Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QUOTATION.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Industrialization\Snoldets\Embrocates\Utaalmodiges.Taa169
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\hamotzi\System.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Alswith\Peroxidisement\Foresprges87\SolutionExplorerCLI.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Wept\libpkcs11-helper-1.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Wept\maintenanceservice2.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\Wept\percentile.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\hamotzi\Dampning.Dub
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\hamotzi\System.Security.Cryptography.X509Certificates.dll
|
PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Ghetto\hamotzi\libdatrie-1.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsc344B.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\QUOTATION.exe
|
C:\Users\user\Desktop\QUOTATION.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://aka.ms/dotnet-warnings/
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
https://mozilla.org0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.nero.com
|
unknown
|
||
|
https://github.com/dotnet/runtime
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\anarkisterne\Thanages
|
Festival
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2888000
|
heap
|
page read and write
|
|
|
|
53F7000
|
direct allocation
|
page execute and read and write
|
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
9D8D37C000
|
stack
|
page read and write
|
||
|
15A83D13000
|
heap
|
page read and write
|
||
|
1CBD0EC0000
|
heap
|
page read and write
|
||
|
194931A0000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
167BE24F000
|
heap
|
page read and write
|
||
|
28A0C254000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
89286CC000
|
stack
|
page read and write
|
||
|
E96AAFB000
|
stack
|
page read and write
|
||
|
1CBD1032000
|
heap
|
page read and write
|
||
|
21C91BE0000
|
trusted library allocation
|
page read and write
|
||
|
22279CF0000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
1FFEAA02000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
1FFEAA13000
|
heap
|
page read and write
|
||
|
6462C7F000
|
stack
|
page read and write
|
||
|
1CBD1055000
|
heap
|
page read and write
|
||
|
2A9FFE2A000
|
heap
|
page read and write
|
||
|
2227A602000
|
trusted library allocation
|
page read and write
|
||
|
335A677000
|
stack
|
page read and write
|
||
|
19491800000
|
heap
|
page read and write
|
||
|
167BEA02000
|
trusted library allocation
|
page read and write
|
||
|
21C92860000
|
trusted library allocation
|
page read and write
|
||
|
1CBD105C000
|
heap
|
page read and write
|
||
|
18DB4802000
|
heap
|
page read and write
|
||
|
1CBD106C000
|
heap
|
page read and write
|
||
|
22279F02000
|
heap
|
page read and write
|
||
|
28A0C22C000
|
heap
|
page read and write
|
||
|
19491864000
|
heap
|
page read and write
|
||
|
28A0C3B9000
|
heap
|
page read and write
|
||
|
21C928E0000
|
trusted library allocation
|
page read and write
|
||
|
1CBD103B000
|
heap
|
page read and write
|
||
|
1CBD1075000
|
heap
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
22279E40000
|
heap
|
page read and write
|
||
|
1FFEA800000
|
heap
|
page read and write
|
||
|
21C92870000
|
trusted library allocation
|
page read and write
|
||
|
717000
|
heap
|
page read and write
|
||
|
F1D207E000
|
stack
|
page read and write
|
||
|
194DFE00000
|
heap
|
page read and write
|
||
|
3D0187D000
|
stack
|
page read and write
|
||
|
18351413000
|
heap
|
page read and write
|
||
|
21C91E70000
|
heap
|
page read and write
|
||
|
167BE255000
|
heap
|
page read and write
|
||
|
28D06A25000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
28A0CC23000
|
heap
|
page read and write
|
||
|
183511B0000
|
heap
|
page read and write
|
||
|
167BE270000
|
heap
|
page read and write
|
||
|
28A0C130000
|
heap
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
6462A77000
|
stack
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
3D0177F000
|
stack
|
page read and write
|
||
|
21C91C78000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
1FFEAA29000
|
heap
|
page read and write
|
||
|
28A0CBBC000
|
heap
|
page read and write
|
||
|
28D06A36000
|
heap
|
page read and write
|
||
|
2E568FB000
|
stack
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
167BE308000
|
heap
|
page read and write
|
||
|
3D013FC000
|
stack
|
page read and write
|
||
|
167BE23C000
|
heap
|
page read and write
|
||
|
1CBD1035000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
28D07202000
|
trusted library allocation
|
page read and write
|
||
|
167BE302000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
1CBD105A000
|
heap
|
page read and write
|
||
|
F1D1F7F000
|
stack
|
page read and write
|
||
|
1835143C000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
1A543FC000
|
stack
|
page read and write
|
||
|
6A8E7F000
|
stack
|
page read and write
|
||
|
370D000
|
stack
|
page read and write
|
||
|
1CBD0EB0000
|
heap
|
page read and write
|
||
|
8928B7C000
|
stack
|
page read and write
|
||
|
1CBD0F20000
|
heap
|
page read and write
|
||
|
A423479000
|
stack
|
page read and write
|
||
|
1CBD1068000
|
heap
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
19491610000
|
heap
|
page read and write
|
||
|
18351455000
|
heap
|
page read and write
|
||
|
28A0C243000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
28A0C258000
|
heap
|
page read and write
|
||
|
22279E68000
|
heap
|
page read and write
|
||
|
18DB4882000
|
heap
|
page read and write
|
||
|
9D8D6FE000
|
stack
|
page read and write
|
||
|
6A947D000
|
stack
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
2A9FFE67000
|
heap
|
page read and write
|
||
|
1CBD1040000
|
heap
|
page read and write
|
||
|
28A0CA02000
|
heap
|
page read and write
|
||
|
28D06A51000
|
heap
|
page read and write
|
||
|
1CBD1058000
|
heap
|
page read and write
|
||
|
19491859000
|
heap
|
page read and write
|
||
|
167BE170000
|
heap
|
page read and write
|
||
|
15A84500000
|
heap
|
page read and write
|
||
|
18351508000
|
heap
|
page read and write
|
||
|
237E000
|
stack
|
page read and write
|
||
|
194DFE82000
|
heap
|
page read and write
|
||
|
28A0CC27000
|
heap
|
page read and write
|
||
|
194DFF08000
|
heap
|
page read and write
|
||
|
18351480000
|
heap
|
page read and write
|
||
|
28D06A3C000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2A9FFE76000
|
heap
|
page read and write
|
||
|
22279D00000
|
heap
|
page read and write
|
||
|
194931E0000
|
remote allocation
|
page read and write
|
||
|
8928BFE000
|
stack
|
page read and write
|
||
|
18DB4900000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
28A0C3E5000
|
heap
|
page read and write
|
||
|
18351400000
|
heap
|
page read and write
|
||
|
28A0C140000
|
heap
|
page read and write
|
||
|
18351A02000
|
trusted library allocation
|
page read and write
|
||
|
335A6FF000
|
stack
|
page read and write
|
||
|
3D0137F000
|
stack
|
page read and write
|
||
|
194DFE3C000
|
heap
|
page read and write
|
||
|
28A0C1A0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
28D068F0000
|
heap
|
page read and write
|
||
|
1CBD1802000
|
trusted library allocation
|
page read and write
|
||
|
2A9FFE70000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
1A53F9B000
|
stack
|
page read and write
|
||
|
194E03A0000
|
trusted library allocation
|
page read and write
|
||
|
28D06A2E000
|
heap
|
page read and write
|
||
|
335A57B000
|
stack
|
page read and write
|
||
|
28D06A02000
|
heap
|
page read and write
|
||
|
9D8D4FA000
|
stack
|
page read and write
|
||
|
A42357E000
|
stack
|
page read and write
|
||
|
167BE1D0000
|
heap
|
page read and write
|
||
|
F1D1D7F000
|
stack
|
page read and write
|
||
|
18351220000
|
heap
|
page read and write
|
||
|
19491802000
|
heap
|
page read and write
|
||
|
28D06B02000
|
heap
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
28A0CB00000
|
heap
|
page read and write
|
||
|
28A0CB43000
|
heap
|
page read and write
|
||
|
1CBD1056000
|
heap
|
page read and write
|
||
|
28A0C23C000
|
heap
|
page read and write
|
||
|
6A917C000
|
stack
|
page read and write
|
||
|
1FFEAF90000
|
remote allocation
|
page read and write
|
||
|
28D06950000
|
heap
|
page read and write
|
||
|
19491670000
|
heap
|
page read and write
|
||
|
288A000
|
heap
|
page read and write
|
||
|
18351402000
|
heap
|
page read and write
|
||
|
1A542FE000
|
stack
|
page read and write
|
||
|
8928F7D000
|
stack
|
page read and write
|
||
|
183513F0000
|
trusted library allocation
|
page read and write
|
||
|
28A0C229000
|
heap
|
page read and write
|
||
|
28A0C930000
|
trusted library allocation
|
page read and write
|
||
|
1949186F000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
89290FE000
|
stack
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
21C91E79000
|
heap
|
page read and write
|
||
|
64627FB000
|
stack
|
page read and write
|
||
|
28A0CC02000
|
heap
|
page read and write
|
||
|
10134EC000
|
stack
|
page read and write
|
||
|
1A5447F000
|
stack
|
page read and write
|
||
|
15A83C13000
|
heap
|
page read and write
|
||
|
64623FB000
|
stack
|
page read and write
|
||
|
22279E64000
|
heap
|
page read and write
|
||
|
762000
|
heap
|
page read and write
|
||
|
18DB4826000
|
heap
|
page read and write
|
||
|
15A83D02000
|
heap
|
page read and write
|
||
|
18351452000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
21C92B50000
|
trusted library allocation
|
page read and write
|
||
|
73515000
|
unkown
|
page readonly
|
||
|
21C91BD0000
|
heap
|
page read and write
|
||
|
F1D187B000
|
stack
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
21C91CB4000
|
heap
|
page read and write
|
||
|
2E5707C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21C91CC4000
|
heap
|
page read and write
|
||
|
28A0C213000
|
heap
|
page read and write
|
||
|
2E56F77000
|
stack
|
page read and write
|
||
|
28A0C28F000
|
heap
|
page read and write
|
||
|
6A8F7F000
|
stack
|
page read and write
|
||
|
21C91CC5000
|
heap
|
page read and write
|
||
|
2A9FFF13000
|
heap
|
page read and write
|
||
|
1835144B000
|
heap
|
page read and write
|
||
|
21C91E40000
|
heap
|
page read and write
|
||
|
28A0C38E000
|
heap
|
page read and write
|
||
|
1CBD1025000
|
heap
|
page read and write
|
||
|
18DB45B0000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
2A9FFE5B000
|
heap
|
page read and write
|
||
|
A42337C000
|
stack
|
page read and write
|
||
|
15A83C3E000
|
heap
|
page read and write
|
||
|
15A83C23000
|
heap
|
page read and write
|
||
|
1FFEAA40000
|
heap
|
page read and write
|
||
|
167BE27D000
|
heap
|
page read and write
|
||
|
1FFEAA5C000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
18DB4913000
|
heap
|
page read and write
|
||
|
8928E7E000
|
stack
|
page read and write
|
||
|
2A9FFE02000
|
heap
|
page read and write
|
||
|
15A83CE0000
|
heap
|
page read and write
|
||
|
18DB484D000
|
heap
|
page read and write
|
||
|
9D8D27E000
|
stack
|
page read and write
|
||
|
1CBD1029000
|
heap
|
page read and write
|
||
|
1949182A000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
18DB487E000
|
heap
|
page read and write
|
||
|
18DB4620000
|
heap
|
page read and write
|
||
|
18DB47F0000
|
trusted library allocation
|
page read and write
|
||
|
45A987E000
|
stack
|
page read and write
|
||
|
2A9FFC90000
|
heap
|
page read and write
|
||
|
167BE300000
|
heap
|
page read and write
|
||
|
45A93FC000
|
stack
|
page read and write
|
||
|
15A83C85000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
22279E7B000
|
heap
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
1835144E000
|
heap
|
page read and write
|
||
|
28A0CC13000
|
heap
|
page read and write
|
||
|
1CBD107A000
|
heap
|
page read and write
|
||
|
E96A9FB000
|
stack
|
page read and write
|
||
|
19491858000
|
heap
|
page read and write
|
||
|
18DB4883000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
28A0CB54000
|
heap
|
page read and write
|
||
|
15A839F0000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
6A8CFC000
|
stack
|
page read and write
|
||
|
18351502000
|
heap
|
page read and write
|
||
|
3D0197F000
|
stack
|
page read and write
|
||
|
28A0C1D0000
|
trusted library allocation
|
page read and write
|
||
|
21C92BA0000
|
trusted library allocation
|
page read and write
|
||
|
6A927C000
|
stack
|
page read and write
|
||
|
2E56D7F000
|
stack
|
page read and write
|
||
|
F1D217E000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
1CBD104D000
|
heap
|
page read and write
|
||
|
22FF000
|
stack
|
page read and write
|
||
|
21C91CC4000
|
heap
|
page read and write
|
||
|
18DB45C0000
|
heap
|
page read and write
|
||
|
18DB4829000
|
heap
|
page read and write
|
||
|
194DFF00000
|
heap
|
page read and write
|
||
|
28A0C243000
|
heap
|
page read and write
|
||
|
167BE27E000
|
heap
|
page read and write
|
||
|
18351500000
|
heap
|
page read and write
|
||
|
1CBD1057000
|
heap
|
page read and write
|
||
|
335A8FE000
|
stack
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
21C91CBB000
|
heap
|
page read and write
|
||
|
247F000
|
stack
|
page read and write
|
||
|
9D8D5FF000
|
stack
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
194DFE77000
|
heap
|
page read and write
|
||
|
19491849000
|
heap
|
page read and write
|
||
|
15A83CC3000
|
heap
|
page read and write
|
||
|
28D06A58000
|
heap
|
page read and write
|
||
|
18DB4857000
|
heap
|
page read and write
|
||
|
28D06A4E000
|
heap
|
page read and write
|
||
|
28A0CB90000
|
heap
|
page read and write
|
||
|
2E56E7B000
|
stack
|
page read and write
|
||
|
194DFE51000
|
heap
|
page read and write
|
||
|
9D8CD1C000
|
stack
|
page read and write
|
||
|
A42327E000
|
stack
|
page read and write
|
||
|
19491813000
|
heap
|
page read and write
|
||
|
194DFF13000
|
heap
|
page read and write
|
||
|
1CBD1013000
|
heap
|
page read and write
|
||
|
194DFF02000
|
heap
|
page read and write
|
||
|
22279F00000
|
heap
|
page read and write
|
||
|
335A2FE000
|
stack
|
page read and write
|
||
|
28A0C313000
|
heap
|
page read and write
|
||
|
646267F000
|
stack
|
page read and write
|
||
|
1CBD1083000
|
heap
|
page read and write
|
||
|
21C91C70000
|
heap
|
page read and write
|
||
|
101397E000
|
stack
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
2A980602000
|
trusted library allocation
|
page read and write
|
||
|
15A8453B000
|
heap
|
page read and write
|
||
|
1FFEAF90000
|
remote allocation
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
45A97F9000
|
stack
|
page read and write
|
||
|
167BE160000
|
heap
|
page read and write
|
||
|
1CBD106D000
|
heap
|
page read and write
|
||
|
73510000
|
unkown
|
page readonly
|
||
|
21C91CB4000
|
heap
|
page read and write
|
||
|
73513000
|
unkown
|
page readonly
|
||
|
18DB4850000
|
heap
|
page read and write
|
||
|
3D0127F000
|
stack
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
1CBD103D000
|
heap
|
page read and write
|
||
|
2A9FFE13000
|
heap
|
page read and write
|
||
|
F1D1E7E000
|
stack
|
page read and write
|
||
|
45A99F9000
|
stack
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page read and write
|
||
|
28A0CB02000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
28A0CB22000
|
heap
|
page read and write
|
||
|
64626FD000
|
stack
|
page read and write
|
||
|
1A5487D000
|
stack
|
page read and write
|
||
|
19491849000
|
heap
|
page read and write
|
||
|
15A83B50000
|
trusted library allocation
|
page read and write
|
||
|
2E569FE000
|
stack
|
page read and write
|
||
|
3D014FD000
|
stack
|
page read and write
|
||
|
19491900000
|
heap
|
page read and write
|
||
|
18DB4813000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
1CBD1074000
|
heap
|
page read and write
|
||
|
167BE313000
|
heap
|
page read and write
|
||
|
2A9FFE69000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
22279E55000
|
heap
|
page read and write
|
||
|
19491902000
|
heap
|
page read and write
|
||
|
18DB4E02000
|
trusted library allocation
|
page read and write
|
||
|
15A839E0000
|
heap
|
page read and write
|
||
|
1949185E000
|
heap
|
page read and write
|
||
|
28A0C28B000
|
heap
|
page read and write
|
||
|
194DFE29000
|
heap
|
page read and write
|
||
|
9D8D3F9000
|
stack
|
page read and write
|
||
|
9D8D77F000
|
stack
|
page read and write
|
||
|
1FFEA7A0000
|
heap
|
page read and write
|
||
|
10135EE000
|
stack
|
page read and write
|
||
|
167BE213000
|
heap
|
page read and write
|
||
|
1CBD1077000
|
heap
|
page read and write
|
||
|
28D06A00000
|
heap
|
page read and write
|
||
|
28A0CB13000
|
heap
|
page read and write
|
||
|
288C000
|
heap
|
page read and write
|
||
|
1FFEAA00000
|
heap
|
page read and write
|
||
|
E96ACFE000
|
stack
|
page read and write
|
||
|
19491790000
|
trusted library allocation
|
page read and write
|
||
|
28A0CB6D000
|
heap
|
page read and write
|
||
|
19491848000
|
heap
|
page read and write
|
||
|
21C92B40000
|
trusted library allocation
|
page read and write
|
||
|
19493202000
|
trusted library allocation
|
page read and write
|
||
|
22279E13000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
21C91E80000
|
trusted library allocation
|
page read and write
|
||
|
1CBD1065000
|
heap
|
page read and write
|
||
|
1835144F000
|
heap
|
page read and write
|
||
|
45A9779000
|
stack
|
page read and write
|
||
|
18DB4902000
|
heap
|
page read and write
|
||
|
2336000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
19491600000
|
heap
|
page read and write
|
||
|
2A9FFE41000
|
heap
|
page read and write
|
||
|
21C91CBB000
|
heap
|
page read and write
|
||
|
4AEF000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
F1D167B000
|
stack
|
page read and write
|
||
|
1CBD1102000
|
heap
|
page read and write
|
||
|
67F7000
|
direct allocation
|
page execute and read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
194E0402000
|
trusted library allocation
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
28D06980000
|
trusted library allocation
|
page read and write
|
||
|
21C91CB4000
|
heap
|
page read and write
|
||
|
380B000
|
stack
|
page read and write
|
||
|
1A5457B000
|
stack
|
page read and write
|
||
|
28A0C276000
|
heap
|
page read and write
|
||
|
1949183D000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
3D00CFC000
|
stack
|
page read and write
|
||
|
45A997C000
|
stack
|
page read and write
|
||
|
3D0157B000
|
stack
|
page read and write
|
||
|
73511000
|
unkown
|
page execute read
|
||
|
2A980490000
|
trusted library allocation
|
page read and write
|
||
|
194DFBD0000
|
heap
|
page read and write
|
||
|
22279E00000
|
heap
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
2A9FFE79000
|
heap
|
page read and write
|
||
|
15A83A50000
|
heap
|
page read and write
|
||
|
28D06A54000
|
heap
|
page read and write
|
||
|
28A0C26D000
|
heap
|
page read and write
|
||
|
194DFE57000
|
heap
|
page read and write
|
||
|
22279D60000
|
heap
|
page read and write
|
||
|
183511C0000
|
heap
|
page read and write
|
||
|
167BE930000
|
trusted library allocation
|
page read and write
|
||
|
167BE229000
|
heap
|
page read and write
|
||
|
21FE000
|
stack
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
28D06A29000
|
heap
|
page read and write
|
||
|
21C92B30000
|
heap
|
page readonly
|
||
|
4AEF000
|
heap
|
page read and write
|
||
|
15A84402000
|
heap
|
page read and write
|
||
|
2A9FFE00000
|
heap
|
page read and write
|
||
|
24D4000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
335A27C000
|
stack
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
E96A48C000
|
stack
|
page read and write
|
||
|
1835146F000
|
heap
|
page read and write
|
||
|
28A0C271000
|
heap
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
15A83C00000
|
heap
|
page read and write
|
||
|
E96ABFE000
|
stack
|
page read and write
|
||
|
19491825000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
21C928D0000
|
trusted library allocation
|
page read and write
|
||
|
21C92B20000
|
trusted library allocation
|
page read and write
|
||
|
1FFEA9D0000
|
trusted library allocation
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
2A9FFE66000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
18351429000
|
heap
|
page read and write
|
||
|
28A0CC00000
|
heap
|
page read and write
|
||
|
2A9FFF02000
|
heap
|
page read and write
|
||
|
22279E02000
|
heap
|
page read and write
|
||
|
167BE200000
|
heap
|
page read and write
|
||
|
28A0CC30000
|
heap
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
1CBD105D000
|
heap
|
page read and write
|
||
|
2A980000000
|
heap
|
page read and write
|
||
|
1835148B000
|
heap
|
page read and write
|
||
|
2500000
|
heap
|
page read and write
|
||
|
646287F000
|
stack
|
page read and write
|
||
|
1FFEAB02000
|
heap
|
page read and write
|
||
|
28A0C267000
|
heap
|
page read and write
|
||
|
194917C0000
|
trusted library allocation
|
page read and write
|
||
|
19491918000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
F1D1C7D000
|
stack
|
page read and write
|
||
|
1CBD1042000
|
heap
|
page read and write
|
||
|
1A54677000
|
stack
|
page read and write
|
||
|
21C91CB7000
|
heap
|
page read and write
|
||
|
194DFC40000
|
heap
|
page read and write
|
||
|
18DB4800000
|
heap
|
page read and write
|
||
|
18DB4890000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
6462B7F000
|
stack
|
page read and write
|
||
|
3D0167E000
|
stack
|
page read and write
|
||
|
1CBD106F000
|
heap
|
page read and write
|
||
|
194931E0000
|
remote allocation
|
page read and write
|
||
|
1CBD1047000
|
heap
|
page read and write
|
||
|
22279E28000
|
heap
|
page read and write
|
||
|
19491859000
|
heap
|
page read and write
|
||
|
22279F13000
|
heap
|
page read and write
|
||
|
335A37F000
|
stack
|
page read and write
|
||
|
1A5477E000
|
stack
|
page read and write
|
||
|
15A83CB9000
|
heap
|
page read and write
|
||
|
28A0C200000
|
heap
|
page read and write
|
||
|
194931E0000
|
remote allocation
|
page read and write
|
||
|
15A84512000
|
heap
|
page read and write
|
||
|
1013A7E000
|
stack
|
page read and write
|
||
|
21C91C80000
|
heap
|
page read and write
|
||
|
18DB4908000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
A42307B000
|
stack
|
page read and write
|
||
|
1CBD1680000
|
trusted library allocation
|
page read and write
|
||
|
18DB4871000
|
heap
|
page read and write
|
||
|
28A0C287000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
1013B7E000
|
stack
|
page read and write
|
||
|
6A88BB000
|
stack
|
page read and write
|
||
|
9D8D7FF000
|
stack
|
page read and write
|
||
|
288B000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
19491913000
|
heap
|
page read and write
|
||
|
194DFE71000
|
heap
|
page read and write
|
||
|
167BE249000
|
heap
|
page read and write
|
||
|
A42367F000
|
stack
|
page read and write
|
||
|
1CBD107E000
|
heap
|
page read and write
|
||
|
194DFE13000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
1FFEA790000
|
heap
|
page read and write
|
||
|
194DFBE0000
|
heap
|
page read and write
|
||
|
28A0CB08000
|
heap
|
page read and write
|
||
|
21C91E75000
|
heap
|
page read and write
|
||
|
101356E000
|
stack
|
page read and write
|
||
|
1CBD1061000
|
heap
|
page read and write
|
||
|
28A0CBAE000
|
heap
|
page read and write
|
||
|
15A83CBE000
|
heap
|
page read and write
|
||
|
18351513000
|
heap
|
page read and write
|
||
|
2E5717F000
|
stack
|
page read and write
|
||
|
F1D1A7D000
|
stack
|
page read and write
|
||
|
1013C7E000
|
stack
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
2A9FFE74000
|
heap
|
page read and write
|
||
|
1FFEB002000
|
trusted library allocation
|
page read and write
|
||
|
21C91C40000
|
heap
|
page read and write
|
||
|
21C91CBB000
|
heap
|
page read and write
|
||
|
335A47C000
|
stack
|
page read and write
|
||
|
28D06900000
|
heap
|
page read and write
|
||
|
28A0CB22000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
6A907F000
|
stack
|
page read and write
|
||
|
167BE288000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
18DB4852000
|
heap
|
page read and write
|
||
|
18DB483C000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
1CBD105E000
|
heap
|
page read and write
|
||
|
4AE9000
|
heap
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
5DF7000
|
direct allocation
|
page execute and read and write
|
||
|
2E5697E000
|
stack
|
page read and write
|
||
|
3D010FC000
|
stack
|
page read and write
|
||
|
9D8D17B000
|
stack
|
page read and write
|
||
|
19491770000
|
trusted library allocation
|
page read and write
|
||
|
F1D197D000
|
stack
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
1CBD1079000
|
heap
|
page read and write
|
||
|
15A83C6C000
|
heap
|
page read and write
|
||
|
1CBD1063000
|
heap
|
page read and write
|
||
|
28D06A45000
|
heap
|
page read and write
|
||
|
1FFEAF90000
|
remote allocation
|
page read and write
|
||
|
288B000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
15A83CCA000
|
heap
|
page read and write
|
||
|
28D06A13000
|
heap
|
page read and write
|
||
|
28A0C28F000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
8928DFD000
|
stack
|
page read and write
|
||
|
2A9FFD00000
|
heap
|
page read and write
|
||
|
22279D90000
|
trusted library allocation
|
page read and write
|
||
|
1CBD107B000
|
heap
|
page read and write
|
||
|
646297B000
|
stack
|
page read and write
|
||
|
335A7FF000
|
stack
|
page read and write
|
||
|
15A83C29000
|
heap
|
page read and write
|
||
|
1A5427E000
|
stack
|
page read and write
|
||
|
1CBD1000000
|
heap
|
page read and write
|
||
|
194DFE26000
|
heap
|
page read and write
|
There are 530 hidden memdumps, click here to show them.