Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
baVrLvRHZY.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_baVrLvRHZY.exe_293258f491b43234cfed95b48a8988732956b6_8e2e74b8_15b024d6-5631-43e3-9e61-f42da62bd43b\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_baVrLvRHZY.exe_aad8d77e4466af63bc3e88c343230884b657c5b_8e2e74b8_22fbda1c-b214-4d6a-94b5-6e50f358672c\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_baVrLvRHZY.exe_f2c3ece052b999f51da42e75b5f7865f37d5f_8e2e74b8_345b9d0b-7892-4c39-819e-2de6257e2101\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9B7C.tmp.dmp
|
Mini DuMP crash report, 15 streams, Wed May 1 14:43:36 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9C68.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9C98.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9EE7.tmp.dmp
|
Mini DuMP crash report, 15 streams, Wed May 1 14:43:37 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA13A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAD8F.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB88A.tmp.dmp
|
Mini DuMP crash report, 15 streams, Wed May 1 14:43:43 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB994.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB9F3.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\baVrLvRHZY.exe
|
"C:\Users\user\Desktop\baVrLvRHZY.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3744 -s 1476
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3744 -s 1524
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3744 -s 1636
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accountasifkwosov.shop
|
|
||
|
shortsvelventysjo.shop
|
|
||
|
tolerateilusidjukl.shop
|
|
||
|
shatterbreathepsw.shop
|
|
||
|
demonstationfukewko.shop
|
|
||
|
productivelookewr.shop
|
|
||
|
alcojoldwograpciw.shop
|
|
||
|
incredibleextedwj.shop
|
|
||
|
liabilitynighstjsko.shop
|
|
||
|
https://accountasifkwosov.shop/hb
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://accountasifkwosov.shop/&b
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://accountasifkwosov.shop/apiGecko)
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
|
unknown
|
||
|
https://accountasifkwosov.shop/RbS1M
|
unknown
|
||
|
https://accountasifkwosov.shop:443/api
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://accountasifkwosov.shop/Lb
|
unknown
|
||
|
https://accountasifkwosov.shop/ubt1b
|
unknown
|
||
|
https://support.mozilla.org/products/firefoxgro.all
|
unknown
|
||
|
https://accountasifkwosov.shop/apiaH
|
unknown
|
||
|
https://www.mozilla.or
|
unknown
|
||
|
https://accountasifkwosov.shop/~b
|
unknown
|
||
|
https://accountasifkwosov.shop/
|
unknown
|
||
|
https://accountasifkwosov.shop/res01
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://accountasifkwosov.shop/apiw8
|
unknown
|
||
|
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.
|
unknown
|
||
|
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
|
unknown
|
||
|
https://accountasifkwosov.shop/S=
|
unknown
|
||
|
https://accountasifkwosov.shop/apid
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://crl.rootca1.amazontrust.com/rootca1.crl0
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://ocsp.rootca1.amazontrust.com0:
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
|
unknown
|
||
|
https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
|
unknown
|
||
|
http://crt.rootca1.amazontrust.com/rootca1.cer0?
|
unknown
|
||
|
https://accountasifkwosov.shop/apir
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://accountasifkwosov.shop/api
|
172.67.141.11
|
||
|
https://accountasifkwosov.shop/apiaoP
|
unknown
|
There are 39 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accountasifkwosov.shop
|
172.67.141.11
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.141.11
|
accountasifkwosov.shop
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
ProgramId
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
FileId
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
LongPathHash
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
Name
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
OriginalFileName
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
Publisher
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
Version
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
BinFileVersion
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
BinaryType
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
ProductName
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
ProductVersion
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
LinkDate
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
BinProductVersion
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
Size
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
Language
|
||
|
\REGISTRY\A\{cfbe5b5f-166b-d8cf-1281-c0937c784e4c}\Root\InventoryApplicationFile\bavrlvrhzy.exe|97d1c4eaec870a0f
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 15 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
4221000
|
trusted library allocation
|
page read and write
|
||
|
4214000
|
trusted library allocation
|
page read and write
|
||
|
1CE6000
|
heap
|
page read and write
|
||
|
4229000
|
trusted library allocation
|
page read and write
|
||
|
423A000
|
trusted library allocation
|
page read and write
|
||
|
4231000
|
trusted library allocation
|
page read and write
|
||
|
1A85000
|
heap
|
page read and write
|
||
|
4251000
|
trusted library allocation
|
page read and write
|
||
|
4263000
|
trusted library allocation
|
page read and write
|
||
|
4221000
|
trusted library allocation
|
page read and write
|
||
|
1A80000
|
heap
|
page read and write
|
||
|
4230000
|
trusted library allocation
|
page read and write
|
||
|
4252000
|
trusted library allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
40AF000
|
stack
|
page read and write
|
||
|
4258000
|
trusted library allocation
|
page read and write
|
||
|
1A0D000
|
unkown
|
page read and write
|
||
|
4266000
|
trusted library allocation
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
4300000
|
heap
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
4267000
|
trusted library allocation
|
page read and write
|
||
|
1CCA000
|
heap
|
page read and write
|
||
|
4222000
|
trusted library allocation
|
page read and write
|
||
|
41FE000
|
stack
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
3C1F000
|
stack
|
page read and write
|
||
|
1CC8000
|
heap
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
1C5A000
|
heap
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
4207000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A0F000
|
unkown
|
page readonly
|
||
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
4258000
|
trusted library allocation
|
page read and write
|
||
|
4263000
|
trusted library allocation
|
page read and write
|
||
|
1CD5000
|
heap
|
page read and write
|
||
|
424E000
|
trusted library allocation
|
page read and write
|
||
|
4248000
|
trusted library allocation
|
page read and write
|
||
|
1CE4000
|
heap
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
1CE0000
|
heap
|
page read and write
|
||
|
4227000
|
trusted library allocation
|
page read and write
|
||
|
4276000
|
trusted library allocation
|
page read and write
|
||
|
3ADE000
|
stack
|
page read and write
|
||
|
40FE000
|
stack
|
page read and write
|
||
|
3830000
|
remote allocation
|
page read and write
|
||
|
1D34000
|
heap
|
page read and write
|
||
|
425D000
|
trusted library allocation
|
page read and write
|
||
|
4268000
|
trusted library allocation
|
page read and write
|
||
|
4268000
|
trusted library allocation
|
page read and write
|
||
|
4232000
|
trusted library allocation
|
page read and write
|
||
|
420A000
|
trusted library allocation
|
page read and write
|
||
|
426F000
|
trusted library allocation
|
page read and write
|
||
|
1D4E000
|
heap
|
page read and write
|
||
|
36EF000
|
stack
|
page read and write
|
||
|
1CCA000
|
heap
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
423A000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
42B6000
|
trusted library allocation
|
page read and write
|
||
|
422A000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
4239000
|
trusted library allocation
|
page read and write
|
||
|
1A7E000
|
stack
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
1D4B000
|
heap
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
1CE0000
|
heap
|
page read and write
|
||
|
1BB0000
|
direct allocation
|
page execute and read and write
|
||
|
420B000
|
trusted library allocation
|
page read and write
|
||
|
426A000
|
trusted library allocation
|
page read and write
|
||
|
423C000
|
trusted library allocation
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
4226000
|
trusted library allocation
|
page read and write
|
||
|
1D4E000
|
heap
|
page read and write
|
||
|
4221000
|
trusted library allocation
|
page read and write
|
||
|
42AF000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
1D37000
|
heap
|
page read and write
|
||
|
4205000
|
trusted library allocation
|
page read and write
|
||
|
4244000
|
trusted library allocation
|
page read and write
|
||
|
425E000
|
trusted library allocation
|
page read and write
|
||
|
4214000
|
trusted library allocation
|
page read and write
|
||
|
455F000
|
stack
|
page read and write
|
||
|
4712000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
1CE3000
|
heap
|
page read and write
|
||
|
3FAE000
|
stack
|
page read and write
|
||
|
3B1E000
|
stack
|
page read and write
|
||
|
4244000
|
trusted library allocation
|
page read and write
|
||
|
4202000
|
trusted library allocation
|
page read and write
|
||
|
4207000
|
trusted library allocation
|
page read and write
|
||
|
4244000
|
trusted library allocation
|
page read and write
|
||
|
4250000
|
trusted library allocation
|
page read and write
|
||
|
1CE6000
|
heap
|
page read and write
|
||
|
4223000
|
trusted library allocation
|
page read and write
|
||
|
4258000
|
trusted library allocation
|
page read and write
|
||
|
426D000
|
trusted library allocation
|
page read and write
|
||
|
4242000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
1CE6000
|
heap
|
page read and write
|
||
|
420A000
|
trusted library allocation
|
page read and write
|
||
|
4230000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
425A000
|
trusted library allocation
|
page read and write
|
||
|
197000
|
stack
|
page read and write
|
||
|
433E000
|
trusted library allocation
|
page read and write
|
||
|
1D35000
|
heap
|
page read and write
|
||
|
1CCA000
|
heap
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
43AE000
|
trusted library allocation
|
page read and write
|
||
|
1C5E000
|
heap
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
422F000
|
trusted library allocation
|
page read and write
|
||
|
4236000
|
trusted library allocation
|
page read and write
|
||
|
423E000
|
trusted library allocation
|
page read and write
|
||
|
1CCA000
|
heap
|
page read and write
|
||
|
4205000
|
trusted library allocation
|
page read and write
|
||
|
1CD5000
|
heap
|
page read and write
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
428F000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
4326000
|
trusted library allocation
|
page read and write
|
||
|
4213000
|
trusted library allocation
|
page read and write
|
||
|
4307000
|
trusted library allocation
|
page read and write
|
||
|
1D4C000
|
heap
|
page read and write
|
||
|
1D4E000
|
heap
|
page read and write
|
||
|
4301000
|
heap
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
1CE0000
|
heap
|
page read and write
|
||
|
43E6000
|
trusted library allocation
|
page read and write
|
||
|
4276000
|
trusted library allocation
|
page read and write
|
||
|
4221000
|
trusted library allocation
|
page read and write
|
||
|
426E000
|
trusted library allocation
|
page read and write
|
||
|
4229000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
1C90000
|
heap
|
page read and write
|
||
|
1CE6000
|
heap
|
page read and write
|
||
|
4259000
|
trusted library allocation
|
page read and write
|
||
|
428D000
|
trusted library allocation
|
page read and write
|
||
|
4230000
|
trusted library allocation
|
page read and write
|
||
|
428D000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
1CD5000
|
heap
|
page read and write
|
||
|
428D000
|
trusted library allocation
|
page read and write
|
||
|
3830000
|
remote allocation
|
page read and write
|
||
|
4232000
|
trusted library allocation
|
page read and write
|
||
|
428A000
|
trusted library allocation
|
page read and write
|
||
|
1CE0000
|
heap
|
page read and write
|
||
|
4269000
|
trusted library allocation
|
page read and write
|
||
|
1CE6000
|
heap
|
page read and write
|
||
|
421A000
|
trusted library allocation
|
page read and write
|
||
|
430D000
|
trusted library allocation
|
page read and write
|
||
|
1D4E000
|
heap
|
page read and write
|
||
|
4229000
|
trusted library allocation
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
1CE3000
|
heap
|
page read and write
|
||
|
4C1F000
|
trusted library allocation
|
page read and write
|
||
|
4213000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
448000
|
unkown
|
page execute and read and write
|
||
|
1A30000
|
heap
|
page read and write
|
||
|
4268000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
427E000
|
trusted library allocation
|
page read and write
|
||
|
4246000
|
trusted library allocation
|
page read and write
|
||
|
4267000
|
trusted library allocation
|
page read and write
|
||
|
4251000
|
trusted library allocation
|
page read and write
|
||
|
389E000
|
stack
|
page read and write
|
||
|
422E000
|
trusted library allocation
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
4247000
|
trusted library allocation
|
page read and write
|
||
|
425A000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
425F000
|
trusted library allocation
|
page read and write
|
||
|
4246000
|
trusted library allocation
|
page read and write
|
||
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
421B000
|
trusted library allocation
|
page read and write
|
||
|
4227000
|
trusted library allocation
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
4232000
|
trusted library allocation
|
page read and write
|
||
|
42B6000
|
trusted library allocation
|
page read and write
|
||
|
1CD5000
|
heap
|
page read and write
|
||
|
1D4C000
|
heap
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
421A000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
4700000
|
heap
|
page read and write
|
||
|
424B000
|
trusted library allocation
|
page read and write
|
||
|
42B6000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
1D4B000
|
heap
|
page read and write
|
||
|
4257000
|
trusted library allocation
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
1E4F000
|
stack
|
page read and write
|
||
|
1A0F000
|
unkown
|
page readonly
|
||
|
42B6000
|
trusted library allocation
|
page read and write
|
||
|
459E000
|
trusted library allocation
|
page read and write
|
||
|
1CD5000
|
heap
|
page read and write
|
||
|
4247000
|
trusted library allocation
|
page read and write
|
||
|
420A000
|
trusted library allocation
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
423A000
|
trusted library allocation
|
page read and write
|
||
|
372E000
|
stack
|
page read and write
|
||
|
5138000
|
trusted library allocation
|
page read and write
|
||
|
4244000
|
trusted library allocation
|
page read and write
|
||
|
422D000
|
trusted library allocation
|
page read and write
|
||
|
1CE6000
|
heap
|
page read and write
|
||
|
420D000
|
trusted library allocation
|
page read and write
|
||
|
4476000
|
trusted library allocation
|
page read and write
|
||
|
422C000
|
trusted library allocation
|
page read and write
|
||
|
4278000
|
trusted library allocation
|
page read and write
|
||
|
4239000
|
trusted library allocation
|
page read and write
|
||
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
4229000
|
trusted library allocation
|
page read and write
|
||
|
4213000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
4242000
|
trusted library allocation
|
page read and write
|
||
|
426D000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
1CE3000
|
heap
|
page read and write
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
4252000
|
trusted library allocation
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
39DD000
|
stack
|
page read and write
|
||
|
426D000
|
trusted library allocation
|
page read and write
|
||
|
4238000
|
trusted library allocation
|
page read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
4226000
|
trusted library allocation
|
page read and write
|
||
|
1D4C000
|
heap
|
page read and write
|
||
|
3850000
|
heap
|
page read and write
|
||
|
1D4C000
|
heap
|
page read and write
|
||
|
4239000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
4258000
|
trusted library allocation
|
page read and write
|
||
|
4230000
|
trusted library allocation
|
page read and write
|
||
|
1CCA000
|
heap
|
page read and write
|
||
|
43D6000
|
trusted library allocation
|
page read and write
|
||
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
1C10000
|
heap
|
page read and write
|
||
|
1CD5000
|
heap
|
page read and write
|
||
|
4242000
|
trusted library allocation
|
page read and write
|
||
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
4248000
|
trusted library allocation
|
page read and write
|
||
|
4238000
|
trusted library allocation
|
page read and write
|
||
|
4282000
|
trusted library allocation
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
445E000
|
stack
|
page read and write
|
||
|
399F000
|
stack
|
page read and write
|
||
|
4257000
|
trusted library allocation
|
page read and write
|
||
|
4247000
|
trusted library allocation
|
page read and write
|
||
|
428D000
|
trusted library allocation
|
page read and write
|
||
|
1D3D000
|
heap
|
page read and write
|
||
|
4268000
|
trusted library allocation
|
page read and write
|
||
|
3830000
|
remote allocation
|
page read and write
|
||
|
4246000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
1C00000
|
heap
|
page read and write
|
||
|
421B000
|
trusted library allocation
|
page read and write
|
||
|
382D000
|
stack
|
page read and write
|
||
|
4200000
|
trusted library allocation
|
page read and write
|
||
|
4282000
|
trusted library allocation
|
page read and write
|
||
|
428F000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
4251000
|
trusted library allocation
|
page read and write
|
||
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
4263000
|
trusted library allocation
|
page read and write
|
||
|
1C64000
|
heap
|
page execute and read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
422D000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
1D4B000
|
heap
|
page read and write
|
||
|
1D4E000
|
heap
|
page read and write
|
||
|
4246000
|
trusted library allocation
|
page read and write
|
||
|
4232000
|
trusted library allocation
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
426C000
|
trusted library allocation
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
423C000
|
trusted library allocation
|
page read and write
|
||
|
1D39000
|
heap
|
page read and write
|
||
|
423E000
|
trusted library allocation
|
page read and write
|
||
|
1CE2000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
4244000
|
trusted library allocation
|
page read and write
|
||
|
420D000
|
trusted library allocation
|
page read and write
|
||
|
4599000
|
trusted library allocation
|
page read and write
|
||
|
4236000
|
trusted library allocation
|
page read and write
|
||
|
1C00000
|
direct allocation
|
page read and write
|
||
|
1A87000
|
heap
|
page read and write
|
||
|
4271000
|
trusted library allocation
|
page read and write
|
||
|
1CE0000
|
heap
|
page read and write
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
1C50000
|
heap
|
page read and write
|
||
|
1BAE000
|
stack
|
page read and write
|
||
|
422C000
|
trusted library allocation
|
page read and write
|
||
|
1D40000
|
heap
|
page read and write
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
43DE000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
There are 311 hidden memdumps, click here to show them.