Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
pJC8LFnyet.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\pJC8LFnyet.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\pJC8LFnyet.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\Desktop\pJC8LFnyet.exex (copy)
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\pJC8LFnyet.exe
|
"C:\Users\user\Desktop\pJC8LFnyet.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c echo on error resume next:CreateObject("WScript.Shell").Run "C:\Users\user\Desktop\pJC8LFnyet.exe",1:
>"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
/c net stop MpsSvc
|
|
|
|
C:\Users\user\Desktop\pJC8LFnyet.exe
|
C:\Users\user\Desktop\pJC8LFnyet.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\Desktop\pJC8LFnyet.exe" "pJC8LFnyet.exe" ENABLE
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs"
|
|
|
|
C:\Users\user\Desktop\pJC8LFnyet.exe
|
"C:\Users\user\Desktop\pJC8LFnyet.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c echo on error resume next:CreateObject("WScript.Shell").Run "C:\Users\user\Desktop\pJC8LFnyet.exe",1:
>"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
/c net stop MpsSvc
|
|
|
|
C:\Users\user\Desktop\pJC8LFnyet.exe
|
C:\Users\user\Desktop\pJC8LFnyet.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\net.exe
|
net stop MpsSvc
|
||
|
C:\Windows\SysWOW64\net1.exe
|
C:\Windows\system32\net1 stop MpsSvc
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\net.exe
|
net stop MpsSvc
|
||
|
C:\Windows\SysWOW64\net1.exe
|
C:\Windows\system32\net1 stop MpsSvc
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
asero23.ddns.net:5552
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
asero23.ddns.net
|
178.128.228.252
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
178.128.228.252
|
asero23.ddns.net
|
Netherlands
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\863290bfb622fdfe0ad4e1b97536ae62
|
[kl]
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
40E000
|
remote allocation
|
page execute and read and write
|
|
|
|
2280000
|
direct allocation
|
page execute and read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2BF1000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
unkown
|
page execute and read and write
|
|
|
|
680000
|
direct allocation
|
page execute and read and write
|
|
|
|
402000
|
unkown
|
page execute and read and write
|
|
|
|
40E000
|
remote allocation
|
page execute and read and write
|
|
|
|
40E000
|
unkown
|
page execute and read and write
|
|
|
|
40E000
|
unkown
|
page execute and read and write
|
|
|
|
DB2000
|
trusted library allocation
|
page read and write
|
||
|
2765B6DE000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
457000
|
unkown
|
page write copy
|
||
|
4D8E000
|
stack
|
page read and write
|
||
|
B3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
10F2000
|
trusted library allocation
|
page read and write
|
||
|
455000
|
unkown
|
page execute and read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
3111000
|
heap
|
page read and write
|
||
|
21B0000
|
trusted library allocation
|
page read and write
|
||
|
4EE9000
|
stack
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
3C44000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
C87000
|
heap
|
page read and write
|
||
|
C89000
|
heap
|
page read and write
|
||
|
F0AACFE000
|
stack
|
page read and write
|
||
|
DB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3164000
|
heap
|
page read and write
|
||
|
3195000
|
heap
|
page read and write
|
||
|
2250000
|
direct allocation
|
page execute and read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
456000
|
unkown
|
page execute and write copy
|
||
|
286F000
|
stack
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
317F000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
3139000
|
heap
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
553E000
|
heap
|
page read and write
|
||
|
C28000
|
heap
|
page read and write
|
||
|
88F000
|
stack
|
page read and write
|
||
|
59DF000
|
heap
|
page read and write
|
||
|
10D5000
|
trusted library allocation
|
page read and write
|
||
|
3146000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
443000
|
unkown
|
page execute and write copy
|
||
|
21B0000
|
trusted library allocation
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
55AC000
|
stack
|
page read and write
|
||
|
3139000
|
heap
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
2765D640000
|
heap
|
page read and write
|
||
|
313F000
|
heap
|
page read and write
|
||
|
319B000
|
heap
|
page read and write
|
||
|
456000
|
unkown
|
page execute and write copy
|
||
|
BB8000
|
heap
|
page read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
31E3000
|
heap
|
page read and write
|
||
|
2765B664000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
314A000
|
heap
|
page read and write
|
||
|
22A1000
|
heap
|
page read and write
|
||
|
5991000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page execute and read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
59B2000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
59A6000
|
heap
|
page read and write
|
||
|
3146000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
2765B661000
|
heap
|
page read and write
|
||
|
59C7000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
855000
|
heap
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
C9F000
|
heap
|
page read and write
|
||
|
3149000
|
heap
|
page read and write
|
||
|
318F000
|
heap
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
318F000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
50AF000
|
stack
|
page read and write
|
||
|
2765B709000
|
heap
|
page read and write
|
||
|
C83000
|
heap
|
page read and write
|
||
|
F0AADFB000
|
stack
|
page read and write
|
||
|
59A4000
|
heap
|
page read and write
|
||
|
2765B5C0000
|
heap
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
59C7000
|
heap
|
page read and write
|
||
|
27660310000
|
heap
|
page read and write
|
||
|
27FF000
|
stack
|
page read and write
|
||
|
B77000
|
trusted library allocation
|
page execute and read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
24AD000
|
stack
|
page read and write
|
||
|
5532000
|
heap
|
page read and write
|
||
|
2765B6DB000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
5531000
|
heap
|
page read and write
|
||
|
313A000
|
heap
|
page read and write
|
||
|
4EAC000
|
stack
|
page read and write
|
||
|
318E000
|
heap
|
page read and write
|
||
|
3128000
|
heap
|
page read and write
|
||
|
181000
|
stack
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
3136000
|
heap
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
3164000
|
heap
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
317F000
|
heap
|
page read and write
|
||
|
B2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
B9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
599F000
|
heap
|
page read and write
|
||
|
3195000
|
heap
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
59B2000
|
heap
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
313C000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
31E8000
|
heap
|
page read and write
|
||
|
2765B709000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
3186000
|
heap
|
page read and write
|
||
|
5542000
|
heap
|
page read and write
|
||
|
2C44000
|
trusted library allocation
|
page read and write
|
||
|
4BF8000
|
trusted library allocation
|
page read and write
|
||
|
5533000
|
heap
|
page read and write
|
||
|
3565000
|
heap
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
443000
|
unkown
|
page execute and write copy
|
||
|
4DE0000
|
heap
|
page read and write
|
||
|
22A1000
|
heap
|
page read and write
|
||
|
CA2000
|
heap
|
page read and write
|
||
|
C87000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
31E5000
|
heap
|
page read and write
|
||
|
457000
|
unkown
|
page write copy
|
||
|
318A000
|
heap
|
page read and write
|
||
|
2765B65F000
|
heap
|
page read and write
|
||
|
3186000
|
heap
|
page read and write
|
||
|
F0AA8FF000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
BCE000
|
unkown
|
page read and write
|
||
|
2BEF000
|
stack
|
page read and write
|
||
|
59C3000
|
heap
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
C9F000
|
heap
|
page read and write
|
||
|
31C1000
|
heap
|
page read and write
|
||
|
2765B660000
|
heap
|
page read and write
|
||
|
EF4000
|
stack
|
page read and write
|
||
|
2765B6A8000
|
heap
|
page read and write
|
||
|
2765B8FE000
|
heap
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
59A4000
|
heap
|
page read and write
|
||
|
2765B810000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
2765B6D8000
|
heap
|
page read and write
|
||
|
317E000
|
heap
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
2F2D000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
F0AAFFE000
|
stack
|
page read and write
|
||
|
34EF000
|
stack
|
page read and write
|
||
|
318A000
|
heap
|
page read and write
|
||
|
C87000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
4CA000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
319D000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
B62000
|
trusted library allocation
|
page execute and read and write
|
||
|
F9F000
|
stack
|
page read and write
|
||
|
5542000
|
heap
|
page read and write
|
||
|
59C3000
|
heap
|
page read and write
|
||
|
2765B65E000
|
heap
|
page read and write
|
||
|
457000
|
unkown
|
page write copy
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
314A000
|
heap
|
page read and write
|
||
|
B10000
|
trusted library allocation
|
page read and write
|
||
|
C6B000
|
heap
|
page read and write
|
||
|
BE7000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
3144000
|
heap
|
page read and write
|
||
|
F0AA5FD000
|
stack
|
page read and write
|
||
|
457000
|
unkown
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
B97000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
2765B5B0000
|
heap
|
page read and write
|
||
|
346E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
10E6000
|
trusted library allocation
|
page read and write
|
||
|
109F000
|
stack
|
page read and write
|
||
|
2765B646000
|
heap
|
page read and write
|
||
|
EFB000
|
stack
|
page read and write
|
||
|
C9F000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
CA7000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
22A1000
|
heap
|
page read and write
|
||
|
3104000
|
heap
|
page read and write
|
||
|
318A000
|
heap
|
page read and write
|
||
|
4D1000
|
heap
|
page read and write
|
||
|
56AB000
|
stack
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
2765B676000
|
heap
|
page read and write
|
||
|
315D000
|
heap
|
page read and write
|
||
|
59A5000
|
heap
|
page read and write
|
||
|
2765B63F000
|
heap
|
page read and write
|
||
|
B36000
|
trusted library allocation
|
page execute and read and write
|
||
|
31E3000
|
heap
|
page read and write
|
||
|
5543000
|
heap
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
C84000
|
heap
|
page read and write
|
||
|
319A000
|
heap
|
page read and write
|
||
|
2765B610000
|
heap
|
page read and write
|
||
|
B72000
|
trusted library allocation
|
page execute and read and write
|
||
|
54BF000
|
stack
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
2750000
|
trusted library allocation
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
317E000
|
heap
|
page read and write
|
||
|
5542000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
3135000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
312A000
|
heap
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
3196000
|
heap
|
page read and write
|
||
|
3111000
|
heap
|
page read and write
|
||
|
3146000
|
heap
|
page read and write
|
||
|
4F50000
|
unclassified section
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
F0AA1DA000
|
stack
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
519F000
|
stack
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
F0AA7FF000
|
stack
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
2765B64A000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
2765B6C8000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
2540000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
3192000
|
heap
|
page read and write
|
||
|
2765B68F000
|
heap
|
page read and write
|
||
|
5996000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page execute and read and write
|
||
|
C99000
|
heap
|
page read and write
|
||
|
2765B8F0000
|
heap
|
page read and write
|
||
|
313A000
|
heap
|
page read and write
|
||
|
554B000
|
heap
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
59DE000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
F0AAAFF000
|
stack
|
page read and write
|
||
|
318C000
|
heap
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
BAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
5993000
|
heap
|
page read and write
|
||
|
3188000
|
heap
|
page read and write
|
||
|
3199000
|
heap
|
page read and write
|
||
|
E4C000
|
stack
|
page read and write
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
B82000
|
trusted library allocation
|
page execute and read and write
|
||
|
C55000
|
heap
|
page read and write
|
||
|
4EEF000
|
stack
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
443000
|
unkown
|
page execute and write copy
|
||
|
E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
5542000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
59A1000
|
heap
|
page read and write
|
||
|
B7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
33BF000
|
unkown
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
2765B646000
|
heap
|
page read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
4ED000
|
stack
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
BA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
3338000
|
heap
|
page read and write
|
||
|
319D000
|
heap
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
1BD000
|
stack
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
3193000
|
heap
|
page read and write
|
||
|
181000
|
stack
|
page read and write
|
||
|
59AD000
|
heap
|
page read and write
|
||
|
3196000
|
heap
|
page read and write
|
||
|
2750000
|
trusted library allocation
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
3192000
|
heap
|
page read and write
|
||
|
59B7000
|
heap
|
page read and write
|
||
|
35B6000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3199000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
F0AABFD000
|
stack
|
page read and write
|
||
|
2545000
|
heap
|
page read and write
|
||
|
2765B68F000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
B32000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
5546000
|
heap
|
page read and write
|
||
|
455000
|
unkown
|
page execute and read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
3149000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
3192000
|
heap
|
page read and write
|
||
|
2765B709000
|
heap
|
page read and write
|
||
|
59AB000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
C91000
|
heap
|
page read and write
|
||
|
3195000
|
heap
|
page read and write
|
||
|
3199000
|
heap
|
page read and write
|
||
|
318A000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
C92000
|
heap
|
page read and write
|
||
|
554E000
|
heap
|
page read and write
|
||
|
2765B6D7000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
2568000
|
heap
|
page read and write
|
||
|
27660313000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
313D000
|
heap
|
page read and write
|
||
|
554B000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
4D3F000
|
stack
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
2765B666000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
DBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
317E000
|
heap
|
page read and write
|
||
|
B7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
554C000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
318C000
|
heap
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
CAE000
|
heap
|
page read and write
|
||
|
3138000
|
heap
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
3149000
|
heap
|
page read and write
|
||
|
599D000
|
heap
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
C3D000
|
heap
|
page read and write
|
||
|
59A9000
|
heap
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
315B000
|
heap
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
553A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
B1B000
|
stack
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
319B000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
3183000
|
heap
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
2765B5E0000
|
heap
|
page read and write
|
||
|
2B6F000
|
stack
|
page read and write
|
||
|
5542000
|
heap
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
315D000
|
heap
|
page read and write
|
||
|
B22000
|
trusted library allocation
|
page execute and read and write
|
||
|
C7E000
|
heap
|
page read and write
|
||
|
310F000
|
stack
|
page read and write
|
||
|
2765B6ED000
|
heap
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
B64000
|
trusted library allocation
|
page read and write
|
||
|
2765B638000
|
heap
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
4E2C000
|
stack
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
315B000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
3135000
|
heap
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
direct allocation
|
page execute and read and write
|
||
|
457000
|
unkown
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
318C000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page execute and read and write
|
||
|
315F000
|
heap
|
page read and write
|
||
|
2765B6ED000
|
heap
|
page read and write
|
||
|
3139000
|
heap
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
3183000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
2765B64C000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
2765B639000
|
heap
|
page read and write
|
||
|
3135000
|
heap
|
page read and write
|
||
|
3199000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2EBD000
|
stack
|
page read and write
|
||
|
2765B676000
|
heap
|
page read and write
|
||
|
3184000
|
heap
|
page read and write
|
||
|
59D1000
|
heap
|
page read and write
|
||
|
554D000
|
heap
|
page read and write
|
||
|
3192000
|
heap
|
page read and write
|
||
|
319D000
|
heap
|
page read and write
|
||
|
2765B6DA000
|
heap
|
page read and write
|
||
|
C9F000
|
heap
|
page read and write
|
||
|
40E000
|
unkown
|
page execute and read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
318F000
|
heap
|
page read and write
|
||
|
5511000
|
heap
|
page read and write
|
||
|
457000
|
unkown
|
page write copy
|
||
|
3139000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
31E8000
|
heap
|
page read and write
|
||
|
C84000
|
heap
|
page read and write
|
||
|
3BF1000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
59A5000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
443000
|
unkown
|
page execute and write copy
|
||
|
3189000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
2928000
|
heap
|
page read and write
|
||
|
4E6A000
|
stack
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
2C41000
|
trusted library allocation
|
page read and write
|
||
|
2765B709000
|
heap
|
page read and write
|
||
|
5993000
|
heap
|
page read and write
|
||
|
313F000
|
heap
|
page read and write
|
||
|
317E000
|
heap
|
page read and write
|
||
|
313E000
|
heap
|
page read and write
|
||
|
59B7000
|
heap
|
page read and write
|
||
|
40E000
|
unkown
|
page execute and read and write
|
||
|
5543000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
59DF000
|
heap
|
page read and write
|
||
|
4DE3000
|
heap
|
page read and write
|
||
|
599D000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
F0AA4FE000
|
stack
|
page read and write
|
||
|
3111000
|
heap
|
page read and write
|
||
|
3198000
|
heap
|
page read and write
|
||
|
698000
|
heap
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
98F000
|
stack
|
page read and write
|
||
|
F0AA9F6000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
C98000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
2765B63E000
|
heap
|
page read and write
|
||
|
318D000
|
heap
|
page read and write
|
||
|
2765B621000
|
heap
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
318C000
|
heap
|
page read and write
|
||
|
317E000
|
heap
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2765B6C8000
|
heap
|
page read and write
|
||
|
3193000
|
heap
|
page read and write
|
||
|
2765B6ED000
|
heap
|
page read and write
|
||
|
319D000
|
heap
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
E1F000
|
stack
|
page read and write
|
||
|
2765B6A9000
|
heap
|
page read and write
|
||
|
5542000
|
heap
|
page read and write
|
||
|
2765B6DC000
|
heap
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
31BF000
|
heap
|
page read and write
|
||
|
3164000
|
heap
|
page read and write
|
||
|
315D000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
3198000
|
heap
|
page read and write
|
||
|
505F000
|
stack
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
313F000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page execute and read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
3325000
|
heap
|
page read and write
|
||
|
2765B8F5000
|
heap
|
page read and write
|
||
|
59A4000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
6AE000
|
heap
|
page read and write
|
||
|
3127000
|
heap
|
page read and write
|
||
|
C7E000
|
heap
|
page read and write
|
||
|
C73000
|
heap
|
page read and write
|
||
|
CA9000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
10E8000
|
trusted library allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
59C7000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
C73000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
319E000
|
heap
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
B8A000
|
trusted library allocation
|
page execute and read and write
|
There are 583 hidden memdumps, click here to show them.