IOC Report
DVvzRulsoR.dll

loading gif

Files

File Path
Type
Category
Malicious
DVvzRulsoR.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
initial sample
malicious
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
modified

Processes

Path
Cmdline
Malicious
C:\Windows\System32\loaddll64.exe
loaddll64.exe "C:\Users\user\Desktop\DVvzRulsoR.dll"
malicious
C:\Windows\System32\regsvr32.exe
regsvr32.exe /s C:\Users\user\Desktop\DVvzRulsoR.dll
malicious
C:\Windows\System32\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\DVvzRulsoR.dll",#1
malicious
C:\Windows\System32\rundll32.exe
rundll32.exe C:\Users\user\Desktop\DVvzRulsoR.dll,DllRegisterServer
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\BBtfDITJMLhY\HkJOPwKLEPOb.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LvIwYhCVKH\jtinUyBvITUVMo.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\MlZgEhEmvETvuuKKb\FtRB.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\YXMhjfj\dQLLbSGEfyZr.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\BBtfDITJMLhY\HkJOPwKLEPOb.dll
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\XtBBL\BJjqJz.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\XbzeDYiEMjhuDu\OFkfcZsheb.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\OjshMzvO\drOxhskRmolSyam.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\XvLyRsZAjXO\BWic.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HAZEhjzZpU\MdCGCivK.dll"
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\XbzeDYiEMjhuDu\OFkfcZsheb.dll
malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\PbznyUjcmjZG\mlrNU.dll"
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\DVvzRulsoR.dll",#1
There are 8 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://172.105.115.71:8080/wwyvvucvxqws/mizawg/mkzlwgu/
unknown
https://172.105.115.71:8080/
unknown
https://172.105.115.71:8080/wwyvvucvxqws/mizawg/mkzlwgu/s.dll
unknown
https://172.105.115.71:8080/dwhiakgtheb/puspmvuhrxeol/
unknown
https://172.105.115.71:8080/s.dll
unknown

IPs

IP
Domain
Country
Malicious
172.105.115.71
unknown
United States
malicious
188.165.79.151
unknown
France
malicious
196.44.98.190
unknown
Ghana
malicious
174.138.33.49
unknown
United States
malicious
36.67.23.59
unknown
Indonesia
malicious
103.41.204.169
unknown
Indonesia
malicious
85.214.67.203
unknown
Germany
malicious
83.229.80.93
unknown
United Kingdom
malicious
198.199.70.22
unknown
United States
malicious
93.104.209.107
unknown
Germany
malicious
186.250.48.5
unknown
Brazil
malicious
209.239.112.82
unknown
United States
malicious
175.126.176.79
unknown
Korea Republic of
malicious
128.199.242.164
unknown
United Kingdom
malicious
178.238.225.252
unknown
Germany
malicious
46.101.98.60
unknown
Netherlands
malicious
190.145.8.4
unknown
Colombia
malicious
82.98.180.154
unknown
Spain
malicious
103.71.99.57
unknown
India
malicious
87.106.97.83
unknown
Germany
malicious
103.254.12.236
unknown
Viet Nam
malicious
103.85.95.4
unknown
Indonesia
malicious
202.134.4.210
unknown
Indonesia
malicious
165.22.254.236
unknown
United States
malicious
78.47.204.80
unknown
Germany
malicious
118.98.72.86
unknown
Indonesia
malicious
139.59.80.108
unknown
Singapore
malicious
104.244.79.94
unknown
United States
malicious
37.44.244.177
unknown
Germany
malicious
51.75.33.122
unknown
France
malicious
160.16.143.191
unknown
Japan
malicious
103.56.149.105
unknown
Indonesia
malicious
85.25.120.45
unknown
Germany
malicious
139.196.72.155
unknown
China
malicious
115.178.55.22
unknown
Indonesia
malicious
103.126.216.86
unknown
Bangladesh
malicious
128.199.217.206
unknown
United Kingdom
malicious
114.79.130.68
unknown
India
malicious
103.224.241.74
unknown
India
malicious
210.57.209.142
unknown
Indonesia
malicious
202.28.34.99
unknown
Thailand
malicious
80.211.107.116
unknown
Italy
malicious
54.37.228.122
unknown
France
malicious
218.38.121.17
unknown
Korea Republic of
malicious
185.148.169.10
unknown
Germany
malicious
195.77.239.39
unknown
Spain
malicious
178.62.112.199
unknown
European Union
malicious
62.171.178.147
unknown
United Kingdom
malicious
64.227.55.231
unknown
United States
malicious
There are 39 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HkJOPwKLEPOb.dll
malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
OFkfcZsheb.dll
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
180001000
direct allocation
page execute read
malicious
180001000
direct allocation
page execute read
malicious
AB0000
direct allocation
page execute and read and write
malicious
180001000
direct allocation
page execute read
malicious
15728870000
direct allocation
page execute and read and write
malicious
20F1C530000
direct allocation
page execute and read and write
malicious
660000
direct allocation
page execute and read and write
malicious
180001000
direct allocation
page execute read
malicious
180001000
direct allocation
page execute read
malicious
A70000
direct allocation
page execute and read and write
malicious
27280100000
direct allocation
page execute and read and write
malicious
180001000
direct allocation
page execute read
malicious
80EE000
stack
page read and write
765000
heap
page read and write
536147A000
stack
page read and write
1BB80A48000
heap
page read and write
7FFE35567000
unkown
page readonly
1BB80910000
heap
page read and write
4910000
heap
page read and write
2A82606A000
heap
page read and write
A20000
heap
page read and write
14D0000
heap
page read and write
2728002C000
heap
page read and write
5D0507F000
stack
page read and write
B5D000
heap
page read and write
18348030000
heap
page read and write
27280000000
heap
page read and write
B88000
heap
page read and write
B94000
heap
page read and write
1BB80A5B000
heap
page read and write
4ED000
heap
page read and write
F7C000
heap
page read and write
18347C70000
trusted library allocation
page read and write
B3E000
heap
page read and write
B4D000
heap
page read and write
AF0000
heap
page readonly
183473D0000
trusted library allocation
page read and write
1FC000
heap
page read and write
7FFE35562000
unkown
page readonly
12D2AABC000
heap
page read and write
20F1DF20000
trusted library allocation
page read and write
BB0000
heap
page readonly
27280160000
trusted library allocation
page read and write
C61000
heap
page read and write
B53000
heap
page read and write
12D2B300000
heap
page read and write
2C1E000
stack
page read and write
272FDCE1000
heap
page read and write
B8E000
heap
page read and write
272FDAA0000
heap
page read and write
4F5000
heap
page read and write
4F5000
heap
page read and write
1F2C000
heap
page read and write
C45000
heap
page read and write
1BB808B0000
heap
page read and write
AD2000
heap
page read and write
15726EC0000
heap
page readonly
B53000
heap
page read and write
18002B000
direct allocation
page readonly
C3D000
heap
page read and write
9326EAC000
stack
page read and write
B40000
heap
page read and write
1E0000
remote allocation
page read and write
7FFE354E1000
unkown
page execute read
272227D000
stack
page read and write
BBF000
heap
page read and write
4ED000
heap
page read and write
12D2A9F0000
trusted library allocation
page read and write
2A825DC0000
heap
page read and write
1433000
heap
page read and write
B2E000
heap
page read and write
B2E000
heap
page read and write
15A5462A000
heap
page read and write
766000
heap
page read and write
7FFE354E1000
unkown
page execute read
2EBE000
stack
page read and write
4F8000
heap
page read and write
B5D000
heap
page read and write
755000
heap
page read and write
1BB81202000
trusted library allocation
page read and write
15726EFD000
heap
page read and write
5D0479B000
stack
page read and write
C10000
heap
page read and write
3B0000
remote allocation
page read and write
24F0000
heap
page read and write
B9C000
heap
page read and write
B7A000
heap
page read and write
37906FE000
stack
page read and write
7FFE35567000
unkown
page readonly
34BD4FE000
stack
page read and write
4C0000
heap
page read and write
B79000
heap
page read and write
7FFE35518000
unkown
page readonly
B3A000
heap
page read and write
1BB80A57000
heap
page read and write
27220FE000
stack
page read and write
520000
heap
page read and write
480000
heap
page read and write
5D04BFF000
stack
page read and write
C3D000
heap
page read and write
18347F22000
heap
page read and write
BBF000
heap
page read and write
B3E000
heap
page read and write
7B0000
remote allocation
page read and write
75D000
heap
page read and write
BBF000
heap
page read and write
1BB80A6B000
heap
page read and write
B3F000
heap
page read and write
4E5000
heap
page read and write
15726EEE000
heap
page read and write
B94000
heap
page read and write
1E0000
remote allocation
page read and write
5D04F7A000
stack
page read and write
93273FF000
stack
page read and write
1BB80A6E000
heap
page read and write
7FFE35565000
unkown
page readonly
18347476000
heap
page read and write
2721E7E000
stack
page read and write
1572879C000
heap
page read and write
B5D000
heap
page read and write
51D000
heap
page read and write
B9C000
heap
page read and write
B28000
heap
page read and write
27280250000
heap
page read and write
1BB80A63000
heap
page read and write
26EE000
stack
page read and write
5F0000
heap
page read and write
7FFE354E0000
unkown
page readonly
7FFE354E1000
unkown
page execute read
1BB80A78000
heap
page read and write
F70000
heap
page read and write
640000
heap
page read and write
C45000
heap
page read and write
1612B4E000
stack
page read and write
F75000
heap
page read and write
C45000
heap
page read and write
2D3B000
heap
page read and write
269C000
heap
page read and write
20F1C5B0000
heap
page read and write
F20000
heap
page read and write
18002D000
direct allocation
page readonly
20F1C560000
direct allocation
page execute and read and write
18348030000
heap
page read and write
15728770000
heap
page read and write
18347429000
heap
page read and write
BD6000
heap
page read and write
180000
heap
page read and write
1B085D80000
heap
page read and write
25F0000
heap
page read and write
51D000
heap
page read and write
1B085E3D000
heap
page read and write
15A54702000
heap
page read and write
53C000
heap
page read and write
B9C000
heap
page read and write
18002C000
direct allocation
page read and write
7FFE354E1000
unkown
page execute read
18347452000
heap
page read and write
8F0000
heap
page read and write
272FDCFF000
heap
page read and write
14D5000
heap
page read and write
272802E0000
heap
page read and write
2A826029000
heap
page read and write
5F70000
heap
page read and write
BA0000
direct allocation
page execute and read and write
7FFE35562000
unkown
page readonly
1BB80A43000
heap
page read and write
15A54590000
remote allocation
page read and write
1612E7E000
stack
page read and write
5360F2C000
stack
page read and write
B09000
heap
page read and write
15726EEE000
heap
page read and write
D5CECFB000
stack
page read and write
18348013000
heap
page read and write
20F1C449000
heap
page read and write
2A826000000
heap
page read and write
9608EFF000
stack
page read and write
BD6000
heap
page read and write
B4D000
heap
page read and write
18347F95000
heap
page read and write
7FFE35518000
unkown
page readonly
15726EFC000
heap
page read and write
B46000
heap
page read and write
272FDC80000
heap
page read and write
18002C000
direct allocation
page read and write
AA8000
heap
page read and write
266E000
stack
page read and write
1F0000
heap
page read and write
569000
heap
page read and write
557000
heap
page read and write
18347FC7000
heap
page read and write
1BB80A3C000
heap
page read and write
9C9000
stack
page read and write
15A55002000
trusted library allocation
page read and write
9326FAF000
stack
page read and write
B56000
heap
page read and write
1BB80A32000
heap
page read and write
1BB80A7B000
heap
page read and write
D5CF47F000
stack
page read and write
EC0000
heap
page read and write
9326F2F000
stack
page read and write
1612F7E000
stack
page read and write
18347490000
heap
page read and write
7FFE35567000
unkown
page readonly
272FDCE1000
heap
page read and write
BBF000
heap
page read and write
C18000
heap
page read and write
15A544C0000
heap
page read and write
272237E000
stack
page read and write
15A544D0000
heap
page read and write
15A54640000
heap
page read and write
15726EB5000
heap
page read and write
AF7000
heap
page read and write
15726EF7000
heap
page read and write
B94000
heap
page read and write
5361579000
stack
page read and write
1BB80A58000
heap
page read and write
B85000
heap
page read and write
18002B000
direct allocation
page readonly
7FFE35562000
unkown
page readonly
12F0000
heap
page read and write
738000
heap
page read and write
2A826089000
heap
page read and write
2721F7E000
stack
page read and write
B85000
heap
page read and write
765000
heap
page read and write
7FFE35562000
unkown
page readonly
15726F28000
heap
page read and write
7FFE354E0000
unkown
page readonly
4F6000
heap
page read and write
18347330000
heap
page read and write
2BAC000
stack
page read and write
7FFE354E0000
unkown
page readonly
12D2B33A000
heap
page read and write
15726EFE000
heap
page read and write
BD6000
heap
page read and write
7FFE3555E000
unkown
page read and write
51D000
heap
page read and write
4E6E000
stack
page read and write
1BB80A59000
heap
page read and write
18347E02000
heap
page read and write
D5CF37F000
stack
page read and write
96091FE000
stack
page read and write
12D2AAC5000
heap
page read and write
34BD5FE000
stack
page read and write
1B085E1F000
heap
page read and write
2A826041000
heap
page read and write
543E000
stack
page read and write
FD0000
heap
page read and write
131D000
heap
page read and write
2A826102000
heap
page read and write
B09000
heap
page read and write
18347FB3000
heap
page read and write
12D2AB13000
heap
page read and write
12D2A880000
heap
page read and write
20F1C459000
heap
page read and write
BC0000
trusted library allocation
page read and write
C45000
heap
page read and write
1315000
heap
page read and write
18002D000
direct allocation
page readonly
9608FFE000
stack
page read and write
7FFE35565000
unkown
page readonly
1B085E2E000
heap
page read and write
D5CF57E000
stack
page read and write
34BCEFB000
stack
page read and write
12D2AA3D000
heap
page read and write
272FDCBB000
heap
page read and write
9F0000
remote allocation
page read and write
34BD3FE000
stack
page read and write
18347F02000
heap
page read and write
276D000
stack
page read and write
272FDBE0000
heap
page read and write
536137F000
stack
page read and write
9608DFF000
stack
page read and write
7FFE354E0000
unkown
page readonly
15726ED0000
heap
page read and write
B85000
heap
page read and write
18348023000
heap
page read and write
A7B000
stack
page read and write
6D5000
heap
page read and write
379067B000
stack
page read and write
1612FFF000
stack
page read and write
15A54560000
trusted library allocation
page read and write
B5D000
heap
page read and write
18002B000
direct allocation
page readonly
B9C000
heap
page read and write
15726EF7000
heap
page read and write
180000000
direct allocation
page read and write
B68000
heap
page read and write
18347F43000
heap
page read and write
B45000
heap
page read and write
18002C000
direct allocation
page read and write
C2F000
heap
page read and write
157288D0000
heap
page read and write
27280160000
trusted library allocation
page read and write
7FFE354E1000
unkown
page execute read
57F0000
heap
page read and write
2652000
heap
page read and write
18347F6D000
heap
page read and write
18002B000
direct allocation
page readonly
7E0000
heap
page read and write
B30000
heap
page read and write
27280130000
direct allocation
page execute and read and write
B3A000
heap
page read and write
74F000
heap
page read and write
18347413000
heap
page read and write
272247C000
stack
page read and write
B7B000
heap
page read and write
272FDCE1000
heap
page read and write
272FDCF8000
heap
page read and write
BBF000
heap
page read and write
1612BCF000
stack
page read and write
BD6000
heap
page read and write
3C0000
heap
page read and write
1326000
heap
page read and write
1612ACC000
stack
page read and write
C3D000
heap
page read and write
183475E5000
heap
page read and write
20F1DD8C000
heap
page read and write
7FFE3555E000
unkown
page read and write
272802E5000
heap
page read and write
12D2AB02000
heap
page read and write
2360000
heap
page read and write
7FFE35518000
unkown
page readonly
18002B000
direct allocation
page readonly
1FC3000
heap
page read and write
2A825F20000
trusted library allocation
page read and write
15726EFF000
heap
page read and write
F13000
heap
page read and write
272FDCA7000
heap
page read and write
B45000
heap
page read and write
1BB80A4E000
heap
page read and write
4F5000
heap
page read and write
157289A0000
trusted library allocation
page read and write
B6C000
heap
page read and write
15726EA0000
direct allocation
page execute and read and write
12D2AACD000
heap
page read and write
20F1C432000
heap
page read and write
12D2AA89000
heap
page read and write
52A000
heap
page read and write
18002C000
direct allocation
page read and write
15726F3A000
heap
page read and write
1B085E52000
heap
page read and write
20F1C3E0000
heap
page read and write
180000000
direct allocation
page read and write
272FDD01000
heap
page read and write
BD6000
heap
page read and write
5D04B7E000
stack
page read and write
B6C000
heap
page read and write
8D0000
heap
page read and write
2BAF000
stack
page read and write
180000000
direct allocation
page read and write
131D000
heap
page read and write
18348000000
heap
page read and write
246E000
stack
page read and write
7FFE35567000
unkown
page readonly
20F1C459000
heap
page read and write
B56000
heap
page read and write
6D0000
heap
page read and write
131D000
heap
page read and write
1BB811B0000
trusted library allocation
page read and write
1612EF9000
stack
page read and write
3790BFE000
stack
page read and write
B6C000
heap
page read and write
1325000
heap
page read and write
7FFE35518000
unkown
page readonly
2721FFC000
stack
page read and write
D60000
trusted library allocation
page read and write
272FDD24000
heap
page read and write
7B0000
remote allocation
page read and write
7FE7000
stack
page read and write
FA0000
remote allocation
page read and write
B4D000
heap
page read and write
F79000
stack
page read and write
6C0000
heap
page read and write
4FF0000
trusted library allocation
page read and write
BD6000
heap
page read and write
15726CF0000
heap
page read and write
96090F9000
stack
page read and write
20F1DF20000
trusted library allocation
page read and write
8F5000
heap
page read and write
1BB80A7C000
heap
page read and write
37908FE000
stack
page read and write
B85000
heap
page read and write
1B085E41000
heap
page read and write
750000
heap
page read and write
180000000
direct allocation
page read and write
B4D000
heap
page read and write
379077E000
stack
page read and write
B17000
heap
page read and write
130000
heap
page read and write
D50000
trusted library allocation
page read and write
38A000
stack
page read and write
1BB80A00000
heap
page read and write
2C2E000
stack
page read and write
20F1C41F000
heap
page read and write
2A826802000
trusted library allocation
page read and write
932747C000
stack
page read and write
20F1DD60000
heap
page read and write
12D2AA2A000
heap
page read and write
36C0000
heap
page read and write
18348027000
heap
page read and write
5D04DFB000
stack
page read and write
690000
direct allocation
page execute and read and write
E10000
remote allocation
page read and write
18347443000
heap
page read and write
B09000
heap
page read and write
548000
heap
page read and write
12D2A890000
heap
page read and write
1F00000
heap
page read and write
183475B9000
heap
page read and write
B72000
heap
page read and write
700000
heap
page read and write
14DC000
heap
page read and write
15726EDB000
heap
page read and write
4DEE000
stack
page read and write
272FDC88000
heap
page read and write
27280140000
heap
page read and write
1BB80A66000
heap
page read and write
18002D000
direct allocation
page readonly
B6F000
heap
page read and write
B27000
heap
page read and write
15A54600000
heap
page read and write
D5CEE7F000
stack
page read and write
15A54530000
heap
page read and write
D5CF67F000
stack
page read and write
C10000
heap
page read and write
B7C000
heap
page read and write
18347465000
heap
page read and write
272FDD35000
heap
page read and write
5770000
trusted library allocation
page read and write
34BD77D000
stack
page read and write
18002B000
direct allocation
page readonly
272FDCE1000
heap
page read and write
B6C000
heap
page read and write
FA0000
remote allocation
page read and write
18347F00000
heap
page read and write
1B085E02000
heap
page read and write
2A82608B000
heap
page read and write
B56000
heap
page read and write
18348002000
heap
page read and write
15726EFF000
heap
page read and write
75D000
heap
page read and write
B94000
heap
page read and write
B9C000
heap
page read and write
1BB80A2A000
heap
page read and write
15726E50000
heap
page read and write
1BB80A3E000
heap
page read and write
B48000
heap
page read and write
B72000
heap
page read and write
261C000
heap
page read and write
B28000
heap
page read and write
1B085D90000
heap
page read and write
20F1C409000
heap
page read and write
272217B000
stack
page read and write
20F1C445000
heap
page read and write
7FFE35565000
unkown
page readonly
B8B000
heap
page read and write
536167F000
stack
page read and write
18002D000
direct allocation
page readonly
1BB80A68000
heap
page read and write
B94000
heap
page read and write
1B085E13000
heap
page read and write
1FC0000
heap
page read and write
1834758E000
heap
page read and write
18347474000
heap
page read and write
9F0000
remote allocation
page read and write
2D0000
heap
page read and write
B09000
heap
page read and write
2A826013000
heap
page read and write
9608CFC000
stack
page read and write
7FFE35562000
unkown
page readonly
1BB80A64000
heap
page read and write
AA0000
heap
page read and write
18347493000
heap
page read and write
18002D000
direct allocation
page readonly
B85000
heap
page read and write
E10000
remote allocation
page read and write
B3C000
heap
page read and write
B85000
heap
page read and write
7FFE3555E000
unkown
page read and write
272FDCEF000
heap
page read and write
20F1C41F000
heap
page read and write
B2E000
heap
page read and write
18347400000
heap
page read and write
703000
heap
page read and write
5D0517E000
stack
page read and write
B56000
heap
page read and write
1BB80A61000
heap
page read and write
910000
heap
page read and write
B8B000
heap
page read and write
7FFE354E0000
unkown
page readonly
E10000
trusted library allocation
page read and write
AE0000
direct allocation
page execute and read and write
272FDCF2000
heap
page read and write
1834742C000
heap
page read and write
B48000
heap
page read and write
B72000
heap
page read and write
34BD37E000
stack
page read and write
180000000
direct allocation
page read and write
2A826076000
heap
page read and write
B09000
heap
page read and write
B68000
heap
page read and write
12D2AA13000
heap
page read and write
2A825DB0000
heap
page read and write
18002D000
direct allocation
page readonly
5FC0000
trusted library allocation
page read and write
1BB80A41000
heap
page read and write
18347FBF000
heap
page read and write
2000000
trusted library allocation
page read and write
272FDD01000
heap
page read and write
B08000
heap
page read and write
18002C000
direct allocation
page read and write
2D2E000
stack
page read and write
C40000
heap
page read and write
B31000
heap
page read and write
6B0000
trusted library allocation
page read and write
7FFE35565000
unkown
page readonly
DE0000
heap
page read and write
7C0000
heap
page read and write
272FDD12000
heap
page read and write
D5CF17D000
stack
page read and write
272FDCBD000
heap
page read and write
24EF000
stack
page read and write
34BD27C000
stack
page read and write
54C0000
trusted library allocation
page read and write
8FC000
heap
page read and write
180000000
direct allocation
page read and write
7FFE354E1000
unkown
page execute read
15A54602000
heap
page read and write
C61000
heap
page read and write
7F6E000
stack
page read and write
1B085E00000
heap
page read and write
D50000
trusted library allocation
page read and write
75D000
heap
page read and write
18347340000
heap
page read and write
B5D000
heap
page read and write
B48000
heap
page read and write
1B086802000
trusted library allocation
page read and write
7EEF000
stack
page read and write
27EB000
stack
page read and write
1BB80A13000
heap
page read and write
1BB80A60000
heap
page read and write
1B085E45000
heap
page read and write
27218EC000
stack
page read and write
1834746B000
heap
page read and write
183473A0000
heap
page read and write
12F8000
heap
page read and write
4F0000
heap
page read and write
1325000
heap
page read and write
272FDD09000
heap
page read and write
20F1C46B000
heap
page read and write
B8C000
heap
page read and write
3030000
heap
page read and write
15726E30000
heap
page read and write
1B085E29000
heap
page read and write
E40000
heap
page read and write
15726F28000
heap
page read and write
12D2AA70000
heap
page read and write
2A826002000
heap
page read and write
272FDCE1000
heap
page read and write
18347F54000
heap
page read and write
15A54590000
remote allocation
page read and write
18347454000
heap
page read and write
157289A0000
trusted library allocation
page read and write
1BB80A7F000
heap
page read and write
B4C000
heap
page read and write
E45000
heap
page read and write
20F1C280000
heap
page read and write
D5CEF7C000
stack
page read and write
272FDC9C000
heap
page read and write
2B2E000
stack
page read and write
BC0000
trusted library allocation
page read and write
12D2AA00000
heap
page read and write
B45000
heap
page read and write
1B086680000
trusted library allocation
page read and write
7FFE3555E000
unkown
page read and write
5D04E79000
stack
page read and write
D5CE8DB000
stack
page read and write
15726EB0000
heap
page read and write
610000
heap
page read and write
1EB000
stack
page read and write
806E000
stack
page read and write
C61000
heap
page read and write
20F1DFD0000
heap
page read and write
20F1C3C0000
heap
page read and write
12D2B202000
heap
page read and write
18347485000
heap
page read and write
4ED000
heap
page read and write
20F1C570000
heap
page readonly
B72000
heap
page read and write
2C2B000
stack
page read and write
B93000
heap
page read and write
B00000
heap
page read and write
BD6000
heap
page read and write
730000
heap
page read and write
B5D000
heap
page read and write
12D2B312000
heap
page read and write
20F1C41F000
heap
page read and write
BD6000
heap
page read and write
52B000
heap
page read and write
C35000
heap
page read and write
7FFE35567000
unkown
page readonly
18347489000
heap
page read and write
272FDCAD000
heap
page read and write
1B085E37000
heap
page read and write
2A825E20000
heap
page read and write
B48000
heap
page read and write
B56000
heap
page read and write
B20000
heap
page read and write
BBF000
heap
page read and write
1B085F02000
heap
page read and write
2E3E000
stack
page read and write
15A54659000
heap
page read and write
14BF000
stack
page read and write
B4E000
heap
page read and write
BBF000
heap
page read and write
2767000
stack
page read and write
2721CFC000
stack
page read and write
20F1C458000
heap
page read and write
1F5000
heap
page read and write
7FFE35518000
unkown
page readonly
B4D000
heap
page read and write
329E000
stack
page read and write
4C8000
heap
page read and write
130F000
heap
page read and write
932727E000
stack
page read and write
D80000
heap
page read and write
15A54590000
remote allocation
page read and write
5D0527A000
stack
page read and write
8AE000
stack
page read and write
18347F22000
heap
page read and write
272257F000
stack
page read and write
7FFE35518000
unkown
page readonly
37909FE000
stack
page read and write
479000
stack
page read and write
2A82605A000
heap
page read and write
2A826113000
heap
page read and write
BBF000
heap
page read and write
7FFE3555E000
unkown
page read and write
18347467000
heap
page read and write
B1A000
heap
page read and write
C61000
heap
page read and write
C46000
heap
page read and write
B09000
heap
page read and write
ECE000
stack
page read and write
7FFE354E0000
unkown
page readonly
7FFE35565000
unkown
page readonly
7FFE3555E000
unkown
page read and write
765000
heap
page read and write
6FB000
stack
page read and write
E00000
heap
page read and write
20F1C430000
heap
page read and write
272FDCB3000
heap
page read and write
7FFE35565000
unkown
page readonly
1430000
heap
page read and write
3790AFE000
stack
page read and write
6A0000
heap
page readonly
1BB808A0000
heap
page read and write
932737C000
stack
page read and write
15726ED7000
heap
page read and write
3E0000
heap
page read and write
7FFE35562000
unkown
page readonly
93272F7000
stack
page read and write
15A54613000
heap
page read and write
B7A000
heap
page read and write
18347458000
heap
page read and write
1BB80A85000
heap
page read and write
1BB80B02000
heap
page read and write
1B085DE0000
heap
page read and write
34BD67F000
stack
page read and write
2CAC000
stack
page read and write
4A0000
heap
page read and write
7FFE35567000
unkown
page readonly
12D2A8F0000
heap
page read and write
A00000
heap
page read and write
20F1C400000
heap
page read and write
B3A000
heap
page read and write
1834743C000
heap
page read and write
F10000
heap
page read and write
3B0000
remote allocation
page read and write
1BB80A5D000
heap
page read and write
54BE000
stack
page read and write
FB0000
heap
page read and write
20F1C5B5000
heap
page read and write
18002C000
direct allocation
page read and write
D5CF27E000
stack
page read and write
4DF000
heap
page read and write
E10000
remote allocation
page read and write
272FDCE1000
heap
page read and write
816B000
stack
page read and write
1EFF000
stack
page read and write
1325000
heap
page read and write
18347513000
heap
page read and write
557000
heap
page read and write
5D04CFF000
stack
page read and write
1BB80A6C000
heap
page read and write
15726F07000
heap
page read and write
There are 687 hidden memdumps, click here to show them.