Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Doc 1Z881A080453968203.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Doc 1Z881A080453968203.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\F-385HLwx
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_l13q50rq.a1x.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lxd3pgin.a0i.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ly0caxxx.fjh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tggyfibh.la0.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Doc 1Z881A080453968203.exe
|
"C:\Users\user\Desktop\Doc 1Z881A080453968203.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Doc 1Z881A080453968203.exe"
|
|
|
|
C:\Users\user\Desktop\Doc 1Z881A080453968203.exe
|
"C:\Users\user\Desktop\Doc 1Z881A080453968203.exe"
|
|
|
|
C:\Users\user\Desktop\Doc 1Z881A080453968203.exe
|
"C:\Users\user\Desktop\Doc 1Z881A080453968203.exe"
|
|
|
|
C:\Users\user\Desktop\Doc 1Z881A080453968203.exe
|
"C:\Users\user\Desktop\Doc 1Z881A080453968203.exe"
|
|
|
|
C:\Users\user\Desktop\Doc 1Z881A080453968203.exe
|
"C:\Users\user\Desktop\Doc 1Z881A080453968203.exe"
|
|
|
|
C:\Program Files (x86)\xIOtVlNOKTJJgUmrxRSjaUaTfeifqxOizQOAJxzktpgFM\ShWVPkMdEfalHck.exe
|
"C:\Program Files (x86)\xIOtVlNOKTJJgUmrxRSjaUaTfeifqxOizQOAJxzktpgFM\ShWVPkMdEfalHck.exe"
|
|
|
|
C:\Windows\SysWOW64\cttune.exe
|
"C:\Windows\SysWOW64\cttune.exe"
|
|
|
|
C:\Program Files (x86)\xIOtVlNOKTJJgUmrxRSjaUaTfeifqxOizQOAJxzktpgFM\ShWVPkMdEfalHck.exe
|
"C:\Program Files (x86)\xIOtVlNOKTJJgUmrxRSjaUaTfeifqxOizQOAJxzktpgFM\ShWVPkMdEfalHck.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.ty8yd.us/gtit/?h2hLp=lXUTv2j8Xvb&6t=7JoAjWU6fcQ7CNTtX/U31Su9rRPUkr/mRT6nto1Tw/3EsD0jLMtc/bvrMEH2PX3CJD1RySmx+2JNj33ZBcO0uuHomTTQmPBBQgDcEfgCf/hj3/XBz9l0dPBO2TTZTjDWug==
|
91.195.240.123
|
|
|
|
http://www.tehranrizcomputer.com/gtit/
|
87.107.55.55
|
|
|
|
http://www.tehranrizcomputer.com/gtit/?6t=MgfHm/AWJcZtJWhW2C0E/J+QQ7KNY47B4fJU/YR8UcoonAYwvhq6NXdlvEESKTg86057McGoCNEDbpDsB8WVIewJXmm9gpc24T96Iv1w6gUl0XtnH9Aw4uL+4GJqM1s/fA==&h2hLp=lXUTv2j8Xvb
|
87.107.55.55
|
|
|
|
http://www.coppercookwarekitchen.com/gtit/
|
35.215.179.87
|
|
|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://www.coppercookwarekitchen.com
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://tehranrizcomputer.com/gtit/?6t=MgfHm/AWJcZtJWhW2C0E/J
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.coppercookwarekitchen.com
|
35.215.179.87
|
|
|
|
www.ty8yd.us
|
91.195.240.123
|
|
|
|
tehranrizcomputer.com
|
87.107.55.55
|
|
|
|
www.tehranrizcomputer.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
87.107.55.55
|
tehranrizcomputer.com
|
Iran (ISLAMIC Republic Of)
|
|
|
|
35.215.179.87
|
www.coppercookwarekitchen.com
|
United States
|
|
|
|
91.195.240.123
|
www.ty8yd.us
|
Germany
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F10000
|
system
|
page execute and read and write
|
|
|
|
1A80000
|
unclassified section
|
page execute and read and write
|
|
|
|
2DC0000
|
unkown
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
30DE000
|
trusted library allocation
|
page read and write
|
|
|
|
33E0000
|
trusted library allocation
|
page read and write
|
|
|
|
2E71000
|
trusted library allocation
|
page read and write
|
|
|
|
4CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
5680000
|
trusted library section
|
page read and write
|
|
|
|
25F0000
|
unclassified section
|
page execute and read and write
|
|
|
|
2F00000
|
system
|
page execute and read and write
|
|
|
|
3167000
|
heap
|
page read and write
|
||
|
9500000
|
heap
|
page read and write
|
||
|
5282000
|
direct allocation
|
page execute and read and write
|
||
|
5AE6000
|
unclassified section
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
82F2000
|
heap
|
page read and write
|
||
|
C4BEBFF000
|
stack
|
page read and write
|
||
|
C15000
|
unkown
|
page read and write
|
||
|
14DE000
|
stack
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
120D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3004000
|
heap
|
page read and write
|
||
|
88AE000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
C17000
|
unkown
|
page readonly
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
10C8000
|
heap
|
page read and write
|
||
|
C01000
|
unkown
|
page execute read
|
||
|
20C49901000
|
trusted library allocation
|
page read and write
|
||
|
30F9000
|
heap
|
page read and write
|
||
|
5352000
|
unclassified section
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
960F000
|
stack
|
page read and write
|
||
|
888E000
|
stack
|
page read and write
|
||
|
B32000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
57BF000
|
stack
|
page read and write
|
||
|
122B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E8B000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
82EB000
|
heap
|
page read and write
|
||
|
4F2C000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
180000
|
unkown
|
page readonly
|
||
|
57EB000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
C4BE3FE000
|
stack
|
page read and write
|
||
|
8363000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
8352000
|
heap
|
page read and write
|
||
|
3178000
|
heap
|
page read and write
|
||
|
30FA000
|
heap
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
404E000
|
trusted library allocation
|
page read and write
|
||
|
8326000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
A82000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
20C49680000
|
trusted library allocation
|
page read and write
|
||
|
2F5E000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
28A4000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
20C49818000
|
trusted library allocation
|
page read and write
|
||
|
8347000
|
heap
|
page read and write
|
||
|
8F8D000
|
stack
|
page read and write
|
||
|
57CC000
|
heap
|
page read and write
|
||
|
1203000
|
trusted library allocation
|
page read and write
|
||
|
764000
|
heap
|
page read and write
|
||
|
152F000
|
trusted library allocation
|
page read and write
|
||
|
283C000
|
stack
|
page read and write
|
||
|
2B72000
|
unkown
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
11FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
C17000
|
unkown
|
page readonly
|
||
|
C60000
|
unkown
|
page readonly
|
||
|
3141000
|
heap
|
page read and write
|
||
|
8F00000
|
trusted library allocation
|
page read and write
|
||
|
8357000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
4D8E000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
30F3000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
20C47DDA000
|
heap
|
page read and write
|
||
|
896F000
|
stack
|
page read and write
|
||
|
31A5000
|
heap
|
page read and write
|
||
|
C01000
|
unkown
|
page execute read
|
||
|
1BF0000
|
unclassified section
|
page execute and read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
C0E000
|
unkown
|
page readonly
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
188E000
|
direct allocation
|
page execute and read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
C17000
|
unkown
|
page readonly
|
||
|
8C8E000
|
stack
|
page read and write
|
||
|
20C49800000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
16CF000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1227000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E79000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
33E0000
|
trusted library allocation
|
page read and write
|
||
|
31AB000
|
heap
|
page read and write
|
||
|
170000
|
unkown
|
page readonly
|
||
|
740000
|
unkown
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
CD0000
|
unkown
|
page read and write
|
||
|
11F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
53AC000
|
unclassified section
|
page read and write
|
||
|
19B6000
|
direct allocation
|
page execute and read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
5A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
C4BDBFE000
|
stack
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
C60000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
308F000
|
stack
|
page read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
570000
|
unkown
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
918E000
|
stack
|
page read and write
|
||
|
2E0E000
|
trusted library allocation
|
page read and write
|
||
|
181D000
|
direct allocation
|
page execute and read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
30EE000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
F73000
|
system
|
page execute and read and write
|
||
|
1098000
|
heap
|
page read and write
|
||
|
20C499CE000
|
trusted library allocation
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
20C4980F000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
319A000
|
heap
|
page read and write
|
||
|
4EBB000
|
heap
|
page read and write
|
||
|
8230000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1BE0000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
832B000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
570000
|
unkown
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1819000
|
direct allocation
|
page execute and read and write
|
||
|
D18000
|
heap
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
4CFA000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
315C000
|
heap
|
page read and write
|
||
|
7BC2000
|
system
|
page read and write
|
||
|
57A6000
|
heap
|
page read and write
|
||
|
20C499BE000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
8284000
|
system
|
page read and write
|
||
|
121A000
|
trusted library allocation
|
page execute and read and write
|
||
|
9EC000
|
stack
|
page read and write
|
||
|
94FC000
|
stack
|
page read and write
|
||
|
2C14000
|
unclassified section
|
page execute and read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
5392000
|
trusted library allocation
|
page read and write
|
||
|
22D0000
|
unkown
|
page readonly
|
||
|
928F000
|
stack
|
page read and write
|
||
|
520D000
|
direct allocation
|
page execute and read and write
|
||
|
30D8000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
58FB000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
20C47C9E000
|
system
|
page execute and read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
C0E000
|
unkown
|
page readonly
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
8239000
|
heap
|
page read and write
|
||
|
20C499A6000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
D18000
|
heap
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
1FA000
|
stack
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
57B0000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
4BDE000
|
heap
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
10FA000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
20C499C4000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page execute and read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2E4C000
|
unkown
|
page read and write
|
||
|
3EC7000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
537C000
|
stack
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
10D3000
|
heap
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
57C4000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
20C47D50000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
20C47DA0000
|
heap
|
page read and write
|
||
|
D2F000
|
heap
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1212000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
500C000
|
stack
|
page read and write
|
||
|
9EC000
|
stack
|
page read and write
|
||
|
6310000
|
trusted library section
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
82F0000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
82D0000
|
trusted library allocation
|
page read and write
|
||
|
11F4000
|
trusted library allocation
|
page read and write
|
||
|
6F0000
|
unkown
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
8EA000
|
stack
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
3157000
|
heap
|
page read and write
|
||
|
10D5000
|
heap
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
unkown
|
page execute and read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
3234000
|
unkown
|
page read and write
|
||
|
109E000
|
heap
|
page read and write
|
||
|
5954000
|
unclassified section
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BD7000
|
heap
|
page read and write
|
||
|
20C47DEC000
|
heap
|
page read and write
|
||
|
F63000
|
system
|
page execute and read and write
|
||
|
287E000
|
stack
|
page read and write
|
||
|
88EF000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
59FD000
|
stack
|
page read and write
|
||
|
135F000
|
stack
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
DEC000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
2E16000
|
trusted library allocation
|
page read and write
|
||
|
3144000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
151C000
|
stack
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
1141000
|
heap
|
page read and write
|
||
|
833F000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
82E6000
|
heap
|
page read and write
|
||
|
F82000
|
system
|
page execute and read and write
|
||
|
BC9000
|
stack
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
4180000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
880000
|
unkown
|
page readonly
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
41C2000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
unkown
|
page readonly
|
||
|
50DE000
|
direct allocation
|
page execute and read and write
|
||
|
1535000
|
trusted library allocation
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
4D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
710000
|
unkown
|
page readonly
|
||
|
5292000
|
unclassified section
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
C15000
|
unkown
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2BA7000
|
unclassified section
|
page execute and read and write
|
||
|
892E000
|
stack
|
page read and write
|
||
|
170000
|
unkown
|
page readonly
|
||
|
31A1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
4EFE000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
970E000
|
stack
|
page read and write
|
||
|
20C49700000
|
trusted library allocation
|
page read and write
|
||
|
2E1D000
|
trusted library allocation
|
page read and write
|
||
|
8A8E000
|
stack
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
27B0000
|
unkown
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
3157000
|
heap
|
page read and write
|
||
|
8EA000
|
stack
|
page read and write
|
||
|
4AF6000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
C15000
|
unkown
|
page read and write
|
||
|
30F9000
|
heap
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2DFB000
|
trusted library allocation
|
page read and write
|
||
|
82E0000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
30F3000
|
heap
|
page read and write
|
||
|
2E4C000
|
unkown
|
page read and write
|
||
|
2DF4000
|
trusted library allocation
|
page read and write
|
||
|
20C49803000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2EC8000
|
stack
|
page read and write
|
||
|
20C47E02000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
3144000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
53E0000
|
trusted library section
|
page read and write
|
||
|
C15000
|
unkown
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
5211000
|
direct allocation
|
page execute and read and write
|
||
|
7C82000
|
system
|
page read and write
|
||
|
20C49821000
|
trusted library allocation
|
page read and write
|
||
|
3161000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
20C47C30000
|
system
|
page execute and read and write
|
||
|
2A80000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
13A0000
|
unkown
|
page readonly
|
||
|
770000
|
heap
|
page read and write
|
||
|
89AE000
|
stack
|
page read and write
|
||
|
C4BD3FE000
|
stack
|
page read and write
|
||
|
20C47DFF000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
20C47DD0000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
1181000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
8B8E000
|
stack
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
82FA000
|
heap
|
page read and write
|
||
|
20C47CA2000
|
system
|
page execute and read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
93FB000
|
stack
|
page read and write
|
||
|
54B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
556C000
|
unclassified section
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
3E71000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
13A0000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page read and write
|
||
|
4CE0000
|
trusted library allocation
|
page read and write
|
||
|
3137000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
8321000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
4EB7000
|
heap
|
page read and write
|
||
|
2A80000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
28A4000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
8304000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
30F3000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
FD6000
|
system
|
page execute and read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
506D000
|
direct allocation
|
page execute and read and write
|
||
|
20C49900000
|
trusted library allocation
|
page read and write
|
||
|
19BD000
|
direct allocation
|
page execute and read and write
|
||
|
2B72000
|
unkown
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
8F02000
|
trusted library allocation
|
page read and write
|
||
|
82F8000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
8CCD000
|
stack
|
page read and write
|
||
|
154A000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
6F0000
|
unkown
|
page read and write
|
||
|
834E000
|
heap
|
page read and write
|
||
|
30F3000
|
heap
|
page read and write
|
||
|
C01000
|
unkown
|
page execute read
|
||
|
8DD0000
|
heap
|
page read and write
|
||
|
540000
|
unkown
|
page readonly
|
||
|
886F000
|
stack
|
page read and write
|
||
|
89EF000
|
stack
|
page read and write
|
||
|
530000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
20C47DFA000
|
heap
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
87AC000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
31BF000
|
heap
|
page read and write
|
||
|
22D0000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
A80000
|
unkown
|
page readonly
|
||
|
20C49816000
|
trusted library allocation
|
page read and write
|
||
|
30EA000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
CF0000
|
unkown
|
page read and write
|
||
|
3004000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
30F3000
|
heap
|
page read and write
|
||
|
3377000
|
unkown
|
page execute and read and write
|
||
|
5C1000
|
unkown
|
page readonly
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
1FA000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
F59000
|
system
|
page execute and read and write
|
||
|
CD0000
|
unkown
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
2F17000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
316E000
|
heap
|
page read and write
|
||
|
530000
|
unkown
|
page readonly
|
||
|
540000
|
unkown
|
page readonly
|
||
|
82F5000
|
heap
|
page read and write
|
||
|
30F3000
|
heap
|
page read and write
|
||
|
3132000
|
heap
|
page read and write
|
||
|
33E4000
|
unkown
|
page execute and read and write
|
||
|
1A40000
|
direct allocation
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
8DCD000
|
stack
|
page read and write
|
||
|
914E000
|
stack
|
page read and write
|
||
|
314A000
|
heap
|
page read and write
|
||
|
88CE000
|
stack
|
page read and write
|
||
|
58BF000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
5C1000
|
unkown
|
page readonly
|
||
|
20C49680000
|
trusted library allocation
|
page read and write
|
||
|
831B000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page execute and read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
C0E000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
F5B000
|
system
|
page execute and read and write
|
||
|
C4BCBFB000
|
stack
|
page read and write
|
||
|
835C000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
1216000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A50000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
27F0000
|
unkown
|
page read and write
|
||
|
8235000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
33C6000
|
unkown
|
page read and write
|
||
|
740000
|
unkown
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
904D000
|
stack
|
page read and write
|
||
|
82E1000
|
heap
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE1000
|
unkown
|
page readonly
|
||
|
75DE000
|
stack
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
C17000
|
unkown
|
page readonly
|
||
|
2970000
|
heap
|
page read and write
|
||
|
880000
|
unkown
|
page readonly
|
||
|
20C47D90000
|
heap
|
page read and write
|
||
|
3004000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
3F15000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
F7F000
|
system
|
page execute and read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
30EE000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
7E9C000
|
system
|
page read and write
|
||
|
E35000
|
heap
|
page read and write
|
||
|
5069000
|
direct allocation
|
page execute and read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
3141000
|
heap
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
2C8C000
|
unkown
|
page read and write
|
||
|
8354000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1125000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
2C32000
|
unkown
|
page read and write
|
||
|
4F40000
|
direct allocation
|
page execute and read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
C0E000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
10BA000
|
heap
|
page read and write
|
||
|
C01000
|
unkown
|
page execute read
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
30FC000
|
heap
|
page read and write
|
||
|
10B2000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
20C47D30000
|
heap
|
page read and write
|
||
|
73B1000
|
trusted library allocation
|
page read and write
|
||
|
19A1000
|
direct allocation
|
page execute and read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
20C47DE0000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
3F63000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
314A000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
550000
|
unkown
|
page readonly
|
||
|
180000
|
unkown
|
page readonly
|
||
|
CF0000
|
unkown
|
page read and write
|
||
|
710000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
3172000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
8F4E000
|
stack
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
27F0000
|
unkown
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
54C3000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
1222000
|
trusted library allocation
|
page read and write
|
||
|
1A38000
|
direct allocation
|
page execute and read and write
|
||
|
764000
|
heap
|
page read and write
|
||
|
16F0000
|
direct allocation
|
page execute and read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
20C47E02000
|
heap
|
page read and write
|
||
|
882E000
|
stack
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
32E1000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
57ED000
|
heap
|
page read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
3184000
|
heap
|
page read and write
|
||
|
87ED000
|
stack
|
page read and write
|
||
|
CE1000
|
unkown
|
page readonly
|
There are 623 hidden memdumps, click here to show them.