Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LwNdQo4zIk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Pyupydeoe.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_8e16aed3aa5676a94a41f4f83e9862e56aba6f4_82810a17_1425c040\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9F7A.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Jan 5 16:43:08 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA20B.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA26A.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LwNdQo4zIk.exe
|
C:\Users\user\Desktop\LwNdQo4zIk.exe
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
"C:\Windows\system32\rundll32.exe" "C:\Users\user\AppData\Local\Temp\Pyupydeoe.tmp",Uprsprhaot
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 1568 -s 960
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHivePermissionsCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHiveOwnerCorrect
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProgramId
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
FileId
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LongPathHash
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Name
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Publisher
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Version
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinFileVersion
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinaryType
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductName
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductVersion
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LinkDate
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinProductVersion
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Size
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Language
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsPeFile
|
||
|
\REGISTRY\A\{4a8c284c-1530-fd5b-703c-952a7259e469}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsOsComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C008E4E08E7E
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F4DBEFC000
|
stack
|
page read and write
|
||
|
23DE000
|
stack
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
1A2681F0000
|
trusted library allocation
|
page read and write
|
||
|
1F4C2A3E000
|
heap
|
page read and write
|
||
|
F4DBC7B000
|
stack
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
1D9CD060000
|
heap
|
page read and write
|
||
|
6950000
|
direct allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
DFC000
|
stack
|
page read and write
|
||
|
1D9CD1C0000
|
trusted library allocation
|
page read and write
|
||
|
331D000
|
heap
|
page read and write
|
||
|
2CB81BF0000
|
remote allocation
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
1F07967B000
|
heap
|
page read and write
|
||
|
1D9CD200000
|
heap
|
page read and write
|
||
|
6650000
|
direct allocation
|
page read and write
|
||
|
66B0000
|
direct allocation
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
1F079662000
|
heap
|
page read and write
|
||
|
1A2674D5000
|
heap
|
page read and write
|
||
|
205B3A58000
|
heap
|
page read and write
|
||
|
1F4C27C0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
73DB17F000
|
stack
|
page read and write
|
||
|
1F0795A0000
|
trusted library allocation
|
page read and write
|
||
|
34AA37C000
|
stack
|
page read and write
|
||
|
1F07962D000
|
heap
|
page read and write
|
||
|
1A267480000
|
heap
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
1F079E02000
|
trusted library allocation
|
page read and write
|
||
|
678F000
|
stack
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
A080AFE000
|
stack
|
page read and write
|
||
|
19381B20000
|
heap
|
page read and write
|
||
|
1F4C3002000
|
heap
|
page read and write
|
||
|
163C7A23000
|
heap
|
page read and write
|
||
|
205B3A6D000
|
heap
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
205B3A64000
|
heap
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
1F079440000
|
heap
|
page read and write
|
||
|
2CB81C29000
|
heap
|
page read and write
|
||
|
1F07963A000
|
heap
|
page read and write
|
||
|
6960000
|
direct allocation
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
1F4C2A6F000
|
heap
|
page read and write
|
||
|
205B3A48000
|
heap
|
page read and write
|
||
|
6600000
|
direct allocation
|
page read and write
|
||
|
2CB81C00000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
8A5C6FD000
|
stack
|
page read and write
|
||
|
6073CFF000
|
stack
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
19381C53000
|
heap
|
page read and write
|
||
|
1F079631000
|
heap
|
page read and write
|
||
|
5C30000
|
direct allocation
|
page read and write
|
||
|
2CB81BC0000
|
trusted library allocation
|
page read and write
|
||
|
1F0794A0000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
307B000
|
stack
|
page read and write
|
||
|
1D9CD228000
|
heap
|
page read and write
|
||
|
1F079644000
|
heap
|
page read and write
|
||
|
95AF2FC000
|
stack
|
page read and write
|
||
|
6D58B000
|
unkown
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
653F000
|
stack
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
205B54B0000
|
trusted library allocation
|
page read and write
|
||
|
F4DC17D000
|
stack
|
page read and write
|
||
|
205B38F0000
|
heap
|
page read and write
|
||
|
163C718E000
|
heap
|
page read and write
|
||
|
A080CFE000
|
stack
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
A080A7B000
|
stack
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
95AF47C000
|
stack
|
page read and write
|
||
|
6D58F000
|
unkown
|
page readonly
|
||
|
209B1102000
|
heap
|
page read and write
|
||
|
1F079430000
|
heap
|
page read and write
|
||
|
1D9CD26D000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
1A267380000
|
heap
|
page read and write
|
||
|
1F079677000
|
heap
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
163C7590000
|
trusted library allocation
|
page read and write
|
||
|
307B000
|
stack
|
page read and write
|
||
|
163C7055000
|
heap
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
62E0000
|
direct allocation
|
page read and write
|
||
|
163C7A13000
|
heap
|
page read and write
|
||
|
688F000
|
stack
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
19381C3F000
|
heap
|
page read and write
|
||
|
6D58B000
|
unkown
|
page read and write
|
||
|
68EE000
|
stack
|
page read and write
|
||
|
6950000
|
direct allocation
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
1F079660000
|
heap
|
page read and write
|
||
|
95AF27E000
|
stack
|
page read and write
|
||
|
1A267F20000
|
trusted library allocation
|
page read and write
|
||
|
1F079702000
|
heap
|
page read and write
|
||
|
19381B90000
|
heap
|
page read and write
|
||
|
1D9CD240000
|
heap
|
page read and write
|
||
|
19381C76000
|
heap
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
1F079634000
|
heap
|
page read and write
|
||
|
6073A7A000
|
stack
|
page read and write
|
||
|
1A267409000
|
heap
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
1A268190000
|
trusted library allocation
|
page read and write
|
||
|
1F07967E000
|
heap
|
page read and write
|
||
|
205B3900000
|
heap
|
page read and write
|
||
|
205B3A48000
|
heap
|
page read and write
|
||
|
680F000
|
stack
|
page read and write
|
||
|
205B5602000
|
trusted library allocation
|
page read and write
|
||
|
1A2674B5000
|
heap
|
page read and write
|
||
|
7F72D79000
|
stack
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
95AF67E000
|
stack
|
page read and write
|
||
|
205B3A58000
|
heap
|
page read and write
|
||
|
217D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D58E000
|
unkown
|
page write copy
|
||
|
F4DC2FD000
|
stack
|
page read and write
|
||
|
60737FF000
|
stack
|
page read and write
|
||
|
1A2674BD000
|
heap
|
page read and write
|
||
|
3135000
|
heap
|
page read and write
|
||
|
62E0000
|
direct allocation
|
page read and write
|
||
|
163C7043000
|
heap
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
D90000
|
unkown
|
page read and write
|
||
|
34AA07F000
|
stack
|
page read and write
|
||
|
2CB81D02000
|
heap
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
50D000
|
unkown
|
page readonly
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1F079657000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
6D58A000
|
unkown
|
page readonly
|
||
|
1D9CD202000
|
heap
|
page read and write
|
||
|
1F079668000
|
heap
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
8A5CBFF000
|
stack
|
page read and write
|
||
|
95AEFFB000
|
stack
|
page read and write
|
||
|
692F000
|
stack
|
page read and write
|
||
|
1F4C2F90000
|
trusted library allocation
|
page read and write
|
||
|
209B1043000
|
heap
|
page read and write
|
||
|
6940000
|
direct allocation
|
page read and write
|
||
|
205B3A57000
|
heap
|
page read and write
|
||
|
6D58A000
|
unkown
|
page readonly
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
680F000
|
stack
|
page read and write
|
||
|
7F72E7F000
|
stack
|
page read and write
|
||
|
A080B7E000
|
stack
|
page read and write
|
||
|
2CB81A60000
|
heap
|
page read and write
|
||
|
6D58E000
|
unkown
|
page write copy
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
205B39E0000
|
remote allocation
|
page read and write
|
||
|
163C7754000
|
heap
|
page read and write
|
||
|
1F079613000
|
heap
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page read and write
|
||
|
1F07965A000
|
heap
|
page read and write
|
||
|
1A267405000
|
heap
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
607367A000
|
stack
|
page read and write
|
||
|
8A5CCFF000
|
stack
|
page read and write
|
||
|
163C7089000
|
heap
|
page read and write
|
||
|
205B39E0000
|
remote allocation
|
page read and write
|
||
|
1F079649000
|
heap
|
page read and write
|
||
|
6D58E000
|
unkown
|
page write copy
|
||
|
5760000
|
direct allocation
|
page execute and read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
1F4C2AC9000
|
heap
|
page read and write
|
||
|
1F079645000
|
heap
|
page read and write
|
||
|
1A267478000
|
heap
|
page read and write
|
||
|
205B3B13000
|
heap
|
page read and write
|
||
|
1A268180000
|
heap
|
page readonly
|
||
|
163C7000000
|
heap
|
page read and write
|
||
|
32FA000
|
heap
|
page read and write
|
||
|
73DB07E000
|
stack
|
page read and write
|
||
|
95AF3FE000
|
stack
|
page read and write
|
||
|
1F07966A000
|
heap
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
1F079659000
|
heap
|
page read and write
|
||
|
1F4C2A29000
|
heap
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
34AA67C000
|
stack
|
page read and write
|
||
|
2CB81C02000
|
heap
|
page read and write
|
||
|
205B3A00000
|
heap
|
page read and write
|
||
|
1F079665000
|
heap
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
6D4E1000
|
unkown
|
page execute read
|
||
|
30000
|
heap
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
6650000
|
direct allocation
|
page read and write
|
||
|
6940000
|
direct allocation
|
page read and write
|
||
|
205B39B0000
|
trusted library allocation
|
page read and write
|
||
|
607347B000
|
stack
|
page read and write
|
||
|
209B103C000
|
heap
|
page read and write
|
||
|
F4DC1FF000
|
stack
|
page read and write
|
||
|
D90000
|
unkown
|
page read and write
|
||
|
1A2674BD000
|
heap
|
page read and write
|
||
|
1D9CD252000
|
heap
|
page read and write
|
||
|
1F07968B000
|
heap
|
page read and write
|
||
|
68EE000
|
stack
|
page read and write
|
||
|
163C776F000
|
heap
|
page read and write
|
||
|
19381C2A000
|
heap
|
page read and write
|
||
|
95AF17F000
|
stack
|
page read and write
|
||
|
7F72EFA000
|
stack
|
page read and write
|
||
|
1F4C2AB8000
|
heap
|
page read and write
|
||
|
6073979000
|
stack
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
73DAF7E000
|
stack
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
163C7743000
|
heap
|
page read and write
|
||
|
A662079000
|
stack
|
page read and write
|
||
|
653D000
|
stack
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
205B3B18000
|
heap
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
1A268170000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
A080DFE000
|
stack
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
216F000
|
stack
|
page read and write
|
||
|
205B5470000
|
trusted library allocation
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
163C7A02000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page write copy
|
||
|
163C702A000
|
heap
|
page read and write
|
||
|
34A9EFC000
|
stack
|
page read and write
|
||
|
6950000
|
direct allocation
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
A080EFE000
|
stack
|
page read and write
|
||
|
6073B7E000
|
stack
|
page read and write
|
||
|
19381D13000
|
heap
|
page read and write
|
||
|
62F0000
|
direct allocation
|
page read and write
|
||
|
1F4C2B13000
|
heap
|
page read and write
|
||
|
163C7A27000
|
heap
|
page read and write
|
||
|
209B1802000
|
trusted library allocation
|
page read and write
|
||
|
209B1013000
|
heap
|
page read and write
|
||
|
3080000
|
remote allocation
|
page read and write
|
||
|
163C706A000
|
heap
|
page read and write
|
||
|
692F000
|
stack
|
page read and write
|
||
|
163C77BD000
|
heap
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
1F4C3113000
|
heap
|
page read and write
|
||
|
163C7792000
|
heap
|
page read and write
|
||
|
163C7700000
|
heap
|
page read and write
|
||
|
68EE000
|
stack
|
page read and write
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
19381C6B000
|
heap
|
page read and write
|
||
|
1F079664000
|
heap
|
page read and write
|
||
|
1F07966D000
|
heap
|
page read and write
|
||
|
19381C13000
|
heap
|
page read and write
|
||
|
19381C02000
|
heap
|
page read and write
|
||
|
205B3990000
|
trusted library allocation
|
page read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
F4DBCFE000
|
stack
|
page read and write
|
||
|
1F4C2AE2000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
163C71E5000
|
heap
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
1F079629000
|
heap
|
page read and write
|
||
|
163C75B0000
|
trusted library allocation
|
page read and write
|
||
|
6D58F000
|
unkown
|
page readonly
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
163C6DD0000
|
heap
|
page read and write
|
||
|
6550000
|
heap
|
page read and write
|
||
|
1A2674BD000
|
heap
|
page read and write
|
||
|
205B3A13000
|
heap
|
page read and write
|
||
|
209B0EA0000
|
heap
|
page read and write
|
||
|
205B3A02000
|
heap
|
page read and write
|
||
|
163C7043000
|
heap
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
1F07966B000
|
heap
|
page read and write
|
||
|
6650000
|
direct allocation
|
page read and write
|
||
|
19382402000
|
trusted library allocation
|
page read and write
|
||
|
6950000
|
direct allocation
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
6073C7E000
|
stack
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
73DAE7B000
|
stack
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
1D9CD279000
|
heap
|
page read and write
|
||
|
1F079600000
|
heap
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
19381C68000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
1D9CD302000
|
heap
|
page read and write
|
||
|
1A2674E2000
|
heap
|
page read and write
|
||
|
1F4C2B02000
|
heap
|
page read and write
|
||
|
95AF57D000
|
stack
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
2CB82402000
|
trusted library allocation
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
163C7094000
|
heap
|
page read and write
|
||
|
2CB81BF0000
|
remote allocation
|
page read and write
|
||
|
1A267570000
|
trusted library allocation
|
page read and write
|
||
|
1F07965F000
|
heap
|
page read and write
|
||
|
F4DBF7C000
|
stack
|
page read and write
|
||
|
1A2681A0000
|
trusted library allocation
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
163C71B9000
|
heap
|
page read and write
|
||
|
1A267F30000
|
trusted library allocation
|
page read and write
|
||
|
66D0000
|
remote allocation
|
page read and write
|
||
|
514000
|
unkown
|
page readonly
|
||
|
163C7A30000
|
heap
|
page read and write
|
||
|
163C7074000
|
heap
|
page read and write
|
||
|
1D9CD300000
|
heap
|
page read and write
|
||
|
205B3B02000
|
heap
|
page read and write
|
||
|
8A5CDFE000
|
stack
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
1A267400000
|
heap
|
page read and write
|
||
|
163C7013000
|
heap
|
page read and write
|
||
|
1A267230000
|
trusted library allocation
|
page read and write
|
||
|
7F72DF9000
|
stack
|
page read and write
|
||
|
1F4C2830000
|
heap
|
page read and write
|
||
|
1F07962E000
|
heap
|
page read and write
|
||
|
1F079661000
|
heap
|
page read and write
|
||
|
30D0000
|
direct allocation
|
page read and write
|
||
|
6D58F000
|
unkown
|
page readonly
|
||
|
331D000
|
heap
|
page read and write
|
||
|
1D9CD0C0000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
3135000
|
heap
|
page read and write
|
||
|
A661B1C000
|
stack
|
page read and write
|
||
|
6950000
|
direct allocation
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
6073D7F000
|
stack
|
page read and write
|
||
|
688F000
|
stack
|
page read and write
|
||
|
653D000
|
stack
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
653F000
|
stack
|
page read and write
|
||
|
95AF87F000
|
stack
|
page read and write
|
||
|
2CE0000
|
direct allocation
|
page read and write
|
||
|
209B0E90000
|
heap
|
page read and write
|
||
|
163C7702000
|
heap
|
page read and write
|
||
|
209B1000000
|
heap
|
page read and write
|
||
|
5760000
|
direct allocation
|
page execute and read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
95AEB9C000
|
stack
|
page read and write
|
||
|
7F729BB000
|
stack
|
page read and write
|
||
|
34AA27F000
|
stack
|
page read and write
|
||
|
34AA47D000
|
stack
|
page read and write
|
||
|
DFC000
|
stack
|
page read and write
|
||
|
209B103E000
|
heap
|
page read and write
|
||
|
69E000
|
stack
|
page read and write
|
||
|
1A2673F0000
|
trusted library allocation
|
page read and write
|
||
|
680F000
|
stack
|
page read and write
|
||
|
2380000
|
direct allocation
|
page read and write
|
||
|
8A5CAFF000
|
stack
|
page read and write
|
||
|
1F079634000
|
heap
|
page read and write
|
||
|
8A5C9FE000
|
stack
|
page read and write
|
||
|
6DA000
|
heap
|
page read and write
|
||
|
209B1029000
|
heap
|
page read and write
|
||
|
1F4C2AE6000
|
heap
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
1F079646000
|
heap
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
19381B30000
|
heap
|
page read and write
|
||
|
1A267360000
|
heap
|
page read and write
|
||
|
692F000
|
stack
|
page read and write
|
||
|
6550000
|
heap
|
page read and write
|
||
|
1F079641000
|
heap
|
page read and write
|
||
|
253F000
|
stack
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
163C77AF000
|
heap
|
page read and write
|
||
|
163C708C000
|
heap
|
page read and write
|
||
|
A66217E000
|
stack
|
page read and write
|
||
|
1F4C3100000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
1F4C2A13000
|
heap
|
page read and write
|
||
|
205B3960000
|
heap
|
page read and write
|
||
|
331D000
|
heap
|
page read and write
|
||
|
5C30000
|
direct allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
62E0000
|
direct allocation
|
page read and write
|
||
|
678F000
|
stack
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
163C7A36000
|
heap
|
page read and write
|
||
|
163C77C7000
|
heap
|
page read and write
|
||
|
A080FFE000
|
stack
|
page read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
5760000
|
direct allocation
|
page execute and read and write
|
||
|
32FA000
|
heap
|
page read and write
|
||
|
19381C00000
|
heap
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
163C7059000
|
heap
|
page read and write
|
||
|
2260000
|
direct allocation
|
page execute and read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
8A5C5FD000
|
stack
|
page read and write
|
||
|
19381D02000
|
heap
|
page read and write
|
||
|
DFC000
|
stack
|
page read and write
|
||
|
2CB81A50000
|
heap
|
page read and write
|
||
|
1F4C2AC7000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
62F0000
|
direct allocation
|
page read and write
|
||
|
19381BC0000
|
trusted library allocation
|
page read and write
|
||
|
34A9AFB000
|
stack
|
page read and write
|
||
|
1A267220000
|
heap
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
209B0EF0000
|
heap
|
page read and write
|
||
|
209B102F000
|
heap
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
1A267470000
|
heap
|
page read and write
|
||
|
1F07965C000
|
heap
|
page read and write
|
||
|
1D9CD275000
|
heap
|
page read and write
|
||
|
1F4C313A000
|
heap
|
page read and write
|
||
|
1F079663000
|
heap
|
page read and write
|
||
|
307B000
|
stack
|
page read and write
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
8A5C8FE000
|
stack
|
page read and write
|
||
|
6710000
|
direct allocation
|
page read and write
|
||
|
3135000
|
heap
|
page read and write
|
||
|
1D9CD050000
|
heap
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
163C7A30000
|
heap
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
19381C59000
|
heap
|
page read and write
|
||
|
2CB81BF0000
|
remote allocation
|
page read and write
|
||
|
1D9CD313000
|
heap
|
page read and write
|
||
|
A080C7F000
|
stack
|
page read and write
|
||
|
6D58B000
|
unkown
|
page read and write
|
||
|
678F000
|
stack
|
page read and write
|
||
|
32FA000
|
heap
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
1F079640000
|
heap
|
page read and write
|
||
|
1F079684000
|
heap
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
1F07964E000
|
heap
|
page read and write
|
||
|
653F000
|
stack
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
205B3A89000
|
heap
|
page read and write
|
||
|
8A5C47B000
|
stack
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
1F07963D000
|
heap
|
page read and write
|
||
|
205B3A3D000
|
heap
|
page read and write
|
||
|
19381C3D000
|
heap
|
page read and write
|
||
|
653D000
|
stack
|
page read and write
|
||
|
1D9CD213000
|
heap
|
page read and write
|
||
|
6D4E1000
|
unkown
|
page execute read
|
||
|
163C7113000
|
heap
|
page read and write
|
||
|
163C6E30000
|
heap
|
page read and write
|
||
|
2CB81AC0000
|
heap
|
page read and write
|
||
|
1F079658000
|
heap
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
1F079642000
|
heap
|
page read and write
|
||
|
60738FB000
|
stack
|
page read and write
|
||
|
163C7602000
|
heap
|
page read and write
|
||
|
2CB81C51000
|
heap
|
page read and write
|
||
|
205B3B00000
|
heap
|
page read and write
|
||
|
6D4E0000
|
unkown
|
page readonly
|
||
|
95AF77D000
|
stack
|
page read and write
|
||
|
1A267410000
|
trusted library allocation
|
page read and write
|
||
|
163C6DC0000
|
heap
|
page read and write
|
||
|
163C7077000
|
heap
|
page read and write
|
||
|
7F72F7C000
|
stack
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
34AA17F000
|
stack
|
page read and write
|
||
|
163C703C000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
6940000
|
direct allocation
|
page read and write
|
||
|
6550000
|
heap
|
page read and write
|
||
|
6950000
|
direct allocation
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
6D58A000
|
unkown
|
page readonly
|
||
|
62F0000
|
direct allocation
|
page read and write
|
||
|
205B3A2A000
|
heap
|
page read and write
|
||
|
3080000
|
remote allocation
|
page read and write
|
||
|
6670000
|
direct allocation
|
page read and write
|
||
|
163C7722000
|
heap
|
page read and write
|
||
|
2CB81C13000
|
heap
|
page read and write
|
||
|
1F4C2A00000
|
heap
|
page read and write
|
||
|
2CB81C40000
|
heap
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
163C7092000
|
heap
|
page read and write
|
||
|
6D4E0000
|
unkown
|
page readonly
|
||
|
209B1052000
|
heap
|
page read and write
|
||
|
66D0000
|
remote allocation
|
page read and write
|
||
|
416000
|
unkown
|
page execute read
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
205B3A75000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
1F07967A000
|
heap
|
page read and write
|
||
|
5C30000
|
direct allocation
|
page read and write
|
||
|
1D9CDA02000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
remote allocation
|
page read and write
|
||
|
163C7A00000
|
heap
|
page read and write
|
||
|
1F4C27D0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
209B1002000
|
heap
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
73DA91B000
|
stack
|
page read and write
|
||
|
8A5C27C000
|
stack
|
page read and write
|
||
|
209B0FF0000
|
trusted library allocation
|
page read and write
|
||
|
A66227F000
|
stack
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
6D4E1000
|
unkown
|
page execute read
|
||
|
205B3A47000
|
heap
|
page read and write
|
||
|
205B39E0000
|
remote allocation
|
page read and write
|
||
|
6D4E0000
|
unkown
|
page readonly
|
||
|
37B0000
|
direct allocation
|
page read and write
|
||
|
163C7722000
|
heap
|
page read and write
|
There are 519 hidden memdumps, click here to show them.