Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
#U015eirket arac#U0131n#U0131z taraf#U0131ndan dikkatsiz s#U00fcr#U00fc#U015f tespit edildi.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\aut8564.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut85A3.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autAD6F.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autADBE.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autD5A8.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autD616.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dews
|
ASCII text, with very long lines (29744), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\iodization
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\#U015eirket arac#U0131n#U0131z taraf#U0131ndan dikkatsiz s#U00fcr#U00fc#U015f tespit edildi.exe
|
"C:\Users\user\Desktop\#U015eirket arac#U0131n#U0131z taraf#U0131ndan dikkatsiz s#U00fcr#U00fc#U015f tespit edildi.exe"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\Desktop\#U015eirket arac#U0131n#U0131z taraf#U0131ndan dikkatsiz s#U00fcr#U00fc#U015f tespit edildi.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\#U015eirket arac#U0131n#U0131z taraf#U0131ndan dikkatsiz s#U00fcr#U00fc#U015f tespit edildi.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.telegram.org/bot7188891594:AAFqtGlOuSCribG96uEQ5BTtToaiuTn9Ees/sendDocument
|
149.154.167.220
|
||
|
https://api.telegram.org/bot7188891594:AAFqtGlOuSCribG96uEQ5BTtToaiuTn9Ees/
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.telegram.org
|
149.154.167.220
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3248000
|
trusted library allocation
|
page read and write
|
|
|
|
321E000
|
trusted library allocation
|
page read and write
|
|
|
|
5170000
|
trusted library section
|
page read and write
|
|
|
|
2C7F000
|
trusted library allocation
|
page read and write
|
|
|
|
2C99000
|
trusted library allocation
|
page read and write
|
|
|
|
3C6E000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
325F000
|
trusted library allocation
|
page read and write
|
|
|
|
272F000
|
heap
|
page read and write
|
|
|
|
1410000
|
direct allocation
|
page read and write
|
|
|
|
2B30000
|
trusted library section
|
page read and write
|
|
|
|
2C31000
|
trusted library allocation
|
page read and write
|
|
|
|
2480000
|
direct allocation
|
page read and write
|
|
|
|
3279000
|
trusted library allocation
|
page read and write
|
|
|
|
3FFD000
|
direct allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
15EE000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
15EE000
|
heap
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
15CF000
|
heap
|
page read and write
|
||
|
82F000
|
stack
|
page read and write
|
||
|
9EB000
|
heap
|
page read and write
|
||
|
2E8F000
|
heap
|
page read and write
|
||
|
15BD000
|
heap
|
page read and write
|
||
|
990000
|
direct allocation
|
page execute and read and write
|
||
|
984E000
|
direct allocation
|
page read and write
|
||
|
42D9000
|
direct allocation
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6660000
|
trusted library allocation
|
page execute and read and write
|
||
|
7180000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page execute and read and write
|
||
|
B32000
|
unkown
|
page readonly
|
||
|
1830000
|
heap
|
page read and write
|
||
|
3D30000
|
direct allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
344E000
|
direct allocation
|
page read and write
|
||
|
1851000
|
heap
|
page read and write
|
||
|
2CB8000
|
trusted library allocation
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
2D96000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
heap
|
page execute and read and write
|
||
|
428D000
|
direct allocation
|
page read and write
|
||
|
118A000
|
heap
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
102000
|
unkown
|
page readonly
|
||
|
D78000
|
heap
|
page read and write
|
||
|
6F78000
|
heap
|
page read and write
|
||
|
15BF000
|
heap
|
page read and write
|
||
|
567F000
|
stack
|
page read and write
|
||
|
305B000
|
trusted library allocation
|
page read and write
|
||
|
5EAC000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
2898000
|
trusted library allocation
|
page read and write
|
||
|
15CE000
|
heap
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
4133000
|
direct allocation
|
page read and write
|
||
|
6D3D000
|
stack
|
page read and write
|
||
|
3D30000
|
direct allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
265E084C000
|
heap
|
page read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
15DE000
|
heap
|
page read and write
|
||
|
B3D000
|
heap
|
page read and write
|
||
|
6BFE000
|
stack
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
B44000
|
unkown
|
page readonly
|
||
|
32C5000
|
trusted library allocation
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
6CF0000
|
heap
|
page read and write
|
||
|
406E000
|
direct allocation
|
page read and write
|
||
|
6150000
|
trusted library allocation
|
page read and write
|
||
|
3372000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
150F000
|
heap
|
page read and write
|
||
|
42FE000
|
direct allocation
|
page read and write
|
||
|
42D7000
|
trusted library allocation
|
page read and write
|
||
|
5362000
|
heap
|
page read and write
|
||
|
67C0000
|
trusted library allocation
|
page read and write
|
||
|
2D2B000
|
trusted library allocation
|
page read and write
|
||
|
3ED0000
|
direct allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page execute and read and write
|
||
|
7150000
|
trusted library allocation
|
page read and write
|
||
|
3E53000
|
direct allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
42DD000
|
direct allocation
|
page read and write
|
||
|
11EF000
|
stack
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
2D62000
|
trusted library allocation
|
page read and write
|
||
|
B32000
|
unkown
|
page readonly
|
||
|
B40000
|
unkown
|
page write copy
|
||
|
32EA000
|
trusted library allocation
|
page read and write
|
||
|
5E8D000
|
stack
|
page read and write
|
||
|
2C7D000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
3387000
|
trusted library allocation
|
page read and write
|
||
|
2D38000
|
trusted library allocation
|
page read and write
|
||
|
AC3000
|
heap
|
page read and write
|
||
|
171C000
|
heap
|
page read and write
|
||
|
2846000
|
heap
|
page read and write
|
||
|
1C6F000
|
stack
|
page read and write
|
||
|
3FFD000
|
direct allocation
|
page read and write
|
||
|
185F000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
2BCE000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
30EF000
|
trusted library allocation
|
page read and write
|
||
|
A71000
|
unkown
|
page execute read
|
||
|
3ED0000
|
direct allocation
|
page read and write
|
||
|
445000
|
system
|
page execute and read and write
|
||
|
B3C000
|
unkown
|
page write copy
|
||
|
6147000
|
trusted library allocation
|
page read and write
|
||
|
2BE1000
|
trusted library allocation
|
page read and write
|
||
|
12B4000
|
trusted library allocation
|
page read and write
|
||
|
265E084E000
|
heap
|
page read and write
|
||
|
B0C000
|
unkown
|
page readonly
|
||
|
6BBF000
|
stack
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
697D000
|
stack
|
page read and write
|
||
|
B2D000
|
heap
|
page read and write
|
||
|
306E000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
3441000
|
direct allocation
|
page read and write
|
||
|
B44000
|
unkown
|
page readonly
|
||
|
66E0000
|
trusted library allocation
|
page read and write
|
||
|
102000
|
unkown
|
page readonly
|
||
|
4010000
|
direct allocation
|
page read and write
|
||
|
3FFD000
|
direct allocation
|
page read and write
|
||
|
336E000
|
trusted library allocation
|
page read and write
|
||
|
1777000
|
heap
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
32B6000
|
trusted library allocation
|
page read and write
|
||
|
5730000
|
heap
|
page read and write
|
||
|
DCF000
|
heap
|
page read and write
|
||
|
422000
|
system
|
page execute and read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
1840000
|
heap
|
page read and write
|
||
|
B3C000
|
unkown
|
page write copy
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
2E4F000
|
heap
|
page read and write
|
||
|
17F5000
|
heap
|
page read and write
|
||
|
4160000
|
direct allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page execute and read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
2C87000
|
trusted library allocation
|
page read and write
|
||
|
265E0510000
|
heap
|
page read and write
|
||
|
3FFD000
|
direct allocation
|
page read and write
|
||
|
265E0840000
|
heap
|
page read and write
|
||
|
40000
|
unkown
|
page readonly
|
||
|
5383000
|
heap
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
1851000
|
heap
|
page read and write
|
||
|
66A4000
|
trusted library allocation
|
page read and write
|
||
|
DAA000
|
heap
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
108A000
|
stack
|
page read and write
|
||
|
1871000
|
heap
|
page read and write
|
||
|
16E8000
|
heap
|
page read and write
|
||
|
1777000
|
heap
|
page read and write
|
||
|
5EA6000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
56DA000
|
heap
|
page read and write
|
||
|
EFC25FF000
|
stack
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
1478000
|
heap
|
page read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page execute and read and write
|
||
|
7190000
|
trusted library allocation
|
page execute and read and write
|
||
|
32FB000
|
trusted library allocation
|
page read and write
|
||
|
5707000
|
heap
|
page read and write
|
||
|
2C83000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
177F000
|
heap
|
page read and write
|
||
|
530D000
|
stack
|
page read and write
|
||
|
15FE000
|
heap
|
page read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
3FF9000
|
direct allocation
|
page read and write
|
||
|
3277000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
434E000
|
direct allocation
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
D3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4289000
|
direct allocation
|
page read and write
|
||
|
D47000
|
trusted library allocation
|
page execute and read and write
|
||
|
17D9000
|
heap
|
page read and write
|
||
|
3FC0000
|
direct allocation
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
15DD000
|
heap
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page execute and read and write
|
||
|
42DD000
|
direct allocation
|
page read and write
|
||
|
265E0845000
|
heap
|
page read and write
|
||
|
3FFD000
|
direct allocation
|
page read and write
|
||
|
B90000
|
trusted library section
|
page read and write
|
||
|
2470000
|
direct allocation
|
page execute and read and write
|
||
|
BA7000
|
heap
|
page read and write
|
||
|
2D65000
|
trusted library allocation
|
page execute and read and write
|
||
|
69E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
593E000
|
stack
|
page read and write
|
||
|
D32000
|
trusted library allocation
|
page read and write
|
||
|
5342000
|
heap
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
11AA000
|
heap
|
page read and write
|
||
|
533E000
|
stack
|
page read and write
|
||
|
609C000
|
stack
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
32FF000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
41000
|
unkown
|
page execute read
|
||
|
1140000
|
trusted library section
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
B2D000
|
heap
|
page read and write
|
||
|
4289000
|
direct allocation
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
662E000
|
unkown
|
page read and write
|
||
|
5703000
|
heap
|
page read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
4235000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
58FF000
|
stack
|
page read and write
|
||
|
B1D000
|
heap
|
page read and write
|
||
|
BA5000
|
heap
|
page read and write
|
||
|
80F000
|
stack
|
page read and write
|
||
|
30D4000
|
trusted library allocation
|
page read and write
|
||
|
32F8000
|
trusted library allocation
|
page read and write
|
||
|
6170000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EA000
|
stack
|
page read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
144F000
|
stack
|
page read and write
|
||
|
53B4000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
40E3000
|
direct allocation
|
page read and write
|
||
|
B1D000
|
heap
|
page read and write
|
||
|
2BED000
|
trusted library allocation
|
page read and write
|
||
|
53BA000
|
heap
|
page read and write
|
||
|
2D0A000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page read and write
|
||
|
3C5D000
|
trusted library allocation
|
page read and write
|
||
|
5984000
|
trusted library allocation
|
page read and write
|
||
|
2F6C000
|
stack
|
page read and write
|
||
|
12D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
41B0000
|
direct allocation
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
53C5000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
3303000
|
trusted library allocation
|
page read and write
|
||
|
4160000
|
direct allocation
|
page read and write
|
||
|
11DC000
|
stack
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
EFC26FE000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
10C000
|
unkown
|
page read and write
|
||
|
57FD000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
D23000
|
trusted library allocation
|
page read and write
|
||
|
3D30000
|
direct allocation
|
page read and write
|
||
|
110000
|
unkown
|
page write copy
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
DAC000
|
heap
|
page read and write
|
||
|
3D2D000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page execute and read and write
|
||
|
D13000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
15A8000
|
heap
|
page read and write
|
||
|
3D30000
|
direct allocation
|
page read and write
|
||
|
3267000
|
trusted library allocation
|
page read and write
|
||
|
EFC23FE000
|
stack
|
page read and write
|
||
|
5C4E000
|
direct allocation
|
page read and write
|
||
|
A71000
|
unkown
|
page execute read
|
||
|
56A2000
|
heap
|
page read and write
|
||
|
1808000
|
heap
|
page read and write
|
||
|
4265000
|
trusted library allocation
|
page read and write
|
||
|
2DA2000
|
trusted library allocation
|
page read and write
|
||
|
5A6C000
|
stack
|
page read and write
|
||
|
152F000
|
heap
|
page read and write
|
||
|
12BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
56AA000
|
heap
|
page read and write
|
||
|
22DE000
|
stack
|
page read and write
|
||
|
E55000
|
heap
|
page read and write
|
||
|
EFC29FE000
|
stack
|
page read and write
|
||
|
30D6000
|
trusted library allocation
|
page read and write
|
||
|
41000
|
unkown
|
page execute read
|
||
|
2D92000
|
trusted library allocation
|
page read and write
|
||
|
484E000
|
direct allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
553C000
|
stack
|
page read and write
|
||
|
32CD000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page read and write
|
||
|
646E000
|
stack
|
page read and write
|
||
|
2D3C000
|
trusted library allocation
|
page read and write
|
||
|
844E000
|
direct allocation
|
page read and write
|
||
|
5B6C000
|
stack
|
page read and write
|
||
|
406E000
|
direct allocation
|
page read and write
|
||
|
B1D000
|
heap
|
page read and write
|
||
|
41B0000
|
direct allocation
|
page read and write
|
||
|
6DBE000
|
unkown
|
page read and write
|
||
|
3E53000
|
direct allocation
|
page read and write
|
||
|
325D000
|
trusted library allocation
|
page read and write
|
||
|
4133000
|
direct allocation
|
page read and write
|
||
|
3ED0000
|
direct allocation
|
page read and write
|
||
|
B0D000
|
heap
|
page read and write
|
||
|
7E8000
|
stack
|
page read and write
|
||
|
42D9000
|
direct allocation
|
page read and write
|
||
|
1841000
|
heap
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
D36000
|
trusted library allocation
|
page execute and read and write
|
||
|
265E0610000
|
heap
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
3D30000
|
direct allocation
|
page read and write
|
||
|
2D9E000
|
trusted library allocation
|
page read and write
|
||
|
56A4000
|
heap
|
page read and write
|
||
|
B0C000
|
unkown
|
page readonly
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
1832000
|
heap
|
page read and write
|
||
|
5940000
|
trusted library allocation
|
page execute and read and write
|
||
|
42FE000
|
direct allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
53E5000
|
heap
|
page read and write
|
||
|
3076000
|
trusted library allocation
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
265E0618000
|
heap
|
page read and write
|
||
|
337E000
|
trusted library allocation
|
page read and write
|
||
|
14AC000
|
heap
|
page read and write
|
||
|
EFC2AFF000
|
stack
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
40000
|
unkown
|
page readonly
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
5EA3000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
12D2000
|
trusted library allocation
|
page read and write
|
||
|
6160000
|
trusted library allocation
|
page execute and read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
5D0E000
|
stack
|
page read and write
|
||
|
10C000
|
unkown
|
page write copy
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
B44000
|
unkown
|
page readonly
|
||
|
5090000
|
heap
|
page read and write
|
||
|
A4A000
|
stack
|
page read and write
|
||
|
42DD000
|
direct allocation
|
page read and write
|
||
|
3ED0000
|
direct allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
655E000
|
stack
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
7A4E000
|
direct allocation
|
page read and write
|
||
|
B0C000
|
unkown
|
page readonly
|
||
|
11AD000
|
heap
|
page read and write
|
||
|
D9F000
|
heap
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
41B0000
|
direct allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
D50000
|
heap
|
page read and write
|
||
|
38F4000
|
heap
|
page read and write
|
||
|
D4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
42CD000
|
trusted library allocation
|
page read and write
|
||
|
3E4E000
|
direct allocation
|
page read and write
|
||
|
6180000
|
trusted library allocation
|
page read and write
|
||
|
67B2000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
EFC28FD000
|
stack
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
3380000
|
direct allocation
|
page read and write
|
||
|
3ED0000
|
direct allocation
|
page read and write
|
||
|
74AF000
|
stack
|
page read and write
|
||
|
3FF9000
|
direct allocation
|
page read and write
|
||
|
EFC22FE000
|
stack
|
page read and write
|
||
|
171C000
|
heap
|
page read and write
|
||
|
15DE000
|
heap
|
page read and write
|
||
|
83F000
|
stack
|
page read and write
|
||
|
1460000
|
direct allocation
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
265E0640000
|
heap
|
page read and write
|
||
|
66C0000
|
heap
|
page read and write
|
||
|
B44000
|
unkown
|
page readonly
|
||
|
B3C000
|
unkown
|
page read and write
|
||
|
14AC000
|
heap
|
page read and write
|
||
|
8E4E000
|
direct allocation
|
page read and write
|
||
|
5E4D000
|
stack
|
page read and write
|
||
|
406E000
|
direct allocation
|
page read and write
|
||
|
677E000
|
stack
|
page read and write
|
||
|
B40000
|
unkown
|
page write copy
|
||
|
6A4E000
|
stack
|
page read and write
|
||
|
4D2D000
|
stack
|
page read and write
|
||
|
2CAA000
|
trusted library allocation
|
page read and write
|
||
|
67BE000
|
stack
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
5E9D000
|
trusted library allocation
|
page read and write
|
||
|
145F000
|
stack
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
40E3000
|
direct allocation
|
page read and write
|
||
|
32BD000
|
trusted library allocation
|
page read and write
|
||
|
329C000
|
trusted library allocation
|
page read and write
|
||
|
38F0000
|
heap
|
page read and write
|
||
|
42D9000
|
direct allocation
|
page read and write
|
||
|
434E000
|
direct allocation
|
page read and write
|
||
|
2DA7000
|
trusted library allocation
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
676E000
|
stack
|
page read and write
|
||
|
1777000
|
heap
|
page read and write
|
||
|
12CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7500000
|
heap
|
page read and write
|
||
|
3382000
|
trusted library allocation
|
page read and write
|
||
|
40E3000
|
direct allocation
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
B3D000
|
heap
|
page read and write
|
||
|
3ED0000
|
direct allocation
|
page read and write
|
||
|
323D000
|
trusted library allocation
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
704E000
|
direct allocation
|
page read and write
|
||
|
3318000
|
trusted library allocation
|
page read and write
|
||
|
15FE000
|
heap
|
page read and write
|
||
|
2CC8000
|
trusted library allocation
|
page read and write
|
||
|
265E2180000
|
heap
|
page read and write
|
||
|
59ED000
|
stack
|
page read and write
|
||
|
150F000
|
heap
|
page read and write
|
||
|
3263000
|
trusted library allocation
|
page read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
2BDE000
|
trusted library allocation
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
3E53000
|
direct allocation
|
page read and write
|
||
|
13E0000
|
direct allocation
|
page execute and read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
41000
|
unkown
|
page execute read
|
||
|
1712000
|
heap
|
page read and write
|
||
|
65AD000
|
stack
|
page read and write
|
||
|
D42000
|
trusted library allocation
|
page read and write
|
||
|
265E05F0000
|
heap
|
page read and write
|
||
|
5073000
|
heap
|
page read and write
|
||
|
67B0000
|
heap
|
page read and write
|
||
|
CF0000
|
trusted library section
|
page read and write
|
||
|
32C9000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
trusted library section
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2CFD000
|
trusted library allocation
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
6CDE000
|
stack
|
page read and write
|
||
|
150F000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
3FC0000
|
direct allocation
|
page read and write
|
||
|
5EA0000
|
trusted library allocation
|
page read and write
|
||
|
524E000
|
direct allocation
|
page read and write
|
||
|
305E000
|
trusted library allocation
|
page read and write
|
||
|
A71000
|
unkown
|
page execute read
|
||
|
150F000
|
heap
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
1150000
|
heap
|
page read and write
|
||
|
EFC2BFB000
|
stack
|
page read and write
|
||
|
521D000
|
trusted library allocation
|
page read and write
|
||
|
53B7000
|
heap
|
page read and write
|
||
|
297C000
|
stack
|
page read and write
|
||
|
3B70000
|
heap
|
page read and write
|
||
|
1841000
|
heap
|
page read and write
|
||
|
128D000
|
stack
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
B3C000
|
unkown
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
6D7E000
|
unkown
|
page read and write
|
||
|
51FC000
|
stack
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
434E000
|
direct allocation
|
page read and write
|
||
|
12C3000
|
trusted library allocation
|
page read and write
|
||
|
2EDF000
|
heap
|
page read and write
|
||
|
2CB4000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
6EBF000
|
stack
|
page read and write
|
||
|
3FF9000
|
direct allocation
|
page read and write
|
||
|
7F180000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
171C000
|
heap
|
page read and write
|
||
|
114000
|
unkown
|
page readonly
|
||
|
DCC000
|
heap
|
page read and write
|
||
|
B0C000
|
unkown
|
page readonly
|
||
|
3FFD000
|
direct allocation
|
page read and write
|
||
|
6140000
|
trusted library allocation
|
page read and write
|
||
|
B32000
|
unkown
|
page readonly
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
65EE000
|
unkown
|
page read and write
|
||
|
1841000
|
heap
|
page read and write
|
||
|
69D0000
|
heap
|
page read and write
|
||
|
2D4D000
|
trusted library allocation
|
page read and write
|
||
|
265E0710000
|
heap
|
page read and write
|
||
|
265E0622000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
67B8000
|
heap
|
page read and write
|
||
|
73AE000
|
stack
|
page read and write
|
||
|
12DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FC0000
|
direct allocation
|
page read and write
|
||
|
3D30000
|
direct allocation
|
page read and write
|
||
|
66B0000
|
trusted library allocation
|
page read and write
|
||
|
D2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
67AE000
|
stack
|
page read and write
|
||
|
3C31000
|
trusted library allocation
|
page read and write
|
||
|
428D000
|
direct allocation
|
page read and write
|
||
|
14AC000
|
heap
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
15D4000
|
heap
|
page read and write
|
||
|
5226000
|
trusted library allocation
|
page read and write
|
||
|
166E000
|
stack
|
page read and write
|
||
|
2CBC000
|
trusted library allocation
|
page read and write
|
||
|
3FF9000
|
direct allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
150F000
|
heap
|
page read and write
|
||
|
1EDE000
|
stack
|
page read and write
|
||
|
406E000
|
direct allocation
|
page read and write
|
||
|
4010000
|
direct allocation
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC000
|
unkown
|
page readonly
|
||
|
1871000
|
heap
|
page read and write
|
||
|
42B3000
|
trusted library allocation
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page read and write
|
||
|
4160000
|
direct allocation
|
page read and write
|
||
|
672F000
|
stack
|
page read and write
|
||
|
1832000
|
heap
|
page read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
147F000
|
stack
|
page read and write
|
||
|
14A4000
|
heap
|
page read and write
|
||
|
5346000
|
heap
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
612E000
|
stack
|
page read and write
|
||
|
CAF000
|
stack
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
15BF000
|
heap
|
page read and write
|
||
|
1831000
|
heap
|
page read and write
|
||
|
32D5000
|
trusted library allocation
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
330B000
|
trusted library allocation
|
page read and write
|
||
|
3FF9000
|
direct allocation
|
page read and write
|
||
|
3E53000
|
direct allocation
|
page read and write
|
||
|
337A000
|
trusted library allocation
|
page read and write
|
||
|
32C1000
|
trusted library allocation
|
page read and write
|
||
|
3294000
|
trusted library allocation
|
page read and write
|
||
|
3CF7000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
307D000
|
trusted library allocation
|
page read and write
|
||
|
148F000
|
stack
|
page read and write
|
||
|
3307000
|
trusted library allocation
|
page read and write
|
||
|
3E53000
|
direct allocation
|
page read and write
|
||
|
328A000
|
trusted library allocation
|
page read and write
|
||
|
A71000
|
unkown
|
page execute read
|
||
|
118D000
|
heap
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
1507000
|
heap
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
67B5000
|
heap
|
page read and write
|
||
|
146B000
|
stack
|
page read and write
|
||
|
15DD000
|
heap
|
page read and write
|
||
|
265E0675000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
67D9000
|
heap
|
page read and write
|
||
|
1871000
|
heap
|
page read and write
|
||
|
1158000
|
heap
|
page read and write
|
||
|
15FE000
|
heap
|
page read and write
|
||
|
2D67000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
D5A000
|
stack
|
page read and write
|
||
|
D14000
|
trusted library allocation
|
page read and write
|
||
|
4289000
|
direct allocation
|
page read and write
|
||
|
DC000
|
unkown
|
page readonly
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
206E000
|
stack
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
332D000
|
trusted library allocation
|
page read and write
|
||
|
179F000
|
heap
|
page read and write
|
||
|
430E000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
664E000
|
direct allocation
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
7F800000
|
trusted library allocation
|
page execute and read and write
|
||
|
1842000
|
heap
|
page read and write
|
||
|
81C000
|
stack
|
page read and write
|
||
|
57F0000
|
heap
|
page execute and read and write
|
||
|
2D8E000
|
trusted library allocation
|
page read and write
|
||
|
177A000
|
heap
|
page read and write
|
||
|
3376000
|
trusted library allocation
|
page read and write
|
||
|
3298000
|
trusted library allocation
|
page read and write
|
||
|
9E4000
|
heap
|
page read and write
|
||
|
4133000
|
direct allocation
|
page read and write
|
||
|
3B74000
|
heap
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
42FE000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
stack
|
page read and write
|
||
|
5E0F000
|
stack
|
page read and write
|
||
|
14A2000
|
heap
|
page read and write
|
||
|
12B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
428D000
|
direct allocation
|
page read and write
|
||
|
3330000
|
direct allocation
|
page read and write
|
||
|
406E000
|
direct allocation
|
page read and write
|
||
|
5714000
|
heap
|
page read and write
|
||
|
9E3000
|
heap
|
page read and write
|
||
|
EFC1FDA000
|
stack
|
page read and write
|
||
|
32A9000
|
trusted library allocation
|
page read and write
|
||
|
2C97000
|
trusted library allocation
|
page read and write
|
||
|
3062000
|
trusted library allocation
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
2830000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
3E53000
|
direct allocation
|
page read and write
|
||
|
114000
|
unkown
|
page readonly
|
||
|
11FF000
|
heap
|
page read and write
|
||
|
6F40000
|
heap
|
page read and write
|
||
|
5709000
|
heap
|
page read and write
|
||
|
D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
15EC000
|
heap
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
1861000
|
heap
|
page read and write
|
||
|
3FF9000
|
direct allocation
|
page read and write
|
||
|
665B000
|
stack
|
page read and write
|
||
|
B3D000
|
heap
|
page read and write
|
||
|
66E7000
|
trusted library allocation
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
184F000
|
heap
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
331C000
|
trusted library allocation
|
page read and write
|
||
|
2BCB000
|
trusted library allocation
|
page read and write
|
||
|
406E000
|
direct allocation
|
page read and write
|
||
|
4010000
|
direct allocation
|
page read and write
|
||
|
D45000
|
trusted library allocation
|
page execute and read and write
|
||
|
B32000
|
unkown
|
page readonly
|
||
|
1861000
|
heap
|
page read and write
|
There are 642 hidden memdumps, click here to show them.