Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7454168B
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g44p4srt.gmq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zmylzck2.c5h.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe
|
"C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO
13u40000876.exe"
|
|
|
|
C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe
|
"C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe"
|
|
|
|
C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe
|
"C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe"
|
|
|
|
C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe
|
"C:\Users\user\Desktop\Fiyat ARH-4309745275.pdf240012048477374'dir.PO 13u40000876.exe"
|
|
|
|
C:\Program Files (x86)\CCqhYYCDZzKlgSkuCJFeqRaoGoJFkRqcjXzJOiRAGeWFetixNxtbyCgMLQZZqUCo\owYCvHvzfwuh.exe
|
"C:\Program Files (x86)\CCqhYYCDZzKlgSkuCJFeqRaoGoJFkRqcjXzJOiRAGeWFetixNxtbyCgMLQZZqUCo\owYCvHvzfwuh.exe"
|
|
|
|
C:\Windows\SysWOW64\unregmp2.exe
|
"C:\Windows\SysWOW64\unregmp2.exe"
|
|
|
|
C:\Program Files (x86)\CCqhYYCDZzKlgSkuCJFeqRaoGoJFkRqcjXzJOiRAGeWFetixNxtbyCgMLQZZqUCo\owYCvHvzfwuh.exe
|
"C:\Program Files (x86)\CCqhYYCDZzKlgSkuCJFeqRaoGoJFkRqcjXzJOiRAGeWFetixNxtbyCgMLQZZqUCo\owYCvHvzfwuh.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.evertudy.xyz/csr7/
|
203.161.49.220
|
|
|
|
http://www.ennerdaledevcons.co.uk/4ksh/?hH=URmoC5X4e6K7wlVx2KbqE9eRaPOmGfPMOnoqB8M3F0zECWK+Sf67ndIbG8DedkN4mAzPYnwe388RaOdlDVpfeljRUUit0IJ1LO15UdugXJNJJasE4A==&4Z=FRPPB0TP0VK82R4
|
212.227.172.254
|
|
|
|
http://www.highwavesmarine.com/vpfr/?4Z=FRPPB0TP0VK82R4&hH=YJOYlkuNdHbUbxIU0duDsGwGBWmXVvvP+a5ZIsJaJ66fRzvfH4BZf/UT7tP0StNW9dLVB8Be+XMnEr4f4IOQu0h2rMKukEsZCuMbbpIHNAKNxYQHAA==
|
23.111.180.146
|
|
|
|
http://www.thesprinklesontop.com/n12h/?hH=RL7POCi4RQwOAHw5RpRi0oRkNrFJHCE4O3Q4e5XJ1RgvJteO2OLpaAwWvE/Xee8N43HhgIeZk31xLdwZ5MBNlQw99SDhk98goSWR9PKXD7QtbF+D/w==&4Z=FRPPB0TP0VK82R4
|
208.91.197.27
|
|
|
|
http://www.artemhypnotherapy.com/9285/
|
91.195.240.19
|
|
|
|
http://www.qe1jqiste.sbs/2dv8/?hH=psGgeTZm92uMMjwvw3+ekktQKHQr8PtkyzA1wjnO7+NPXjQAxvdC6xrXVCGmGkxqQ5F0SN4BIMC+q/QNsQX26bwEMBx8euROh9Q+/yWsNbYiwZzEkA==&4Z=FRPPB0TP0VK82R4
|
47.239.13.172
|
|
|
|
http://www.stefanogaus.com/0rsk/
|
66.235.200.146
|
|
|
|
http://www.dxgsf.shop/vfca/?hH=PjuNaM4rErgNDqYdGwCHqm/mvS3xhxVRtMFmVQvGZApPshrl2us8sSNvZzeSfqXaMpgL6dVjOwb89B84ObwJ1CB2sMjpnb8Z8ua1HdSGi7DVkOqV+A==&4Z=FRPPB0TP0VK82R4
|
103.197.25.241
|
|
|
|
http://www.dennisrosenberg.studio/gvk0/?4Z=FRPPB0TP0VK82R4&hH=PBk/k+wnSgDApBLvvStJ1Qfqn2+N7jbU3UJKISJwHJXOTy3qrqzF3aeAlE7aotAu8uhq4eiBm9zMPuEZ1b+PfRrn1v/W9n6lJorEOJ3pO998ixm+1g==
|
91.195.240.19
|
|
|
|
http://www.qe1jqiste.sbs/2dv8/
|
47.239.13.172
|
|
|
|
http://www.stefanogaus.com/0rsk/?hH=VoD++N0hxznoRAwvUr4uLQfJYOkKZkNbUm2XKd+d5dQonHhfXy1Wde6i6X/1IJHjaG3HR8hpE35h9XRxGXBI9lLHHMR3rtgWi8G/40reX/Z08eN34A==&4Z=FRPPB0TP0VK82R4
|
66.235.200.146
|
|
|
|
http://www.mocar.pro/prg5/?hH=OUWlBSduFOmbWHHx1+vrCN7lKThtnpeA9WltEIwOsC9+Rnf1YsqGBMTu+SXEa1SqJjg2e+xS43eh4+WwnjHBZw687TI9hNY/lW63YeurSsH96+kXOg==&4Z=FRPPB0TP0VK82R4
|
109.95.158.122
|
|
|
|
http://www.evertudy.xyz/csr7/?hH=IuYwVr8nXepE7mYHSf+gGVghE+QsK0Y2QdUzXudSXEAptekBSDag4n7LIWAgnje27+AV9TSqmFigDMavfH+dGRiAFdG+fcQhNs0c0ksUo3k2Pm5jlw==&4Z=FRPPB0TP0VK82R4
|
203.161.49.220
|
|
|
|
http://www.dxgsf.shop/vfca/
|
103.197.25.241
|
|
|
|
http://www.mocar.pro/prg5/
|
109.95.158.122
|
|
|
|
http://www.ennerdaledevcons.co.uk/4ksh/
|
212.227.172.254
|
|
|
|
http://www.fungusbus.com/dmjt/
|
91.195.240.19
|
|
|
|
http://www.thesprinklesontop.com/n12h/
|
208.91.197.27
|
|
|
|
http://www.dennisrosenberg.studio/gvk0/
|
91.195.240.19
|
|
|
|
http://www.fungusbus.com/dmjt/?hH=phzqshWM8++lNTZcZDn6PlPBsxjNAhN5IKmoEk/tfOScWWQLgCWtTff73plV+RjstliAOCijSwUPjuCIutjnDtcmXgVOIWaf4rR9wPyv60N+q1PahQ==&4Z=FRPPB0TP0VK82R4
|
91.195.240.19
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://g.alicdn.com/woodpeckerx/jssdk/plugins/performance.js
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://g.alicdn.com/woodpeckerx/jssdk/plugins/globalerror.js
|
unknown
|
||
|
http://www.dxgsf.shop
|
unknown
|
||
|
http://www.thesprinklesontop.com/Easy_Ice_Cream_Recipes.cfm?fp=M%2BtyRdDSGaZA523flChCSac4thPJjG%2FJW
|
unknown
|
||
|
http://www.thesprinklesontop.com/Nutella_Ice_Cream_Recipe.cfm?fp=M%2BtyRdDSGaZA523flChCSac4thPJjG%2F
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/pics/28903/search.png)
|
unknown
|
||
|
https://cdn.consentmanager.net
|
unknown
|
||
|
https://track.uc.cn/collect
|
unknown
|
||
|
https://www.ennerdaledevcons.co.uk/4ksh/?hH=URmoC5X4e6K7wlVx2KbqE9eRaPOmGfPMOnoqB8M3F0zECWK
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://mocar.pro/prg5/?hH=OUWlBSduFOmbWHHx1
|
unknown
|
||
|
http://www.thesprinklesontop.com/__media__/js/trademark.php?d=thesprinklesontop.com&type=ns
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.otf
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/pics/10667/netsol-logos-2020-165-50.jpg
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff2
|
unknown
|
||
|
https://hm.baidu.com/hm.js?
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.otf
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot?#iefix
|
unknown
|
||
|
https://g.alicdn.com/woodpeckerx/jssdk/wpkReporter.js
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://image.uc.cn/s/uae/g/3o/berg/static/index.c4bc5b38d870fecd8a1f.css
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot
|
unknown
|
||
|
https://delivery.consentmanager.net
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.svg#montserrat-bold
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff2
|
unknown
|
||
|
http://www.thesprinklesontop.com/__media__/design/underconstructionnotice.php?d=thesprinklesontop.co
|
unknown
|
||
|
http://www.Thesprinklesontop.com
|
unknown
|
||
|
https://download.quark.cn/download/quarkpc?platform=android&ch=pcquark
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/pics/29590/bg1.png)
|
unknown
|
||
|
http://stefanogaus.com/0rsk/?hH=VoD
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
|
unknown
|
||
|
http://www.luo918.com/qmv1/?hH=70iXdBj3vvgYA1qv9X+C2v5f15BZXYNXgOSbaBLZsvX+/zBEWaSfpSSmWx4BVFALB6Pvk4Cj2RW76gyU8dG7au3WOdqnwjndnKZaLflLsZKJNqTutg==&4Z=FRPPB0TP0VK82R4
|
35.227.248.111
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/pics/28905/arrrow.png)
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot?#iefix
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/pics/468/netsol-favicon-2020.jpg
|
unknown
|
||
|
https://image.uc.cn/s/uae/g/3o/berg/static/archer_index.e96dc6dc6863835f4ad0.js
|
unknown
|
||
|
http://www.luo918.com/qmv1/
|
35.227.248.111
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.ttf
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.ttf
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.svg#montserrat-regular
|
unknown
|
||
|
http://www.thesprinklesontop.com/Ninja_Ice_Cream_Recipes.cfm?fp=M%2BtyRdDSGaZA523flChCSac4thPJjG%2FJ
|
unknown
|
||
|
http://www.thesprinklesontop.com/Recipe_for_Fried_Ice_Cream.cfm?fp=M%2BtyRdDSGaZA523flChCSac4thPJjG%
|
unknown
|
||
|
http://i3.cdn-image.com/__media__/js/min.js?v2.3
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.thesprinklesontop.com/Quick_Chocolate_Ice_Cream_Recipe.cfm?fp=M%2BtyRdDSGaZA523flChCSac4t
|
unknown
|
There are 64 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mocar.pro
|
109.95.158.122
|
|
|
|
www.highwavesmarine.com
|
23.111.180.146
|
|
|
|
www.thesprinklesontop.com
|
208.91.197.27
|
|
|
|
parkingpage.namecheap.com
|
91.195.240.19
|
|
|
|
www.ennerdaledevcons.co.uk
|
212.227.172.254
|
|
|
|
dxgsf.shop
|
103.197.25.241
|
|
|
|
stefanogaus.com
|
66.235.200.146
|
|
|
|
xiaoyue.zhuangkou.com
|
47.239.13.172
|
|
|
|
www.evertudy.xyz
|
203.161.49.220
|
|
|
|
www.fungusbus.com
|
unknown
|
|
|
|
www.newzionocala.com
|
unknown
|
|
|
|
www.dennisrosenberg.studio
|
unknown
|
|
|
|
www.shoplifestylebrand.com
|
unknown
|
|
|
|
www.qe1jqiste.sbs
|
unknown
|
|
|
|
www.mocar.pro
|
unknown
|
|
|
|
www.dxgsf.shop
|
unknown
|
|
|
|
www.neworldelectronic.com
|
unknown
|
|
|
|
www.stefanogaus.com
|
unknown
|
|
|
|
www.artemhypnotherapy.com
|
unknown
|
|
|
|
www.todosneaker.com
|
unknown
|
|
|
|
www.luo918.com
|
35.227.248.111
|
There are 11 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
66.235.200.146
|
stefanogaus.com
|
United States
|
|
|
|
23.111.180.146
|
www.highwavesmarine.com
|
United States
|
|
|
|
103.197.25.241
|
dxgsf.shop
|
Hong Kong
|
|
|
|
208.91.197.27
|
www.thesprinklesontop.com
|
Virgin Islands (BRITISH)
|
|
|
|
109.95.158.122
|
mocar.pro
|
Poland
|
|
|
|
203.161.49.220
|
www.evertudy.xyz
|
Malaysia
|
|
|
|
91.195.240.19
|
parkingpage.namecheap.com
|
Germany
|
|
|
|
47.239.13.172
|
xiaoyue.zhuangkou.com
|
United States
|
|
|
|
212.227.172.254
|
www.ennerdaledevcons.co.uk
|
Germany
|
|
|
|
35.227.248.111
|
www.luo918.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4DC0000
|
system
|
page execute and read and write
|
|
|
|
15D0000
|
unclassified section
|
page execute and read and write
|
|
|
|
3600000
|
unkown
|
page execute and read and write
|
|
|
|
4B30000
|
trusted library allocation
|
page read and write
|
|
|
|
27F0000
|
unclassified section
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4B70000
|
trusted library allocation
|
page read and write
|
|
|
|
BC0000
|
system
|
page execute and read and write
|
|
|
|
E27000
|
unkown
|
page readonly
|
||
|
304F000
|
heap
|
page read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
3C7E000
|
unkown
|
page execute and read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
24E0000
|
unkown
|
page read and write
|
||
|
1B3B0A0F000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
trusted library section
|
page read and write
|
||
|
117D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26A4000
|
heap
|
page read and write
|
||
|
2F64000
|
trusted library allocation
|
page read and write
|
||
|
E1E000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
8057000
|
heap
|
page read and write
|
||
|
3048000
|
heap
|
page read and write
|
||
|
51D35FE000
|
stack
|
page read and write
|
||
|
128C000
|
stack
|
page read and write
|
||
|
804E000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1183000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
890000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
74EE000
|
stack
|
page read and write
|
||
|
36E0000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F6000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
26B2000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
53C3000
|
heap
|
page read and write
|
||
|
3104000
|
heap
|
page read and write
|
||
|
802F000
|
heap
|
page read and write
|
||
|
E27000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
E25000
|
unkown
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
5396000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
E1E000
|
unkown
|
page readonly
|
||
|
E1E000
|
unkown
|
page readonly
|
||
|
803E000
|
heap
|
page read and write
|
||
|
502C000
|
stack
|
page read and write
|
||
|
192F000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
11A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2772000
|
unkown
|
page read and write
|
||
|
4A76000
|
heap
|
page read and write
|
||
|
1B3AEE00000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3B0780000
|
trusted library allocation
|
page read and write
|
||
|
FD1000
|
unkown
|
page readonly
|
||
|
4787000
|
trusted library allocation
|
page read and write
|
||
|
3078000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page readonly
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
7ECE000
|
stack
|
page read and write
|
||
|
79A000
|
unkown
|
page read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
8AA000
|
stack
|
page read and write
|
||
|
1B3B0A21000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
3F31000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
537B000
|
trusted library allocation
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3AED6B000
|
system
|
page execute and read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
4A9C000
|
heap
|
page read and write
|
||
|
10D0000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
2D74000
|
unkown
|
page read and write
|
||
|
F3F000
|
stack
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
1DF0000
|
unclassified section
|
page execute and read and write
|
||
|
868F000
|
stack
|
page read and write
|
||
|
5391000
|
trusted library allocation
|
page read and write
|
||
|
10D4E000
|
stack
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
2F06000
|
unkown
|
page read and write
|
||
|
9DF000
|
heap
|
page read and write
|
||
|
6F22000
|
unclassified section
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
7BA0000
|
heap
|
page read and write
|
||
|
801A000
|
heap
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page execute and read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3AEEFB000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
51D25FE000
|
stack
|
page read and write
|
||
|
7570000
|
trusted library section
|
page read and write
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1D51000
|
direct allocation
|
page execute and read and write
|
||
|
D60000
|
unkown
|
page read and write
|
||
|
305B000
|
heap
|
page read and write
|
||
|
D40000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3AEED9000
|
heap
|
page read and write
|
||
|
1461000
|
unkown
|
page readonly
|
||
|
4E6E000
|
direct allocation
|
page execute and read and write
|
||
|
4DFD000
|
direct allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
5AB8000
|
unclassified section
|
page read and write
|
||
|
30DC000
|
heap
|
page read and write
|
||
|
1264000
|
heap
|
page read and write
|
||
|
2530000
|
unkown
|
page readonly
|
||
|
30C1000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4E9D000
|
system
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
12B8000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1174000
|
trusted library allocation
|
page read and write
|
||
|
5192000
|
unclassified section
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
7BCC000
|
heap
|
page read and write
|
||
|
800A000
|
heap
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
51EC000
|
unclassified section
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4370000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1A2F000
|
stack
|
page read and write
|
||
|
981000
|
unkown
|
page readonly
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
864E000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
6424000
|
unclassified section
|
page read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
1B3B0780000
|
trusted library allocation
|
page read and write
|
||
|
298C000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
4979000
|
heap
|
page read and write
|
||
|
10E8E000
|
stack
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
5420000
|
trusted library allocation
|
page execute and read and write
|
||
|
3038000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B96000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
7F0E000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
10D0E000
|
stack
|
page read and write
|
||
|
B4B000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
265C000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
6100000
|
unclassified section
|
page read and write
|
||
|
10A6F000
|
stack
|
page read and write
|
||
|
1D66000
|
direct allocation
|
page execute and read and write
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
3CEC000
|
unkown
|
page execute and read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
5926000
|
unclassified section
|
page read and write
|
||
|
7F23000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
11AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C00000
|
unkown
|
page execute and read and write
|
||
|
122E000
|
heap
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
58D0000
|
trusted library allocation
|
page read and write
|
||
|
E25000
|
unkown
|
page read and write
|
||
|
F2FD000
|
trusted library allocation
|
page read and write
|
||
|
298C000
|
unkown
|
page read and write
|
||
|
2EC62000
|
system
|
page read and write
|
||
|
30FF000
|
heap
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page execute and read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
3A04000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4502000
|
unkown
|
page read and write
|
||
|
51D1DFB000
|
stack
|
page read and write
|
||
|
51D2DFE000
|
stack
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
7BD0000
|
heap
|
page read and write
|
||
|
FD1000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3B0B01000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3B0A00000
|
trusted library allocation
|
page read and write
|
||
|
1B3AECD0000
|
system
|
page execute and read and write
|
||
|
4CC5000
|
heap
|
page read and write
|
||
|
1B3B0A11000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
11A2000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
30CE000
|
heap
|
page read and write
|
||
|
5012000
|
direct allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
3048000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4E3A000
|
system
|
page execute and read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
6BFE000
|
unclassified section
|
page read and write
|
||
|
308E000
|
heap
|
page read and write
|
||
|
1461000
|
unkown
|
page readonly
|
||
|
1637000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
E1E000
|
unkown
|
page readonly
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
unkown
|
page readonly
|
||
|
C10000
|
heap
|
page read and write
|
||
|
8045000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
7FE2000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
4FA1000
|
direct allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4F9D000
|
direct allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
990000
|
unkown
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
9AD000
|
stack
|
page read and write
|
||
|
981000
|
unkown
|
page readonly
|
||
|
5DDC000
|
unclassified section
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
1261000
|
heap
|
page read and write
|
||
|
4E2A000
|
system
|
page execute and read and write
|
||
|
890000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
726F000
|
stack
|
page read and write
|
||
|
7F23000
|
heap
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
2ED7C000
|
system
|
page read and write
|
||
|
57A0000
|
trusted library section
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
10FCB000
|
stack
|
page read and write
|
||
|
30A9000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
30D8000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1AA0000
|
direct allocation
|
page execute and read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
8056000
|
heap
|
page read and write
|
||
|
9D7E000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
30C7000
|
heap
|
page read and write
|
||
|
65B6000
|
unclassified section
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
4C54000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
E25000
|
unkown
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
5412000
|
trusted library allocation
|
page read and write
|
||
|
7FD0000
|
heap
|
page read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
72AE000
|
stack
|
page read and write
|
||
|
830000
|
unkown
|
page readonly
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
9AD000
|
stack
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
8015000
|
heap
|
page read and write
|
||
|
50D2000
|
unclassified section
|
page read and write
|
||
|
3D28000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
68DA000
|
unclassified section
|
page read and write
|
||
|
4E20000
|
system
|
page execute and read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
D51000
|
unkown
|
page readonly
|
||
|
539D000
|
trusted library allocation
|
page read and write
|
||
|
16A9000
|
heap
|
page read and write
|
||
|
141F000
|
stack
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
123F000
|
heap
|
page read and write
|
||
|
7FD1000
|
heap
|
page read and write
|
||
|
1465000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
703E000
|
heap
|
page read and write
|
||
|
2A20000
|
unkown
|
page readonly
|
||
|
4DA000
|
stack
|
page read and write
|
||
|
6748000
|
unclassified section
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
490E000
|
trusted library allocation
|
page read and write
|
||
|
7732000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
direct allocation
|
page read and write
|
||
|
2530000
|
unkown
|
page readonly
|
||
|
7F17000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3AEF02000
|
heap
|
page read and write
|
||
|
2FE8000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
7FE0000
|
heap
|
page read and write
|
||
|
4E48000
|
system
|
page execute and read and write
|
||
|
470000
|
unkown
|
page readonly
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3B0780000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
30E5000
|
heap
|
page read and write
|
||
|
450000
|
unkown
|
page readonly
|
||
|
3094000
|
heap
|
page read and write
|
||
|
1D6D000
|
direct allocation
|
page execute and read and write
|
||
|
8051000
|
heap
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
6D90000
|
unclassified section
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
1056000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1096E000
|
stack
|
page read and write
|
||
|
81A0000
|
heap
|
page read and write
|
||
|
3109000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
2E30000
|
trusted library section
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
41DE000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
8038000
|
heap
|
page read and write
|
||
|
7F10000
|
trusted library allocation
|
page read and write
|
||
|
AF2000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3AEEFF000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
7FD6000
|
heap
|
page read and write
|
||
|
E25000
|
unkown
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
304E000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
D10E000
|
stack
|
page read and write
|
||
|
296F000
|
stack
|
page read and write
|
||
|
47D5000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
33BC000
|
unkown
|
page read and write
|
||
|
1B3B08E0000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4823000
|
trusted library allocation
|
page read and write
|
||
|
1B3B0A03000
|
trusted library allocation
|
page read and write
|
||
|
1BCD000
|
direct allocation
|
page execute and read and write
|
||
|
1C3E000
|
direct allocation
|
page execute and read and write
|
||
|
119A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3B0BA5000
|
trusted library allocation
|
page read and write
|
||
|
2F0B000
|
stack
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
7FC0000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
unkown
|
page readonly
|
||
|
110CC000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
805C000
|
heap
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
24E0000
|
unkown
|
page read and write
|
||
|
5F40000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
1173000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FDB000
|
heap
|
page read and write
|
||
|
26A4000
|
heap
|
page read and write
|
||
|
840000
|
unkown
|
page readonly
|
||
|
1B3AEEEC000
|
heap
|
page read and write
|
||
|
3098000
|
unkown
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
D20E000
|
stack
|
page read and write
|
||
|
5DC000
|
stack
|
page read and write
|
||
|
1B3B0BBE000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
8032000
|
heap
|
page read and write
|
||
|
10D0000
|
unkown
|
page readonly
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
10E4E000
|
stack
|
page read and write
|
||
|
308E000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
840000
|
heap
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
unkown
|
page readonly
|
||
|
1620000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page read and write
|
||
|
3236000
|
trusted library allocation
|
page read and write
|
||
|
B88000
|
stack
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
5DC000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
1B3AEE20000
|
heap
|
page read and write
|
||
|
5794000
|
unclassified section
|
page read and write
|
||
|
2EF3C000
|
system
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
3F39000
|
trusted library allocation
|
page read and write
|
||
|
7FEA000
|
heap
|
page read and write
|
||
|
F37000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
3EBA000
|
unkown
|
page read and write
|
||
|
3059000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
5F30000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
118D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EDC000
|
unclassified section
|
page execute and read and write
|
||
|
470000
|
unkown
|
page readonly
|
||
|
5570000
|
trusted library section
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
8054000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
5F61000
|
heap
|
page read and write
|
||
|
138A000
|
stack
|
page read and write
|
||
|
2ED22000
|
system
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
450000
|
unkown
|
page readonly
|
||
|
E27000
|
unkown
|
page readonly
|
||
|
1B3AED68000
|
system
|
page execute and read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
26B2000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
3059000
|
heap
|
page read and write
|
||
|
4FCC000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
7EE50000
|
trusted library allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
30A9000
|
heap
|
page read and write
|
||
|
8049000
|
heap
|
page read and write
|
||
|
3059000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
990000
|
unkown
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
7C10000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
58E5000
|
heap
|
page read and write
|
||
|
8044000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1B3B0900000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
7BF4000
|
heap
|
page read and write
|
||
|
55F0000
|
heap
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
311E000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
30A3000
|
heap
|
page read and write
|
||
|
1B3B0BC4000
|
trusted library allocation
|
page read and write
|
||
|
73B0000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
830000
|
unkown
|
page readonly
|
||
|
D40000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
1B3AEEDF000
|
heap
|
page read and write
|
||
|
1196000
|
trusted library allocation
|
page execute and read and write
|
||
|
BBF000
|
stack
|
page read and write
|
||
|
2F324000
|
system
|
page read and write
|
||
|
7FF4000
|
heap
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
1B3B0A15000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
8010000
|
heap
|
page read and write
|
||
|
30F9000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
24F0000
|
unkown
|
page read and write
|
||
|
8AA000
|
stack
|
page read and write
|
||
|
2F62000
|
trusted library allocation
|
page read and write
|
||
|
E27000
|
unkown
|
page readonly
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
308F000
|
heap
|
page read and write
|
||
|
804E000
|
heap
|
page read and write
|
||
|
1B3AEED0000
|
heap
|
page read and write
|
||
|
1B3AEE50000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
2500000
|
unkown
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
10C0E000
|
stack
|
page read and write
|
||
|
4DF9000
|
direct allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4E46000
|
system
|
page execute and read and write
|
||
|
E3A000
|
stack
|
page read and write
|
||
|
7FE5000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
10F8E000
|
stack
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
304E000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
8048000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
4B27000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
1BC9000
|
direct allocation
|
page execute and read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
7FE8000
|
heap
|
page read and write
|
||
|
4DA000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
556C000
|
stack
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
538E000
|
trusted library allocation
|
page read and write
|
||
|
1DE8000
|
direct allocation
|
page execute and read and write
|
||
|
58CD000
|
stack
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
53AC000
|
unclassified section
|
page read and write
|
||
|
1192000
|
trusted library allocation
|
page read and write
|
||
|
73AF000
|
stack
|
page read and write
|
||
|
30A3000
|
heap
|
page read and write
|
||
|
57C0000
|
heap
|
page read and write
|
||
|
30D3000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
27CC000
|
unkown
|
page read and write
|
||
|
D51000
|
unkown
|
page readonly
|
||
|
4971000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
716E000
|
stack
|
page read and write
|
||
|
24DF000
|
stack
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
1B3B0A0A000
|
trusted library allocation
|
page read and write
|
||
|
2E6E000
|
unclassified section
|
page execute and read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
7030000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
There are 647 hidden memdumps, click here to show them.