Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
o6OaOfrAQs.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Kontos.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsg7AC7.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\5D4ACB\B73EF6.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3425316567-2969588382-3778222414-1001\1b1d0082738e9f9011266f86ab9723d2_11389406-0377-47ed-98c7-d564e683c6eb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Dykereeve\Jackbsningen\Telescopiform\Bestridende\AEGISIIIRadeonHelper.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Dykereeve\Jackbsningen\Telescopiform\Bestridende\Profetiske.Byg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Dykereeve\Jackbsningen\Telescopiform\Bestridende\Sankekort.Sch209
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Hjtideligholdelser\Liechtensteiner\Systemopstninger\pan-start-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Hjtideligholdelser\Liechtensteiner\Systemopstninger\printer-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Idolatrous\Kaes\pt-br.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Ravingly\Magnetoplasmadynamics\godsvognen\avatar-default-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Tilrettelggelsernes\Gyrite\be.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Tilrettelggelsernes\Gyrite\changes-allow-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Tilrettelggelsernes\Gyrite\dotnet.api
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Tilrettelggelsernes\Gyrite\ebook-reader.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Tilrettelggelsernes\Gyrite\emblem-photos-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Tilrettelggelsernes\Gyrite\font-select-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Tilrettelggelsernes\Gyrite\network-wired-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Unrivalled\Nonexhaustively\Snaffle\Stealthful\LogoCanary.png
|
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\o6OaOfrAQs.exe
|
C:\Users\user\Desktop\o6OaOfrAQs.exe
|
|
|
|
C:\Users\user\Desktop\o6OaOfrAQs.exe
|
C:\Users\user\Desktop\o6OaOfrAQs.exe
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5540 -s 204
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://185.246.220.85/habrik/five/fre.php
|
185.246.220.85
|
|
|
|
http://ruhsalgelisim.com/jgEyxsZj50.ttf
|
85.95.248.49
|
||
|
http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
|
unknown
|
||
|
http://www.gopher.ftp://ftp.
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ruhsalgelisim.com
|
85.95.248.49
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.246.220.85
|
unknown
|
Germany
|
|
|
|
85.95.248.49
|
ruhsalgelisim.com
|
Turkey
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Shabbyish\Retablerings
|
Aphetism
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
358C000
|
direct allocation
|
page execute and read and write
|
|
|
|
2585000
|
heap
|
page read and write
|
||
|
245D3115000
|
trusted library allocation
|
page read and write
|
||
|
245D302A000
|
heap
|
page read and write
|
||
|
17F05A44000
|
heap
|
page read and write
|
||
|
23BE000
|
stack
|
page read and write
|
||
|
94F000
|
stack
|
page read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
227E000
|
stack
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
17BC000
|
remote allocation
|
page execute and read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
48851FE000
|
stack
|
page read and write
|
||
|
252D000
|
heap
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
245D3402000
|
heap
|
page read and write
|
||
|
3430000
|
trusted library allocation
|
page read and write
|
||
|
240E000
|
stack
|
page read and write
|
||
|
ABBB4FD000
|
stack
|
page read and write
|
||
|
3430000
|
direct allocation
|
page execute and read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
22BE000
|
stack
|
page read and write
|
||
|
3430000
|
trusted library allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
43F000
|
unkown
|
page readonly
|
||
|
245D3500000
|
heap
|
page read and write
|
||
|
3223E000
|
stack
|
page read and write
|
||
|
245D3500000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
2542000
|
heap
|
page read and write
|
||
|
244F000
|
stack
|
page read and write
|
||
|
322FC000
|
stack
|
page read and write
|
||
|
2521000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
3F8C000
|
direct allocation
|
page execute and read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
658000
|
heap
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
2450000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
251E000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2A05000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
43A000
|
unkown
|
page readonly
|
||
|
3227B000
|
stack
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
245D3013000
|
unkown
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
2536000
|
heap
|
page read and write
|
||
|
31BB0000
|
direct allocation
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
43F000
|
unkown
|
page readonly
|
||
|
32400000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
30000
|
heap
|
page read and write
|
||
|
24F9000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
245D3140000
|
heap
|
page read and write
|
||
|
31F6E000
|
stack
|
page read and write
|
||
|
3240A000
|
direct allocation
|
page read and write
|
||
|
32180000
|
heap
|
page read and write
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
323FD000
|
stack
|
page read and write
|
||
|
245D3022000
|
unkown
|
page read and write
|
||
|
3430000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
436000
|
unkown
|
page readonly
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
2587000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
3430000
|
trusted library allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
3206E000
|
stack
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
2532000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
2A02000
|
heap
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
43A000
|
unkown
|
page readonly
|
||
|
2A01000
|
heap
|
page read and write
|
||
|
343F000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
245D2F90000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
3246E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
31A71000
|
heap
|
page read and write
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
17F05BE0000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
ABBB8FE000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
17F05980000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
23C4000
|
heap
|
page read and write
|
||
|
2546000
|
heap
|
page read and write
|
||
|
21BC000
|
remote allocation
|
page execute and read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
245D3413000
|
heap
|
page read and write
|
||
|
424000
|
unkown
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
25EE000
|
stack
|
page read and write
|
||
|
31CD0000
|
direct allocation
|
page read and write
|
||
|
4040000
|
trusted library allocation
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
31D10000
|
direct allocation
|
page read and write
|
||
|
245D3102000
|
trusted library allocation
|
page read and write
|
||
|
245D3502000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
31B70000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
17F05DD0000
|
heap
|
page read and write
|
||
|
245D3513000
|
heap
|
page read and write
|
||
|
247F000
|
stack
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
2A06000
|
heap
|
page read and write
|
||
|
24E4000
|
heap
|
page read and write
|
||
|
3216F000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
245D3036000
|
heap
|
page read and write
|
||
|
4040000
|
trusted library allocation
|
page read and write
|
||
|
31A70000
|
heap
|
page read and write
|
||
|
245D3011000
|
unkown
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
245D3002000
|
unkown
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
17F05DD5000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
237E000
|
stack
|
page read and write
|
||
|
4090000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
2A09000
|
heap
|
page read and write
|
||
|
253E000
|
heap
|
page read and write
|
||
|
245D3100000
|
trusted library allocation
|
page read and write
|
||
|
2505000
|
heap
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
4040000
|
trusted library allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
3430000
|
trusted library allocation
|
page read and write
|
||
|
254A000
|
heap
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
48852FF000
|
stack
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32400000
|
direct allocation
|
page read and write
|
||
|
43F000
|
unkown
|
page readonly
|
||
|
20000
|
unclassified section
|
page readonly
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
4885379000
|
stack
|
page read and write
|
||
|
2A05000
|
heap
|
page read and write
|
||
|
24B0000
|
heap
|
page read and write
|
||
|
17F05C50000
|
heap
|
page read and write
|
||
|
3202F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
488527F000
|
stack
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
3212E000
|
stack
|
page read and write
|
||
|
20000
|
unclassified section
|
page readonly
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
17F05A41000
|
heap
|
page read and write
|
||
|
245D3513000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
320AE000
|
stack
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
68B000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
245D3502000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
6ED73000
|
unkown
|
page readonly
|
||
|
43A000
|
unkown
|
page readonly
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
245D3000000
|
unkown
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
2A01000
|
heap
|
page read and write
|
||
|
31FAF000
|
stack
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
3256F000
|
stack
|
page read and write
|
||
|
3EB9000
|
trusted library allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
48850FE000
|
stack
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
24B8000
|
heap
|
page read and write
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
32410000
|
trusted library allocation
|
page read and write
|
||
|
31A71000
|
heap
|
page read and write
|
||
|
488507C000
|
stack
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
17F05A10000
|
heap
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
262F000
|
stack
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
24B0000
|
heap
|
page read and write
|
||
|
ABBBC79000
|
stack
|
page read and write
|
||
|
32406000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
31FEE000
|
stack
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
2A06000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
245D2FC0000
|
trusted library allocation
|
page read and write
|
||
|
84F000
|
stack
|
page read and write
|
||
|
6ED70000
|
unkown
|
page readonly
|
||
|
245D2F20000
|
heap
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
245D3400000
|
heap
|
page read and write
|
||
|
6ED75000
|
unkown
|
page readonly
|
||
|
2514000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
2235000
|
heap
|
page read and write
|
||
|
17F05A17000
|
heap
|
page read and write
|
||
|
6ED71000
|
unkown
|
page execute read
|
||
|
40C9000
|
trusted library allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
3430000
|
trusted library allocation
|
page read and write
|
||
|
433000
|
unkown
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
2A05000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
488517D000
|
stack
|
page read and write
|
||
|
32410000
|
direct allocation
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
32420000
|
direct allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
32420000
|
direct allocation
|
page read and write
|
There are 288 hidden memdumps, click here to show them.