Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Lisect_AVT_24003_G1A_37.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\AutoIt3\Examples\Helpfile\Extras\MyProg.exe
|
MS-DOS executable PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\Uninstall.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\MlpxPf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MlpxPf.exe_44251beb80dd5e7d95c3aacd014eb4bd9dd3755_509ea325_9e635127-f99b-40a5-a75b-dba6d17ffe59\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER432A.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Jul 25 02:53:17 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4493.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER44C3.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\k1[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\k1[2].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\k2[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\k2[2].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\k3[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\k4[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\k5[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\229772F3.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\43f50b5b.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5A42065E.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\61C82BFB.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\63655949.exe
|
ASCII text
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\63730BF4.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6DD449CA.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\70E05704.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\rage131MP.tmp
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 20 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Lisect_AVT_24003_G1A_37.exe
|
"C:\Users\user\Desktop\Lisect_AVT_24003_G1A_37.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\MlpxPf.exe
|
C:\Users\user\AppData\Local\Temp\MlpxPf.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\MlpxPf.exe
|
C:\Users\user\AppData\Local\Temp\MlpxPf.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 1840 -s 1572
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\43f50b5b.bat" "
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ddos.dnsnb8.net:799/cj//k2.rar=6
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarH
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rarp
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar#7
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar.7
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar66
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rarS6
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rart
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k5.rarY
|
unknown
|
||
|
https://t.me/RiseProSUPPORTu
|
unknown
|
||
|
http://www.scintilla.org/scite.rng
|
unknown
|
||
|
http://www.rftp.comJosiah
|
unknown
|
||
|
https://t.me/RiseProSUPPORTuH
|
unknown
|
||
|
http://www.activestate.com
|
unknown
|
||
|
http://www.activestate.comHolger
|
unknown
|
||
|
http://%s:%d/%s/%sZwQuerySystemInformationntdll.dllNtSystemDebugControlSeDebugPrivilege%s%.8x.bat:DE
|
unknown
|
||
|
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://www.rftp.com
|
unknown
|
||
|
https://t.me/RiseProSUPPORT
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k5.rarq
|
unknown
|
||
|
http://www.baanboard.comBrendon
|
unknown
|
||
|
https://www.smartsharesystems.com/
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k4.rarC:
|
unknown
|
||
|
http://www.scintilla.org
|
unknown
|
||
|
http://www.spaceblue.comMathias
|
unknown
|
||
|
https://www.smartsharesystems.com/Morten
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k5.rar
|
44.221.84.105
|
||
|
http://www.develop.com
|
unknown
|
||
|
http://www.lua.org
|
unknown
|
||
|
http://www.spaceblue.com
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k4.rar
|
44.221.84.105
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k5.rarcC:
|
unknown
|
||
|
http://www.baanboard.com
|
unknown
|
||
|
http://www.develop.comDeepak
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k4.rark
|
unknown
|
There are 30 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ddos.dnsnb8.net
|
44.221.84.105
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
44.221.84.105
|
ddos.dnsnb8.net
|
United States
|
||
|
193.233.132.62
|
unknown
|
Russian Federation
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RageMP131
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
ProgramId
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
FileId
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
LongPathHash
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
Name
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
OriginalFileName
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
Publisher
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
Version
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
BinFileVersion
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
BinaryType
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
ProductName
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
ProductVersion
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
LinkDate
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
BinProductVersion
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
Size
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
Language
|
||
|
\REGISTRY\A\{31a7705e-e0b3-12c7-9685-3e7e68f1ea31}\Root\InventoryApplicationFile\mlpxpf.exe|ff14c25704fb48aa
|
Usn
|
||
|
HKEY_CURRENT_USER_Classes\VirtualStore\MACHINE\SOFTWARE\WOW6432Node\GTplus
|
Time
|
There are 11 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
931000
|
unkown
|
page execute and read and write
|
|
|
|
5240000
|
direct allocation
|
page read and write
|
|
|
|
271000
|
unkown
|
page execute and read and write
|
|
|
|
831000
|
unkown
|
page execute and read and write
|
|
|
|
5240000
|
direct allocation
|
page read and write
|
|
|
|
4BE0000
|
direct allocation
|
page read and write
|
|
|
|
4B30000
|
direct allocation
|
page read and write
|
|
|
|
831000
|
unkown
|
page execute and read and write
|
|
|
|
300E000
|
stack
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
15CD000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
3C0F000
|
stack
|
page read and write
|
||
|
450E000
|
stack
|
page read and write
|
||
|
1315000
|
heap
|
page read and write
|
||
|
41EE000
|
stack
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
44CF000
|
stack
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
5470000
|
direct allocation
|
page execute and read and write
|
||
|
44FF000
|
stack
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
36AE000
|
stack
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
5420000
|
direct allocation
|
page execute and read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
16E4000
|
heap
|
page read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
3B1B000
|
stack
|
page read and write
|
||
|
D7E000
|
heap
|
page read and write
|
||
|
590000
|
unkown
|
page readonly
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
4B8C000
|
stack
|
page read and write
|
||
|
30FB000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
3020000
|
direct allocation
|
page read and write
|
||
|
350000
|
unkown
|
page readonly
|
||
|
830000
|
unkown
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
13C6000
|
heap
|
page read and write
|
||
|
386F000
|
stack
|
page read and write
|
||
|
3C1E000
|
stack
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
125D000
|
heap
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
591000
|
unkown
|
page execute read
|
||
|
1380000
|
direct allocation
|
page read and write
|
||
|
DB1000
|
heap
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
D47000
|
unkown
|
page execute and write copy
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
50EE000
|
stack
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
5240000
|
direct allocation
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
168E000
|
stack
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
16E2000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
3A7000
|
unkown
|
page write copy
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
4D50000
|
direct allocation
|
page execute and read and write
|
||
|
424F000
|
stack
|
page read and write
|
||
|
2B2F000
|
stack
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
B07000
|
unkown
|
page execute and read and write
|
||
|
FA9000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
46AF000
|
stack
|
page read and write
|
||
|
356000
|
unkown
|
page execute and write copy
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
384F000
|
stack
|
page read and write
|
||
|
D46000
|
unkown
|
page execute and write copy
|
||
|
12DE000
|
heap
|
page read and write
|
||
|
4E70000
|
direct allocation
|
page execute and read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
5250000
|
direct allocation
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
54D0000
|
direct allocation
|
page execute and read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
334F000
|
stack
|
page read and write
|
||
|
3F6E000
|
stack
|
page read and write
|
||
|
F1D000
|
heap
|
page read and write
|
||
|
38AF000
|
stack
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
2BCF000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
1392000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4BF0000
|
direct allocation
|
page read and write
|
||
|
F63000
|
heap
|
page read and write
|
||
|
831000
|
unkown
|
page execute and write copy
|
||
|
3FAF000
|
stack
|
page read and write
|
||
|
15DA000
|
heap
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
16E2000
|
heap
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
1120000
|
direct allocation
|
page read and write
|
||
|
FAC000
|
stack
|
page read and write
|
||
|
529B000
|
stack
|
page read and write
|
||
|
169A000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
12C7000
|
heap
|
page read and write
|
||
|
48BF000
|
stack
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
E08000
|
unkown
|
page execute and write copy
|
||
|
830000
|
unkown
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
320F000
|
stack
|
page read and write
|
||
|
844000
|
unkown
|
page execute and write copy
|
||
|
169E000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
126E000
|
heap
|
page read and write
|
||
|
5490000
|
direct allocation
|
page execute and read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
376F000
|
stack
|
page read and write
|
||
|
35AF000
|
stack
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
4B2E000
|
stack
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
4DB0000
|
direct allocation
|
page execute and read and write
|
||
|
306E000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
4D70000
|
direct allocation
|
page execute and read and write
|
||
|
967000
|
unkown
|
page write copy
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
2D0F000
|
stack
|
page read and write
|
||
|
54C0000
|
direct allocation
|
page execute and read and write
|
||
|
48AE000
|
stack
|
page read and write
|
||
|
687000
|
unkown
|
page execute and write copy
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
271000
|
unkown
|
page execute and write copy
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
1349000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
363E000
|
stack
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
42EF000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
32AF000
|
stack
|
page read and write
|
||
|
E04000
|
unkown
|
page execute and write copy
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
3CEE000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
633000
|
unkown
|
page execute and read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
F08000
|
unkown
|
page execute and write copy
|
||
|
C46000
|
unkown
|
page execute and write copy
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
377E000
|
stack
|
page read and write
|
||
|
3B3E000
|
stack
|
page read and write
|
||
|
2E4F000
|
stack
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
E03000
|
unkown
|
page execute and read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
2A8F000
|
stack
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
37AE000
|
stack
|
page read and write
|
||
|
4AF0000
|
trusted library allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
E03000
|
unkown
|
page execute and read and write
|
||
|
486F000
|
stack
|
page read and write
|
||
|
847000
|
unkown
|
page execute and write copy
|
||
|
3368000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
12F4000
|
heap
|
page read and write
|
||
|
5372000
|
direct allocation
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
4D70000
|
direct allocation
|
page execute and read and write
|
||
|
388E000
|
stack
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
593000
|
unkown
|
page write copy
|
||
|
1380000
|
direct allocation
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
5410000
|
direct allocation
|
page execute and read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
40AE000
|
stack
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page execute and read and write
|
||
|
37EE000
|
stack
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
5372000
|
direct allocation
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
312F000
|
stack
|
page read and write
|
||
|
39DB000
|
stack
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
54B0000
|
direct allocation
|
page execute and read and write
|
||
|
12C2000
|
heap
|
page read and write
|
||
|
138A000
|
heap
|
page read and write
|
||
|
406F000
|
stack
|
page read and write
|
||
|
3AEE000
|
stack
|
page read and write
|
||
|
12F4000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
310F000
|
unkown
|
page read and write
|
||
|
297E000
|
stack
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
12CD000
|
heap
|
page read and write
|
||
|
472F000
|
stack
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
4C3B000
|
stack
|
page read and write
|
||
|
403E000
|
stack
|
page read and write
|
||
|
387F000
|
stack
|
page read and write
|
||
|
53F0000
|
direct allocation
|
page execute and read and write
|
||
|
12EA000
|
heap
|
page read and write
|
||
|
4D12000
|
direct allocation
|
page read and write
|
||
|
138A000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
43AE000
|
stack
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
3E8E000
|
stack
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
356000
|
unkown
|
page execute and read and write
|
||
|
3DBE000
|
stack
|
page read and write
|
||
|
34E4000
|
heap
|
page read and write
|
||
|
46B0000
|
heap
|
page read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
16AF000
|
heap
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
398F000
|
stack
|
page read and write
|
||
|
843000
|
unkown
|
page execute and read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
370F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
5480000
|
direct allocation
|
page execute and read and write
|
||
|
3DEF000
|
stack
|
page read and write
|
||
|
105F000
|
stack
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
4CC0000
|
direct allocation
|
page execute and read and write
|
||
|
427F000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
848000
|
unkown
|
page execute and write copy
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
382F000
|
stack
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
5410000
|
direct allocation
|
page execute and read and write
|
||
|
4CB0000
|
direct allocation
|
page execute and read and write
|
||
|
3B6F000
|
stack
|
page read and write
|
||
|
54B0000
|
direct allocation
|
page execute and read and write
|
||
|
464E000
|
stack
|
page read and write
|
||
|
3564000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
13CA000
|
heap
|
page read and write
|
||
|
4751000
|
heap
|
page read and write
|
||
|
41AF000
|
stack
|
page read and write
|
||
|
4DA0000
|
direct allocation
|
page execute and read and write
|
||
|
4BCD000
|
stack
|
page read and write
|
||
|
350000
|
unkown
|
page readonly
|
||
|
DC4000
|
heap
|
page read and write
|
||
|
1264000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
4D3F000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
3EAE000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
97A000
|
unkown
|
page execute and read and write
|
||
|
356E000
|
stack
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
967000
|
unkown
|
page read and write
|
||
|
3BAE000
|
stack
|
page read and write
|
||
|
1120000
|
direct allocation
|
page read and write
|
||
|
13A4000
|
heap
|
page read and write
|
||
|
3EBF000
|
stack
|
page read and write
|
||
|
A67000
|
unkown
|
page write copy
|
||
|
15B7000
|
heap
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
3B0E000
|
stack
|
page read and write
|
||
|
C36000
|
unkown
|
page execute and read and write
|
||
|
15D6000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
360E000
|
stack
|
page read and write
|
||
|
1495000
|
heap
|
page read and write
|
||
|
4751000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
3BA000
|
unkown
|
page execute and read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
4B31000
|
direct allocation
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
354000
|
unkown
|
page read and write
|
||
|
5420000
|
direct allocation
|
page execute and read and write
|
||
|
126E000
|
heap
|
page read and write
|
||
|
50F6000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
132E000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
3CAF000
|
stack
|
page read and write
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
539F000
|
stack
|
page read and write
|
||
|
C46000
|
unkown
|
page execute and read and write
|
||
|
3C3F000
|
stack
|
page read and write
|
||
|
351000
|
unkown
|
page execute and write copy
|
||
|
392E000
|
stack
|
page read and write
|
||
|
279F000
|
unkown
|
page read and write
|
||
|
13B5000
|
heap
|
page read and write
|
||
|
963000
|
unkown
|
page execute and read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
5440000
|
direct allocation
|
page execute and read and write
|
||
|
53A0000
|
direct allocation
|
page execute and read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
3ACF000
|
stack
|
page read and write
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
529B000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
4DF8000
|
heap
|
page read and write
|
||
|
3D2F000
|
stack
|
page read and write
|
||
|
3A7000
|
unkown
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
3AD000
|
stack
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
12CA000
|
stack
|
page read and write
|
||
|
1145000
|
heap
|
page read and write
|
||
|
66F000
|
unkown
|
page execute and read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page execute and read and write
|
||
|
593000
|
unkown
|
page readonly
|
||
|
740000
|
heap
|
page read and write
|
||
|
3FEE000
|
stack
|
page read and write
|
||
|
477F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
39BF000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
522D000
|
stack
|
page read and write
|
||
|
413F000
|
stack
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
54D0000
|
direct allocation
|
page execute and read and write
|
||
|
33EF000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
376F000
|
stack
|
page read and write
|
||
|
13CA000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
A7A000
|
unkown
|
page execute and read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page execute and read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
53F0000
|
direct allocation
|
page execute and read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
1380000
|
direct allocation
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
831000
|
unkown
|
page execute and write copy
|
||
|
164C000
|
stack
|
page read and write
|
||
|
362F000
|
stack
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
2ACB000
|
stack
|
page read and write
|
||
|
4B40000
|
direct allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
547000
|
unkown
|
page execute and read and write
|
||
|
353000
|
unkown
|
page write copy
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
348F000
|
stack
|
page read and write
|
||
|
830000
|
unkown
|
page readonly
|
||
|
4D6F000
|
stack
|
page read and write
|
||
|
539F000
|
stack
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
EAB000
|
stack
|
page read and write
|
||
|
C36000
|
unkown
|
page execute and read and write
|
||
|
523D000
|
stack
|
page read and write
|
||
|
5241000
|
direct allocation
|
page read and write
|
||
|
3D7F000
|
stack
|
page read and write
|
||
|
462E000
|
stack
|
page read and write
|
||
|
4B30000
|
direct allocation
|
page read and write
|
||
|
54EF000
|
heap
|
page read and write
|
||
|
F7C000
|
stack
|
page read and write
|
||
|
12AF000
|
heap
|
page read and write
|
||
|
F03000
|
unkown
|
page execute and read and write
|
||
|
3A6E000
|
stack
|
page read and write
|
||
|
463F000
|
stack
|
page read and write
|
||
|
3D6E000
|
stack
|
page read and write
|
||
|
4DB0000
|
direct allocation
|
page execute and read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
2D0A000
|
stack
|
page read and write
|
||
|
591000
|
unkown
|
page execute and write copy
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
E07000
|
unkown
|
page execute and write copy
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
B07000
|
unkown
|
page execute and read and write
|
||
|
C47000
|
unkown
|
page execute and write copy
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
410F000
|
stack
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
422F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
D7A000
|
heap
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
4B3F000
|
stack
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
396F000
|
stack
|
page read and write
|
||
|
4AEF000
|
stack
|
page read and write
|
||
|
F51000
|
heap
|
page read and write
|
||
|
460F000
|
stack
|
page read and write
|
||
|
12D9000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
12E9000
|
heap
|
page read and write
|
||
|
34CE000
|
stack
|
page read and write
|
||
|
13A3000
|
heap
|
page read and write
|
||
|
5240000
|
direct allocation
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
36EF000
|
stack
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
270000
|
unkown
|
page read and write
|
||
|
1587000
|
heap
|
page read and write
|
||
|
13A3000
|
heap
|
page read and write
|
||
|
1318000
|
heap
|
page read and write
|
||
|
4BE0000
|
direct allocation
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
E07000
|
unkown
|
page execute and write copy
|
||
|
686000
|
unkown
|
page execute and read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
16DA000
|
heap
|
page read and write
|
||
|
F1A000
|
heap
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
27AB000
|
heap
|
page read and write
|
||
|
400E000
|
stack
|
page read and write
|
||
|
39EE000
|
stack
|
page read and write
|
||
|
275E000
|
unkown
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
596000
|
unkown
|
page execute and read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
3E6F000
|
stack
|
page read and write
|
||
|
DC4000
|
heap
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
40EF000
|
stack
|
page read and write
|
||
|
37AF000
|
stack
|
page read and write
|
||
|
2CCD000
|
stack
|
page read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
3A2F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
12FD000
|
stack
|
page read and write
|
||
|
338E000
|
stack
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
49FF000
|
stack
|
page read and write
|
||
|
F63000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
5400000
|
direct allocation
|
page execute and read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
967000
|
unkown
|
page read and write
|
||
|
E08000
|
unkown
|
page execute and write copy
|
||
|
324D000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
43CE000
|
stack
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
D46000
|
unkown
|
page execute and read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
1264000
|
heap
|
page read and write
|
||
|
3A3000
|
unkown
|
page execute and read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
D2F000
|
unkown
|
page execute and read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
4DBF000
|
stack
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
39CE000
|
stack
|
page read and write
|
||
|
4C62000
|
direct allocation
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
C46000
|
unkown
|
page execute and read and write
|
||
|
332F000
|
stack
|
page read and write
|
||
|
35EE000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
3B3D000
|
stack
|
page read and write
|
||
|
436F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
3D4F000
|
stack
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
3EFE000
|
stack
|
page read and write
|
||
|
963000
|
unkown
|
page execute and read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
43BF000
|
stack
|
page read and write
|
||
|
4B30000
|
direct allocation
|
page read and write
|
||
|
DB8000
|
heap
|
page read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
16AF000
|
heap
|
page read and write
|
||
|
4CE0000
|
direct allocation
|
page execute and read and write
|
||
|
326F000
|
stack
|
page read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
2DEE000
|
unkown
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
1264000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
366F000
|
stack
|
page read and write
|
||
|
50A5000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
34DE000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
5440000
|
direct allocation
|
page execute and read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
4B2D000
|
stack
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
1380000
|
direct allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
442F000
|
stack
|
page read and write
|
||
|
BF3000
|
unkown
|
page execute and read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
676000
|
unkown
|
page execute and read and write
|
||
|
428E000
|
stack
|
page read and write
|
||
|
44AF000
|
stack
|
page read and write
|
||
|
4D50000
|
direct allocation
|
page execute and read and write
|
||
|
270000
|
unkown
|
page readonly
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
396F000
|
stack
|
page read and write
|
||
|
5480000
|
direct allocation
|
page execute and read and write
|
||
|
456F000
|
stack
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page execute and read and write
|
||
|
38BE000
|
stack
|
page read and write
|
||
|
432E000
|
stack
|
page read and write
|
||
|
372E000
|
stack
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
3FCF000
|
stack
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
BF3000
|
unkown
|
page execute and read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
373F000
|
stack
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
43FE000
|
stack
|
page read and write
|
||
|
39FE000
|
stack
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
F04000
|
unkown
|
page execute and write copy
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
1110000
|
direct allocation
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
45EF000
|
stack
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
3F2F000
|
stack
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
596000
|
unkown
|
page execute and write copy
|
||
|
A63000
|
unkown
|
page execute and read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
5400000
|
direct allocation
|
page execute and read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
830000
|
unkown
|
page readonly
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
3E2E000
|
stack
|
page read and write
|
||
|
467E000
|
stack
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
4C8F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
3ADC000
|
stack
|
page read and write
|
||
|
E07000
|
unkown
|
page execute and read and write
|
||
|
5460000
|
direct allocation
|
page execute and read and write
|
||
|
50F7000
|
heap
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
16A7000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
353000
|
unkown
|
page readonly
|
||
|
4750000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
C46000
|
unkown
|
page execute and write copy
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
97A000
|
unkown
|
page execute and read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
3D2C000
|
stack
|
page read and write
|
||
|
167A000
|
heap
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
5490000
|
direct allocation
|
page execute and read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
931000
|
unkown
|
page execute and write copy
|
||
|
4C2F000
|
stack
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
4C6E000
|
stack
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
967000
|
unkown
|
page write copy
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
3FFF000
|
stack
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
386E000
|
stack
|
page read and write
|
||
|
3020000
|
direct allocation
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
3D8E000
|
stack
|
page read and write
|
||
|
5250000
|
direct allocation
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
847000
|
unkown
|
page execute and read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
CF3000
|
unkown
|
page execute and read and write
|
||
|
49AF000
|
stack
|
page read and write
|
||
|
50A6000
|
heap
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
352F000
|
stack
|
page read and write
|
||
|
2987000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
5460000
|
direct allocation
|
page execute and read and write
|
||
|
125D000
|
heap
|
page read and write
|
||
|
3037000
|
heap
|
page read and write
|
||
|
4751000
|
heap
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
4EAB000
|
heap
|
page read and write
|
||
|
164C000
|
stack
|
page read and write
|
||
|
12FD000
|
stack
|
page read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
E07000
|
unkown
|
page execute and read and write
|
||
|
366F000
|
stack
|
page read and write
|
||
|
351000
|
unkown
|
page execute read
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
5241000
|
direct allocation
|
page read and write
|
||
|
686000
|
unkown
|
page execute and write copy
|
||
|
310E000
|
stack
|
page read and write
|
||
|
F07000
|
unkown
|
page execute and read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
412E000
|
stack
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
16E4000
|
heap
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
45AE000
|
stack
|
page read and write
|
||
|
54A0000
|
direct allocation
|
page execute and read and write
|
||
|
4DA0000
|
direct allocation
|
page execute and read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
158A000
|
heap
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
3ECE000
|
stack
|
page read and write
|
||
|
417E000
|
stack
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
DBC000
|
heap
|
page read and write
|
||
|
C07000
|
unkown
|
page execute and read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
1318000
|
heap
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
38EF000
|
stack
|
page read and write
|
||
|
2A2C000
|
stack
|
page read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
C2F000
|
unkown
|
page execute and read and write
|
||
|
3C4E000
|
stack
|
page read and write
|
||
|
38ED000
|
stack
|
page read and write
|
||
|
12E9000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
3AFF000
|
stack
|
page read and write
|
||
|
151E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1120000
|
direct allocation
|
page read and write
|
||
|
5470000
|
direct allocation
|
page execute and read and write
|
||
|
4C7F000
|
stack
|
page read and write
|
||
|
46B1000
|
heap
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
2E2A000
|
stack
|
page read and write
|
||
|
3A3B000
|
stack
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
C2F000
|
unkown
|
page execute and read and write
|
||
|
4B90000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
426E000
|
stack
|
page read and write
|
||
|
3BEF000
|
stack
|
page read and write
|
||
|
594000
|
unkown
|
page read and write
|
||
|
23CA000
|
stack
|
page read and write
|
||
|
A67000
|
unkown
|
page read and write
|
||
|
95C000
|
stack
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
1110000
|
direct allocation
|
page read and write
|
||
|
54C0000
|
direct allocation
|
page execute and read and write
|
||
|
590000
|
unkown
|
page readonly
|
||
|
E04000
|
unkown
|
page execute and write copy
|
||
|
4D60000
|
direct allocation
|
page execute and read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
35CF000
|
stack
|
page read and write
|
||
|
54A0000
|
direct allocation
|
page execute and read and write
|
||
|
238D000
|
stack
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
453E000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
F07000
|
unkown
|
page execute and write copy
|
||
|
1140000
|
heap
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
337F000
|
stack
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
414E000
|
stack
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
1315000
|
heap
|
page read and write
|
||
|
D36000
|
unkown
|
page execute and read and write
|
||
|
474F000
|
stack
|
page read and write
|
||
|
3118000
|
heap
|
page read and write
|
||
|
4BE0000
|
direct allocation
|
page read and write
|
||
|
2AC000
|
stack
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
E84000
|
heap
|
page read and write
|
||
|
54E3000
|
heap
|
page read and write
|
||
|
C47000
|
unkown
|
page execute and write copy
|
||
|
438F000
|
stack
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
374E000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page read and write
|
||
|
12C2000
|
heap
|
page read and write
|
||
|
3C2E000
|
stack
|
page read and write
|
||
|
1120000
|
direct allocation
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
||
|
366E000
|
stack
|
page read and write
|
||
|
4BE1000
|
direct allocation
|
page read and write
|
||
|
142E000
|
stack
|
page read and write
|
||
|
4D30000
|
direct allocation
|
page execute and read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
3C7E000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
159F000
|
stack
|
page read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
1660000
|
direct allocation
|
page read and write
|
There are 846 hidden memdumps, click here to show them.