Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\cred64[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ecaac49691\gntuud.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ecaac49691\gntuud.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\853321935212
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024,
components 3
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
C:\Users\user\Desktop\file.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\ecaac49691\gntuud.exe
|
"C:\Users\user\AppData\Local\Temp\ecaac49691\gntuud.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\ecaac49691\gntuud.exe"
/F
|
|
|
|
C:\Users\user\AppData\Local\Temp\ecaac49691\gntuud.exe
|
C:\Users\user\AppData\Local\Temp\ecaac49691\gntuud.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
77.73.133.72/hfk3vK9/index.php
|
|
||
|
http://77.73.133.72/hfk3vK9/Plugins/cred64.dll_
|
unknown
|
||
|
http://77.73.133.72/hfk3vK9/Plugins/cred64.dll
|
unknown
|
||
|
http://77.73.133.72/hfk3vK9/Plugins/cred64.dll=
|
unknown
|
||
|
http://77.73.133.72/hfk3vK9/index.php
|
unknown
|
||
|
http://77.73.133.72/hfk3vK9/index.php8
|
unknown
|
||
|
http://77.73.133.72/hfk3vK9/Plugins/cred64.dll)
|
unknown
|
||
|
http://77.73.133.72/hfk3vK9/index.phpplay
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
77.73.133.72
|
unknown
|
Kazakhstan
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
|
Startup
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
940000
|
direct allocation
|
page read and write
|
|
|
|
680000
|
direct allocation
|
page read and write
|
|
|
|
7CB000
|
heap
|
page read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
940000
|
direct allocation
|
page read and write
|
|
|
|
6E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
7AF000
|
heap
|
page read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
900000
|
direct allocation
|
page execute and read and write
|
|
|
|
26663302000
|
heap
|
page read and write
|
||
|
4335000
|
trusted library allocation
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
22CC8802000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
D6EFCFF000
|
stack
|
page read and write
|
||
|
F9160FE000
|
stack
|
page read and write
|
||
|
2DFA000
|
heap
|
page read and write
|
||
|
433E000
|
trusted library allocation
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
590000
|
heap
|
page read and write
|
||
|
6347BFF000
|
stack
|
page read and write
|
||
|
1D1F8E6D000
|
heap
|
page read and write
|
||
|
500387C000
|
stack
|
page read and write
|
||
|
224C6A43000
|
heap
|
page read and write
|
||
|
D6EFA7C000
|
stack
|
page read and write
|
||
|
26170400000
|
heap
|
page read and write
|
||
|
3770000
|
heap
|
page read and write
|
||
|
500337E000
|
stack
|
page read and write
|
||
|
26170B90000
|
heap
|
page read and write
|
||
|
22825138000
|
heap
|
page read and write
|
||
|
F915BEE000
|
stack
|
page read and write
|
||
|
22CC8918000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1D1F8F02000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
25F4D402000
|
trusted library allocation
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
228250F0000
|
heap
|
page read and write
|
||
|
22CC884B000
|
heap
|
page read and write
|
||
|
63476FB000
|
stack
|
page read and write
|
||
|
224C6A69000
|
heap
|
page read and write
|
||
|
26FB3590000
|
heap
|
page read and write
|
||
|
26663287000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
2282517C000
|
heap
|
page read and write
|
||
|
1C101D80000
|
trusted library allocation
|
page read and write
|
||
|
1C101C20000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
1C101E13000
|
heap
|
page read and write
|
||
|
224C68B0000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
433B000
|
trusted library allocation
|
page read and write
|
||
|
1D1F8E28000
|
heap
|
page read and write
|
||
|
BCA44FF000
|
stack
|
page read and write
|
||
|
3660000
|
heap
|
page read and write
|
||
|
22CC87B0000
|
heap
|
page read and write
|
||
|
2B2F000
|
stack
|
page read and write
|
||
|
4336000
|
trusted library allocation
|
page read and write
|
||
|
F915E7E000
|
stack
|
page read and write
|
||
|
1D1F8E02000
|
heap
|
page read and write
|
||
|
AC9EAFB000
|
stack
|
page read and write
|
||
|
22CC883D000
|
heap
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
4339000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
500357C000
|
stack
|
page read and write
|
||
|
261701A0000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
5D3000
|
heap
|
page execute and read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
AC9E57F000
|
stack
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
4339000
|
trusted library allocation
|
page read and write
|
||
|
D6EF9FE000
|
stack
|
page read and write
|
||
|
4335000
|
trusted library allocation
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
BCA47FF000
|
stack
|
page read and write
|
||
|
224C6A60000
|
heap
|
page read and write
|
||
|
F38697D000
|
stack
|
page read and write
|
||
|
224C68A0000
|
heap
|
page read and write
|
||
|
AC9ECFE000
|
stack
|
page read and write
|
||
|
1D1F8E79000
|
heap
|
page read and write
|
||
|
224C6A78000
|
heap
|
page read and write
|
||
|
26663243000
|
heap
|
page read and write
|
||
|
26170443000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
1D1F8E75000
|
heap
|
page read and write
|
||
|
224C6A7B000
|
heap
|
page read and write
|
||
|
3E3C000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
5002C8B000
|
stack
|
page read and write
|
||
|
2F4A000
|
heap
|
page read and write
|
||
|
BCA3C7B000
|
stack
|
page read and write
|
||
|
26170426000
|
heap
|
page read and write
|
||
|
22825400000
|
trusted library allocation
|
page read and write
|
||
|
1D1F8E13000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
377A000
|
heap
|
page read and write
|
||
|
26170B22000
|
heap
|
page read and write
|
||
|
442000
|
unkown
|
page write copy
|
||
|
22825070000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
unkown
|
page execute and read and write
|
||
|
26663213000
|
heap
|
page read and write
|
||
|
26170B00000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
2617046A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
22CC8913000
|
heap
|
page read and write
|
||
|
25F4D290000
|
remote allocation
|
page read and write
|
||
|
442000
|
unkown
|
page write copy
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
433D000
|
trusted library allocation
|
page read and write
|
||
|
5D5CB7B000
|
stack
|
page read and write
|
||
|
26170B43000
|
heap
|
page read and write
|
||
|
26170B02000
|
heap
|
page read and write
|
||
|
26170C29000
|
heap
|
page read and write
|
||
|
7D7000
|
heap
|
page read and write
|
||
|
4339000
|
trusted library allocation
|
page read and write
|
||
|
26170429000
|
heap
|
page read and write
|
||
|
224C6A59000
|
heap
|
page read and write
|
||
|
6347A7E000
|
stack
|
page read and write
|
||
|
332A000
|
heap
|
page read and write
|
||
|
D6EFDFD000
|
stack
|
page read and write
|
||
|
D6EFE7E000
|
stack
|
page read and write
|
||
|
BCA45FE000
|
stack
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
60E000
|
heap
|
page read and write
|
||
|
224C6A29000
|
heap
|
page read and write
|
||
|
BCA43FF000
|
stack
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
26FB3E02000
|
trusted library allocation
|
page read and write
|
||
|
2F2A000
|
heap
|
page read and write
|
||
|
634747E000
|
stack
|
page read and write
|
||
|
AC9E47B000
|
stack
|
page read and write
|
||
|
26170B6D000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
25F4CC00000
|
heap
|
page read and write
|
||
|
1D1F8F13000
|
heap
|
page read and write
|
||
|
433F000
|
trusted library allocation
|
page read and write
|
||
|
366A000
|
heap
|
page read and write
|
||
|
26170990000
|
trusted library allocation
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
22CCA2E0000
|
trusted library allocation
|
page read and write
|
||
|
26170484000
|
heap
|
page read and write
|
||
|
5D5CC7B000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
26FB3613000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
25F4CC57000
|
heap
|
page read and write
|
||
|
25F4D260000
|
trusted library allocation
|
page read and write
|
||
|
25F4D290000
|
remote allocation
|
page read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
22CC8800000
|
heap
|
page read and write
|
||
|
22CCA360000
|
remote allocation
|
page read and write
|
||
|
4338000
|
trusted library allocation
|
page read and write
|
||
|
26FB3600000
|
heap
|
page read and write
|
||
|
26663802000
|
heap
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
224C7070000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1C101E3D000
|
heap
|
page read and write
|
||
|
22825D70000
|
trusted library allocation
|
page read and write
|
||
|
4334000
|
trusted library allocation
|
page read and write
|
||
|
44C000
|
unkown
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
79B000
|
heap
|
page read and write
|
||
|
22825FB0000
|
trusted library allocation
|
page read and write
|
||
|
25F4CC20000
|
heap
|
page read and write
|
||
|
F386779000
|
stack
|
page read and write
|
||
|
AC9EDFE000
|
stack
|
page read and write
|
||
|
22825410000
|
trusted library allocation
|
page read and write
|
||
|
26FB3702000
|
heap
|
page read and write
|
||
|
6347B7B000
|
stack
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
5D5CE7E000
|
stack
|
page read and write
|
||
|
224C6A32000
|
heap
|
page read and write
|
||
|
1C101E29000
|
heap
|
page read and write
|
||
|
26170443000
|
heap
|
page read and write
|
||
|
22CC884A000
|
heap
|
page read and write
|
||
|
2617046D000
|
heap
|
page read and write
|
||
|
2617043C000
|
heap
|
page read and write
|
||
|
224C6A64000
|
heap
|
page read and write
|
||
|
F915FFE000
|
stack
|
page read and write
|
||
|
25F4D290000
|
remote allocation
|
page read and write
|
||
|
22CC882A000
|
heap
|
page read and write
|
||
|
224C6A00000
|
heap
|
page read and write
|
||
|
26170C32000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
634797F000
|
stack
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
224C7202000
|
trusted library allocation
|
page read and write
|
||
|
433A000
|
trusted library allocation
|
page read and write
|
||
|
26FB3D50000
|
trusted library allocation
|
page read and write
|
||
|
2F9A000
|
heap
|
page read and write
|
||
|
26FB35F0000
|
heap
|
page read and write
|
||
|
764000
|
heap
|
page read and write
|
||
|
266632CA000
|
heap
|
page read and write
|
||
|
22CCA270000
|
trusted library allocation
|
page read and write
|
||
|
26FB364E000
|
heap
|
page read and write
|
||
|
BCA46FF000
|
stack
|
page read and write
|
||
|
22CC8874000
|
heap
|
page read and write
|
||
|
772000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
730000
|
heap
|
page read and write
|
||
|
7A1000
|
heap
|
page read and write
|
||
|
198000
|
stack
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
25F4CC52000
|
heap
|
page read and write
|
||
|
22CC8859000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
22CC885B000
|
heap
|
page read and write
|
||
|
5D5C87B000
|
stack
|
page read and write
|
||
|
500327F000
|
stack
|
page read and write
|
||
|
26170C02000
|
heap
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1C101E54000
|
heap
|
page read and write
|
||
|
63475FF000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
266632B9000
|
heap
|
page read and write
|
||
|
224C6A84000
|
heap
|
page read and write
|
||
|
26170413000
|
heap
|
page read and write
|
||
|
22CC8872000
|
heap
|
page read and write
|
||
|
AC9EA7C000
|
stack
|
page read and write
|
||
|
26170491000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22825140000
|
heap
|
page read and write
|
||
|
26663790000
|
trusted library allocation
|
page read and write
|
||
|
2617058F000
|
heap
|
page read and write
|
||
|
224C6A6D000
|
heap
|
page read and write
|
||
|
26663313000
|
heap
|
page read and write
|
||
|
25F4CC13000
|
heap
|
page read and write
|
||
|
224C6A41000
|
heap
|
page read and write
|
||
|
7AA000
|
heap
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
1C101E3B000
|
heap
|
page read and write
|
||
|
AC9E97F000
|
stack
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
2A2E000
|
stack
|
page read and write
|
||
|
518517E000
|
stack
|
page read and write
|
||
|
1C101E47000
|
heap
|
page read and write
|
||
|
BCA3E7A000
|
stack
|
page read and write
|
||
|
1C101E00000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
AC9EBFD000
|
stack
|
page read and write
|
||
|
D6EFC7D000
|
stack
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
1C101F02000
|
heap
|
page read and write
|
||
|
AC9E5FF000
|
stack
|
page read and write
|
||
|
22825FE0000
|
trusted library allocation
|
page read and write
|
||
|
518507F000
|
stack
|
page read and write
|
||
|
2617048F000
|
heap
|
page read and write
|
||
|
5C8000
|
heap
|
page read and write
|
||
|
1C101E02000
|
heap
|
page read and write
|
||
|
261701B0000
|
heap
|
page read and write
|
||
|
2DCA000
|
heap
|
page read and write
|
||
|
261705E7000
|
heap
|
page read and write
|
||
|
26663264000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
228250D0000
|
heap
|
page read and write
|
||
|
1C101C80000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
63470AB000
|
stack
|
page read and write
|
||
|
26662FC0000
|
heap
|
page read and write
|
||
|
224C6A3D000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
26170454000
|
heap
|
page read and write
|
||
|
26170C00000
|
heap
|
page read and write
|
||
|
5184F79000
|
stack
|
page read and write
|
||
|
44C000
|
unkown
|
page read and write
|
||
|
1C101E2E000
|
heap
|
page read and write
|
||
|
26170458000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
452000
|
unkown
|
page readonly
|
||
|
418000
|
unkown
|
page write copy
|
||
|
43E000
|
unkown
|
page execute and read and write
|
||
|
26170C24000
|
heap
|
page read and write
|
||
|
224C6A3B000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
22825FD0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
26170210000
|
heap
|
page read and write
|
||
|
26663229000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
25F4CC02000
|
heap
|
page read and write
|
||
|
224C6A58000
|
heap
|
page read and write
|
||
|
4DA000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
25F4CC3C000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
5184E7E000
|
stack
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
26170B54000
|
heap
|
page read and write
|
||
|
25F4CAA0000
|
heap
|
page read and write
|
||
|
22825174000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
2DAC000
|
stack
|
page read and write
|
||
|
2F1A000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
22CC8849000
|
heap
|
page read and write
|
||
|
22CC8900000
|
heap
|
page read and write
|
||
|
22CCA360000
|
remote allocation
|
page read and write
|
||
|
26FB3580000
|
heap
|
page read and write
|
||
|
224C6B02000
|
heap
|
page read and write
|
||
|
2E8A000
|
heap
|
page read and write
|
||
|
26170513000
|
heap
|
page read and write
|
||
|
BCA40FC000
|
stack
|
page read and write
|
||
|
22DE000
|
stack
|
page read and write
|
||
|
F3867FF000
|
stack
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
26FB367A000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
67C000
|
heap
|
page read and write
|
||
|
22825FC0000
|
heap
|
page readonly
|
||
|
5F2000
|
heap
|
page read and write
|
||
|
25F4CB00000
|
heap
|
page read and write
|
||
|
634787A000
|
stack
|
page read and write
|
||
|
25F4CC29000
|
heap
|
page read and write
|
||
|
1D1F9602000
|
trusted library allocation
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
22825435000
|
heap
|
page read and write
|
||
|
22CC8740000
|
heap
|
page read and write
|
||
|
1D1F8E40000
|
heap
|
page read and write
|
||
|
22825430000
|
heap
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
26662FD0000
|
heap
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
F3866F9000
|
stack
|
page read and write
|
||
|
224C6A62000
|
heap
|
page read and write
|
||
|
8CA000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
F3868F9000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
BCA42FD000
|
stack
|
page read and write
|
||
|
224C6A66000
|
heap
|
page read and write
|
||
|
22825439000
|
heap
|
page read and write
|
||
|
224C6A61000
|
heap
|
page read and write
|
||
|
4331000
|
trusted library allocation
|
page read and write
|
||
|
22CC8865000
|
heap
|
page read and write
|
||
|
22825130000
|
heap
|
page read and write
|
||
|
2EEA000
|
heap
|
page read and write
|
||
|
261705BB000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
4337000
|
trusted library allocation
|
page read and write
|
||
|
5184C7C000
|
stack
|
page read and write
|
||
|
1D1F8D60000
|
trusted library allocation
|
page read and write
|
||
|
224C6A7C000
|
heap
|
page read and write
|
||
|
26170BB0000
|
heap
|
page read and write
|
||
|
3E36000
|
trusted library allocation
|
page read and write
|
||
|
25F4CD02000
|
heap
|
page read and write
|
||
|
1C101E4A000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
377A000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
261703E0000
|
trusted library allocation
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
1C102602000
|
trusted library allocation
|
page read and write
|
||
|
224C6910000
|
heap
|
page read and write
|
||
|
67C000
|
heap
|
page read and write
|
||
|
22825197000
|
heap
|
page read and write
|
||
|
F915B6C000
|
stack
|
page read and write
|
||
|
500347F000
|
stack
|
page read and write
|
||
|
22CC87E0000
|
trusted library allocation
|
page read and write
|
||
|
22CC8813000
|
heap
|
page read and write
|
||
|
360A000
|
heap
|
page read and write
|
||
|
AC9E87C000
|
stack
|
page read and write
|
||
|
26663030000
|
heap
|
page read and write
|
||
|
433E000
|
trusted library allocation
|
page read and write
|
||
|
AC9E67C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5D5CD7B000
|
stack
|
page read and write
|
||
|
F38636C000
|
stack
|
page read and write
|
||
|
F9162FE000
|
stack
|
page read and write
|
||
|
69F000
|
stack
|
page read and write
|
||
|
2282517C000
|
heap
|
page read and write
|
||
|
22CCA2A0000
|
trusted library allocation
|
page read and write
|
||
|
4DA000
|
heap
|
page read and write
|
||
|
2282517E000
|
heap
|
page read and write
|
||
|
2282517C000
|
heap
|
page read and write
|
||
|
26663900000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
1D1F8F00000
|
heap
|
page read and write
|
||
|
67C000
|
heap
|
page read and write
|
||
|
2666326E000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
26170B22000
|
heap
|
page read and write
|
||
|
1C101C30000
|
heap
|
page read and write
|
||
|
6347779000
|
stack
|
page read and write
|
||
|
22CC885A000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
26170477000
|
heap
|
page read and write
|
||
|
22825060000
|
heap
|
page read and write
|
||
|
2E7A000
|
heap
|
page read and write
|
||
|
500367C000
|
stack
|
page read and write
|
||
|
26663200000
|
heap
|
page read and write
|
||
|
26170C13000
|
heap
|
page read and write
|
||
|
26FB3602000
|
heap
|
page read and write
|
||
|
266632C3000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
22826030000
|
trusted library allocation
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
1D1F8BF0000
|
heap
|
page read and write
|
||
|
D6EF55C000
|
stack
|
page read and write
|
||
|
26663267000
|
heap
|
page read and write
|
||
|
26FB3629000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1C101E1F000
|
heap
|
page read and write
|
||
|
26170BBC000
|
heap
|
page read and write
|
||
|
26FB363D000
|
heap
|
page read and write
|
||
|
224C6A13000
|
heap
|
page read and write
|
||
|
26FB3713000
|
heap
|
page read and write
|
||
|
3770000
|
heap
|
page read and write
|
||
|
BCA3FFE000
|
stack
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
1D1F8E52000
|
heap
|
page read and write
|
||
|
26170489000
|
heap
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
1D1F8C00000
|
heap
|
page read and write
|
||
|
26FB3667000
|
heap
|
page read and write
|
||
|
1D1F8E00000
|
heap
|
page read and write
|
||
|
22825420000
|
trusted library allocation
|
page read and write
|
||
|
4337000
|
trusted library allocation
|
page read and write
|
||
|
224C6A57000
|
heap
|
page read and write
|
||
|
F9161FE000
|
stack
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
224C6A7F000
|
heap
|
page read and write
|
||
|
1D1F8C60000
|
heap
|
page read and write
|
||
|
22CCA360000
|
remote allocation
|
page read and write
|
||
|
224C6A48000
|
heap
|
page read and write
|
||
|
22CC8902000
|
heap
|
page read and write
|
||
|
26170A02000
|
heap
|
page read and write
|
||
|
26170475000
|
heap
|
page read and write
|
||
|
26170BC7000
|
heap
|
page read and write
|
||
|
433A000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
745000
|
heap
|
page execute and read and write
|
||
|
67C000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
224C6A5D000
|
heap
|
page read and write
|
||
|
26663223000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
22CCA402000
|
trusted library allocation
|
page read and write
|
||
|
224C6A4E000
|
heap
|
page read and write
|
||
|
25F4CA90000
|
heap
|
page read and write
|
||
|
224C6A5B000
|
heap
|
page read and write
|
||
|
2E0A000
|
heap
|
page read and write
|
||
|
22CC8750000
|
heap
|
page read and write
|
||
|
26663912000
|
heap
|
page read and write
|
||
|
26FB3669000
|
heap
|
page read and write
|
||
|
22825440000
|
trusted library allocation
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
There are 472 hidden memdumps, click here to show them.