Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\cred64[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\9c69749b54\gntuud.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\9c69749b54\gntuud.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\85f469ce401df1\cred64.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\853321935212
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024,
components 3
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
C:\Users\user\Desktop\file.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\9c69749b54\gntuud.exe
|
"C:\Users\user\AppData\Local\Temp\9c69749b54\gntuud.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\9c69749b54\gntuud.exe"
/F
|
|
|
|
C:\Users\user\AppData\Local\Temp\9c69749b54\gntuud.exe
|
C:\Users\user\AppData\Local\Temp\9c69749b54\gntuud.exe
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\85f469ce401df1\cred64.dll, Main
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k echo Y|CACLS "gntuud.exe" /P "user:N"&&CACLS "gntuud.exe" /P "user:R" /E&&echo Y|CACLS "..\9c69749b54"
/P "user:N"&&CACLS "..\9c69749b54" /P "user:R" /E&&Exit
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" echo Y"
|
||
|
C:\Windows\SysWOW64\cacls.exe
|
CACLS "gntuud.exe" /P "user:N"
|
||
|
C:\Windows\SysWOW64\cacls.exe
|
CACLS "gntuud.exe" /P "user:R" /E
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" echo Y"
|
||
|
C:\Windows\SysWOW64\cacls.exe
|
CACLS "..\9c69749b54" /P "user:N"
|
||
|
C:\Windows\SysWOW64\cacls.exe
|
CACLS "..\9c69749b54" /P "user:R" /E
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
31.41.244.237/jg94cVd30f/index.php
|
|
||
|
http://31.41.244.237/jg94cVd30f/index.phpWindows
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.phpce401df1
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.php9749b54
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.phpW
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.php1df1
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.phpc
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.phpq
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.phpl4
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.php
|
unknown
|
||
|
http://31.41.244.237/jg94cVd30f/index.php?scr=1
|
unknown
|
There are 1 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
31.41.244.237
|
unknown
|
Russian Federation
|
|
|
|
192.168.2.5
|
unknown
|
unknown
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
|
Startup
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
920000
|
direct allocation
|
page read and write
|
|
|
|
B00000
|
direct allocation
|
page read and write
|
|
|
|
72F000
|
heap
|
page read and write
|
|
|
|
5E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
72F000
|
heap
|
page read and write
|
|
|
|
900000
|
direct allocation
|
page execute and read and write
|
|
|
|
731000
|
heap
|
page read and write
|
|
|
|
620000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
47A000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
390F000
|
trusted library allocation
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
3901000
|
trusted library allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
2870000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
736000
|
heap
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
2E2A000
|
heap
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
2E5A000
|
heap
|
page read and write
|
||
|
E3D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
652000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
198000
|
stack
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3E0C000
|
trusted library allocation
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
43E000
|
unkown
|
page execute and read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3E05000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3E04000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
3E05000
|
trusted library allocation
|
page read and write
|
||
|
DFC000
|
stack
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
72F000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
323E000
|
stack
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
ECF000
|
stack
|
page read and write
|
||
|
227F000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
2E6A000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
31BA000
|
heap
|
page read and write
|
||
|
2E6A000
|
heap
|
page read and write
|
||
|
30C6000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
376A000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
74C000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
2DBC000
|
stack
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
960000
|
heap
|
page read and write
|
||
|
3410000
|
direct allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
3E02000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2FFA000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page execute and read and write
|
||
|
3547000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
69F000
|
stack
|
page read and write
|
||
|
2EBA000
|
heap
|
page read and write
|
||
|
B1F000
|
stack
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
3106000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
307B000
|
stack
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
81F000
|
stack
|
page read and write
|
||
|
2DBA000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
2F8A000
|
heap
|
page read and write
|
||
|
3E02000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
DBD000
|
stack
|
page read and write
|
||
|
43E000
|
unkown
|
page execute and read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
5AC000
|
stack
|
page read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
3277000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
71C000
|
heap
|
page read and write
|
||
|
87A000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
35EA000
|
heap
|
page read and write
|
||
|
3E01000
|
trusted library allocation
|
page read and write
|
||
|
3E0B000
|
trusted library allocation
|
page read and write
|
||
|
32F7000
|
heap
|
page read and write
|
||
|
3E0C000
|
trusted library allocation
|
page read and write
|
||
|
27CF000
|
stack
|
page read and write
|
||
|
3333000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
33AF000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
442000
|
unkown
|
page write copy
|
||
|
729000
|
heap
|
page read and write
|
||
|
F3F000
|
stack
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
373A000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
3730000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
442000
|
unkown
|
page write copy
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
56D000
|
stack
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
ADE000
|
stack
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2380000
|
heap
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
237E000
|
stack
|
page read and write
|
||
|
B86000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
331A000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
44C000
|
unkown
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
744000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
297F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
3147000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3E06000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
744000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3760000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
3E0A000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
5F0000
|
trusted library allocation
|
page read and write
|
||
|
71C000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
327F000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
3E00000
|
trusted library allocation
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
35E0000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
3E0E000
|
trusted library allocation
|
page read and write
|
||
|
633000
|
heap
|
page execute and read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3E0A000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3E00000
|
trusted library allocation
|
page read and write
|
||
|
364A000
|
heap
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3908000
|
trusted library allocation
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
31D4000
|
heap
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
2EF2000
|
trusted library allocation
|
page read and write
|
||
|
82A000
|
heap
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3E05000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
31D4000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
303C000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
C3D000
|
stack
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
3456000
|
heap
|
page read and write
|
||
|
2EDA000
|
heap
|
page read and write
|
||
|
330F000
|
stack
|
page read and write
|
||
|
C7C000
|
stack
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
44C000
|
unkown
|
page read and write
|
||
|
71A000
|
heap
|
page read and write
|
||
|
3E08000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
E2F000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
There are 355 hidden memdumps, click here to show them.