Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL_Delivery Documents.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp3106.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\YybGLWQSx.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\DHL_Delivery Documents.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\YybGLWQSx.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_05krldvo.z5p.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_25hh11fd.v0n.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_af2qolju.lyb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mmht5dpf.3fv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nj4ihgbw.33q.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qahqzbu1.uyv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_raktu4te.try.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x1c0onn3.poe.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp4C1F.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\y11J94u5t
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\YybGLWQSx.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DHL_Delivery Documents.exe
|
"C:\Users\user\Desktop\DHL_Delivery Documents.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\DHL_Delivery
Documents.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\YybGLWQSx.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\YybGLWQSx" /XML "C:\Users\user\AppData\Local\Temp\tmp3106.tmp"
|
|
|
|
C:\Users\user\Desktop\DHL_Delivery Documents.exe
|
"C:\Users\user\Desktop\DHL_Delivery Documents.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\YybGLWQSx.exe
|
C:\Users\user\AppData\Roaming\YybGLWQSx.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\YybGLWQSx" /XML "C:\Users\user\AppData\Local\Temp\tmp4C1F.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\YybGLWQSx.exe
|
"C:\Users\user\AppData\Roaming\YybGLWQSx.exe"
|
|
|
|
C:\Program Files (x86)\VuUYgaAtyiysyfJGpQTeLcWhpmRrpASZmySdBWsiNRjrHvaqlbIOIemMySRwxdZx\OoIHIwIlaOHZFTFWeSHYCjEJ.exe
|
"C:\Program Files (x86)\VuUYgaAtyiysyfJGpQTeLcWhpmRrpASZmySdBWsiNRjrHvaqlbIOIemMySRwxdZx\OoIHIwIlaOHZFTFWeSHYCjEJ.exe"
|
|
|
|
C:\Windows\SysWOW64\setx.exe
|
"C:\Windows\SysWOW64\setx.exe"
|
|
|
|
C:\Program Files (x86)\VuUYgaAtyiysyfJGpQTeLcWhpmRrpASZmySdBWsiNRjrHvaqlbIOIemMySRwxdZx\OoIHIwIlaOHZFTFWeSHYCjEJ.exe
|
"C:\Program Files (x86)\VuUYgaAtyiysyfJGpQTeLcWhpmRrpASZmySdBWsiNRjrHvaqlbIOIemMySRwxdZx\OoIHIwIlaOHZFTFWeSHYCjEJ.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.uzonedich.com/ew0m/?Urf=R9oUCj0Kr0tjZSdhKcVG72tknPUSe2YfdfzFTAWqH1uH1Z8SvVf85mUnaA3f99ILEbWrEuJ+fmKqJVRYQbENh1wm0L+Vjxgcu0XuSfZ61wplFH4xX6XBL/wdg7Pf2vzXJQ==&pP=fPyhqn_HwdI
|
103.48.135.8
|
|
|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://www.alexbruma.com/0eyj/
|
172.67.214.17
|
||
|
http://tempuri.org/registerationDataSet.xsdOAsnanyDentalClinic.Properties.Resources
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
||
|
http://www.alexbruma.com
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.alexbruma.com/0eyj/?Urf=xbMFueOYBXYurIwiepFnO71qLlyP3ujEHyf23sFAywtga3bqBhIKPev0K8adiimIvdV9j6fOUj2Pc2CkptCWxRwbiV0KWskIok5o/u5VAK+QdqKfe3RHCloueJvNBgPjzg==&pP=fPyhqn_HwdI
|
172.67.214.17
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.uzonedich.com
|
103.48.135.8
|
|
|
|
www.prospin.click
|
unknown
|
|
|
|
www.bookingshop01.top
|
unknown
|
|
|
|
www.7egiy1.cfd
|
unknown
|
|
|
|
www.alexbruma.com
|
172.67.214.17
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.48.135.8
|
www.uzonedich.com
|
Hong Kong
|
|
|
|
172.67.214.17
|
www.alexbruma.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
1F30000
|
unclassified section
|
page execute and read and write
|
|
|
|
7B0000
|
trusted library allocation
|
page read and write
|
|
|
|
4C40000
|
system
|
page execute and read and write
|
|
|
|
410000
|
system
|
page execute and read and write
|
|
|
|
2D40000
|
unkown
|
page execute and read and write
|
|
|
|
1690000
|
unclassified section
|
page execute and read and write
|
|
|
|
7F0000
|
trusted library allocation
|
page read and write
|
|
|
|
6C9000
|
heap
|
page read and write
|
||
|
FCC000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
234C000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
75DF000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2E6E000
|
trusted library allocation
|
page read and write
|
||
|
1618DBA0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4942000
|
trusted library allocation
|
page read and write
|
||
|
1672000
|
direct allocation
|
page execute and read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
1150000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
391C000
|
trusted library allocation
|
page read and write
|
||
|
75C3000
|
heap
|
page read and write
|
||
|
8F1F000
|
stack
|
page read and write
|
||
|
5383000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
5350000
|
trusted library section
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
304C000
|
unclassified section
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
30FE000
|
unkown
|
page read and write
|
||
|
40DA7FE000
|
stack
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7C3F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4910000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
60E000
|
unkown
|
page readonly
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
395F000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
790000
|
unkown
|
page readonly
|
||
|
1390000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
75E4000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4CDC000
|
stack
|
page read and write
|
||
|
2B5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
B4A000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
740000
|
trusted library allocation
|
page read and write
|
||
|
6E0000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
312A000
|
heap
|
page read and write
|
||
|
1618DA77000
|
heap
|
page read and write
|
||
|
37C6000
|
trusted library allocation
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
25F2000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1618D9F1000
|
system
|
page execute and read and write
|
||
|
148E000
|
stack
|
page read and write
|
||
|
814E000
|
stack
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
F1E000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
6F4000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7EA000
|
heap
|
page read and write
|
||
|
24D7000
|
trusted library allocation
|
page read and write
|
||
|
2C60000
|
heap
|
page execute and read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
2532000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2F32000
|
unclassified section
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2882000
|
heap
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
52A2000
|
trusted library allocation
|
page read and write
|
||
|
71A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B4E000
|
stack
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
644E000
|
stack
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
6FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
308C000
|
unkown
|
page execute and read and write
|
||
|
3515000
|
trusted library allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
716000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
15B0000
|
direct allocation
|
page execute and read and write
|
||
|
B2A000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
7566000
|
heap
|
page read and write
|
||
|
770000
|
unkown
|
page readonly
|
||
|
7B3F000
|
stack
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
601000
|
unkown
|
page execute read
|
||
|
F46000
|
heap
|
page read and write
|
||
|
F01000
|
unkown
|
page readonly
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
529F000
|
stack
|
page read and write
|
||
|
4A63000
|
heap
|
page read and write
|
||
|
2FF2000
|
unclassified section
|
page read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
941C000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
F18000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
303E000
|
unkown
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
75A4000
|
heap
|
page read and write
|
||
|
B6F000
|
stack
|
page read and write
|
||
|
2D09000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4914000
|
trusted library allocation
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
6F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1618D9EF000
|
system
|
page execute and read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
74BB000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
1254000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
33EF000
|
stack
|
page read and write
|
||
|
617000
|
unkown
|
page readonly
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
16B1000
|
unkown
|
page readonly
|
||
|
187D000
|
direct allocation
|
page execute and read and write
|
||
|
65C000
|
heap
|
page read and write
|
||
|
3FBC000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
5319000
|
trusted library allocation
|
page read and write
|
||
|
7561000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
790000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
332F000
|
unkown
|
page read and write
|
||
|
390000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
2532000
|
unkown
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4A09000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8B8E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
662000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
4F2C000
|
stack
|
page read and write
|
||
|
AA0000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
9D2000
|
unkown
|
page readonly
|
||
|
BE0000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
700000
|
trusted library allocation
|
page read and write
|
||
|
3AAA000
|
unclassified section
|
page read and write
|
||
|
615000
|
unkown
|
page read and write
|
||
|
60E000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1320000
|
unkown
|
page readonly
|
||
|
7E4E000
|
stack
|
page read and write
|
||
|
158F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4900000
|
trusted library allocation
|
page read and write
|
||
|
757A000
|
heap
|
page read and write
|
||
|
22B8000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
727000
|
trusted library allocation
|
page execute and read and write
|
||
|
1610000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1618F7CE000
|
trusted library allocation
|
page read and write
|
||
|
77B0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
592E000
|
stack
|
page read and write
|
||
|
1618DAA4000
|
heap
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2C50000
|
unkown
|
page readonly
|
||
|
601000
|
unkown
|
page execute read
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
2B56000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B4000
|
heap
|
page read and write
|
||
|
4980000
|
trusted library allocation
|
page read and write
|
||
|
2D0D000
|
direct allocation
|
page execute and read and write
|
||
|
1618DAA1000
|
heap
|
page read and write
|
||
|
722000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7F7B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1320000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4970000
|
trusted library allocation
|
page read and write
|
||
|
873E000
|
stack
|
page read and write
|
||
|
2B9A000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2C50000
|
unkown
|
page readonly
|
||
|
96F000
|
stack
|
page read and write
|
||
|
2C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
4CD9000
|
system
|
page execute and read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
1618DA70000
|
heap
|
page read and write
|
||
|
5274000
|
trusted library allocation
|
page read and write
|
||
|
662000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
73D000
|
heap
|
page read and write
|
||
|
6B1000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
E5D000
|
stack
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
75A9000
|
heap
|
page read and write
|
||
|
10CF000
|
stack
|
page read and write
|
||
|
756F000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
AB0000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
2C4F000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
40DB7FE000
|
stack
|
page read and write
|
||
|
7F0000
|
unkown
|
page read and write
|
||
|
3813000
|
trusted library allocation
|
page read and write
|
||
|
4CE1000
|
system
|
page execute and read and write
|
||
|
BF1000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
491B000
|
trusted library allocation
|
page read and write
|
||
|
723000
|
heap
|
page read and write
|
||
|
320C000
|
unclassified section
|
page read and write
|
||
|
528E000
|
trusted library allocation
|
page read and write
|
||
|
1D7E000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3E39000
|
trusted library allocation
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
36F6000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4956000
|
trusted library allocation
|
page read and write
|
||
|
2C78000
|
trusted library allocation
|
page read and write
|
||
|
1618F600000
|
trusted library allocation
|
page read and write
|
||
|
4931000
|
trusted library allocation
|
page read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1BE0000
|
direct allocation
|
page execute and read and write
|
||
|
2C44000
|
heap
|
page read and write
|
||
|
30AA000
|
unkown
|
page read and write
|
||
|
247E000
|
stack
|
page read and write
|
||
|
1618F60E000
|
trusted library allocation
|
page read and write
|
||
|
1618DA8F000
|
heap
|
page read and write
|
||
|
830000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
360C000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4A40000
|
heap
|
page execute and read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
1618DAC0000
|
heap
|
page read and write
|
||
|
887C000
|
stack
|
page read and write
|
||
|
39A1000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
756B000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
615000
|
unkown
|
page read and write
|
||
|
931C000
|
stack
|
page read and write
|
||
|
1D0D000
|
direct allocation
|
page execute and read and write
|
||
|
830000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
7BBF000
|
stack
|
page read and write
|
||
|
16D9000
|
direct allocation
|
page execute and read and write
|
||
|
491E000
|
trusted library allocation
|
page read and write
|
||
|
615000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
AC0000
|
unkown
|
page readonly
|
||
|
820000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
770000
|
unkown
|
page readonly
|
||
|
790000
|
unkown
|
page readonly
|
||
|
1D8000
|
stack
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
66F000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4FEA000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
74A0000
|
heap
|
page read and write
|
||
|
759000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
1A7F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4D7E000
|
stack
|
page read and write
|
||
|
4CE0000
|
trusted library allocation
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
75D5000
|
heap
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
2B43000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
heap
|
page read and write
|
||
|
7578000
|
heap
|
page read and write
|
||
|
60E000
|
unkown
|
page readonly
|
||
|
9420000
|
heap
|
page read and write
|
||
|
89CF000
|
stack
|
page read and write
|
||
|
1618F7BE000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3785000
|
trusted library allocation
|
page read and write
|
||
|
7F54000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
2500000
|
unkown
|
page readonly
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B67000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B66000
|
heap
|
page read and write
|
||
|
7584000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
617000
|
unkown
|
page readonly
|
||
|
6F0000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
863E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
23CE000
|
stack
|
page read and write
|
||
|
759E000
|
heap
|
page read and write
|
||
|
75AD000
|
heap
|
page read and write
|
||
|
658000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2520000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
16B1000
|
unkown
|
page readonly
|
||
|
537000
|
stack
|
page read and write
|
||
|
827D000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2500000
|
unkown
|
page readonly
|
||
|
1150000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
705000
|
heap
|
page read and write
|
||
|
34D3000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
1251000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
6E2000
|
heap
|
page read and write
|
||
|
760000
|
trusted library allocation
|
page execute and read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
62C0000
|
trusted library section
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
227C000
|
unclassified section
|
page execute and read and write
|
||
|
144F000
|
stack
|
page read and write
|
||
|
AB0000
|
unkown
|
page readonly
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
801000
|
unkown
|
page readonly
|
||
|
2520000
|
unkown
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
496F000
|
trusted library allocation
|
page read and write
|
||
|
8880000
|
heap
|
page read and write
|
||
|
66A000
|
stack
|
page read and write
|
||
|
F55000
|
heap
|
page read and write
|
||
|
F01000
|
unkown
|
page readonly
|
||
|
75D1000
|
heap
|
page read and write
|
||
|
4975000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8A4E000
|
stack
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
15D6000
|
direct allocation
|
page execute and read and write
|
||
|
22A0000
|
heap
|
page execute and read and write
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
5644000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
884E000
|
stack
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
84FE000
|
stack
|
page read and write
|
||
|
1170000
|
unkown
|
page read and write
|
||
|
1F28000
|
direct allocation
|
page execute and read and write
|
||
|
3481000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
24E8000
|
trusted library allocation
|
page read and write
|
||
|
1618F7A6000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
1618D9ED000
|
system
|
page execute and read and write
|
||
|
1636000
|
direct allocation
|
page execute and read and write
|
||
|
7CBF000
|
stack
|
page read and write
|
||
|
5291000
|
trusted library allocation
|
page read and write
|
||
|
49F0000
|
heap
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
1630000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
24BE000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
unkown
|
page readonly
|
||
|
790000
|
heap
|
page read and write
|
||
|
229E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7F50000
|
heap
|
page read and write
|
||
|
1D09000
|
direct allocation
|
page execute and read and write
|
||
|
7B2000
|
heap
|
page read and write
|
||
|
111D000
|
stack
|
page read and write
|
||
|
76C000
|
stack
|
page read and write
|
||
|
1876000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
5FED000
|
stack
|
page read and write
|
||
|
AB8000
|
unkown
|
page readonly
|
||
|
1EAD000
|
direct allocation
|
page execute and read and write
|
||
|
3786000
|
unclassified section
|
page read and write
|
||
|
83BE000
|
stack
|
page read and write
|
||
|
8F5E000
|
stack
|
page read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
1618F380000
|
heap
|
page read and write
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
92DE000
|
stack
|
page read and write
|
||
|
5296000
|
trusted library allocation
|
page read and write
|
||
|
1618F621000
|
trusted library allocation
|
page read and write
|
||
|
2A80000
|
trusted library allocation
|
page read and write
|
||
|
DC0C000
|
system
|
page read and write
|
||
|
15B7000
|
direct allocation
|
page execute and read and write
|
||
|
5C8E000
|
stack
|
page read and write
|
||
|
17A9000
|
heap
|
page read and write
|
||
|
76FC000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
298E000
|
heap
|
page read and write
|
||
|
617000
|
unkown
|
page readonly
|
||
|
2F22000
|
direct allocation
|
page execute and read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
2410000
|
unkown
|
page readonly
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
5A4F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
F5D000
|
stack
|
page read and write
|
||
|
830000
|
unkown
|
page read and write
|
||
|
539F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4936000
|
trusted library allocation
|
page read and write
|
||
|
40D9FFD000
|
stack
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
5520000
|
trusted library section
|
page read and write
|
||
|
905E000
|
stack
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
75E7000
|
heap
|
page read and write
|
||
|
4CFD000
|
system
|
page execute and read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
2B4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
280C000
|
unkown
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
801000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1618D9A0000
|
system
|
page execute and read and write
|
||
|
562A000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
138D000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E0000
|
unkown
|
page read and write
|
||
|
75DA000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2C0C000
|
stack
|
page read and write
|
||
|
601000
|
unkown
|
page execute read
|
||
|
2881000
|
heap
|
page read and write
|
||
|
75AF000
|
heap
|
page read and write
|
||
|
303D000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
860000
|
unkown
|
page read and write
|
||
|
8E1E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1680000
|
heap
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
5000000
|
trusted library allocation
|
page execute and read and write
|
||
|
58CB000
|
trusted library allocation
|
page read and write
|
||
|
4CF1000
|
system
|
page execute and read and write
|
||
|
1618F700000
|
trusted library allocation
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7F0000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3139000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
264C000
|
unkown
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
D9F2000
|
system
|
page read and write
|
||
|
889E000
|
stack
|
page read and write
|
||
|
877B000
|
stack
|
page read and write
|
||
|
40A6000
|
trusted library allocation
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
111C000
|
stack
|
page read and write
|
||
|
615000
|
unkown
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
909E000
|
stack
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2C44000
|
heap
|
page read and write
|
||
|
7B7E000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
1861000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
5312000
|
trusted library allocation
|
page read and write
|
||
|
70D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
225F000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
777E000
|
stack
|
page read and write
|
||
|
238E000
|
stack
|
page read and write
|
||
|
4D2A000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1618F500000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
6F3000
|
heap
|
page read and write
|
||
|
2B62000
|
trusted library allocation
|
page read and write
|
||
|
4B4000
|
heap
|
page read and write
|
||
|
E186000
|
system
|
page read and write
|
||
|
1618F440000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
3898000
|
trusted library allocation
|
page read and write
|
||
|
390000
|
unkown
|
page readonly
|
||
|
1B7F000
|
stack
|
page read and write
|
||
|
7BFE000
|
stack
|
page read and write
|
||
|
45BC000
|
stack
|
page read and write
|
||
|
AA0000
|
unkown
|
page readonly
|
||
|
76C000
|
stack
|
page read and write
|
||
|
4E5C000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4A02000
|
trusted library allocation
|
page read and write
|
||
|
527B000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
601000
|
unkown
|
page execute read
|
||
|
1618F450000
|
trusted library allocation
|
page read and write
|
||
|
712000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
75CB000
|
heap
|
page read and write
|
||
|
2410000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2BE0000
|
direct allocation
|
page execute and read and write
|
||
|
1618F610000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
14FA000
|
stack
|
page read and write
|
||
|
5300000
|
heap
|
page read and write
|
||
|
40DAFFE000
|
stack
|
page read and write
|
||
|
1EA6000
|
direct allocation
|
page execute and read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4D54000
|
system
|
page execute and read and write
|
||
|
1618F701000
|
trusted library allocation
|
page read and write
|
||
|
1384000
|
trusted library allocation
|
page read and write
|
||
|
65C000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
81F000
|
heap
|
page read and write
|
||
|
60E000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2EAD000
|
direct allocation
|
page execute and read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2A39000
|
heap
|
page read and write
|
||
|
2EB1000
|
direct allocation
|
page execute and read and write
|
||
|
8C8E000
|
stack
|
page read and write
|
||
|
492E000
|
trusted library allocation
|
page read and write
|
||
|
617000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
710000
|
trusted library allocation
|
page read and write
|
||
|
85FE000
|
stack
|
page read and write
|
||
|
2B6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
773D000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
42C000
|
remote allocation
|
page execute and read and write
|
||
|
1618F7C4000
|
trusted library allocation
|
page read and write
|
||
|
7572000
|
heap
|
page read and write
|
||
|
6EF000
|
heap
|
page read and write
|
||
|
2B5D000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
2B52000
|
trusted library allocation
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
29A5000
|
heap
|
page read and write
|
||
|
24EA000
|
trusted library allocation
|
page read and write
|
||
|
66A000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1383000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A60000
|
heap
|
page read and write
|
||
|
307F000
|
unkown
|
page read and write
|
||
|
58C0000
|
trusted library allocation
|
page read and write
|
||
|
7C7E000
|
stack
|
page read and write
|
||
|
16D3000
|
direct allocation
|
page execute and read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
919E000
|
stack
|
page read and write
|
||
|
91DE000
|
stack
|
page read and write
|
||
|
1170000
|
unkown
|
page read and write
|
||
|
585B000
|
stack
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
6B1000
|
heap
|
page read and write
|
||
|
40D97FB000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
44BC000
|
stack
|
page read and write
|
||
|
1618F450000
|
trusted library allocation
|
page read and write
|
||
|
4E7F000
|
stack
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
BF1000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
280C000
|
unkown
|
page read and write
|
||
|
10E0000
|
unkown
|
page read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
307A000
|
stack
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
D932000
|
system
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
703000
|
trusted library allocation
|
page read and write
|
||
|
88CE000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
BE0000
|
unkown
|
page read and write
|
||
|
4B4000
|
heap
|
page read and write
|
||
|
72B000
|
trusted library allocation
|
page execute and read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
2481000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
809000
|
heap
|
page read and write
|
||
|
563F000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
1618DA9C000
|
heap
|
page read and write
|
||
|
B2A000
|
stack
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
139A000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2C55000
|
trusted library allocation
|
page read and write
|
||
|
2E3B000
|
heap
|
page read and write
|
||
|
527E000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
1788000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7575000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
49E0000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
837F000
|
stack
|
page read and write
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
493D000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
7FBD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5671000
|
heap
|
page read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
830000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
heap
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
system
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
84BF000
|
stack
|
page read and write
|
||
|
529D000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1E91000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
2B62000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1618F603000
|
trusted library allocation
|
page read and write
|
||
|
2D86000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2D7E000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
850000
|
unkown
|
page read and write
|
||
|
830000
|
trusted library allocation
|
page read and write
|
||
|
4954000
|
trusted library allocation
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
2BD7000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
There are 819 hidden memdumps, click here to show them.