Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_c7d966c262eae458e8625727f886cf5c34890_82810a17_17838664\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5A43.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Nov 30 08:33:02 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E5B.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6021.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Serpodtudpwhhta.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_c7d966c262eae458e8625727f886cf5c34890_82810a17_156d127b\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2AE.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE8.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFE66.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Nov 30 08:23:13 2022, 0x1205a4 type
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
C:\Users\user\Desktop\file.exe
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
C:\Windows\system32\rundll32.exe C:\Users\user\AppData\Local\Temp\Serpodtudpwhhta.dll,start
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4864 -s 668
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5248 -s 668
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHivePermissionsCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHiveOwnerCorrect
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProgramId
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
FileId
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LongPathHash
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Name
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Publisher
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Version
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinFileVersion
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinaryType
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductName
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductVersion
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LinkDate
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinProductVersion
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Size
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Language
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsPeFile
|
||
|
\REGISTRY\A\{569c051a-4535-4efd-974b-63ccd727aefe}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsOsComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00184009E7F3D98C
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProgramId
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
FileId
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LongPathHash
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Name
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Publisher
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Version
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinFileVersion
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinaryType
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductName
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductVersion
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LinkDate
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinProductVersion
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Size
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Language
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsPeFile
|
||
|
\REGISTRY\A\{a7e87e7e-0e87-aa13-b82e-565665afc261}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
001840064172BCE4
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2518D013000
|
heap
|
page read and write
|
||
|
4A24000
|
direct allocation
|
page read and write
|
||
|
2518D074000
|
heap
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
10AF000
|
stack
|
page read and write
|
||
|
AFC67E000
|
stack
|
page read and write
|
||
|
3056000
|
direct allocation
|
page read and write
|
||
|
22A08C6A000
|
heap
|
page read and write
|
||
|
302A000
|
direct allocation
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
21921192000
|
heap
|
page read and write
|
||
|
1832003D000
|
heap
|
page read and write
|
||
|
2FE7000
|
direct allocation
|
page read and write
|
||
|
21920886000
|
heap
|
page read and write
|
||
|
1E077532000
|
heap
|
page read and write
|
||
|
219209E5000
|
heap
|
page read and write
|
||
|
48F4000
|
unkown
|
page write copy
|
||
|
4A74000
|
direct allocation
|
page read and write
|
||
|
21D85360000
|
heap
|
page read and write
|
||
|
1E076BC0000
|
trusted library allocation
|
page read and write
|
||
|
76536FF000
|
stack
|
page read and write
|
||
|
4A2B000
|
direct allocation
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
2518D036000
|
heap
|
page read and write
|
||
|
AFC7FF000
|
stack
|
page read and write
|
||
|
2518D06B000
|
heap
|
page read and write
|
||
|
1E15D540000
|
heap
|
page read and write
|
||
|
21920863000
|
heap
|
page read and write
|
||
|
219211C9000
|
heap
|
page read and write
|
||
|
21920858000
|
heap
|
page read and write
|
||
|
2518D04E000
|
heap
|
page read and write
|
||
|
2393C402000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1318BDB0000
|
remote allocation
|
page read and write
|
||
|
4A74000
|
direct allocation
|
page read and write
|
||
|
22A09280000
|
trusted library allocation
|
page read and write
|
||
|
1318BE5C000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
26CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D85779000
|
heap
|
page read and write
|
||
|
1E15D602000
|
heap
|
page read and write
|
||
|
1831FEA0000
|
heap
|
page read and write
|
||
|
4A58000
|
direct allocation
|
page read and write
|
||
|
2518D07A000
|
heap
|
page read and write
|
||
|
AD0000
|
direct allocation
|
page execute and read and write
|
||
|
D73867E000
|
stack
|
page read and write
|
||
|
2393BB60000
|
trusted library allocation
|
page read and write
|
||
|
48E9000
|
unkown
|
page execute read
|
||
|
4A6D000
|
direct allocation
|
page read and write
|
||
|
4908000
|
unkown
|
page read and write
|
||
|
4A6D000
|
direct allocation
|
page read and write
|
||
|
18320048000
|
heap
|
page read and write
|
||
|
3048000
|
direct allocation
|
page read and write
|
||
|
4A7C000
|
direct allocation
|
page read and write
|
||
|
5F0000
|
remote allocation
|
page read and write
|
||
|
21D85438000
|
heap
|
page read and write
|
||
|
1318BDB0000
|
remote allocation
|
page read and write
|
||
|
2518D802000
|
trusted library allocation
|
page read and write
|
||
|
75089FE000
|
stack
|
page read and write
|
||
|
DDF000
|
stack
|
page read and write
|
||
|
22A08C00000
|
heap
|
page read and write
|
||
|
48FA000
|
unkown
|
page read and write
|
||
|
21D86070000
|
trusted library allocation
|
page read and write
|
||
|
18320047000
|
heap
|
page read and write
|
||
|
2518CEE0000
|
heap
|
page read and write
|
||
|
2192086C000
|
heap
|
page read and write
|
||
|
2393BC27000
|
heap
|
page read and write
|
||
|
75081BB000
|
stack
|
page read and write
|
||
|
C83297F000
|
stack
|
page read and write
|
||
|
319907B000
|
stack
|
page read and write
|
||
|
2192086E000
|
heap
|
page read and write
|
||
|
76537FF000
|
stack
|
page read and write
|
||
|
48F9000
|
unkown
|
page write copy
|
||
|
4A91000
|
direct allocation
|
page read and write
|
||
|
21920851000
|
heap
|
page read and write
|
||
|
2393BC02000
|
heap
|
page read and write
|
||
|
48FA000
|
unkown
|
page read and write
|
||
|
4A1D000
|
direct allocation
|
page read and write
|
||
|
2F50000
|
direct allocation
|
page read and write
|
||
|
1E15D66B000
|
heap
|
page read and write
|
||
|
5F0000
|
remote allocation
|
page read and write
|
||
|
AFC3FE000
|
stack
|
page read and write
|
||
|
C70000
|
direct allocation
|
page execute and read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
2518D045000
|
heap
|
page read and write
|
||
|
48E5000
|
unkown
|
page execute and read and write
|
||
|
1E15D4D0000
|
heap
|
page read and write
|
||
|
A9B000
|
heap
|
page read and write
|
||
|
319997F000
|
stack
|
page read and write
|
||
|
7F2B0000
|
direct allocation
|
page read and write
|
||
|
93F9CFB000
|
stack
|
page read and write
|
||
|
4A1D000
|
direct allocation
|
page read and write
|
||
|
22A08C74000
|
heap
|
page read and write
|
||
|
2518D102000
|
heap
|
page read and write
|
||
|
2518D067000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
22A08AC0000
|
heap
|
page read and write
|
||
|
48F9000
|
unkown
|
page write copy
|
||
|
4501000
|
unkown
|
page execute read
|
||
|
1E076B20000
|
heap
|
page read and write
|
||
|
4906000
|
unkown
|
page write copy
|
||
|
7FDEEFF000
|
stack
|
page read and write
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
1831FF00000
|
heap
|
page read and write
|
||
|
1E076C00000
|
heap
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
2043D7C000
|
stack
|
page read and write
|
||
|
2393BC43000
|
heap
|
page read and write
|
||
|
319987E000
|
stack
|
page read and write
|
||
|
2192088F000
|
heap
|
page read and write
|
||
|
4A41000
|
direct allocation
|
page read and write
|
||
|
2393BC4D000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
219206D0000
|
heap
|
page read and write
|
||
|
1E076D02000
|
heap
|
page read and write
|
||
|
D73857E000
|
stack
|
page read and write
|
||
|
2518D040000
|
heap
|
page read and write
|
||
|
4A48000
|
direct allocation
|
page read and write
|
||
|
C97000
|
heap
|
page read and write
|
||
|
18320058000
|
heap
|
page read and write
|
||
|
21D86330000
|
trusted library allocation
|
page read and write
|
||
|
18321C40000
|
trusted library allocation
|
page read and write
|
||
|
2043E7E000
|
stack
|
page read and write
|
||
|
93F9EFE000
|
stack
|
page read and write
|
||
|
C9A000
|
heap
|
page read and write
|
||
|
1E15D613000
|
heap
|
page read and write
|
||
|
22A08C28000
|
heap
|
page read and write
|
||
|
3031000
|
direct allocation
|
page read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
21D853D0000
|
heap
|
page read and write
|
||
|
C832BFC000
|
stack
|
page read and write
|
||
|
10C0000
|
remote allocation
|
page read and write
|
||
|
1318BE00000
|
heap
|
page read and write
|
||
|
2393BA00000
|
heap
|
page read and write
|
||
|
1E076C88000
|
heap
|
page read and write
|
||
|
2FFD000
|
direct allocation
|
page read and write
|
||
|
2A60000
|
unkown
|
page execute and read and write
|
||
|
4A3A000
|
direct allocation
|
page read and write
|
||
|
4906000
|
unkown
|
page write copy
|
||
|
4A48000
|
direct allocation
|
page read and write
|
||
|
1318BF02000
|
heap
|
page read and write
|
||
|
2518D000000
|
heap
|
page read and write
|
||
|
1E15D665000
|
heap
|
page read and write
|
||
|
8B0000
|
unkown
|
page execute and read and write
|
||
|
305D000
|
direct allocation
|
page read and write
|
||
|
C832D7C000
|
stack
|
page read and write
|
||
|
2518D079000
|
heap
|
page read and write
|
||
|
6700000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
4A66000
|
direct allocation
|
page read and write
|
||
|
1E15D686000
|
heap
|
page read and write
|
||
|
75087FC000
|
stack
|
page read and write
|
||
|
1318C602000
|
trusted library allocation
|
page read and write
|
||
|
8B9000
|
unkown
|
page execute and read and write
|
||
|
21D853F9000
|
heap
|
page read and write
|
||
|
2518CFE0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
CDF000
|
stack
|
page read and write
|
||
|
4A0D000
|
direct allocation
|
page read and write
|
||
|
4A24000
|
direct allocation
|
page read and write
|
||
|
21D85780000
|
trusted library allocation
|
page read and write
|
||
|
1E15D670000
|
heap
|
page read and write
|
||
|
7FDEFF9000
|
stack
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
C832F7D000
|
stack
|
page read and write
|
||
|
1318BE40000
|
heap
|
page read and write
|
||
|
1E076CCE000
|
heap
|
page read and write
|
||
|
1E15D676000
|
heap
|
page read and write
|
||
|
48F3000
|
unkown
|
page read and write
|
||
|
4A98000
|
direct allocation
|
page read and write
|
||
|
10AF000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
21920800000
|
heap
|
page read and write
|
||
|
2393BA10000
|
heap
|
page read and write
|
||
|
18320077000
|
heap
|
page read and write
|
||
|
1E15D570000
|
trusted library allocation
|
page read and write
|
||
|
AFC77D000
|
stack
|
page read and write
|
||
|
1E076B30000
|
heap
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
219209B9000
|
heap
|
page read and write
|
||
|
21D85439000
|
heap
|
page read and write
|
||
|
4A74000
|
direct allocation
|
page read and write
|
||
|
31994FA000
|
stack
|
page read and write
|
||
|
1E15DE02000
|
trusted library allocation
|
page read and write
|
||
|
4909000
|
unkown
|
page readonly
|
||
|
21921202000
|
heap
|
page read and write
|
||
|
1E076C29000
|
heap
|
page read and write
|
||
|
1E15D629000
|
heap
|
page read and write
|
||
|
4501000
|
unkown
|
page execute read
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
76530FD000
|
stack
|
page read and write
|
||
|
4A66000
|
direct allocation
|
page read and write
|
||
|
4A5F000
|
direct allocation
|
page read and write
|
||
|
2518D03D000
|
heap
|
page read and write
|
||
|
A94000
|
heap
|
page read and write
|
||
|
21D85370000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
21D85770000
|
heap
|
page read and write
|
||
|
1318BCE0000
|
heap
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
4A3A000
|
direct allocation
|
page read and write
|
||
|
7FDEB8D000
|
stack
|
page read and write
|
||
|
490B000
|
unkown
|
page readonly
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
1318BD80000
|
trusted library allocation
|
page read and write
|
||
|
48E9000
|
unkown
|
page execute read
|
||
|
C8323EC000
|
stack
|
page read and write
|
||
|
7652B5C000
|
stack
|
page read and write
|
||
|
2043B7F000
|
stack
|
page read and write
|
||
|
18320113000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
31995FA000
|
stack
|
page read and write
|
||
|
21D855C0000
|
heap
|
page read and write
|
||
|
7FC20000
|
direct allocation
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
3088000
|
direct allocation
|
page read and write
|
||
|
21D8543F000
|
heap
|
page read and write
|
||
|
4A3A000
|
direct allocation
|
page read and write
|
||
|
21920866000
|
heap
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
1E076CC5000
|
heap
|
page read and write
|
||
|
76535FE000
|
stack
|
page read and write
|
||
|
22A08C79000
|
heap
|
page read and write
|
||
|
7CC000
|
unkown
|
page readonly
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
93F97FC000
|
stack
|
page read and write
|
||
|
4A8A000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21D8543F000
|
heap
|
page read and write
|
||
|
22A08D00000
|
heap
|
page read and write
|
||
|
7FDEF7A000
|
stack
|
page read and write
|
||
|
3081000
|
direct allocation
|
page read and write
|
||
|
4A83000
|
direct allocation
|
page read and write
|
||
|
4A1D000
|
direct allocation
|
page read and write
|
||
|
5A0000
|
unkown
|
page read and write
|
||
|
22A08C02000
|
heap
|
page read and write
|
||
|
2518D064000
|
heap
|
page read and write
|
||
|
21920813000
|
heap
|
page read and write
|
||
|
87B000
|
stack
|
page read and write
|
||
|
8B0000
|
trusted library allocation
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
22A08D02000
|
heap
|
page read and write
|
||
|
21D862B0000
|
trusted library allocation
|
page read and write
|
||
|
31996FF000
|
stack
|
page read and write
|
||
|
5F0000
|
remote allocation
|
page read and write
|
||
|
1E15D675000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
4A41000
|
direct allocation
|
page read and write
|
||
|
1E15D675000
|
heap
|
page read and write
|
||
|
2192085F000
|
heap
|
page read and write
|
||
|
3022000
|
direct allocation
|
page read and write
|
||
|
183219A0000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
trusted library allocation
|
page read and write
|
||
|
7FDEE7E000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2518D047000
|
heap
|
page read and write
|
||
|
21920843000
|
heap
|
page read and write
|
||
|
22A08C59000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
93F9DFB000
|
stack
|
page read and write
|
||
|
4A83000
|
direct allocation
|
page read and write
|
||
|
2393BD02000
|
heap
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
76538FE000
|
stack
|
page read and write
|
||
|
C832C7B000
|
stack
|
page read and write
|
||
|
21920829000
|
heap
|
page read and write
|
||
|
2518D042000
|
heap
|
page read and write
|
||
|
1E15D65A000
|
heap
|
page read and write
|
||
|
2518D046000
|
heap
|
page read and write
|
||
|
48F3000
|
unkown
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
AFBE8B000
|
stack
|
page read and write
|
||
|
48E5000
|
unkown
|
page execute and read and write
|
||
|
307A000
|
direct allocation
|
page read and write
|
||
|
2393BC13000
|
heap
|
page read and write
|
||
|
21920843000
|
heap
|
page read and write
|
||
|
183219C0000
|
trusted library allocation
|
page read and write
|
||
|
18321A02000
|
trusted library allocation
|
page read and write
|
||
|
2518D062000
|
heap
|
page read and write
|
||
|
21D85401000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
2393BC52000
|
heap
|
page read and write
|
||
|
21921002000
|
heap
|
page read and write
|
||
|
18320062000
|
heap
|
page read and write
|
||
|
319927A000
|
stack
|
page read and write
|
||
|
1832002A000
|
heap
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
4A8A000
|
direct allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
4A6D000
|
direct allocation
|
page read and write
|
||
|
21920740000
|
heap
|
page read and write
|
||
|
21D85710000
|
trusted library allocation
|
page read and write
|
||
|
1831FE90000
|
heap
|
page read and write
|
||
|
319947C000
|
stack
|
page read and write
|
||
|
A9C000
|
heap
|
page read and write
|
||
|
ABB000
|
heap
|
page read and write
|
||
|
3064000
|
direct allocation
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
4A41000
|
direct allocation
|
page read and write
|
||
|
18320002000
|
heap
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
4908000
|
unkown
|
page read and write
|
||
|
22A08C40000
|
heap
|
page read and write
|
||
|
18320057000
|
heap
|
page read and write
|
||
|
3073000
|
direct allocation
|
page read and write
|
||
|
2518D04C000
|
heap
|
page read and write
|
||
|
AFC5FD000
|
stack
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
21D853F0000
|
heap
|
page read and write
|
||
|
4A5F000
|
direct allocation
|
page read and write
|
||
|
301B000
|
direct allocation
|
page read and write
|
||
|
18320058000
|
heap
|
page read and write
|
||
|
48F5000
|
unkown
|
page read and write
|
||
|
21921143000
|
heap
|
page read and write
|
||
|
C8327FB000
|
stack
|
page read and write
|
||
|
1318BCF0000
|
heap
|
page read and write
|
||
|
219206E0000
|
heap
|
page read and write
|
||
|
21921122000
|
heap
|
page read and write
|
||
|
1E076C44000
|
heap
|
page read and write
|
||
|
21D862C0000
|
heap
|
page readonly
|
||
|
2518D076000
|
heap
|
page read and write
|
||
|
2043C7D000
|
stack
|
page read and write
|
||
|
2518D032000
|
heap
|
page read and write
|
||
|
AFC4FF000
|
stack
|
page read and write
|
||
|
2518D05F000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
direct allocation
|
page execute and read and write
|
||
|
21921122000
|
heap
|
page read and write
|
||
|
3343000
|
heap
|
page read and write
|
||
|
304F000
|
direct allocation
|
page read and write
|
||
|
7FDEB0C000
|
stack
|
page read and write
|
||
|
C832E7E000
|
stack
|
page read and write
|
||
|
4A2B000
|
direct allocation
|
page read and write
|
||
|
1318BE2A000
|
heap
|
page read and write
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
21D862D0000
|
trusted library allocation
|
page read and write
|
||
|
D737F8C000
|
stack
|
page read and write
|
||
|
2393BC00000
|
heap
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
D73847E000
|
stack
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
1E15D600000
|
heap
|
page read and write
|
||
|
4500000
|
unkown
|
page readonly
|
||
|
4A5F000
|
direct allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
1318BD50000
|
heap
|
page read and write
|
||
|
1E077402000
|
heap
|
page read and write
|
||
|
20437FD000
|
stack
|
page read and write
|
||
|
D7382FE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4909000
|
unkown
|
page readonly
|
||
|
1E15D702000
|
heap
|
page read and write
|
||
|
21921227000
|
heap
|
page read and write
|
||
|
2393BC49000
|
heap
|
page read and write
|
||
|
1E076D13000
|
heap
|
page read and write
|
||
|
21921200000
|
heap
|
page read and write
|
||
|
21921213000
|
heap
|
page read and write
|
||
|
7F700000
|
direct allocation
|
page read and write
|
||
|
2518D039000
|
heap
|
page read and write
|
||
|
21920854000
|
heap
|
page read and write
|
||
|
2518D078000
|
heap
|
page read and write
|
||
|
21920889000
|
heap
|
page read and write
|
||
|
1318BDB0000
|
remote allocation
|
page read and write
|
||
|
7FDF07F000
|
stack
|
page read and write
|
||
|
4A98000
|
direct allocation
|
page read and write
|
||
|
4A83000
|
direct allocation
|
page read and write
|
||
|
75088FF000
|
stack
|
page read and write
|
||
|
AA3000
|
heap
|
page read and write
|
||
|
4A0D000
|
direct allocation
|
page read and write
|
||
|
7652F7B000
|
stack
|
page read and write
|
||
|
1E076CBD000
|
heap
|
page read and write
|
||
|
219211B1000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
2393BC29000
|
heap
|
page read and write
|
||
|
75086F9000
|
stack
|
page read and write
|
||
|
2518D052000
|
heap
|
page read and write
|
||
|
75085FF000
|
stack
|
page read and write
|
||
|
1E076CE2000
|
heap
|
page read and write
|
||
|
22A08B20000
|
heap
|
page read and write
|
||
|
2518D07D000
|
heap
|
page read and write
|
||
|
48F5000
|
unkown
|
page read and write
|
||
|
C70000
|
direct allocation
|
page execute and read and write
|
||
|
1E077500000
|
heap
|
page read and write
|
||
|
41A000
|
unkown
|
page execute and read and write
|
||
|
4A48000
|
direct allocation
|
page read and write
|
||
|
319937E000
|
stack
|
page read and write
|
||
|
18320048000
|
heap
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
2518CE80000
|
heap
|
page read and write
|
||
|
2518D05D000
|
heap
|
page read and write
|
||
|
21921154000
|
heap
|
page read and write
|
||
|
1E15D688000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
2518D073000
|
heap
|
page read and write
|
||
|
2393BC0B000
|
heap
|
page read and write
|
||
|
490B000
|
unkown
|
page readonly
|
||
|
83C000
|
stack
|
page read and write
|
||
|
87B000
|
stack
|
page read and write
|
||
|
D73827E000
|
stack
|
page read and write
|
||
|
2192098E000
|
heap
|
page read and write
|
||
|
18320000000
|
heap
|
page read and write
|
||
|
22A08D13000
|
heap
|
page read and write
|
||
|
1E15D63D000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
1318BE36000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
A9D000
|
heap
|
page read and write
|
||
|
4A58000
|
direct allocation
|
page read and write
|
||
|
22A09402000
|
trusted library allocation
|
page read and write
|
||
|
C832AFC000
|
stack
|
page read and write
|
||
|
4902000
|
unkown
|
page read and write
|
||
|
D73877F000
|
stack
|
page read and write
|
||
|
2518D04B000
|
heap
|
page read and write
|
||
|
18320089000
|
heap
|
page read and write
|
||
|
1E076C13000
|
heap
|
page read and write
|
||
|
21921223000
|
heap
|
page read and write
|
||
|
21921102000
|
heap
|
page read and write
|
||
|
1E15D67C000
|
heap
|
page read and write
|
||
|
1318BE02000
|
heap
|
page read and write
|
||
|
4A66000
|
direct allocation
|
page read and write
|
||
|
4A58000
|
direct allocation
|
page read and write
|
||
|
1E076C6D000
|
heap
|
page read and write
|
||
|
18320100000
|
heap
|
page read and write
|
||
|
2393BC32000
|
heap
|
page read and write
|
||
|
4A7C000
|
direct allocation
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
4902000
|
unkown
|
page read and write
|
||
|
18320118000
|
heap
|
page read and write
|
||
|
21920825000
|
heap
|
page read and write
|
||
|
AFC37C000
|
stack
|
page read and write
|
||
|
22A08AB0000
|
heap
|
page read and write
|
||
|
18321C00000
|
trusted library allocation
|
page read and write
|
||
|
21D85700000
|
trusted library allocation
|
page read and write
|
||
|
20433AB000
|
stack
|
page read and write
|
||
|
6340000
|
trusted library allocation
|
page read and write
|
||
|
76533FD000
|
stack
|
page read and write
|
||
|
21920913000
|
heap
|
page read and write
|
||
|
18320013000
|
heap
|
page read and write
|
||
|
2518D029000
|
heap
|
page read and write
|
||
|
21921100000
|
heap
|
page read and write
|
||
|
4A91000
|
direct allocation
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
219211BF000
|
heap
|
page read and write
|
||
|
76534FF000
|
stack
|
page read and write
|
||
|
93F9FFF000
|
stack
|
page read and write
|
||
|
87B000
|
stack
|
page read and write
|
||
|
4A7C000
|
direct allocation
|
page read and write
|
||
|
1E076B90000
|
heap
|
page read and write
|
||
|
4A8A000
|
direct allocation
|
page read and write
|
||
|
2518D049000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
1E15D4E0000
|
heap
|
page read and write
|
||
|
21920892000
|
heap
|
page read and write
|
||
|
21920790000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
direct allocation
|
page read and write
|
||
|
4A98000
|
direct allocation
|
page read and write
|
||
|
2393BA60000
|
heap
|
page read and write
|
||
|
2518D082000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
18320102000
|
heap
|
page read and write
|
||
|
183219F0000
|
remote allocation
|
page read and write
|
||
|
183219F0000
|
remote allocation
|
page read and write
|
||
|
2192083C000
|
heap
|
page read and write
|
||
|
4BE4000
|
heap
|
page read and write
|
||
|
2043F7C000
|
stack
|
page read and write
|
||
|
76531FD000
|
stack
|
page read and write
|
||
|
21D85775000
|
heap
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
21D86060000
|
trusted library allocation
|
page read and write
|
||
|
21921230000
|
heap
|
page read and write
|
||
|
21D85440000
|
heap
|
page read and write
|
||
|
2518D07C000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
2192116F000
|
heap
|
page read and write
|
||
|
2043A7F000
|
stack
|
page read and write
|
||
|
4500000
|
unkown
|
page readonly
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
1318BE13000
|
heap
|
page read and write
|
||
|
2518CE70000
|
heap
|
page read and write
|
||
|
5A0000
|
unkown
|
page read and write
|
||
|
22A08C13000
|
heap
|
page read and write
|
||
|
31997FE000
|
stack
|
page read and write
|
||
|
21920770000
|
trusted library allocation
|
page read and write
|
||
|
21D862E0000
|
trusted library allocation
|
page read and write
|
||
|
183219F0000
|
remote allocation
|
page read and write
|
||
|
2393BC3C000
|
heap
|
page read and write
|
||
|
306C000
|
direct allocation
|
page read and write
|
||
|
10C0000
|
remote allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
4A91000
|
direct allocation
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
C83307E000
|
stack
|
page read and write
|
||
|
48F4000
|
unkown
|
page write copy
|
||
|
8B0000
|
trusted library allocation
|
page read and write
|
||
|
C832A7F000
|
stack
|
page read and write
|
||
|
204397F000
|
stack
|
page read and write
|
||
|
1E15D713000
|
heap
|
page read and write
|
||
|
2FEF000
|
direct allocation
|
page read and write
|
||
|
21921230000
|
heap
|
page read and write
|
||
|
2518D030000
|
heap
|
page read and write
|
||
|
4A24000
|
direct allocation
|
page read and write
|
||
|
2518D061000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
7FDF0F9000
|
stack
|
page read and write
|
There are 498 hidden memdumps, click here to show them.