000
|
heap
|
page read and write
|
||
2721F7E000
|
stack
|
page read and write
|
||
B85000
|
heap
|
page read and write
|
||
765000
|
heap
|
page read and write
|
||
7FFE35562000
|
unkown
|
page readonly
|
||
15726F28000
|
heap
|
page read and write
|
||
7FFE354E0000
|
unkown
|
page readonly
|
||
4F6000
|
heap
|
page read and write
|
||
18347330000
|
heap
|
page read and write
|
||
2BAC000
|
stack
|
page read and write
|
||
7FFE354E0000
|
unkown
|
page readonly
|
||
12D2B33A000
|
heap
|
page read and write
|
||
15726EFE000
|
heap
|
page read and write
|
||
BD6000
|
heap
|
page read and write
|
||
7FFE3555E000
|
unkown
|
page read and write
|
||
51D000
|
heap
|
page read and write
|
||
4E6E000
|
stack
|
page read and write
|
||
1BB80A59000
|
heap
|
page read and write
|
||
18347E02000
|
heap
|
page read and write
|
||
D5CF37F000
|
stack
|
page read and write
|
||
96091FE000
|
stack
|
page read and write
|
||
12D2AAC5000
|
heap
|
page read and write
|
||
34BD5FE000
|
stack
|
page read and write
|
||
1B085E1F000
|
heap
|
page read and write
|
||
2A826041000
|
heap
|
page read and write
|
||
543E000
|
stack
|
page read and write
|
||
FD0000
|
heap
|
page read and write
|
||
131D000
|
heap
|
page read and write
|
||
2A826102000
|
heap
|
page read and write
|
||
B09000
|
heap
|
page read and write
|
||
18347FB3000
|
heap
|
page read and write
|
||
12D2AB13000
|
heap
|
page read and write
|
||
12D2A880000
|
heap
|
page read and write
|
||
20F1C459000
|
heap
|
page read and write
|
||
BC0000
|
trusted library allocation
|
page read and write
|
||
C45000
|
heap
|
page read and write
|
||
1315000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
9608FFE000
|
stack
|
page read and write
|
||
7FFE35565000
|
unkown
|
page readonly
|
||
1B085E2E000
|
heap
|
page read and write
|
||
D5CF57E000
|
stack
|
page read and write
|
||
34BCEFB000
|
stack
|
page read and write
|
||
12D2AA3D000
|
heap
|
page read and write
|
||
272FDCBB000
|
heap
|
page read and write
|
||
9F0000
|
remote allocation
|
page read and write
|
||
34BD3FE000
|
stack
|
page read and write
|
||
18347F02000
|
heap
|
page read and write
|
||
276D000
|
stack
|
page read and write
|
||
272FDBE0000
|
heap
|
page read and write
|
||
536137F000
|
stack
|
page read and write
|
||
9608DFF000
|
stack
|
page read and write
|
||
7FFE354E0000
|
unkown
|
page readonly
|
||
15726ED0000
|
heap
|
page read and write
|
||
B85000
|
heap
|
page read and write
|
||
18348023000
|
heap
|
page read and write
|
||
A7B000
|
stack
|
page read and write
|
||
6D5000
|
heap
|
page read and write
|
||
379067B000
|
stack
|
page read and write
|
||
1612FFF000
|
stack
|
page read and write
|
||
15A54560000
|
trusted library allocation
|
page read and write
|
||
B5D000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
B9C000
|
heap
|
page read and write
|
||
15726EF7000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
B68000
|
heap
|
page read and write
|
||
18347F43000
|
heap
|
page read and write
|
||
B45000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
C2F000
|
heap
|
page read and write
|
||
157288D0000
|
heap
|
page read and write
|
||
27280160000
|
trusted library allocation
|
page read and write
|
||
7FFE354E1000
|
unkown
|
page execute read
|
||
57F0000
|
heap
|
page read and write
|
||
2652000
|
heap
|
page read and write
|
||
18347F6D000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
7E0000
|
heap
|
page read and write
|
||
B30000
|
heap
|
page read and write
|
||
27280130000
|
direct allocation
|
page execute and read and write
|
||
B3A000
|
heap
|
page read and write
|
||
74F000
|
heap
|
page read and write
|
||
18347413000
|
heap
|
page read and write
|
||
272247C000
|
stack
|
page read and write
|
||
B7B000
|
heap
|
page read and write
|
||
272FDCE1000
|
heap
|
page read and write
|
||
272FDCF8000
|
heap
|
page read and write
|
||
BBF000
|
heap
|
page read and write
|
||
1612BCF000
|
stack
|
page read and write
|
||
BD6000
|
heap
|
page read and write
|
||
3C0000
|
heap
|
page read and write
|
||
1326000
|
heap
|
page read and write
|
||
1612ACC000
|
stack
|
page read and write
|
||
C3D000
|
heap
|
page read and write
|
||
183475E5000
|
heap
|
page read and write
|
||
20F1DD8C000
|
heap
|
page read and write
|
||
7FFE3555E000
|
unkown
|
page read and write
|
||
272802E5000
|
heap
|
page read and write
|
||
12D2AB02000
|
heap
|
page read and write
|
||
2360000
|
heap
|
page read and write
|
||
7FFE35518000
|
unkown
|
page readonly
|
||
18002B000
|
direct allocation
|
page readonly
|
||
1FC3000
|
heap
|
page read and write
|
||
2A825F20000
|
trusted library allocation
|
page read and write
|
||
15726EFF000
|
heap
|
page read and write
|
||
F13000
|
heap
|
page read and write
|
||
272FDCA7000
|
heap
|
page read and write
|
||
B45000
|
heap
|
page read and write
|
||
1BB80A4E000
|
heap
|
page read and write
|
||
4F5000
|
heap
|
page read and write
|
||
157289A0000
|
trusted library allocation
|
page read and write
|
||
B6C000
|
heap
|
page read and write
|
||
15726EA0000
|
direct allocation
|
page execute and read and write
|
||
12D2AACD000
|
heap
|
page read and write
|
||
20F1C432000
|
heap
|
page read and write
|
||
12D2AA89000
|
heap
|
page read and write
|
||
52A000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
15726F3A000
|
heap
|
page read and write
|
||
1B085E52000
|
heap
|
page read and write
|
||
20F1C3E0000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
272FDD01000
|
heap
|
page read and write
|
||
BD6000
|
heap
|
page read and write
|
||
5D04B7E000
|
stack
|
page read and write
|
||
B6C000
|
heap
|
page read and write
|
||
8D0000
|
heap
|
page read and write
|
||
2BAF000
|
stack
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
131D000
|
heap
|
page read and write
|
||
18348000000
|
heap
|
page read and write
|
||
246E000
|
stack
|
page read and write
|
||
7FFE35567000
|
unkown
|
page readonly
|
||
20F1C459000
|
heap
|
page read and write
|
||
B56000
|
heap
|
page read and write
|
||
6D0000
|
heap
|
page read and write
|
||
131D000
|
heap
|
page read and write
|
||
1BB811B0000
|
trusted library allocation
|
page read and write
|
||
1612EF9000
|
stack
|
page read and write
|
||
3790BFE000
|
stack
|
page read and write
|
||
B6C000
|
heap
|
page read and write
|
||
1325000
|
heap
|
page read and write
|
||
7FFE35518000
|
unkown
|
page readonly
|
||
2721FFC000
|
stack
|
page read and write
|
||
D60000
|
trusted library allocation
|
page read and write
|
||
272FDD24000
|
heap
|
page read and write
|
||
7B0000
|
remote allocation
|
page read and write
|
||
7FE7000
|
stack
|
page read and write
|
||
FA0000
|
remote allocation
|
page read and write
|
||
B4D000
|
heap
|
page read and write
|
||
F79000
|
stack
|
page read and write
|
||
6C0000
|
heap
|
page read and write
|
||
4FF0000
|
trusted library allocation
|
page read and write
|
||
BD6000
|
heap
|
page read and write
|
||
15726CF0000
|
heap
|
page read and write
|
||
96090F9000
|
stack
|
page read and write
|
||
20F1DF20000
|
trusted library allocation
|
page read and write
|
||
8F5000
|
heap
|
page read and write
|
||
1BB80A7C000
|
heap
|
page read and write
|
||
37908FE000
|
stack
|
page read and write
|
||
B85000
|
heap
|
page read and write
|
||
1B085E41000
|
heap
|
page read and write
|
||
750000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
B4D000
|
heap
|
page read and write
|
||
379077E000
|
stack
|
page read and write
|
||
B17000
|
heap
|
page read and write
|
||
130000
|
heap
|
page read and write
|
||
D50000
|
trusted library allocation
|
page read and write
|
||
38A000
|
stack
|
page read and write
|
||
1BB80A00000
|
heap
|
page read and write
|
||
2C2E000
|
stack
|
page read and write
|
||
20F1C41F000
|
heap
|
page read and write
|
||
2A826802000
|
trusted library allocation
|
page read and write
|
||
932747C000
|
stack
|
page read and write
|
||
20F1DD60000
|
heap
|
page read and write
|
||
12D2AA2A000
|
heap
|
page read and write
|
||
36C0000
|
heap
|
page read and write
|
||
18348027000
|
heap
|
page read and write
|
||
5D04DFB000
|
stack
|
page read and write
|
||
690000
|
direct allocation
|
page execute and read and write
|
||
E10000
|
remote allocation
|
page read and write
|
||
18347443000
|
heap
|
page read and write
|
||
B09000
|
heap
|
page read and write
|
||
548000
|
heap
|
page read and write
|
||
12D2A890000
|
heap
|
page read and write
|
||
1F00000
|
heap
|
page read and write
|
||
183475B9000
|
heap
|
page read and write
|
||
B72000
|
heap
|
page read and write
|
||
700000
|
heap
|
page read and write
|
||
14DC000
|
heap
|
page read and write
|
||
15726EDB000
|
heap
|
page read and write
|
||
4DEE000
|
stack
|
page read and write
|
||
272FDC88000
|
heap
|
page read and write
|
||
27280140000
|
heap
|
page read and write
|
||
1BB80A66000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
B6F000
|
heap
|
page read and write
|
||
B27000
|
heap
|
page read and write
|
||
15A54600000
|
heap
|
page read and write
|
||
D5CEE7F000
|
stack
|
page read and write
|
||
15A54530000
|
heap
|
page read and write
|
||
D5CF67F000
|
stack
|
page read and write
|
||
C10000
|
heap
|
page read and write
|
||
B7C000
|
heap
|
page read and write
|
||
18347465000
|
heap
|
page read and write
|
||
272FDD35000
|
heap
|
page read and write
|
||
5770000
|
trusted library allocation
|
page read and write
|
||
34BD77D000
|
stack
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
272FDCE1000
|
heap
|
page read and write
|
||
B6C000
|
heap
|
page read and write
|
||
FA0000
|
remote allocation
|
page read and write
|
||
18347F00000
|
heap
|
page read and write
|
||
1B085E02000
|
heap
|
page read and write
|
||
2A82608B000
|
heap
|
page read and write
|
||
B56000
|
heap
|
page read and write
|
||
18348002000
|
heap
|
page read and write
|
||
15726EFF000
|
heap
|
page read and write
|
||
75D000
|
heap
|
page read and write
|
||
B94000
|
heap
|
page read and write
|
||
B9C000
|
heap
|
page read and write
|
||
1BB80A2A000
|
heap
|
page read and write
|
||
15726E50000
|
heap
|
page read and write
|
||
1BB80A3E000
|
heap
|
page read and write
|
||
B48000
|
heap
|
page read and write
|
||
B72000
|
heap
|
page read and write
|
||
261C000
|
heap
|
page read and write
|
||
B28000
|
heap
|
page read and write
|
||
1B085D90000
|
heap
|
page read and write
|
||
20F1C409000
|
heap
|
page read and write
|
||
272217B000
|
stack
|
page read and write
|
||
20F1C445000
|
heap
|
page read and write
|
||
7FFE35565000
|
unkown
|
page readonly
|
||
B8B000
|
heap
|
page read and write
|
||
536167F000
|
stack
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
1BB80A68000
|
heap
|
page read and write
|
||
B94000
|
heap
|
page read and write
|
||
1B085E13000
|
heap
|
page read and write
|
||
1FC0000
|
heap
|
page read and write
|
||
1834758E000
|
heap
|
page read and write
|
||
18347474000
|
heap
|
page read and write
|
||
9F0000
|
remote allocation
|
page read and write
|
||
2D0000
|
heap
|
page read and write
|
||
B09000
|
heap
|
page read and write
|
||
2A826013000
|
heap
|
page read and write
|
||
9608CFC000
|
stack
|
page read and write
|
||
7FFE35562000
|
unkown
|
page readonly
|
||
1BB80A64000
|
heap
|
page read and write
|
||
AA0000
|
heap
|
page read and write
|
||
18347493000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
B85000
|
heap
|
page read and write
|
||
E10000
|
remote allocation
|
page read and write
|
||
B3C000
|
heap
|
page read and write
|
||
B85000
|
heap
|
page read and write
|
||
7FFE3555E000
|
unkown
|
page read and write
|
||
272FDCEF000
|
heap
|
page read and write
|
||
20F1C41F000
|
heap
|
page read and write
|
||
B2E000
|
heap
|
page read and write
|
||
18347400000
|
heap
|
page read and write
|
||
703000
|
heap
|
page read and write
|
||
5D0517E000
|
stack
|
page read and write
|
||
B56000
|
heap
|
page read and write
|
||
1BB80A61000
|
heap
|
page read and write
|
||
910000
|
heap
|
page read and write
|
||
B8B000
|
heap
|
page read and write
|
||
7FFE354E0000
|
unkown
|
page readonly
|
||
E10000
|
trusted library allocation
|
page read and write
|
||
AE0000
|
direct allocation
|
page execute and read and write
|
||
272FDCF2000
|
heap
|
page read and write
|
||
1834742C000
|
heap
|
page read and write
|
||
B48000
|
heap
|
page read and write
|
||
B72000
|
heap
|
page read and write
|
||
34BD37E000
|
stack
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
2A826076000
|
heap
|
page read and write
|
||
B09000
|
heap
|
page read and write
|
||
B68000
|
heap
|
page read and write
|
||
12D2AA13000
|
heap
|
page read and write
|
||
2A825DB0000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
5FC0000
|
trusted library allocation
|
page read and write
|
||
1BB80A41000
|
heap
|
page read and write
|
||
18347FBF000
|
heap
|
page read and write
|
||
2000000
|
trusted library allocation
|
page read and write
|
||
272FDD01000
|
heap
|
page read and write
|
||
B08000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
2D2E000
|
stack
|
page read and write
|
||
C40000
|
heap
|
page read and write
|
||
B31000
|
heap
|
page read and write
|
||
6B0000
|
trusted library allocation
|
page read and write
|
||
7FFE35565000
|
unkown
|
page readonly
|
||
DE0000
|
heap
|
page read and write
|
||
7C0000
|
heap
|
page read and write
|
||
272FDD12000
|
heap
|
page read and write
|
||
D5CF17D000
|
stack
|
page read and write
|
||
272FDCBD000
|
heap
|
page read and write
|
||
24EF000
|
stack
|
page read and write
|
||
34BD27C000
|
stack
|
page read and write
|
||
54C0000
|
trusted library allocation
|
page read and write
|
||
8FC000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
7FFE354E1000
|
unkown
|
page execute read
|
||
15A54602000
|
heap
|
page read and write
|
||
C61000
|
heap
|
page read and write
|
||
7F6E000
|
stack
|
page read and write
|
||
1B085E00000
|
heap
|
page read and write
|
||
D50000
|
trusted library allocation
|
page read and write
|
||
75D000
|
heap
|
page read and write
|
||
18347340000
|
heap
|
page read and write
|
||
B5D000
|
heap
|
page read and write
|
||
B48000
|
heap
|
page read and write
|
||
1B086802000
|
trusted library allocation
|
page read and write
|
||
7EEF000
|
stack
|
page read and write
|
||
27EB000
|
stack
|
page read and write
|
||
1BB80A13000
|
heap
|
page read and write
|
||
1BB80A60000
|
heap
|
page read and write
|
||
1B085E45000
|
heap
|
page read and write
|
||
27218EC000
|
stack
|
page read and write
|
||
1834746B000
|
heap
|
page read and write
|
||
183473A0000
|
heap
|
page read and write
|
||
12F8000
|
heap
|
page read and write
|
||
4F0000
|
heap
|
page read and write
|
||
1325000
|
heap
|
page read and write
|
||
272FDD09000
|
heap
|
page read and write
|
||
20F1C46B000
|
heap
|
page read and write
|
||
B8C000
|
heap
|
page read and write
|
||
3030000
|
heap
|
page read and write
|
||
15726E30000
|
heap
|
page read and write
|
||
1B085E29000
|
heap
|
page read and write
|
||
E40000
|
heap
|
page read and write
|
||
15726F28000
|
heap
|
page read and write
|
||
12D2AA70000
|
heap
|
page read and write
|
||
2A826002000
|
heap
|
page read and write
|
||
272FDCE1000
|
heap
|
page read and write
|
||
18347F54000
|
heap
|
page read and write
|
||
15A54590000
|
remote allocation
|
page read and write
|
||
18347454000
|
heap
|
page read and write
|
||
157289A0000
|
trusted library allocation
|
page read and write
|
||
1BB80A7F000
|
heap
|
page read and write
|
||
B4C000
|
heap
|
page read and write
|
||
E45000
|
heap
|
page read and write
|
||
20F1C280000
|
heap
|
page read and write
|
||
D5CEF7C000
|
stack
|
page read and write
|
||
272FDC9C000
|
heap
|
page read and write
|
||
2B2E000
|
stack
|
page read and write
|
||
BC0000
|
trusted library allocation
|
page read and write
|
||
12D2AA00000
|
heap
|
page read and write
|
||
B45000
|
heap
|
page read and write
|
||
1B086680000
|
trusted library allocation
|
page read and write
|
||
7FFE3555E000
|
unkown
|
page read and write
|
||
5D04E79000
|
stack
|
page read and write
|
||
D5CE8DB000
|
stack
|
page read and write
|
||
15726EB0000
|
heap
|
page read and write
|
||
610000
|
heap
|
page read and write
|
||
1EB000
|
stack
|
page read and write
|
||
806E000
|
stack
|
page read and write
|
||
C61000
|
heap
|
page read and write
|
||
20F1DFD0000
|
heap
|
page read and write
|
||
20F1C3C0000
|
heap
|
page read and write
|
||
12D2B202000
|
heap
|
page read and write
|
||
18347485000
|
heap
|
page read and write
|
||
4ED000
|
heap
|
page read and write
|
||
20F1C570000
|
heap
|
page readonly
|
||
B72000
|
heap
|
page read and write
|
||
2C2B000
|
stack
|
page read and write
|
||
B93000
|
heap
|
page read and write
|
||
B00000
|
heap
|
page read and write
|
||
BD6000
|
heap
|
page read and write
|
||
730000
|
heap
|
page read and write
|
||
B5D000
|
heap
|
page read and write
|
||
12D2B312000
|
heap
|
page read and write
|
||
20F1C41F000
|
heap
|
page read and write
|
||
BD6000
|
heap
|
page read and write
|
||
52B000
|
heap
|
page read and write
|
||
C35000
|
heap
|
page read and write
|
||
7FFE35567000
|
unkown
|
page readonly
|
||
18347489000
|
heap
|
page read and write
|
||
272FDCAD000
|
heap
|
page read and write
|
||
1B085E37000
|
heap
|
page read and write
|
||
2A825E20000
|
heap
|
page read and write
|
||
B48000
|
heap
|
page read and write
|
||
B56000
|
heap
|
page read and write
|
||
B20000
|
heap
|
page read and write
|
||
BBF000
|
heap
|
page read and write
|
||
1B085F02000
|
heap
|
page read and write
|
||
2E3E000
|
stack
|
page read and write
|
||
15A54659000
|
heap
|
page read and write
|
||
14BF000
|
stack
|
page read and write
|
||
B4E000
|
heap
|
page read and write
|
||
BBF000
|
heap
|
page read and write
|
||
2767000
|
stack
|
page read and write
|
||
2721CFC000
|
stack
|
page read and write
|
||
20F1C458000
|
heap
|
page read and write
|
||
1F5000
|
heap
|
page read and write
|
||
7FFE35518000
|
unkown
|
page readonly
|
||
B4D000
|
heap
|
page read and write
|
||
329E000
|
stack
|
page read and write
|
||
4C8000
|
heap
|
page read and write
|
||
130F000
|
heap
|
page read and write
|
||
932727E000
|
stack
|
page read and write
|
||
D80000
|
heap
|
page read and write
|
||
15A54590000
|
remote allocation
|
page read and write
|
||
5D0527A000
|
stack
|
page read and write
|
||
8AE000
|
stack
|
page read and write
|
||
18347F22000
|
heap
|
page read and write
|
||
272257F000
|
stack
|
page read and write
|
||
7FFE35518000
|
unkown
|
page readonly
|
||
37909FE000
|
stack
|
page read and write
|
||
479000
|
stack
|
page read and write
|
||
2A82605A000
|
heap
|
page read and write
|
||
2A826113000
|
heap
|
page read and write
|
||
BBF000
|
heap
|
page read and write
|
||
7FFE3555E000
|
unkown
|
page read and write
|
||
18347467000
|
heap
|
page read and write
|
||
B1A000
|
heap
|
page read and write
|
||
C61000
|
heap
|
page read and write
|
||
C46000
|
heap
|
page read and write
|
||
B09000
|
heap
|
page read and write
|
||
ECE000
|
stack
|
page read and write
|
||
7FFE354E0000
|
unkown
|
page readonly
|
||
7FFE35565000
|
unkown
|
page readonly
|
||
7FFE3555E000
|
unkown
|
page read and write
|
||
765000
|
heap
|
page read and write
|
||
6FB000
|
stack
|
page read and write
|
||
E00000
|
heap
|
page read and write
|
||
20F1C430000
|
heap
|
page read and write
|
||
272FDCB3000
|
heap
|
page read and write
|
||
7FFE35565000
|
unkown
|
page readonly
|
||
1430000
|
heap
|
page read and write
|
||
3790AFE000
|
stack
|
page read and write
|
||
6A0000
|
heap
|
page readonly
|
||
1BB808A0000
|
heap
|
page read and write
|
||
932737C000
|
stack
|
page read and write
|
||
15726ED7000
|
heap
|
page read and write
|
||
3E0000
|
heap
|
page read and write
|
||
7FFE35562000
|
unkown
|
page readonly
|
||
93272F7000
|
stack
|
page read and write
|
||
15A54613000
|
heap
|
page read and write
|
||
B7A000
|
heap
|
page read and write
|
||
18347458000
|
heap
|
page read and write
|
||
1BB80A85000
|
heap
|
page read and write
|
||
1BB80B02000
|
heap
|
page read and write
|
||
1B085DE0000
|
heap
|
page read and write
|
||
34BD67F000
|
stack
|
page read and write
|
||
2CAC000
|
stack
|
page read and write
|
||
4A0000
|
heap
|
page read and write
|
||
7FFE35567000
|
unkown
|
page readonly
|
||
12D2A8F0000
|
heap
|
page read and write
|
||
A00000
|
heap
|
page read and write
|
||
20F1C400000
|
heap
|
page read and write
|
||
B3A000
|
heap
|
page read and write
|
||
1834743C000
|
heap
|
page read and write
|
||
F10000
|
heap
|
page read and write
|
||
3B0000
|
remote allocation
|
page read and write
|
||
1BB80A5D000
|
heap
|
page read and write
|
||
54BE000
|
stack
|
page read and write
|
||
FB0000
|
heap
|
page read and write
|
||
20F1C5B5000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
D5CF27E000
|
stack
|
page read and write
|
||
4DF000
|
heap
|
page read and write
|
||
E10000
|
remote allocation
|
page read and write
|
||
272FDCE1000
|
heap
|
page read and write
|
||
816B000
|
stack
|
page read and write
|
||
1EFF000
|
stack
|
page read and write
|
||
1325000
|
heap
|
page read and write
|
||
18347513000
|
heap
|
page read and write
|
||
557000
|
heap
|
page read and write
|
||
5D04CFF000
|
stack
|
page read and write
|
||
1BB80A6C000
|
heap
|
page read and write
|
||
15726F07000
|
heap
|
page read and write
|
There are 687 hidden memdumps, click here to show them.