Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
4470_02112022.xls
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Author: Gydar, Last Saved
By: Gydar, Name of Creating Application: Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date:
Wed Nov 2 06:43:53 2022, Security: 0
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\40hd04O0[1].dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\4470_02112022.xls
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Author: Gydar, Last Saved
By: Gydar, Name of Creating Application: Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date:
Wed Nov 2 06:43:53 2022, Security: 0
|
dropped
|
|
|
|
C:\Users\user\oxnv4.ooccxx
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\SnILCOTnpOOFucYhP\FatGkw.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFF4CE5664A8A889FE.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\8PWG8A6W.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\BZQ2JIWJ.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\CKTKLCSO.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\FBMK8V7A.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\HC8X1KC5.txt
|
ASCII text
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe ..\oxnv1.ooccxx
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe ..\oxnv2.ooccxx
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe ..\oxnv3.ooccxx
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe ..\oxnv4.ooccxx
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\SnILCOTnpOOFucYhP\FatGkw.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\SnILCOTnpOOFucYhP\FatGkw.dll
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.3d-stickers.com/Content/Afa1PcRuxh/
|
163.172.108.69
|
|
|
|
https://218.38.121.17/
|
218.38.121.17
|
|
|
|
https://www.3d-stickers.com/page-non-trouvee
|
163.172.108.69
|
|
|
|
http://www.3d-stickers.com/Content/Afa1PcRuxh/
|
163.172.108.69
|
|
|
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
https://www.spinbalence.com/Adapter/moycMR/
|
163.172.115.127
|
||
|
https://www.spinbalence.com/index.php?controller=404
|
163.172.115.127
|
||
|
http://navylin.com/bsavxiv/axHQYKl/
|
47.92.133.65
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
https://secure.comodo.co
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
http://www.spinbalence.com/Adapter/moycMR/
|
163.172.115.127
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
There are 7 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sat7ate.com
|
unknown
|
|
|
|
www.3d-stickers.com
|
163.172.108.69
|
||
|
www.spinbalence.com
|
163.172.115.127
|
||
|
navylin.com
|
47.92.133.65
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
|
|
163.172.115.127
|
www.spinbalence.com
|
United Kingdom
|
||
|
47.92.133.65
|
navylin.com
|
China
|
||
|
163.172.108.69
|
www.3d-stickers.com
|
United Kingdom
|
||
|
192.168.2.255
|
unknown
|
unknown
|
There are 40 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
FatGkw.dll
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
')/
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\65E08
|
65E08
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
%f/
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
39A000
|
heap
|
page read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2010000
|
direct allocation
|
page execute and read and write
|
|
|
|
2BA000
|
heap
|
page read and write
|
|
|
|
2B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
22C6000
|
heap
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
3F40000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
16D000
|
heap
|
page read and write
|
||
|
207000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
21D6000
|
heap
|
page read and write
|
||
|
30A000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
225B000
|
heap
|
page read and write
|
||
|
338000
|
heap
|
page read and write
|
||
|
362000
|
heap
|
page read and write
|
||
|
2288000
|
heap
|
page read and write
|
||
|
10C000
|
heap
|
page read and write
|
||
|
259000
|
stack
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
364000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
29E000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
2FC8000
|
heap
|
page read and write
|
||
|
310000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
direct allocation
|
page execute and read and write
|
||
|
253000
|
heap
|
page read and write
|
||
|
229C000
|
heap
|
page read and write
|
||
|
2248000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2175000
|
heap
|
page read and write
|
||
|
2204000
|
heap
|
page read and write
|
||
|
21E7000
|
heap
|
page read and write
|
||
|
2204000
|
heap
|
page read and write
|
||
|
4005000
|
heap
|
page read and write
|
||
|
200000
|
trusted library allocation
|
page read and write
|
||
|
12A000
|
heap
|
page read and write
|
||
|
10057000
|
unkown
|
page readonly
|
||
|
100BA000
|
unkown
|
page readonly
|
||
|
100B0000
|
unkown
|
page read and write
|
||
|
2227000
|
heap
|
page read and write
|
||
|
229B000
|
heap
|
page read and write
|
||
|
35A000
|
heap
|
page read and write
|
||
|
3F9F000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
165000
|
heap
|
page read and write
|
||
|
2F0000
|
direct allocation
|
page execute and read and write
|
||
|
117000
|
heap
|
page read and write
|
||
|
2226000
|
heap
|
page read and write
|
||
|
175000
|
heap
|
page read and write
|
||
|
2227000
|
heap
|
page read and write
|
||
|
436000
|
heap
|
page read and write
|
||
|
554000
|
heap
|
page read and write
|
||
|
2216000
|
heap
|
page read and write
|
||
|
22C4000
|
heap
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
2227000
|
heap
|
page read and write
|
||
|
21F6000
|
heap
|
page read and write
|
||
|
31A000
|
heap
|
page read and write
|
||
|
4E6000
|
heap
|
page read and write
|
||
|
100B0000
|
unkown
|
page read and write
|
||
|
22B6000
|
heap
|
page read and write
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
2288000
|
heap
|
page read and write
|
||
|
22D8000
|
heap
|
page read and write
|
||
|
33E000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
22A8000
|
heap
|
page read and write
|
||
|
D3000
|
heap
|
page read and write
|
||
|
359000
|
heap
|
page read and write
|
||
|
2561000
|
heap
|
page read and write
|
||
|
3A5000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
3E7000
|
heap
|
page read and write
|
||
|
134000
|
heap
|
page read and write
|
||
|
105000
|
heap
|
page read and write
|
||
|
2FE2000
|
heap
|
page read and write
|
||
|
26EF000
|
stack
|
page read and write
|
||
|
4009000
|
heap
|
page read and write
|
||
|
2D0000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
1CF000
|
heap
|
page read and write
|
||
|
2160000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
100BA000
|
unkown
|
page readonly
|
||
|
3E5000
|
heap
|
page read and write
|
||
|
2B7000
|
heap
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
2218000
|
heap
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
300000
|
trusted library allocation
|
page read and write
|
||
|
2318000
|
heap
|
page read and write
|
||
|
306000
|
heap
|
page read and write
|
||
|
2318000
|
heap
|
page read and write
|
||
|
3EB000
|
heap
|
page read and write
|
||
|
250000
|
heap
|
page read and write
|
||
|
332000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
2FDA000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
21E7000
|
heap
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
326000
|
heap
|
page read and write
|
||
|
214B000
|
heap
|
page read and write
|
||
|
3F1E000
|
stack
|
page read and write
|
||
|
219B000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
165000
|
heap
|
page read and write
|
||
|
2949000
|
stack
|
page read and write
|
||
|
2288000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
3F69000
|
heap
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
189000
|
heap
|
page read and write
|
||
|
16C000
|
heap
|
page read and write
|
||
|
7EFE0000
|
unkown
|
page readonly
|
||
|
352E000
|
stack
|
page read and write
|
||
|
2FC000
|
heap
|
page read and write
|
||
|
37E000
|
heap
|
page read and write
|
||
|
200000
|
remote allocation
|
page read and write
|
||
|
18A000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2318000
|
heap
|
page read and write
|
||
|
290000
|
trusted library allocation
|
page execute and read and write
|
||
|
14A000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
2E6A000
|
heap
|
page read and write
|
||
|
2218000
|
heap
|
page read and write
|
||
|
3F60000
|
heap
|
page read and write
|
||
|
2A2E000
|
stack
|
page read and write
|
||
|
225B000
|
heap
|
page read and write
|
||
|
175000
|
heap
|
page read and write
|
||
|
2B4000
|
heap
|
page read and write
|
||
|
162000
|
heap
|
page read and write
|
||
|
2E4000
|
heap
|
page read and write
|
||
|
EE000
|
heap
|
page read and write
|
||
|
C9000
|
stack
|
page read and write
|
||
|
129000
|
heap
|
page read and write
|
||
|
2288000
|
heap
|
page read and write
|
||
|
126000
|
heap
|
page read and write
|
||
|
105000
|
heap
|
page read and write
|
||
|
250000
|
heap
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
2110000
|
heap
|
page read and write
|
||
|
347000
|
heap
|
page read and write
|
||
|
310000
|
remote allocation
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
2A6000
|
heap
|
page read and write
|
||
|
200000
|
remote allocation
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
526000
|
heap
|
page read and write
|
||
|
DA000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
2204000
|
heap
|
page read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
1CC000
|
stack
|
page read and write
|
||
|
194000
|
heap
|
page read and write
|
||
|
10E000
|
heap
|
page read and write
|
||
|
23A1000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
2389000
|
heap
|
page read and write
|
||
|
244D000
|
stack
|
page read and write
|
||
|
10057000
|
unkown
|
page readonly
|
||
|
2B0000
|
heap
|
page read and write
|
||
|
1CD000
|
heap
|
page read and write
|
||
|
254000
|
heap
|
page read and write
|
||
|
338000
|
heap
|
page read and write
|
||
|
2236000
|
heap
|
page read and write
|
||
|
276C000
|
stack
|
page read and write
|
||
|
334000
|
heap
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
80000
|
heap
|
page read and write
|
||
|
2218000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
3F5000
|
heap
|
page read and write
|
||
|
140000
|
trusted library allocation
|
page read and write
|
||
|
100BA000
|
unkown
|
page readonly
|
||
|
24A1000
|
heap
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
3DC000
|
heap
|
page read and write
|
||
|
2EE000
|
heap
|
page read and write
|
||
|
2218000
|
heap
|
page read and write
|
||
|
35EE000
|
stack
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
177000
|
heap
|
page read and write
|
||
|
1B6000
|
heap
|
page read and write
|
||
|
33B000
|
heap
|
page read and write
|
||
|
23A1000
|
heap
|
page read and write
|
||
|
22B7000
|
heap
|
page read and write
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
3D1000
|
heap
|
page read and write
|
||
|
BE000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
27DC000
|
stack
|
page read and write
|
||
|
13A000
|
heap
|
page read and write
|
||
|
181000
|
heap
|
page read and write
|
||
|
2B3000
|
heap
|
page read and write
|
||
|
221E000
|
heap
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
10057000
|
unkown
|
page readonly
|
||
|
BCF000
|
stack
|
page read and write
|
||
|
373E000
|
stack
|
page read and write
|
||
|
2288000
|
heap
|
page read and write
|
||
|
E7000
|
heap
|
page read and write
|
||
|
121000
|
heap
|
page read and write
|
||
|
33C000
|
heap
|
page read and write
|
||
|
39C000
|
heap
|
page read and write
|
||
|
3ED000
|
heap
|
page read and write
|
||
|
21E6000
|
heap
|
page read and write
|
||
|
2AB000
|
heap
|
page read and write
|
||
|
4000000
|
heap
|
page read and write
|
||
|
23A1000
|
heap
|
page read and write
|
||
|
1DB000
|
heap
|
page read and write
|
||
|
22A8000
|
heap
|
page read and write
|
||
|
238E000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
24A1000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2FDE000
|
heap
|
page read and write
|
||
|
E0000
|
heap
|
page read and write
|
||
|
1D5000
|
heap
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
12E000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
396000
|
heap
|
page read and write
|
||
|
496000
|
heap
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
3F4000
|
heap
|
page read and write
|
||
|
232C000
|
heap
|
page read and write
|
||
|
232B000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
2204000
|
heap
|
page read and write
|
||
|
347000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
80F000
|
stack
|
page read and write
|
||
|
24A1000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
2ED000
|
heap
|
page read and write
|
||
|
14E000
|
heap
|
page read and write
|
||
|
2095000
|
heap
|
page read and write
|
||
|
21AB000
|
heap
|
page read and write
|
||
|
22A8000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
345000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
293C000
|
stack
|
page read and write
|
||
|
2F8000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
23E000
|
heap
|
page read and write
|
||
|
100B7000
|
unkown
|
page read and write
|
||
|
351000
|
heap
|
page read and write
|
||
|
2561000
|
heap
|
page read and write
|
||
|
35E000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
2F1000
|
heap
|
page read and write
|
||
|
2248000
|
heap
|
page read and write
|
||
|
2E52000
|
heap
|
page read and write
|
||
|
16C000
|
heap
|
page read and write
|
||
|
3DD000
|
heap
|
page read and write
|
||
|
2170000
|
heap
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
EA000
|
heap
|
page read and write
|
||
|
16F000
|
heap
|
page read and write
|
||
|
2E5000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
25A000
|
heap
|
page read and write
|
||
|
2380000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
22A6000
|
heap
|
page read and write
|
||
|
22AE000
|
heap
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
3DC000
|
heap
|
page read and write
|
||
|
200000
|
heap
|
page read and write
|
||
|
303C000
|
stack
|
page read and write
|
||
|
1E0000
|
trusted library allocation
|
page read and write
|
||
|
2318000
|
heap
|
page read and write
|
||
|
102000
|
heap
|
page read and write
|
||
|
2234000
|
heap
|
page read and write
|
||
|
4A6000
|
heap
|
page read and write
|
||
|
186000
|
heap
|
page read and write
|
||
|
2FCA000
|
heap
|
page read and write
|
||
|
31E000
|
heap
|
page read and write
|
||
|
28BF000
|
stack
|
page read and write
|
||
|
2185000
|
heap
|
page read and write
|
||
|
22A8000
|
heap
|
page read and write
|
||
|
267000
|
heap
|
page read and write
|
||
|
393000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
2B0000
|
heap
|
page read and write
|
||
|
1D8000
|
heap
|
page read and write
|
||
|
11E000
|
heap
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
115000
|
heap
|
page read and write
|
||
|
2080000
|
heap
|
page read and write
|
||
|
254000
|
heap
|
page read and write
|
||
|
16C000
|
stack
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
336000
|
heap
|
page read and write
|
||
|
2248000
|
heap
|
page read and write
|
||
|
132000
|
heap
|
page read and write
|
||
|
3EDF000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2218000
|
heap
|
page read and write
|
||
|
339000
|
heap
|
page read and write
|
||
|
1D9000
|
heap
|
page read and write
|
||
|
238B000
|
heap
|
page read and write
|
||
|
24A1000
|
heap
|
page read and write
|
||
|
3E4000
|
heap
|
page read and write
|
||
|
215E000
|
stack
|
page read and write
|
||
|
3F49000
|
heap
|
page read and write
|
||
|
3E6000
|
heap
|
page read and write
|
||
|
1D4000
|
heap
|
page read and write
|
||
|
2E58000
|
heap
|
page read and write
|
||
|
20CB000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2384000
|
heap
|
page read and write
|
||
|
2248000
|
heap
|
page read and write
|
||
|
335000
|
heap
|
page read and write
|
||
|
39D000
|
heap
|
page read and write
|
||
|
22B5000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
21BB000
|
heap
|
page read and write
|
||
|
2204000
|
heap
|
page read and write
|
||
|
1A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D1C000
|
stack
|
page read and write
|
||
|
100B0000
|
unkown
|
page read and write
|
||
|
335000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
2115000
|
heap
|
page read and write
|
||
|
22B7000
|
heap
|
page read and write
|
||
|
2218000
|
heap
|
page read and write
|
||
|
22B7000
|
heap
|
page read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
2248000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
2388000
|
heap
|
page read and write
|
||
|
100B7000
|
unkown
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
356000
|
heap
|
page read and write
|
||
|
225C000
|
heap
|
page read and write
|
||
|
87000
|
heap
|
page read and write
|
||
|
39F000
|
heap
|
page read and write
|
||
|
2165000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
2287000
|
heap
|
page read and write
|
||
|
1B6000
|
heap
|
page read and write
|
||
|
18E000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
130000
|
direct allocation
|
page execute and read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
3ED000
|
heap
|
page read and write
|
||
|
184000
|
heap
|
page read and write
|
||
|
2204000
|
heap
|
page read and write
|
||
|
269000
|
stack
|
page read and write
|
||
|
100B7000
|
unkown
|
page read and write
|
||
|
430000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D000
|
heap
|
page read and write
|
||
|
232B000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
2248000
|
heap
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
2208000
|
heap
|
page read and write
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
2388000
|
heap
|
page read and write
|
||
|
2B7000
|
heap
|
page read and write
|
||
|
1D8000
|
heap
|
page read and write
|
||
|
3B5000
|
heap
|
page read and write
|
||
|
3F65000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2561000
|
heap
|
page read and write
|
||
|
21E7000
|
heap
|
page read and write
|
||
|
2C3000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
35D000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
3ED000
|
heap
|
page read and write
|
||
|
310000
|
remote allocation
|
page read and write
|
||
|
303000
|
heap
|
page read and write
|
||
|
229B000
|
heap
|
page read and write
|
||
|
18D000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
3F1000
|
heap
|
page read and write
|
||
|
2318000
|
heap
|
page read and write
|
||
|
192000
|
heap
|
page read and write
|
||
|
3F45000
|
heap
|
page read and write
|
||
|
3D1000
|
heap
|
page read and write
|
||
|
1CC000
|
heap
|
page read and write
|
||
|
ED000
|
stack
|
page read and write
|
||
|
22A8000
|
heap
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
260000
|
heap
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
133000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
16E000
|
heap
|
page read and write
|
||
|
2F6000
|
heap
|
page read and write
|
There are 424 hidden memdumps, click here to show them.