IOC Report
SecuriteInfo.com.Win32.Trojan.PSE.1G80G6X.7216.15072.exe

loading gif

Files

File Path
Type
Category
Malicious
SecuriteInfo.com.Win32.Trojan.PSE.1G80G6X.7216.15072.exe
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
initial sample
 malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_204454340d62a71d08cbd555255239a29f2fb7_7335685e_02342cf2\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1CE4.tmp.dmp
Mini DuMP crash report, 14 streams, Wed Feb 8 03:55:36 2023, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1E1E.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1EAB.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
C:\Windows\appcompat\Programs\Amcache.hve.LOG1
MS Windows registry file, NT/2000 or above
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_8b8aab2d3044b37bde8ae2665b0819910cdd8be_7335685e_095836a8\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER172A.tmp.dmp
Mini DuMP crash report, 14 streams, Wed Feb 8 03:47:54 2023, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER17F6.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1864.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.PSE.1G80G6X.7216.15072.exe
C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.PSE.1G80G6X.7216.15072.exe
 malicious
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2104 -s 212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2368 -s 212

URLs

Name
IP
Malicious
https://images-ext-1.discordapp.net:
unknown
https://5bcfae2f38d0e143c888d07ec9733d8c.s
unknown
https://www.dogfight360.com/blog
unknown
https://countess.twitch.tv:
unknown
https://eaassets-a.akam
unknown
https://c58c9f027b8d0739f6b6d94b831e1010.steam302.xyz
unknown
https://cvp.twitch.tv:
unknown
https://status.discordapp.com:
unknown
https://dev.twitch.tv:
unknown
https://passport.twitch.tv:
unknown
https://bd4a0c7567edeaa0401463857c28ead7.steam302.xyz
unknown
https://gds-vhs-drops-campaign-images.twitch.tv:
unknown
https://id-cdn.twitch.tv:
unknown
https://usher.ttvnw.net:
unknown
https://104.16.52.111
unknown
https://aa88a8ab3fabc0c5d90ca85c9442a948.steam302.xyz
unknown
https://discordapp.com:
unknown
https://steamuserimages-a.akamaihd.net
unknown
https://95df2ea9aba3e1cad7f8f4526047b63b.steam302.xyz
unknown
https://5a895ed07aed1b254ee21cd78958ae0b.steam302.xyz
unknown
https://c2491d9d37e95faee1c67e314ae9a4bb.steam302.xyz
unknown
https://vod-metro.twitch.tv:
unknown
https://api.twitch.tv:
unknown
http://www.clamav.net
unknown
https://origin-a.akamaihd.net:
unknown
https://steamcommunity-a.akamaihd.ne
unknown
https://link.twitch.
unknown
https://id.twitch.tv:
unknown
https://link.twitch.tv:
unknown
https://eaassets-a.akamaihd.net
unknown
https://104.16.54.111
unknown
https://clips.twitch.tv:
unknown
https://aws.amazon.com
unknown
https://104.17.2.37
unknown
https://2f16aa2ed3889461cd1076540300a6b3.steam302.xyz
unknown
https://pubsub-edge.twitch.tv:
unknown
https://6d7b94f6a3142075c6e14f949daff580.steam302.xyz
unknown
https://gql.twitc
unknown
https://06b67885560f95cbdf0ba34722e8d33c.steam302.xyz
unknown
https://us-west-2.uploads-regional.twitch.tv:
unknown
https://steamcn.com/t419530-1-1
unknown
https://1da58962a7dd53edd9775f6f74ff14e5.steam302.xyz
unknown
https://dl.discordapp.net:
unknown
http://usher.steam302.xyz
unknown
https://steamcdn-a.akamaihd.net:
unknown
https://music.twitch.tv:
unknown
https://steamstore-a.akamaihd.net
unknown
https://player.twitch.tv:
unknown
https://www.twitch.tv:
unknown
https://162.159.129.233
unknown
https://162.159.129.232
unknown
https://clips-media-assets2.twitch.tv:
unknown
https://m.twitch.tv:
unknown
https://gateway.discord.gg:
unknown
https://2973c6ca0e111662ed293b57dbae9fbf.steam302.xyz
unknown
https://6d859be7aa0440f65c8a940ef5218337.steam302.xyz
unknown
https://gateway.discord.gg
unknown
https://images-ext-2.discordapp.net:
unknown
https://vod-storyboards.twitch.tv:
unknown
http://vluki-a.akamaihd.net
unknown
https://steamcommunity-a.akam
unknown
https://irc-ws.chat.twitch.tv:
unknown
https://2f9e9e61f7236db30c1ce0bb9d53581b.steam302.xyz
unknown
https://app.twitch.tv:
unknown
https://steamcommunity-a.akamai
unknown
https://104.16.51.111
unknown
https://7106a273bf3bbce901b765718ecbe69b.steam302.xyz
unknown
https://platform.twitter.com:
unknown
https://890c88446f94f25bd32a3f1e0df6c120.steam302.xyz
unknown
https://blog.twitch.tv:
unknown
https://b3a0f6b6d20e3408d1725780186c54d3.steam302.xyz
unknown
https://gql.twitch.tv:
unknown
https://extension-files.twitch.tv:
unknown
https://eaassets-a.akamaihd
unknown
https://fb96613da2b5475079b93f4be2e94cd3.steam302.xyz
unknown
https://43658a3dbcfbc284a9030abbc3691c30.steam302.xyz
unknown
https://client-event-reporter.twitch.tv:
unknown
https://twitch.tv:
unknown
https://104.16.53.111
unknown
https://inspector.twitch.tv:
unknown
http://cctv4-lh.akamaihd.net
unknown
https://e320c9db4f90dd219ab379f6a5e50dbd.steam302.xyz
unknown
https://dbc180c27b3635f9e5b006f3a037b87e.steam302.xyz
unknown
https://static2.cdn.ubi.com
unknown
https://steampipe.ak
unknown
http://toots-a.akamaihd.net
unknown
https://spade.twitch.tv:
unknown
https://media.discordapp.net:
unknown
http://hgtv-i.akamaihd.net
unknown
https://support.discordapp.com:
unknown
https://trowel.twitch.tv:
unknown
https://985a89155dd090eacda1b82388e334ed.steam302.xyz
unknown
https://store.steampowered.com:
unknown
https://104.16.55.111
unknown
https://help.twitch.tv:
unknown
http://upx.sf.net
unknown
https://5dd1e18eb1a29671b73c32e518b37111.steam302.xyz
unknown
https://91b1eb7256ac2992f03fe0c7e7ef998d.steam302.xyz
unknown
https://e8304b1598fbfa673d2055f0a3342d7a.steam302.xyz
unknown
https://1d23669ea58a590fd66d9204d4301563.steam302.xyz
unknown
There are 90 hidden URLs, click here to show them.

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
AmiHivePermissionsCorrect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
AmiHiveOwnerCorrect
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
ProgramId
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
FileId
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
LowerCaseLongPath
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
LongPathHash
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
Name
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
Publisher
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
Version
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
BinFileVersion
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
BinaryType
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
ProductName
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
ProductVersion
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
LinkDate
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
BinProductVersion
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
Size
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
Language
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
IsPeFile
\REGISTRY\A\{ed05a684-a93a-a759-9ee9-599b2bf9b9c7}\Root\InventoryApplicationFile\securiteinfo.com|34595f7e
IsOsComponent
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
ExceptionRecord
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
001880093E8CB651
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
ProgramId
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
FileId
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
LowerCaseLongPath
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
LongPathHash
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
Name
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
Publisher
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
Version
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
BinFileVersion
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
BinaryType
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
ProductName
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
ProductVersion
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
LinkDate
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
BinProductVersion
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
Size
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
Language
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
IsPeFile
\REGISTRY\A\{d0002fcf-02a9-b331-d719-93ce42d98bee}\Root\InventoryApplicationFile\securiteinfo.com|74c31352
IsOsComponent
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
001880093E844BFD
There are 32 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
1C3B6213000
unkown
page read and write
8EE58FF000
stack
page read and write
1F1838BB000
heap
page read and write
24012E50000
heap
page read and write
1DC35202000
trusted library allocation
page read and write
B27C4AB000
stack
page read and write
8EE5AFC000
stack
page read and write
1C3B6238000
heap
page read and write
1DC34A52000
heap
page read and write
24013802000
trusted library allocation
page read and write
21319D13000
heap
page read and write
22AF37B000
stack
page read and write
241E7092000
heap
page read and write
24012E46000
heap
page read and write
241E702F000
heap
page read and write
B27CC7E000
stack
page read and write
1C3B6500000
heap
page read and write
8EE5BFE000
stack
page read and write
1C3B6502000
heap
page read and write
22AF67C000
stack
page read and write
69561CD000
stack
page read and write
241E7C28000
heap
page read and write
400000
unkown
page readonly
BF9F7FF000
stack
page read and write
1F183780000
heap
page read and write
BAF65FF000
stack
page read and write
241E7090000
heap
page read and write
1F1838E9000
heap
page read and write
24012E4E000
heap
page read and write
241E7083000
heap
page read and write
401000
unkown
page execute and read and write
1F183845000
heap
page read and write
400000
unkown
page readonly
1C3B6302000
trusted library allocation
page read and write
1C3B6228000
heap
page read and write
1DC34810000
heap
page read and write
50B000
unkown
page execute and read and write
1C3B5F90000
heap
page read and write
BF9F87F000
stack
page read and write
1F183813000
heap
page read and write
1F1838E1000
heap
page read and write
21319C02000
heap
page read and write
B27CB7E000
stack
page read and write
1DC34A45000
heap
page read and write
1AE99A51000
heap
page read and write
6956979000
stack
page read and write
241E706A000
heap
page read and write
1AE99B02000
heap
page read and write
241E7C13000
heap
page read and write
19E000
stack
page read and write
21319C70000
heap
page read and write
BF9FAFC000
stack
page read and write
1C3B6300000
trusted library allocation
page read and write
24012E47000
heap
page read and write
BAF61FB000
stack
page read and write
1F18387F000
heap
page read and write
241E6FC0000
heap
page read and write
24012E65000
heap
page read and write
BAF5BDB000
stack
page read and write
24012E7B000
heap
page read and write
2F7907E000
stack
page read and write
24012E67000
heap
page read and write
50B000
unkown
page execute and read and write
24012E40000
heap
page read and write
1AE99A29000
heap
page read and write
24012E75000
heap
page read and write
24012E84000
heap
page read and write
1F1837F0000
heap
page read and write
241E7013000
heap
page read and write
241E7BBD000
heap
page read and write
1AE9A2A0000
remote allocation
page read and write
24012E00000
heap
page read and write
24012E60000
heap
page read and write
241E706C000
heap
page read and write
24012E64000
heap
page read and write
241E71A1000
heap
page read and write
5D0000
heap
page read and write
1DC34B02000
heap
page read and write
517000
unkown
page execute and read and write
21319AE0000
heap
page read and write
24012E61000
heap
page read and write
24012DD0000
heap
page read and write
21319C13000
heap
page read and write
1AE99A02000
heap
page read and write
8EE59FA000
stack
page read and write
241E7B6F000
heap
page read and write
1AE9A270000
trusted library allocation
page read and write
1F184090000
trusted library allocation
page read and write
1F1838C4000
heap
page read and write
1DC34A2E000
heap
page read and write
1DC34A3D000
heap
page read and write
1AE99A13000
heap
page read and write
2F78C7C000
stack
page read and write
241E7BB1000
heap
page read and write
1DC34910000
trusted library allocation
page read and write
241E705A000
heap
page read and write
1AE99A00000
heap
page read and write
1C3B6513000
heap
page read and write
BF9FD7F000
stack
page read and write
1F1838CC000
heap
page read and write
24012E39000
heap
page read and write
241E71E8000
heap
page read and write
1C3B5FA0000
trusted library allocation
page read and write
24012E4B000
heap
page read and write
241E7B02000
heap
page read and write
241E7BD2000
heap
page read and write
8EE5CF9000
stack
page read and write
241E7029000
heap
page read and write
241E7B22000
heap
page read and write
24012E42000
heap
page read and write
690000
heap
page read and write
24012E74000
heap
page read and write
1C3B6315000
trusted library allocation
page read and write
1DC34A3B000
heap
page read and write
1DC34A00000
heap
page read and write
1F183900000
heap
page read and write
401000
unkown
page execute and read and write
24012E6A000
heap
page read and write
21319C5B000
heap
page read and write
22AF57F000
stack
page read and write
1DC347C0000
heap
page read and write
1AE9A2A0000
remote allocation
page read and write
1DC34A24000
heap
page read and write
24012E63000
heap
page read and write
241E7B22000
heap
page read and write
1C3B6202000
unkown
page read and write
1F184300000
heap
page read and write
21319AF0000
heap
page read and write
1DC347B0000
heap
page read and write
BAF64FF000
stack
page read and write
241E7A02000
heap
page read and write
24012E68000
heap
page read and write
22AF07F000
stack
page read and write
24012E48000
heap
page read and write
BAF5FFB000
stack
page read and write
1DC34A68000
heap
page read and write
24012E30000
heap
page read and write
2F78DFE000
stack
page read and write
24012E6B000
heap
page read and write
1DC34A13000
heap
page read and write
BAF63FD000
stack
page read and write
1C3B6000000
heap
page read and write
241E7C23000
heap
page read and write
21319C58000
heap
page read and write
24012E6D000
heap
page read and write
22AF47F000
stack
page read and write
1F183829000
heap
page read and write
2F792FD000
stack
page read and write
24012E49000
heap
page read and write
2131A602000
trusted library allocation
page read and write
22AF1FC000
stack
page read and write
241E7B92000
heap
page read and write
B27C97E000
stack
page read and write
2F78EFF000
stack
page read and write
241E7C02000
heap
page read and write
1C3B621F000
unkown
page read and write
1AE99970000
heap
page read and write
24012E3D000
heap
page read and write
24012E13000
heap
page read and write
21319C77000
heap
page read and write
B27CA7E000
stack
page read and write
241E7B43000
heap
page read and write
1F183790000
heap
page read and write
22AF2FD000
stack
page read and write
24013670000
trusted library allocation
page read and write
24012D70000
heap
page read and write
1AE99A4C000
heap
page read and write
241E7043000
heap
page read and write
1F18433A000
heap
page read and write
BF9FF7A000
stack
page read and write
1C3B6413000
heap
page read and write
30000
heap
page read and write
24012E7D000
heap
page read and write
241E6FF0000
trusted library allocation
page read and write
2F78E7C000
stack
page read and write
1AE999D0000
heap
page read and write
BAF60FF000
stack
page read and write
241E6F60000
heap
page read and write
241E7C31000
heap
page read and write
8EE54BB000
stack
page read and write
22AEAFB000
stack
page read and write
241E6F50000
heap
page read and write
1AE9A402000
trusted library allocation
page read and write
21319B50000
heap
page read and write
24012E62000
heap
page read and write
24012E29000
heap
page read and write
1DC34A36000
heap
page read and write
1C3B6323000
heap
page read and write
21319B80000
trusted library allocation
page read and write
2F78F7E000
stack
page read and write
21319C00000
heap
page read and write
24012F02000
heap
page read and write
BAF66FF000
stack
page read and write
1F183913000
heap
page read and write
BF9FE7E000
stack
page read and write
21319C41000
heap
page read and write
1C3B6200000
unkown
page read and write
24012E45000
heap
page read and write
1F184312000
heap
page read and write
2F791FF000
stack
page read and write
BAF67FF000
stack
page read and write
24012E55000
heap
page read and write
241E7C00000
heap
page read and write
24012E6F000
heap
page read and write
B27C5AE000
stack
page read and write
24012E4F000
heap
page read and write
1F18388A000
heap
page read and write
BAF68FF000
stack
page read and write
1AE9A2A0000
remote allocation
page read and write
1DC34A02000
heap
page read and write
24012E41000
heap
page read and write
241E7113000
heap
page read and write
241E7000000
heap
page read and write
22AF17F000
stack
page read and write
9D000
stack
page read and write
22AF77E000
stack
page read and write
241E708A000
heap
page read and write
24012E7E000
heap
page read and write
21319C2A000
heap
page read and write
241E7880000
trusted library allocation
page read and write
BF9FB79000
stack
page read and write
1C3B6402000
heap
page read and write
BF9F67C000
stack
page read and write
241E71BA000
heap
page read and write
24012D60000
heap
page read and write
1AE99960000
heap
page read and write
BF9F9FF000
stack
page read and write
241E7B00000
heap
page read and write
1F183800000
heap
page read and write
21319D02000
heap
page read and write
241E7B54000
heap
page read and write
1F184202000
heap
page read and write
24012E56000
heap
page read and write
BF9FC7A000
stack
page read and write
1F183874000
heap
page read and write
241E705D000
heap
page read and write
241E703D000
heap
page read and write
1C3B620D000
unkown
page read and write
2F7917D000
stack
page read and write
1AE99A3C000
heap
page read and write
24012E44000
heap
page read and write
241E7BC7000
heap
page read and write
695657E000
stack
page read and write
517000
unkown
page execute and read and write
B27C52E000
stack
page read and write
22AEEFB000
stack
page read and write
1F183902000
heap
page read and write
There are 237 hidden memdumps, click here to show them.