Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_c7d966c262eae458e8625727f886cf5c34890_82810a17_156d127b\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2AE.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE8.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFE66.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Nov 30 08:23:13 2022, 0x1205a4 type
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Serpodtudpwhhta.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
C:\Users\user\Desktop\file.exe
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
C:\Windows\system32\rundll32.exe C:\Users\user\AppData\Local\Temp\Serpodtudpwhhta.dll,start
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5248 -s 668
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHivePermissionsCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHiveOwnerCorrect
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProgramId
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
FileId
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LongPathHash
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Name
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Publisher
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Version
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinFileVersion
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinaryType
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductName
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductVersion
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LinkDate
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinProductVersion
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Size
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Language
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsPeFile
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsOsComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
001840064172BCE4
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1DDE8046000
|
heap
|
page read and write
|
||
|
43DD000
|
direct allocation
|
page read and write
|
||
|
1A8D37E000
|
stack
|
page read and write
|
||
|
42B3000
|
unkown
|
page read and write
|
||
|
A435F7E000
|
stack
|
page read and write
|
||
|
1A5DE843000
|
heap
|
page read and write
|
||
|
1DDE8077000
|
heap
|
page read and write
|
||
|
1DDE8040000
|
heap
|
page read and write
|
||
|
17DFC487000
|
heap
|
page read and write
|
||
|
18DF06E2000
|
heap
|
page read and write
|
||
|
1A5DE847000
|
heap
|
page read and write
|
||
|
4418000
|
direct allocation
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
42C2000
|
unkown
|
page read and write
|
||
|
1A8CDFB000
|
stack
|
page read and write
|
||
|
1DDE804F000
|
heap
|
page read and write
|
||
|
1A5DE82E000
|
heap
|
page read and write
|
||
|
1DDE8802000
|
trusted library allocation
|
page read and write
|
||
|
1DDE8032000
|
heap
|
page read and write
|
||
|
2189185A000
|
heap
|
page read and write
|
||
|
17B92800000
|
heap
|
page read and write
|
||
|
183B57E000
|
stack
|
page read and write
|
||
|
17B93002000
|
trusted library allocation
|
page read and write
|
||
|
1DDE8039000
|
heap
|
page read and write
|
||
|
BF0000
|
direct allocation
|
page execute and read and write
|
||
|
43CD000
|
direct allocation
|
page read and write
|
||
|
21891700000
|
heap
|
page read and write
|
||
|
20C0000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
41A000
|
unkown
|
page execute and read and write
|
||
|
17DFCD6D000
|
heap
|
page read and write
|
||
|
F3F4FFD000
|
stack
|
page read and write
|
||
|
443C000
|
direct allocation
|
page read and write
|
||
|
1A5DE902000
|
heap
|
page read and write
|
||
|
25E3000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
18DF0713000
|
heap
|
page read and write
|
||
|
1A5DE680000
|
heap
|
page read and write
|
||
|
43E4000
|
direct allocation
|
page read and write
|
||
|
1A5DE82A000
|
heap
|
page read and write
|
||
|
3CC767E000
|
stack
|
page read and write
|
||
|
18DF063E000
|
heap
|
page read and write
|
||
|
212A000
|
stack
|
page read and write
|
||
|
25CA000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
17B92824000
|
heap
|
page read and write
|
||
|
42A9000
|
unkown
|
page execute read
|
||
|
443C000
|
direct allocation
|
page read and write
|
||
|
1DDE803A000
|
heap
|
page read and write
|
||
|
2189186B000
|
heap
|
page read and write
|
||
|
42B4000
|
unkown
|
page write copy
|
||
|
C10000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1DDE8102000
|
heap
|
page read and write
|
||
|
3CC747D000
|
stack
|
page read and write
|
||
|
17B92600000
|
heap
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
3EC1000
|
unkown
|
page execute read
|
||
|
17DFC5B9000
|
heap
|
page read and write
|
||
|
42B9000
|
unkown
|
page write copy
|
||
|
43CD000
|
direct allocation
|
page read and write
|
||
|
8B0000
|
unkown
|
page execute and read and write
|
||
|
1A5DE852000
|
heap
|
page read and write
|
||
|
42B9000
|
unkown
|
page write copy
|
||
|
17B92790000
|
remote allocation
|
page read and write
|
||
|
4418000
|
direct allocation
|
page read and write
|
||
|
256E000
|
stack
|
page read and write
|
||
|
30ED000
|
direct allocation
|
page read and write
|
||
|
2189183F000
|
heap
|
page read and write
|
||
|
B5F000
|
stack
|
page read and write
|
||
|
1A5DF002000
|
trusted library allocation
|
page read and write
|
||
|
5FC347B000
|
stack
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
17DFC459000
|
heap
|
page read and write
|
||
|
212C000
|
stack
|
page read and write
|
||
|
43EB000
|
direct allocation
|
page read and write
|
||
|
4426000
|
direct allocation
|
page read and write
|
||
|
18DF06C0000
|
heap
|
page read and write
|
||
|
4401000
|
direct allocation
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
1DDE8041000
|
heap
|
page read and write
|
||
|
1DDE7E70000
|
heap
|
page read and write
|
||
|
17DFC455000
|
heap
|
page read and write
|
||
|
25F2000
|
heap
|
page read and write
|
||
|
17B92837000
|
heap
|
page read and write
|
||
|
4490000
|
trusted library allocation
|
page read and write
|
||
|
4434000
|
direct allocation
|
page read and write
|
||
|
C1A000
|
heap
|
page read and write
|
||
|
17B92858000
|
heap
|
page read and write
|
||
|
1DDE8013000
|
heap
|
page read and write
|
||
|
30AB000
|
direct allocation
|
page read and write
|
||
|
1A8CEFF000
|
stack
|
page read and write
|
||
|
1DDE8061000
|
heap
|
page read and write
|
||
|
3EC1000
|
unkown
|
page execute read
|
||
|
1DDE8062000
|
heap
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
30F4000
|
direct allocation
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
441F000
|
direct allocation
|
page read and write
|
||
|
1A8D4FF000
|
stack
|
page read and write
|
||
|
18DF0600000
|
heap
|
page read and write
|
||
|
25CA000
|
heap
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
4451000
|
direct allocation
|
page read and write
|
||
|
25F9000
|
heap
|
page read and write
|
||
|
43D6000
|
direct allocation
|
page read and write
|
||
|
F3F47CB000
|
stack
|
page read and write
|
||
|
17DFCDB0000
|
heap
|
page read and write
|
||
|
4418000
|
direct allocation
|
page read and write
|
||
|
30DF000
|
direct allocation
|
page read and write
|
||
|
183B67F000
|
stack
|
page read and write
|
||
|
7F700000
|
direct allocation
|
page read and write
|
||
|
21891690000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
42BA000
|
unkown
|
page read and write
|
||
|
17DFCD02000
|
heap
|
page read and write
|
||
|
1DDE8050000
|
heap
|
page read and write
|
||
|
1A5DE7E0000
|
trusted library allocation
|
page read and write
|
||
|
1A5DE802000
|
heap
|
page read and write
|
||
|
4451000
|
direct allocation
|
page read and write
|
||
|
18DF0F32000
|
heap
|
page read and write
|
||
|
42C6000
|
unkown
|
page write copy
|
||
|
18DF0450000
|
heap
|
page read and write
|
||
|
1A5DE690000
|
heap
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
3EC0000
|
unkown
|
page readonly
|
||
|
42B5000
|
unkown
|
page read and write
|
||
|
42B5000
|
unkown
|
page read and write
|
||
|
4458000
|
direct allocation
|
page read and write
|
||
|
256F000
|
stack
|
page read and write
|
||
|
42A5000
|
unkown
|
page execute and read and write
|
||
|
17DFD027000
|
heap
|
page read and write
|
||
|
17DFC470000
|
heap
|
page read and write
|
||
|
17B92802000
|
heap
|
page read and write
|
||
|
17DFCD90000
|
heap
|
page read and write
|
||
|
21891913000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
17B925F0000
|
heap
|
page read and write
|
||
|
2FE0000
|
direct allocation
|
page read and write
|
||
|
1DDE807E000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
1A8CFFC000
|
stack
|
page read and write
|
||
|
43DD000
|
direct allocation
|
page read and write
|
||
|
43FA000
|
direct allocation
|
page read and write
|
||
|
17DFC2B0000
|
heap
|
page read and write
|
||
|
43D6000
|
direct allocation
|
page read and write
|
||
|
5FC38FF000
|
stack
|
page read and write
|
||
|
3FB0000
|
trusted library allocation
|
page read and write
|
||
|
25F5000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
5FC3BFD000
|
stack
|
page read and write
|
||
|
1DDE8000000
|
heap
|
page read and write
|
||
|
4434000
|
direct allocation
|
page read and write
|
||
|
25EA000
|
heap
|
page read and write
|
||
|
42C9000
|
unkown
|
page readonly
|
||
|
17DFC443000
|
heap
|
page read and write
|
||
|
42C8000
|
unkown
|
page read and write
|
||
|
28A7000
|
heap
|
page read and write
|
||
|
25E6000
|
heap
|
page read and write
|
||
|
2190000
|
remote allocation
|
page read and write
|
||
|
17DFCBD0000
|
trusted library allocation
|
page read and write
|
||
|
4408000
|
direct allocation
|
page read and write
|
||
|
43E4000
|
direct allocation
|
page read and write
|
||
|
3EC0000
|
unkown
|
page readonly
|
||
|
25E6000
|
heap
|
page read and write
|
||
|
30A4000
|
direct allocation
|
page read and write
|
||
|
17DFCD54000
|
heap
|
page read and write
|
||
|
1DDE806A000
|
heap
|
page read and write
|
||
|
33D3000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
3CC71FC000
|
stack
|
page read and write
|
||
|
17B92813000
|
heap
|
page read and write
|
||
|
5FC3A7C000
|
stack
|
page read and write
|
||
|
17DFC310000
|
heap
|
page read and write
|
||
|
442D000
|
direct allocation
|
page read and write
|
||
|
21D0000
|
trusted library allocation
|
page read and write
|
||
|
4426000
|
direct allocation
|
page read and write
|
||
|
7F2B0000
|
direct allocation
|
page read and write
|
||
|
A435FFE000
|
stack
|
page read and write
|
||
|
308D000
|
direct allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
17DFC477000
|
heap
|
page read and write
|
||
|
18DF06C9000
|
heap
|
page read and write
|
||
|
A43657F000
|
stack
|
page read and write
|
||
|
42CB000
|
unkown
|
page readonly
|
||
|
17DFCBB0000
|
trusted library allocation
|
page read and write
|
||
|
30BA000
|
direct allocation
|
page read and write
|
||
|
444A000
|
direct allocation
|
page read and write
|
||
|
21891800000
|
heap
|
page read and write
|
||
|
17DFC400000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
5FC3EFF000
|
stack
|
page read and write
|
||
|
183AF7B000
|
stack
|
page read and write
|
||
|
17DFCD22000
|
heap
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
1A8D079000
|
stack
|
page read and write
|
||
|
4401000
|
direct allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
F3F53FF000
|
stack
|
page read and write
|
||
|
21891902000
|
heap
|
page read and write
|
||
|
42B3000
|
unkown
|
page read and write
|
||
|
17DFC475000
|
heap
|
page read and write
|
||
|
F3F4CFE000
|
stack
|
page read and write
|
||
|
17DFD002000
|
heap
|
page read and write
|
||
|
C3C000
|
heap
|
page read and write
|
||
|
42B4000
|
unkown
|
page write copy
|
||
|
17DFC492000
|
heap
|
page read and write
|
||
|
4408000
|
direct allocation
|
page read and write
|
||
|
17DFCD22000
|
heap
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page read and write
|
||
|
4470000
|
direct allocation
|
page execute and read and write
|
||
|
1DDE806B000
|
heap
|
page read and write
|
||
|
3CC75FD000
|
stack
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
1DDE8048000
|
heap
|
page read and write
|
||
|
17DFC43C000
|
heap
|
page read and write
|
||
|
4458000
|
direct allocation
|
page read and write
|
||
|
A43647E000
|
stack
|
page read and write
|
||
|
5FC367C000
|
stack
|
page read and write
|
||
|
21892002000
|
trusted library allocation
|
page read and write
|
||
|
42CB000
|
unkown
|
page readonly
|
||
|
17DFD036000
|
heap
|
page read and write
|
||
|
17DFD030000
|
heap
|
page read and write
|
||
|
F3F54FF000
|
stack
|
page read and write
|
||
|
42C8000
|
unkown
|
page read and write
|
||
|
5FC397C000
|
stack
|
page read and write
|
||
|
18DF0702000
|
heap
|
page read and write
|
||
|
17DFC413000
|
heap
|
page read and write
|
||
|
4426000
|
direct allocation
|
page read and write
|
||
|
44A0000
|
trusted library allocation
|
page read and write
|
||
|
4443000
|
direct allocation
|
page read and write
|
||
|
A435EFB000
|
stack
|
page read and write
|
||
|
17DFC5E5000
|
heap
|
page read and write
|
||
|
4451000
|
direct allocation
|
page read and write
|
||
|
4470000
|
direct allocation
|
page execute and read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
1DDE8029000
|
heap
|
page read and write
|
||
|
4401000
|
direct allocation
|
page read and write
|
||
|
442D000
|
direct allocation
|
page read and write
|
||
|
444A000
|
direct allocation
|
page read and write
|
||
|
216B000
|
stack
|
page read and write
|
||
|
1DDE807A000
|
heap
|
page read and write
|
||
|
43FA000
|
direct allocation
|
page read and write
|
||
|
5FC3AFB000
|
stack
|
page read and write
|
||
|
18DF0613000
|
heap
|
page read and write
|
||
|
43FA000
|
direct allocation
|
page read and write
|
||
|
17DFD000000
|
heap
|
page read and write
|
||
|
17B92790000
|
remote allocation
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
18DF0F00000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
17DFC48A000
|
heap
|
page read and write
|
||
|
42C9000
|
unkown
|
page readonly
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
1DDE7F70000
|
trusted library allocation
|
page read and write
|
||
|
288F000
|
stack
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
1DDE8042000
|
heap
|
page read and write
|
||
|
1DDE8047000
|
heap
|
page read and write
|
||
|
42C6000
|
unkown
|
page write copy
|
||
|
21891813000
|
heap
|
page read and write
|
||
|
183B77A000
|
stack
|
page read and write
|
||
|
1A8D27A000
|
stack
|
page read and write
|
||
|
1DDE8084000
|
heap
|
page read and write
|
||
|
18DF0629000
|
heap
|
page read and write
|
||
|
42C2000
|
unkown
|
page read and write
|
||
|
21891887000
|
heap
|
page read and write
|
||
|
444A000
|
direct allocation
|
page read and write
|
||
|
17DFC48F000
|
heap
|
page read and write
|
||
|
17B92840000
|
heap
|
page read and write
|
||
|
43EB000
|
direct allocation
|
page read and write
|
||
|
25F5000
|
heap
|
page read and write
|
||
|
2AF0000
|
unkown
|
page execute and read and write
|
||
|
18DF066D000
|
heap
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
5FC37FF000
|
stack
|
page read and write
|
||
|
42A9000
|
unkown
|
page execute read
|
||
|
21891FA0000
|
trusted library allocation
|
page read and write
|
||
|
44A0000
|
trusted library allocation
|
page read and write
|
||
|
1DDE8075000
|
heap
|
page read and write
|
||
|
30C1000
|
direct allocation
|
page read and write
|
||
|
17DFD030000
|
heap
|
page read and write
|
||
|
F3F51FF000
|
stack
|
page read and write
|
||
|
17DFCDC6000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
5FC3CFE000
|
stack
|
page read and write
|
||
|
17DFD013000
|
heap
|
page read and write
|
||
|
17DFC42A000
|
heap
|
page read and write
|
||
|
7CC000
|
unkown
|
page readonly
|
||
|
A43667E000
|
stack
|
page read and write
|
||
|
18DF05B0000
|
trusted library allocation
|
page read and write
|
||
|
43E4000
|
direct allocation
|
page read and write
|
||
|
18DF06B8000
|
heap
|
page read and write
|
||
|
1A8D17F000
|
stack
|
page read and write
|
||
|
1A5DE837000
|
heap
|
page read and write
|
||
|
216B000
|
stack
|
page read and write
|
||
|
212C000
|
stack
|
page read and write
|
||
|
183B47A000
|
stack
|
page read and write
|
||
|
1DDE8039000
|
heap
|
page read and write
|
||
|
45B0000
|
remote allocation
|
page read and write
|
||
|
1DDE8044000
|
heap
|
page read and write
|
||
|
1DDE806D000
|
heap
|
page read and write
|
||
|
17DFCC02000
|
heap
|
page read and write
|
||
|
18DF04B0000
|
heap
|
page read and write
|
||
|
21D0000
|
trusted library allocation
|
page read and write
|
||
|
1DDE8067000
|
heap
|
page read and write
|
||
|
443C000
|
direct allocation
|
page read and write
|
||
|
17DFC58E000
|
heap
|
page read and write
|
||
|
17DFC2A0000
|
heap
|
page read and write
|
||
|
45B0000
|
remote allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
30D8000
|
direct allocation
|
page read and write
|
||
|
21D0000
|
trusted library allocation
|
page read and write
|
||
|
E0C000
|
stack
|
page read and write
|
||
|
43DD000
|
direct allocation
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
A55000
|
heap
|
page read and write
|
||
|
307F000
|
direct allocation
|
page read and write
|
||
|
18DF0E02000
|
heap
|
page read and write
|
||
|
1DDE807B000
|
heap
|
page read and write
|
||
|
17DFC46D000
|
heap
|
page read and write
|
||
|
3111000
|
direct allocation
|
page read and write
|
||
|
5FC3DFD000
|
stack
|
page read and write
|
||
|
1A5DE83C000
|
heap
|
page read and write
|
||
|
4458000
|
direct allocation
|
page read and write
|
||
|
4434000
|
direct allocation
|
page read and write
|
||
|
3118000
|
direct allocation
|
page read and write
|
||
|
2190000
|
remote allocation
|
page read and write
|
||
|
20C0000
|
unkown
|
page read and write
|
||
|
42A5000
|
unkown
|
page execute and read and write
|
||
|
1DDE8049000
|
heap
|
page read and write
|
||
|
17DFCD43000
|
heap
|
page read and write
|
||
|
4443000
|
direct allocation
|
page read and write
|
||
|
F3F4BFB000
|
stack
|
page read and write
|
||
|
1DDE8056000
|
heap
|
page read and write
|
||
|
1DDE802D000
|
heap
|
page read and write
|
||
|
F3F50FF000
|
stack
|
page read and write
|
||
|
7FC20000
|
direct allocation
|
page read and write
|
||
|
F3F4DFC000
|
stack
|
page read and write
|
||
|
3CC727E000
|
stack
|
page read and write
|
||
|
441F000
|
direct allocation
|
page read and write
|
||
|
1DDE8060000
|
heap
|
page read and write
|
||
|
1DDE804B000
|
heap
|
page read and write
|
||
|
4470000
|
direct allocation
|
page execute and read and write
|
||
|
1A8D3FF000
|
stack
|
page read and write
|
||
|
442D000
|
direct allocation
|
page read and write
|
||
|
1DDE803D000
|
heap
|
page read and write
|
||
|
17DFD023000
|
heap
|
page read and write
|
||
|
310A000
|
direct allocation
|
page read and write
|
||
|
F3F52FF000
|
stack
|
page read and write
|
||
|
1A8C9DB000
|
stack
|
page read and write
|
||
|
25EF000
|
heap
|
page read and write
|
||
|
28AA000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
1A5DE800000
|
heap
|
page read and write
|
||
|
1DDE8045000
|
heap
|
page read and write
|
||
|
30FC000
|
direct allocation
|
page read and write
|
||
|
44A4000
|
heap
|
page read and write
|
||
|
1DDE8030000
|
heap
|
page read and write
|
||
|
30B2000
|
direct allocation
|
page read and write
|
||
|
260A000
|
heap
|
page read and write
|
||
|
3CC6D3C000
|
stack
|
page read and write
|
||
|
1A5DE813000
|
heap
|
page read and write
|
||
|
288F000
|
stack
|
page read and write
|
||
|
1DDE802E000
|
heap
|
page read and write
|
||
|
A43637E000
|
stack
|
page read and write
|
||
|
17DFC443000
|
heap
|
page read and write
|
||
|
4408000
|
direct allocation
|
page read and write
|
||
|
2766000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CC74FE000
|
stack
|
page read and write
|
||
|
1DDE8032000
|
heap
|
page read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
441F000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
21891865000
|
heap
|
page read and write
|
||
|
17B92902000
|
heap
|
page read and write
|
||
|
3103000
|
direct allocation
|
page read and write
|
||
|
25EB000
|
heap
|
page read and write
|
||
|
1DDE804E000
|
heap
|
page read and write
|
||
|
25CA000
|
heap
|
page read and write
|
||
|
1DDE8074000
|
heap
|
page read and write
|
||
|
30E6000
|
direct allocation
|
page read and write
|
||
|
17B92790000
|
remote allocation
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
6180000
|
trusted library allocation
|
page read and write
|
||
|
1DDE7E00000
|
heap
|
page read and write
|
||
|
1A5DE6E0000
|
heap
|
page read and write
|
||
|
1DDE8096000
|
heap
|
page read and write
|
||
|
17DFCDBC000
|
heap
|
page read and write
|
||
|
17DFCD00000
|
heap
|
page read and write
|
||
|
256F000
|
stack
|
page read and write
|
||
|
18DF0440000
|
heap
|
page read and write
|
||
|
17DFC513000
|
heap
|
page read and write
|
||
|
25EF000
|
heap
|
page read and write
|
||
|
17B92660000
|
heap
|
page read and write
|
||
|
21891824000
|
heap
|
page read and write
|
||
|
21891802000
|
heap
|
page read and write
|
||
|
1DDE7E10000
|
heap
|
page read and write
|
||
|
2190000
|
remote allocation
|
page read and write
|
||
|
4443000
|
direct allocation
|
page read and write
|
||
|
216B000
|
stack
|
page read and write
|
||
|
17B92760000
|
trusted library allocation
|
page read and write
|
||
|
218916A0000
|
heap
|
page read and write
|
||
|
17B92852000
|
heap
|
page read and write
|
||
|
42BA000
|
unkown
|
page read and write
|
||
|
8B9000
|
unkown
|
page execute and read and write
|
||
|
20C0000
|
heap
|
page read and write
|
There are 401 hidden memdumps, click here to show them.