Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
UC2DFXQIBiE2kQ.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll,ACeujVZMknFDjv
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll,AHuDGMflBfPryOEYjuTfbzJdEM
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IUvcffQnjRFArsrM\JZgYREHBQT.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll,ATjQPkInxPUGuUu
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\IUvcffQnjRFArsrM\JZgYREHBQT.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\ZamKJmwegN\JeCOx.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll",#1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/
|
unknown
|
||
|
https://112.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/lskyxdliqorbrr/wjoazpr/kccttvfhu/
|
unknown
|
||
|
https://172.105.115.71:8080/lskyxdliqorbrr/wjoazpr/kccttvfhu/dll
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
windowsupdatebg.s.llnwi.net
|
41.63.96.128
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
JZgYREHBQT.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E41000
|
direct allocation
|
page execute read
|
|
|
|
C41000
|
direct allocation
|
page execute read
|
|
|
|
1540000
|
direct allocation
|
page execute and read and write
|
|
|
|
1D676C81000
|
direct allocation
|
page execute read
|
|
|
|
1FB00100000
|
direct allocation
|
page execute and read and write
|
|
|
|
1FB00141000
|
direct allocation
|
page execute read
|
|
|
|
960000
|
direct allocation
|
page execute and read and write
|
|
|
|
1CC2A6A1000
|
direct allocation
|
page execute read
|
|
|
|
1D676B30000
|
direct allocation
|
page execute and read and write
|
|
|
|
970000
|
direct allocation
|
page execute and read and write
|
|
|
|
B41000
|
direct allocation
|
page execute read
|
|
|
|
1CC28BE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E988A13000
|
heap
|
page read and write
|
||
|
F0F4F7E000
|
stack
|
page read and write
|
||
|
1AE8AC1F000
|
heap
|
page read and write
|
||
|
13A1000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
1394000
|
heap
|
page read and write
|
||
|
29133A13000
|
heap
|
page read and write
|
||
|
66A59FF000
|
stack
|
page read and write
|
||
|
2D9D000
|
heap
|
page read and write
|
||
|
2ADB000
|
stack
|
page read and write
|
||
|
485E1FC000
|
stack
|
page read and write
|
||
|
226449D1000
|
heap
|
page read and write
|
||
|
1E9887F0000
|
heap
|
page read and write
|
||
|
F0F4BFC000
|
stack
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
137D000
|
heap
|
page read and write
|
||
|
34FD9FB000
|
stack
|
page read and write
|
||
|
FD0000
|
remote allocation
|
page read and write
|
||
|
13DE000
|
heap
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
1D676CAD000
|
direct allocation
|
page readonly
|
||
|
1AE8AC00000
|
heap
|
page read and write
|
||
|
CF34A7E000
|
stack
|
page read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
270989A0000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
7D21A7A000
|
stack
|
page read and write
|
||
|
270980A0000
|
heap
|
page read and write
|
||
|
F0F48FB000
|
stack
|
page read and write
|
||
|
1398000
|
heap
|
page read and write
|
||
|
29133A2A000
|
heap
|
page read and write
|
||
|
1AE8AC2E000
|
heap
|
page read and write
|
||
|
33AD000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
14B632D000
|
stack
|
page read and write
|
||
|
34FD30B000
|
stack
|
page read and write
|
||
|
27098200000
|
heap
|
page read and write
|
||
|
27720060000
|
trusted library allocation
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
119E000
|
stack
|
page read and write
|
||
|
1D676BEB000
|
heap
|
page read and write
|
||
|
1CC28C3B000
|
heap
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
1341000
|
heap
|
page read and write
|
||
|
2E6B000
|
direct allocation
|
page readonly
|
||
|
22643E69000
|
heap
|
page read and write
|
||
|
22643DC0000
|
heap
|
page read and write
|
||
|
22644943000
|
heap
|
page read and write
|
||
|
2E6C000
|
direct allocation
|
page read and write
|
||
|
FD0000
|
remote allocation
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
1FB00170000
|
heap
|
page readonly
|
||
|
1378000
|
heap
|
page read and write
|
||
|
1AE8AC29000
|
heap
|
page read and write
|
||
|
291339F0000
|
heap
|
page read and write
|
||
|
22644A00000
|
heap
|
page read and write
|
||
|
32B0000
|
trusted library allocation
|
page read and write
|
||
|
13BA000
|
heap
|
page read and write
|
||
|
29133ABE000
|
heap
|
page read and write
|
||
|
CE3E3FB000
|
stack
|
page read and write
|
||
|
2771CCC8000
|
heap
|
page read and write
|
||
|
380E000
|
heap
|
page read and write
|
||
|
2E01000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
A6B000
|
heap
|
page read and write
|
||
|
27098202000
|
heap
|
page read and write
|
||
|
2771CCBD000
|
heap
|
page read and write
|
||
|
F33000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
1CC28C60000
|
heap
|
page read and write
|
||
|
22643E93000
|
heap
|
page read and write
|
||
|
201F2B15000
|
heap
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
6BE10FF000
|
stack
|
page read and write
|
||
|
34FD77A000
|
stack
|
page read and write
|
||
|
155A7B60000
|
trusted library allocation
|
page read and write
|
||
|
1CC2A8F0000
|
heap
|
page read and write
|
||
|
134B000
|
heap
|
page read and write
|
||
|
29133A45000
|
heap
|
page read and write
|
||
|
1E988A47000
|
heap
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
243E000
|
stack
|
page read and write
|
||
|
F0F4A7E000
|
stack
|
page read and write
|
||
|
1D678520000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
34FC000
|
stack
|
page read and write
|
||
|
25C6000
|
stack
|
page read and write
|
||
|
1E988A46000
|
heap
|
page read and write
|
||
|
485DD0C000
|
stack
|
page read and write
|
||
|
13FB000
|
heap
|
page read and write
|
||
|
29133A8A000
|
heap
|
page read and write
|
||
|
1E988A83000
|
heap
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
1CC28B70000
|
heap
|
page read and write
|
||
|
22644954000
|
heap
|
page read and write
|
||
|
1AE8AB80000
|
heap
|
page read and write
|
||
|
22644922000
|
heap
|
page read and write
|
||
|
1D676B9F000
|
heap
|
page read and write
|
||
|
27098277000
|
heap
|
page read and write
|
||
|
1FB7CFF0000
|
heap
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
33D0000
|
remote allocation
|
page read and write
|
||
|
2771CDD0000
|
heap
|
page read and write
|
||
|
1E988A2E000
|
heap
|
page read and write
|
||
|
22643E3C000
|
heap
|
page read and write
|
||
|
1367000
|
heap
|
page read and write
|
||
|
E9A000
|
stack
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
1595000
|
heap
|
page read and write
|
||
|
1D676B88000
|
heap
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
1AE8AC13000
|
heap
|
page read and write
|
||
|
1CC28C89000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2771CCD1000
|
heap
|
page read and write
|
||
|
1D676B70000
|
heap
|
page readonly
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
13DE000
|
heap
|
page read and write
|
||
|
9F2000
|
heap
|
page read and write
|
||
|
9DD000
|
heap
|
page read and write
|
||
|
201F2B00000
|
heap
|
page read and write
|
||
|
1CC28C9B000
|
heap
|
page read and write
|
||
|
1FB0002C000
|
heap
|
page read and write
|
||
|
CF34DFE000
|
stack
|
page read and write
|
||
|
32B0000
|
trusted library allocation
|
page read and write
|
||
|
180098000
|
unkown
|
page read and write
|
||
|
22643E64000
|
heap
|
page read and write
|
||
|
1E988A79000
|
heap
|
page read and write
|
||
|
485E77C000
|
stack
|
page read and write
|
||
|
1E988A49000
|
heap
|
page read and write
|
||
|
CF34EFF000
|
stack
|
page read and write
|
||
|
485E27E000
|
stack
|
page read and write
|
||
|
138E000
|
heap
|
page read and write
|
||
|
22643DF0000
|
trusted library allocation
|
page read and write
|
||
|
1AE8ABE0000
|
heap
|
page read and write
|
||
|
1E989202000
|
trusted library allocation
|
page read and write
|
||
|
18004C000
|
unkown
|
page readonly
|
||
|
2DF6000
|
heap
|
page read and write
|
||
|
13FB000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
27720860000
|
heap
|
page read and write
|
||
|
1E988B02000
|
heap
|
page read and write
|
||
|
13A9000
|
heap
|
page read and write
|
||
|
136C000
|
heap
|
page read and write
|
||
|
22644A23000
|
heap
|
page read and write
|
||
|
22643E43000
|
heap
|
page read and write
|
||
|
1FB7CF50000
|
heap
|
page read and write
|
||
|
1CC2A5CC000
|
heap
|
page read and write
|
||
|
1FB7CFDF000
|
heap
|
page read and write
|
||
|
137D000
|
heap
|
page read and write
|
||
|
F32000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
23AE000
|
stack
|
page read and write
|
||
|
6BE107C000
|
stack
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
136C000
|
heap
|
page read and write
|
||
|
485E4FE000
|
stack
|
page read and write
|
||
|
EC0000
|
remote allocation
|
page read and write
|
||
|
299C000
|
stack
|
page read and write
|
||
|
29133A00000
|
heap
|
page read and write
|
||
|
1E988A4E000
|
heap
|
page read and write
|
||
|
22643E88000
|
heap
|
page read and write
|
||
|
27098283000
|
heap
|
page read and write
|
||
|
F0F4D7B000
|
stack
|
page read and write
|
||
|
2771E7D0000
|
heap
|
page read and write
|
||
|
1367000
|
heap
|
page read and write
|
||
|
2771CCC2000
|
heap
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
22644902000
|
heap
|
page read and write
|
||
|
1383000
|
heap
|
page read and write
|
||
|
E5DE4FE000
|
stack
|
page read and write
|
||
|
233F000
|
stack
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
34FDDFF000
|
stack
|
page read and write
|
||
|
1AE8B602000
|
trusted library allocation
|
page read and write
|
||
|
22643E86000
|
heap
|
page read and write
|
||
|
1365000
|
heap
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
34FD8FF000
|
stack
|
page read and write
|
||
|
1E988A45000
|
heap
|
page read and write
|
||
|
1367000
|
heap
|
page read and write
|
||
|
2DDF000
|
heap
|
page read and write
|
||
|
2771CDCB000
|
heap
|
page read and write
|
||
|
E5DE7FF000
|
stack
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
2771CCD9000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
E5DDD7B000
|
stack
|
page read and write
|
||
|
1AE8AC3C000
|
heap
|
page read and write
|
||
|
1CC2A6A0000
|
direct allocation
|
page read and write
|
||
|
1CC2A6CD000
|
direct allocation
|
page readonly
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
1CC28B90000
|
heap
|
page read and write
|
||
|
1D676980000
|
heap
|
page read and write
|
||
|
1D676D75000
|
heap
|
page read and write
|
||
|
1AE8AC4A000
|
heap
|
page read and write
|
||
|
13A1000
|
heap
|
page read and write
|
||
|
2709826B000
|
heap
|
page read and write
|
||
|
22643E92000
|
heap
|
page read and write
|
||
|
27098100000
|
heap
|
page read and write
|
||
|
3691000
|
heap
|
page read and write
|
||
|
E5DE3FF000
|
stack
|
page read and write
|
||
|
F0F4B7F000
|
stack
|
page read and write
|
||
|
155A7C58000
|
heap
|
page read and write
|
||
|
135E000
|
heap
|
page read and write
|
||
|
1FB7CF70000
|
heap
|
page read and write
|
||
|
B6B000
|
direct allocation
|
page readonly
|
||
|
F1F000
|
heap
|
page read and write
|
||
|
1E988A64000
|
heap
|
page read and write
|
||
|
242E000
|
stack
|
page read and write
|
||
|
2771CB60000
|
heap
|
page read and write
|
||
|
134F000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
155A7D02000
|
heap
|
page read and write
|
||
|
1318000
|
heap
|
page read and write
|
||
|
2771CCCC000
|
heap
|
page read and write
|
||
|
1E9887E0000
|
heap
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
201F2A30000
|
heap
|
page read and write
|
||
|
22644922000
|
heap
|
page read and write
|
||
|
1FB00140000
|
direct allocation
|
page read and write
|
||
|
2709823D000
|
heap
|
page read and write
|
||
|
226449BC000
|
heap
|
page read and write
|
||
|
1FB7D345000
|
heap
|
page read and write
|
||
|
1397000
|
heap
|
page read and write
|
||
|
155A7C13000
|
heap
|
page read and write
|
||
|
990000
|
direct allocation
|
page execute and read and write
|
||
|
1FB00390000
|
heap
|
page read and write
|
||
|
1D676AE0000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
27098090000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
1AE8AC44000
|
heap
|
page read and write
|
||
|
FAB000
|
stack
|
page read and write
|
||
|
27098A02000
|
trusted library allocation
|
page read and write
|
||
|
1383000
|
heap
|
page read and write
|
||
|
1FB7CFCB000
|
heap
|
page read and write
|
||
|
1E988A61000
|
heap
|
page read and write
|
||
|
155A7B90000
|
remote allocation
|
page read and write
|
||
|
1CC28C4F000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
1FB7CFDF000
|
heap
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
2ACB000
|
stack
|
page read and write
|
||
|
22644900000
|
heap
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
1CC28C30000
|
heap
|
page read and write
|
||
|
22643D50000
|
heap
|
page read and write
|
||
|
66A58FC000
|
stack
|
page read and write
|
||
|
1E988A40000
|
heap
|
page read and write
|
||
|
B6D000
|
direct allocation
|
page readonly
|
||
|
1D676BD9000
|
heap
|
page read and write
|
||
|
1E988A55000
|
heap
|
page read and write
|
||
|
F3C000
|
heap
|
page read and write
|
||
|
1E988A30000
|
heap
|
page read and write
|
||
|
66A5C7F000
|
stack
|
page read and write
|
||
|
22644994000
|
heap
|
page read and write
|
||
|
13DE000
|
heap
|
page read and write
|
||
|
2771CCD8000
|
heap
|
page read and write
|
||
|
134F000
|
heap
|
page read and write
|
||
|
226449B0000
|
heap
|
page read and write
|
||
|
201F2AA0000
|
heap
|
page read and write
|
||
|
1CC28B00000
|
heap
|
page read and write
|
||
|
2DBC000
|
heap
|
page read and write
|
||
|
CF3471B000
|
stack
|
page read and write
|
||
|
F51000
|
heap
|
page read and write
|
||
|
2709824B000
|
heap
|
page read and write
|
||
|
22644680000
|
trusted library allocation
|
page read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
E5DE6FE000
|
stack
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
1E988A4B000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
22644A27000
|
heap
|
page read and write
|
||
|
E5DE1FF000
|
stack
|
page read and write
|
||
|
1FB00130000
|
direct allocation
|
page execute and read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
136C000
|
heap
|
page read and write
|
||
|
1E988A4F000
|
heap
|
page read and write
|
||
|
23BF000
|
stack
|
page read and write
|
||
|
1570000
|
heap
|
page readonly
|
||
|
3691000
|
heap
|
page read and write
|
||
|
13FB000
|
heap
|
page read and write
|
||
|
34FDD7E000
|
stack
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
22644802000
|
heap
|
page read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
2709825A000
|
heap
|
page read and write
|
||
|
7D2187E000
|
stack
|
page read and write
|
||
|
226449C6000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
22643FE5000
|
heap
|
page read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
1386000
|
heap
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
2DBA000
|
heap
|
page read and write
|
||
|
F08000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
13F5000
|
heap
|
page read and write
|
||
|
1407000
|
heap
|
page read and write
|
||
|
2E40000
|
direct allocation
|
page read and write
|
||
|
137D000
|
heap
|
page read and write
|
||
|
27098302000
|
heap
|
page read and write
|
||
|
13FE000
|
heap
|
page read and write
|
||
|
F36000
|
heap
|
page read and write
|
||
|
22643E00000
|
heap
|
page read and write
|
||
|
1AE8AC53000
|
heap
|
page read and write
|
||
|
1AE8AC02000
|
heap
|
page read and write
|
||
|
C6D000
|
direct allocation
|
page readonly
|
||
|
22644A02000
|
heap
|
page read and write
|
||
|
2AF3000
|
heap
|
page read and write
|
||
|
22644A13000
|
heap
|
page read and write
|
||
|
180098000
|
unkown
|
page read and write
|
||
|
A37000
|
heap
|
page read and write
|
||
|
1383000
|
heap
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
27098313000
|
heap
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
7D21B7E000
|
stack
|
page read and write
|
||
|
18009B000
|
unkown
|
page readonly
|
||
|
2771CCB9000
|
heap
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
2F6B000
|
stack
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
1AE8B480000
|
trusted library allocation
|
page read and write
|
||
|
3648000
|
heap
|
page read and write
|
||
|
1AE8AC3A000
|
heap
|
page read and write
|
||
|
2430000
|
trusted library allocation
|
page read and write
|
||
|
3671000
|
heap
|
page read and write
|
||
|
18004C000
|
unkown
|
page readonly
|
||
|
1378000
|
heap
|
page read and write
|
||
|
1FB7D02B000
|
heap
|
page read and write
|
||
|
29133A70000
|
heap
|
page read and write
|
||
|
1CC28C20000
|
heap
|
page read and write
|
||
|
CE3E6FE000
|
stack
|
page read and write
|
||
|
1FB7CEE0000
|
heap
|
page read and write
|
||
|
A28000
|
heap
|
page read and write
|
||
|
29133980000
|
heap
|
page read and write
|
||
|
13FB000
|
heap
|
page read and write
|
||
|
1CC28C4F000
|
heap
|
page read and write
|
||
|
1D676CAB000
|
direct allocation
|
page readonly
|
||
|
A25000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
155A7AC0000
|
heap
|
page read and write
|
||
|
A59000
|
heap
|
page read and write
|
||
|
1FB7CFC0000
|
heap
|
page read and write
|
||
|
A36000
|
heap
|
page read and write
|
||
|
1D676D70000
|
heap
|
page read and write
|
||
|
2771CCC2000
|
heap
|
page read and write
|
||
|
1E988850000
|
heap
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
18009B000
|
unkown
|
page readonly
|
||
|
2E6D000
|
direct allocation
|
page readonly
|
||
|
1E988A02000
|
heap
|
page read and write
|
||
|
2D79000
|
heap
|
page read and write
|
||
|
1E988A7A000
|
heap
|
page read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
1D67854C000
|
heap
|
page read and write
|
||
|
1E988A39000
|
heap
|
page read and write
|
||
|
1389000
|
heap
|
page read and write
|
||
|
1E988A29000
|
heap
|
page read and write
|
||
|
27720050000
|
heap
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
CE3E67E000
|
stack
|
page read and write
|
||
|
332C000
|
stack
|
page read and write
|
||
|
E5DDEFD000
|
stack
|
page read and write
|
||
|
29133990000
|
heap
|
page read and write
|
||
|
F0F517E000
|
stack
|
page read and write
|
||
|
1CC2A6CB000
|
direct allocation
|
page readonly
|
||
|
22643E66000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
155A7C3D000
|
heap
|
page read and write
|
||
|
13F2000
|
heap
|
page read and write
|
||
|
9A0000
|
direct allocation
|
page execute and read and write
|
||
|
485E5FD000
|
stack
|
page read and write
|
||
|
27098229000
|
heap
|
page read and write
|
||
|
155A7AD0000
|
heap
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
B6C000
|
direct allocation
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
3648000
|
heap
|
page read and write
|
||
|
2DDF000
|
heap
|
page read and write
|
||
|
1FB7D340000
|
heap
|
page read and write
|
||
|
1FB7CFC7000
|
heap
|
page read and write
|
||
|
22643F13000
|
heap
|
page read and write
|
||
|
13FB000
|
heap
|
page read and write
|
||
|
E5DD92B000
|
stack
|
page read and write
|
||
|
B40000
|
direct allocation
|
page read and write
|
||
|
201F2B1A000
|
heap
|
page read and write
|
||
|
8D144FE000
|
stack
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
22643F8E000
|
heap
|
page read and write
|
||
|
1AE8AD02000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
1E988A6A000
|
heap
|
page read and write
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
34FDC7A000
|
stack
|
page read and write
|
||
|
155A7B90000
|
remote allocation
|
page read and write
|
||
|
22643E76000
|
heap
|
page read and write
|
||
|
E5DE5FF000
|
stack
|
page read and write
|
||
|
29134290000
|
trusted library allocation
|
page read and write
|
||
|
27098213000
|
heap
|
page read and write
|
||
|
1E988A66000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
2771CCAB000
|
heap
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
1E988A00000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
8D1447F000
|
stack
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
34FDE7E000
|
stack
|
page read and write
|
||
|
5EB000
|
stack
|
page read and write
|
||
|
18004C000
|
unkown
|
page readonly
|
||
|
1D678780000
|
heap
|
page read and write
|
||
|
F51000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
E5DE2FD000
|
stack
|
page read and write
|
||
|
7D2167B000
|
stack
|
page read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
22643E79000
|
heap
|
page read and write
|
||
|
66A597E000
|
stack
|
page read and write
|
||
|
1357000
|
heap
|
page read and write
|
||
|
22643D60000
|
heap
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
155A7C23000
|
heap
|
page read and write
|
||
|
1CC28C89000
|
heap
|
page read and write
|
||
|
25F7000
|
stack
|
page read and write
|
||
|
1CC28C25000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
29133B02000
|
heap
|
page read and write
|
||
|
11EC000
|
heap
|
page read and write
|
||
|
1FB0016B000
|
direct allocation
|
page readonly
|
||
|
3670000
|
heap
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
22643E29000
|
heap
|
page read and write
|
||
|
13FB000
|
heap
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
1E988A3D000
|
heap
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
2771CCB9000
|
heap
|
page read and write
|
||
|
1E988A3A000
|
heap
|
page read and write
|
||
|
201F2B08000
|
heap
|
page read and write
|
||
|
13A9000
|
heap
|
page read and write
|
||
|
6BE117E000
|
stack
|
page read and write
|
||
|
155A7C00000
|
heap
|
page read and write
|
||
|
1E988A62000
|
heap
|
page read and write
|
||
|
F36000
|
heap
|
page read and write
|
||
|
CF34CFE000
|
stack
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
1D676B60000
|
direct allocation
|
page execute and read and write
|
||
|
C6B000
|
direct allocation
|
page readonly
|
||
|
1E988A42000
|
heap
|
page read and write
|
||
|
22643E5A000
|
heap
|
page read and write
|
||
|
1AE8AB90000
|
heap
|
page read and write
|
||
|
3671000
|
heap
|
page read and write
|
||
|
CF34BFE000
|
stack
|
page read and write
|
||
|
1D676C80000
|
direct allocation
|
page read and write
|
||
|
F0F4E7C000
|
stack
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
1CC2A6D0000
|
heap
|
page readonly
|
||
|
A36000
|
heap
|
page read and write
|
||
|
C40000
|
direct allocation
|
page read and write
|
||
|
13FB000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page readonly
|
||
|
22643FB9000
|
heap
|
page read and write
|
||
|
1CC28C4F000
|
heap
|
page read and write
|
||
|
29133AC5000
|
heap
|
page read and write
|
||
|
5CE0000
|
trusted library allocation
|
page read and write
|
||
|
155A7C02000
|
heap
|
page read and write
|
||
|
22643E13000
|
heap
|
page read and write
|
||
|
1397000
|
heap
|
page read and write
|
||
|
1D676B9F000
|
heap
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
7D21979000
|
stack
|
page read and write
|
||
|
29134402000
|
heap
|
page read and write
|
||
|
F0F44DB000
|
stack
|
page read and write
|
||
|
1D676AC0000
|
heap
|
page read and write
|
||
|
5FB000
|
stack
|
page read and write
|
||
|
1CC28C10000
|
direct allocation
|
page execute and read and write
|
||
|
1E988A6C000
|
heap
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
A3A000
|
heap
|
page read and write
|
||
|
34FDA79000
|
stack
|
page read and write
|
||
|
2709825E000
|
heap
|
page read and write
|
||
|
1420000
|
direct allocation
|
page execute and read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
CF3479E000
|
stack
|
page read and write
|
||
|
1E988A4D000
|
heap
|
page read and write
|
||
|
1D676BD9000
|
heap
|
page read and write
|
||
|
135E000
|
heap
|
page read and write
|
||
|
2771CDA0000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
13A1000
|
heap
|
page read and write
|
||
|
1D676B9F000
|
heap
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
27098289000
|
heap
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
2DDF000
|
heap
|
page read and write
|
||
|
29133B13000
|
heap
|
page read and write
|
||
|
2771CCCC000
|
heap
|
page read and write
|
||
|
1FB7CFDF000
|
heap
|
page read and write
|
||
|
29133ACF000
|
heap
|
page read and write
|
||
|
27720053000
|
heap
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
1E988A5F000
|
heap
|
page read and write
|
||
|
485E47D000
|
stack
|
page read and write
|
||
|
22644A30000
|
heap
|
page read and write
|
||
|
155A7C29000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
1E988A7D000
|
heap
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
1FB00000000
|
heap
|
page read and write
|
||
|
8D141DC000
|
stack
|
page read and write
|
||
|
34FDB7F000
|
stack
|
page read and write
|
||
|
2771CDC5000
|
heap
|
page read and write
|
||
|
1FB0016D000
|
direct allocation
|
page readonly
|
||
|
27098278000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
33D0000
|
remote allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page readonly
|
||
|
A48000
|
heap
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
1E988A69000
|
heap
|
page read and write
|
||
|
C6C000
|
direct allocation
|
page read and write
|
||
|
1357000
|
heap
|
page read and write
|
||
|
1FB7D019000
|
heap
|
page read and write
|
||
|
33D0000
|
remote allocation
|
page read and write
|
||
|
2771CCDD000
|
heap
|
page read and write
|
||
|
1D676B80000
|
heap
|
page read and write
|
||
|
155A7B90000
|
remote allocation
|
page read and write
|
||
|
F0F507D000
|
stack
|
page read and write
|
||
|
155A8602000
|
trusted library allocation
|
page read and write
|
||
|
29134500000
|
heap
|
page read and write
|
||
|
9BB000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
22643E56000
|
heap
|
page read and write
|
||
|
1FB7D019000
|
heap
|
page read and write
|
||
|
2771CCE5000
|
heap
|
page read and write
|
||
|
1E988A2D000
|
heap
|
page read and write
|
||
|
2264496F000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
1CC2A5A0000
|
heap
|
page read and write
|
||
|
27098279000
|
heap
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
1E988950000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
remote allocation
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
155A7B30000
|
heap
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
1D676BB0000
|
heap
|
page read and write
|
||
|
2771CCA0000
|
heap
|
page read and write
|
||
|
2771CCBF000
|
heap
|
page read and write
|
||
|
22643E8B000
|
heap
|
page read and write
|
||
|
2771CDC0000
|
heap
|
page read and write
|
||
|
E5DDFFF000
|
stack
|
page read and write
|
||
|
18009B000
|
unkown
|
page readonly
|
||
|
2771CCBE000
|
heap
|
page read and write
|
||
|
180098000
|
unkown
|
page read and write
|
||
|
F0F4CFE000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
1E988A76000
|
heap
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
29133A68000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
2EEC000
|
stack
|
page read and write
|
There are 588 hidden memdumps, click here to show them.