Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
hunta[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\AutoIt3\Examples\Helpfile\Extras\MyProg.exe
|
MS-DOS executable PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\Uninstall.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\WwKLWFk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WwKLWFk.exe_b61ee072982e165aa57f6461531a5f842ae835_ae33f148_4580b34d-0134-48d0-9aeb-c77ead72c8cd\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER88EA.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Jul 25 00:16:37 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8A62.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8AA1.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k1[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k1[2].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k2[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k2[2].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k3[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k3[2].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k4[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k5[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\04AB3B47.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\149657b0.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\25207D98.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3DBB7675.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3FFA2613.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\60FA3E7B.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6B066AF4.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6CD5636F.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\73BF30A5.exe
|
ASCII text
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\rage131MP.tmp
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 22 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\hunta[1].exe
|
"C:\Users\user\Desktop\hunta[1].exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\WwKLWFk.exe
|
C:\Users\user\AppData\Local\Temp\WwKLWFk.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\WwKLWFk.exe
|
C:\Users\user\AppData\Local\Temp\WwKLWFk.exe
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7456 -s 1640
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\149657b0.bat" "
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ddos.dnsnb8.net:799/cj//k1.rarA
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rars
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarppData
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rar2OneDrive=C:
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar1
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rarl
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar8
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarV
|
unknown
|
|
|
|
http://ddos.dnsnb8.net/
|
unknown
|
|
|
|
http://ddos.dnsnb8.net/d
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rar5
|
unknown
|
|
|
|
http://ddos.dnsnb8.net/O
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarcC:
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarc
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rarfC:
|
unknown
|
|
|
|
https://t.me/RiseProSUPPORTv
|
unknown
|
||
|
http://www.scintilla.org/scite.rng
|
unknown
|
||
|
http://www.rftp.comJosiah
|
unknown
|
||
|
http://www.activestate.com
|
unknown
|
||
|
http://www.activestate.comHolger
|
unknown
|
||
|
http://%s:%d/%s/%sZwQuerySystemInformationntdll.dllNtSystemDebugControlSeDebugPrivilege%s%.8x.bat:DE
|
unknown
|
||
|
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
|
unknown
|
||
|
https://t.me/RiseProSUPPORT%
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://www.rftp.com
|
unknown
|
||
|
https://t.me/RiseProSUPPORT
|
unknown
|
||
|
http://www.baanboard.comBrendon
|
unknown
|
||
|
https://www.smartsharesystems.com/
|
unknown
|
||
|
http://www.scintilla.org
|
unknown
|
||
|
http://www.spaceblue.comMathias
|
unknown
|
||
|
https://www.smartsharesystems.com/Morten
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k5.rar
|
44.221.84.105
|
||
|
http://www.develop.com
|
unknown
|
||
|
http://www.lua.org
|
unknown
|
||
|
http://www.spaceblue.com
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k4.rar
|
44.221.84.105
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
http://www.baanboard.com
|
unknown
|
||
|
http://www.develop.comDeepak
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k5.rarC:
|
unknown
|
There are 33 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ddos.dnsnb8.net
|
44.221.84.105
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
44.221.84.105
|
ddos.dnsnb8.net
|
United States
|
||
|
193.233.132.62
|
unknown
|
Russian Federation
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RageMP131
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
ProgramId
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
FileId
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
LongPathHash
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
Name
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
OriginalFileName
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
Publisher
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
Version
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
BinFileVersion
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
BinaryType
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
ProductName
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
ProductVersion
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
LinkDate
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
BinProductVersion
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
Size
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
Language
|
||
|
\REGISTRY\A\{8bc3671f-35c0-edd5-2449-e377dab2d87f}\Root\InventoryApplicationFile\wwklwfk.exe|88430348c32f488b
|
Usn
|
||
|
HKEY_CURRENT_USER_Classes\VirtualStore\MACHINE\SOFTWARE\WOW6432Node\GTplus
|
Time
|
There are 11 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4B60000
|
direct allocation
|
page read and write
|
|
|
|
5700000
|
direct allocation
|
page read and write
|
|
|
|
4B60000
|
direct allocation
|
page read and write
|
|
|
|
301000
|
unkown
|
page execute and read and write
|
|
|
|
4BF0000
|
direct allocation
|
page read and write
|
|
|
|
4B70000
|
direct allocation
|
page read and write
|
|
|
|
271000
|
unkown
|
page execute and read and write
|
|
|
|
301000
|
unkown
|
page execute and read and write
|
|
|
|
E81000
|
unkown
|
page execute and read and write
|
|
|
|
271000
|
unkown
|
page execute and read and write
|
|
|
|
432E000
|
stack
|
page read and write
|
||
|
437F000
|
stack
|
page read and write
|
||
|
4DBE000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
3A8E000
|
stack
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page execute and read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
58C0000
|
direct allocation
|
page execute and read and write
|
||
|
394E000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
3BDC000
|
stack
|
page read and write
|
||
|
EB5000
|
heap
|
page read and write
|
||
|
4CBF000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
46DF000
|
stack
|
page read and write
|
||
|
4CA2000
|
direct allocation
|
page read and write
|
||
|
8B1000
|
unkown
|
page execute and read and write
|
||
|
FCF000
|
heap
|
page read and write
|
||
|
FB7000
|
unkown
|
page write copy
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
437000
|
unkown
|
page write copy
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
353E000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page execute and read and write
|
||
|
AB8000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
2DBF000
|
stack
|
page read and write
|
||
|
3A2F000
|
stack
|
page read and write
|
||
|
127F000
|
unkown
|
page execute and write copy
|
||
|
670000
|
unkown
|
page execute and write copy
|
||
|
116E000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
2BAC000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
437000
|
unkown
|
page write copy
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
4DB0000
|
direct allocation
|
page execute and read and write
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
4C4B000
|
stack
|
page read and write
|
||
|
3BDE000
|
stack
|
page read and write
|
||
|
2A2E000
|
stack
|
page read and write
|
||
|
4DB0000
|
direct allocation
|
page execute and read and write
|
||
|
46B0000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
32AF000
|
stack
|
page read and write
|
||
|
395E000
|
stack
|
page read and write
|
||
|
585F000
|
stack
|
page read and write
|
||
|
5880000
|
direct allocation
|
page execute and read and write
|
||
|
157A000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
1ACA000
|
heap
|
page read and write
|
||
|
512E000
|
stack
|
page read and write
|
||
|
4FFF000
|
stack
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
270000
|
unkown
|
page readonly
|
||
|
1201000
|
heap
|
page read and write
|
||
|
120B000
|
heap
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
4D70000
|
direct allocation
|
page execute and read and write
|
||
|
433000
|
unkown
|
page execute and read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
670000
|
unkown
|
page execute and write copy
|
||
|
270000
|
unkown
|
page read and write
|
||
|
822000
|
unkown
|
page execute and write copy
|
||
|
6FF000
|
unkown
|
page execute and write copy
|
||
|
3AFE000
|
stack
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
4B5E000
|
stack
|
page read and write
|
||
|
E81000
|
unkown
|
page execute and write copy
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
2A2F000
|
stack
|
page read and write
|
||
|
262F000
|
stack
|
page read and write
|
||
|
45AE000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
10FD000
|
stack
|
page read and write
|
||
|
3F6E000
|
stack
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
364F000
|
stack
|
page read and write
|
||
|
8BC000
|
stack
|
page read and write
|
||
|
5970000
|
direct allocation
|
page execute and read and write
|
||
|
40AE000
|
stack
|
page read and write
|
||
|
AA7000
|
heap
|
page read and write
|
||
|
392E000
|
stack
|
page read and write
|
||
|
19A5000
|
heap
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
36DE000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
59A0000
|
direct allocation
|
page execute and read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
213000
|
unkown
|
page write copy
|
||
|
3BFF000
|
stack
|
page read and write
|
||
|
6E8000
|
unkown
|
page execute and read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
210000
|
unkown
|
page readonly
|
||
|
DF0000
|
direct allocation
|
page read and write
|
||
|
B51000
|
unkown
|
page execute read
|
||
|
363F000
|
stack
|
page read and write
|
||
|
66F000
|
unkown
|
page execute and read and write
|
||
|
3E0F000
|
stack
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
44BF000
|
stack
|
page read and write
|
||
|
3E1F000
|
stack
|
page read and write
|
||
|
3AFE000
|
stack
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
4D7F000
|
stack
|
page read and write
|
||
|
81D000
|
unkown
|
page execute and read and write
|
||
|
4C92000
|
direct allocation
|
page read and write
|
||
|
3A3000
|
unkown
|
page execute and read and write
|
||
|
4B70000
|
direct allocation
|
page read and write
|
||
|
3EBE000
|
stack
|
page read and write
|
||
|
4EB6000
|
heap
|
page read and write
|
||
|
105D000
|
heap
|
page read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
A98000
|
heap
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
59B0000
|
direct allocation
|
page execute and read and write
|
||
|
300000
|
unkown
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
4B60000
|
direct allocation
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
9BD000
|
stack
|
page read and write
|
||
|
58B0000
|
direct allocation
|
page execute and read and write
|
||
|
431F000
|
stack
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
380E000
|
stack
|
page read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
11CB000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
E5C000
|
stack
|
page read and write
|
||
|
F1A000
|
heap
|
page read and write
|
||
|
66F000
|
unkown
|
page execute and write copy
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
4BF1000
|
direct allocation
|
page read and write
|
||
|
B51000
|
unkown
|
page execute and write copy
|
||
|
4DA0000
|
direct allocation
|
page execute and read and write
|
||
|
3BCE000
|
stack
|
page read and write
|
||
|
44BF000
|
stack
|
page read and write
|
||
|
B56000
|
unkown
|
page execute and write copy
|
||
|
45DE000
|
stack
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
658000
|
unkown
|
page execute and read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
19A0000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
4BCB000
|
stack
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
3CDF000
|
stack
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
4E70000
|
direct allocation
|
page execute and read and write
|
||
|
3F5F000
|
stack
|
page read and write
|
||
|
3FFE000
|
stack
|
page read and write
|
||
|
2F0F000
|
stack
|
page read and write
|
||
|
445F000
|
stack
|
page read and write
|
||
|
333F000
|
stack
|
page read and write
|
||
|
3D3F000
|
stack
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
114D000
|
unkown
|
page execute and read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
384F000
|
stack
|
page read and write
|
||
|
3A5F000
|
stack
|
page read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
3A7000
|
unkown
|
page read and write
|
||
|
661000
|
unkown
|
page execute and read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
3D0E000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
1091000
|
heap
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
32CF000
|
stack
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
5980000
|
direct allocation
|
page execute and read and write
|
||
|
E80000
|
unkown
|
page readonly
|
||
|
213000
|
unkown
|
page readonly
|
||
|
142E000
|
unkown
|
page execute and write copy
|
||
|
301000
|
unkown
|
page execute and write copy
|
||
|
3F9E000
|
stack
|
page read and write
|
||
|
D97000
|
heap
|
page read and write
|
||
|
304F000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
369F000
|
stack
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page execute and read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
306E000
|
stack
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
3A7000
|
unkown
|
page write copy
|
||
|
8AE000
|
unkown
|
page execute and write copy
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
8AD000
|
unkown
|
page execute and read and write
|
||
|
271000
|
unkown
|
page execute and write copy
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
A6B000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
1ACE000
|
heap
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
8AE000
|
unkown
|
page execute and write copy
|
||
|
157C000
|
stack
|
page read and write
|
||
|
2D1F000
|
stack
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
300000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
5701000
|
direct allocation
|
page read and write
|
||
|
383F000
|
stack
|
page read and write
|
||
|
F9A000
|
heap
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
4760000
|
heap
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
3D7E000
|
stack
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
575B000
|
stack
|
page read and write
|
||
|
109B000
|
heap
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page execute and read and write
|
||
|
394F000
|
stack
|
page read and write
|
||
|
E7A000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page execute and read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page execute and read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
4BF0000
|
direct allocation
|
page read and write
|
||
|
4B70000
|
direct allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
30EB000
|
stack
|
page read and write
|
||
|
4B61000
|
direct allocation
|
page read and write
|
||
|
1271000
|
unkown
|
page execute and read and write
|
||
|
5940000
|
direct allocation
|
page execute and read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
4B5D000
|
stack
|
page read and write
|
||
|
980000
|
direct allocation
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
1431000
|
unkown
|
page execute and read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
B56000
|
unkown
|
page execute and read and write
|
||
|
44FE000
|
stack
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page execute and read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
821000
|
unkown
|
page execute and write copy
|
||
|
473F000
|
stack
|
page read and write
|
||
|
4B3E000
|
stack
|
page read and write
|
||
|
53D000
|
unkown
|
page execute and read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page execute and read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
4BBB000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
5870000
|
direct allocation
|
page execute and read and write
|
||
|
4BF0000
|
direct allocation
|
page read and write
|
||
|
37DF000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
4D30000
|
direct allocation
|
page execute and read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
5CBE000
|
stack
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
4B80000
|
direct allocation
|
page read and write
|
||
|
43BE000
|
stack
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
1AAF000
|
stack
|
page read and write
|
||
|
3CEE000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
2B17000
|
heap
|
page read and write
|
||
|
397F000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
5700000
|
direct allocation
|
page read and write
|
||
|
36CE000
|
stack
|
page read and write
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
420E000
|
stack
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
413E000
|
stack
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
11CB000
|
heap
|
page read and write
|
||
|
6F1000
|
unkown
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
36FF000
|
stack
|
page read and write
|
||
|
216000
|
unkown
|
page execute and read and write
|
||
|
ADF000
|
heap
|
page read and write
|
||
|
F7B000
|
stack
|
page read and write
|
||
|
1268000
|
unkown
|
page execute and read and write
|
||
|
4DB0000
|
direct allocation
|
page execute and read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
2F1A000
|
stack
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
356E000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
3D7D000
|
stack
|
page read and write
|
||
|
AB9000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2E5F000
|
stack
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page execute and read and write
|
||
|
3ABF000
|
stack
|
page read and write
|
||
|
387E000
|
stack
|
page read and write
|
||
|
423F000
|
stack
|
page read and write
|
||
|
406F000
|
stack
|
page read and write
|
||
|
45FF000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1299000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
4DB0000
|
direct allocation
|
page execute and read and write
|
||
|
190E000
|
stack
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
822000
|
unkown
|
page execute and write copy
|
||
|
8B2000
|
unkown
|
page execute and write copy
|
||
|
150E000
|
stack
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
120C000
|
heap
|
page read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
36AE000
|
stack
|
page read and write
|
||
|
49BF000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
F16000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
37AF000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page execute and read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
45FF000
|
stack
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
4740000
|
heap
|
page read and write
|
||
|
3E4E000
|
stack
|
page read and write
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
3537000
|
heap
|
page read and write
|
||
|
4B60000
|
direct allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
211000
|
unkown
|
page execute read
|
||
|
8B2000
|
unkown
|
page execute and write copy
|
||
|
59C0000
|
direct allocation
|
page execute and read and write
|
||
|
4B71000
|
direct allocation
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
456F000
|
stack
|
page read and write
|
||
|
33EF000
|
stack
|
page read and write
|
||
|
700000
|
unkown
|
page execute and write copy
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
487F000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2F5F000
|
stack
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
661000
|
unkown
|
page execute and read and write
|
||
|
5CD000
|
unkown
|
page execute and read and write
|
||
|
970000
|
direct allocation
|
page read and write
|
||
|
3CAF000
|
stack
|
page read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
5832000
|
direct allocation
|
page read and write
|
||
|
40CE000
|
stack
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
8B1000
|
unkown
|
page execute and write copy
|
||
|
A76000
|
heap
|
page read and write
|
||
|
5BCD000
|
heap
|
page read and write
|
||
|
3F4F000
|
stack
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
463E000
|
stack
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page execute and read and write
|
||
|
214000
|
unkown
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
8AD000
|
unkown
|
page execute and read and write
|
||
|
270000
|
unkown
|
page readonly
|
||
|
F10000
|
heap
|
page read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
434E000
|
stack
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
3BA000
|
unkown
|
page execute and read and write
|
||
|
3E5E000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
427E000
|
stack
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
47E0000
|
trusted library allocation
|
page read and write
|
||
|
397F000
|
stack
|
page read and write
|
||
|
39BE000
|
stack
|
page read and write
|
||
|
4CCF000
|
stack
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
34DE000
|
stack
|
page read and write
|
||
|
1B08000
|
heap
|
page read and write
|
||
|
5CD000
|
unkown
|
page execute and read and write
|
||
|
821000
|
unkown
|
page execute and write copy
|
||
|
358E000
|
stack
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
DF0000
|
direct allocation
|
page read and write
|
||
|
449E000
|
stack
|
page read and write
|
||
|
10A3000
|
heap
|
page read and write
|
||
|
11E6000
|
heap
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
3F2F000
|
stack
|
page read and write
|
||
|
970000
|
direct allocation
|
page read and write
|
||
|
4D70000
|
direct allocation
|
page execute and read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
4D4F000
|
stack
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
3A8E000
|
stack
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
46AF000
|
stack
|
page read and write
|
||
|
658000
|
unkown
|
page execute and read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
3118000
|
stack
|
page read and write
|
||
|
4CBF000
|
stack
|
page read and write
|
||
|
5910000
|
direct allocation
|
page execute and read and write
|
||
|
459F000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
2C54000
|
heap
|
page read and write
|
||
|
366F000
|
stack
|
page read and write
|
||
|
368F000
|
stack
|
page read and write
|
||
|
FBD000
|
heap
|
page read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
216000
|
unkown
|
page execute and write copy
|
||
|
301F000
|
stack
|
page read and write
|
||
|
A18000
|
heap
|
page read and write
|
||
|
48BE000
|
stack
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
A3A000
|
heap
|
page read and write
|
||
|
398C000
|
stack
|
page read and write
|
||
|
66F000
|
unkown
|
page execute and write copy
|
||
|
4E3F000
|
heap
|
page read and write
|
||
|
9BD000
|
stack
|
page read and write
|
||
|
4D70000
|
direct allocation
|
page execute and read and write
|
||
|
1B16000
|
heap
|
page read and write
|
||
|
58F0000
|
direct allocation
|
page execute and read and write
|
||
|
301000
|
unkown
|
page execute and write copy
|
||
|
2C2E000
|
stack
|
page read and write
|
||
|
37EE000
|
stack
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
A98000
|
heap
|
page read and write
|
||
|
30BF000
|
stack
|
page read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
10A3000
|
heap
|
page read and write
|
||
|
34DB000
|
stack
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
6FF000
|
unkown
|
page execute and read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
DE0000
|
direct allocation
|
page read and write
|
||
|
46CF000
|
stack
|
page read and write
|
||
|
5700000
|
direct allocation
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
6AB000
|
unkown
|
page execute and read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
94C000
|
stack
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
3D1E000
|
stack
|
page read and write
|
||
|
5990000
|
direct allocation
|
page execute and read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
39BE000
|
stack
|
page read and write
|
||
|
127F000
|
unkown
|
page execute and read and write
|
||
|
122B000
|
unkown
|
page execute and read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
2B2F000
|
stack
|
page read and write
|
||
|
3C3E000
|
stack
|
page read and write
|
||
|
3A3000
|
unkown
|
page execute and read and write
|
||
|
4DA0000
|
direct allocation
|
page execute and read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
11EF000
|
heap
|
page read and write
|
||
|
3FBF000
|
stack
|
page read and write
|
||
|
58E0000
|
direct allocation
|
page execute and read and write
|
||
|
3A7000
|
unkown
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
4D50000
|
direct allocation
|
page execute and read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
11E6000
|
heap
|
page read and write
|
||
|
700000
|
unkown
|
page execute and write copy
|
||
|
437000
|
unkown
|
page read and write
|
||
|
FCF000
|
heap
|
page read and write
|
||
|
46D0000
|
heap
|
page read and write
|
||
|
B54000
|
unkown
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
3D3F000
|
stack
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
4AFF000
|
stack
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page execute and read and write
|
||
|
408F000
|
stack
|
page read and write
|
||
|
1B14000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
2ADE000
|
stack
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
CFD000
|
stack
|
page read and write
|
||
|
3BA000
|
unkown
|
page execute and read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
5960000
|
direct allocation
|
page execute and read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
40FF000
|
stack
|
page read and write
|
||
|
442F000
|
stack
|
page read and write
|
||
|
3FBF000
|
stack
|
page read and write
|
||
|
6E8000
|
unkown
|
page execute and read and write
|
||
|
44A000
|
unkown
|
page execute and read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
4B61000
|
direct allocation
|
page read and write
|
||
|
53D000
|
unkown
|
page execute and read and write
|
||
|
513F000
|
stack
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
94D000
|
stack
|
page read and write
|
||
|
3ABF000
|
stack
|
page read and write
|
||
|
391F000
|
stack
|
page read and write
|
||
|
463E000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
821000
|
unkown
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
3FFE000
|
stack
|
page read and write
|
||
|
2C1F000
|
stack
|
page read and write
|
||
|
1AC0000
|
heap
|
page read and write
|
||
|
437F000
|
stack
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
58D0000
|
direct allocation
|
page execute and read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
4E1A000
|
heap
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
4C3F000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
3DEF000
|
stack
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
4CE0000
|
direct allocation
|
page execute and read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
409F000
|
stack
|
page read and write
|
||
|
211000
|
unkown
|
page execute and write copy
|
||
|
4DA0000
|
direct allocation
|
page execute and read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
44FE000
|
stack
|
page read and write
|
||
|
5BC5000
|
heap
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
42EF000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
2AB7000
|
heap
|
page read and write
|
||
|
271000
|
unkown
|
page execute and write copy
|
||
|
383F000
|
stack
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
FB3000
|
unkown
|
page execute and read and write
|
||
|
61B000
|
unkown
|
page execute and read and write
|
||
|
38EF000
|
stack
|
page read and write
|
||
|
3C3E000
|
stack
|
page read and write
|
||
|
448E000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
EB1000
|
heap
|
page read and write
|
||
|
4D50000
|
direct allocation
|
page execute and read and write
|
||
|
3B8F000
|
stack
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
47D0000
|
trusted library allocation
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
359E000
|
stack
|
page read and write
|
||
|
43BE000
|
stack
|
page read and write
|
||
|
D95000
|
heap
|
page read and write
|
||
|
4D50000
|
direct allocation
|
page execute and read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
56FD000
|
stack
|
page read and write
|
||
|
381E000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
106F000
|
stack
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
444F000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
4B70000
|
direct allocation
|
page read and write
|
||
|
40DE000
|
stack
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
322B000
|
stack
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
DF0000
|
direct allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
3ADC000
|
stack
|
page read and write
|
||
|
1201000
|
heap
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
980000
|
direct allocation
|
page read and write
|
||
|
1432000
|
unkown
|
page execute and write copy
|
||
|
1B16000
|
heap
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
4B60000
|
direct allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
6FF000
|
unkown
|
page execute and read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
3B6F000
|
stack
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
6AB000
|
unkown
|
page execute and read and write
|
||
|
3BAE000
|
stack
|
page read and write
|
||
|
4D22000
|
direct allocation
|
page read and write
|
||
|
1188000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
4CE0000
|
direct allocation
|
page execute and read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
3F8E000
|
stack
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
FCA000
|
unkown
|
page execute and read and write
|
||
|
6FF000
|
unkown
|
page execute and write copy
|
||
|
316F000
|
stack
|
page read and write
|
||
|
81E000
|
unkown
|
page execute and write copy
|
||
|
148E000
|
stack
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
59D2000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
D1C000
|
stack
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
8BC000
|
stack
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
2A87000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
FC7000
|
heap
|
page read and write
|
||
|
4D30000
|
direct allocation
|
page execute and read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
3E7F000
|
stack
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
3A7000
|
unkown
|
page write copy
|
||
|
31FF000
|
stack
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
B53000
|
unkown
|
page write copy
|
||
|
1B00000
|
heap
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
477E000
|
stack
|
page read and write
|
||
|
DE0000
|
direct allocation
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
210000
|
unkown
|
page readonly
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
5560000
|
heap
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
4EFE000
|
stack
|
page read and write
|
||
|
413E000
|
stack
|
page read and write
|
||
|
1280000
|
unkown
|
page execute and write copy
|
||
|
4D20000
|
direct allocation
|
page execute and read and write
|
||
|
1431000
|
unkown
|
page execute and write copy
|
||
|
8F9000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
2EBF000
|
stack
|
page read and write
|
||
|
81E000
|
unkown
|
page execute and write copy
|
||
|
47E0000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
direct allocation
|
page execute and read and write
|
||
|
AB9000
|
heap
|
page read and write
|
||
|
5900000
|
direct allocation
|
page execute and read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
1207000
|
heap
|
page read and write
|
||
|
37CF000
|
stack
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page execute and read and write
|
||
|
3BFF000
|
stack
|
page read and write
|
||
|
41EE000
|
stack
|
page read and write
|
||
|
300000
|
unkown
|
page readonly
|
||
|
31ED000
|
stack
|
page read and write
|
||
|
3CCF000
|
stack
|
page read and write
|
||
|
4EA0000
|
direct allocation
|
page execute and read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
D2F000
|
stack
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
B53000
|
unkown
|
page readonly
|
||
|
5930000
|
direct allocation
|
page execute and read and write
|
||
|
421E000
|
stack
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
4DA0000
|
direct allocation
|
page execute and read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
4BBC000
|
stack
|
page read and write
|
||
|
EF5000
|
heap
|
page read and write
|
||
|
4B60000
|
direct allocation
|
page read and write
|
||
|
5920000
|
direct allocation
|
page execute and read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
357C000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
DF0000
|
direct allocation
|
page read and write
|
||
|
4C92000
|
direct allocation
|
page read and write
|
||
|
4D70000
|
direct allocation
|
page execute and read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
5890000
|
direct allocation
|
page execute and read and write
|
||
|
473F000
|
stack
|
page read and write
|
||
|
423F000
|
stack
|
page read and write
|
||
|
5281000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
EDC000
|
stack
|
page read and write
|
||
|
980000
|
direct allocation
|
page read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
81D000
|
unkown
|
page execute and read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
105A000
|
heap
|
page read and write
|
||
|
107F000
|
stack
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
4C00000
|
direct allocation
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
3544000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
3E2E000
|
stack
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
5280000
|
heap
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
4CE0000
|
direct allocation
|
page execute and read and write
|
||
|
66F000
|
unkown
|
page execute and read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
direct allocation
|
page read and write
|
||
|
5710000
|
direct allocation
|
page read and write
|
||
|
8B1000
|
unkown
|
page execute and read and write
|
||
|
3EBE000
|
stack
|
page read and write
|
||
|
352F000
|
stack
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
3A6E000
|
stack
|
page read and write
|
||
|
4B4D000
|
stack
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
427E000
|
stack
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
44A000
|
unkown
|
page execute and read and write
|
||
|
527F000
|
stack
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
EC4000
|
heap
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
4EBF000
|
stack
|
page read and write
|
||
|
300000
|
unkown
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
46E0000
|
heap
|
page read and write
|
||
|
4B70000
|
direct allocation
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
430F000
|
stack
|
page read and write
|
||
|
8B1000
|
unkown
|
page execute and write copy
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
E5B000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
9FD000
|
stack
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
3E7F000
|
stack
|
page read and write
|
||
|
142D000
|
unkown
|
page execute and read and write
|
||
|
3B9F000
|
stack
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page execute and read and write
|
||
|
503E000
|
stack
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
387E000
|
stack
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
270000
|
unkown
|
page read and write
|
||
|
3A4F000
|
stack
|
page read and write
|
||
|
309F000
|
stack
|
page read and write
|
||
|
41DF000
|
stack
|
page read and write
|
||
|
390F000
|
stack
|
page read and write
|
||
|
E80000
|
unkown
|
page read and write
|
||
|
5AB000
|
stack
|
page read and write
|
||
|
373F000
|
stack
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
EC4000
|
heap
|
page read and write
|
||
|
821000
|
unkown
|
page execute and read and write
|
||
|
40FF000
|
stack
|
page read and write
|
||
|
FB7000
|
unkown
|
page read and write
|
||
|
354F000
|
stack
|
page read and write
|
||
|
1AB0000
|
direct allocation
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
41CF000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
61B000
|
unkown
|
page execute and read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
46E0000
|
heap
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
6F1000
|
unkown
|
page execute and read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
5950000
|
direct allocation
|
page execute and read and write
|
||
|
1B14000
|
heap
|
page read and write
|
||
|
980000
|
direct allocation
|
page read and write
|
||
|
41AF000
|
stack
|
page read and write
|
||
|
49FE000
|
stack
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
373E000
|
stack
|
page read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
147C000
|
stack
|
page read and write
|
||
|
46E1000
|
heap
|
page read and write
|
||
|
374F000
|
stack
|
page read and write
|
There are 934 hidden memdumps, click here to show them.