Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
f_00321b.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62582 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\f_00321b.dll",#1
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\f_00321b.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\f_00321b.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\f_00321b.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ZbmMPnDvLqwXll\QyzgcRWJYZS.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\RymKYMmySRfU\EAqrfXJOpHznppsf.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IzuSuDitBV\QmEREbzuu.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\f_00321b.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://45.235.8.30:8080/nnukk/upfurpftd/ltwomnfleb//
|
unknown
|
|
|
|
https://45.235.8.30:8080/nnukk/upfurpftd/ltwomnfleb/0u
|
unknown
|
|
|
|
https://213.239.212.5/~
|
unknown
|
|
|
|
https://45.235.8.30:8080/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
|
|
|
https://119.59.103.152:8080/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
|
|
|
https://213.239.212.5/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
|
|
|
https://119.59.103.152:8080/nnukk/upfurpftd/ltwomnfleb/?
|
unknown
|
|
|
|
https://164.90.222.65/nnukk/upfurpftd/ltwomnfleb/
|
164.90.222.65
|
|
|
|
https://119.59.103.152:8080/nnukk/upfurpftd/ltwomnfleb/%
|
unknown
|
|
|
|
https://45.235.8.30:8080/nnukk/upfurpftd/ltwomnfleb/Y
|
unknown
|
|
|
|
https://167.172.199.165:8080/Y
|
unknown
|
||
|
https://21.235.8.30:8080/
|
unknown
|
||
|
https://164.90.222.65/
|
unknown
|
||
|
https://82.223.21.224:8080/
|
unknown
|
||
|
https://107.170.39.149:8080/
|
unknown
|
||
|
https://82.223.21.224:8080/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
||
|
https://91.207.28.33:8080/-
|
unknown
|
||
|
https://159.65.88.10:8080/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
||
|
https://164.90.222.65/nnukk/upfurpftd/ltwomnfleb//K
|
unknown
|
||
|
https://104.168.155.143:8080/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
||
|
https://164.90.222.65:443/nnukk/upfurpftd/ltwomnfleb/b/X
|
unknown
|
||
|
https://91.121.146.47:8080/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
||
|
https://189.56.131.28:8080/
|
unknown
|
||
|
https://107.170.39.149:8080/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
||
|
https://119.59.103.152:8080/
|
unknown
|
||
|
https://119.59.103.152:8080/l/z
|
unknown
|
||
|
https://91.121.146.47:8080/
|
unknown
|
||
|
https://187.172.199.165:8080/
|
unknown
|
||
|
https://167.172.199.165:8080/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
||
|
https://187.63.160.88:80/nnukk/upfurpftd/ltwomnfleb/
|
unknown
|
||
|
https://45.235.8.30:8080/
|
unknown
|
||
|
https://167.172.199.165:8080/o
|
unknown
|
||
|
https://66.228.32.31:7080/
|
unknown
|
||
|
https://167.172.199.165:8080/
|
unknown
|
||
|
https://164.90.222.65/nnukk/upfurpftd/ltwomnfleb/w
|
unknown
|
||
|
https://164.90.222.65/wn
|
unknown
|
||
|
https://103.44.196.120:8080/
|
unknown
|
||
|
https://213.239.212.5:443/nnukk/upfurpftd/ltwomnfleb/N
|
unknown
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
c-0001.c-msedge.net
|
13.107.4.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
159.65.88.10
|
unknown
|
United States
|
|
|
|
172.105.226.75
|
unknown
|
United States
|
|
|
|
164.90.222.65
|
unknown
|
United States
|
|
|
|
110.232.117.186
|
unknown
|
Australia
|
|
|
|
213.239.212.5
|
unknown
|
Germany
|
|
|
|
5.135.159.50
|
unknown
|
France
|
|
|
|
186.194.240.217
|
unknown
|
Brazil
|
|
|
|
103.132.242.26
|
unknown
|
India
|
|
|
|
104.168.155.143
|
unknown
|
United States
|
|
|
|
119.59.103.152
|
unknown
|
Thailand
|
|
|
|
79.137.35.198
|
unknown
|
France
|
|
|
|
159.89.202.34
|
unknown
|
United States
|
|
|
|
91.121.146.47
|
unknown
|
France
|
|
|
|
160.16.142.56
|
unknown
|
Japan
|
|
|
|
201.94.166.162
|
unknown
|
Brazil
|
|
|
|
91.207.28.33
|
unknown
|
Kyrgyzstan
|
|
|
|
103.75.201.2
|
unknown
|
Thailand
|
|
|
|
103.43.75.120
|
unknown
|
Japan
|
|
|
|
115.68.227.76
|
unknown
|
Korea Republic of
|
|
|
|
188.44.20.25
|
unknown
|
Macedonia
|
|
|
|
45.235.8.30
|
unknown
|
Brazil
|
|
|
|
153.126.146.25
|
unknown
|
Japan
|
|
|
|
72.15.201.15
|
unknown
|
United States
|
|
|
|
163.44.196.120
|
unknown
|
Singapore
|
|
|
|
206.189.28.199
|
unknown
|
United States
|
|
|
|
107.170.39.149
|
unknown
|
United States
|
|
|
|
66.228.32.31
|
unknown
|
United States
|
|
|
|
187.63.160.88
|
unknown
|
Brazil
|
|
|
|
82.223.21.224
|
unknown
|
Spain
|
|
|
|
197.242.150.244
|
unknown
|
South Africa
|
|
|
|
173.212.193.249
|
unknown
|
Germany
|
|
|
|
185.4.135.165
|
unknown
|
Greece
|
|
|
|
183.111.227.137
|
unknown
|
Korea Republic of
|
|
|
|
45.176.232.124
|
unknown
|
Colombia
|
|
|
|
95.217.221.146
|
unknown
|
Germany
|
|
|
|
149.56.131.28
|
unknown
|
Canada
|
|
|
|
169.57.156.166
|
unknown
|
United States
|
|
|
|
164.68.99.3
|
unknown
|
Germany
|
|
|
|
182.162.143.56
|
unknown
|
Korea Republic of
|
|
|
|
139.59.126.41
|
unknown
|
Singapore
|
|
|
|
1.234.2.232
|
unknown
|
Korea Republic of
|
|
|
|
167.172.253.162
|
unknown
|
United States
|
|
|
|
129.232.188.93
|
unknown
|
South Africa
|
|
|
|
167.172.199.165
|
unknown
|
United States
|
|
|
|
202.129.205.3
|
unknown
|
Thailand
|
|
|
|
147.139.166.154
|
unknown
|
United States
|
|
|
|
153.92.5.27
|
unknown
|
Germany
|
|
|
|
94.23.45.86
|
unknown
|
France
|
|
There are 38 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
24067ED1000
|
direct allocation
|
page execute read
|
|
|
|
2031000
|
direct allocation
|
page execute read
|
|
|
|
1FE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
72B000
|
heap
|
page read and write
|
|
|
|
2301000
|
direct allocation
|
page execute read
|
|
|
|
22D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1CAEF360000
|
direct allocation
|
page execute and read and write
|
|
|
|
24067EA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1CAEF391000
|
direct allocation
|
page execute read
|
|
|
|
4BA000
|
stack
|
page read and write
|
||
|
205A000
|
direct allocation
|
page readonly
|
||
|
1CAEF3BB000
|
direct allocation
|
page read and write
|
||
|
1CAEF0A0000
|
heap
|
page read and write
|
||
|
C5D8877000
|
stack
|
page read and write
|
||
|
2883000
|
heap
|
page read and write
|
||
|
9E6000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
285E000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
5F16D79000
|
stack
|
page read and write
|
||
|
2874000
|
heap
|
page read and write
|
||
|
24067C60000
|
heap
|
page read and write
|
||
|
17197C18000
|
heap
|
page read and write
|
||
|
24067C67000
|
heap
|
page read and write
|
||
|
1F9F000
|
stack
|
page read and write
|
||
|
21DE000
|
stack
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
42F000
|
heap
|
page read and write
|
||
|
17197DD0000
|
trusted library allocation
|
page read and write
|
||
|
663000
|
heap
|
page read and write
|
||
|
24067F40000
|
trusted library allocation
|
page read and write
|
||
|
5F16FFF000
|
stack
|
page read and write
|
||
|
4AB86FF000
|
stack
|
page read and write
|
||
|
5F169DB000
|
stack
|
page read and write
|
||
|
4AB87FE000
|
stack
|
page read and write
|
||
|
22A0000
|
direct allocation
|
page execute and read and write
|
||
|
2A37000
|
heap
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
180016000
|
unkown
|
page readonly
|
||
|
40000
|
heap
|
page read and write
|
||
|
C5D87FE000
|
stack
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
43D000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
262C000
|
stack
|
page read and write
|
||
|
25B0000
|
trusted library allocation
|
page read and write
|
||
|
17197C5F000
|
heap
|
page read and write
|
||
|
24067EFC000
|
direct allocation
|
page readonly
|
||
|
24067F40000
|
trusted library allocation
|
page read and write
|
||
|
75A000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
17197BA0000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
294D000
|
stack
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
2878000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
17197C82000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
4AB89FC000
|
stack
|
page read and write
|
||
|
75A000
|
heap
|
page read and write
|
||
|
17198940000
|
trusted library allocation
|
page read and write
|
||
|
24AC000
|
stack
|
page read and write
|
||
|
24067FA0000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
24067ED0000
|
direct allocation
|
page read and write
|
||
|
6F6000
|
heap
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
26D0000
|
remote allocation
|
page read and write
|
||
|
1CAEF400000
|
trusted library allocation
|
page read and write
|
||
|
17197C7D000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
2A11000
|
heap
|
page read and write
|
||
|
783000
|
heap
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
2874000
|
heap
|
page read and write
|
||
|
2260000
|
trusted library allocation
|
page read and write
|
||
|
1CAEF110000
|
heap
|
page read and write
|
||
|
24067BE0000
|
heap
|
page read and write
|
||
|
756000
|
heap
|
page read and write
|
||
|
1CAEF3BC000
|
direct allocation
|
page readonly
|
||
|
77D000
|
heap
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
24067FA5000
|
heap
|
page read and write
|
||
|
75A000
|
heap
|
page read and write
|
||
|
2290D1A0000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
74B000
|
heap
|
page read and write
|
||
|
78D000
|
heap
|
page read and write
|
||
|
6F6000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
783000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
2530000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
2020000
|
heap
|
page read and write
|
||
|
24067CC3000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
753000
|
heap
|
page read and write
|
||
|
1CAEF400000
|
trusted library allocation
|
page read and write
|
||
|
2883000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
24067E30000
|
heap
|
page read and write
|
||
|
6FC000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
783000
|
heap
|
page read and write
|
||
|
180023000
|
unkown
|
page readonly
|
||
|
180023000
|
unkown
|
page readonly
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
75A000
|
heap
|
page read and write
|
||
|
2878000
|
heap
|
page read and write
|
||
|
24067EFB000
|
direct allocation
|
page read and write
|
||
|
5F16DF9000
|
stack
|
page read and write
|
||
|
2874000
|
heap
|
page read and write
|
||
|
1FB0000
|
heap
|
page read and write
|
||
|
41B000
|
heap
|
page read and write
|
||
|
287E000
|
heap
|
page read and write
|
||
|
C5D867C000
|
stack
|
page read and write
|
||
|
180021000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
43D000
|
heap
|
page read and write
|
||
|
435000
|
heap
|
page read and write
|
||
|
2A37000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
2817000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
259E000
|
stack
|
page read and write
|
||
|
3AB000
|
stack
|
page read and write
|
||
|
17197C78000
|
heap
|
page read and write
|
||
|
444000
|
heap
|
page read and write
|
||
|
17197BB0000
|
trusted library allocation
|
page read and write
|
||
|
1CAEF1FD000
|
heap
|
page read and write
|
||
|
2290D23D000
|
heap
|
page read and write
|
||
|
87B000
|
stack
|
page read and write
|
||
|
285E000
|
heap
|
page read and write
|
||
|
77D000
|
heap
|
page read and write
|
||
|
2874000
|
heap
|
page read and write
|
||
|
753000
|
heap
|
page read and write
|
||
|
24067CAE000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
26D0000
|
remote allocation
|
page read and write
|
||
|
180016000
|
unkown
|
page readonly
|
||
|
1FB3000
|
heap
|
page read and write
|
||
|
232B000
|
direct allocation
|
page read and write
|
||
|
26AC000
|
stack
|
page read and write
|
||
|
1CAEF390000
|
direct allocation
|
page read and write
|
||
|
1CAEF3BA000
|
direct allocation
|
page readonly
|
||
|
211E000
|
stack
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
180021000
|
unkown
|
page read and write
|
||
|
1CAEF180000
|
heap
|
page read and write
|
||
|
F9000
|
stack
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
2883000
|
heap
|
page read and write
|
||
|
17197C82000
|
heap
|
page read and write
|
||
|
1CAF0D40000
|
heap
|
page read and write
|
||
|
17197B30000
|
heap
|
page read and write
|
||
|
17197E49000
|
heap
|
page read and write
|
||
|
708000
|
heap
|
page read and write
|
||
|
26D0000
|
remote allocation
|
page read and write
|
||
|
98B000
|
heap
|
page read and write
|
||
|
2530000
|
trusted library allocation
|
page read and write
|
||
|
24067E50000
|
heap
|
page read and write
|
||
|
756000
|
heap
|
page read and write
|
||
|
171979D0000
|
heap
|
page read and write
|
||
|
77D000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
28A4000
|
heap
|
page read and write
|
||
|
24067C9F000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
17197C61000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
25B0000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
2300000
|
direct allocation
|
page read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
1CAEF130000
|
heap
|
page read and write
|
||
|
17197E45000
|
heap
|
page read and write
|
||
|
2878000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
225B000
|
stack
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
77D000
|
heap
|
page read and write
|
||
|
2878000
|
heap
|
page read and write
|
||
|
180021000
|
unkown
|
page read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
17197D50000
|
trusted library allocation
|
page read and write
|
||
|
24069840000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
441000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
C5D897E000
|
stack
|
page read and write
|
||
|
1CAEF350000
|
direct allocation
|
page execute and read and write
|
||
|
17197D80000
|
trusted library allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
57F0000
|
heap
|
page read and write
|
||
|
17197C10000
|
heap
|
page read and write
|
||
|
180016000
|
unkown
|
page readonly
|
||
|
5F16E7E000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
180023000
|
unkown
|
page readonly
|
||
|
180016000
|
unkown
|
page readonly
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
23AF000
|
stack
|
page read and write
|
||
|
444000
|
heap
|
page read and write
|
||
|
43D000
|
heap
|
page read and write
|
||
|
29ED000
|
stack
|
page read and write
|
||
|
2260000
|
trusted library allocation
|
page read and write
|
||
|
180023000
|
unkown
|
page readonly
|
||
|
1CAEF475000
|
heap
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
7A2000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
C5D86FF000
|
stack
|
page read and write
|
||
|
205C000
|
direct allocation
|
page readonly
|
||
|
461000
|
heap
|
page read and write
|
||
|
D49A90D000
|
stack
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
17197C5F000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
62C000
|
heap
|
page read and write
|
||
|
2290D243000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
2838000
|
heap
|
page read and write
|
||
|
24067C6B000
|
heap
|
page read and write
|
||
|
783000
|
heap
|
page read and write
|
||
|
4AB877F000
|
stack
|
page read and write
|
||
|
24067EFA000
|
direct allocation
|
page readonly
|
||
|
17197C5F000
|
heap
|
page read and write
|
||
|
C5D88FE000
|
stack
|
page read and write
|
||
|
171979E0000
|
trusted library allocation
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
6DF000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
4AB88FE000
|
stack
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
288D000
|
heap
|
page read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
2874000
|
heap
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
62C000
|
heap
|
page read and write
|
||
|
1FD0000
|
direct allocation
|
page execute and read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
242F000
|
stack
|
page read and write
|
||
|
444000
|
heap
|
page read and write
|
||
|
17197C79000
|
heap
|
page read and write
|
||
|
78D000
|
heap
|
page read and write
|
||
|
2290D130000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
180021000
|
unkown
|
page read and write
|
||
|
2883000
|
heap
|
page read and write
|
||
|
4AB897F000
|
stack
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
700000
|
heap
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
1CAEF1C6000
|
heap
|
page read and write
|
||
|
2878000
|
heap
|
page read and write
|
||
|
29F1000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
2A37000
|
heap
|
page read and write
|
||
|
17197C7A000
|
heap
|
page read and write
|
||
|
77D000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
783000
|
heap
|
page read and write
|
||
|
747000
|
heap
|
page read and write
|
||
|
27F1000
|
heap
|
page read and write
|
||
|
6F6000
|
heap
|
page read and write
|
||
|
2A81000
|
heap
|
page read and write
|
||
|
28CD000
|
heap
|
page read and write
|
||
|
1CAEF188000
|
heap
|
page read and write
|
||
|
4AB8877000
|
stack
|
page read and write
|
||
|
24067E90000
|
direct allocation
|
page execute and read and write
|
||
|
74B000
|
heap
|
page read and write
|
||
|
2290D230000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
445000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
275E000
|
stack
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
5F16F79000
|
stack
|
page read and write
|
||
|
6F6000
|
heap
|
page read and write
|
||
|
2527000
|
stack
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
22B0000
|
heap
|
page readonly
|
||
|
6F6000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
438000
|
heap
|
page read and write
|
||
|
C5D877F000
|
stack
|
page read and write
|
||
|
17197D70000
|
trusted library allocation
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
205B000
|
direct allocation
|
page read and write
|
||
|
1CAEF470000
|
heap
|
page read and write
|
||
|
232A000
|
direct allocation
|
page readonly
|
||
|
232C000
|
direct allocation
|
page readonly
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
17197E50000
|
trusted library allocation
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
2883000
|
heap
|
page read and write
|
||
|
4AB867C000
|
stack
|
page read and write
|
||
|
C5D89FB000
|
stack
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
2010000
|
heap
|
page readonly
|
||
|
1CAEF1C4000
|
heap
|
page read and write
|
||
|
1CAEF3C0000
|
heap
|
page readonly
|
||
|
75A000
|
heap
|
page read and write
|
||
|
2A4B000
|
stack
|
page read and write
|
||
|
2A81000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
17197D10000
|
trusted library allocation
|
page read and write
|
||
|
6F6000
|
heap
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
1CAEF1E7000
|
heap
|
page read and write
|
||
|
2A39000
|
heap
|
page read and write
|
||
|
24067CAE000
|
heap
|
page read and write
|
||
|
285E000
|
heap
|
page read and write
|
||
|
17197D60000
|
heap
|
page readonly
|
||
|
2030000
|
direct allocation
|
page read and write
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
24067F00000
|
heap
|
page readonly
|
||
|
2A61000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
17197B10000
|
heap
|
page read and write
|
||
|
7EB000
|
heap
|
page read and write
|
||
|
17197E40000
|
heap
|
page read and write
|
||
|
74B000
|
heap
|
page read and write
|
There are 349 hidden memdumps, click here to show them.