Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHLINV000156.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\internuptial\Smertelig\Registrer\System.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Glitteringly\pinckneya\Administrerbarest\Fyringssedlens\Discouple.Lab
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Glitteringly\pinckneya\Administrerbarest\Fyringssedlens\Hny.Com
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Glitteringly\pinckneya\Administrerbarest\Fyringssedlens\SolutionExplorerCLI.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Styringsmidlernes\Pinkfishes109\Supersensitizations172\Smaskforvirrede\libpkcs11-helper-1.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Styringsmidlernes\Pinkfishes109\Supersensitizations172\Smaskforvirrede\maintenanceservice2.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Styringsmidlernes\Pinkfishes109\Supersensitizations172\Smaskforvirrede\percentile.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Supergallantness\afstres\Archives\Sadelmagernaalenes\System.Security.Cryptography.X509Certificates.dll
|
PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\internuptial\Smertelig\Registrer\libdatrie-1.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsf4536.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DHLINV000156.exe
|
C:\Users\user\Desktop\DHLINV000156.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://aka.ms/dotnet-warnings/
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
https://mozilla.org0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.nero.com
|
unknown
|
||
|
https://github.com/dotnet/runtime
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\anarkisterne\Thanages
|
Festival
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4BAA000
|
direct allocation
|
page execute and read and write
|
|
|
|
12A7D3B0000
|
heap
|
page read and write
|
||
|
2001F030000
|
heap
|
page read and write
|
||
|
2AD55600000
|
heap
|
page read and write
|
||
|
49F0000
|
direct allocation
|
page execute and read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
100BFF000
|
stack
|
page read and write
|
||
|
E9424FE000
|
stack
|
page read and write
|
||
|
363D17E000
|
stack
|
page read and write
|
||
|
363D5FE000
|
stack
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
363CE7C000
|
stack
|
page read and write
|
||
|
2AD55602000
|
heap
|
page read and write
|
||
|
236E4E20000
|
trusted library allocation
|
page read and write
|
||
|
1E312629000
|
heap
|
page read and write
|
||
|
1B8B7B000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
1E312D60000
|
remote allocation
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
1411BE29000
|
heap
|
page read and write
|
||
|
217C0857000
|
heap
|
page read and write
|
||
|
571000
|
heap
|
page read and write
|
||
|
2AD5566B000
|
heap
|
page read and write
|
||
|
1E312D60000
|
remote allocation
|
page read and write
|
||
|
316437D000
|
stack
|
page read and write
|
||
|
363D27C000
|
stack
|
page read and write
|
||
|
2AD55702000
|
heap
|
page read and write
|
||
|
23528030000
|
heap
|
page read and write
|
||
|
12A7D513000
|
heap
|
page read and write
|
||
|
D3DAA79000
|
stack
|
page read and write
|
||
|
12A7D46A000
|
heap
|
page read and write
|
||
|
2001F23A000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
2001F302000
|
heap
|
page read and write
|
||
|
316427E000
|
stack
|
page read and write
|
||
|
2AD5563A000
|
heap
|
page read and write
|
||
|
27C6000
|
heap
|
page read and write
|
||
|
217C0800000
|
heap
|
page read and write
|
||
|
1411C602000
|
heap
|
page read and write
|
||
|
217C0813000
|
heap
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
235277B9000
|
heap
|
page read and write
|
||
|
1344DC29000
|
heap
|
page read and write
|
||
|
1411BE85000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
D3DA50B000
|
stack
|
page read and write
|
||
|
1344DB60000
|
trusted library allocation
|
page read and write
|
||
|
236E4465000
|
heap
|
page read and write
|
||
|
2AD55674000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
1B867C000
|
stack
|
page read and write
|
||
|
23528000000
|
heap
|
page read and write
|
||
|
27CF000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
2AD55664000
|
heap
|
page read and write
|
||
|
217C0872000
|
heap
|
page read and write
|
||
|
23527613000
|
heap
|
page read and write
|
||
|
1411BF02000
|
heap
|
page read and write
|
||
|
211788C000
|
stack
|
page read and write
|
||
|
2117DFE000
|
stack
|
page read and write
|
||
|
1006FD000
|
stack
|
page read and write
|
||
|
517000
|
heap
|
page read and write
|
||
|
1411BE13000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
516000
|
heap
|
page read and write
|
||
|
D3DAB79000
|
stack
|
page read and write
|
||
|
E941F8E000
|
stack
|
page read and write
|
||
|
2001F23C000
|
heap
|
page read and write
|
||
|
235275F0000
|
trusted library allocation
|
page read and write
|
||
|
433000
|
unkown
|
page read and write
|
||
|
E941F0C000
|
stack
|
page read and write
|
||
|
236E4460000
|
heap
|
page read and write
|
||
|
2AD5563D000
|
heap
|
page read and write
|
||
|
1411BEE0000
|
heap
|
page read and write
|
||
|
2AD55613000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
2AD55663000
|
heap
|
page read and write
|
||
|
12A7D400000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
27C9000
|
heap
|
page read and write
|
||
|
236E4420000
|
heap
|
page readonly
|
||
|
E94227E000
|
stack
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
439000
|
unkown
|
page readonly
|
||
|
557000
|
heap
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
12A7D479000
|
heap
|
page read and write
|
||
|
CF1227C000
|
stack
|
page read and write
|
||
|
236E40A0000
|
trusted library allocation
|
page read and write
|
||
|
2001F249000
|
heap
|
page read and write
|
||
|
217C0918000
|
heap
|
page read and write
|
||
|
363D67F000
|
stack
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
1344DD02000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
2352763C000
|
heap
|
page read and write
|
||
|
E9425FE000
|
stack
|
page read and write
|
||
|
1411C700000
|
heap
|
page read and write
|
||
|
557000
|
heap
|
page read and write
|
||
|
1411C712000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
1E312E02000
|
trusted library allocation
|
page read and write
|
||
|
2352766F000
|
heap
|
page read and write
|
||
|
23527F22000
|
heap
|
page read and write
|
||
|
236E4440000
|
trusted library allocation
|
page read and write
|
||
|
217C0857000
|
heap
|
page read and write
|
||
|
23527691000
|
heap
|
page read and write
|
||
|
316417D000
|
stack
|
page read and write
|
||
|
1344DC41000
|
heap
|
page read and write
|
||
|
1411BEBD000
|
heap
|
page read and write
|
||
|
236E42A8000
|
heap
|
page read and write
|
||
|
2AD55660000
|
heap
|
page read and write
|
||
|
23527F54000
|
heap
|
page read and write
|
||
|
2001F040000
|
heap
|
page read and write
|
||
|
73EF3000
|
unkown
|
page readonly
|
||
|
23527F22000
|
heap
|
page read and write
|
||
|
E21FF7C000
|
stack
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
2001F200000
|
heap
|
page read and write
|
||
|
CF11F7E000
|
stack
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
12A7D428000
|
heap
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
1411BDD0000
|
trusted library allocation
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
217C05C0000
|
heap
|
page read and write
|
||
|
363D4FA000
|
stack
|
page read and write
|
||
|
217C0913000
|
heap
|
page read and write
|
||
|
100DFF000
|
stack
|
page read and write
|
||
|
12A7D500000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
316407B000
|
stack
|
page read and write
|
||
|
236E41D0000
|
heap
|
page read and write
|
||
|
23527480000
|
heap
|
page read and write
|
||
|
2AD5564D000
|
heap
|
page read and write
|
||
|
2AD55661000
|
heap
|
page read and write
|
||
|
571000
|
heap
|
page read and write
|
||
|
439000
|
unkown
|
page readonly
|
||
|
5FAA000
|
direct allocation
|
page execute and read and write
|
||
|
1411BC60000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
2AD5567C000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
E9426FE000
|
stack
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
1344DC02000
|
heap
|
page read and write
|
||
|
200E000
|
stack
|
page read and write
|
||
|
217C21E0000
|
remote allocation
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
23527666000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
22AF000
|
stack
|
page read and write
|
||
|
2001F213000
|
heap
|
page read and write
|
||
|
1E312D60000
|
remote allocation
|
page read and write
|
||
|
1E3125D0000
|
heap
|
page read and write
|
||
|
2AD55460000
|
heap
|
page read and write
|
||
|
E9423FE000
|
stack
|
page read and write
|
||
|
2001F240000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
1411BF13000
|
heap
|
page read and write
|
||
|
2AD5565E000
|
heap
|
page read and write
|
||
|
1344DC78000
|
heap
|
page read and write
|
||
|
1344DB30000
|
heap
|
page read and write
|
||
|
1344DC00000
|
heap
|
page read and write
|
||
|
27CC000
|
heap
|
page read and write
|
||
|
2AD55679000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
23527643000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1411BEE5000
|
heap
|
page read and write
|
||
|
236E4090000
|
heap
|
page read and write
|
||
|
2117FFD000
|
stack
|
page read and write
|
||
|
2001F254000
|
heap
|
page read and write
|
||
|
2AD55678000
|
heap
|
page read and write
|
||
|
211817D000
|
stack
|
page read and write
|
||
|
371B000
|
stack
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
1E312570000
|
heap
|
page read and write
|
||
|
27BF000
|
stack
|
page read and write
|
||
|
2300000
|
heap
|
page read and write
|
||
|
D3DA979000
|
stack
|
page read and write
|
||
|
23527713000
|
heap
|
page read and write
|
||
|
217C0780000
|
trusted library allocation
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
2001F090000
|
heap
|
page read and write
|
||
|
236E42EF000
|
heap
|
page read and write
|
||
|
2AD55671000
|
heap
|
page read and write
|
||
|
2117D7C000
|
stack
|
page read and write
|
||
|
1E312613000
|
heap
|
page read and write
|
||
|
1E31263D000
|
heap
|
page read and write
|
||
|
217C0846000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
2AD55669000
|
heap
|
page read and write
|
||
|
1411BECA000
|
heap
|
page read and write
|
||
|
1E312633000
|
heap
|
page read and write
|
||
|
1B8C7F000
|
stack
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
2AD55659000
|
heap
|
page read and write
|
||
|
217C05D0000
|
heap
|
page read and write
|
||
|
CF1217F000
|
stack
|
page read and write
|
||
|
2060000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1411BE6E000
|
heap
|
page read and write
|
||
|
2AD55641000
|
heap
|
page read and write
|
||
|
1E312702000
|
heap
|
page read and write
|
||
|
3163BFC000
|
stack
|
page read and write
|
||
|
217C0902000
|
heap
|
page read and write
|
||
|
1B897B000
|
stack
|
page read and write
|
||
|
1004FB000
|
stack
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
23527600000
|
heap
|
page read and write
|
||
|
27C6000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
234D000
|
stack
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
23527F6F000
|
heap
|
page read and write
|
||
|
100EFF000
|
stack
|
page read and write
|
||
|
236E42A0000
|
heap
|
page read and write
|
||
|
2001F202000
|
heap
|
page read and write
|
||
|
23527F02000
|
heap
|
page read and write
|
||
|
E21FE79000
|
stack
|
page read and write
|
||
|
235277E5000
|
heap
|
page read and write
|
||
|
2352765B000
|
heap
|
page read and write
|
||
|
27CE000
|
heap
|
page read and write
|
||
|
217C0900000
|
heap
|
page read and write
|
||
|
2AD55689000
|
heap
|
page read and write
|
||
|
3163E7F000
|
stack
|
page read and write
|
||
|
363D6FE000
|
stack
|
page read and write
|
||
|
316379B000
|
stack
|
page read and write
|
||
|
23528013000
|
heap
|
page read and write
|
||
|
56A000
|
heap
|
page read and write
|
||
|
23527FBC000
|
heap
|
page read and write
|
||
|
1344DAC0000
|
heap
|
page read and write
|
||
|
2AD55629000
|
heap
|
page read and write
|
||
|
2AD55646000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
12A7D502000
|
heap
|
page read and write
|
||
|
236E5060000
|
trusted library allocation
|
page read and write
|
||
|
2AD55662000
|
heap
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
23527C70000
|
trusted library allocation
|
page read and write
|
||
|
236E4469000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
236E4470000
|
trusted library allocation
|
page read and write
|
||
|
27C4000
|
heap
|
page read and write
|
||
|
12A7D413000
|
heap
|
page read and write
|
||
|
23528027000
|
heap
|
page read and write
|
||
|
1344DD13000
|
heap
|
page read and write
|
||
|
56B000
|
heap
|
page read and write
|
||
|
12A7DC02000
|
trusted library allocation
|
page read and write
|
||
|
D3DA9FE000
|
stack
|
page read and write
|
||
|
12A7D402000
|
heap
|
page read and write
|
||
|
73EF5000
|
unkown
|
page readonly
|
||
|
236E4260000
|
trusted library allocation
|
page read and write
|
||
|
235274F0000
|
heap
|
page read and write
|
||
|
1411BE43000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
23527651000
|
heap
|
page read and write
|
||
|
1411BEB9000
|
heap
|
page read and write
|
||
|
1411BE00000
|
heap
|
page read and write
|
||
|
217C21E0000
|
remote allocation
|
page read and write
|
||
|
12A7D475000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
4C7000
|
heap
|
page read and write
|
||
|
23527F90000
|
heap
|
page read and write
|
||
|
3163D7E000
|
stack
|
page read and write
|
||
|
1344DC5C000
|
heap
|
page read and write
|
||
|
CF11DFD000
|
stack
|
page read and write
|
||
|
10007B000
|
stack
|
page read and write
|
||
|
23527490000
|
heap
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
2AD5565C000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
27C5000
|
heap
|
page read and write
|
||
|
236E41F0000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
1005FF000
|
stack
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
100AFF000
|
stack
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
2001F21F000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
217C0856000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
2AD55642000
|
heap
|
page read and write
|
||
|
12A7D3E0000
|
trusted library allocation
|
page read and write
|
||
|
CF1237C000
|
stack
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
236E42EF000
|
heap
|
page read and write
|
||
|
2001FA02000
|
trusted library allocation
|
page read and write
|
||
|
73EF0000
|
unkown
|
page readonly
|
||
|
E21FD7F000
|
stack
|
page read and write
|
||
|
236E4307000
|
heap
|
page read and write
|
||
|
22EE000
|
stack
|
page read and write
|
||
|
27C4000
|
heap
|
page read and write
|
||
|
217C0630000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
23527E02000
|
heap
|
page read and write
|
||
|
2AD5565F000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
236E4280000
|
trusted library allocation
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
363D3FE000
|
stack
|
page read and write
|
||
|
561000
|
heap
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
E22007F000
|
stack
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
236E4270000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
1344DAD0000
|
heap
|
page read and write
|
||
|
2AD55645000
|
heap
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
1009FD000
|
stack
|
page read and write
|
||
|
D3DA8FD000
|
stack
|
page read and write
|
||
|
2AD55673000
|
heap
|
page read and write
|
||
|
23527671000
|
heap
|
page read and write
|
||
|
217C0840000
|
heap
|
page read and write
|
||
|
23527F00000
|
heap
|
page read and write
|
||
|
217C21E0000
|
remote allocation
|
page read and write
|
||
|
217C0861000
|
heap
|
page read and write
|
||
|
2001F229000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
316447E000
|
stack
|
page read and write
|
||
|
217C0847000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
363D2F9000
|
stack
|
page read and write
|
||
|
1411BC70000
|
heap
|
page read and write
|
||
|
217C2202000
|
trusted library allocation
|
page read and write
|
||
|
2AD55640000
|
heap
|
page read and write
|
||
|
2352778E000
|
heap
|
page read and write
|
||
|
2AD55644000
|
heap
|
page read and write
|
||
|
12A7D350000
|
heap
|
page read and write
|
||
|
E21F92C000
|
stack
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
2AD55682000
|
heap
|
page read and write
|
||
|
2001F246000
|
heap
|
page read and write
|
||
|
23527629000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
217C0730000
|
trusted library allocation
|
page read and write
|
||
|
1344E402000
|
trusted library allocation
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
23527655000
|
heap
|
page read and write
|
||
|
3163FFC000
|
stack
|
page read and write
|
||
|
73EF1000
|
unkown
|
page execute read
|
||
|
2374000
|
heap
|
page read and write
|
||
|
2352762C000
|
heap
|
page read and write
|
||
|
503000
|
heap
|
page read and write
|
||
|
217C082A000
|
heap
|
page read and write
|
||
|
1B8A7F000
|
stack
|
page read and write
|
||
|
23527690000
|
heap
|
page read and write
|
||
|
1008FE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2AD55672000
|
heap
|
page read and write
|
||
|
217C0888000
|
heap
|
page read and write
|
||
|
21182FE000
|
stack
|
page read and write
|
||
|
2AD55450000
|
heap
|
page read and write
|
||
|
2AD55647000
|
heap
|
page read and write
|
||
|
1E31265C000
|
heap
|
page read and write
|
||
|
3163EFC000
|
stack
|
page read and write
|
||
|
236E42EF000
|
heap
|
page read and write
|
||
|
23527643000
|
heap
|
page read and write
|
||
|
100CFF000
|
stack
|
page read and write
|
||
|
217C07C0000
|
trusted library allocation
|
page read and write
|
||
|
12A7D340000
|
heap
|
page read and write
|
||
|
363D07A000
|
stack
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
236E4410000
|
trusted library allocation
|
page read and write
|
||
|
2AD55631000
|
heap
|
page read and write
|
||
|
2AD55657000
|
heap
|
page read and write
|
||
|
23527683000
|
heap
|
page read and write
|
||
|
2AD554C0000
|
heap
|
page read and write
|
||
|
2AD555C0000
|
trusted library allocation
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
CF1207F000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
1E312600000
|
heap
|
page read and write
|
||
|
1344DC13000
|
heap
|
page read and write
|
||
|
2001F22E000
|
heap
|
page read and write
|
||
|
21A6000
|
heap
|
page read and write
|
||
|
55AA000
|
direct allocation
|
page execute and read and write
|
||
|
1411BCD0000
|
heap
|
page read and write
|
||
|
CF1257E000
|
stack
|
page read and write
|
||
|
2352768B000
|
heap
|
page read and write
|
||
|
1411BEC3000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
1344DC72000
|
heap
|
page read and write
|
||
|
2001F190000
|
trusted library allocation
|
page read and write
|
||
|
2AD55658000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
537000
|
heap
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
2AD55677000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
2AD55E02000
|
trusted library allocation
|
page read and write
|
||
|
23527FB0000
|
heap
|
page read and write
|
||
|
2AD5565A000
|
heap
|
page read and write
|
||
|
217C0750000
|
trusted library allocation
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
1E312560000
|
heap
|
page read and write
|
||
|
236E4312000
|
heap
|
page read and write
|
||
|
4FF000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
1E312D30000
|
trusted library allocation
|
page read and write
|
||
|
1411C73B000
|
heap
|
page read and write
|
||
|
23527F43000
|
heap
|
page read and write
|
||
|
217C0847000
|
heap
|
page read and write
|
||
|
4EC000
|
heap
|
page read and write
|
||
|
12A7D458000
|
heap
|
page read and write
|
||
|
236E42B0000
|
heap
|
page read and write
|
||
|
23528023000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
1E312602000
|
heap
|
page read and write
|
||
|
236E4430000
|
trusted library allocation
|
page read and write
|
||
|
1344DC68000
|
heap
|
page read and write
|
||
|
23527685000
|
heap
|
page read and write
|
||
|
211807E000
|
stack
|
page read and write
|
||
|
23528002000
|
heap
|
page read and write
|
||
|
12A7D43C000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
217C0802000
|
heap
|
page read and write
|
||
|
23527FC8000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
2AD5567B000
|
heap
|
page read and write
|
||
|
CF119CC000
|
stack
|
page read and write
|
||
|
23527653000
|
heap
|
page read and write
|
There are 429 hidden memdumps, click here to show them.