Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
aOHLlvfakv.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62582 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\aOHLlvfakv.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\aOHLlvfakv.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\aOHLlvfakv.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\JAnzBeoSOFkqX\hUQcK.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\FAAMB\YSmuMEqbrrG.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\SAolKOHOGzImreJl\DHZYcsMibMOGCXWD.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\aOHLlvfakv.dll,__CPPdebugHook
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\aOHLlvfakv.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\aOHLlvfakv.dll",#1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://164.90.222.65/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/
|
164.90.222.65
|
|
|
|
https://164.90.222.65/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/zxqya/
|
unknown
|
||
|
https://172.105.226.75:8080/$
|
unknown
|
||
|
https://66.228.32.31:7080/z
|
unknown
|
||
|
https://103.43.75.120:443/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/a/
|
unknown
|
||
|
https://103.43.75.120/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/
|
unknown
|
||
|
https://159.65.88.10:8080/
|
unknown
|
||
|
https://82.223.21.224:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/K
|
unknown
|
||
|
https://82.223.21.224:8080/
|
unknown
|
||
|
https://172.105.226.75:8080/
|
unknown
|
||
|
https://167.172.199.165:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/j
|
unknown
|
||
|
https://187.63.160.88:80/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/STEM327
|
unknown
|
||
|
https://183.111.227.137:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/327
|
unknown
|
||
|
https://187.63.160.88:80/
|
unknown
|
||
|
https://72.15.201.15:8080/
|
unknown
|
||
|
https://91.121.146.47:8080/
|
unknown
|
||
|
https://167.172.199.165:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/
|
unknown
|
||
|
https://103.132.242.26:8080/
|
unknown
|
||
|
https://103.43.75.120/0/
|
unknown
|
||
|
https://159.65.88.10:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/u
|
unknown
|
||
|
https://103.43.75.120/080/d
|
unknown
|
||
|
https://173.212.193.249:8080/ert
|
unknown
|
||
|
https://103.43.75.120/
|
unknown
|
||
|
https://172.105.226.75:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/S
|
unknown
|
||
|
https://173.212.193.249:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/j
|
unknown
|
||
|
https://183.111.227.137:8080/
|
unknown
|
||
|
https://66.228.32.31:7080/
|
unknown
|
||
|
https://103.43.75.120/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/xqya/
|
unknown
|
||
|
https://91.121.146.47:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/
|
unknown
|
||
|
https://167.172.199.165:8080/
|
unknown
|
||
|
https://173.212.193.249:8080/
|
unknown
|
||
|
https://66.228.32.31:7080/F
|
unknown
|
||
|
https://172.105.226.75:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/d
|
unknown
|
||
|
https://173.212.193.249:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/
|
unknown
|
||
|
https://172.105.226.75:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/
|
unknown
|
||
|
https://172.105.226.75:8080/icy)
|
unknown
|
||
|
https://103.43.75.120/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/k
|
unknown
|
||
|
https://91.121.146.47:8080/nwgvynyayplzdkad/hjvnrupyw/tgrpudcxhduglli/orzxqya/I
|
unknown
|
There are 28 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
110.232.117.186
|
unknown
|
Australia
|
|
|
|
103.132.242.26
|
unknown
|
India
|
|
|
|
104.168.155.143
|
unknown
|
United States
|
|
|
|
79.137.35.198
|
unknown
|
France
|
|
|
|
115.68.227.76
|
unknown
|
Korea Republic of
|
|
|
|
163.44.196.120
|
unknown
|
Singapore
|
|
|
|
206.189.28.199
|
unknown
|
United States
|
|
|
|
107.170.39.149
|
unknown
|
United States
|
|
|
|
66.228.32.31
|
unknown
|
United States
|
|
|
|
185.4.135.165
|
unknown
|
Greece
|
|
|
|
197.242.150.244
|
unknown
|
South Africa
|
|
|
|
183.111.227.137
|
unknown
|
Korea Republic of
|
|
|
|
45.176.232.124
|
unknown
|
Colombia
|
|
|
|
169.57.156.166
|
unknown
|
United States
|
|
|
|
164.68.99.3
|
unknown
|
Germany
|
|
|
|
139.59.126.41
|
unknown
|
Singapore
|
|
|
|
167.172.253.162
|
unknown
|
United States
|
|
|
|
167.172.199.165
|
unknown
|
United States
|
|
|
|
202.129.205.3
|
unknown
|
Thailand
|
|
|
|
147.139.166.154
|
unknown
|
United States
|
|
|
|
153.92.5.27
|
unknown
|
Germany
|
|
|
|
159.65.88.10
|
unknown
|
United States
|
|
|
|
172.105.226.75
|
unknown
|
United States
|
|
|
|
101.50.0.91
|
unknown
|
Indonesia
|
|
|
|
164.90.222.65
|
unknown
|
United States
|
|
|
|
213.239.212.5
|
unknown
|
Germany
|
|
|
|
5.135.159.50
|
unknown
|
France
|
|
|
|
186.194.240.217
|
unknown
|
Brazil
|
|
|
|
119.59.103.152
|
unknown
|
Thailand
|
|
|
|
159.89.202.34
|
unknown
|
United States
|
|
|
|
91.121.146.47
|
unknown
|
France
|
|
|
|
160.16.142.56
|
unknown
|
Japan
|
|
|
|
201.94.166.162
|
unknown
|
Brazil
|
|
|
|
91.207.28.33
|
unknown
|
Kyrgyzstan
|
|
|
|
103.75.201.2
|
unknown
|
Thailand
|
|
|
|
103.43.75.120
|
unknown
|
Japan
|
|
|
|
188.44.20.25
|
unknown
|
Macedonia
|
|
|
|
45.235.8.30
|
unknown
|
Brazil
|
|
|
|
153.126.146.25
|
unknown
|
Japan
|
|
|
|
72.15.201.15
|
unknown
|
United States
|
|
|
|
187.63.160.88
|
unknown
|
Brazil
|
|
|
|
173.212.193.249
|
unknown
|
Germany
|
|
|
|
82.223.21.224
|
unknown
|
Spain
|
|
|
|
95.217.221.146
|
unknown
|
Germany
|
|
|
|
149.56.131.28
|
unknown
|
Canada
|
|
|
|
182.162.143.56
|
unknown
|
Korea Republic of
|
|
|
|
1.234.2.232
|
unknown
|
Korea Republic of
|
|
|
|
129.232.188.93
|
unknown
|
South Africa
|
|
|
|
94.23.45.86
|
unknown
|
France
|
|
There are 39 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
29592A20000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
6EB000
|
heap
|
page read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2D30000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
A10000
|
direct allocation
|
page execute and read and write
|
|
|
|
25313BA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1475000
|
heap
|
page read and write
|
||
|
223B5960000
|
heap
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
28FC000
|
stack
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
E77C27D000
|
stack
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
73B000
|
heap
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
2B2B000
|
heap
|
page read and write
|
||
|
295911B0000
|
heap
|
page read and write
|
||
|
2B29000
|
heap
|
page read and write
|
||
|
2B74000
|
heap
|
page read and write
|
||
|
297B000
|
stack
|
page read and write
|
||
|
223B59A4000
|
heap
|
page read and write
|
||
|
456000
|
unkown
|
page write copy
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
8C7000
|
heap
|
page read and write
|
||
|
29590FB8000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6D0000
|
heap
|
page readonly
|
||
|
6FB4A7E000
|
stack
|
page read and write
|
||
|
29590FF7000
|
heap
|
page read and write
|
||
|
C0C000
|
heap
|
page read and write
|
||
|
2AFB000
|
heap
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page read and write
|
||
|
25312360000
|
heap
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
295911B5000
|
heap
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
29592A10000
|
direct allocation
|
page execute and read and write
|
||
|
268E000
|
stack
|
page read and write
|
||
|
223B9010000
|
heap
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
2B74000
|
heap
|
page read and write
|
||
|
BEB000
|
heap
|
page read and write
|
||
|
2AFA000
|
heap
|
page read and write
|
||
|
2CC7000
|
heap
|
page read and write
|
||
|
453000
|
unkown
|
page write copy
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
253121D7000
|
heap
|
page read and write
|
||
|
25313B90000
|
direct allocation
|
page execute and read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
727000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
4640000
|
heap
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
18002A000
|
direct allocation
|
page readonly
|
||
|
74A000
|
heap
|
page read and write
|
||
|
24BC000
|
stack
|
page read and write
|
||
|
73B000
|
heap
|
page read and write
|
||
|
D1326FE000
|
stack
|
page read and write
|
||
|
733000
|
heap
|
page read and write
|
||
|
C0C000
|
heap
|
page read and write
|
||
|
C38000
|
heap
|
page read and write
|
||
|
29590FD8000
|
heap
|
page read and write
|
||
|
2A81000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
2CA1000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
8E1000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
29590EE0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
25312060000
|
heap
|
page read and write
|
||
|
44F000
|
unkown
|
page write copy
|
||
|
728000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
223B5790000
|
heap
|
page read and write
|
||
|
2286000
|
unkown
|
page write copy
|
||
|
774000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
2B2D000
|
heap
|
page read and write
|
||
|
2AC7000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
73B000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
12EB000
|
heap
|
page read and write
|
||
|
8BB000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
6FB48FE000
|
stack
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
223B5B55000
|
heap
|
page read and write
|
||
|
298F000
|
stack
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
223B5B50000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page read and write
|
||
|
2D11000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
C2C000
|
heap
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
2CF1000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
A70000
|
remote allocation
|
page read and write
|
||
|
25313B80000
|
direct allocation
|
page read and write
|
||
|
7BF65FF000
|
stack
|
page read and write
|
||
|
E77C07C000
|
stack
|
page read and write
|
||
|
455000
|
unkown
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
D13257B000
|
stack
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page read and write
|
||
|
2230000
|
unkown
|
page readonly
|
||
|
2B1D000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
456000
|
unkown
|
page write copy
|
||
|
2AA7000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
E77C17E000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
2B0B000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2CC7000
|
heap
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
29592B80000
|
trusted library allocation
|
page read and write
|
||
|
290E000
|
stack
|
page read and write
|
||
|
6B0000
|
direct allocation
|
page read and write
|
||
|
223B7530000
|
heap
|
page read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
455000
|
unkown
|
page read and write
|
||
|
456000
|
unkown
|
page write copy
|
||
|
2B34000
|
heap
|
page read and write
|
||
|
223B79E0000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
295911C0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2B75000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
22A6000
|
unkown
|
page readonly
|
||
|
223B5A60000
|
heap
|
page read and write
|
||
|
1FBC7E00000
|
unclassified section
|
page readonly
|
||
|
A80000
|
heap
|
page read and write
|
||
|
2AEE000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1FBC7D80000
|
heap
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
2D20000
|
direct allocation
|
page execute and read and write
|
||
|
227F000
|
unkown
|
page write copy
|
||
|
72C000
|
heap
|
page read and write
|
||
|
253120D0000
|
heap
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
2B1D000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
2783000
|
heap
|
page read and write
|
||
|
4410000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
2FB8000
|
stack
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
6C0000
|
direct allocation
|
page execute and read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
72C000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
29592BD0000
|
heap
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
A85000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
223B5984000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
5E9000
|
stack
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
2D10000
|
direct allocation
|
page read and write
|
||
|
C12000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
BC3000
|
heap
|
page read and write
|
||
|
6FB487A000
|
stack
|
page read and write
|
||
|
253121E0000
|
heap
|
page read and write
|
||
|
25312145000
|
heap
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
E77C37E000
|
stack
|
page read and write
|
||
|
2B1D000
|
heap
|
page read and write
|
||
|
2CC9000
|
heap
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
223B59A3000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
FAB000
|
stack
|
page read and write
|
||
|
2B63000
|
heap
|
page read and write
|
||
|
76C000
|
heap
|
page read and write
|
||
|
D13267E000
|
stack
|
page read and write
|
||
|
25313D20000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
D13277B000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
E77C3FE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
18002A000
|
direct allocation
|
page readonly
|
||
|
8D6000
|
heap
|
page read and write
|
||
|
2AFB000
|
heap
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
BF7000
|
heap
|
page read and write
|
||
|
455000
|
unkown
|
page read and write
|
||
|
2B2F000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
2B1D000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
29592B80000
|
trusted library allocation
|
page read and write
|
||
|
67B000
|
stack
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
1FBC7C80000
|
heap
|
page read and write
|
||
|
25313BD0000
|
heap
|
page readonly
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
D13213C000
|
stack
|
page read and write
|
||
|
2360000
|
trusted library allocation
|
page read and write
|
||
|
223B58D0000
|
heap
|
page read and write
|
||
|
223B9020000
|
trusted library allocation
|
page read and write
|
||
|
223B5993000
|
heap
|
page read and write
|
||
|
E77C47B000
|
stack
|
page read and write
|
||
|
453000
|
unkown
|
page write copy
|
||
|
6FB4AFE000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
73B000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
C1A000
|
heap
|
page read and write
|
||
|
18002B000
|
direct allocation
|
page read and write
|
||
|
223B598E000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
DEC000
|
heap
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
1FBC7DF0000
|
unclassified section
|
page readonly
|
||
|
18002B000
|
direct allocation
|
page read and write
|
||
|
25312140000
|
heap
|
page read and write
|
||
|
C07000
|
heap
|
page read and write
|
||
|
A70000
|
remote allocation
|
page read and write
|
||
|
1FBC7B40000
|
heap
|
page read and write
|
||
|
D13247E000
|
stack
|
page read and write
|
||
|
E77C1FE000
|
stack
|
page read and write
|
||
|
29590FF5000
|
heap
|
page read and write
|
||
|
18002A000
|
direct allocation
|
page readonly
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
D1324FE000
|
stack
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
2AA8000
|
heap
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
1FBC7C98000
|
heap
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
29590F70000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
18002A000
|
direct allocation
|
page readonly
|
||
|
73B000
|
heap
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
25313C20000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
8E9000
|
heap
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
2E89000
|
heap
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
2282000
|
unkown
|
page read and write
|
||
|
2B0B000
|
heap
|
page read and write
|
||
|
2AEE000
|
heap
|
page read and write
|
||
|
2287000
|
unkown
|
page read and write
|
||
|
3FDE000
|
stack
|
page read and write
|
||
|
7DA000
|
heap
|
page read and write
|
||
|
25312205000
|
heap
|
page read and write
|
||
|
227E000
|
unkown
|
page read and write
|
||
|
7BF64FF000
|
stack
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
223B5B5B000
|
heap
|
page read and write
|
||
|
25312190000
|
heap
|
page read and write
|
||
|
C38000
|
heap
|
page read and write
|
||
|
223B597A000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page read and write
|
||
|
C0C000
|
heap
|
page read and write
|
||
|
6FB497D000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
A70000
|
remote allocation
|
page read and write
|
||
|
2F3D000
|
stack
|
page read and write
|
||
|
2B0B000
|
heap
|
page read and write
|
||
|
2A7B000
|
stack
|
page read and write
|
||
|
C19000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
E77C2F7000
|
stack
|
page read and write
|
||
|
223B9013000
|
heap
|
page read and write
|
||
|
A79000
|
stack
|
page read and write
|
||
|
223B596B000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
2C7D000
|
stack
|
page read and write
|
||
|
72C000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
2531219B000
|
heap
|
page read and write
|
||
|
D1321BE000
|
stack
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page read and write
|
||
|
25313C10000
|
trusted library allocation
|
page read and write
|
||
|
453000
|
unkown
|
page write copy
|
||
|
452000
|
unkown
|
page read and write
|
||
|
29591140000
|
heap
|
page read and write
|
||
|
2AF5000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
253121F4000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
253A000
|
stack
|
page read and write
|
||
|
44F000
|
unkown
|
page write copy
|
||
|
75D000
|
heap
|
page read and write
|
||
|
29592A50000
|
heap
|
page readonly
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
733000
|
heap
|
page read and write
|
||
|
7BF61EC000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
29592A00000
|
direct allocation
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
2B74000
|
heap
|
page read and write
|
||
|
22B2000
|
unkown
|
page readonly
|
||
|
29590F7B000
|
heap
|
page read and write
|
||
|
1FBC7C8D000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2231000
|
unkown
|
page execute read
|
||
|
C08000
|
heap
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
D1325F7000
|
stack
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
C38000
|
heap
|
page read and write
|
||
|
2C81000
|
heap
|
page read and write
|
||
|
2B4A000
|
heap
|
page read and write
|
||
|
2B77000
|
heap
|
page read and write
|
||
|
E77C0FE000
|
stack
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
6FB49FD000
|
stack
|
page read and write
|
||
|
223B597A000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page readonly
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
44F000
|
unkown
|
page write copy
|
There are 369 hidden memdumps, click here to show them.