Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SzznpUhIjo.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\ge280443.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\kino5628.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP001.TMP\en239906.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP001.TMP\kino6423.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP002.TMP\dNT35s70.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP002.TMP\kino4801.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP003.TMP\bus7600.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP003.TMP\con1165.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\bus7600.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\con1165.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SzznpUhIjo.exe
|
C:\Users\user\Desktop\SzznpUhIjo.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\kino5628.exe
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\kino5628.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP001.TMP\kino6423.exe
|
C:\Users\user\AppData\Local\Temp\IXP001.TMP\kino6423.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP002.TMP\kino4801.exe
|
C:\Users\user\AppData\Local\Temp\IXP002.TMP\kino4801.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP003.TMP\bus7600.exe
|
C:\Users\user\AppData\Local\Temp\IXP003.TMP\bus7600.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP003.TMP\con1165.exe
|
C:\Users\user\AppData\Local\Temp\IXP003.TMP\con1165.exe
|
|
|
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\system32\rundll32.exe" C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\user\AppData\Local\Temp\IXP000.TMP\
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\system32\rundll32.exe" C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\user\AppData\Local\Temp\IXP001.TMP\
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\system32\rundll32.exe" C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\user\AppData\Local\Temp\IXP002.TMP\
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\system32\rundll32.exe" C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\user\AppData\Local\Temp\IXP001.TMP\
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
31.41.244.200/games/category/index.php
|
|
||
|
193.233.20.30:4125
|
|
||
|
https://api.ip.sb/ip
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
|
DisableIOAVProtection
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
|
DisableRealtimeMonitoring
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications
|
DisableNotifications
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce
|
wextract_cleanup0
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce
|
wextract_cleanup1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce
|
wextract_cleanup2
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce
|
wextract_cleanup3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
|
TamperProtection
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
|
AUOptions
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
|
AutoInstallMinorUpdates
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
|
NoAutoRebootWithLoggedOnUsers
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
|
UseWUServer
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
|
DoNotConnectToWindowsUpdateInternetLocations
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows Defender\Features
|
TamperProtection
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2DA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
4510000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
6E80000
|
heap
|
page read and write
|
|
|
|
46C5000
|
heap
|
page read and write
|
|
|
|
24A20469000
|
heap
|
page read and write
|
||
|
262AE413000
|
heap
|
page read and write
|
||
|
7180000
|
trusted library allocation
|
page read and write
|
||
|
4C8C000
|
trusted library allocation
|
page read and write
|
||
|
24DEF4E2000
|
heap
|
page read and write
|
||
|
710E000
|
stack
|
page read and write
|
||
|
4C37000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
809000
|
heap
|
page read and write
|
||
|
24DEF3D0000
|
heap
|
page read and write
|
||
|
6CE000
|
heap
|
page read and write
|
||
|
CB2000
|
heap
|
page read and write
|
||
|
2430FA80000
|
trusted library allocation
|
page read and write
|
||
|
F8718FE000
|
stack
|
page read and write
|
||
|
262AE330000
|
heap
|
page read and write
|
||
|
262AE340000
|
heap
|
page read and write
|
||
|
24E30140000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
580000
|
heap
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
4D2E000
|
stack
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
A85FAFC000
|
stack
|
page read and write
|
||
|
24E300B0000
|
heap
|
page read and write
|
||
|
276A6DD0000
|
trusted library allocation
|
page read and write
|
||
|
A85F67F000
|
stack
|
page read and write
|
||
|
262AE3D0000
|
trusted library allocation
|
page read and write
|
||
|
77D0000
|
trusted library allocation
|
page read and write
|
||
|
1B1F0000
|
trusted library allocation
|
page read and write
|
||
|
2430ECB0000
|
heap
|
page read and write
|
||
|
2E59000
|
heap
|
page read and write
|
||
|
24A202E0000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
5F44000
|
heap
|
page read and write
|
||
|
5BF5000
|
trusted library allocation
|
page read and write
|
||
|
C5501AE000
|
stack
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
276A6E4B000
|
heap
|
page read and write
|
||
|
1B3B0000
|
heap
|
page execute and read and write
|
||
|
12A47000
|
trusted library allocation
|
page read and write
|
||
|
DC53D7E000
|
stack
|
page read and write
|
||
|
1F3D5700000
|
heap
|
page read and write
|
||
|
10D8000
|
unkown
|
page write copy
|
||
|
48E0000
|
trusted library allocation
|
page read and write
|
||
|
4C86000
|
trusted library allocation
|
page read and write
|
||
|
965000
|
stack
|
page read and write
|
||
|
4F0B000
|
heap
|
page read and write
|
||
|
4750000
|
heap
|
page read and write
|
||
|
4C82000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
B8574FF000
|
stack
|
page read and write
|
||
|
45D0000
|
trusted library allocation
|
page read and write
|
||
|
DC53FFF000
|
stack
|
page read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
2430ECFE000
|
heap
|
page read and write
|
||
|
48C5000
|
heap
|
page read and write
|
||
|
708627C000
|
stack
|
page read and write
|
||
|
4C31000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
262AE440000
|
heap
|
page read and write
|
||
|
24DEF413000
|
heap
|
page read and write
|
||
|
708637E000
|
stack
|
page read and write
|
||
|
FE87AFB000
|
stack
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
E58000
|
unkown
|
page write copy
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
2430ED11000
|
heap
|
page read and write
|
||
|
8E1000
|
unkown
|
page execute read
|
||
|
24DEFC02000
|
heap
|
page read and write
|
||
|
72A0EFF000
|
stack
|
page read and write
|
||
|
7FFBACC12000
|
trusted library allocation
|
page read and write
|
||
|
70E0000
|
trusted library allocation
|
page read and write
|
||
|
1AEAD000
|
stack
|
page read and write
|
||
|
2430FAE0000
|
trusted library allocation
|
page read and write
|
||
|
E5A000
|
unkown
|
page readonly
|
||
|
276A6F02000
|
heap
|
page read and write
|
||
|
24E30150000
|
heap
|
page read and write
|
||
|
24E30040000
|
heap
|
page read and write
|
||
|
24A20476000
|
heap
|
page read and write
|
||
|
24DEFD14000
|
heap
|
page read and write
|
||
|
49B000
|
stack
|
page read and write
|
||
|
50B000
|
unkown
|
page read and write
|
||
|
6D4000
|
heap
|
page read and write
|
||
|
559000
|
heap
|
page read and write
|
||
|
8E8000
|
unkown
|
page read and write
|
||
|
2B4EA1AB000
|
heap
|
page read and write
|
||
|
8FD000
|
stack
|
page read and write
|
||
|
1C2C4C90000
|
heap
|
page read and write
|
||
|
7719000
|
trusted library allocation
|
page read and write
|
||
|
72A0DFD000
|
stack
|
page read and write
|
||
|
2D551D13000
|
heap
|
page read and write
|
||
|
10D0000
|
unkown
|
page readonly
|
||
|
24DEF502000
|
heap
|
page read and write
|
||
|
4C2F000
|
trusted library allocation
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
4770000
|
trusted library allocation
|
page execute and read and write
|
||
|
24DEF429000
|
heap
|
page read and write
|
||
|
2E86000
|
heap
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
7440000
|
trusted library allocation
|
page read and write
|
||
|
70863FF000
|
stack
|
page read and write
|
||
|
24DEF443000
|
heap
|
page read and write
|
||
|
4CB0000
|
heap
|
page readonly
|
||
|
2430F820000
|
trusted library allocation
|
page read and write
|
||
|
C6E000
|
heap
|
page read and write
|
||
|
2B4EA1A0000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
E5C000
|
unkown
|
page readonly
|
||
|
8EA000
|
unkown
|
page readonly
|
||
|
24A20C02000
|
trusted library allocation
|
page read and write
|
||
|
69C0000
|
heap
|
page read and write
|
||
|
2B2D000
|
heap
|
page read and write
|
||
|
C35000
|
heap
|
page read and write
|
||
|
4EF7000
|
heap
|
page read and write
|
||
|
7FFBACD20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A30000
|
heap
|
page execute and read and write
|
||
|
BD6000
|
heap
|
page read and write
|
||
|
2B0E000
|
heap
|
page read and write
|
||
|
70862FE000
|
stack
|
page read and write
|
||
|
195000
|
stack
|
page read and write
|
||
|
E5A000
|
unkown
|
page readonly
|
||
|
2900000
|
heap
|
page read and write
|
||
|
276A6DB0000
|
trusted library allocation
|
page read and write
|
||
|
FE878FF000
|
stack
|
page read and write
|
||
|
2D551C13000
|
heap
|
page read and write
|
||
|
4780000
|
heap
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
1F3D5613000
|
heap
|
page read and write
|
||
|
24A20413000
|
heap
|
page read and write
|
||
|
10DC000
|
unkown
|
page readonly
|
||
|
6A30000
|
direct allocation
|
page execute and read and write
|
||
|
48D0000
|
trusted library allocation
|
page read and write
|
||
|
2B4EA3E0000
|
heap
|
page read and write
|
||
|
10D1000
|
unkown
|
page execute read
|
||
|
24A2044B000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
24A20448000
|
heap
|
page read and write
|
||
|
4C63000
|
trusted library allocation
|
page read and write
|
||
|
7FFBACC1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1C2C4D2E000
|
heap
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
72A0FF9000
|
stack
|
page read and write
|
||
|
FE8797C000
|
stack
|
page read and write
|
||
|
4C6B000
|
trusted library allocation
|
page read and write
|
||
|
2430ECFE000
|
heap
|
page read and write
|
||
|
426000
|
unkown
|
page execute and read and write
|
||
|
2D551AE0000
|
heap
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
F92000
|
heap
|
page read and write
|
||
|
4B8D000
|
trusted library allocation
|
page read and write
|
||
|
F8717FF000
|
stack
|
page read and write
|
||
|
24A20402000
|
heap
|
page read and write
|
||
|
4EF6000
|
heap
|
page read and write
|
||
|
276A6E85000
|
heap
|
page read and write
|
||
|
4C88000
|
trusted library allocation
|
page read and write
|
||
|
21C2B8C000
|
stack
|
page read and write
|
||
|
24A2043A000
|
heap
|
page read and write
|
||
|
2430EEB9000
|
heap
|
page read and write
|
||
|
4C59000
|
trusted library allocation
|
page read and write
|
||
|
77F0000
|
trusted library allocation
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
DC53CFC000
|
stack
|
page read and write
|
||
|
D39000
|
heap
|
page read and write
|
||
|
5F40000
|
heap
|
page read and write
|
||
|
2D551C41000
|
heap
|
page read and write
|
||
|
2B4EA0C0000
|
heap
|
page read and write
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
4C8E000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
4C1C000
|
trusted library allocation
|
page read and write
|
||
|
24A2046A000
|
heap
|
page read and write
|
||
|
10DA000
|
unkown
|
page readonly
|
||
|
DC53A7B000
|
stack
|
page read and write
|
||
|
FE87A7E000
|
stack
|
page read and write
|
||
|
170CD1E5000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
7FFBACC20000
|
trusted library allocation
|
page read and write
|
||
|
2E8F000
|
heap
|
page read and write
|
||
|
2B29000
|
heap
|
page read and write
|
||
|
24A20466000
|
heap
|
page read and write
|
||
|
B8573FB000
|
stack
|
page read and write
|
||
|
276A8930000
|
remote allocation
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
2B0D000
|
heap
|
page read and write
|
||
|
4C95000
|
trusted library allocation
|
page read and write
|
||
|
2B1F000
|
heap
|
page read and write
|
||
|
2430EEB5000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
45B0000
|
trusted library allocation
|
page read and write
|
||
|
2430F7B0000
|
trusted library allocation
|
page read and write
|
||
|
493E000
|
stack
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
24A20445000
|
heap
|
page read and write
|
||
|
77B5000
|
trusted library allocation
|
page read and write
|
||
|
C1D0FAE000
|
stack
|
page read and write
|
||
|
72A0C7B000
|
stack
|
page read and write
|
||
|
24A2044D000
|
heap
|
page read and write
|
||
|
4610000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
unkown
|
page write copy
|
||
|
24A20446000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2AEA000
|
heap
|
page read and write
|
||
|
46FE000
|
stack
|
page read and write
|
||
|
4620000
|
trusted library section
|
page read and write
|
||
|
5C19000
|
trusted library allocation
|
page read and write
|
||
|
50B000
|
unkown
|
page write copy
|
||
|
4BB4000
|
trusted library allocation
|
page read and write
|
||
|
FE8767C000
|
stack
|
page read and write
|
||
|
7FFBACC0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AE0000
|
unkown
|
page readonly
|
||
|
D70000
|
heap
|
page read and write
|
||
|
E51000
|
unkown
|
page execute read
|
||
|
C42000
|
heap
|
page read and write
|
||
|
276A6E83000
|
heap
|
page read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
4BF1000
|
trusted library allocation
|
page read and write
|
||
|
45D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
477F000
|
stack
|
page read and write
|
||
|
7FFBACCB0000
|
trusted library allocation
|
page read and write
|
||
|
276A6E13000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
276A6E59000
|
heap
|
page read and write
|
||
|
8EA000
|
unkown
|
page readonly
|
||
|
24A20429000
|
heap
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
2C05000
|
heap
|
page read and write
|
||
|
2294BAF000
|
stack
|
page read and write
|
||
|
585000
|
heap
|
page read and write
|
||
|
24A20400000
|
heap
|
page read and write
|
||
|
24A202D0000
|
heap
|
page read and write
|
||
|
276A6D80000
|
heap
|
page read and write
|
||
|
2B1C000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
45A000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
24A20370000
|
trusted library allocation
|
page read and write
|
||
|
7FFBACDA2000
|
trusted library allocation
|
page read and write
|
||
|
A85FDFC000
|
stack
|
page read and write
|
||
|
7080000
|
heap
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
262AE400000
|
heap
|
page read and write
|
||
|
1CB000
|
stack
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
24A2045C000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
24A20479000
|
heap
|
page read and write
|
||
|
FE87EFE000
|
stack
|
page read and write
|
||
|
4C2D000
|
trusted library allocation
|
page read and write
|
||
|
A85FBFD000
|
stack
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
7FFBACCE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C2C6850000
|
heap
|
page read and write
|
||
|
24DEF4CC000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
24A20431000
|
heap
|
page read and write
|
||
|
4C6F000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
2430EC50000
|
heap
|
page read and write
|
||
|
822000
|
unkown
|
page readonly
|
||
|
48E4000
|
trusted library allocation
|
page read and write
|
||
|
1B1F0000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
4AC6000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
7C0F000
|
stack
|
page read and write
|
||
|
B8575FF000
|
stack
|
page read and write
|
||
|
24A2045F000
|
heap
|
page read and write
|
||
|
262AE502000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
DC53F7D000
|
stack
|
page read and write
|
||
|
FE87CFE000
|
stack
|
page read and write
|
||
|
276A6E2A000
|
heap
|
page read and write
|
||
|
4940000
|
trusted library allocation
|
page read and write
|
||
|
5BF1000
|
trusted library allocation
|
page read and write
|
||
|
2430EB20000
|
trusted library allocation
|
page read and write
|
||
|
42F000
|
unkown
|
page execute and read and write
|
||
|
4C67000
|
trusted library allocation
|
page read and write
|
||
|
1F3D5E02000
|
trusted library allocation
|
page read and write
|
||
|
24A20449000
|
heap
|
page read and write
|
||
|
A85F9FF000
|
stack
|
page read and write
|
||
|
24A2043D000
|
heap
|
page read and write
|
||
|
4CE0000
|
heap
|
page read and write
|
||
|
2E6B000
|
heap
|
page read and write
|
||
|
24DEF4C8000
|
heap
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
2D551B40000
|
heap
|
page read and write
|
||
|
8EC000
|
unkown
|
page readonly
|
||
|
2B4EA360000
|
heap
|
page read and write
|
||
|
76F0000
|
trusted library allocation
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
24DEFD00000
|
heap
|
page read and write
|
||
|
2430F810000
|
trusted library allocation
|
page read and write
|
||
|
4C61000
|
trusted library allocation
|
page read and write
|
||
|
F870E7B000
|
stack
|
page read and write
|
||
|
70F9000
|
trusted library allocation
|
page read and write
|
||
|
2B12000
|
heap
|
page read and write
|
||
|
48E6000
|
trusted library allocation
|
page read and write
|
||
|
2D551C6F000
|
heap
|
page read and write
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
2D551D02000
|
heap
|
page read and write
|
||
|
276A6F1C000
|
heap
|
page read and write
|
||
|
4C84000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24E30157000
|
heap
|
page read and write
|
||
|
4C33000
|
trusted library allocation
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
276A8A02000
|
trusted library allocation
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
4CC6000
|
heap
|
page read and write
|
||
|
2430ED1D000
|
heap
|
page read and write
|
||
|
45AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
24DEF370000
|
heap
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
4E2F000
|
stack
|
page read and write
|
||
|
555000
|
heap
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
24A2045E000
|
heap
|
page read and write
|
||
|
276A8870000
|
trusted library allocation
|
page read and write
|
||
|
276A8930000
|
remote allocation
|
page read and write
|
||
|
C55047E000
|
stack
|
page read and write
|
||
|
2430FA60000
|
trusted library allocation
|
page read and write
|
||
|
4B7F000
|
stack
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
24A20502000
|
heap
|
page read and write
|
||
|
72A0E79000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
24A2047D000
|
heap
|
page read and write
|
||
|
6880000
|
heap
|
page execute and read and write
|
||
|
4C35000
|
trusted library allocation
|
page read and write
|
||
|
A85F47C000
|
stack
|
page read and write
|
||
|
F8719FF000
|
stack
|
page read and write
|
||
|
24A20460000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
4650000
|
heap
|
page read and write
|
||
|
4640000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
1F3D55F0000
|
trusted library allocation
|
page read and write
|
||
|
24DEF360000
|
heap
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
2430F7A0000
|
trusted library allocation
|
page read and write
|
||
|
826000
|
unkown
|
page readonly
|
||
|
714E000
|
stack
|
page read and write
|
||
|
262AE429000
|
heap
|
page read and write
|
||
|
1F3D5652000
|
heap
|
page read and write
|
||
|
6A10000
|
heap
|
page read and write
|
||
|
1B200000
|
trusted library allocation
|
page read and write
|
||
|
2A22000
|
trusted library allocation
|
page read and write
|
||
|
2294AAC000
|
stack
|
page read and write
|
||
|
7ACF000
|
stack
|
page read and write
|
||
|
4BC0000
|
trusted library allocation
|
page read and write
|
||
|
72A0F79000
|
stack
|
page read and write
|
||
|
2A21000
|
trusted library allocation
|
page read and write
|
||
|
24A20452000
|
heap
|
page read and write
|
||
|
C09000
|
heap
|
page read and write
|
||
|
2A21000
|
trusted library allocation
|
page read and write
|
||
|
B8572FE000
|
stack
|
page read and write
|
||
|
1F3D566B000
|
heap
|
page read and write
|
||
|
12A49000
|
trusted library allocation
|
page read and write
|
||
|
1C2C5080000
|
heap
|
page read and write
|
||
|
276A6D20000
|
heap
|
page read and write
|
||
|
12A41000
|
trusted library allocation
|
page read and write
|
||
|
262AE402000
|
heap
|
page read and write
|
||
|
24A20442000
|
heap
|
page read and write
|
||
|
6A28000
|
heap
|
page read and write
|
||
|
48F0000
|
heap
|
page execute and read and write
|
||
|
1F3D5628000
|
heap
|
page read and write
|
||
|
2D552402000
|
trusted library allocation
|
page read and write
|
||
|
1F3D5550000
|
heap
|
page read and write
|
||
|
262AEB30000
|
remote allocation
|
page read and write
|
||
|
93B000
|
stack
|
page read and write
|
||
|
4EFC000
|
heap
|
page read and write
|
||
|
1F3D5713000
|
heap
|
page read and write
|
||
|
F41000
|
trusted library allocation
|
page read and write
|
||
|
6DD000
|
heap
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
1C2C4C70000
|
heap
|
page read and write
|
||
|
4C29000
|
trusted library allocation
|
page read and write
|
||
|
2B06000
|
heap
|
page read and write
|
||
|
C1D14FF000
|
stack
|
page read and write
|
||
|
E51000
|
unkown
|
page execute read
|
||
|
2E46000
|
heap
|
page read and write
|
||
|
C38000
|
heap
|
page read and write
|
||
|
262AE45C000
|
heap
|
page read and write
|
||
|
1B220000
|
trusted library allocation
|
page read and write
|
||
|
2D551C02000
|
heap
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
F84000
|
heap
|
page read and write
|
||
|
6B40000
|
direct allocation
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
21C2F7F000
|
stack
|
page read and write
|
||
|
170CCE70000
|
heap
|
page read and write
|
||
|
C1D13FE000
|
stack
|
page read and write
|
||
|
24DEF489000
|
heap
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
10DC000
|
unkown
|
page readonly
|
||
|
7170000
|
trusted library allocation
|
page read and write
|
||
|
45C0000
|
trusted library allocation
|
page read and write
|
||
|
24A20432000
|
heap
|
page read and write
|
||
|
2294E7E000
|
stack
|
page read and write
|
||
|
FE877FE000
|
stack
|
page read and write
|
||
|
2E0A000
|
heap
|
page read and write
|
||
|
6D9000
|
heap
|
page read and write
|
||
|
4C4A000
|
trusted library allocation
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
2430ED18000
|
heap
|
page read and write
|
||
|
A85F8FE000
|
stack
|
page read and write
|
||
|
EDF000
|
stack
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
F8711FF000
|
stack
|
page read and write
|
||
|
2D551C65000
|
heap
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
473F000
|
stack
|
page read and write
|
||
|
276A6E02000
|
heap
|
page read and write
|
||
|
2B12000
|
heap
|
page read and write
|
||
|
FE87DFC000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
10D0000
|
unkown
|
page readonly
|
||
|
276A6F00000
|
heap
|
page read and write
|
||
|
27FF000
|
stack
|
page read and write
|
||
|
2B4EA1A7000
|
heap
|
page read and write
|
||
|
7FFBACC03000
|
trusted library allocation
|
page execute and read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
24DEF4BB000
|
heap
|
page read and write
|
||
|
262AEB30000
|
remote allocation
|
page read and write
|
||
|
4EFB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
800000
|
heap
|
page read and write
|
||
|
4C2B000
|
trusted library allocation
|
page read and write
|
||
|
2430FA70000
|
heap
|
page readonly
|
||
|
F8712FC000
|
stack
|
page read and write
|
||
|
2430EEC0000
|
trusted library allocation
|
page read and write
|
||
|
48E0000
|
trusted library allocation
|
page read and write
|
||
|
806000
|
heap
|
page read and write
|
||
|
24E300D0000
|
heap
|
page read and write
|
||
|
4C72000
|
trusted library allocation
|
page read and write
|
||
|
2430ECB8000
|
heap
|
page read and write
|
||
|
1B1F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFBACC2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F3D5641000
|
heap
|
page read and write
|
||
|
262AEC02000
|
trusted library allocation
|
page read and write
|
||
|
2B4E9F60000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page read and write
|
||
|
24E304E5000
|
heap
|
page read and write
|
||
|
6C4000
|
heap
|
page read and write
|
||
|
170CCEE0000
|
heap
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
4C6D000
|
trusted library allocation
|
page read and write
|
||
|
2430EB10000
|
heap
|
page read and write
|
||
|
7FFBACCC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EE7000
|
heap
|
page read and write
|
||
|
4C27000
|
trusted library allocation
|
page read and write
|
||
|
1F3D5602000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
2B4EA0A0000
|
heap
|
page read and write
|
||
|
8E8000
|
unkown
|
page write copy
|
||
|
2B18000
|
heap
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
C55012C000
|
stack
|
page read and write
|
||
|
24A20483000
|
heap
|
page read and write
|
||
|
4C69000
|
trusted library allocation
|
page read and write
|
||
|
488F000
|
stack
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
6D3000
|
heap
|
page read and write
|
||
|
6A25000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
24DEF470000
|
heap
|
page read and write
|
||
|
45C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7130000
|
trusted library allocation
|
page read and write
|
||
|
24DEF513000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
4C54000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
76D0000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
2B03000
|
heap
|
page read and write
|
||
|
10D8000
|
unkown
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
2E98000
|
heap
|
page read and write
|
||
|
276A88B0000
|
trusted library allocation
|
page read and write
|
||
|
2B0C000
|
heap
|
page read and write
|
||
|
69E0000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
48CE000
|
stack
|
page read and write
|
||
|
7190000
|
trusted library allocation
|
page read and write
|
||
|
276A6D10000
|
heap
|
page read and write
|
||
|
24A20440000
|
heap
|
page read and write
|
||
|
2B09000
|
heap
|
page read and write
|
||
|
170CCF00000
|
heap
|
page read and write
|
||
|
DC540FD000
|
stack
|
page read and write
|
||
|
4C4C000
|
trusted library allocation
|
page read and write
|
||
|
1C2C4D20000
|
heap
|
page read and write
|
||
|
4C52000
|
trusted library allocation
|
page read and write
|
||
|
C1D0EAC000
|
stack
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
170CCF0B000
|
heap
|
page read and write
|
||
|
2A28000
|
trusted library allocation
|
page read and write
|
||
|
7FF4A9190000
|
trusted library allocation
|
page execute and read and write
|
||
|
276A6E67000
|
heap
|
page read and write
|
||
|
2E6F000
|
heap
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
6D3000
|
heap
|
page read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
4C65000
|
trusted library allocation
|
page read and write
|
||
|
10DA000
|
unkown
|
page readonly
|
||
|
C74000
|
heap
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
trusted library allocation
|
page read and write
|
||
|
F87107B000
|
stack
|
page read and write
|
||
|
7B0E000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
2D551AD0000
|
heap
|
page read and write
|
||
|
170CD0D0000
|
heap
|
page read and write
|
||
|
2D551B70000
|
trusted library allocation
|
page read and write
|
||
|
170CEA80000
|
heap
|
page read and write
|
||
|
FE8747C000
|
stack
|
page read and write
|
||
|
6D8E000
|
stack
|
page read and write
|
||
|
F8716FF000
|
stack
|
page read and write
|
||
|
1F3D5600000
|
heap
|
page read and write
|
||
|
1C2C4C00000
|
heap
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page read and write
|
||
|
1F3D5560000
|
heap
|
page read and write
|
||
|
4C46000
|
trusted library allocation
|
page read and write
|
||
|
E58000
|
unkown
|
page read and write
|
||
|
6DD000
|
heap
|
page read and write
|
||
|
24A20461000
|
heap
|
page read and write
|
||
|
24DEFB30000
|
trusted library allocation
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
4A7F000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
2D551C00000
|
heap
|
page read and write
|
||
|
45A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
2B4EA3E5000
|
heap
|
page read and write
|
||
|
2E26000
|
heap
|
page execute and read and write
|
||
|
45B3000
|
trusted library allocation
|
page read and write
|
||
|
507000
|
unkown
|
page execute read
|
||
|
454E000
|
stack
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
2430EEB0000
|
heap
|
page read and write
|
||
|
B856EFC000
|
stack
|
page read and write
|
||
|
1F3D5679000
|
heap
|
page read and write
|
||
|
DC5417E000
|
stack
|
page read and write
|
||
|
2AE0000
|
unkown
|
page readonly
|
||
|
21C2EFF000
|
stack
|
page read and write
|
||
|
18A000
|
stack
|
page read and write
|
||
|
6A14000
|
heap
|
page read and write
|
||
|
71C0000
|
heap
|
page execute and read and write
|
||
|
7150000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
7FFBACC04000
|
trusted library allocation
|
page read and write
|
||
|
F44000
|
trusted library allocation
|
page read and write
|
||
|
7FFBACC5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A2047A000
|
heap
|
page read and write
|
||
|
4C8A000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
E5C000
|
unkown
|
page readonly
|
||
|
C1D15FE000
|
stack
|
page read and write
|
||
|
45A4000
|
trusted library allocation
|
page read and write
|
||
|
262AE3A0000
|
heap
|
page read and write
|
||
|
8E1000
|
unkown
|
page execute read
|
||
|
262AEB30000
|
remote allocation
|
page read and write
|
||
|
24E3015B000
|
heap
|
page read and write
|
||
|
24DEF400000
|
heap
|
page read and write
|
||
|
2BBB000
|
unkown
|
page readonly
|
||
|
2430ECF6000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
4C5F000
|
trusted library allocation
|
page read and write
|
||
|
2E9C000
|
heap
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
2294B2E000
|
stack
|
page read and write
|
||
|
1B200000
|
trusted library allocation
|
page read and write
|
||
|
21C2E7E000
|
stack
|
page read and write
|
||
|
2B1C000
|
heap
|
page read and write
|
||
|
24A2046C000
|
heap
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
2E98000
|
heap
|
page read and write
|
||
|
2A22000
|
trusted library allocation
|
page read and write
|
||
|
45DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B210000
|
trusted library allocation
|
page read and write
|
||
|
2B09000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library section
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
A85F7FF000
|
stack
|
page read and write
|
||
|
2D551C5A000
|
heap
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
1F3D55C0000
|
heap
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
79CF000
|
stack
|
page read and write
|
||
|
24A20444000
|
heap
|
page read and write
|
||
|
8EC000
|
unkown
|
page readonly
|
||
|
1B1F0000
|
trusted library allocation
|
page read and write
|
||
|
4C4E000
|
trusted library allocation
|
page read and write
|
||
|
24A20441000
|
heap
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
F8715FF000
|
stack
|
page read and write
|
||
|
1F3D5702000
|
heap
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
FE87BFC000
|
stack
|
page read and write
|
||
|
C1D0F2E000
|
stack
|
page read and write
|
||
|
4600000
|
heap
|
page read and write
|
||
|
276A6E3D000
|
heap
|
page read and write
|
||
|
50D000
|
unkown
|
page read and write
|
||
|
12A43000
|
trusted library allocation
|
page read and write
|
||
|
2D551C29000
|
heap
|
page read and write
|
||
|
2D551C75000
|
heap
|
page read and write
|
||
|
2430EC70000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
24A20340000
|
heap
|
page read and write
|
||
|
2E86000
|
heap
|
page read and write
|
||
|
F8714FD000
|
stack
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
1C2C5085000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
9E90000
|
trusted library allocation
|
page read and write
|
||
|
4550000
|
heap
|
page read and write
|
||
|
45CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2430ECC0000
|
heap
|
page read and write
|
||
|
2BBB000
|
unkown
|
page readonly
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
24A20447000
|
heap
|
page read and write
|
||
|
10D1000
|
unkown
|
page execute read
|
||
|
50DF000
|
stack
|
page read and write
|
||
|
276A6F13000
|
heap
|
page read and write
|
||
|
F35000
|
heap
|
page read and write
|
||
|
276A8930000
|
remote allocation
|
page read and write
|
||
|
24E304E0000
|
heap
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
2430ECFE000
|
heap
|
page read and write
|
||
|
40C000
|
unkown
|
page execute and read and write
|
||
|
2A41000
|
trusted library allocation
|
page read and write
|
||
|
2430FA90000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
170CCF07000
|
heap
|
page read and write
|
||
|
6A20000
|
heap
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page read and write
|
||
|
4C48000
|
trusted library allocation
|
page read and write
|
||
|
276A6E5B000
|
heap
|
page read and write
|
||
|
276A6E00000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
459E000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
45A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFBACC10000
|
trusted library allocation
|
page read and write
|
||
|
1B1F0000
|
trusted library allocation
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
2B34000
|
heap
|
page read and write
|
||
|
276A6E4A000
|
heap
|
page read and write
|
||
|
170CD1E0000
|
heap
|
page read and write
|
||
|
78CF000
|
stack
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
276A6E49000
|
heap
|
page read and write
|
||
|
24DEF468000
|
heap
|
page read and write
|
||
|
120000
|
heap
|
page read and write
|
||
|
276A6E5A000
|
heap
|
page read and write
|
||
|
276A6F18000
|
heap
|
page read and write
|
||
|
4F04000
|
heap
|
page read and write
|
There are 675 hidden memdumps, click here to show them.