Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
zlP981oop5.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\gblqfiy.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\C79A3B\B52B3F.exe (copy)
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\erbwrip.be
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsk2BAD.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\rznkfgz.rq
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\C79A3B\B52B3F.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\414045e2d09286d5db2581e0d955d358_d06ed635-68f6-4e9a-955c-4899f5f57b9a
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\zlP981oop5.exe
|
C:\Users\user\Desktop\zlP981oop5.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\gblqfiy.exe
|
"C:\Users\user\AppData\Local\Temp\gblqfiy.exe" C:\Users\user\AppData\Local\Temp\rznkfgz.rq
|
|
|
|
C:\Users\user\AppData\Local\Temp\gblqfiy.exe
|
C:\Users\user\AppData\Local\Temp\gblqfiy.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://kbfvzoboss.bid/alien/fre.php
|
|
||
|
http://alphastand.win/alien/fre.php
|
|
||
|
http://alphastand.trade/alien/fre.php
|
|
||
|
http://alphastand.top/alien/fre.php
|
|
||
|
http://171.22.30.147/kelly/five/fre.php
|
171.22.30.147
|
|
|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.ibsensoftware.com/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
171.22.30.147
|
unknown
|
Germany
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
658000
|
heap
|
page read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
A00000
|
direct allocation
|
page read and write
|
|
|
|
16E44E02000
|
heap
|
page read and write
|
||
|
27001413000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
24F8A890000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
27001350000
|
trusted library allocation
|
page read and write
|
||
|
24F8B430000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
22C9DEB0000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
16E44E3D000
|
heap
|
page read and write
|
||
|
2E475224000
|
heap
|
page read and write
|
||
|
24F8B390000
|
heap
|
page read and write
|
||
|
1CD000A0000
|
heap
|
page read and write
|
||
|
16E44E31000
|
heap
|
page read and write
|
||
|
21077454000
|
heap
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
1A190000
|
direct allocation
|
page read and write
|
||
|
2E475271000
|
heap
|
page read and write
|
||
|
24F8AB8E000
|
heap
|
page read and write
|
||
|
16E44E7A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1CD00313000
|
heap
|
page read and write
|
||
|
F3D8CFF000
|
stack
|
page read and write
|
||
|
1CD00110000
|
heap
|
page read and write
|
||
|
416000
|
unkown
|
page read and write
|
||
|
16E44CB0000
|
heap
|
page read and write
|
||
|
2346000
|
direct allocation
|
page read and write
|
||
|
24F8B36F000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
1A190000
|
direct allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
16E44E6C000
|
heap
|
page read and write
|
||
|
2E475266000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
16E44E4B000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
16E44E60000
|
heap
|
page read and write
|
||
|
16E44E00000
|
heap
|
page read and write
|
||
|
CE65AFE000
|
stack
|
page read and write
|
||
|
1CD00268000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21077429000
|
heap
|
page read and write
|
||
|
200E503D000
|
heap
|
page read and write
|
||
|
CE65D7F000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
A80000
|
heap
|
page read and write
|
||
|
24F8B423000
|
heap
|
page read and write
|
||
|
24F8B322000
|
heap
|
page read and write
|
||
|
1A2AF000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
1A190000
|
direct allocation
|
page read and write
|
||
|
40F000
|
unkown
|
page readonly
|
||
|
22C9E6A0000
|
remote allocation
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
FCED75B000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
200E4E70000
|
heap
|
page read and write
|
||
|
FCEE0FD000
|
stack
|
page read and write
|
||
|
2E47528A000
|
heap
|
page read and write
|
||
|
24F8B3BE000
|
heap
|
page read and write
|
||
|
2E475268000
|
heap
|
page read and write
|
||
|
22C9E041000
|
heap
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
F3D8DFD000
|
stack
|
page read and write
|
||
|
27001441000
|
heap
|
page read and write
|
||
|
24F8AA5C000
|
heap
|
page read and write
|
||
|
27001463000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
527000
|
heap
|
page read and write
|
||
|
527000
|
heap
|
page read and write
|
||
|
200E5073000
|
heap
|
page read and write
|
||
|
40F000
|
unkown
|
page readonly
|
||
|
2346000
|
direct allocation
|
page read and write
|
||
|
16E44E5F000
|
heap
|
page read and write
|
||
|
FCEDDFE000
|
stack
|
page read and write
|
||
|
270011F0000
|
heap
|
page read and write
|
||
|
24F8B202000
|
heap
|
page read and write
|
||
|
2E4752C2000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
283F000
|
stack
|
page read and write
|
||
|
2E4750B0000
|
heap
|
page read and write
|
||
|
16E44E69000
|
heap
|
page read and write
|
||
|
22C9DF10000
|
heap
|
page read and write
|
||
|
27001429000
|
heap
|
page read and write
|
||
|
20EF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2346000
|
direct allocation
|
page read and write
|
||
|
200E4E10000
|
heap
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
6BC000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
16E44E30000
|
heap
|
page read and write
|
||
|
87F000
|
stack
|
page read and write
|
||
|
27001513000
|
heap
|
page read and write
|
||
|
52D907B000
|
stack
|
page read and write
|
||
|
27001400000
|
heap
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
2E475313000
|
heap
|
page read and write
|
||
|
200E5068000
|
heap
|
page read and write
|
||
|
21077990000
|
trusted library allocation
|
page read and write
|
||
|
21077230000
|
heap
|
page read and write
|
||
|
FCEDF7D000
|
stack
|
page read and write
|
||
|
16E44E66000
|
heap
|
page read and write
|
||
|
24F8AA43000
|
heap
|
page read and write
|
||
|
21077402000
|
heap
|
page read and write
|
||
|
24F8B402000
|
heap
|
page read and write
|
||
|
200E5118000
|
heap
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
416000
|
unkown
|
page write copy
|
||
|
24F8B3AD000
|
heap
|
page read and write
|
||
|
16E44E48000
|
heap
|
page read and write
|
||
|
1A43B000
|
direct allocation
|
page read and write
|
||
|
1CD00213000
|
heap
|
page read and write
|
||
|
FCEE2FC000
|
stack
|
page read and write
|
||
|
16E44E6A000
|
heap
|
page read and write
|
||
|
52D937F000
|
stack
|
page read and write
|
||
|
24F8B300000
|
heap
|
page read and write
|
||
|
22C9E000000
|
heap
|
page read and write
|
||
|
30DFC7E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
CE6627C000
|
stack
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
F3D89FB000
|
stack
|
page read and write
|
||
|
16E44E39000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
16E44E2D000
|
heap
|
page read and write
|
||
|
51DD97E000
|
stack
|
page read and write
|
||
|
200E5000000
|
heap
|
page read and write
|
||
|
2E47522A000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
16E44E41000
|
heap
|
page read and write
|
||
|
200E4F70000
|
trusted library allocation
|
page read and write
|
||
|
1A43F000
|
direct allocation
|
page read and write
|
||
|
200E5100000
|
heap
|
page read and write
|
||
|
2F55B79000
|
stack
|
page read and write
|
||
|
FCEDFFB000
|
stack
|
page read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
1CD00254000
|
heap
|
page read and write
|
||
|
2E4750C0000
|
heap
|
page read and write
|
||
|
24F8AA82000
|
heap
|
page read and write
|
||
|
24F8AA6B000
|
heap
|
page read and write
|
||
|
1CD0023C000
|
heap
|
page read and write
|
||
|
1A2A6000
|
direct allocation
|
page read and write
|
||
|
21077425000
|
heap
|
page read and write
|
||
|
52BBE7E000
|
stack
|
page read and write
|
||
|
1CD0027B000
|
heap
|
page read and write
|
||
|
16E44E46000
|
heap
|
page read and write
|
||
|
200E505A000
|
heap
|
page read and write
|
||
|
27001402000
|
heap
|
page read and write
|
||
|
24F8A9F0000
|
trusted library allocation
|
page read and write
|
||
|
219E000
|
stack
|
page read and write
|
||
|
CE65E7F000
|
stack
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
2E4752BD000
|
heap
|
page read and write
|
||
|
2107743A000
|
heap
|
page read and write
|
||
|
F3D8BFD000
|
stack
|
page read and write
|
||
|
416000
|
unkown
|
page write copy
|
||
|
1A320000
|
direct allocation
|
page read and write
|
||
|
16E44E4D000
|
heap
|
page read and write
|
||
|
52BC07F000
|
stack
|
page read and write
|
||
|
F3D8FFF000
|
stack
|
page read and write
|
||
|
51DDAFF000
|
stack
|
page read and write
|
||
|
200E4FC0000
|
trusted library allocation
|
page read and write
|
||
|
2237000
|
direct allocation
|
page read and write
|
||
|
527000
|
heap
|
page read and write
|
||
|
2E475200000
|
heap
|
page read and write
|
||
|
16E44E45000
|
heap
|
page read and write
|
||
|
52D94F9000
|
stack
|
page read and write
|
||
|
1CD00870000
|
trusted library allocation
|
page read and write
|
||
|
2E4752E8000
|
heap
|
page read and write
|
||
|
24F8A8F0000
|
heap
|
page read and write
|
||
|
51DD35C000
|
stack
|
page read and write
|
||
|
200E502A000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
27001455000
|
heap
|
page read and write
|
||
|
16E44E47000
|
heap
|
page read and write
|
||
|
2F55C7F000
|
stack
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
2E4752E1000
|
heap
|
page read and write
|
||
|
24F8B400000
|
heap
|
page read and write
|
||
|
27CF000
|
stack
|
page read and write
|
||
|
97F000
|
stack
|
page read and write
|
||
|
24F8ABB9000
|
heap
|
page read and write
|
||
|
1A2AB000
|
direct allocation
|
page read and write
|
||
|
16E44F02000
|
heap
|
page read and write
|
||
|
16E44E42000
|
heap
|
page read and write
|
||
|
1A43B000
|
direct allocation
|
page read and write
|
||
|
2700145B000
|
heap
|
page read and write
|
||
|
27001462000
|
heap
|
page read and write
|
||
|
200E69E0000
|
remote allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
200E5113000
|
heap
|
page read and write
|
||
|
22C9E6A0000
|
remote allocation
|
page read and write
|
||
|
22C9DEA0000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
16E44E79000
|
heap
|
page read and write
|
||
|
1CD000B0000
|
heap
|
page read and write
|
||
|
1A320000
|
direct allocation
|
page read and write
|
||
|
1A2AF000
|
direct allocation
|
page read and write
|
||
|
52BB92E000
|
stack
|
page read and write
|
||
|
51DDD7D000
|
stack
|
page read and write
|
||
|
F3D92FF000
|
stack
|
page read and write
|
||
|
1CD00302000
|
heap
|
page read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
CE6568B000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
40F000
|
unkown
|
page readonly
|
||
|
16E44C40000
|
heap
|
page read and write
|
||
|
1A43B000
|
direct allocation
|
page read and write
|
||
|
1A43F000
|
direct allocation
|
page read and write
|
||
|
24F8B3C8000
|
heap
|
page read and write
|
||
|
1CD00279000
|
heap
|
page read and write
|
||
|
21077437000
|
heap
|
page read and write
|
||
|
24F8AA89000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
24F8B322000
|
heap
|
page read and write
|
||
|
200E505A000
|
heap
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
52D987F000
|
stack
|
page read and write
|
||
|
1A2AF000
|
direct allocation
|
page read and write
|
||
|
22C9E013000
|
heap
|
page read and write
|
||
|
4A0000
|
system
|
page execute and read and write
|
||
|
24F8B302000
|
heap
|
page read and write
|
||
|
200E6A02000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4FA000
|
heap
|
page read and write
|
||
|
45E000
|
stack
|
page read and write
|
||
|
24F8B430000
|
heap
|
page read and write
|
||
|
CE6617F000
|
stack
|
page read and write
|
||
|
F3D8EFF000
|
stack
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
22C9E002000
|
heap
|
page read and write
|
||
|
200E69E0000
|
remote allocation
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
1A190000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
30DFDFE000
|
stack
|
page read and write
|
||
|
1A2AB000
|
direct allocation
|
page read and write
|
||
|
16E44E49000
|
heap
|
page read and write
|
||
|
200E508B000
|
heap
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
22C9E6A0000
|
remote allocation
|
page read and write
|
||
|
6BC000
|
heap
|
page read and write
|
||
|
CE65F7C000
|
stack
|
page read and write
|
||
|
200E4E00000
|
heap
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
22C9E670000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
200E5102000
|
heap
|
page read and write
|
||
|
FCEDE7C000
|
stack
|
page read and write
|
||
|
1CD00300000
|
heap
|
page read and write
|
||
|
2E4752CE000
|
heap
|
page read and write
|
||
|
24F8AA43000
|
heap
|
page read and write
|
||
|
52D927B000
|
stack
|
page read and write
|
||
|
51DDC7F000
|
stack
|
page read and write
|
||
|
40F000
|
unkown
|
page readonly
|
||
|
24F8AA54000
|
heap
|
page read and write
|
||
|
1CD00200000
|
heap
|
page read and write
|
||
|
22C9E102000
|
heap
|
page read and write
|
||
|
16E44E40000
|
heap
|
page read and write
|
||
|
24F8AA13000
|
heap
|
page read and write
|
||
|
52BBD7E000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
1A2A6000
|
direct allocation
|
page read and write
|
||
|
16E44E76000
|
heap
|
page read and write
|
||
|
210771D0000
|
heap
|
page read and write
|
||
|
24F8B343000
|
heap
|
page read and write
|
||
|
F3D8AFF000
|
stack
|
page read and write
|
||
|
1A190000
|
direct allocation
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
16E44E2E000
|
heap
|
page read and write
|
||
|
1A190000
|
direct allocation
|
page read and write
|
||
|
16E45602000
|
trusted library allocation
|
page read and write
|
||
|
2F5549B000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
416000
|
unkown
|
page write copy
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
24F8AA00000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
24F8AA5A000
|
heap
|
page read and write
|
||
|
51DDBFD000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
40F000
|
unkown
|
page readonly
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
2E475B00000
|
heap
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
2E475880000
|
trusted library allocation
|
page read and write
|
||
|
1CD00202000
|
heap
|
page read and write
|
||
|
1A190000
|
direct allocation
|
page read and write
|
||
|
52D98FF000
|
stack
|
page read and write
|
||
|
4B0000
|
direct allocation
|
page execute and read and write
|
||
|
2107743C000
|
heap
|
page read and write
|
||
|
24F8B427000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2107742F000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1A2AB000
|
direct allocation
|
page read and write
|
||
|
16E44E55000
|
heap
|
page read and write
|
||
|
27001455000
|
heap
|
page read and write
|
||
|
16E44E61000
|
heap
|
page read and write
|
||
|
30DFA7B000
|
stack
|
page read and write
|
||
|
16E44E3A000
|
heap
|
page read and write
|
||
|
210771E0000
|
heap
|
page read and write
|
||
|
2E475302000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
200E5002000
|
heap
|
page read and write
|
||
|
2E475213000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
16E44C50000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
51DDA7D000
|
stack
|
page read and write
|
||
|
4A0000
|
system
|
page execute and read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
200E69A0000
|
trusted library allocation
|
page read and write
|
||
|
2E475120000
|
heap
|
page read and write
|
||
|
52BB9AE000
|
stack
|
page read and write
|
||
|
200E4F90000
|
trusted library allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
27001470000
|
heap
|
page read and write
|
||
|
52BB8AC000
|
stack
|
page read and write
|
||
|
200E504A000
|
heap
|
page read and write
|
||
|
CE65C7F000
|
stack
|
page read and write
|
||
|
FCEE3FF000
|
stack
|
page read and write
|
||
|
51DD87E000
|
stack
|
page read and write
|
||
|
24F8AA52000
|
heap
|
page read and write
|
||
|
24F8AA3C000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
CE6607C000
|
stack
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
FCEDCFF000
|
stack
|
page read and write
|
||
|
200E69E0000
|
remote allocation
|
page read and write
|
||
|
24F8AA86000
|
heap
|
page read and write
|
||
|
16E44E44000
|
heap
|
page read and write
|
||
|
27001477000
|
heap
|
page read and write
|
||
|
24F8AB13000
|
heap
|
page read and write
|
||
|
21077448000
|
heap
|
page read and write
|
||
|
24F8AA6E000
|
heap
|
page read and write
|
||
|
1CD00228000
|
heap
|
page read and write
|
||
|
24F8AA84000
|
heap
|
page read and write
|
||
|
52D96FE000
|
stack
|
page read and write
|
||
|
1A2AF000
|
direct allocation
|
page read and write
|
||
|
200E504A000
|
heap
|
page read and write
|
||
|
1A2AB000
|
direct allocation
|
page read and write
|
||
|
200E5013000
|
heap
|
page read and write
|
||
|
F3D91FE000
|
stack
|
page read and write
|
||
|
2F55A7A000
|
stack
|
page read and write
|
||
|
22C9E029000
|
heap
|
page read and write
|
||
|
27001C02000
|
trusted library allocation
|
page read and write
|
||
|
84F000
|
stack
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
24F8A880000
|
heap
|
page read and write
|
||
|
16E44E7D000
|
heap
|
page read and write
|
||
|
52D97FE000
|
stack
|
page read and write
|
||
|
2E475245000
|
heap
|
page read and write
|
||
|
1A43F000
|
direct allocation
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
16E44E83000
|
heap
|
page read and write
|
||
|
416000
|
unkown
|
page write copy
|
||
|
24F8AA2A000
|
heap
|
page read and write
|
||
|
FCEE1FF000
|
stack
|
page read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24F8ABE5000
|
heap
|
page read and write
|
||
|
2E475A02000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
4BE000
|
stack
|
page read and write
|
||
|
200E5059000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
21077413000
|
heap
|
page read and write
|
||
|
6A1000
|
heap
|
page read and write
|
||
|
52BBF7F000
|
stack
|
page read and write
|
||
|
24F8B413000
|
heap
|
page read and write
|
||
|
2700146B000
|
heap
|
page read and write
|
||
|
51DD7FE000
|
stack
|
page read and write
|
||
|
F3D859B000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
416000
|
unkown
|
page write copy
|
||
|
2380000
|
heap
|
page read and write
|
||
|
24F8B436000
|
heap
|
page read and write
|
||
|
16E44E4F000
|
heap
|
page read and write
|
||
|
4C0000
|
trusted library allocation
|
page read and write
|
||
|
24F8AA91000
|
heap
|
page read and write
|
||
|
270011E0000
|
heap
|
page read and write
|
||
|
1A320000
|
direct allocation
|
page read and write
|
||
|
52D95FA000
|
stack
|
page read and write
|
||
|
1CD00A02000
|
trusted library allocation
|
page read and write
|
||
|
200E5049000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
16E44E31000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
21077502000
|
heap
|
page read and write
|
||
|
40F000
|
unkown
|
page readonly
|
||
|
16E44E29000
|
heap
|
page read and write
|
||
|
24F8B070000
|
trusted library allocation
|
page read and write
|
||
|
30DF53C000
|
stack
|
page read and write
|
||
|
16E44DB0000
|
trusted library allocation
|
page read and write
|
||
|
22C9E05F000
|
heap
|
page read and write
|
||
|
273F000
|
stack
|
page read and write
|
||
|
16E44E13000
|
heap
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
21077A02000
|
trusted library allocation
|
page read and write
|
||
|
27001250000
|
heap
|
page read and write
|
||
|
24F8B354000
|
heap
|
page read and write
|
||
|
2346000
|
direct allocation
|
page read and write
|
||
|
F3D90FF000
|
stack
|
page read and write
|
||
|
16E44E39000
|
heap
|
page read and write
|
||
|
21077400000
|
heap
|
page read and write
|
||
|
27001502000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1A2A6000
|
direct allocation
|
page read and write
|
||
|
52D947B000
|
stack
|
page read and write
|
||
|
16E44E4E000
|
heap
|
page read and write
|
||
|
22C9E802000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
30DFB7E000
|
stack
|
page read and write
|
||
|
FCEDB7C000
|
stack
|
page read and write
|
There are 422 hidden memdumps, click here to show them.