Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Quotation.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Delforliget\Melotragedy\Lindhardt\System.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Blegnbbetheden\Telegrammers.Non
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Cohesion\Quakily\Privileger.Fla
|
ASCII text, with very long lines (55032), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Cohesion\Quakily\SolutionExplorerCLI.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Cohesion\Quakily\System.Security.Cryptography.X509Certificates.dll
|
PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Delforliget\Melotragedy\Lindhardt\libdatrie-1.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Forureningsforebygget\Pegboard\libpkcs11-helper-1.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Forureningsforebygget\Pegboard\maintenanceservice2.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Forureningsforebygget\Pegboard\percentile.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nst891E.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Quotation.exe
|
C:\Users\user\Desktop\Quotation.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://aka.ms/dotnet-warnings/
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
https://mozilla.org0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.nero.com
|
unknown
|
||
|
https://github.com/dotnet/runtime
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\anarkisterne\Thanages
|
Festival
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5789000
|
direct allocation
|
page execute and read and write
|
|
|
|
1B795C00000
|
heap
|
page read and write
|
||
|
709B67B000
|
stack
|
page read and write
|
||
|
1B795C02000
|
heap
|
page read and write
|
||
|
1D9AF4E1000
|
heap
|
page read and write
|
||
|
1B795C2A000
|
heap
|
page read and write
|
||
|
21831430000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
1B795BF0000
|
remote allocation
|
page read and write
|
||
|
21830BE5000
|
heap
|
page read and write
|
||
|
27A3000
|
heap
|
page read and write
|
||
|
5BA1DFD000
|
stack
|
page read and write
|
||
|
218309C0000
|
trusted library allocation
|
page read and write
|
||
|
1D9AF513000
|
heap
|
page read and write
|
||
|
21831322000
|
heap
|
page read and write
|
||
|
28B93E96000
|
heap
|
page read and write
|
||
|
6189000
|
direct allocation
|
page execute and read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
DBB5FD000
|
stack
|
page read and write
|
||
|
28B93E5E000
|
heap
|
page read and write
|
||
|
218313AF000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
4536DFF000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
21251FD0000
|
remote allocation
|
page read and write
|
||
|
279F000
|
stack
|
page read and write
|
||
|
27A4000
|
heap
|
page read and write
|
||
|
21831302000
|
heap
|
page read and write
|
||
|
218313BD000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
21251FD0000
|
remote allocation
|
page read and write
|
||
|
28B93B90000
|
heap
|
page read and write
|
||
|
1EEAF2B000
|
stack
|
page read and write
|
||
|
28B93E62000
|
heap
|
page read and write
|
||
|
24481C5A000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
DBB6FC000
|
stack
|
page read and write
|
||
|
21831400000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
5650000
|
direct allocation
|
page execute and read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
19F40602000
|
heap
|
page read and write
|
||
|
6D015000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19F40613000
|
heap
|
page read and write
|
||
|
A8049FE000
|
stack
|
page read and write
|
||
|
19F40600000
|
heap
|
page read and write
|
||
|
1B795C65000
|
heap
|
page read and write
|
||
|
DBAD1B000
|
stack
|
page read and write
|
||
|
1EEB47E000
|
stack
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
1D9AF440000
|
heap
|
page read and write
|
||
|
21830BB9000
|
heap
|
page read and write
|
||
|
1EEBA7F000
|
stack
|
page read and write
|
||
|
1B795C59000
|
heap
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
244819F0000
|
heap
|
page read and write
|
||
|
1D9AF466000
|
heap
|
page read and write
|
||
|
2264000
|
heap
|
page read and write
|
||
|
21830A67000
|
heap
|
page read and write
|
||
|
28B93E67000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
21252A02000
|
trusted library allocation
|
page read and write
|
||
|
1D9AF1B0000
|
heap
|
page read and write
|
||
|
1B795B30000
|
heap
|
page read and write
|
||
|
6D010000
|
unkown
|
page readonly
|
||
|
1B795D18000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
A804C7A000
|
stack
|
page read and write
|
||
|
1D9AF502000
|
heap
|
page read and write
|
||
|
709B57F000
|
stack
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
1D9AF320000
|
trusted library allocation
|
page read and write
|
||
|
1D9AF1C0000
|
heap
|
page read and write
|
||
|
1B797802000
|
trusted library allocation
|
page read and write
|
||
|
24481C68000
|
heap
|
page read and write
|
||
|
225F000
|
stack
|
page read and write
|
||
|
1D9AF488000
|
heap
|
page read and write
|
||
|
218309A0000
|
trusted library allocation
|
page read and write
|
||
|
453647C000
|
stack
|
page read and write
|
||
|
45367FF000
|
stack
|
page read and write
|
||
|
27AA000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
1B795D02000
|
heap
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
1B795BB0000
|
trusted library allocation
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
28B93E4C000
|
heap
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
1D9AF400000
|
heap
|
page read and write
|
||
|
21830A6E000
|
heap
|
page read and write
|
||
|
1EEB57C000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
453667B000
|
stack
|
page read and write
|
||
|
A8044FB000
|
stack
|
page read and write
|
||
|
21830A3C000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
27A4000
|
heap
|
page read and write
|
||
|
21830A76000
|
heap
|
page read and write
|
||
|
A804E7E000
|
stack
|
page read and write
|
||
|
21251F10000
|
heap
|
page read and write
|
||
|
1D466EB0000
|
heap
|
page read and write
|
||
|
1B795C8A000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
80C000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
1B795BF0000
|
remote allocation
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
27A3000
|
heap
|
page read and write
|
||
|
A8048FA000
|
stack
|
page read and write
|
||
|
21830830000
|
heap
|
page read and write
|
||
|
1D9AF220000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
45368FE000
|
stack
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
9300D9B000
|
stack
|
page read and write
|
||
|
4536AFB000
|
stack
|
page read and write
|
||
|
1D9AF464000
|
heap
|
page read and write
|
||
|
4536CFE000
|
stack
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
1B795C48000
|
heap
|
page read and write
|
||
|
28B93E46000
|
heap
|
page read and write
|
||
|
24481C35000
|
heap
|
page read and write
|
||
|
1D467049000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
28B93E45000
|
heap
|
page read and write
|
||
|
21830A2C000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
32AB000
|
stack
|
page read and write
|
||
|
19F41002000
|
trusted library allocation
|
page read and write
|
||
|
19F40629000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
24481C28000
|
heap
|
page read and write
|
||
|
27B2000
|
heap
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
93012FE000
|
stack
|
page read and write
|
||
|
A804B79000
|
stack
|
page read and write
|
||
|
21830B13000
|
heap
|
page read and write
|
||
|
28B93E53000
|
heap
|
page read and write
|
||
|
21252023000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
24481C79000
|
heap
|
page read and write
|
||
|
28B93E13000
|
heap
|
page read and write
|
||
|
859000
|
heap
|
page read and write
|
||
|
1D9AF413000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
409000
|
unkown
|
page write copy
|
||
|
19F4065B000
|
heap
|
page read and write
|
||
|
9557C79000
|
stack
|
page read and write
|
||
|
21831343000
|
heap
|
page read and write
|
||
|
21831423000
|
heap
|
page read and write
|
||
|
21252002000
|
heap
|
page read and write
|
||
|
9557B7F000
|
stack
|
page read and write
|
||
|
21831427000
|
heap
|
page read and write
|
||
|
5BA1F7D000
|
stack
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
21830A43000
|
heap
|
page read and write
|
||
|
1D9AF423000
|
heap
|
page read and write
|
||
|
DBB2FF000
|
stack
|
page read and write
|
||
|
1D9AF4CA000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
6D011000
|
unkown
|
page execute read
|
||
|
1D9AF429000
|
heap
|
page read and write
|
||
|
24481D02000
|
heap
|
page read and write
|
||
|
31AD000
|
stack
|
page read and write
|
||
|
453697C000
|
stack
|
page read and write
|
||
|
1EEBD7E000
|
stack
|
page read and write
|
||
|
21252000000
|
heap
|
page read and write
|
||
|
1D467802000
|
trusted library allocation
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
21252040000
|
heap
|
page read and write
|
||
|
1D467013000
|
heap
|
page read and write
|
||
|
28B93E64000
|
heap
|
page read and write
|
||
|
5BA1E7F000
|
stack
|
page read and write
|
||
|
955775C000
|
stack
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
24481D00000
|
heap
|
page read and write
|
||
|
709B37B000
|
stack
|
page read and write
|
||
|
1D467023000
|
heap
|
page read and write
|
||
|
28B93E5F000
|
heap
|
page read and write
|
||
|
1D467000000
|
heap
|
page read and write
|
||
|
1EEB37A000
|
stack
|
page read and write
|
||
|
28B93E00000
|
heap
|
page read and write
|
||
|
19F405B0000
|
heap
|
page read and write
|
||
|
28B93F02000
|
heap
|
page read and write
|
||
|
21831402000
|
heap
|
page read and write
|
||
|
1D9AF46D000
|
heap
|
page read and write
|
||
|
24481C00000
|
heap
|
page read and write
|
||
|
28B93E48000
|
heap
|
page read and write
|
||
|
28B93E7C000
|
heap
|
page read and write
|
||
|
28B93E78000
|
heap
|
page read and write
|
||
|
A804D7F000
|
stack
|
page read and write
|
||
|
1B795C58000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
21831354000
|
heap
|
page read and write
|
||
|
4E4F000
|
heap
|
page read and write
|
||
|
21830A26000
|
heap
|
page read and write
|
||
|
28B93E6B000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
21251F70000
|
heap
|
page read and write
|
||
|
1D46704E000
|
heap
|
page read and write
|
||
|
1D467040000
|
heap
|
page read and write
|
||
|
28B93E82000
|
heap
|
page read and write
|
||
|
24481C13000
|
heap
|
page read and write
|
||
|
28B93BA0000
|
heap
|
page read and write
|
||
|
5BA1B7C000
|
stack
|
page read and write
|
||
|
93014FF000
|
stack
|
page read and write
|
||
|
1D46702E000
|
heap
|
page read and write
|
||
|
1B795C13000
|
heap
|
page read and write
|
||
|
28B93E73000
|
heap
|
page read and write
|
||
|
1B795C59000
|
heap
|
page read and write
|
||
|
28B93E40000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
21831300000
|
heap
|
page read and write
|
||
|
6D013000
|
unkown
|
page readonly
|
||
|
1D467002000
|
heap
|
page read and write
|
||
|
28B93E76000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
19F40637000
|
heap
|
page read and write
|
||
|
709B07B000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
930107E000
|
stack
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
1B795B80000
|
trusted library allocation
|
page read and write
|
||
|
28B93E60000
|
heap
|
page read and write
|
||
|
28B93E4B000
|
heap
|
page read and write
|
||
|
28B93E7A000
|
heap
|
page read and write
|
||
|
28B93C00000
|
heap
|
page read and write
|
||
|
1D9AFD13000
|
heap
|
page read and write
|
||
|
1EEBC7F000
|
stack
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
1D467029000
|
heap
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
1D466EC0000
|
heap
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
28B93E44000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
1B795D13000
|
heap
|
page read and write
|
||
|
28B93E47000
|
heap
|
page read and write
|
||
|
709B47B000
|
stack
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
1B795C3D000
|
heap
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
5BA16BC000
|
stack
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
21252029000
|
heap
|
page read and write
|
||
|
28B93E74000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
24481B60000
|
trusted library allocation
|
page read and write
|
||
|
21830A6C000
|
heap
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
1B795AD0000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
27AD000
|
heap
|
page read and write
|
||
|
28B93D00000
|
trusted library allocation
|
page read and write
|
||
|
21251FA0000
|
trusted library allocation
|
page read and write
|
||
|
21830A8F000
|
heap
|
page read and write
|
||
|
DBB3FF000
|
stack
|
page read and write
|
||
|
21251FD0000
|
remote allocation
|
page read and write
|
||
|
21831392000
|
heap
|
page read and write
|
||
|
1D9AF4C8000
|
heap
|
page read and write
|
||
|
9557E7E000
|
stack
|
page read and write
|
||
|
A804EFE000
|
stack
|
page read and write
|
||
|
1D46703C000
|
heap
|
page read and write
|
||
|
28B93E41000
|
heap
|
page read and write
|
||
|
9557D7C000
|
stack
|
page read and write
|
||
|
93013FE000
|
stack
|
page read and write
|
||
|
24481D13000
|
heap
|
page read and write
|
||
|
21830A13000
|
heap
|
page read and write
|
||
|
218313C9000
|
heap
|
page read and write
|
||
|
1B795BF0000
|
remote allocation
|
page read and write
|
||
|
19F40540000
|
heap
|
page read and write
|
||
|
21251F00000
|
heap
|
page read and write
|
||
|
19F40713000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
1D9AFD00000
|
heap
|
page read and write
|
||
|
5BA1BFC000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
28B93E5C000
|
heap
|
page read and write
|
||
|
28B93E49000
|
heap
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
19F40677000
|
heap
|
page read and write
|
||
|
1D466F10000
|
heap
|
page read and write
|
||
|
28B93E7D000
|
heap
|
page read and write
|
||
|
24481A60000
|
heap
|
page read and write
|
||
|
21831413000
|
heap
|
page read and write
|
||
|
24481C63000
|
heap
|
page read and write
|
||
|
24481A00000
|
heap
|
page read and write
|
||
|
21252102000
|
heap
|
page read and write
|
||
|
1B795B60000
|
trusted library allocation
|
page read and write
|
||
|
21252013000
|
heap
|
page read and write
|
||
|
21830A00000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
218308A0000
|
heap
|
page read and write
|
||
|
21830A91000
|
heap
|
page read and write
|
||
|
28B93E39000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
27AA000
|
heap
|
page read and write
|
||
|
19F40702000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
864000
|
heap
|
page read and write
|
||
|
1EEB97F000
|
stack
|
page read and write
|
||
|
28B93E42000
|
heap
|
page read and write
|
||
|
1B795C49000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
A804AFB000
|
stack
|
page read and write
|
||
|
1B795C49000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
1B795AC0000
|
heap
|
page read and write
|
||
|
1EEB77E000
|
stack
|
page read and write
|
||
|
812000
|
heap
|
page read and write
|
||
|
2125205C000
|
heap
|
page read and write
|
||
|
21830A43000
|
heap
|
page read and write
|
||
|
19F40640000
|
heap
|
page read and write
|
||
|
21830A73000
|
heap
|
page read and write
|
||
|
1B795D00000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
DBB8FC000
|
stack
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
19F40550000
|
heap
|
page read and write
|
||
|
24482402000
|
trusted library allocation
|
page read and write
|
||
|
21830A89000
|
heap
|
page read and write
|
||
|
19F405E0000
|
trusted library allocation
|
page read and write
|
||
|
28B94602000
|
trusted library allocation
|
page read and write
|
||
|
28B93E3C000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
28B93E79000
|
heap
|
page read and write
|
||
|
6B89000
|
direct allocation
|
page execute and read and write
|
||
|
21830A86000
|
heap
|
page read and write
|
||
|
1D9AFC02000
|
heap
|
page read and write
|
||
|
2183136F000
|
heap
|
page read and write
|
||
|
4536A7C000
|
stack
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
4E43000
|
heap
|
page read and write
|
||
|
A804F7F000
|
stack
|
page read and write
|
||
|
21830840000
|
heap
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
21830A58000
|
heap
|
page read and write
|
||
|
21830B8E000
|
heap
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
21830A29000
|
heap
|
page read and write
|
||
|
21831322000
|
heap
|
page read and write
|
||
|
1EEB87D000
|
stack
|
page read and write
|
||
|
1D4677B0000
|
trusted library allocation
|
page read and write
|
||
|
27AB000
|
heap
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
5BA1FFE000
|
stack
|
page read and write
|
||
|
24481C02000
|
heap
|
page read and write
|
||
|
28B93E31000
|
heap
|
page read and write
|
||
|
93010FE000
|
stack
|
page read and write
|
||
|
19F40675000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
218313D1000
|
heap
|
page read and write
|
||
|
4536BFC000
|
stack
|
page read and write
|
||
|
1D467102000
|
heap
|
page read and write
|
||
|
1B797670000
|
trusted library allocation
|
page read and write
|
||
|
1B795C7E000
|
heap
|
page read and write
|
||
|
28B93E30000
|
heap
|
page read and write
|
||
|
1EEBB7F000
|
stack
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
21831202000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
28B93E29000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
24481C40000
|
heap
|
page read and write
|
||
|
1D467056000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
DBB4FF000
|
stack
|
page read and write
|
||
|
1D9AF4B9000
|
heap
|
page read and write
|
There are 381 hidden memdumps, click here to show them.