Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
f_00321b.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62582 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\f_00321b.dll",#1
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\f_00321b.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\f_00321b.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\f_00321b.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ChVCsX\ramMHRyb.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LwMWPX\mOtL.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\WiCuwn\qvjh.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\f_00321b.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://164.90.222.65/igqovuqspgdf/wfealienuk/lkpf/
|
164.90.222.65
|
|
|
|
https://164.90.222.65:443/igqovuqspgdf/wfealienuk/lkpf/f/
|
unknown
|
||
|
https://213.239.212.5/
|
unknown
|
||
|
https://107.170.39.149:8080/hHm
|
unknown
|
||
|
https://82.223.21.224:8080/
|
unknown
|
||
|
https://103.43.75.120/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://103.43.75.120:443/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://104.168.155.143:8080/Y
|
unknown
|
||
|
https://213.239.212.5/0/
|
unknown
|
||
|
https://91.121.146.47:8080/igqovuqspgdf/wfealienuk/lkpf/T
|
unknown
|
||
|
https://159.89.202.34:443/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://45.235.8.30:8080/igqovuqspgdf/wfealienuk/lkpf/PO
|
unknown
|
||
|
https://159.65.88.10:8080/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://213.239.212.5/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://91.121.146.47:8080/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://91.121.146.47:8080/
|
unknown
|
||
|
https://45.235.8.30:8080/f/
|
unknown
|
||
|
https://206.189.28.199:8080/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://107.170.39.149:8080/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://45.235.8.30:8080/
|
unknown
|
||
|
https://10.235.8.30:8080/
|
unknown
|
||
|
https://104.168.155.143:8080/
|
unknown
|
||
|
https://107.170.39.149:8080/rue4m
|
unknown
|
||
|
https://164.90.222.65/wn
|
unknown
|
||
|
https://45.235.8.30:8080/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://72.15.201.15:8080/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://103.44.196.120:8080/
|
unknown
|
||
|
https://45.235.8.30:8080/igqovuqspgdf/wfealienuk/lkpf/s
|
unknown
|
||
|
https://169.57.156.166:8080/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
||
|
https://104.168.155.143:8080/igqovuqspgdf/wfealienuk/lkpf/
|
unknown
|
There are 20 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
159.65.88.10
|
unknown
|
United States
|
|
|
|
172.105.226.75
|
unknown
|
United States
|
|
|
|
164.90.222.65
|
unknown
|
United States
|
|
|
|
110.232.117.186
|
unknown
|
Australia
|
|
|
|
213.239.212.5
|
unknown
|
Germany
|
|
|
|
5.135.159.50
|
unknown
|
France
|
|
|
|
186.194.240.217
|
unknown
|
Brazil
|
|
|
|
103.132.242.26
|
unknown
|
India
|
|
|
|
104.168.155.143
|
unknown
|
United States
|
|
|
|
119.59.103.152
|
unknown
|
Thailand
|
|
|
|
79.137.35.198
|
unknown
|
France
|
|
|
|
159.89.202.34
|
unknown
|
United States
|
|
|
|
91.121.146.47
|
unknown
|
France
|
|
|
|
160.16.142.56
|
unknown
|
Japan
|
|
|
|
201.94.166.162
|
unknown
|
Brazil
|
|
|
|
91.207.28.33
|
unknown
|
Kyrgyzstan
|
|
|
|
103.75.201.2
|
unknown
|
Thailand
|
|
|
|
103.43.75.120
|
unknown
|
Japan
|
|
|
|
115.68.227.76
|
unknown
|
Korea Republic of
|
|
|
|
188.44.20.25
|
unknown
|
Macedonia
|
|
|
|
45.235.8.30
|
unknown
|
Brazil
|
|
|
|
153.126.146.25
|
unknown
|
Japan
|
|
|
|
72.15.201.15
|
unknown
|
United States
|
|
|
|
163.44.196.120
|
unknown
|
Singapore
|
|
|
|
206.189.28.199
|
unknown
|
United States
|
|
|
|
107.170.39.149
|
unknown
|
United States
|
|
|
|
66.228.32.31
|
unknown
|
United States
|
|
|
|
187.63.160.88
|
unknown
|
Brazil
|
|
|
|
82.223.21.224
|
unknown
|
Spain
|
|
|
|
197.242.150.244
|
unknown
|
South Africa
|
|
|
|
173.212.193.249
|
unknown
|
Germany
|
|
|
|
185.4.135.165
|
unknown
|
Greece
|
|
|
|
183.111.227.137
|
unknown
|
Korea Republic of
|
|
|
|
45.176.232.124
|
unknown
|
Colombia
|
|
|
|
95.217.221.146
|
unknown
|
Germany
|
|
|
|
149.56.131.28
|
unknown
|
Canada
|
|
|
|
169.57.156.166
|
unknown
|
United States
|
|
|
|
164.68.99.3
|
unknown
|
Germany
|
|
|
|
182.162.143.56
|
unknown
|
Korea Republic of
|
|
|
|
139.59.126.41
|
unknown
|
Singapore
|
|
|
|
1.234.2.232
|
unknown
|
Korea Republic of
|
|
|
|
167.172.253.162
|
unknown
|
United States
|
|
|
|
129.232.188.93
|
unknown
|
South Africa
|
|
|
|
167.172.199.165
|
unknown
|
United States
|
|
|
|
202.129.205.3
|
unknown
|
Thailand
|
|
|
|
147.139.166.154
|
unknown
|
United States
|
|
|
|
153.92.5.27
|
unknown
|
Germany
|
|
|
|
94.23.45.86
|
unknown
|
France
|
|
There are 38 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
264E3C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
263A5E10000
|
direct allocation
|
page execute and read and write
|
|
|
|
95B000
|
heap
|
page read and write
|
|
|
|
264E3C41000
|
direct allocation
|
page execute read
|
|
|
|
C60000
|
direct allocation
|
page execute and read and write
|
|
|
|
B20000
|
direct allocation
|
page execute and read and write
|
|
|
|
E61000
|
direct allocation
|
page execute read
|
|
|
|
263A7711000
|
direct allocation
|
page execute read
|
|
|
|
B51000
|
direct allocation
|
page execute read
|
|
|
|
5C70000
|
trusted library allocation
|
page read and write
|
||
|
2B53000
|
heap
|
page read and write
|
||
|
2B6A000
|
heap
|
page read and write
|
||
|
97659FF000
|
stack
|
page read and write
|
||
|
172F3E70000
|
heap
|
page read and write
|
||
|
47F000
|
heap
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
1A833B8E000
|
heap
|
page read and write
|
||
|
2DE9000
|
heap
|
page read and write
|
||
|
180016000
|
unkown
|
page readonly
|
||
|
745000
|
heap
|
page read and write
|
||
|
46D000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
263A5E6B000
|
heap
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
180016000
|
unkown
|
page readonly
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
264E3CB0000
|
trusted library allocation
|
page read and write
|
||
|
1A833DC5000
|
heap
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
B7A000
|
direct allocation
|
page readonly
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
1A833B6F000
|
heap
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
120D000
|
heap
|
page read and write
|
||
|
97655BF000
|
stack
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
264E3AB0000
|
heap
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
C50000
|
direct allocation
|
page execute and read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
475000
|
heap
|
page read and write
|
||
|
475000
|
heap
|
page read and write
|
||
|
263A60F0000
|
heap
|
page read and write
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
172F4043000
|
heap
|
page read and write
|
||
|
280C679000
|
stack
|
page read and write
|
||
|
1365000
|
heap
|
page read and write
|
||
|
280C5F9000
|
stack
|
page read and write
|
||
|
475000
|
heap
|
page read and write
|
||
|
6470000
|
heap
|
page read and write
|
||
|
2BE1000
|
heap
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
264E3C00000
|
direct allocation
|
page execute and read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
1A833B28000
|
heap
|
page read and write
|
||
|
2C01000
|
heap
|
page read and write
|
||
|
180021000
|
unkown
|
page read and write
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
1A833AD0000
|
heap
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
E8A000
|
direct allocation
|
page readonly
|
||
|
9B6000
|
heap
|
page read and write
|
||
|
1A833B78000
|
heap
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
2AE1000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
5BFF000
|
stack
|
page read and write
|
||
|
1A833B6F000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
1A833B67000
|
heap
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
280C6FF000
|
stack
|
page read and write
|
||
|
263A5E60000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
263A773C000
|
direct allocation
|
page readonly
|
||
|
250C000
|
stack
|
page read and write
|
||
|
C40000
|
remote allocation
|
page read and write
|
||
|
1A834A40000
|
trusted library allocation
|
page read and write
|
||
|
263A5E40000
|
heap
|
page readonly
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
264E3CE0000
|
heap
|
page read and write
|
||
|
280C47B000
|
stack
|
page read and write
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
1A834760000
|
trusted library allocation
|
page read and write
|
||
|
CF9000
|
heap
|
page read and write
|
||
|
264E3C40000
|
direct allocation
|
page read and write
|
||
|
1A833B20000
|
heap
|
page read and write
|
||
|
465000
|
heap
|
page read and write
|
||
|
1A833B8C000
|
heap
|
page read and write
|
||
|
89B000
|
stack
|
page read and write
|
||
|
2B6A000
|
heap
|
page read and write
|
||
|
258B000
|
stack
|
page read and write
|
||
|
491000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
170000
|
heap
|
page read and write
|
||
|
264E3C6B000
|
direct allocation
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
2B4E000
|
heap
|
page read and write
|
||
|
264E3C70000
|
heap
|
page readonly
|
||
|
1A834770000
|
trusted library allocation
|
page read and write
|
||
|
264E3C6C000
|
direct allocation
|
page readonly
|
||
|
C00000
|
heap
|
page read and write
|
||
|
2033000
|
heap
|
page read and write
|
||
|
263A7820000
|
trusted library allocation
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
135DEFD000
|
stack
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
475000
|
heap
|
page read and write
|
||
|
263A5EC4000
|
heap
|
page read and write
|
||
|
2B6A000
|
heap
|
page read and write
|
||
|
2B4E000
|
heap
|
page read and write
|
||
|
976597E000
|
stack
|
page read and write
|
||
|
2C27000
|
heap
|
page read and write
|
||
|
180023000
|
unkown
|
page readonly
|
||
|
264E3AE6000
|
heap
|
page read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
694617E000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
2E0C000
|
stack
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
475000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
180016000
|
unkown
|
page readonly
|
||
|
1A8339A0000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
1205000
|
heap
|
page read and write
|
||
|
2B53000
|
heap
|
page read and write
|
||
|
475000
|
heap
|
page read and write
|
||
|
9765A7B000
|
stack
|
page read and write
|
||
|
1A8347D0000
|
trusted library allocation
|
page read and write
|
||
|
2B07000
|
heap
|
page read and write
|
||
|
2C71000
|
heap
|
page read and write
|
||
|
263A5DB0000
|
heap
|
page read and write
|
||
|
E60000
|
direct allocation
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
9D4000
|
heap
|
page read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
2B59000
|
heap
|
page read and write
|
||
|
694607F000
|
stack
|
page read and write
|
||
|
2B28000
|
heap
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
1A833B6F000
|
heap
|
page read and write
|
||
|
264E3BB0000
|
heap
|
page read and write
|
||
|
120D000
|
heap
|
page read and write
|
||
|
99C000
|
heap
|
page read and write
|
||
|
263A773A000
|
direct allocation
|
page readonly
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
264E3AE6000
|
heap
|
page read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
1205000
|
heap
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
69460FF000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
11E8000
|
heap
|
page read and write
|
||
|
9D2000
|
heap
|
page read and write
|
||
|
60000
|
heap
|
page read and write
|
||
|
47B000
|
heap
|
page read and write
|
||
|
CEE000
|
heap
|
page read and write
|
||
|
11FF000
|
heap
|
page read and write
|
||
|
976587E000
|
stack
|
page read and write
|
||
|
264E3C6A000
|
direct allocation
|
page readonly
|
||
|
465000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
6945D9C000
|
stack
|
page read and write
|
||
|
CCE000
|
heap
|
page read and write
|
||
|
940000
|
direct allocation
|
page execute and read and write
|
||
|
1A834AA0000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
2B6A000
|
heap
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
B50000
|
direct allocation
|
page read and write
|
||
|
B7C000
|
direct allocation
|
page readonly
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
2B6B000
|
heap
|
page read and write
|
||
|
180021000
|
unkown
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
9AB000
|
stack
|
page read and write
|
||
|
2B53000
|
heap
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
99C000
|
heap
|
page read and write
|
||
|
280C7FF000
|
stack
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
264E3A90000
|
heap
|
page read and write
|
||
|
121F000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
EF5000
|
heap
|
page read and write
|
||
|
2B75000
|
heap
|
page read and write
|
||
|
264E3AEC000
|
heap
|
page read and write
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
2B94000
|
heap
|
page read and write
|
||
|
120D000
|
heap
|
page read and write
|
||
|
264E3CE5000
|
heap
|
page read and write
|
||
|
1A834A50000
|
trusted library allocation
|
page read and write
|
||
|
9D4000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
1A834A30000
|
heap
|
page readonly
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
469000
|
heap
|
page read and write
|
||
|
2C27000
|
heap
|
page read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
1099000
|
stack
|
page read and write
|
||
|
E8C000
|
direct allocation
|
page readonly
|
||
|
263A5C50000
|
heap
|
page read and write
|
||
|
2B4F000
|
heap
|
page read and write
|
||
|
263A773B000
|
direct allocation
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
2ADB000
|
stack
|
page read and write
|
||
|
264E3CB0000
|
trusted library allocation
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
99C000
|
heap
|
page read and write
|
||
|
172F3FB0000
|
heap
|
page read and write
|
||
|
263A7710000
|
direct allocation
|
page read and write
|
||
|
263A5E00000
|
direct allocation
|
page execute and read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
46D000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
2B7C000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page readonly
|
||
|
263A5D90000
|
heap
|
page read and write
|
||
|
2B53000
|
heap
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1A833990000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
1A833B6D000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
46D000
|
heap
|
page read and write
|
||
|
264E3AB8000
|
heap
|
page read and write
|
||
|
2B59000
|
heap
|
page read and write
|
||
|
121B000
|
heap
|
page read and write
|
||
|
263A7880000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
2C93000
|
heap
|
page read and write
|
||
|
180021000
|
unkown
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
180023000
|
unkown
|
page readonly
|
||
|
264E3AEB000
|
heap
|
page read and write
|
||
|
E8B000
|
direct allocation
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
9CE000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
281C000
|
stack
|
page read and write
|
||
|
1A833DC9000
|
heap
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
9D2000
|
heap
|
page read and write
|
||
|
9D4000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
97658F7000
|
stack
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
172F403D000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
2B53000
|
heap
|
page read and write
|
||
|
264E3950000
|
heap
|
page read and write
|
||
|
998000
|
heap
|
page read and write
|
||
|
46D000
|
heap
|
page read and write
|
||
|
264E3AE0000
|
heap
|
page read and write
|
||
|
B7B000
|
direct allocation
|
page read and write
|
||
|
2B6A000
|
heap
|
page read and write
|
||
|
2C51000
|
heap
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
2B6A000
|
heap
|
page read and write
|
||
|
5B7D000
|
stack
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
2B85000
|
heap
|
page read and write
|
||
|
172F4030000
|
heap
|
page read and write
|
||
|
119000
|
stack
|
page read and write
|
||
|
97654BC000
|
stack
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
280C779000
|
stack
|
page read and write
|
||
|
2C71000
|
heap
|
page read and write
|
||
|
C40000
|
remote allocation
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
180016000
|
unkown
|
page readonly
|
||
|
2030000
|
heap
|
page read and write
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
28A7000
|
stack
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
69461F9000
|
stack
|
page read and write
|
||
|
2B83000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
976553F000
|
stack
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
1A833AF0000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
264E5680000
|
heap
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
136C000
|
heap
|
page read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
120D000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
C40000
|
remote allocation
|
page read and write
|
||
|
1A8347E0000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
29CB000
|
stack
|
page read and write
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
23FE000
|
stack
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
180021000
|
unkown
|
page read and write
|
||
|
263A60F5000
|
heap
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
180023000
|
unkown
|
page readonly
|
||
|
1A833DC0000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page readonly
|
||
|
1A834A20000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
C65000
|
heap
|
page read and write
|
||
|
694627F000
|
stack
|
page read and write
|
||
|
448000
|
heap
|
page read and write
|
||
|
263A7820000
|
trusted library allocation
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
294C000
|
stack
|
page read and write
|
||
|
1A833DD0000
|
trusted library allocation
|
page read and write
|
||
|
1A833B71000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
74C000
|
heap
|
page read and write
|
||
|
279F000
|
stack
|
page read and write
|
||
|
180023000
|
unkown
|
page readonly
|
||
|
2B6A000
|
heap
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
2BE1000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
There are 346 hidden memdumps, click here to show them.