Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LisectAVT_2403002B_366.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Notepad.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\AutoIt3\Examples\Helpfile\Extras\MyProg.exe
|
MS-DOS executable PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\Uninstall.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\LisectAVT_2403002B_366.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\History\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\RRqyIX.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8d9ba8e0d68a3d306883c186c2013957Windows Update.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Documents\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Favorites\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Explower.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\system.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RRqyIX.exe_152a71c642bbbcd7fd442643df33529b74505d85_06902e4b_5f2b330f-a3e7-41c9-bf73-f30df8d8d06a\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB57A.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Jul 25 11:55:57 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB82A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB85A.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\8d9ba8e0d68a3d306883c186c2013957Windows Update.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Microsoft Corporation.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\k1[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\k1[2].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\k2[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\k2[2].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\k3[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\k4[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\k5[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\070901E5.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\0BFF4E1D.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\12A86BAB.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2266597f.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\24de2542.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3DED6F9C.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\48010AB1.exe
|
ASCII text
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\5BCD317B.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\62724210.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\app
|
Unicode text, UTF-8 (with BOM) text, with no line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 36 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LisectAVT_2403002B_366.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002B_366.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\RRqyIX.exe
|
C:\Users\user\AppData\Local\Temp\RRqyIX.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe" "server.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8d9ba8e0d68a3d306883c186c2013957Windows Update.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8d9ba8e0d68a3d306883c186c2013957Windows Update.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8d9ba8e0d68a3d306883c186c2013957Windows Update.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8d9ba8e0d68a3d306883c186c2013957Windows Update.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\RRqyIX.exe
|
C:\Users\user\AppData\Local\Temp\RRqyIX.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\RRqyIX.exe
|
C:\Users\user\AppData\Local\Temp\RRqyIX.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4888 -s 1608
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\24de2542.bat" "
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\2266597f.bat" "
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ddos.dnsnb8.net:799/cj//k2.rarZ
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar86)
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarM
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rara
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarH
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarzO
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar#O
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar_
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rareM
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar5
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar
|
44.221.84.105
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarPO
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar1
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarn
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rarE
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rarR
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rard
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rarp6
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rarx
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rarc
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rarM
|
unknown
|
|
|
|
http://www.scintilla.org/scite.rng
|
unknown
|
||
|
http://www.rftp.comJosiah
|
unknown
|
||
|
http://www.activestate.com
|
unknown
|
||
|
http://www.activestate.comHolger
|
unknown
|
||
|
http://pki-crl.symauth.com/ca_732b6ec148d290c0a071efd1dac8e288/LatestCRL.crl07
|
unknown
|
||
|
http://www.enigmaprotector.com/openU
|
unknown
|
||
|
http://%s:%d/%s/%sZwQuerySystemInformationntdll.dllNtSystemDebugControlSeDebugPrivilege%s%.8x.bat:DE
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://www.rftp.com
|
unknown
|
||
|
http://pki-crl.symauth.com/offlineca/TheInstituteofElectricalandElectronicsusersIncIEEERootCA.cr
|
unknown
|
||
|
http://www.baanboard.comBrendon
|
unknown
|
||
|
https://www.smartsharesystems.com/
|
unknown
|
||
|
http://www.scintilla.org
|
unknown
|
||
|
http://www.spaceblue.comMathias
|
unknown
|
||
|
https://www.smartsharesystems.com/Morten
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k4.rar$
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k5.rar
|
44.221.84.105
|
||
|
http://www.develop.com
|
unknown
|
||
|
http://pki-ocsp.symauth.com0
|
unknown
|
||
|
http://www.lua.org
|
unknown
|
||
|
http://www.spaceblue.com
|
unknown
|
||
|
http://ddos.dnsnb8.net:799/cj//k4.rar
|
44.221.84.105
|
||
|
http://www.baanboard.com
|
unknown
|
||
|
http://www.develop.comDeepak
|
unknown
|
||
|
http://www.enigmaprotector.com/
|
unknown
|
There are 38 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ddos.dnsnb8.net
|
44.221.84.105
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
44.221.84.105
|
ddos.dnsnb8.net
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
ProgramId
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
FileId
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
LongPathHash
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
Name
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
OriginalFileName
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
Publisher
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
Version
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
BinFileVersion
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
BinaryType
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
ProductName
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
ProductVersion
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
LinkDate
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
BinProductVersion
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
Size
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
Language
|
||
|
\REGISTRY\A\{ad839d31-4d9e-7954-7170-a8f54ebbdfe6}\Root\InventoryApplicationFile\rrqyix.exe|c7d29a031c799dfa
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\GTplus
|
Time
|
There are 15 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3D51000
|
trusted library allocation
|
page read and write
|
|
|
|
602000
|
unkown
|
page execute and read and write
|
|
|
|
2DBE000
|
stack
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
B21000
|
heap
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
981000
|
unkown
|
page execute and read and write
|
||
|
987000
|
unkown
|
page execute and read and write
|
||
|
354B000
|
trusted library allocation
|
page execute and read and write
|
||
|
53A4000
|
trusted library allocation
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
5FBE000
|
stack
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
3510000
|
trusted library allocation
|
page read and write
|
||
|
51B000
|
stack
|
page read and write
|
||
|
A36000
|
unkown
|
page execute and write copy
|
||
|
B0E000
|
unkown
|
page execute and read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
2B95000
|
heap
|
page read and write
|
||
|
2D88000
|
direct allocation
|
page execute and read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
2EE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
643E000
|
stack
|
page read and write
|
||
|
1562000
|
heap
|
page read and write
|
||
|
51B000
|
stack
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
2FB0000
|
direct allocation
|
page execute and read and write
|
||
|
2F70000
|
direct allocation
|
page execute and read and write
|
||
|
479000
|
stack
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
3410000
|
direct allocation
|
page execute and read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
2B3C000
|
stack
|
page read and write
|
||
|
AE4000
|
unkown
|
page read and write
|
||
|
A31000
|
unkown
|
page execute read
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
2C0E000
|
heap
|
page read and write
|
||
|
2C2D000
|
heap
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
4030000
|
heap
|
page read and write
|
||
|
171F000
|
stack
|
page read and write
|
||
|
B50000
|
unkown
|
page execute and read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
2BCF000
|
heap
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
2BCC000
|
heap
|
page read and write
|
||
|
5014000
|
trusted library allocation
|
page read and write
|
||
|
AF1000
|
unkown
|
page execute and read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
3DA4000
|
trusted library allocation
|
page read and write
|
||
|
F2D000
|
heap
|
page read and write
|
||
|
7A5E000
|
stack
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
6D1E000
|
stack
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
B23000
|
unkown
|
page execute and read and write
|
||
|
18CE000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
2C2D000
|
heap
|
page read and write
|
||
|
5368000
|
trusted library allocation
|
page read and write
|
||
|
350A000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD0000
|
unkown
|
page execute and read and write
|
||
|
2BC6000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
4620000
|
heap
|
page read and write
|
||
|
2BD8000
|
heap
|
page read and write
|
||
|
5F7F000
|
stack
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
DA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C0000
|
direct allocation
|
page read and write
|
||
|
DC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FAF000
|
stack
|
page read and write
|
||
|
3D7E000
|
stack
|
page read and write
|
||
|
B45000
|
unkown
|
page execute and read and write
|
||
|
B27000
|
heap
|
page read and write
|
||
|
2C0E000
|
heap
|
page read and write
|
||
|
DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
2BCF000
|
heap
|
page read and write
|
||
|
2C2D000
|
heap
|
page read and write
|
||
|
34F0000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
397F000
|
stack
|
page read and write
|
||
|
2C72000
|
heap
|
page read and write
|
||
|
B2A000
|
stack
|
page read and write
|
||
|
4F0C000
|
heap
|
page read and write
|
||
|
2BD4000
|
heap
|
page read and write
|
||
|
40D1000
|
trusted library allocation
|
page read and write
|
||
|
48F0000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
513000
|
unkown
|
page readonly
|
||
|
3F9E000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
F2A000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
2D42000
|
trusted library allocation
|
page execute and read and write
|
||
|
3270000
|
direct allocation
|
page execute and read and write
|
||
|
2BD1000
|
heap
|
page read and write
|
||
|
516000
|
unkown
|
page execute and read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
5F0000
|
direct allocation
|
page read and write
|
||
|
8E0000
|
direct allocation
|
page read and write
|
||
|
36BE000
|
stack
|
page read and write
|
||
|
C51000
|
unkown
|
page execute and read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
3570000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
158B000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
BE1000
|
unkown
|
page execute and write copy
|
||
|
2DA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
341B000
|
direct allocation
|
page execute and read and write
|
||
|
663E000
|
stack
|
page read and write
|
||
|
A85000
|
heap
|
page read and write
|
||
|
61C000
|
unkown
|
page execute and write copy
|
||
|
DB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4660000
|
heap
|
page read and write
|
||
|
322B000
|
stack
|
page read and write
|
||
|
2C15000
|
heap
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
602000
|
unkown
|
page execute and write copy
|
||
|
2D5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
EAE000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
AF7000
|
unkown
|
page execute and read and write
|
||
|
2C2B000
|
heap
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
2D4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3633000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
3E1F000
|
trusted library allocation
|
page read and write
|
||
|
5F4E000
|
stack
|
page read and write
|
||
|
634C000
|
stack
|
page read and write
|
||
|
50A7000
|
trusted library allocation
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
B00000
|
direct allocation
|
page read and write
|
||
|
A34000
|
unkown
|
page read and write
|
||
|
6D4000
|
heap
|
page read and write
|
||
|
2C71000
|
heap
|
page read and write
|
||
|
629F000
|
stack
|
page read and write
|
||
|
ADD000
|
unkown
|
page execute and read and write
|
||
|
3418000
|
direct allocation
|
page execute and read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
45D0000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
330B000
|
stack
|
page read and write
|
||
|
2C26000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
3560000
|
trusted library allocation
|
page read and write
|
||
|
2BBE000
|
heap
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
2C24000
|
heap
|
page read and write
|
||
|
4F05000
|
heap
|
page read and write
|
||
|
61BB000
|
stack
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
61FC000
|
stack
|
page read and write
|
||
|
AEA000
|
unkown
|
page execute and read and write
|
||
|
32B0000
|
direct allocation
|
page execute and read and write
|
||
|
DCC000
|
trusted library allocation
|
page execute and read and write
|
||
|
513000
|
unkown
|
page write copy
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
413E000
|
stack
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
3610000
|
trusted library allocation
|
page read and write
|
||
|
2C1C000
|
heap
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
C61000
|
unkown
|
page execute and read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
2C1C000
|
heap
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B00000
|
direct allocation
|
page read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
4F01000
|
heap
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
2BC5000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
347D000
|
stack
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
3E9E000
|
stack
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
A16000
|
unkown
|
page execute and read and write
|
||
|
2F82000
|
direct allocation
|
page execute and read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
2BC9000
|
heap
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
3547000
|
trusted library allocation
|
page execute and read and write
|
||
|
A26000
|
unkown
|
page execute and read and write
|
||
|
3517000
|
trusted library allocation
|
page execute and read and write
|
||
|
1522000
|
heap
|
page read and write
|
||
|
A9E000
|
unkown
|
page execute and read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
C61000
|
unkown
|
page execute and write copy
|
||
|
DAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FC000
|
stack
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
4E22000
|
trusted library allocation
|
page read and write
|
||
|
61C000
|
unkown
|
page execute and read and write
|
||
|
122A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F2E000
|
heap
|
page read and write
|
||
|
AA3000
|
unkown
|
page execute and read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
675000
|
stack
|
page read and write
|
||
|
2C0E000
|
heap
|
page read and write
|
||
|
AE1000
|
unkown
|
page execute and write copy
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
75BE000
|
stack
|
page read and write
|
||
|
AE1000
|
unkown
|
page execute read
|
||
|
A60000
|
heap
|
page read and write
|
||
|
4F0D000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
C51000
|
unkown
|
page execute and write copy
|
||
|
AE7000
|
unkown
|
page execute and read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
4DCD000
|
trusted library allocation
|
page read and write
|
||
|
2BED000
|
heap
|
page read and write
|
||
|
2C71000
|
heap
|
page read and write
|
||
|
DD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
2C7E000
|
heap
|
page read and write
|
||
|
B21000
|
heap
|
page read and write
|
||
|
2C24000
|
heap
|
page read and write
|
||
|
EF9000
|
heap
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
3F45000
|
trusted library allocation
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
2BD1000
|
heap
|
page read and write
|
||
|
A36000
|
unkown
|
page execute and read and write
|
||
|
392C000
|
stack
|
page read and write
|
||
|
683000
|
heap
|
page read and write
|
||
|
2FBB000
|
direct allocation
|
page execute and read and write
|
||
|
2D57000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C9F000
|
stack
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
C48000
|
unkown
|
page execute and read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
363C000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
2D8B000
|
direct allocation
|
page execute and read and write
|
||
|
EC5000
|
stack
|
page read and write
|
||
|
6B4D000
|
stack
|
page read and write
|
||
|
B2D000
|
heap
|
page read and write
|
||
|
2C11000
|
heap
|
page read and write
|
||
|
655D000
|
stack
|
page read and write
|
||
|
C30000
|
direct allocation
|
page read and write
|
||
|
6AFD000
|
stack
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
4F01000
|
heap
|
page read and write
|
||
|
773000
|
unkown
|
page execute and read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
3532000
|
trusted library allocation
|
page execute and read and write
|
||
|
3620000
|
trusted library allocation
|
page execute and read and write
|
||
|
F72000
|
heap
|
page read and write
|
||
|
63A000
|
heap
|
page read and write
|
||
|
4F14000
|
heap
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
3818000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
unkown
|
page readonly
|
||
|
2C1D000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page execute and write copy
|
||
|
40CE000
|
trusted library allocation
|
page read and write
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
D9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A0000
|
unkown
|
page readonly
|
||
|
511000
|
unkown
|
page execute read
|
||
|
A77000
|
unkown
|
page execute and read and write
|
||
|
B4D000
|
unkown
|
page execute and read and write
|
||
|
B56000
|
unkown
|
page execute and read and write
|
||
|
2BD8000
|
heap
|
page read and write
|
||
|
63FC000
|
stack
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
351A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C14000
|
heap
|
page read and write
|
||
|
C35000
|
unkown
|
page execute and read and write
|
||
|
32E3000
|
direct allocation
|
page execute and read and write
|
||
|
8E0000
|
direct allocation
|
page read and write
|
||
|
5069000
|
trusted library allocation
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
36D0000
|
heap
|
page read and write
|
||
|
315F000
|
stack
|
page read and write
|
||
|
35AE000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
2BC9000
|
heap
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
8B1000
|
unkown
|
page execute and read and write
|
||
|
4F0D000
|
heap
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
380E000
|
stack
|
page read and write
|
||
|
2BD8000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
4E9000
|
stack
|
page read and write
|
||
|
2BC9000
|
heap
|
page read and write
|
||
|
6F9E000
|
stack
|
page read and write
|
||
|
28C0000
|
heap
|
page read and write
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
AA7000
|
unkown
|
page execute and read and write
|
||
|
B5D000
|
unkown
|
page execute and read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
4F14000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
15C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BD4000
|
heap
|
page read and write
|
||
|
689E000
|
stack
|
page read and write
|
||
|
8B0000
|
direct allocation
|
page execute and read and write
|
||
|
50BE000
|
trusted library allocation
|
page read and write
|
||
|
2C11000
|
heap
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
31B0000
|
direct allocation
|
page execute and read and write
|
||
|
40A1000
|
trusted library allocation
|
page read and write
|
||
|
B66000
|
unkown
|
page execute and read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
308C000
|
stack
|
page read and write
|
||
|
354C000
|
stack
|
page read and write
|
||
|
A27000
|
unkown
|
page execute and read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
B2D000
|
heap
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
6B83000
|
heap
|
page read and write
|
||
|
669D000
|
stack
|
page read and write
|
||
|
352A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BEB000
|
heap
|
page read and write
|
||
|
4D84000
|
trusted library allocation
|
page read and write
|
||
|
2D92000
|
trusted library allocation
|
page execute and read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
B2D000
|
heap
|
page read and write
|
||
|
C5F000
|
stack
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
32AE000
|
stack
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
1450000
|
direct allocation
|
page execute and read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C2D000
|
heap
|
page read and write
|
||
|
5F7C000
|
stack
|
page read and write
|
||
|
B5C000
|
heap
|
page read and write
|
||
|
AE3000
|
unkown
|
page readonly
|
||
|
4150000
|
heap
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
B34000
|
unkown
|
page execute and read and write
|
||
|
35F0000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
B44000
|
unkown
|
page execute and read and write
|
||
|
4C90000
|
heap
|
page read and write
|
||
|
2C71000
|
heap
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
9BD000
|
unkown
|
page execute and read and write
|
||
|
53B000
|
stack
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
2BD8000
|
heap
|
page read and write
|
||
|
11F6000
|
stack
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
6D9E000
|
stack
|
page read and write
|
||
|
2DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ECC000
|
trusted library allocation
|
page read and write
|
||
|
2C25000
|
heap
|
page read and write
|
||
|
A07000
|
unkown
|
page execute and read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
2C1E000
|
heap
|
page read and write
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
3AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8AE000
|
unkown
|
page execute and write copy
|
||
|
2FA3000
|
direct allocation
|
page execute and read and write
|
||
|
40FE000
|
stack
|
page read and write
|
||
|
767000
|
unkown
|
page execute and read and write
|
||
|
3403000
|
direct allocation
|
page execute and read and write
|
||
|
2F0B000
|
stack
|
page read and write
|
||
|
6ABE000
|
stack
|
page read and write
|
||
|
4393000
|
trusted library allocation
|
page read and write
|
||
|
2EBF000
|
stack
|
page read and write
|
||
|
8D0000
|
direct allocation
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
2C1D000
|
heap
|
page read and write
|
||
|
2BB8000
|
heap
|
page read and write
|
||
|
5B0000
|
direct allocation
|
page read and write
|
||
|
A97000
|
unkown
|
page execute and read and write
|
||
|
77B000
|
stack
|
page read and write
|
||
|
3512000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE6000
|
unkown
|
page execute and read and write
|
||
|
50F3000
|
trusted library allocation
|
page read and write
|
||
|
409E000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
BC5000
|
unkown
|
page execute and read and write
|
||
|
2534000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
794000
|
unkown
|
page execute and read and write
|
||
|
2C1D000
|
heap
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
2FC000
|
stack
|
page read and write
|
||
|
AE6000
|
unkown
|
page execute and read and write
|
||
|
2BEB000
|
heap
|
page read and write
|
||
|
649B000
|
stack
|
page read and write
|
||
|
A88000
|
unkown
|
page execute and read and write
|
||
|
4F02000
|
heap
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
AD5000
|
unkown
|
page execute and read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
8F4000
|
stack
|
page read and write
|
||
|
F26000
|
heap
|
page read and write
|
||
|
B5A000
|
unkown
|
page execute and read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page read and write
|
||
|
2BD9000
|
heap
|
page read and write
|
||
|
6F5E000
|
stack
|
page read and write
|
||
|
2C0E000
|
heap
|
page read and write
|
||
|
B2E000
|
heap
|
page read and write
|
||
|
4F0D000
|
heap
|
page read and write
|
||
|
AB1000
|
heap
|
page read and write
|
||
|
A81000
|
unkown
|
page execute and read and write
|
||
|
2C16000
|
heap
|
page read and write
|
||
|
BE1000
|
unkown
|
page execute and read and write
|
||
|
667E000
|
stack
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
2BCD000
|
heap
|
page read and write
|
||
|
2D86000
|
heap
|
page read and write
|
||
|
50A1000
|
trusted library allocation
|
page read and write
|
||
|
2C74000
|
heap
|
page read and write
|
||
|
123A000
|
heap
|
page read and write
|
||
|
B6A000
|
unkown
|
page execute and read and write
|
||
|
511000
|
unkown
|
page execute and write copy
|
||
|
2C15000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
2C1C000
|
heap
|
page read and write
|
||
|
33D0000
|
direct allocation
|
page execute and read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
D8B000
|
stack
|
page read and write
|
||
|
B55000
|
unkown
|
page execute and read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
3F43000
|
trusted library allocation
|
page read and write
|
||
|
1556000
|
heap
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
14F5000
|
heap
|
page read and write
|
||
|
2C2F000
|
heap
|
page read and write
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
2C2C000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
A4B000
|
unkown
|
page execute and read and write
|
||
|
4E77000
|
trusted library allocation
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
2C4F000
|
stack
|
page read and write
|
||
|
EF0000
|
direct allocation
|
page execute and read and write
|
||
|
14DE000
|
heap
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
4F06000
|
heap
|
page read and write
|
||
|
14DA000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
77FC000
|
stack
|
page read and write
|
||
|
73BE000
|
stack
|
page read and write
|
||
|
778000
|
unkown
|
page execute and read and write
|
||
|
DDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3970000
|
heap
|
page execute and read and write
|
||
|
2D9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DA3000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1160000
|
direct allocation
|
page execute and read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
32F0000
|
direct allocation
|
page execute and read and write
|
||
|
8F9000
|
stack
|
page read and write
|
||
|
AC4000
|
unkown
|
page execute and read and write
|
||
|
9CD000
|
unkown
|
page execute and read and write
|
||
|
4D78000
|
trusted library allocation
|
page read and write
|
||
|
2C2A000
|
heap
|
page read and write
|
||
|
B07000
|
unkown
|
page execute and read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
2C16000
|
heap
|
page read and write
|
||
|
EAA000
|
heap
|
page read and write
|
||
|
2BD8000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
3A9C000
|
stack
|
page read and write
|
||
|
B17000
|
unkown
|
page execute and read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2DC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
AE3000
|
unkown
|
page write copy
|
||
|
2A87000
|
stack
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
B05000
|
unkown
|
page execute and read and write
|
||
|
2B7E000
|
unkown
|
page read and write
|
||
|
948000
|
unkown
|
page execute and read and write
|
||
|
3B10000
|
trusted library allocation
|
page read and write
|
||
|
2DAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
AF8000
|
unkown
|
page execute and read and write
|
||
|
99A000
|
unkown
|
page execute and read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
255F000
|
stack
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
3790000
|
heap
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
2BCC000
|
heap
|
page read and write
|
||
|
2BCE000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
2BC5000
|
heap
|
page read and write
|
||
|
5361000
|
trusted library allocation
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
2DAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
368C000
|
stack
|
page read and write
|
||
|
AE6000
|
unkown
|
page execute and write copy
|
||
|
2FB8000
|
direct allocation
|
page execute and read and write
|
||
|
4F12000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
2C2B000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
A97000
|
unkown
|
page execute and read and write
|
||
|
15CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
15C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
2C2A000
|
heap
|
page read and write
|
||
|
3DAD000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
300C000
|
stack
|
page read and write
|
||
|
2C7E000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
4F21000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
unclassified section
|
page read and write
|
||
|
614B000
|
stack
|
page read and write
|
||
|
6B50000
|
heap
|
page read and write
|
||
|
2BEE000
|
heap
|
page read and write
|
||
|
990000
|
unclassified section
|
page read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
2C51000
|
heap
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
2BCC000
|
heap
|
page read and write
|
||
|
4F0D000
|
heap
|
page read and write
|
||
|
DAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
B08000
|
unkown
|
page execute and read and write
|
||
|
15CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1222000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
297E000
|
stack
|
page read and write
|
||
|
2C40000
|
direct allocation
|
page execute and read and write
|
||
|
ABC000
|
heap
|
page read and write
|
||
|
B5C000
|
heap
|
page read and write
|
||
|
B1E000
|
unkown
|
page execute and read and write
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
4E6F000
|
stack
|
page read and write
|
||
|
C45000
|
unkown
|
page execute and read and write
|
||
|
9AC000
|
unkown
|
page execute and read and write
|
||
|
2F8B000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
367C000
|
stack
|
page read and write
|
||
|
94D000
|
unkown
|
page execute and read and write
|
||
|
40BC000
|
stack
|
page read and write
|
||
|
360E000
|
stack
|
page read and write
|
||
|
8E0000
|
direct allocation
|
page read and write
|
||
|
2BC9000
|
heap
|
page read and write
|
||
|
134D000
|
stack
|
page read and write
|
||
|
2D10000
|
unclassified section
|
page read and write
|
||
|
2C0F000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
8E0000
|
direct allocation
|
page read and write
|
||
|
40CB000
|
trusted library allocation
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
439A000
|
trusted library allocation
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
3DA6000
|
trusted library allocation
|
page read and write
|
||
|
2C0F000
|
heap
|
page read and write
|
||
|
2BD5000
|
heap
|
page read and write
|
||
|
35EC000
|
stack
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
8B1000
|
unkown
|
page execute and write copy
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
785E000
|
stack
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
2C2D000
|
heap
|
page read and write
|
||
|
40C4000
|
trusted library allocation
|
page read and write
|
||
|
695C000
|
stack
|
page read and write
|
||
|
2BC5000
|
heap
|
page read and write
|
||
|
9A6000
|
unkown
|
page execute and read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
D92000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B20000
|
unclassified section
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
A2C000
|
unkown
|
page execute and read and write
|
||
|
1ACE000
|
stack
|
page read and write
|
||
|
A33000
|
unkown
|
page write copy
|
||
|
514000
|
unkown
|
page read and write
|
||
|
3B7E000
|
stack
|
page read and write
|
||
|
536A000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
9C8000
|
unkown
|
page execute and read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
516000
|
unkown
|
page execute and write copy
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
2C0F000
|
heap
|
page read and write
|
||
|
683000
|
heap
|
page read and write
|
||
|
A95000
|
unkown
|
page execute and read and write
|
||
|
2B91000
|
heap
|
page read and write
|
||
|
2BD6000
|
heap
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
2D7E000
|
stack
|
page read and write
|
||
|
131F000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
2D40000
|
direct allocation
|
page execute and read and write
|
||
|
2C18000
|
heap
|
page read and write
|
||
|
AB6000
|
heap
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
31AB000
|
stack
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
F72000
|
heap
|
page read and write
|
||
|
BC8000
|
unkown
|
page execute and read and write
|
||
|
32FC000
|
stack
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
B01000
|
unkown
|
page execute and read and write
|
||
|
75FC000
|
stack
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
2C7E000
|
heap
|
page read and write
|
||
|
B15000
|
unkown
|
page execute and read and write
|
||
|
A01000
|
unkown
|
page execute and read and write
|
||
|
4387000
|
trusted library allocation
|
page read and write
|
||
|
2C1C000
|
heap
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
A1C000
|
unkown
|
page execute and read and write
|
||
|
353A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C28000
|
heap
|
page read and write
|
||
|
A8A000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
12BB000
|
heap
|
page read and write
|
||
|
4F04000
|
heap
|
page read and write
|
||
|
2C71000
|
heap
|
page read and write
|
||
|
3B0D000
|
stack
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
2C1F000
|
heap
|
page read and write
|
||
|
4F0D000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page execute and read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
9F1000
|
unkown
|
page execute and read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
2DE0000
|
direct allocation
|
page execute and read and write
|
||
|
D6B000
|
heap
|
page read and write
|
||
|
2C26000
|
heap
|
page read and write
|
||
|
C38000
|
unkown
|
page execute and read and write
|
||
|
629C000
|
stack
|
page read and write
|
||
|
4361000
|
trusted library allocation
|
page read and write
|
||
|
B13000
|
unkown
|
page execute and read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
4D51000
|
trusted library allocation
|
page read and write
|
||
|
976000
|
stack
|
page read and write
|
||
|
B40000
|
unkown
|
page execute and read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
B02000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
AF0000
|
direct allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
A33000
|
unkown
|
page readonly
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
DD2000
|
trusted library allocation
|
page read and write
|
||
|
407C000
|
stack
|
page read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
38EC000
|
stack
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
9F7000
|
unkown
|
page execute and read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
DCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
675B000
|
stack
|
page read and write
|
||
|
2BEB000
|
heap
|
page read and write
|
||
|
2C71000
|
heap
|
page read and write
|
||
|
2C73000
|
heap
|
page read and write
|
||
|
2BEB000
|
heap
|
page read and write
|
||
|
50A4000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
heap
|
page read and write
|
||
|
3D5E000
|
stack
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
3D4E000
|
stack
|
page read and write
|
||
|
6C8B000
|
stack
|
page read and write
|
||
|
2C0F000
|
heap
|
page read and write
|
||
|
2F3F000
|
stack
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
3F5E000
|
stack
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
2BB5000
|
heap
|
page read and write
|
||
|
9B8000
|
unkown
|
page execute and read and write
|
||
|
110E000
|
stack
|
page read and write
|
||
|
2BD9000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
2C1C000
|
heap
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
351C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3300000
|
trusted library allocation
|
page execute and read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
5ED000
|
unkown
|
page read and write
|
||
|
6B5E000
|
stack
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
AE6000
|
heap
|
page read and write
|
||
|
2D73000
|
direct allocation
|
page execute and read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
2BEE000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
4D81000
|
trusted library allocation
|
page read and write
|
||
|
2DCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2BEC000
|
heap
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
2BC9000
|
heap
|
page read and write
|
||
|
AD4000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
3DB0000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
340C000
|
stack
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
F45000
|
heap
|
page read and write
|
||
|
2D80000
|
direct allocation
|
page execute and read and write
|
||
|
ABB000
|
unkown
|
page execute and read and write
|
||
|
B2D000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
B00000
|
direct allocation
|
page read and write
|
||
|
24DE000
|
stack
|
page read and write
|
||
|
3EB000
|
stack
|
page read and write
|
||
|
28BE000
|
stack
|
page read and write
|
||
|
2C15000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
35F0000
|
heap
|
page execute and read and write
|
||
|
B6F000
|
heap
|
page read and write
|
||
|
AE6000
|
heap
|
page read and write
|
||
|
B22000
|
heap
|
page read and write
|
||
|
C2A000
|
stack
|
page read and write
|
||
|
30CD000
|
stack
|
page read and write
|
||
|
2C32000
|
heap
|
page read and write
|
||
|
ACB000
|
unkown
|
page execute and read and write
|
||
|
B00000
|
direct allocation
|
page read and write
|
||
|
3D81000
|
trusted library allocation
|
page read and write
|
There are 795 hidden memdumps, click here to show them.