Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
101_Labs_Cisco_CCNA.pdf
|
PDF document, version 1.4, 9 pages
|
initial sample
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\39c14c1f4b086971_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0
|
data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6267ed4d4a13f54b_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index~RF685385.TMP (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_05349744be1ad4ad_0_1 (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_0998db3a32ab3f41_0_1 (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_56c4cd218555ae2b_0_1 (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_91cec06bb2836fa5_0_1 (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_927a1596c37ebe5e_0_1 (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_aba6710fde0876af_0_1 (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\todelete_f0cf6dfa8a1afa3d_0_1 (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old~RF67e0a6.TMP (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-230108235837Z-455.bmp
|
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3024000, file counter 12, database pages 15, cookie 0x5, schema 4,
UTF-8, version-valid-for 12
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_store
|
data
|
dropped
|
There are 50 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\101_Labs_Cisco_CCNA.pdf
|
||
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.howtonetwork.com/)
|
unknown
|
||
|
https://www.101labs.net/)
|
unknown
|
||
|
http://www.in60days.com/)
|
unknown
|
||
|
http://www.101labs.net/resources)
|
unknown
|
||
|
https://calibre-ebook.com
|
unknown
|
||
|
http://www.101labs.net/)
|
unknown
|
||
|
http://www.mypage.com/)
|
unknown
|
||
|
https://www.onworks.net/)
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6FDE87F000
|
stack
|
page read and write
|
||
|
22C13273000
|
heap
|
page read and write
|
||
|
15A36868000
|
heap
|
page read and write
|
||
|
6FDE67F000
|
stack
|
page read and write
|
||
|
22C13A02000
|
trusted library allocation
|
page read and write
|
||
|
207F9480000
|
heap
|
page read and write
|
||
|
6FDE77C000
|
stack
|
page read and write
|
||
|
3279D3C000
|
stack
|
page read and write
|
||
|
EB9C79B000
|
stack
|
page read and write
|
||
|
F0C617F000
|
stack
|
page read and write
|
||
|
F0C657E000
|
stack
|
page read and write
|
||
|
324A9CB000
|
stack
|
page read and write
|
||
|
15A37122000
|
heap
|
page read and write
|
||
|
1F94C1E0000
|
trusted library allocation
|
page read and write
|
||
|
24F44C02000
|
trusted library allocation
|
page read and write
|
||
|
26B60802000
|
heap
|
page read and write
|
||
|
4313DFA000
|
stack
|
page read and write
|
||
|
24F44502000
|
heap
|
page read and write
|
||
|
90FA0BB000
|
stack
|
page read and write
|
||
|
15A37100000
|
heap
|
page read and write
|
||
|
15A37154000
|
heap
|
page read and write
|
||
|
22C1327D000
|
heap
|
page read and write
|
||
|
EB9CD7E000
|
stack
|
page read and write
|
||
|
24F4446E000
|
heap
|
page read and write
|
||
|
4313A7E000
|
stack
|
page read and write
|
||
|
26B60848000
|
heap
|
page read and write
|
||
|
6FDE47B000
|
stack
|
page read and write
|
||
|
22C1324E000
|
heap
|
page read and write
|
||
|
22C13267000
|
heap
|
page read and write
|
||
|
24F44513000
|
heap
|
page read and write
|
||
|
90FA7FE000
|
stack
|
page read and write
|
||
|
22C131C0000
|
trusted library allocation
|
page read and write
|
||
|
22C13302000
|
heap
|
page read and write
|
||
|
207F9F00000
|
heap
|
page read and write
|
||
|
22C1325E000
|
heap
|
page read and write
|
||
|
22C13241000
|
heap
|
page read and write
|
||
|
1F94C010000
|
heap
|
page read and write
|
||
|
26B6082A000
|
heap
|
page read and write
|
||
|
15A37002000
|
heap
|
page read and write
|
||
|
22C13262000
|
heap
|
page read and write
|
||
|
15A366A0000
|
heap
|
page read and write
|
||
|
22C13261000
|
heap
|
page read and write
|
||
|
F0C627F000
|
stack
|
page read and write
|
||
|
22C13202000
|
heap
|
page read and write
|
||
|
43134CB000
|
stack
|
page read and write
|
||
|
19138150000
|
trusted library allocation
|
page read and write
|
||
|
207F9666000
|
heap
|
page read and write
|
||
|
15A3682A000
|
heap
|
page read and write
|
||
|
22C13269000
|
heap
|
page read and write
|
||
|
19138180000
|
remote allocation
|
page read and write
|
||
|
22C1325F000
|
heap
|
page read and write
|
||
|
90FA5FE000
|
stack
|
page read and write
|
||
|
F0C607E000
|
stack
|
page read and write
|
||
|
19138229000
|
heap
|
page read and write
|
||
|
324B07F000
|
stack
|
page read and write
|
||
|
22C13240000
|
heap
|
page read and write
|
||
|
90FA57C000
|
stack
|
page read and write
|
||
|
15A37102000
|
heap
|
page read and write
|
||
|
22C13264000
|
heap
|
page read and write
|
||
|
4313EFF000
|
stack
|
page read and write
|
||
|
17DCD413000
|
heap
|
page read and write
|
||
|
1F94C23B000
|
heap
|
page read and write
|
||
|
1F94C22F000
|
heap
|
page read and write
|
||
|
AE0C47B000
|
stack
|
page read and write
|
||
|
26B60918000
|
heap
|
page read and write
|
||
|
22C13213000
|
heap
|
page read and write
|
||
|
AE0C27B000
|
stack
|
page read and write
|
||
|
90FA47E000
|
stack
|
page read and write
|
||
|
17DCD2B0000
|
heap
|
page read and write
|
||
|
324B17E000
|
stack
|
page read and write
|
||
|
207F9640000
|
heap
|
page read and write
|
||
|
19138241000
|
heap
|
page read and write
|
||
|
6FDE2FC000
|
stack
|
page read and write
|
||
|
17DCD310000
|
heap
|
page read and write
|
||
|
24F442E0000
|
heap
|
page read and write
|
||
|
207F96E1000
|
heap
|
page read and write
|
||
|
207F9664000
|
heap
|
page read and write
|
||
|
22C13283000
|
heap
|
page read and write
|
||
|
17DCD46F000
|
heap
|
page read and write
|
||
|
26B60902000
|
heap
|
page read and write
|
||
|
EB9CF7F000
|
stack
|
page read and write
|
||
|
324B57F000
|
stack
|
page read and write
|
||
|
15A37200000
|
heap
|
page read and write
|
||
|
19138180000
|
remote allocation
|
page read and write
|
||
|
22C1323C000
|
heap
|
page read and write
|
||
|
17DCD45A000
|
heap
|
page read and write
|
||
|
43138FB000
|
stack
|
page read and write
|
||
|
26B62270000
|
trusted library allocation
|
page read and write
|
||
|
17DCD47E000
|
heap
|
page read and write
|
||
|
17DCD402000
|
heap
|
page read and write
|
||
|
15A37122000
|
heap
|
page read and write
|
||
|
207F9702000
|
heap
|
page read and write
|
||
|
207F95F0000
|
trusted library allocation
|
page read and write
|
||
|
24F44500000
|
heap
|
page read and write
|
||
|
15A3688D000
|
heap
|
page read and write
|
||
|
17DCD464000
|
heap
|
page read and write
|
||
|
26B60900000
|
heap
|
page read and write
|
||
|
AE0C17B000
|
stack
|
page read and write
|
||
|
1F94C200000
|
heap
|
page read and write
|
||
|
22C130C0000
|
heap
|
page read and write
|
||
|
15A369B9000
|
heap
|
page read and write
|
||
|
AE0BE7B000
|
stack
|
page read and write
|
||
|
19137FF0000
|
heap
|
page read and write
|
||
|
26B607B0000
|
heap
|
page read and write
|
||
|
19137FE0000
|
heap
|
page read and write
|
||
|
EB9CE7E000
|
stack
|
page read and write
|
||
|
17DCD423000
|
heap
|
page read and write
|
||
|
15A3683C000
|
heap
|
page read and write
|
||
|
19138050000
|
heap
|
page read and write
|
||
|
207F94F0000
|
heap
|
page read and write
|
||
|
22C13279000
|
heap
|
page read and write
|
||
|
324B27F000
|
stack
|
page read and write
|
||
|
17DCD476000
|
heap
|
page read and write
|
||
|
324ADFB000
|
stack
|
page read and write
|
||
|
4313BF9000
|
stack
|
page read and write
|
||
|
22C1323A000
|
heap
|
page read and write
|
||
|
1F94BFB0000
|
heap
|
page read and write
|
||
|
24F4443C000
|
heap
|
page read and write
|
||
|
6FDE17F000
|
stack
|
page read and write
|
||
|
15A371BF000
|
heap
|
page read and write
|
||
|
22C13263000
|
heap
|
page read and write
|
||
|
1F94C202000
|
heap
|
page read and write
|
||
|
324B67F000
|
stack
|
page read and write
|
||
|
6FDE3FD000
|
stack
|
page read and write
|
||
|
6FDE27F000
|
stack
|
page read and write
|
||
|
15A36886000
|
heap
|
page read and write
|
||
|
207F96BD000
|
heap
|
page read and write
|
||
|
207F966D000
|
heap
|
page read and write
|
||
|
90FA97D000
|
stack
|
page read and write
|
||
|
1F94C213000
|
heap
|
page read and write
|
||
|
1F94BFC0000
|
heap
|
page read and write
|
||
|
19138180000
|
remote allocation
|
page read and write
|
||
|
22C13258000
|
heap
|
page read and write
|
||
|
22C13242000
|
heap
|
page read and write
|
||
|
22C13248000
|
heap
|
page read and write
|
||
|
26B60870000
|
heap
|
page read and write
|
||
|
90FAA7D000
|
stack
|
page read and write
|
||
|
22C1325C000
|
heap
|
page read and write
|
||
|
26B60858000
|
heap
|
page read and write
|
||
|
22C13257000
|
heap
|
page read and write
|
||
|
24F44340000
|
heap
|
page read and write
|
||
|
22C13234000
|
heap
|
page read and write
|
||
|
17DCD502000
|
heap
|
page read and write
|
||
|
17DCD465000
|
heap
|
page read and write
|
||
|
22C13276000
|
heap
|
page read and write
|
||
|
17DCD400000
|
heap
|
page read and write
|
||
|
207F9F32000
|
heap
|
page read and write
|
||
|
24F44454000
|
heap
|
page read and write
|
||
|
15A36875000
|
heap
|
page read and write
|
||
|
207F9613000
|
heap
|
page read and write
|
||
|
327A47E000
|
stack
|
page read and write
|
||
|
207F9490000
|
heap
|
page read and write
|
||
|
F0C5EFC000
|
stack
|
page read and write
|
||
|
15A36E80000
|
trusted library allocation
|
page read and write
|
||
|
19138202000
|
heap
|
page read and write
|
||
|
24F442D0000
|
heap
|
page read and write
|
||
|
26B62402000
|
trusted library allocation
|
page read and write
|
||
|
22C13256000
|
heap
|
page read and write
|
||
|
15A36E60000
|
trusted library allocation
|
page read and write
|
||
|
207F9688000
|
heap
|
page read and write
|
||
|
15A37143000
|
heap
|
page read and write
|
||
|
19138213000
|
heap
|
page read and write
|
||
|
F0C647D000
|
stack
|
page read and write
|
||
|
327A37E000
|
stack
|
page read and write
|
||
|
26B60750000
|
heap
|
page read and write
|
||
|
1F94C229000
|
heap
|
page read and write
|
||
|
207F96CE000
|
heap
|
page read and write
|
||
|
15A37196000
|
heap
|
page read and write
|
||
|
22C13259000
|
heap
|
page read and write
|
||
|
17DCD454000
|
heap
|
page read and write
|
||
|
324B77F000
|
stack
|
page read and write
|
||
|
15A36913000
|
heap
|
page read and write
|
||
|
EB9CA7E000
|
stack
|
page read and write
|
||
|
207F9629000
|
heap
|
page read and write
|
||
|
24F44370000
|
trusted library allocation
|
page read and write
|
||
|
26B60913000
|
heap
|
page read and write
|
||
|
F0C667D000
|
stack
|
page read and write
|
||
|
24F44428000
|
heap
|
page read and write
|
||
|
17DCD2A0000
|
heap
|
page read and write
|
||
|
26B60813000
|
heap
|
page read and write
|
||
|
15A37223000
|
heap
|
page read and write
|
||
|
327A17E000
|
stack
|
page read and write
|
||
|
EB9CC7E000
|
stack
|
page read and write
|
||
|
19138257000
|
heap
|
page read and write
|
||
|
90FA87E000
|
stack
|
page read and write
|
||
|
24F44479000
|
heap
|
page read and write
|
||
|
324B87E000
|
stack
|
page read and write
|
||
|
1F94C23E000
|
heap
|
page read and write
|
||
|
1F94C246000
|
heap
|
page read and write
|
||
|
F0C637C000
|
stack
|
page read and write
|
||
|
26B60889000
|
heap
|
page read and write
|
||
|
22C13274000
|
heap
|
page read and write
|
||
|
26B60740000
|
heap
|
page read and write
|
||
|
15A37227000
|
heap
|
page read and write
|
||
|
4313B7C000
|
stack
|
page read and write
|
||
|
26B62360000
|
remote allocation
|
page read and write
|
||
|
26B622A0000
|
trusted library allocation
|
page read and write
|
||
|
324B47F000
|
stack
|
page read and write
|
||
|
207F9E02000
|
heap
|
page read and write
|
||
|
1F94C302000
|
heap
|
page read and write
|
||
|
22C13229000
|
heap
|
page read and write
|
||
|
22C13060000
|
heap
|
page read and write
|
||
|
19138200000
|
heap
|
page read and write
|
||
|
15A36800000
|
heap
|
page read and write
|
||
|
15A37230000
|
heap
|
page read and write
|
||
|
15A369E5000
|
heap
|
page read and write
|
||
|
4313CFF000
|
stack
|
page read and write
|
||
|
22C13227000
|
heap
|
page read and write
|
||
|
F0C5ADB000
|
stack
|
page read and write
|
||
|
22C1326C000
|
heap
|
page read and write
|
||
|
26B607E0000
|
trusted library allocation
|
page read and write
|
||
|
17DCD513000
|
heap
|
page read and write
|
||
|
17DCDC02000
|
trusted library allocation
|
page read and write
|
||
|
1F94C24A000
|
heap
|
page read and write
|
||
|
EB9CAFE000
|
stack
|
page read and write
|
||
|
15A36843000
|
heap
|
page read and write
|
||
|
22C13255000
|
heap
|
page read and write
|
||
|
26B62360000
|
remote allocation
|
page read and write
|
||
|
1913825F000
|
heap
|
page read and write
|
||
|
22C13200000
|
heap
|
page read and write
|
||
|
1F94C802000
|
trusted library allocation
|
page read and write
|
||
|
26B6086B000
|
heap
|
page read and write
|
||
|
90FA6FF000
|
stack
|
page read and write
|
||
|
207F9600000
|
heap
|
page read and write
|
||
|
26B60858000
|
heap
|
page read and write
|
||
|
22C13231000
|
heap
|
page read and write
|
||
|
15A36813000
|
heap
|
page read and write
|
||
|
6FDE57D000
|
stack
|
page read and write
|
||
|
17DCD429000
|
heap
|
page read and write
|
||
|
26B60857000
|
heap
|
page read and write
|
||
|
15A3698E000
|
heap
|
page read and write
|
||
|
15A36893000
|
heap
|
page read and write
|
||
|
24F44402000
|
heap
|
page read and write
|
||
|
24F44413000
|
heap
|
page read and write
|
||
|
26B60862000
|
heap
|
page read and write
|
||
|
15A37213000
|
heap
|
page read and write
|
||
|
22C1327A000
|
heap
|
page read and write
|
||
|
22C1326A000
|
heap
|
page read and write
|
||
|
19138A02000
|
trusted library allocation
|
page read and write
|
||
|
26B60800000
|
heap
|
page read and write
|
||
|
15A37202000
|
heap
|
page read and write
|
||
|
22C13050000
|
heap
|
page read and write
|
||
|
15A36856000
|
heap
|
page read and write
|
||
|
15A36690000
|
heap
|
page read and write
|
||
|
6FDDB9C000
|
stack
|
page read and write
|
||
|
17DCD43D000
|
heap
|
page read and write
|
||
|
15A371B1000
|
heap
|
page read and write
|
||
|
26B622E0000
|
trusted library allocation
|
page read and write
|
||
|
26B60840000
|
heap
|
page read and write
|
||
|
6FDDFFB000
|
stack
|
page read and write
|
||
|
19138302000
|
heap
|
page read and write
|
||
|
24F44400000
|
heap
|
page read and write
|
||
|
24F4445F000
|
heap
|
page read and write
|
||
|
15A36878000
|
heap
|
page read and write
|
||
|
207F96C7000
|
heap
|
page read and write
|
||
|
324B37D000
|
stack
|
page read and write
|
||
|
1F94C255000
|
heap
|
page read and write
|
||
|
22C13260000
|
heap
|
page read and write
|
||
|
26B62360000
|
remote allocation
|
page read and write
|
||
|
26B60848000
|
heap
|
page read and write
|
||
|
15A37173000
|
heap
|
page read and write
|
||
|
207F9713000
|
heap
|
page read and write
|
||
|
AE0C37E000
|
stack
|
page read and write
|
||
|
24F44475000
|
heap
|
page read and write
|
||
|
15A36700000
|
heap
|
page read and write
|
||
|
15A36895000
|
heap
|
page read and write
|
||
|
17DCDA70000
|
trusted library allocation
|
page read and write
|
||
|
4313F7F000
|
stack
|
page read and write
|
||
|
26B60847000
|
heap
|
page read and write
|
||
|
4313FFE000
|
stack
|
page read and write
|
||
|
22C1325A000
|
heap
|
page read and write
|
||
|
15A371C7000
|
heap
|
page read and write
|
||
|
324AF7C000
|
stack
|
page read and write
|
||
|
327A279000
|
stack
|
page read and write
|
||
|
15A36865000
|
heap
|
page read and write
|
||
|
15A36859000
|
heap
|
page read and write
|
There are 266 hidden memdumps, click here to show them.