Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
UC2DFXQIBiE2kQ.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll,ACeujVZMknFDjv
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll,AHuDGMflBfPryOEYjuTfbzJdEM
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\MHtsbrv\IoiBQ.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll,ATjQPkInxPUGuUu
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\MHtsbrv\IoiBQ.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\VADoV\ahExZn.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IUvcffQnjRFArsrM\JZgYREHBQT.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\IUvcffQnjRFArsrM\JZgYREHBQT.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\ZamKJmwegN\JeCOx.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\UC2DFXQIBiE2kQ.dll",#1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://172.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/sznnz/
|
unknown
|
||
|
https://112.105.115.71:8080/
|
unknown
|
||
|
https://172.105.115.71:8080/lskyxdliqorbrr/wjoazpr/kccttvfhu/
|
unknown
|
||
|
https://172.105.115.71:8080/lskyxdliqorbrr/wjoazpr/kccttvfhu/dll
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
c-0001.c-msedge.net
|
13.107.4.50
|
||
|
windowsupdatebg.s.llnwi.net
|
41.63.96.128
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.105.115.71
|
unknown
|
United States
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
186.250.48.5
|
unknown
|
Brazil
|
|
|
|
209.239.112.82
|
unknown
|
United States
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
82.98.180.154
|
unknown
|
Spain
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
51.75.33.122
|
unknown
|
France
|
|
|
|
160.16.143.191
|
unknown
|
Japan
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
115.178.55.22
|
unknown
|
Indonesia
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
114.79.130.68
|
unknown
|
India
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
80.211.107.116
|
unknown
|
Italy
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
218.38.121.17
|
unknown
|
Korea Republic of
|
|
|
|
185.148.169.10
|
unknown
|
Germany
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
There are 39 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
IoiBQ.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
JZgYREHBQT.dll
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D41000
|
direct allocation
|
page execute read
|
|
|
|
2371000
|
direct allocation
|
page execute read
|
|
|
|
2D10000
|
direct allocation
|
page execute and read and write
|
|
|
|
1FA0A8D1000
|
direct allocation
|
page execute read
|
|
|
|
F51000
|
direct allocation
|
page execute read
|
|
|
|
F00000
|
direct allocation
|
page execute and read and write
|
|
|
|
1FA0A880000
|
direct allocation
|
page execute and read and write
|
|
|
|
2D49CBA1000
|
direct allocation
|
page execute read
|
|
|
|
2220000
|
direct allocation
|
page execute and read and write
|
|
|
|
2112E630000
|
direct allocation
|
page execute and read and write
|
|
|
|
2112E661000
|
direct allocation
|
page execute read
|
|
|
|
2D49C940000
|
direct allocation
|
page execute and read and write
|
|
|
|
1FA0A966000
|
heap
|
page read and write
|
||
|
1FA0A8B0000
|
heap
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
DCE000
|
heap
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
1FA0A900000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
13D7000
|
heap
|
page read and write
|
||
|
2112E660000
|
direct allocation
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
27E9000
|
heap
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
2906A8C1000
|
heap
|
page read and write
|
||
|
1146000
|
heap
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
2906A8C1000
|
heap
|
page read and write
|
||
|
C679E8B000
|
stack
|
page read and write
|
||
|
2906AB20000
|
heap
|
page read and write
|
||
|
1415000
|
heap
|
page read and write
|
||
|
221C4E80000
|
heap
|
page read and write
|
||
|
2906DD03000
|
heap
|
page read and write
|
||
|
2112CBF9000
|
heap
|
page read and write
|
||
|
221C5BF0000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
28AC000
|
stack
|
page read and write
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
DD4000
|
heap
|
page read and write
|
||
|
2112E68B000
|
direct allocation
|
page readonly
|
||
|
F50000
|
direct allocation
|
page read and write
|
||
|
DAD000
|
heap
|
page read and write
|
||
|
2D6D000
|
stack
|
page read and write
|
||
|
3021000
|
heap
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
FC5000
|
heap
|
page read and write
|
||
|
1FA0A6D0000
|
heap
|
page read and write
|
||
|
13A9000
|
heap
|
page read and write
|
||
|
2112CBAE000
|
heap
|
page read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
239D000
|
direct allocation
|
page readonly
|
||
|
1150000
|
heap
|
page read and write
|
||
|
F7C000
|
direct allocation
|
page read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
2906A8A9000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
E90000
|
heap
|
page read and write
|
||
|
1FA0A8D0000
|
direct allocation
|
page read and write
|
||
|
DC9000
|
heap
|
page read and write
|
||
|
DC9000
|
heap
|
page read and write
|
||
|
10C0000
|
remote allocation
|
page read and write
|
||
|
1146000
|
heap
|
page read and write
|
||
|
2906A8C3000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
2D6D000
|
direct allocation
|
page readonly
|
||
|
82D000
|
heap
|
page read and write
|
||
|
2EAF000
|
stack
|
page read and write
|
||
|
1135000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
2CED000
|
stack
|
page read and write
|
||
|
C679F8E000
|
stack
|
page read and write
|
||
|
2112CC2A000
|
heap
|
page read and write
|
||
|
F4B000
|
stack
|
page read and write
|
||
|
2112CC16000
|
heap
|
page read and write
|
||
|
57B000
|
stack
|
page read and write
|
||
|
221C4F0A000
|
heap
|
page read and write
|
||
|
2250000
|
direct allocation
|
page execute and read and write
|
||
|
2906A8CC000
|
heap
|
page read and write
|
||
|
2112CC18000
|
heap
|
page read and write
|
||
|
2112CBBF000
|
heap
|
page read and write
|
||
|
C679F0E000
|
stack
|
page read and write
|
||
|
134F000
|
stack
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
27EC000
|
heap
|
page read and write
|
||
|
2D49CC05000
|
heap
|
page read and write
|
||
|
DDC000
|
heap
|
page read and write
|
||
|
2906A8BD000
|
heap
|
page read and write
|
||
|
6F57B4E000
|
stack
|
page read and write
|
||
|
DBA000
|
heap
|
page read and write
|
||
|
FA64B5C000
|
stack
|
page read and write
|
||
|
1FA0A99B000
|
heap
|
page read and write
|
||
|
867000
|
heap
|
page read and write
|
||
|
905EBAF000
|
stack
|
page read and write
|
||
|
221C50F5000
|
heap
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
2D49C8D0000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
FA64E7F000
|
stack
|
page read and write
|
||
|
B7C36FD000
|
stack
|
page read and write
|
||
|
139D000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
1FA0A8FB000
|
direct allocation
|
page readonly
|
||
|
2906A8B9000
|
heap
|
page read and write
|
||
|
18004C000
|
unkown
|
page readonly
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
27E9000
|
heap
|
page read and write
|
||
|
229C000
|
heap
|
page read and write
|
||
|
27D8000
|
heap
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page readonly
|
||
|
2790000
|
heap
|
page read and write
|
||
|
2112CB20000
|
heap
|
page read and write
|
||
|
1FA0C2A0000
|
heap
|
page readonly
|
||
|
DAD000
|
heap
|
page read and write
|
||
|
221C4F15000
|
heap
|
page read and write
|
||
|
1FA0A976000
|
heap
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
221C50D0000
|
heap
|
page readonly
|
||
|
2906DD00000
|
heap
|
page read and write
|
||
|
2516979000
|
stack
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
2769000
|
heap
|
page read and write
|
||
|
1FA0A8B5000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
10C0000
|
remote allocation
|
page read and write
|
||
|
27E9000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page readonly
|
||
|
1161000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
2C3C000
|
heap
|
page read and write
|
||
|
1FA0A908000
|
heap
|
page read and write
|
||
|
13E9000
|
heap
|
page read and write
|
||
|
18004C000
|
unkown
|
page readonly
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
2D49CA0B000
|
heap
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
13C7000
|
heap
|
page read and write
|
||
|
3049000
|
heap
|
page read and write
|
||
|
31BF000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
27D8000
|
heap
|
page read and write
|
||
|
1FA0A958000
|
heap
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
83B000
|
heap
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
2906A8B9000
|
heap
|
page read and write
|
||
|
2D49C980000
|
heap
|
page readonly
|
||
|
2FD8000
|
heap
|
page read and write
|
||
|
221C4F0C000
|
heap
|
page read and write
|
||
|
27B1000
|
heap
|
page read and write
|
||
|
8D7E000
|
stack
|
page read and write
|
||
|
221C4EC0000
|
heap
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
2FB1000
|
heap
|
page read and write
|
||
|
13AB000
|
heap
|
page read and write
|
||
|
1FA0C460000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
1F423000000
|
heap
|
page read and write
|
||
|
1FA0A958000
|
heap
|
page read and write
|
||
|
2112CBF9000
|
heap
|
page read and write
|
||
|
E07000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
845F000
|
stack
|
page read and write
|
||
|
1099000
|
stack
|
page read and write
|
||
|
D60000
|
direct allocation
|
page execute and read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
2112E530000
|
heap
|
page read and write
|
||
|
DCC000
|
heap
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
3049000
|
heap
|
page read and write
|
||
|
2D49CAA0000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
2112CBF9000
|
heap
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
F80000
|
heap
|
page read and write
|
||
|
2906A8CC000
|
heap
|
page read and write
|
||
|
2906A8C1000
|
heap
|
page read and write
|
||
|
2D40000
|
direct allocation
|
page read and write
|
||
|
2112CBF9000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
6F57ACC000
|
stack
|
page read and write
|
||
|
2906A8D1000
|
heap
|
page read and write
|
||
|
E0A000
|
heap
|
page read and write
|
||
|
2D90000
|
remote allocation
|
page read and write
|
||
|
251687E000
|
stack
|
page read and write
|
||
|
2D49C790000
|
heap
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
1FA0A958000
|
heap
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
2112CB40000
|
heap
|
page read and write
|
||
|
180098000
|
unkown
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
DF9000
|
heap
|
page read and write
|
||
|
239C000
|
direct allocation
|
page read and write
|
||
|
139D000
|
heap
|
page read and write
|
||
|
FA64BDF000
|
stack
|
page read and write
|
||
|
2906E510000
|
heap
|
page read and write
|
||
|
83DE000
|
stack
|
page read and write
|
||
|
221C5E00000
|
trusted library allocation
|
page read and write
|
||
|
221F000
|
stack
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
2D49CBCD000
|
direct allocation
|
page readonly
|
||
|
2112CBF9000
|
heap
|
page read and write
|
||
|
2D49C9BF000
|
heap
|
page read and write
|
||
|
1161000
|
heap
|
page read and write
|
||
|
DCD000
|
heap
|
page read and write
|
||
|
990000
|
remote allocation
|
page read and write
|
||
|
18004C000
|
unkown
|
page readonly
|
||
|
84DC000
|
stack
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
2112CAB0000
|
heap
|
page read and write
|
||
|
2906A8A0000
|
heap
|
page read and write
|
||
|
2112E55C000
|
heap
|
page read and write
|
||
|
221C5E50000
|
trusted library allocation
|
page read and write
|
||
|
221C5100000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1FA0A830000
|
heap
|
page read and write
|
||
|
2FF9000
|
heap
|
page read and write
|
||
|
2906AB25000
|
heap
|
page read and write
|
||
|
2906A8C3000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
2D49C9BF000
|
heap
|
page read and write
|
||
|
25168F9000
|
stack
|
page read and write
|
||
|
8C7E000
|
stack
|
page read and write
|
||
|
2112CC0A000
|
heap
|
page read and write
|
||
|
221C4EC8000
|
heap
|
page read and write
|
||
|
82DC000
|
stack
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
1FA0A810000
|
heap
|
page read and write
|
||
|
2D49CC00000
|
heap
|
page read and write
|
||
|
221C4F2B000
|
heap
|
page read and write
|
||
|
2906AB2B000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
2D49CBA0000
|
direct allocation
|
page read and write
|
||
|
F7D000
|
direct allocation
|
page readonly
|
||
|
905EB2F000
|
stack
|
page read and write
|
||
|
221C4F0C000
|
heap
|
page read and write
|
||
|
27FB000
|
heap
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
139F000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
2D90000
|
remote allocation
|
page read and write
|
||
|
2906A8BE000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2112CF10000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
1FA0A8C0000
|
direct allocation
|
page execute and read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
221C4D40000
|
heap
|
page read and write
|
||
|
2906A850000
|
heap
|
page read and write
|
||
|
E0B000
|
heap
|
page read and write
|
||
|
2112CC18000
|
heap
|
page read and write
|
||
|
DDD000
|
heap
|
page read and write
|
||
|
2906A7C0000
|
heap
|
page read and write
|
||
|
221C4F0E000
|
heap
|
page read and write
|
||
|
2516779000
|
stack
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
DBB000
|
heap
|
page read and write
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
2D49C970000
|
direct allocation
|
page execute and read and write
|
||
|
18009B000
|
unkown
|
page readonly
|
||
|
1410000
|
heap
|
page read and write
|
||
|
2906A8D8000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
2112CBA0000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page readonly
|
||
|
221C50F0000
|
heap
|
page read and write
|
||
|
2906DD10000
|
trusted library allocation
|
page read and write
|
||
|
DAD000
|
heap
|
page read and write
|
||
|
8356000
|
stack
|
page read and write
|
||
|
905EAAC000
|
stack
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
2D49C9F9000
|
heap
|
page read and write
|
||
|
1FA0A978000
|
heap
|
page read and write
|
||
|
2906A8C1000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
114C000
|
heap
|
page read and write
|
||
|
25163BB000
|
stack
|
page read and write
|
||
|
1FA0C1A0000
|
heap
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
2112E730000
|
heap
|
page read and write
|
||
|
DC3000
|
heap
|
page read and write
|
||
|
27FD000
|
heap
|
page read and write
|
||
|
141C000
|
heap
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
1F423100000
|
heap
|
page read and write
|
||
|
2906AA90000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
1FA0A8FD000
|
direct allocation
|
page readonly
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
1FA0A969000
|
heap
|
page read and write
|
||
|
DCD000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
137B000
|
heap
|
page read and write
|
||
|
DCD000
|
heap
|
page read and write
|
||
|
2906A8E5000
|
heap
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
2791000
|
heap
|
page read and write
|
||
|
221C5020000
|
trusted library allocation
|
page read and write
|
||
|
2D49C8F0000
|
heap
|
page read and write
|
||
|
2112CB90000
|
direct allocation
|
page execute and read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
96B000
|
stack
|
page read and write
|
||
|
2D49C9F9000
|
heap
|
page read and write
|
||
|
25167F9000
|
stack
|
page read and write
|
||
|
1FA0A958000
|
heap
|
page read and write
|
||
|
23B0000
|
trusted library allocation
|
page read and write
|
||
|
2112CF00000
|
heap
|
page readonly
|
||
|
6F57BCF000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
2D49E550000
|
heap
|
page read and write
|
||
|
1FA0A958000
|
heap
|
page read and write
|
||
|
1F423008000
|
heap
|
page read and write
|
||
|
1135000
|
heap
|
page read and write
|
||
|
2D6B000
|
direct allocation
|
page readonly
|
||
|
2112CC0F000
|
heap
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2112CBAB000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
2D49CACC000
|
heap
|
page read and write
|
||
|
DC9000
|
heap
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
3069000
|
heap
|
page read and write
|
||
|
2D49C9A8000
|
heap
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
1FA0C1CE000
|
heap
|
page read and write
|
||
|
275C000
|
heap
|
page read and write
|
||
|
221C5080000
|
trusted library allocation
|
page read and write
|
||
|
2D49CBCB000
|
direct allocation
|
page readonly
|
||
|
84C000
|
heap
|
page read and write
|
||
|
27F3000
|
heap
|
page read and write
|
||
|
E0A000
|
heap
|
page read and write
|
||
|
2906A830000
|
heap
|
page read and write
|
||
|
DD4000
|
heap
|
page read and write
|
||
|
1118000
|
heap
|
page read and write
|
||
|
F7B000
|
direct allocation
|
page readonly
|
||
|
180098000
|
unkown
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
2112CC3B000
|
heap
|
page read and write
|
||
|
8CF7000
|
stack
|
page read and write
|
||
|
2112CC07000
|
heap
|
page read and write
|
||
|
221C4EA0000
|
heap
|
page read and write
|
||
|
8E7B000
|
stack
|
page read and write
|
||
|
1FA0A989000
|
heap
|
page read and write
|
||
|
2D49C9A0000
|
heap
|
page read and write
|
||
|
13D7000
|
heap
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
2D6C000
|
direct allocation
|
page read and write
|
||
|
2D73000
|
heap
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
E0A000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
8DFF000
|
stack
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
825E000
|
stack
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
221C50F9000
|
heap
|
page read and write
|
||
|
DC9000
|
heap
|
page read and write
|
||
|
2906A8C8000
|
heap
|
page read and write
|
||
|
292B000
|
stack
|
page read and write
|
||
|
2FAD000
|
stack
|
page read and write
|
||
|
221C5010000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
2D49C9BF000
|
heap
|
page read and write
|
||
|
DC7000
|
heap
|
page read and write
|
||
|
1FA0A978000
|
heap
|
page read and write
|
||
|
221C4F0C000
|
heap
|
page read and write
|
||
|
E6C000
|
heap
|
page read and write
|
||
|
1FA0A96F000
|
heap
|
page read and write
|
||
|
5F60000
|
trusted library allocation
|
page read and write
|
||
|
867000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
2E1B000
|
stack
|
page read and write
|
||
|
239B000
|
direct allocation
|
page readonly
|
||
|
2D90000
|
remote allocation
|
page read and write
|
||
|
23B0000
|
trusted library allocation
|
page read and write
|
||
|
8BFF000
|
stack
|
page read and write
|
||
|
221C4D50000
|
trusted library allocation
|
page read and write
|
||
|
221C50E0000
|
trusted library allocation
|
page read and write
|
||
|
2D49C9D0000
|
heap
|
page read and write
|
||
|
180098000
|
unkown
|
page read and write
|
||
|
1FA0A980000
|
heap
|
page read and write
|
||
|
27E9000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
2112CF15000
|
heap
|
page read and write
|
||
|
2112CC21000
|
heap
|
page read and write
|
||
|
13BC000
|
heap
|
page read and write
|
||
|
879000
|
heap
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
221C4F32000
|
heap
|
page read and write
|
||
|
1F423017000
|
heap
|
page read and write
|
||
|
18009B000
|
unkown
|
page readonly
|
||
|
2112E68D000
|
direct allocation
|
page readonly
|
||
|
DCD000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
2906A8D9000
|
heap
|
page read and write
|
||
|
139D000
|
heap
|
page read and write
|
||
|
1350000
|
direct allocation
|
page execute and read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
2906A8DD000
|
heap
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
2370000
|
direct allocation
|
page read and write
|
||
|
1F422EB0000
|
heap
|
page read and write
|
||
|
990000
|
remote allocation
|
page read and write
|
||
|
18009B000
|
unkown
|
page readonly
|
||
|
221C50C0000
|
trusted library allocation
|
page read and write
|
There are 423 hidden memdumps, click here to show them.