Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
microPHAZIR_5.4.0.135-windows-installer.exe
|
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\file-16px.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\folder-16px.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\leftImage.png
|
PNG image data, 163 x 314, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\logoImage.png
|
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\msgbox-error.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\msgbox-info.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\msgbox-question.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\msgbox-warning.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\open_directory-16px.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\open_directory-16px_disabled.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\open_directory-16px_selected.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\open_project-16px.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\open_project-16px_disabled.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\open_project-16px_selected.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\splashImage.png
|
PNG image data, 149 x 73, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\updir.png
|
PNG image data, 24 x 25, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\wmImage.png
|
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.installbuilder\.tmp_7640_9228136\x01image_small.png
|
PNG image data, 85 x 85, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR1D20.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR1D5F.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR1DCE.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR1E2C.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR1E4D.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR1E8C.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR1E9D.tmp
|
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR1FE6.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR24D9.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR24E9.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BRL00001dd8\BR2817.tmp
|
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
There are 20 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\microPHAZIR_5.4.0.135-windows-installer.exe
|
"C:\Users\user\Desktop\microPHAZIR_5.4.0.135-windows-installer.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.google.com
|
unknown
|
 |
|
|
http://tcl.sf.net
|
unknown
|
||
|
http://www.inria.fr/koala/colas/mouse-wheel-scroll/
|
unknown
|
||
|
http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/index.html#id3037154
|
unknown
|
||
|
http://blogs.msdn.com/oldnewthing/archive/2003/08/21/54675.aspx
|
unknown
|
||
|
http://gcc.gnu.org/bugs.html):
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Environment
|
InstallBuilder
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2CFE000
|
heap
|
page read and write
|
||
|
2BA1000
|
heap
|
page read and write
|
||
|
3ED0000
|
heap
|
page read and write
|
||
|
2CF1000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
2B91000
|
heap
|
page read and write
|
||
|
EFD000
|
heap
|
page read and write
|
||
|
3E44000
|
heap
|
page read and write
|
||
|
3594000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
4857000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
5ED000
|
unkown
|
page readonly
|
||
|
3633000
|
heap
|
page read and write
|
||
|
4283000
|
heap
|
page read and write
|
||
|
558000
|
unkown
|
page readonly
|
||
|
322F000
|
heap
|
page read and write
|
||
|
47CD000
|
heap
|
page read and write
|
||
|
2D02000
|
heap
|
page read and write
|
||
|
2C6F000
|
heap
|
page read and write
|
||
|
3566000
|
heap
|
page read and write
|
||
|
549000
|
unkown
|
page write copy
|
||
|
3FFE000
|
heap
|
page read and write
|
||
|
66CC000
|
heap
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
2B94000
|
heap
|
page read and write
|
||
|
66C4000
|
heap
|
page read and write
|
||
|
449F000
|
heap
|
page read and write
|
||
|
2FE9000
|
heap
|
page read and write
|
||
|
2D0E000
|
heap
|
page read and write
|
||
|
2C66000
|
heap
|
page read and write
|
||
|
352D000
|
heap
|
page read and write
|
||
|
3764000
|
heap
|
page read and write
|
||
|
F18000
|
heap
|
page read and write
|
||
|
2C1A000
|
heap
|
page read and write
|
||
|
2BB4000
|
heap
|
page read and write
|
||
|
2BA9000
|
heap
|
page read and write
|
||
|
2D04000
|
heap
|
page read and write
|
||
|
44A9000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
36E0000
|
heap
|
page read and write
|
||
|
3543000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
3784000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
4117000
|
heap
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
3C2E000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
39BC000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
2D03000
|
heap
|
page read and write
|
||
|
3888000
|
heap
|
page read and write
|
||
|
414C000
|
heap
|
page read and write
|
||
|
2C5E000
|
heap
|
page read and write
|
||
|
4282000
|
heap
|
page read and write
|
||
|
36E1000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
3D77000
|
heap
|
page read and write
|
||
|
386D000
|
heap
|
page read and write
|
||
|
3A7C000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
3566000
|
heap
|
page read and write
|
||
|
2C6F000
|
heap
|
page read and write
|
||
|
3B64000
|
heap
|
page read and write
|
||
|
3BE7000
|
heap
|
page read and write
|
||
|
3764000
|
heap
|
page read and write
|
||
|
2CFE000
|
heap
|
page read and write
|
||
|
420D000
|
heap
|
page read and write
|
||
|
35F1000
|
heap
|
page read and write
|
||
|
51A4000
|
heap
|
page read and write
|
||
|
2CFD000
|
heap
|
page read and write
|
||
|
3CB1000
|
heap
|
page read and write
|
||
|
3D77000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
2C6E000
|
heap
|
page read and write
|
||
|
66CF000
|
heap
|
page read and write
|
||
|
3FAF000
|
heap
|
page read and write
|
||
|
2BAB000
|
heap
|
page read and write
|
||
|
66C0000
|
heap
|
page read and write
|
||
|
2BD9000
|
heap
|
page read and write
|
||
|
3BAE000
|
heap
|
page read and write
|
||
|
3FCE000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
2FE8000
|
heap
|
page read and write
|
||
|
361000
|
unkown
|
page execute read
|
||
|
3934000
|
heap
|
page read and write
|
||
|
2C64000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
2FEE000
|
heap
|
page read and write
|
||
|
2C61000
|
heap
|
page read and write
|
||
|
4084000
|
heap
|
page read and write
|
||
|
2FED000
|
heap
|
page read and write
|
||
|
558000
|
unkown
|
page readonly
|
||
|
E9D000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
39B9000
|
heap
|
page read and write
|
||
|
2BA2000
|
heap
|
page read and write
|
||
|
4281000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
551000
|
unkown
|
page read and write
|
||
|
5F4000
|
unkown
|
page write copy
|
||
|
35F1000
|
heap
|
page read and write
|
||
|
4720000
|
heap
|
page read and write
|
||
|
66C5000
|
heap
|
page read and write
|
||
|
425D000
|
heap
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
550000
|
unkown
|
page write copy
|
||
|
2BBC000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
42C7000
|
heap
|
page read and write
|
||
|
EE1000
|
heap
|
page read and write
|
||
|
3BA6000
|
heap
|
page read and write
|
||
|
2CF1000
|
heap
|
page read and write
|
||
|
4551000
|
heap
|
page read and write
|
||
|
41E1000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
2CF5000
|
heap
|
page read and write
|
||
|
3E2D000
|
heap
|
page read and write
|
||
|
2FE1000
|
heap
|
page read and write
|
||
|
2B79000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
2C5C000
|
heap
|
page read and write
|
||
|
3BEA000
|
heap
|
page read and write
|
||
|
3633000
|
heap
|
page read and write
|
||
|
3FFD000
|
heap
|
page read and write
|
||
|
3FCE000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
3976000
|
heap
|
page read and write
|
||
|
3565000
|
heap
|
page read and write
|
||
|
3B22000
|
heap
|
page read and write
|
||
|
35AA000
|
heap
|
page read and write
|
||
|
35AC000
|
heap
|
page read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
2C5E000
|
heap
|
page read and write
|
||
|
3675000
|
heap
|
page read and write
|
||
|
388E000
|
heap
|
page read and write
|
||
|
386E000
|
heap
|
page read and write
|
||
|
3B22000
|
heap
|
page read and write
|
||
|
360000
|
unkown
|
page readonly
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
4229000
|
heap
|
page read and write
|
||
|
5162000
|
heap
|
page read and write
|
||
|
66C2000
|
heap
|
page read and write
|
||
|
2CF7000
|
heap
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
3F15000
|
heap
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
2C63000
|
heap
|
page read and write
|
||
|
361000
|
unkown
|
page execute read
|
||
|
2B8E000
|
heap
|
page read and write
|
||
|
3CF3000
|
heap
|
page read and write
|
||
|
414A000
|
heap
|
page read and write
|
||
|
3BA7000
|
heap
|
page read and write
|
||
|
38AE000
|
heap
|
page read and write
|
||
|
3BD1000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
39F9000
|
heap
|
page read and write
|
||
|
35AA000
|
heap
|
page read and write
|
||
|
66CF000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
543000
|
unkown
|
page write copy
|
||
|
2C67000
|
heap
|
page read and write
|
||
|
37BC000
|
heap
|
page read and write
|
||
|
38F2000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
547000
|
unkown
|
page read and write
|
||
|
322A000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
3F61000
|
heap
|
page read and write
|
||
|
382A000
|
heap
|
page read and write
|
||
|
386C000
|
heap
|
page read and write
|
||
|
2CF8000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
2C6B000
|
heap
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
3D35000
|
heap
|
page read and write
|
||
|
5EE000
|
unkown
|
page write copy
|
||
|
2C61000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
35AC000
|
heap
|
page read and write
|
||
|
3594000
|
heap
|
page read and write
|
||
|
3B64000
|
heap
|
page read and write
|
||
|
3DB9000
|
heap
|
page read and write
|
||
|
3C6F000
|
heap
|
page read and write
|
||
|
2BA8000
|
heap
|
page read and write
|
||
|
3760000
|
heap
|
page read and write
|
||
|
2FE2000
|
heap
|
page read and write
|
||
|
5ED000
|
unkown
|
page readonly
|
||
|
2B97000
|
heap
|
page read and write
|
||
|
5EB000
|
unkown
|
page read and write
|
||
|
4551000
|
heap
|
page read and write
|
||
|
35F2000
|
heap
|
page read and write
|
||
|
3FF8000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
2FE8000
|
heap
|
page read and write
|
||
|
2BAA000
|
heap
|
page read and write
|
||
|
5161000
|
heap
|
page read and write
|
||
|
2FEA000
|
heap
|
page read and write
|
||
|
382C000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
3AB0000
|
heap
|
page read and write
|
||
|
3ABF000
|
heap
|
page read and write
|
||
|
3A3C000
|
heap
|
page read and write
|
||
|
3E3B000
|
heap
|
page read and write
|
||
|
545000
|
unkown
|
page write copy
|
||
|
66C7000
|
heap
|
page read and write
|
||
|
3E46000
|
heap
|
page read and write
|
||
|
543000
|
unkown
|
page write copy
|
||
|
66C8000
|
heap
|
page read and write
|
||
|
39B6000
|
heap
|
page read and write
|
||
|
3BEA000
|
heap
|
page read and write
|
||
|
F0C000
|
heap
|
page read and write
|
||
|
3675000
|
heap
|
page read and write
|
||
|
61F000
|
unkown
|
page readonly
|
||
|
2CF3000
|
heap
|
page read and write
|
||
|
2BA1000
|
heap
|
page read and write
|
||
|
2BBC000
|
heap
|
page read and write
|
||
|
3F59000
|
heap
|
page read and write
|
||
|
38B1000
|
heap
|
page read and write
|
||
|
2D03000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
569C000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page write copy
|
||
|
2DA0000
|
trusted library section
|
page readonly
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
2B91000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
3FA4000
|
heap
|
page read and write
|
||
|
421B000
|
heap
|
page read and write
|
||
|
3A3A000
|
heap
|
page read and write
|
||
|
2C67000
|
heap
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
5EE000
|
unkown
|
page read and write
|
||
|
54F000
|
unkown
|
page read and write
|
||
|
2BB4000
|
heap
|
page read and write
|
||
|
38F0000
|
heap
|
page read and write
|
||
|
2BFB000
|
heap
|
page read and write
|
||
|
544000
|
unkown
|
page read and write
|
||
|
3A76000
|
heap
|
page read and write
|
||
|
360000
|
unkown
|
page readonly
|
||
|
3B22000
|
heap
|
page read and write
|
||
|
3FCE000
|
heap
|
page read and write
|
||
|
66C4000
|
heap
|
page read and write
|
||
|
66CD000
|
heap
|
page read and write
|
||
|
2CF4000
|
heap
|
page read and write
|
||
|
37DA000
|
heap
|
page read and write
|
||
|
2FEE000
|
heap
|
page read and write
|
||
|
528B000
|
heap
|
page read and write
|
||
|
40D5000
|
heap
|
page read and write
|
||
|
2FED000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
37E8000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
450E000
|
heap
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
37E8000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
2B93000
|
heap
|
page read and write
|
||
|
2BB8000
|
heap
|
page read and write
|
||
|
36C0000
|
heap
|
page read and write
|
||
|
3CA0000
|
heap
|
page read and write
|
||
|
2BB8000
|
heap
|
page read and write
|
||
|
3A7E000
|
heap
|
page read and write
|
||
|
66CE000
|
heap
|
page read and write
|
||
|
35F1000
|
heap
|
page read and write
|
||
|
41D6000
|
heap
|
page read and write
|
||
|
66CA000
|
heap
|
page read and write
|
||
|
412E000
|
heap
|
page read and write
|
||
|
356A000
|
heap
|
page read and write
|
||
|
F08000
|
heap
|
page read and write
|
||
|
37C1000
|
heap
|
page read and write
|
||
|
450C000
|
heap
|
page read and write
|
||
|
40BB000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
52BA000
|
heap
|
page read and write
|
||
|
2BC4000
|
heap
|
page read and write
|
||
|
3502000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
3544000
|
heap
|
page read and write
|
||
|
3C2D000
|
heap
|
page read and write
|
||
|
39F8000
|
heap
|
page read and write
|
||
|
354D000
|
heap
|
page read and write
|
||
|
47C5000
|
heap
|
page read and write
|
||
|
36BE000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
3A7C000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
39FA000
|
heap
|
page read and write
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
3932000
|
heap
|
page read and write
|
||
|
F09000
|
heap
|
page read and write
|
||
|
35AF000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
3B6F000
|
heap
|
page read and write
|
||
|
3722000
|
heap
|
page read and write
|
||
|
3C6F000
|
heap
|
page read and write
|
||
|
2C6E000
|
heap
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
35EC000
|
heap
|
page read and write
|
||
|
3ADD000
|
heap
|
page read and write
|
||
|
3D36000
|
heap
|
page read and write
|
||
|
418B000
|
heap
|
page read and write
|
||
|
401C000
|
heap
|
page read and write
|
||
|
42CC000
|
heap
|
page read and write
|
||
|
2B8E000
|
heap
|
page read and write
|
||
|
2D0A000
|
heap
|
page read and write
|
||
|
35F1000
|
heap
|
page read and write
|
||
|
450E000
|
heap
|
page read and write
|
||
|
66C5000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
65C1000
|
heap
|
page read and write
|
||
|
2B8E000
|
heap
|
page read and write
|
||
|
3675000
|
heap
|
page read and write
|
||
|
354D000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
3C6F000
|
heap
|
page read and write
|
||
|
2FEF000
|
heap
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
3E89000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
35AC000
|
heap
|
page read and write
|
||
|
3764000
|
heap
|
page read and write
|
||
|
2DD3000
|
heap
|
page read and write
|
||
|
401C000
|
heap
|
page read and write
|
||
|
3BEC000
|
heap
|
page read and write
|
||
|
3CA0000
|
heap
|
page read and write
|
||
|
401C000
|
heap
|
page read and write
|
||
|
37AF000
|
heap
|
page read and write
|
||
|
2FE3000
|
heap
|
page read and write
|
||
|
36BE000
|
heap
|
page read and write
|
||
|
66CC000
|
heap
|
page read and write
|
||
|
2C6E000
|
heap
|
page read and write
|
||
|
66C6000
|
heap
|
page read and write
|
||
|
3C6F000
|
heap
|
page read and write
|
||
|
3975000
|
heap
|
page read and write
|
||
|
65C1000
|
heap
|
page read and write
|
||
|
3765000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
420D000
|
heap
|
page read and write
|
||
|
36C0000
|
heap
|
page read and write
|
||
|
3CF3000
|
heap
|
page read and write
|
||
|
EFE000
|
heap
|
page read and write
|
||
|
35F1000
|
heap
|
page read and write
|
||
|
2C6E000
|
heap
|
page read and write
|
||
|
3563000
|
heap
|
page read and write
|
||
|
2FE8000
|
heap
|
page read and write
|
||
|
3AE1000
|
heap
|
page read and write
|
||
|
39B6000
|
heap
|
page read and write
|
||
|
37A7000
|
heap
|
page read and write
|
||
|
35F1000
|
heap
|
page read and write
|
||
|
3522000
|
heap
|
page read and write
|
||
|
3BD1000
|
heap
|
page read and write
|
||
|
3777000
|
heap
|
page read and write
|
||
|
39A6000
|
heap
|
page read and write
|
||
|
3FB0000
|
heap
|
page read and write
|
||
|
F0C000
|
heap
|
page read and write
|
||
|
3633000
|
heap
|
page read and write
|
||
|
37A6000
|
heap
|
page read and write
|
||
|
3ECB000
|
heap
|
page read and write
|
||
|
3AE0000
|
heap
|
page read and write
|
||
|
3E00000
|
heap
|
page read and write
|
||
|
2FE2000
|
heap
|
page read and write
|
||
|
34E1000
|
heap
|
page read and write
|
||
|
2BB1000
|
heap
|
page read and write
|
||
|
2FE7000
|
heap
|
page read and write
|
||
|
2BA5000
|
heap
|
page read and write
|
||
|
2B98000
|
heap
|
page read and write
|
||
|
3594000
|
heap
|
page read and write
|
||
|
3633000
|
heap
|
page read and write
|
||
|
2FEB000
|
heap
|
page read and write
|
||
|
416E000
|
heap
|
page read and write
|
||
|
2C6E000
|
heap
|
page read and write
|
||
|
61F000
|
unkown
|
page readonly
|
||
|
4762000
|
heap
|
page read and write
|
||
|
423B000
|
heap
|
page read and write
|
||
|
4042000
|
heap
|
page read and write
|
||
|
3722000
|
heap
|
page read and write
|
||
|
4860000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
36B6000
|
heap
|
page read and write
|
||
|
3C2D000
|
heap
|
page read and write
|
||
|
412C000
|
heap
|
page read and write
|
||
|
3974000
|
heap
|
page read and write
|
||
|
2BA3000
|
heap
|
page read and write
|
||
|
A39000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
3535000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
3A78000
|
heap
|
page read and write
|
||
|
36B7000
|
heap
|
page read and write
|
||
|
2BBD000
|
heap
|
page read and write
|
||
|
66C9000
|
heap
|
page read and write
|
||
|
58B9000
|
heap
|
page read and write
|
||
|
5F4000
|
unkown
|
page write copy
|
||
|
4146000
|
heap
|
page read and write
|
||
|
3BAE000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
2C6E000
|
heap
|
page read and write
|
||
|
2BFA000
|
heap
|
page read and write
|
||
|
3634000
|
heap
|
page read and write
|
||
|
3563000
|
heap
|
page read and write
|
||
|
C34000
|
stack
|
page read and write
|
||
|
3D75000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
41E1000
|
heap
|
page read and write
|
||
|
3CB1000
|
heap
|
page read and write
|
||
|
3CA0000
|
heap
|
page read and write
|
There are 411 hidden memdumps, click here to show them.