IOC Report
101_Labs_Cisco_CCNA.pdf

loading gif

Files

File Path
Type
Category
Malicious
101_Labs_Cisco_CCNA.pdf
PDF document, version 1.4, 9 pages
initial sample
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
data
modified
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4ca3cb58378aaa3f_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\64766d63a539c3ca_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\72d9f526d2e2e7c8_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\78bff3512887b83d_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\e58e492b0f04240a_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index~RF53d2cd.TMP (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_2798067b152b83c7_0_1 (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_86b8040b7132b608_0_1 (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_8c84d92a9dbce3e0_0_1 (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_946896ee27df7947_0_1 (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_f0cf6dfa8a1afa3d_0_1 (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_f941376b2efdd6e6_0_1 (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_febb41df4ea2b63a_0_1 (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-230108145505Z-185.bmp
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
SQLite Rollback Journal
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt21.lst (copy)
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt16.lst.548
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt21.lst (copy)
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt21.lst (copy)
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt16.lst.548
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\Files\DC_READER_LAUNCH_CARD
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\Files\DC_Reader_RHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\Files\DC_Reader_RHP_Retention
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\Files\Edit_InApp_Aug2020
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\Files\TESTING
data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\SOPHIA.json
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin
data
dropped
There are 52 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\101_Labs_Cisco_CCNA.pdf
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043

URLs

Name
IP
Malicious
http://www.howtonetwork.com/)
unknown
https://www.101labs.net/)
unknown
http://www.in60days.com/)
unknown
http://www.101labs.net/resources)
unknown
https://calibre-ebook.com
unknown
http://www.101labs.net/)
unknown
http://www.mypage.com/)
unknown
https://www.onworks.net/)
unknown

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
aFS
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tDIText
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tFileName
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tFileSource
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sFileAncestors
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sDI
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sDate
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
uFileSize
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
uPageCount
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
aFS
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
tDIText
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
tFileName
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sFileAncestors
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sDI
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sDate
There are 5 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
285AF0C3000
heap
page read and write
285AF070000
heap
page read and write
1C4CC200000
heap
page read and write
15185D19000
heap
page read and write
229D5D41000
heap
page read and write
21012C82000
heap
page read and write
E22B17F000
stack
page read and write
2A843D02000
heap
page read and write
CADCBFD000
stack
page read and write
2A843C29000
heap
page read and write
21012C5B000
heap
page read and write
229D5CA0000
heap
page read and write
15185502000
heap
page read and write
2A39E675000
heap
page read and write
285AFD1B000
heap
page read and write
285AF0B0000
heap
page read and write
20059E5C000
heap
page read and write
285AFD19000
heap
page read and write
2A39E648000
heap
page read and write
285AF10C000
heap
page read and write
1CDCB802000
heap
page read and write
285AF104000
heap
page read and write
285AF0DB000
heap
page read and write
2A39E64B000
heap
page read and write
20059E62000
heap
page read and write
285AF104000
heap
page read and write
20059D00000
heap
page read and write
285AFA18000
heap
page read and write
DA205F9000
stack
page read and write
2A39E62B000
heap
page read and write
285AF11D000
heap
page read and write
229D5D85000
heap
page read and write
1A0C47E000
stack
page read and write
15185451000
heap
page read and write
20059E13000
heap
page read and write
229D576C000
heap
page read and write
229D5D50000
heap
page read and write
1C4CC020000
heap
page read and write
2A843C6E000
heap
page read and write
229D5C40000
heap
page read and write
285AF0D7000
heap
page read and write
285AF0A4000
heap
page read and write
15185440000
heap
page read and write
285AFBC2000
heap
page read and write
285AF0E9000
heap
page read and write
285AF0CC000
heap
page read and write
229D5736000
heap
page read and write
21012C13000
heap
page read and write
285AF0D5000
heap
page read and write
20059E7B000
heap
page read and write
9DEB27C000
stack
page read and write
2A39E68B000
heap
page read and write
2A39E625000
heap
page read and write
15185513000
heap
page read and write
1A0CAFC000
stack
page read and write
285AFBCB000
heap
page read and write
2A39E64C000
heap
page read and write
509597F000
stack
page read and write
285AF0F6000
heap
page read and write
1BD02FC000
stack
page read and write
285AF0E2000
heap
page read and write
1CDCB86E000
heap
page read and write
1A0C77D000
stack
page read and write
9DEB07E000
stack
page read and write
D2344FF000
stack
page read and write
2A39E64E000
heap
page read and write
2005BA02000
trusted library allocation
page read and write
229D5725000
heap
page read and write
2A39E666000
heap
page read and write
285AF0EC000
heap
page read and write
285AF0E2000
heap
page read and write
285AFBCA000
heap
page read and write
2A39E67A000
heap
page read and write
285AFA28000
heap
page read and write
2A843B50000
heap
page read and write
285AFBCA000
heap
page read and write
285AF0CC000
heap
page read and write
20059D60000
heap
page read and write
CADCC7E000
stack
page read and write
1CDCB82B000
heap
page read and write
20059E7F000
heap
page read and write
285AF0DD000
heap
page read and write
285AF0AE000
heap
page read and write
285AF11D000
heap
page read and write
285AFBC0000
heap
page read and write
1C4CC245000
heap
page read and write
285AF09D000
heap
page read and write
285AF090000
heap
page read and write
2A39E4F0000
heap
page read and write
1A0C57E000
stack
page read and write
1C4CC313000
heap
page read and write
C91817C000
stack
page read and write
285AF0C5000
heap
page read and write
229D5C91000
heap
page read and write
20059CF0000
heap
page read and write
285AFBC5000
heap
page read and write
229D5D64000
heap
page read and write
1CDCB850000
heap
page read and write
285AF0C0000
heap
page read and write
285AF0FB000
heap
page read and write
285AF102000
heap
page read and write
CADC97D000
stack
page read and write
2A39E691000
heap
page read and write
229D56A7000
heap
page read and write
D23407B000
stack
page read and write
2A39E642000
heap
page read and write
285AF0EB000
heap
page read and write
285AF039000
heap
page read and write
285AFBC3000
heap
page read and write
285AF0F6000
heap
page read and write
285AF0DD000
heap
page read and write
2A39E66B000
heap
page read and write
1CDCB7F0000
trusted library allocation
page read and write
285AF0C0000
heap
page read and write
DA206FE000
stack
page read and write
285AF0BA000
heap
page read and write
1CDCB5C0000
heap
page read and write
229D5CFF000
heap
page read and write
285AF0D9000
heap
page read and write
1CDCB5D0000
heap
page read and write
20059DE0000
remote allocation
page read and write
1C4CC22B000
heap
page read and write
1CDCB843000
heap
page read and write
285AF0AE000
heap
page read and write
21012C79000
heap
page read and write
285AF0E4000
heap
page read and write
285AF0F1000
heap
page read and write
285AFA69000
heap
page read and write
285AF0B3000
heap
page read and write
285AEFA0000
heap
page read and write
285AF0C3000
heap
page read and write
509557C000
stack
page read and write
229D5D90000
heap
page read and write
E22B1FC000
stack
page read and write
229D5600000
heap
page read and write
285AF0AA000
heap
page read and write
2A39E65C000
heap
page read and write
1CDCB620000
heap
page read and write
285AFD24000
heap
page read and write
285AEF50000
heap
page read and write
285AFA1F000
heap
page read and write
DA2077E000
stack
page read and write
229D5930000
heap
page read and write
229D5D99000
heap
page read and write
1CDCB902000
heap
page read and write
15185380000
heap
page read and write
285AF11D000
heap
page read and write
CADC87E000
stack
page read and write
15185D43000
heap
page read and write
2A39E550000
heap
page read and write
2A843D00000
heap
page read and write
2A39E66C000
heap
page read and write
1A0C8FC000
stack
page read and write
20059F28000
heap
page read and write
229D5640000
trusted library allocation
page read and write
229D5718000
heap
page read and write
2A39E673000
heap
page read and write
285AF11A000
heap
page read and write
2A39E677000
heap
page read and write
2A39E580000
trusted library allocation
page read and write
C91827E000
stack
page read and write
285AF11A000
heap
page read and write
15185D4A000
heap
page read and write
285AF0C9000
heap
page read and write
285AFBC7000
heap
page read and write
285AF112000
heap
page read and write
285AFD26000
heap
page read and write
21012B60000
trusted library allocation
page read and write
15185B40000
trusted library allocation
page read and write
285AFA59000
heap
page read and write
1CDCB813000
heap
page read and write
229D5CCF000
heap
page read and write
2A844402000
trusted library allocation
page read and write
285AF0E4000
heap
page read and write
15185370000
heap
page read and write
20059E40000
heap
page read and write
20059D90000
trusted library allocation
page read and write
1C4CC25D000
heap
page read and write
2A39E69D000
heap
page read and write
1A0C678000
stack
page read and write
285AF0EC000
heap
page read and write
285AF100000
heap
page read and write
285AF0BE000
heap
page read and write
285AF0E4000
heap
page read and write
2A39EE02000
trusted library allocation
page read and write
21012C2B000
heap
page read and write
285AF0CC000
heap
page read and write
2A843C00000
heap
page read and write
21012B30000
heap
page read and write
2A39E686000
heap
page read and write
CADC77A000
stack
page read and write
229D5747000
heap
page read and write
285AF0B3000
heap
page read and write
2A39E649000
heap
page read and write
2A843C57000
heap
page read and write
2A843D17000
heap
page read and write
285AF08D000
heap
page read and write
21012D02000
heap
page read and write
DA2087E000
stack
page read and write
1518548C000
heap
page read and write
50959FC000
stack
page read and write
285AF0A8000
heap
page read and write
285AF0DD000
heap
page read and write
C917FFB000
stack
page read and write
21012C7C000
heap
page read and write
285AF102000
heap
page read and write
1BD06FF000
stack
page read and write
2A843C6E000
heap
page read and write
C9183FE000
stack
page read and write
50952FC000
stack
page read and write
1BCFBBB000
stack
page read and write
2A39E613000
heap
page read and write
285AF102000
heap
page read and write
9DEB17C000
stack
page read and write
509577B000
stack
page read and write
285AF0F9000
heap
page read and write
285AF09F000
heap
page read and write
285AF0E5000
heap
page read and write
285AF0DE000
heap
page read and write
2A39E662000
heap
page read and write
285AF0A7000
heap
page read and write
20059E00000
heap
page read and write
2A843C13000
heap
page read and write
229D56FC000
heap
page read and write
1C4CC010000
heap
page read and write
285AF114000
heap
page read and write
229D5D99000
heap
page read and write
285AF10B000
heap
page read and write
229D5699000
heap
page read and write
285AF0D9000
heap
page read and write
DA2047E000
stack
page read and write
2A39E671000
heap
page read and write
285AF0F1000
heap
page read and write
E22B2FE000
stack
page read and write
DA209FF000
stack
page read and write
1A0C7F8000
stack
page read and write
2A39E641000
heap
page read and write
2A39E63F000
heap
page read and write
285AF0A7000
heap
page read and write
285AF10A000
heap
page read and write
285AF0A9000
heap
page read and write
21012AD0000
heap
page read and write
285AF0B3000
heap
page read and write
15185425000
heap
page read and write
2A39E685000
heap
page read and write
DA2057B000
stack
page read and write
CADC6FE000
stack
page read and write
285AF0BA000
heap
page read and write
285AF265000
heap
page read and write
285AF0E4000
heap
page read and write
50954FF000
stack
page read and write
285AF0BA000
heap
page read and write
2A39E697000
heap
page read and write
229D5678000
heap
page read and write
285AF08C000
heap
page read and write
285AFBC7000
heap
page read and write
285AFB20000
heap
page read and write
229D5C81000
heap
page read and write
1BD00FF000
stack
page read and write
285AF09A000
heap
page read and write
285AF0DA000
heap
page read and write
21012C86000
heap
page read and write
285AF028000
heap
page read and write
2A39E647000
heap
page read and write
2A39E669000
heap
page read and write
1CDCB827000
heap
page read and write
5095AFF000
stack
page read and write
285AF0D6000
heap
page read and write
285AF0C3000
heap
page read and write
509587D000
stack
page read and write
229D5D5F000
heap
page read and write
1C4CC080000
heap
page read and write
2A39E664000
heap
page read and write
21012D13000
heap
page read and write
C917AEB000
stack
page read and write
CADCAFD000
stack
page read and write
229D5D09000
heap
page read and write
285AF112000
heap
page read and write
1BCFFFB000
stack
page read and write
285AF0D9000
heap
page read and write
DA2067F000
stack
page read and write
2A39E65A000
heap
page read and write
1C4CC190000
trusted library allocation
page read and write
2A39E654000
heap
page read and write
E22B0FB000
stack
page read and write
2A39E68D000
heap
page read and write
DA208F9000
stack
page read and write
15185C02000
heap
page read and write
C9182FE000
stack
page read and write
15185D00000
heap
page read and write
151854C8000
heap
page read and write
229D5D41000
heap
page read and write
285AF03E000
heap
page read and write
2A843BC0000
heap
page read and write
5095BFE000
stack
page read and write
285AF0C9000
heap
page read and write
285AF0F6000
heap
page read and write
285AF104000
heap
page read and write
1CDCB85C000
heap
page read and write
285AF100000
heap
page read and write
285AF0CC000
heap
page read and write
285AFD1E000
heap
page read and write
285AF05A000
heap
page read and write
E22AD47000
stack
page read and write
285AFD10000
heap
page read and write
285AF11A000
heap
page read and write
21012AE0000
heap
page read and write
285AF112000
heap
page read and write
2A39E645000
heap
page read and write
DA204FE000
stack
page read and write
285AF10A000
heap
page read and write
1C4CC202000
heap
page read and write
1C4CC302000
heap
page read and write
285AF0FB000
heap
page read and write
285AF10B000
heap
page read and write
285AF09F000
heap
page read and write
229D5D89000
heap
page read and write
2A39E65D000
heap
page read and write
20059F13000
heap
page read and write
2A843BF0000
trusted library allocation
page read and write
285AF260000
heap
page read and write
285AF0F2000
heap
page read and write
229D54D0000
heap
page read and write
285AF0ED000
heap
page read and write
285AFA18000
heap
page read and write
21012C00000
heap
page read and write
229D5CBF000
heap
page read and write
285AFA18000
heap
page read and write
20059E02000
heap
page read and write
285AF0BE000
heap
page read and write
229D5D89000
heap
page read and write
151853E0000
heap
page read and write
285AF0DD000
heap
page read and write
15185413000
heap
page read and write
2A39E644000
heap
page read and write
285AF085000
heap
page read and write
285AEFC0000
heap
page read and write
1C4CC244000
heap
page read and write
285AF085000
heap
page read and write
285AF0EA000
heap
page read and write
285AF097000
heap
page read and write
2A39E646000
heap
page read and write
2A39E600000
heap
page read and write
21013402000
trusted library allocation
page read and write
285AFBC4000
heap
page read and write
285AF0BE000
heap
page read and write
229D56B0000
heap
page read and write
21012C69000
heap
page read and write
2A843C43000
heap
page read and write
285AF0CC000
heap
page read and write
229D5C88000
heap
page read and write
2A843C02000
heap
page read and write
2A39E4E0000
heap
page read and write
285AFD21000
heap
page read and write
E22B27E000
stack
page read and write
1A0C27B000
stack
page read and write
15185496000
heap
page read and write
285AF0C5000
heap
page read and write
285AF061000
heap
page read and write
285AF085000
heap
page read and write
285AF09B000
heap
page read and write
15185D1F000
heap
page read and write
229D5D41000
heap
page read and write
2A39E65E000
heap
page read and write
285AFA10000
heap
page read and write
285AF0D6000
heap
page read and write
285AF10A000
heap
page read and write
2A39E66A000
heap
page read and write
1A0C6FE000
stack
page read and write
1BD05FD000
stack
page read and write
D2345FE000
stack
page read and write
1CDCBE02000
trusted library allocation
page read and write
15185400000
heap
page read and write
285AFA1A000
heap
page read and write
2A39E663000
heap
page read and write
285AF0AA000
heap
page read and write
1518542B000
heap
page read and write
229D5D85000
heap
page read and write
285AF0C4000
heap
page read and write
285AF0B1000
heap
page read and write
20059E2B000
heap
page read and write
229D5670000
heap
page read and write
285AFA61000
heap
page read and write
2A39E65F000
heap
page read and write
229D5CDF000
heap
page read and write
2A843D13000
heap
page read and write
285AF0AE000
heap
page read and write
D2340FE000
stack
page read and write
2A843B60000
heap
page read and write
285AF04A000
heap
page read and write
1BD04FF000
stack
page read and write
21012C7A000
heap
page read and write
C9180FD000
stack
page read and write
285AF0D3000
heap
page read and write
285AFD17000
heap
page read and write
285AFD1C000
heap
page read and write
E22B07F000
stack
page read and write
D2342FE000
stack
page read and write
285AFBCA000
heap
page read and write
2A39E660000
heap
page read and write
2A39E668000
heap
page read and write
509567E000
stack
page read and write
2A39E67D000
heap
page read and write
20059F17000
heap
page read and write
1BD01FE000
stack
page read and write
285AF106000
heap
page read and write
21012C8D000
heap
page read and write
2A843C0B000
heap
page read and write
285AF112000
heap
page read and write
285AF020000
heap
page read and write
21012C6A000
heap
page read and write
229D571D000
heap
page read and write
2A39E66F000
heap
page read and write
285AF064000
heap
page read and write
E22ADCF000
stack
page read and write
1C4CC180000
trusted library allocation
page read and write
285AF0B7000
heap
page read and write
285AF11A000
heap
page read and write
D23417E000
stack
page read and write
15185D40000
heap
page read and write
285AF0CE000
heap
page read and write
285AF0F6000
heap
page read and write
285AF099000
heap
page read and write
285AFBCE000
heap
page read and write
DA200ED000
stack
page read and write
151854D9000
heap
page read and write
21012C02000
heap
page read and write
285AF080000
heap
page read and write
21012C76000
heap
page read and write
20059E6F000
heap
page read and write
CADC57D000
stack
page read and write
285AF04F000
heap
page read and write
21012C42000
heap
page read and write
20059DE0000
remote allocation
page read and write
1CDCB800000
heap
page read and write
285AF0D5000
heap
page read and write
2A39E636000
heap
page read and write
9DEAEFE000
stack
page read and write
285AF112000
heap
page read and write
CADC67E000
stack
page read and write
1C4CC26F000
heap
page read and write
285AF115000
heap
page read and write
285AF052000
heap
page read and write
20059DE0000
remote allocation
page read and write
2A39E702000
heap
page read and write
5094EBB000
stack
page read and write
20059DB0000
trusted library allocation
page read and write
D2343FE000
stack
page read and write
9DEAADC000
stack
page read and write
20059E3A000
heap
page read and write
1A0C9FE000
stack
page read and write
229D5687000
heap
page read and write
15185D12000
heap
page read and write
1C4CC213000
heap
page read and write
285AF077000
heap
page read and write
229D5C8D000
heap
page read and write
285AF0BE000
heap
page read and write
229D5D85000
heap
page read and write
CADC9FF000
stack
page read and write
2A39E693000
heap
page read and write
1C4CCA02000
trusted library allocation
page read and write
285AF0BE000
heap
page read and write
285AF0CC000
heap
page read and write
229D5C8B000
heap
page read and write
229D5701000
heap
page read and write
CADC27B000
stack
page read and write
20059F02000
heap
page read and write
2A39E66D000
heap
page read and write
285AF0E4000
heap
page read and write
1C4CC234000
heap
page read and write
2A39E682000
heap
page read and write
20059F00000
heap
page read and write
DA207F9000
stack
page read and write
229D5620000
heap
page read and write
1BD03FE000
stack
page read and write
2A39E680000
heap
page read and write
229D5935000
heap
page read and write
There are 467 hidden memdumps, click here to show them.