Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Nondesistance.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\2f76976
|
SQLite 3.x database, last written using SQLite version 3041002, page size 2048, file counter 3, database pages 92, cookie
0x3a, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Settings.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsn16C1.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Desktop\betnksomme.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
||
|
C:\Users\user\dewater\reinsmen\Transversally.Nor
|
data
|
dropped
|
||
|
C:\Users\user\dewater\reinsmen\Undisclaimed.smi
|
data
|
dropped
|
||
|
C:\Users\user\dewater\reinsmen\blyindholdene.irr
|
data
|
dropped
|
||
|
C:\Users\user\dewater\reinsmen\danite.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Nondesistance.exe
|
"C:\Users\user\Desktop\Nondesistance.exe"
|
|
|
|
C:\Users\user\Desktop\Nondesistance.exe
|
"C:\Users\user\Desktop\Nondesistance.exe"
|
|
|
|
C:\Program Files (x86)\qUiDoputyglQzVYibDRasYiPLhrIcQavufTxYIuNXmAUmzqYssSJmsSX\jbBlvVPHmIIgIHiOBCnstGcDCWhN.exe
|
"C:\Program Files (x86)\qUiDoputyglQzVYibDRasYiPLhrIcQavufTxYIuNXmAUmzqYssSJmsSX\jbBlvVPHmIIgIHiOBCnstGcDCWhN.exe"
|
|
|
|
C:\Windows\SysWOW64\write.exe
|
"C:\Windows\SysWOW64\write.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.uhahiq.com/udud/?Pl9P8ldX=JeW1ywHbInp/iudCt0BoISDa+lnGE8/XYCCr+igFIIlNiJFqeEfQ/jwRjatbRGfuzAuKF9+1993CsJcrjcNhPJvZ+1kkeDtgpfW+DhUrRm2QAt+ZR6HWj8c=&UJ2H=ED2dW8S8UxwlG
|
147.92.36.247
|
|
|
|
http://www.donantedeovulos.space/udud/
|
64.190.62.22
|
|
|
|
http://www.lm2ue.us/udud/
|
91.195.240.123
|
|
|
|
http://www.fivetownsjcc.com/udud/?78wx=IVkh-DpXGR&Pl9P8ldX=FIraThNO5niOHukbO1r8qSNysm+mJ2OOQaLhh3AktbepBJXcjCIQ5u+D5oIg7MUCVA/ZghdlXch7ulyeg4ZZkVaM25CfsdbY6Ciec8CSMOWGBD2e85VJ6eo=
|
208.112.85.150
|
|
|
|
http://www.noispisok.com/udud/?Pl9P8ldX=o//LU1QIruq3a+llS5WSA3MhPk/fn3r1eotnxTFa/e8OUp/jL5i10F1rY2VLIPDErdjGMTht5s2Ux60YHU9QFnGu9iPsukiHU979EPg7OqcwQWhMz0uyXSg=&UJ2H=ED2dW8S8UxwlG
|
84.32.84.32
|
|
|
|
http://www.academynadpo.ru/udud/
|
185.215.4.19
|
|
|
|
http://www.valentinaetommaso.it/udud/
|
3.73.27.108
|
|
|
|
http://www.uhahiq.com/udud/
|
147.92.36.247
|
|
|
|
http://www.wp-bits.online/udud/
|
116.203.164.244
|
|
|
|
http://www.mindfreak.live/udud/
|
3.64.163.50
|
|
|
|
http://www.mindfreak.live/udud/?Pl9P8ldX=ZAUPc22UbAwlmqOcpZtb9jQGZGjNIs5k58OhtZslT+MlZ0MzYVnBwyOCsTvhGHepry8Cy/mecRlkAgE9OO4LtQYiaVzF77nK3tMxOKzIpokQntNvdpDg3pI=&UJ2H=ED2dW8S8UxwlG
|
3.64.163.50
|
|
|
|
http://www.grimfilm.co.kr/udud/
|
183.111.161.243
|
|
|
|
http://www.wp-bits.online/udud/?pzH0=GNw0Cp4PdpF&Pl9P8ldX=NYPylna2Z9eGKk0n2zL98jmopuuDXUwTW1hg/NJ4dH1aG6U36Zymeq8Q+jA5ULsRtwMU5Sxc1U1KJPrtknew8LZ9GrpjSEZ/84zq63NvruY/sq3UYTRA7EE=
|
116.203.164.244
|
|
|
|
http://www.academynadpo.ru/udud/?Pl9P8ldX=lxKI396dcfUopLOCgIwHig2W2DxUvRX97MJRzioDZqj6Mq9AZ90i2wJz7BzjxOGPWVxSz39xtFFcwgb3QegZat7wpytzNwJDmdPz0ImKOxyDMBvGUlbFyek=&pzH0=GNw0Cp4PdpF
|
185.215.4.19
|
|
|
|
http://www.gaglianoart.com/udud/?78wx=IVkh-DpXGR&Pl9P8ldX=s4Vg1LN8KF8xRZjsTtx1ePAa6rrZ5tQl+fVkjM0Cwqz81ntfAq/M/gVPDnM69uqRMv9oQTSMlpkV8bcLOwxh9sPoo9S5h5afGeOqgp9TfQfssWCdBUAOLW8=
|
3.64.163.50
|
|
|
|
http://www.avocatmh.org/udud/?Pl9P8ldX=CE5650FDbfXnpQA/eK0NgrbRbNtPjFAUxQ7joq83O2JD2van08dDJXT7jPsZwBcB76Ina7ciMfrueGFKvr7HGptlhVNK1F0UnKlYvzZl0mKZiEoX7KROJkU=&UJ2H=ED2dW8S8UxwlG
|
217.70.184.50
|
|
|
|
http://www.avocatmh.org/udud/
|
217.70.184.50
|
|
|
|
http://www.lm2ue.us/udud/?Pl9P8ldX=0fut0+GuUFbft3VBL5xm0Hp90TDKfhipdS4VXGxzAEleMWehH5gQwP182GbMnYpRKYVXdyZjU035jwIjvCFAGk2/B20KDJmRwuIeT4QhTHXMvWA5X1/HJWk=&UJ2H=ED2dW8S8UxwlG
|
91.195.240.123
|
|
|
|
http://www.noispisok.com/udud/
|
84.32.84.32
|
|
|
|
http://www.maxiwalls.com/udud/
|
79.98.25.1
|
|
|
|
http://www.maxiwalls.com/udud/?Pl9P8ldX=+7vgIBjJEgFzVABnblxNZlxcXvtVnPO976cESSRxKNf7HePF9jiwkaXwYbYPT+M2gd9LCxRObe8L7kEVgXr7yG5qgAvgbam/iSwlpjMS4ArI2Mt4ChGP5d0=&UJ2H=ED2dW8S8UxwlG
|
79.98.25.1
|
|
|
|
http://www.l7aeh.us/udud/
|
91.195.240.123
|
|
|
|
http://www.grimfilm.co.kr/udud/?Pl9P8ldX=c3hfmT3ov0JTxeaB3Np5dAzfMERgbCa9qyeMZ0b4or2kTnd0L4sYzpUTGn0LvbcUe5EAajqxEazp9el6mHCoSAKD4KRQ5UefbhtvnOrVvch9BM72k+FCmqI=&UJ2H=ED2dW8S8UxwlG
|
183.111.161.243
|
|
|
|
http://www.donantedeovulos.space/udud/?Pl9P8ldX=TI4e2mgRGjDzVtc2Q6Py5bwpcc1eb12gZ0duId/eBRBY8c2YNmrJo+kJDCAf1WNWS12prRY8Wfa6UPEwF5qWDHqXkvXCbknW9nAX9azEcXWIpZdV+y5+rBk=&UJ2H=ED2dW8S8UxwlG
|
64.190.62.22
|
|
|
|
http://www.l7aeh.us/udud/?Pl9P8ldX=pl+m+RwhDilgNhV8y9np651oviBSsBUAcSsMU8DJXuQO/zLKreqMvauOXyOp2DyQLR+zvzGH9k4G3Xo0zK83IFFyM0D1vpL10/nbh1uWm09odGxnF4xzrfg=&UJ2H=ED2dW8S8UxwlG
|
91.195.240.123
|
|
|
|
http://www.funtechie.top/udud/
|
203.161.49.193
|
|
|
|
http://www.fivetownsjcc.com/udud/?Pl9P8ldX=FIraThNO5niOHukbO1r8qSNysm+mJ2OOQaLhh3AktbepBJXcjCIQ5u+D5oIg7MUCVA/ZghdlXch7ulyeg4ZZkVaM25CfsdbY6Ciec8CSMOWGBD2e85VJ6eo=&UJ2H=ED2dW8S8UxwlG
|
208.112.85.150
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://uk.search.yahoo.com/favicon.icohttps://uk.search.yahoo.com/search
|
unknown
|
||
|
https://assets.iv.lt/header.html
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://ogp.me/ns#
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/client/js.polyfill/container-query-polyfill.modern.js
|
unknown
|
||
|
http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
|
unknown
|
||
|
http://goge8opp.com:301
|
unknown
|
||
|
http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
|
unknown
|
||
|
https://www.namesilo.com
|
unknown
|
||
|
http://www.gopher.ftp://ftp.
|
unknown
|
||
|
https://www.iv.lt/domenai/
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/2d/2di/2div3h.svg?ph=cb3a78e957
|
unknown
|
||
|
https://uk.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.webnode.it/?utm_source=text&utm_medium=footer&utm_content=wnd2&utm_campaign=signature
|
unknown
|
||
|
http://www.osbornesargent.co.uk/udud/
|
unknown
|
||
|
https://assets.iv.lt/images/thumbnail.png
|
unknown
|
||
|
https://www.iv.lt/duomenu-centras/
|
unknown
|
||
|
http://www.mindfreak.live/
|
unknown
|
||
|
http://grimfilm.co.kr/udud/?Pl9P8ldX=c3hfmT3ov0JTxeaB3Np5dAzfMERgbCa9qyeMZ0b4or2kTnd0L4sYzpUTGn0Lvbc
|
unknown
|
||
|
https://www.iv.lt/profesionalus-hostingas/
|
unknown
|
||
|
https://www.namesilo.com/domain/search-domains?query=lm2ue.us
|
unknown
|
||
|
https://www.valentinaetommaso.it/page-not-found-404/
|
unknown
|
||
|
https://assets.iv.lt/footer.html
|
unknown
|
||
|
http://tilda.cc
|
unknown
|
||
|
https://login.li
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://www.iv.lt/
|
unknown
|
||
|
http://tilda.ws/img/logo404.png
|
unknown
|
||
|
https://www.gandi.net/en/domain
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/3c/3cw/3cwfrk.css?ph=cb3a78e957
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
https://www.iv.lt/vps-serveriai/
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/32/32i/32i65q.css?ph=cb3a78e957
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/4a/4a3/4a3t1k.css?ph=cb3a78e957
|
unknown
|
||
|
https://klientams.iv.lt/
|
unknown
|
||
|
https://www.webnode.com/it/?utm_source=text&utm_medium=footer&utm_content=wnd2&utm_campa
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/13/13s/13s9j7.css?ph=cb3a78e957
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/01/01h/01hx1m.css?ph=cb3a78e957
|
unknown
|
||
|
https://www.namesilo.com/domain/search-domains?query=l7aeh.us
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/1a/1an/1anfpg.css?ph=cb3a78e957
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/04/04p/04pi85.css?ph=cb3a78e957
|
unknown
|
||
|
https://events.webnode.com/projects/-/events/
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/07/07f/07fzq8.svg?ph=cb3a78e957
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/3f/3f9/3f9vvf.css?ph=cb3a78e957
|
unknown
|
||
|
https://assets.iv.lt/default.css
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
|
unknown
|
||
|
https://assets.iv.lt/images/icon.png
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
||
|
https://drive.usercontent.google.com/x
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/1j/1j3/1j3767.ico?ph=cb3a78e957
|
unknown
|
||
|
https://www.iv.lt/talpinimo-planai/
|
unknown
|
||
|
https://whois.gandi.net/en/results?search=avocatmh.org
|
unknown
|
||
|
https://img.sedoparking.com/templates/bg/NameSiloLogo.png
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/2v/2v4/2v414g.css?ph=cb3a78e957
|
unknown
|
||
|
https://www.iv.lt/neribotas-svetainiu-talpinimas/
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
https://www.iv.lt/svetainiu-kurimo-irankis/
|
unknown
|
||
|
https://drive.google.com/Hd
|
unknown
|
||
|
https://www.iv.lt/el-pasto-filtras/
|
unknown
|
||
|
https://www.sedo.com/services/parking.php3
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://www.osbornesargent.co.uk
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/39/396/39634o.js?ph=cb3a78e957
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
|
unknown
|
||
|
https://drive.google.com/hd
|
unknown
|
||
|
https://d1di2lzuh97fh2.cloudfront.net/files/0e/0e7/0e7xip.css?ph=cb3a78e957
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
webredir.vip.gandi.net
|
217.70.184.50
|
|
|
|
www.gast.com.pl
|
185.253.215.17
|
|
|
|
osbornesargent.co.uk
|
76.223.67.189
|
|
|
|
www.maxiwalls.com
|
79.98.25.1
|
|
|
|
noispisok.com
|
84.32.84.32
|
|
|
|
www.l7aeh.us
|
91.195.240.123
|
|
|
|
academynadpo.ru
|
185.215.4.19
|
|
|
|
www.lm2ue.us
|
91.195.240.123
|
|
|
|
lb.webnode.io
|
3.73.27.108
|
|
|
|
a258paw.yb550.com
|
147.92.36.247
|
|
|
|
www.gaglianoart.com
|
3.64.163.50
|
|
|
|
www.mindfreak.live
|
3.64.163.50
|
|
|
|
www.donantedeovulos.space
|
64.190.62.22
|
|
|
|
www.wp-bits.online
|
116.203.164.244
|
|
|
|
fivetownsjcc.com
|
208.112.85.150
|
|
|
|
www.funtechie.top
|
203.161.49.193
|
|
|
|
grimfilm.co.kr
|
183.111.161.243
|
|
|
|
www.cookedatthebottom.com
|
unknown
|
|
|
|
www.weave.game
|
unknown
|
|
|
|
www.uhahiq.com
|
unknown
|
|
|
|
www.academynadpo.ru
|
unknown
|
|
|
|
www.grimfilm.co.kr
|
unknown
|
|
|
|
www.quantumpowerlife.com
|
unknown
|
|
|
|
www.ntt.creditcard
|
unknown
|
|
|
|
www.avocatmh.org
|
unknown
|
|
|
|
www.578tt67.com
|
unknown
|
|
|
|
www.fivetownsjcc.com
|
unknown
|
|
|
|
www.4-94.productions
|
unknown
|
|
|
|
www.valentinaetommaso.it
|
unknown
|
|
|
|
www.osbornesargent.co.uk
|
unknown
|
|
|
|
www.noispisok.com
|
unknown
|
|
|
|
drive.usercontent.google.com
|
172.253.62.132
|
||
|
gly.gly301payr.com
|
162.209.189.152
|
||
|
drive.google.com
|
142.251.16.101
|
There are 24 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.112.85.150
|
fivetownsjcc.com
|
United States
|
|
|
|
79.98.25.1
|
www.maxiwalls.com
|
Lithuania
|
|
|
|
84.32.84.32
|
noispisok.com
|
Lithuania
|
|
|
|
64.190.62.22
|
www.donantedeovulos.space
|
United States
|
|
|
|
91.195.240.123
|
www.l7aeh.us
|
Germany
|
|
|
|
3.64.163.50
|
www.gaglianoart.com
|
United States
|
|
|
|
147.92.36.247
|
a258paw.yb550.com
|
Hong Kong
|
|
|
|
116.203.164.244
|
www.wp-bits.online
|
Germany
|
|
|
|
203.161.49.193
|
www.funtechie.top
|
Malaysia
|
|
|
|
3.73.27.108
|
lb.webnode.io
|
United States
|
|
|
|
217.70.184.50
|
webredir.vip.gandi.net
|
France
|
|
|
|
183.111.161.243
|
grimfilm.co.kr
|
Korea Republic of
|
|
|
|
185.215.4.19
|
academynadpo.ru
|
Denmark
|
|
|
|
172.253.62.132
|
drive.usercontent.google.com
|
United States
|
||
|
142.251.16.101
|
drive.google.com
|
United States
|
||
|
162.209.189.152
|
gly.gly301payr.com
|
United States
|
There are 6 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\valvulotomy\Landkrabbernes
|
Lapis
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\Precooker\Uninstall\fluey
|
Blodtabenes50
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Location
|
Lang
|
There are 218 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
50BE000
|
direct allocation
|
page execute and read and write
|
|
|
|
4910000
|
trusted library allocation
|
page read and write
|
|
|
|
321A0000
|
unclassified section
|
page execute and read and write
|
|
|
|
34610000
|
unclassified section
|
page execute and read and write
|
|
|
|
42F0000
|
unkown
|
page execute and read and write
|
|
|
|
48D0000
|
trusted library allocation
|
page read and write
|
|
|
|
5F0000
|
system
|
page execute and read and write
|
|
|
|
2AC0000
|
system
|
page execute and read and write
|
|
|
|
2C64000
|
heap
|
page read and write
|
||
|
2E24000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page execute and read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
7C49000
|
heap
|
page read and write
|
||
|
7C51000
|
heap
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F0000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
182E000
|
remote allocation
|
page execute and read and write
|
||
|
4DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
31EEE000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
EC6A9FE000
|
stack
|
page read and write
|
||
|
658000
|
system
|
page execute and read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
6DD6000
|
system
|
page read and write
|
||
|
31D5D000
|
stack
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2400000
|
unkown
|
page readonly
|
||
|
7C20000
|
heap
|
page read and write
|
||
|
2E79000
|
heap
|
page read and write
|
||
|
5C52000
|
system
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
6B10000
|
unclassified section
|
page read and write
|
||
|
7C1B000
|
heap
|
page read and write
|
||
|
448000
|
unkown
|
page readonly
|
||
|
21ED000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
5D6C000
|
system
|
page read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
7C3F000
|
heap
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2235000
|
heap
|
page read and write
|
||
|
2235000
|
heap
|
page read and write
|
||
|
7F80000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
47F5000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
24E0000
|
direct allocation
|
page read and write
|
||
|
2DDC000
|
heap
|
page read and write
|
||
|
325E9000
|
direct allocation
|
page execute and read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
64A6000
|
system
|
page read and write
|
||
|
230E000
|
stack
|
page read and write
|
||
|
72C8000
|
system
|
page read and write
|
||
|
3C8B000
|
stack
|
page read and write
|
||
|
31F90000
|
remote allocation
|
page read and write
|
||
|
62E000
|
heap
|
page read and write
|
||
|
EC6A1FE000
|
stack
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
4B7D000
|
direct allocation
|
page execute and read and write
|
||
|
640000
|
system
|
page execute and read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4F12000
|
unclassified section
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
17A000
|
stack
|
page read and write
|
||
|
665A000
|
unclassified section
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
71B4000
|
system
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
98000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
31F90000
|
remote allocation
|
page read and write
|
||
|
2D948800000
|
trusted library allocation
|
page read and write
|
||
|
222A000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D948901000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
unkown
|
page read and write
|
||
|
64C8000
|
unclassified section
|
page read and write
|
||
|
42B000
|
unkown
|
page read and write
|
||
|
2480000
|
direct allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D946E0C000
|
heap
|
page read and write
|
||
|
4D1C000
|
direct allocation
|
page execute and read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
777E000
|
system
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
222A000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D946BEF000
|
system
|
page execute and read and write
|
||
|
2E24000
|
heap
|
page read and write
|
||
|
4660000
|
heap
|
page read and write
|
||
|
487D000
|
unkown
|
page execute and read and write
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2E0E000
|
heap
|
page read and write
|
||
|
8AC000
|
unkown
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
AC0000
|
unkown
|
page readonly
|
||
|
31D9D000
|
stack
|
page read and write
|
||
|
6012000
|
unclassified section
|
page read and write
|
||
|
2D948680000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
24D0000
|
direct allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
5838000
|
unclassified section
|
page read and write
|
||
|
2C00000
|
direct allocation
|
page read and write
|
||
|
3216B000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D948900000
|
trusted library allocation
|
page read and write
|
||
|
2DDB000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2A88000
|
stack
|
page read and write
|
||
|
5D1000
|
unkown
|
page readonly
|
||
|
7C4E000
|
heap
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
6E12000
|
system
|
page read and write
|
||
|
2D946D70000
|
heap
|
page read and write
|
||
|
6DCC000
|
system
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D948690000
|
trusted library allocation
|
page read and write
|
||
|
61A4000
|
unclassified section
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
730000
|
unkown
|
page read and write
|
||
|
2E5E000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
C45000
|
unkown
|
page read and write
|
||
|
2C80000
|
direct allocation
|
page read and write
|
||
|
100000
|
unkown
|
page readonly
|
||
|
21CD000
|
heap
|
page read and write
|
||
|
48A1000
|
heap
|
page read and write
|
||
|
6AF2000
|
system
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
3200F000
|
stack
|
page read and write
|
||
|
31D1E000
|
stack
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
21E8000
|
heap
|
page read and write
|
||
|
6638000
|
system
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
2C30000
|
direct allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
21E8000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
222D000
|
heap
|
page read and write
|
||
|
33C10000
|
unclassified section
|
page execute and read and write
|
||
|
2E51000
|
heap
|
page read and write
|
||
|
2C64000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
2EB4000
|
heap
|
page read and write
|
||
|
49CE000
|
heap
|
page read and write
|
||
|
5F36000
|
system
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
2C64000
|
heap
|
page read and write
|
||
|
2E68000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
67CA000
|
system
|
page read and write
|
||
|
2D94881A000
|
trusted library allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7B7E000
|
stack
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
6AEE000
|
system
|
page read and write
|
||
|
324C0000
|
direct allocation
|
page execute and read and write
|
||
|
420000
|
unkown
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
21CB000
|
heap
|
page read and write
|
||
|
3215C000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
222A000
|
heap
|
page read and write
|
||
|
278F000
|
stack
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
325ED000
|
direct allocation
|
page execute and read and write
|
||
|
9AC000
|
unkown
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2E33000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
31FCE000
|
stack
|
page read and write
|
||
|
1C0000
|
unkown
|
page read and write
|
||
|
2E63000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
23AE000
|
stack
|
page read and write
|
||
|
24F0000
|
unkown
|
page execute and read and write
|
||
|
5D12000
|
system
|
page read and write
|
||
|
2B0F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
2D94881E000
|
trusted library allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7C60000
|
heap
|
page read and write
|
||
|
2D946DF0000
|
heap
|
page read and write
|
||
|
2D946B60000
|
system
|
page execute and read and write
|
||
|
2E4A000
|
heap
|
page read and write
|
||
|
33210000
|
unclassified section
|
page execute and read and write
|
||
|
3560A000
|
unclassified section
|
page execute and read and write
|
||
|
2C40000
|
direct allocation
|
page read and write
|
||
|
7BBE000
|
stack
|
page read and write
|
||
|
2DC8000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D9489AF000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
6FA4000
|
system
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2E36000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7C34000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
2BF0000
|
direct allocation
|
page read and write
|
||
|
7A5000
|
heap
|
page read and write
|
||
|
512C000
|
unclassified section
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2E3C000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
6BB2000
|
system
|
page read and write
|
||
|
24C0000
|
direct allocation
|
page read and write
|
||
|
2D946AF0000
|
heap
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
C60000
|
unkown
|
page readonly
|
||
|
321A0000
|
direct allocation
|
page read and write
|
||
|
7D10000
|
trusted library allocation
|
page read and write
|
||
|
31F90000
|
remote allocation
|
page read and write
|
||
|
7C16000
|
heap
|
page read and write
|
||
|
2E3C000
|
heap
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
664000
|
system
|
page execute and read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
59CA000
|
unclassified section
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
31DEE000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7C4E000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
32160000
|
direct allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2E29000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
730000
|
unkown
|
page read and write
|
||
|
48EA000
|
unkown
|
page execute and read and write
|
||
|
7C28000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
834E000
|
stack
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
2490000
|
direct allocation
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
2EF0000
|
unkown
|
page execute and read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4E52000
|
unclassified section
|
page read and write
|
||
|
7C47000
|
heap
|
page read and write
|
||
|
32443000
|
heap
|
page read and write
|
||
|
78C0000
|
trusted library allocation
|
page read and write
|
||
|
2E9A000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
23EF000
|
stack
|
page read and write
|
||
|
5F2C000
|
system
|
page read and write
|
||
|
5D1000
|
unkown
|
page readonly
|
||
|
AC0000
|
unkown
|
page readonly
|
||
|
445000
|
unkown
|
page read and write
|
||
|
32790000
|
direct allocation
|
page execute and read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
31E40000
|
heap
|
page read and write
|
||
|
4F6C000
|
unclassified section
|
page read and write
|
||
|
7C55000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
C3E000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7BF0000
|
unclassified section
|
page readonly
|
||
|
7C5A000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
2E29000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
21AF000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
3243F000
|
heap
|
page read and write
|
||
|
56A6000
|
unclassified section
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
C31000
|
unkown
|
page execute read
|
||
|
2BD0000
|
direct allocation
|
page read and write
|
||
|
46E0000
|
heap
|
page read and write
|
||
|
448000
|
unkown
|
page readonly
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D946E21000
|
heap
|
page read and write
|
||
|
C45000
|
unkown
|
page read and write
|
||
|
75EC000
|
system
|
page read and write
|
||
|
2D946E21000
|
heap
|
page read and write
|
||
|
34C0A000
|
unclassified section
|
page execute and read and write
|
||
|
21E8000
|
heap
|
page read and write
|
||
|
7C52000
|
heap
|
page read and write
|
||
|
AE0000
|
unkown
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
2BE0000
|
direct allocation
|
page read and write
|
||
|
697E000
|
unclassified section
|
page read and write
|
||
|
32810000
|
unclassified section
|
page execute and read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
22CE000
|
stack
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
31E2F000
|
stack
|
page read and write
|
||
|
52EA000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
46FE000
|
heap
|
page read and write
|
||
|
24A0000
|
direct allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
21A5000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4B79000
|
direct allocation
|
page execute and read and write
|
||
|
AD0000
|
unkown
|
page readonly
|
||
|
79F000
|
heap
|
page read and write
|
||
|
2D946E1F000
|
heap
|
page read and write
|
||
|
2E6D000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
67EC000
|
unclassified section
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
222A000
|
heap
|
page read and write
|
||
|
31C5E000
|
stack
|
page read and write
|
||
|
2D9489BE000
|
trusted library allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7C65000
|
heap
|
page read and write
|
||
|
20D5000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
EC689FB000
|
stack
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
845F000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7910000
|
system
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
C47000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
211E000
|
stack
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
24B0000
|
direct allocation
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
321A0000
|
direct allocation
|
page read and write
|
||
|
21CD000
|
heap
|
page read and write
|
||
|
5514000
|
unclassified section
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
31C9F000
|
stack
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
2450000
|
direct allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7C43000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2C10000
|
direct allocation
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
78F000
|
heap
|
page read and write
|
||
|
21EA000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
5136000
|
unclassified section
|
page read and write
|
||
|
2D946E1A000
|
heap
|
page read and write
|
||
|
6C80000
|
system
|
page read and write
|
||
|
1B0000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4660000
|
trusted library allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
5E80000
|
unclassified section
|
page read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2E33000
|
heap
|
page read and write
|
||
|
34B9D000
|
unclassified section
|
page execute and read and write
|
||
|
3B8C000
|
stack
|
page read and write
|
||
|
745A000
|
system
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
B44000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
21ED000
|
heap
|
page read and write
|
||
|
20D7000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2400000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D946DF9000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
648000
|
system
|
page execute and read and write
|
||
|
100000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2345000
|
heap
|
page read and write
|
||
|
20CE000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
C47000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
49CA000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7C02000
|
heap
|
page read and write
|
||
|
6C0000
|
unkown
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2E4A000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2460000
|
direct allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
5CEE000
|
unclassified section
|
page read and write
|
||
|
32A000
|
unkown
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
81E000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
6C0C000
|
system
|
page read and write
|
||
|
C31000
|
unkown
|
page execute read
|
||
|
6314000
|
system
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
32160000
|
direct allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2C20000
|
direct allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
EC691FD000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7C39000
|
heap
|
page read and write
|
||
|
2D948803000
|
trusted library allocation
|
page read and write
|
||
|
EC699FE000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D948700000
|
trusted library allocation
|
page read and write
|
||
|
C3E000
|
unkown
|
page readonly
|
||
|
2E56000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
236F000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
7C00000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
31F2F000
|
stack
|
page read and write
|
||
|
32316000
|
heap
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
2E66000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4A40000
|
unclassified section
|
page readonly
|
||
|
2D946DFF000
|
heap
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
30000
|
heap
|
page read and write
|
||
|
3205C000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
2D946BEC000
|
system
|
page execute and read and write
|
||
|
2349000
|
heap
|
page read and write
|
||
|
2D9489CE000
|
trusted library allocation
|
page read and write
|
||
|
2E36000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
321A0000
|
direct allocation
|
page read and write
|
||
|
7C5B000
|
heap
|
page read and write
|
||
|
2160000
|
heap
|
page read and write
|
||
|
215E000
|
stack
|
page read and write
|
||
|
2235000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
7C10000
|
heap
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
2DD4000
|
heap
|
page read and write
|
||
|
2D9489C4000
|
trusted library allocation
|
page read and write
|
||
|
2168000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
17A000
|
stack
|
page read and write
|
||
|
2A4B000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D948690000
|
trusted library allocation
|
page read and write
|
||
|
7C25000
|
heap
|
page read and write
|
||
|
3278C000
|
direct allocation
|
page execute and read and write
|
||
|
619000
|
heap
|
page read and write
|
||
|
3228E000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2D948821000
|
trusted library allocation
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
C60000
|
unkown
|
page readonly
|
||
|
70000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
B44000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2D948809000
|
trusted library allocation
|
page read and write
|
||
|
2C60000
|
direct allocation
|
page read and write
|
||
|
2274000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2E96000
|
heap
|
page read and write
|
||
|
31CDE000
|
stack
|
page read and write
|
||
|
38F0000
|
unkown
|
page execute and read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
AD0000
|
unkown
|
page readonly
|
||
|
2D9485D0000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
2470000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
838F000
|
stack
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
4A50000
|
direct allocation
|
page execute and read and write
|
||
|
2DE7000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
2DDB000
|
heap
|
page read and write
|
||
|
46F1000
|
heap
|
page read and write
|
||
|
6BB000
|
system
|
page execute and read and write
|
||
|
448000
|
unkown
|
page readonly
|
||
|
2D20000
|
heap
|
page read and write
|
There are 597 hidden memdumps, click here to show them.