Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\HamSphere\HamSphere_4.010a\HamSphere_4.010a.exe
|
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\Uninstall.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\install.log
|
data
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\JAWTAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\JavaAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\JdbcOdbc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\WindowsAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\awt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\cleanup.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\dcpr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\fontmanager.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\j2pcsc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\j2pkcs11.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\jaas_nt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\java.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\jawt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\jetvm\jvm.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\jpeg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\jsound.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\jsoundds.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\kcms.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\mlib_image.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\net.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\nio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\sunec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\sunmscapi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\unpack.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\unpack200.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\w2k_lsa_auth.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\bin\zip.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XAWT10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XCRB10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XEND10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XIMG10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XINV10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XJCE10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XKRN10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XMIA10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XMIS10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XMNG10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XMSC10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XPKC10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XRMI10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XSCR10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XSEC10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XSND10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XSQL10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XSSE10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XSWN10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XXML10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XXWS10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\XXXL10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\dynlookup10505.tbl
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\jetrt\xjitb_j10505.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\accessibility.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\calendars.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\cmm\CIEXYZ.pf
|
Sun KCMS color profile 2.0, type KCMS, XYZ/XYZ-spac device, 51236 bytes, 2-12-1997 18:50:04, dependently, PCS X=0xf6b3 Z=0xd2f8
"XYZ to XYZ Identity Profile"
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\cmm\GRAY.pf
|
Sun KCMS color profile 2.0, type KCMS, GRAY/XYZ-mntr device, KODA/GRAY model, 632 bytes, 27-7-95 17:30:15, embedded, relative
colorimetric, PCS Z=0xd32b "KODAK Grayscale Conversion - Gamma 1.0"
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\cmm\LINEAR_RGB.pf
|
color profile 2.0, type KCMS, RGB/XYZ-mntr device by KODK, 1044 bytes, 2-2-1998, PCS Z=0xd32c "linear sRGB"
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\cmm\PYCC.pf
|
Sun KCMS color profile 2.0, type KCMS, 3CLR/Lab-spac device, 274474 bytes, 6-11-1996 7:50:04, PCS X=0xf6b3 Z=0xd2f8 "Std Photo
YCC Print"
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\cmm\sRGB.pf
|
Microsoft color profile 2.1, type Lino, RGB/XYZ-mntr device, IEC/sRGB model by HP, 3144 bytes, 9-2-1998 6:49:00 "sRGB IEC61966-2.1"
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\content-types.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\currency.data
|
data
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\ext\meta-index
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\ext\sunec.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\ext\sunjce_provider.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\ext\sunmscapi.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\ext\sunpkcs11.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\flavormap.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\fontconfig.bfc
|
raw G3 (Group 3) FAX
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\fontconfig.properties.src
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\fonts\LucidaSansRegular.ttf
|
TrueType Font data, 18 tables, 1st "GDEF", 19 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc. Pat. Des. 289,420.Lucida
SansRegularLucida Sans Regu
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\i386\jvm.cfg
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\images\cursors\cursors.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\images\cursors\invalid32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\images\cursors\win32_CopyDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\images\cursors\win32_CopyNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\images\cursors\win32_LinkDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\images\cursors\win32_LinkNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\images\cursors\win32_MoveDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\images\cursors\win32_MoveNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\jce.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\locales
|
ASCII text, with very long lines (636)
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\logging.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\management\jmxremote.access
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\management\jmxremote.password.template
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\management\management.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\management\snmp.acl.template
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\meta-index
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\net.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\psfont.properties.ja
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\psfontj2d.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\resources.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\security\US_export_policy.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\security\blacklist
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\security\cacerts
|
Java KeyStore
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\security\java.policy
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\security\java.security
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\security\local_policy.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\sound.properties
|
ASCII text
|
dropped
|
||
|
C:\HamSphere\HamSphere_4.010a\rt\lib\tzmappings
|
ASCII text
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HamSphere\HamSphere_4.010a\HamSphere_4.010a.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Wed Oct 23 12:34:28 2024, mtime=Mon Apr 29 20:02:11 2019, atime=Mon Apr 29 20:02:11 2019, length=1669320, window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HamSphere\HamSphere_4.010a\Uninstall.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Wed Oct 23 12:34:28 2024, mtime=Mon Jan 26 22:53:59 2015, atime=Mon Jan 26 22:53:59 2015, length=422400, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\InstTemp0\userinstall.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\InstTemp0\xbind.script
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\xnsE6A3.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
There are 99 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
|
C:\HamSphere\HamSphere_4.010a\HamSphere_4.010a.exe
|
"C:\HamSphere\HamSphere_4.010a\HamSphere_4.010a.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/soap/envelope/-Xalan(u
|
unknown
|
||
|
http://apache.org/xml/properties/dom/current-element-nodeCyrillicWG_ENCODING_NOT_SUPPORTED_USING_JAV
|
unknown
|
||
|
http://javax.xml.transform.sax.SAXTransformerFactory/featureCould
|
unknown
|
||
|
http://www.sun.com/xml/sax-events
|
unknown
|
||
|
http://hs4.hamsphere.com/saveremoterig.phpUSBshCorrupt
|
unknown
|
||
|
http://www.chambersign.org1
|
unknown
|
||
|
http://repository.swisssign.com/0
|
unknown
|
||
|
http://xml.org/sax/features/xmlns-urisnulln0P
|
unknown
|
||
|
http://www.alphaworks.ibm.com/formula/xmlunsignedLongXRTreeFragSelectWrapper
|
unknown
|
||
|
http://crl.certum.pl/ca.crl0:
|
unknown
|
||
|
http://xml.apache.org/xalan-j
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema/augment-psvi(StylesheetHandler)
|
unknown
|
||
|
http://www.alphaworks.ibm.com/formula/xmlARCHIVEotherwisefind
|
unknown
|
||
|
http://jvnet.org/fastinfoset/parser/properties/external-vocabulariesprefix/:
|
unknown
|
||
|
http://apache.org/xml/properties/internal/xinclude-handlerAV
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://apache.org/xml/features/include-comments
|
unknown
|
||
|
http://apache.org/xml/features/scanner/notify-char-refs
|
unknown
|
||
|
http://xml.org/sax/properties/lexical-handlerSystemId-Unknown:locator-unavailable:
|
unknown
|
||
|
http://policy.camerfirma.com0
|
unknown
|
||
|
http://www.excelsior-usa.com
|
unknown
|
||
|
http://xml.apache.org/xalan-j/faq.html
|
unknown
|
||
|
http://xml.org/sax/features/external-parameter-entitiesdigestValue
|
unknown
|
||
|
http://www.oasis-open.org/committees/entity/release/1.0/catalog.xsd-//W3C//DTD
|
unknown
|
||
|
http://xml.org/sax/properties/declaration-handlerusing
|
unknown
|
||
|
http://apache.org/xml/features/allow-java-encodingscreateMessage
|
unknown
|
||
|
http://xml.apache.org/xalan/features/optimize
|
unknown
|
||
|
http://hs4.hamsphere.com/copyremoterig.phpunderlineInterrupted15mipError:
|
unknown
|
||
|
http://exslt.org/common
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/drem
|
unknown
|
||
|
http://www.excelsior-usa.comUnknown
|
unknown
|
||
|
http://apache.org/xml/features/scanner/notify-builtin-refsNom
|
unknown
|
||
|
http://apache.org/xml/properties/La
|
unknown
|
||
|
http://xml.apache.org/xalan/features/incrementalD
|
unknown
|
||
|
http://apache.org/xml/features/feature-read-only$
|
unknown
|
||
|
http://www.entrust.net/CRL/net1.crl0
|
unknown
|
||
|
http://xml.org/sax/features/string-interningfeature
|
unknown
|
||
|
http://xml.apache.orggoto_w
|
unknown
|
||
|
http://apache.org/xml/features/xinclude/fixup-languageTentative
|
unknown
|
||
|
http://apache.org/xml/properties/internal/validator/dtdxmlStructure
|
unknown
|
||
|
http://javax.xml.transform.stream.StreamSource/featurefconstElaborazione
|
unknown
|
||
|
http://ws-i.org/profiles/basic/1.1/swaref.xsdcom.sun.xml.internal.messaging.saaj.soap.ver1_1--%M-%D%
|
unknown
|
||
|
http://xml.org/sax/features/namespacesCe
|
unknown
|
||
|
http://xml.org/sax/features/true-not-supported
|
unknown
|
||
|
http://apache.org/xml/properties/internal/datatype-validator-factorysystemSuffixN.
|
unknown
|
||
|
http://apache.org/xml/serializerSYNTAXE
|
unknown
|
||
|
http://xml.apache.org/xalan/java
|
unknown
|
||
|
http://xml.apache.org/xslt
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema/normalized-valueApache
|
unknown
|
||
|
http://www.oracle.com/technetwork/java/javase/documentation/index.html
|
unknown
|
||
|
http://javax.xml.transform.dom.DOMResult/featureObjet
|
unknown
|
||
|
http://apache.org/xml/properties/internal/validation/schema/dv-factorygetChildren
|
unknown
|
||
|
http://apache.org/xml/features/validate-annotationsN
|
unknown
|
||
|
http://apache.org/xml/features/standard-uri-conformantThe
|
unknown
|
||
|
http://jvnet.org/fastinfoset/parser/properties/force-stream-closereadOnce()
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalStylesheetNo
|
unknown
|
||
|
http://www.excelsior-usa.comjava.vendor.urlSun-Oracle
|
unknown
|
||
|
http://apache.org/xml/features/xinclude
|
unknown
|
||
|
https://hs50.hamsphere.com?externall
|
unknown
|
||
|
http://www.alphaworks.ibm.com/formula/xmlNull
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema-full-checking
|
unknown
|
||
|
http://xml.apache.org/xalan:nodesetXRTreeFragSelectWrapper
|
unknown
|
||
|
http://hs4.hamsphere.com/renameremoterig.php4.010aLSBENTmozilla
|
unknown
|
||
|
http://xml.org/sax/features/allow-dtd-events-after-endDTDEmpty
|
unknown
|
||
|
http://xml.apache.org/xalan/xsltcISO-IR-149ISO-IR-148ISO-IR-144DTMLiaison
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/reader-in-defined-state
|
unknown
|
||
|
http://xml.org/sax/features/use-entity-resolver2com.sun.org.apache.xerces.internal.impl.dv.dtd.XML11
|
unknown
|
||
|
http://apache.org/xml/features/namespace-growthdetach()
|
unknown
|
||
|
http://java.sun.com/dtd/preferences.dtd.
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://hs4.hamsphere.com/getremotenames.php
|
62.210.190.21
|
||
|
http://jvnet.org/fastinfoset/parser/properties/buffer-sizeNull
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/versioncom.sun.xml.internal.bind.xmlHeadersgotomessage.deco
|
unknown
|
||
|
http://www.oracle.com/technetwork/java/javase/documentation/index.html.pashtoAustralia/QueenslandTon
|
unknown
|
||
|
http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt
|
unknown
|
||
|
http://apache.org/xml/features/validation/warn-on-undeclared-elemdefErforderliches
|
unknown
|
||
|
http://xml.apache.org/xalan/PipeDocumentIl
|
unknown
|
||
|
http://hs4.hamsphere.com/ge
|
unknown
|
||
|
http://xml.apache.org/xslt/javaISO_8859-3ISO_8859-2ResolverISO_8859-1Errore
|
unknown
|
||
|
http://xml.apache.org/xalan-jNot
|
unknown
|
||
|
http://jvnet.org/fastinfoset/parser/properties/registered-encoding-algorithmslocalNameCouldn
|
unknown
|
||
|
http://xml.org/sax/features/validationAxis
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalDTDFailed
|
unknown
|
||
|
http://javax.xml.transform.dom.DOMSource/featurez
|
unknown
|
||
|
http://shop.hamsphere.comASSEMBLY(1):
|
unknown
|
||
|
http://shop.hamsphere.com/advanced_search_result.php?keywords=Select
|
unknown
|
||
|
https://www.certum.pl/CPS0
|
unknown
|
||
|
http://apache.org/xml/properties/security-managerV
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/ignore-external-dtdparser.atom.4
|
unknown
|
||
|
http://java.sun.com/xml/schema/features/report-ignored-element-content-whitespaceEn
|
unknown
|
||
|
http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtdFragment
|
unknown
|
||
|
http://apache.org/xml/properties/internal/symbol-table
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/CipherData.getDataType()
|
unknown
|
||
|
http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocationER_XMLRDR_NOT_BEFORE_START
|
unknown
|
||
|
http://exslt.org/stringsXalan:
|
unknown
|
||
|
https://hs50.hamsphere.com?external
|
unknown
|
||
|
http://xml.org/sax/features/external-general-entitiesImpossible
|
unknown
|
||
|
http://exslt.org/common:nodeSetIl
|
unknown
|
||
|
https://hs50.hamsphere.com?external8
|
unknown
|
||
|
http://apache.org/xml/features/create-cdata-nodesoptionXXoptionXTAsserzione
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
hs4.hamsphere.com
|
62.210.190.21
|
||
|
hs40.hamsphere.com
|
62.210.190.21
|
||
|
241.42.69.40.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
62.210.190.21
|
hs4.hamsphere.com
|
France
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\HamSphere\HamSphere_4.010a
|
InstallPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HamSphere__0
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HamSphere__0
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HamSphere__0
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer
|
GlobalAssocChangedCounter
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7840000
|
direct allocation
|
page execute and read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
152BE000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
48C7000
|
stack
|
page read and write
|
||
|
4BD000
|
unkown
|
page readonly
|
||
|
1650C000
|
direct allocation
|
page read and write
|
||
|
14E0F000
|
unkown
|
page readonly
|
||
|
1762000
|
heap
|
page read and write
|
||
|
4D22000
|
direct allocation
|
page read and write
|
||
|
6E6F2000
|
unkown
|
page readonly
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
14F00000
|
unkown
|
page readonly
|
||
|
1336A000
|
unkown
|
page write copy
|
||
|
1327E000
|
unkown
|
page write copy
|
||
|
4CD8000
|
direct allocation
|
page read and write
|
||
|
13E97000
|
unkown
|
page read and write
|
||
|
32C7000
|
heap
|
page read and write
|
||
|
15201000
|
unkown
|
page execute read
|
||
|
16600000
|
direct allocation
|
page read and write
|
||
|
676000
|
heap
|
page read and write
|
||
|
40A4000
|
direct allocation
|
page read and write
|
||
|
16888000
|
direct allocation
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
947E000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
8A5E000
|
stack
|
page read and write
|
||
|
3FAE000
|
stack
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
8F32000
|
unkown
|
page readonly
|
||
|
4104000
|
direct allocation
|
page read and write
|
||
|
16053000
|
unkown
|
page read and write
|
||
|
4104000
|
direct allocation
|
page read and write
|
||
|
167BC000
|
direct allocation
|
page read and write
|
||
|
24AD000
|
unkown
|
page read and write
|
||
|
4CC2000
|
direct allocation
|
page read and write
|
||
|
2FE1000
|
heap
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
313F000
|
heap
|
page read and write
|
||
|
6C7BE000
|
unkown
|
page readonly
|
||
|
666000
|
heap
|
page read and write
|
||
|
16160000
|
unkown
|
page read and write
|
||
|
4D22000
|
direct allocation
|
page read and write
|
||
|
1546E000
|
unkown
|
page write copy
|
||
|
312C000
|
heap
|
page read and write
|
||
|
13722000
|
unkown
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
16C5000
|
heap
|
page read and write
|
||
|
14E1A000
|
unkown
|
page readonly
|
||
|
664000
|
heap
|
page read and write
|
||
|
15E45000
|
unkown
|
page write copy
|
||
|
40BE000
|
direct allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
13735000
|
unkown
|
page read and write
|
||
|
3371000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
167A0000
|
direct allocation
|
page read and write
|
||
|
16A08000
|
direct allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
166F4000
|
direct allocation
|
page read and write
|
||
|
DC7000
|
stack
|
page read and write
|
||
|
4CE9000
|
direct allocation
|
page read and write
|
||
|
2C49000
|
unkown
|
page read and write
|
||
|
14D00000
|
unkown
|
page readonly
|
||
|
4D30000
|
direct allocation
|
page read and write
|
||
|
422F000
|
stack
|
page read and write
|
||
|
BCE000
|
heap
|
page read and write
|
||
|
2B0E000
|
unkown
|
page write copy
|
||
|
6FD9E000
|
unkown
|
page readonly
|
||
|
1503F000
|
unkown
|
page read and write
|
||
|
16068000
|
unkown
|
page write copy
|
||
|
16798000
|
direct allocation
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
40AC000
|
direct allocation
|
page read and write
|
||
|
257D000
|
unkown
|
page read and write
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
633000
|
heap
|
page read and write
|
||
|
6EAE0000
|
unkown
|
page readonly
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
651000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
14DD3000
|
unkown
|
page read and write
|
||
|
15200000
|
unkown
|
page readonly
|
||
|
6EAF3000
|
unkown
|
page readonly
|
||
|
4D15000
|
direct allocation
|
page read and write
|
||
|
34FF000
|
heap
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
3371000
|
heap
|
page read and write
|
||
|
15064000
|
unkown
|
page readonly
|
||
|
8E95000
|
unkown
|
page write copy
|
||
|
341A000
|
heap
|
page read and write
|
||
|
3B75000
|
heap
|
page read and write
|
||
|
24A2000
|
unkown
|
page read and write
|
||
|
1658C000
|
direct allocation
|
page read and write
|
||
|
4CC4000
|
direct allocation
|
page read and write
|
||
|
165D0000
|
direct allocation
|
page read and write
|
||
|
259F000
|
unkown
|
page readonly
|
||
|
167CC000
|
direct allocation
|
page read and write
|
||
|
152DE000
|
unkown
|
page read and write
|
||
|
168C4000
|
direct allocation
|
page read and write
|
||
|
BC7000
|
heap
|
page read and write
|
||
|
7527000
|
unkown
|
page read and write
|
||
|
4CD6000
|
direct allocation
|
page read and write
|
||
|
1698C000
|
direct allocation
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
4DEC000
|
stack
|
page read and write
|
||
|
16604000
|
direct allocation
|
page read and write
|
||
|
1604C000
|
unkown
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
5BD000
|
heap
|
page read and write
|
||
|
14F4F000
|
unkown
|
page write copy
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
2FE2000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
8C97000
|
direct allocation
|
page read and write
|
||
|
1759000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
16146000
|
unkown
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
177A000
|
heap
|
page read and write
|
||
|
14D01000
|
unkown
|
page execute read
|
||
|
35FC000
|
heap
|
page read and write
|
||
|
34F4000
|
heap
|
page read and write
|
||
|
15081000
|
unkown
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
959E000
|
stack
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
4D24000
|
direct allocation
|
page read and write
|
||
|
16844000
|
direct allocation
|
page read and write
|
||
|
3A6E000
|
heap
|
page read and write
|
||
|
15E4C000
|
unkown
|
page read and write
|
||
|
1785000
|
heap
|
page read and write
|
||
|
4D82000
|
heap
|
page read and write
|
||
|
6EAE1000
|
unkown
|
page execute read
|
||
|
16834000
|
direct allocation
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
4CCC000
|
direct allocation
|
page read and write
|
||
|
35E7000
|
heap
|
page read and write
|
||
|
168B4000
|
direct allocation
|
page read and write
|
||
|
21E1000
|
unkown
|
page execute read
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
6B08000
|
heap
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
752B000
|
unkown
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
3128000
|
heap
|
page read and write
|
||
|
13277000
|
unkown
|
page read and write
|
||
|
67E1000
|
heap
|
page read and write
|
||
|
414E000
|
stack
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
4ECA000
|
stack
|
page read and write
|
||
|
15000000
|
unkown
|
page readonly
|
||
|
177A000
|
heap
|
page read and write
|
||
|
4CB8000
|
direct allocation
|
page read and write
|
||
|
4CBC000
|
direct allocation
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
31D1000
|
heap
|
page read and write
|
||
|
4D1A000
|
direct allocation
|
page read and write
|
||
|
167F4000
|
direct allocation
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
8E66000
|
unkown
|
page read and write
|
||
|
6B9C000
|
heap
|
page read and write
|
||
|
6FD80000
|
unkown
|
page readonly
|
||
|
134A4000
|
unkown
|
page read and write
|
||
|
3128000
|
heap
|
page read and write
|
||
|
45AF000
|
stack
|
page read and write
|
||
|
167C4000
|
direct allocation
|
page read and write
|
||
|
8B3F000
|
stack
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
8850000
|
heap
|
page read and write
|
||
|
2FD2000
|
heap
|
page read and write
|
||
|
1605A000
|
unkown
|
page write copy
|
||
|
14DB8000
|
unkown
|
page write copy
|
||
|
679000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
16051000
|
unkown
|
page write copy
|
||
|
65E000
|
heap
|
page read and write
|
||
|
23F0000
|
unkown
|
page write copy
|
||
|
4287000
|
heap
|
page read and write
|
||
|
15DD9000
|
unkown
|
page write copy
|
||
|
40AC000
|
direct allocation
|
page read and write
|
||
|
16700000
|
direct allocation
|
page read and write
|
||
|
40FC000
|
direct allocation
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
6C7F1000
|
unkown
|
page execute read
|
||
|
168EC000
|
direct allocation
|
page read and write
|
||
|
2CB9000
|
unkown
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
40A4000
|
direct allocation
|
page read and write
|
||
|
3267000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
4D24000
|
direct allocation
|
page read and write
|
||
|
2411000
|
unkown
|
page write copy
|
||
|
4ABE000
|
stack
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
4816000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
2B1D000
|
unkown
|
page write copy
|
||
|
4CBE000
|
direct allocation
|
page read and write
|
||
|
1505A000
|
unkown
|
page read and write
|
||
|
16820000
|
direct allocation
|
page read and write
|
||
|
629000
|
heap
|
page read and write
|
||
|
7397D000
|
unkown
|
page readonly
|
||
|
4D14000
|
direct allocation
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
15469000
|
unkown
|
page write copy
|
||
|
31E8000
|
heap
|
page read and write
|
||
|
2B11000
|
unkown
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
16818000
|
direct allocation
|
page read and write
|
||
|
593000
|
unkown
|
page readonly
|
||
|
666000
|
heap
|
page read and write
|
||
|
1545000
|
heap
|
page read and write
|
||
|
765F000
|
stack
|
page read and write
|
||
|
134F6000
|
unkown
|
page read and write
|
||
|
71B1000
|
unkown
|
page execute read
|
||
|
34B2000
|
heap
|
page read and write
|
||
|
334C000
|
heap
|
page read and write
|
||
|
29CE000
|
unkown
|
page read and write
|
||
|
31E2000
|
heap
|
page read and write
|
||
|
133F9000
|
unkown
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
6E6EC000
|
unkown
|
page readonly
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
528000
|
unkown
|
page readonly
|
||
|
489000
|
unkown
|
page write copy
|
||
|
8DB1000
|
unkown
|
page execute read
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
14DAE000
|
unkown
|
page write copy
|
||
|
167B4000
|
direct allocation
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
6C792000
|
unkown
|
page read and write
|
||
|
1603A000
|
unkown
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
16814000
|
direct allocation
|
page read and write
|
||
|
46CF000
|
stack
|
page read and write
|
||
|
3A5E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3170000
|
heap
|
page read and write
|
||
|
1681C000
|
direct allocation
|
page read and write
|
||
|
6FC45000
|
unkown
|
page readonly
|
||
|
4090000
|
direct allocation
|
page read and write
|
||
|
13580000
|
unkown
|
page read and write
|
||
|
658000
|
heap
|
page read and write
|
||
|
1785000
|
heap
|
page read and write
|
||
|
2C2F000
|
unkown
|
page read and write
|
||
|
4CD2000
|
direct allocation
|
page read and write
|
||
|
16004000
|
unkown
|
page write copy
|
||
|
4D7F000
|
stack
|
page read and write
|
||
|
31CE000
|
heap
|
page read and write
|
||
|
14F79000
|
unkown
|
page read and write
|
||
|
40BE000
|
direct allocation
|
page read and write
|
||
|
4BBA000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
175D000
|
heap
|
page read and write
|
||
|
35CA000
|
heap
|
page read and write
|
||
|
168B8000
|
direct allocation
|
page read and write
|
||
|
885B000
|
heap
|
page read and write
|
||
|
6C7F0000
|
unkown
|
page readonly
|
||
|
1680000
|
heap
|
page read and write
|
||
|
1684C000
|
direct allocation
|
page read and write
|
||
|
165A0000
|
direct allocation
|
page read and write
|
||
|
FC3000
|
unkown
|
page readonly
|
||
|
16032000
|
unkown
|
page write copy
|
||
|
6E6E0000
|
unkown
|
page readonly
|
||
|
17C2000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
6FC44000
|
unkown
|
page read and write
|
||
|
3137000
|
heap
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
167C7000
|
direct allocation
|
page read and write
|
||
|
3E71000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
168C8000
|
direct allocation
|
page read and write
|
||
|
153B4000
|
unkown
|
page read and write
|
||
|
41C0000
|
trusted library allocation
|
page read and write
|
||
|
167B8000
|
direct allocation
|
page read and write
|
||
|
16062000
|
unkown
|
page write copy
|
||
|
40F8000
|
direct allocation
|
page read and write
|
||
|
A100000
|
heap
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
134EB000
|
unkown
|
page write copy
|
||
|
73970000
|
unkown
|
page readonly
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
2CAD000
|
unkown
|
page read and write
|
||
|
152C2000
|
unkown
|
page write copy
|
||
|
6EAEE000
|
unkown
|
page readonly
|
||
|
2FD7000
|
heap
|
page read and write
|
||
|
967F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
15FD8000
|
unkown
|
page write copy
|
||
|
49FF000
|
stack
|
page read and write
|
||
|
31E1000
|
heap
|
page read and write
|
||
|
7397C000
|
unkown
|
page read and write
|
||
|
4CCD000
|
direct allocation
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
24B9000
|
unkown
|
page read and write
|
||
|
14FF000
|
stack
|
page read and write
|
||
|
152E0000
|
unkown
|
page write copy
|
||
|
14F3F000
|
unkown
|
page read and write
|
||
|
16858000
|
direct allocation
|
page read and write
|
||
|
312E000
|
heap
|
page read and write
|
||
|
134B1000
|
unkown
|
page read and write
|
||
|
16054000
|
unkown
|
page write copy
|
||
|
664000
|
heap
|
page read and write
|
||
|
528000
|
unkown
|
page readonly
|
||
|
35EA000
|
heap
|
page read and write
|
||
|
166D8000
|
direct allocation
|
page read and write
|
||
|
7433000
|
unkown
|
page write copy
|
||
|
1697C000
|
direct allocation
|
page read and write
|
||
|
14F4C000
|
unkown
|
page read and write
|
||
|
5B9000
|
heap
|
page read and write
|
||
|
15001000
|
unkown
|
page execute read
|
||
|
4C5E000
|
stack
|
page read and write
|
||
|
1548A000
|
unkown
|
page readonly
|
||
|
3171000
|
heap
|
page read and write
|
||
|
15E43000
|
unkown
|
page read and write
|
||
|
73FF000
|
unkown
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
16640000
|
direct allocation
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
1373B000
|
unkown
|
page readonly
|
||
|
40A2000
|
direct allocation
|
page read and write
|
||
|
16560000
|
direct allocation
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
24DB000
|
unkown
|
page readonly
|
||
|
1547C000
|
unkown
|
page read and write
|
||
|
51B0000
|
direct allocation
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
13694000
|
unkown
|
page read and write
|
||
|
1106000
|
unkown
|
page readonly
|
||
|
3189000
|
heap
|
page read and write
|
||
|
62DF000
|
stack
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
1759000
|
heap
|
page read and write
|
||
|
1657C000
|
direct allocation
|
page read and write
|
||
|
16151000
|
unkown
|
page read and write
|
||
|
67EA000
|
heap
|
page read and write
|
||
|
168A4000
|
direct allocation
|
page read and write
|
||
|
1799000
|
heap
|
page read and write
|
||
|
1653000
|
heap
|
page read and write
|
||
|
31DB000
|
heap
|
page read and write
|
||
|
40FA000
|
direct allocation
|
page read and write
|
||
|
154B8000
|
unkown
|
page readonly
|
||
|
6FC40000
|
unkown
|
page readonly
|
||
|
63B000
|
heap
|
page read and write
|
||
|
67DC000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2FE3000
|
heap
|
page read and write
|
||
|
885F000
|
heap
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
FC4000
|
unkown
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
1504F000
|
unkown
|
page write copy
|
||
|
4CC0000
|
direct allocation
|
page read and write
|
||
|
3222000
|
heap
|
page read and write
|
||
|
40B2000
|
direct allocation
|
page read and write
|
||
|
4CB6000
|
direct allocation
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
651C000
|
stack
|
page read and write
|
||
|
8884000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
6C8C3000
|
unkown
|
page read and write
|
||
|
177A000
|
heap
|
page read and write
|
||
|
14DB6000
|
unkown
|
page read and write
|
||
|
165C4000
|
direct allocation
|
page read and write
|
||
|
13508000
|
unkown
|
page read and write
|
||
|
641000
|
heap
|
page read and write
|
||
|
4280000
|
heap
|
page read and write
|
||
|
3B94000
|
direct allocation
|
page read and write
|
||
|
3561000
|
heap
|
page read and write
|
||
|
164F000
|
stack
|
page read and write
|
||
|
15FDF000
|
unkown
|
page read and write
|
||
|
3567000
|
heap
|
page read and write
|
||
|
166EC000
|
direct allocation
|
page read and write
|
||
|
3371000
|
heap
|
page read and write
|
||
|
168C0000
|
direct allocation
|
page read and write
|
||
|
6C802000
|
unkown
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
2CB5000
|
unkown
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
15400000
|
unkown
|
page readonly
|
||
|
73977000
|
unkown
|
page readonly
|
||
|
1762000
|
heap
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
16700000
|
direct allocation
|
page read and write
|
||
|
6C7FC000
|
unkown
|
page readonly
|
||
|
31E1000
|
heap
|
page read and write
|
||
|
133F0000
|
unkown
|
page write copy
|
||
|
14D9C000
|
unkown
|
page read and write
|
||
|
152D8000
|
unkown
|
page write copy
|
||
|
6B7A000
|
heap
|
page read and write
|
||
|
16704000
|
direct allocation
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
69F2000
|
heap
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
2415000
|
unkown
|
page read and write
|
||
|
16864000
|
direct allocation
|
page read and write
|
||
|
4D17000
|
direct allocation
|
page read and write
|
||
|
6E6E1000
|
unkown
|
page execute read
|
||
|
6260000
|
heap
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
43AE000
|
stack
|
page read and write
|
||
|
13471000
|
unkown
|
page write copy
|
||
|
134EE000
|
unkown
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
15363000
|
unkown
|
page read and write
|
||
|
3E70000
|
heap
|
page read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
1603B000
|
unkown
|
page write copy
|
||
|
666000
|
heap
|
page read and write
|
||
|
6C6A1000
|
unkown
|
page execute read
|
||
|
8F1E000
|
unkown
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
15360000
|
unkown
|
page read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
14DD1000
|
unkown
|
page read and write
|
||
|
1670C000
|
direct allocation
|
page read and write
|
||
|
943F000
|
stack
|
page read and write
|
||
|
21E0000
|
unkown
|
page readonly
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
1662C000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
4CB2000
|
direct allocation
|
page read and write
|
||
|
4CD6000
|
direct allocation
|
page read and write
|
||
|
662000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
40B8000
|
direct allocation
|
page read and write
|
||
|
64B000
|
heap
|
page read and write
|
||
|
13E98000
|
unkown
|
page readonly
|
||
|
4CD0000
|
direct allocation
|
page read and write
|
||
|
25D0000
|
unkown
|
page readonly
|
||
|
679000
|
heap
|
page read and write
|
||
|
2FD8000
|
heap
|
page read and write
|
||
|
15701000
|
unkown
|
page execute read
|
||
|
13727000
|
unkown
|
page read and write
|
||
|
177A000
|
heap
|
page read and write
|
||
|
14DAD000
|
unkown
|
page read and write
|
||
|
3512000
|
heap
|
page read and write
|
||
|
16514000
|
direct allocation
|
page read and write
|
||
|
490E000
|
stack
|
page read and write
|
||
|
2C56000
|
unkown
|
page read and write
|
||
|
166E4000
|
direct allocation
|
page read and write
|
||
|
4D3D000
|
direct allocation
|
page read and write
|
||
|
177A000
|
heap
|
page read and write
|
||
|
153BF000
|
unkown
|
page readonly
|
||
|
6EAF2000
|
unkown
|
page read and write
|
||
|
631000
|
heap
|
page read and write
|
||
|
40FE000
|
direct allocation
|
page read and write
|
||
|
649000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
15087000
|
unkown
|
page readonly
|
||
|
153C9000
|
unkown
|
page readonly
|
||
|
16634000
|
direct allocation
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
4D22000
|
direct allocation
|
page read and write
|
||
|
1605B000
|
unkown
|
page read and write
|
||
|
362F000
|
heap
|
page read and write
|
||
|
2B01000
|
unkown
|
page read and write
|
||
|
6C6A0000
|
unkown
|
page readonly
|
||
|
35D8000
|
heap
|
page read and write
|
||
|
6FDF1000
|
unkown
|
page execute read
|
||
|
173A000
|
heap
|
page read and write
|
||
|
1546A000
|
unkown
|
page read and write
|
||
|
15DD8000
|
unkown
|
page read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
FC0000
|
unkown
|
page readonly
|
||
|
40A4000
|
direct allocation
|
page read and write
|
||
|
484E000
|
stack
|
page read and write
|
||
|
14F01000
|
unkown
|
page execute read
|
||
|
167A4000
|
direct allocation
|
page read and write
|
||
|
8E8E000
|
unkown
|
page write copy
|
||
|
40B6000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
588000
|
unkown
|
page read and write
|
||
|
168E4000
|
direct allocation
|
page read and write
|
||
|
88C1000
|
heap
|
page read and write
|
||
|
1680C000
|
direct allocation
|
page read and write
|
||
|
16824000
|
direct allocation
|
page read and write
|
||
|
3179000
|
heap
|
page read and write
|
||
|
6FDA3000
|
unkown
|
page readonly
|
||
|
3187000
|
heap
|
page read and write
|
||
|
3267000
|
heap
|
page read and write
|
||
|
16008000
|
unkown
|
page read and write
|
||
|
4A0000
|
unkown
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
67E4000
|
heap
|
page read and write
|
||
|
16874000
|
direct allocation
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
8F25000
|
unkown
|
page read and write
|
||
|
13510000
|
unkown
|
page read and write
|
||
|
154BF000
|
unkown
|
page readonly
|
||
|
3187000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
31D5000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
633000
|
heap
|
page read and write
|
||
|
7450000
|
unkown
|
page read and write
|
||
|
14F40000
|
unkown
|
page write copy
|
||
|
31C8000
|
heap
|
page read and write
|
||
|
1785000
|
heap
|
page read and write
|
||
|
40FC000
|
direct allocation
|
page read and write
|
||
|
168A7000
|
direct allocation
|
page read and write
|
||
|
13344000
|
unkown
|
page read and write
|
||
|
40BE000
|
direct allocation
|
page read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
16510000
|
direct allocation
|
page read and write
|
||
|
12C01000
|
unkown
|
page execute read
|
||
|
166FC000
|
direct allocation
|
page read and write
|
||
|
4CD2000
|
direct allocation
|
page read and write
|
||
|
2CB2000
|
unkown
|
page read and write
|
||
|
31C5000
|
heap
|
page read and write
|
||
|
2AF4000
|
unkown
|
page write copy
|
||
|
40FE000
|
direct allocation
|
page read and write
|
||
|
318E000
|
heap
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
17C2000
|
heap
|
page read and write
|
||
|
168B0000
|
direct allocation
|
page read and write
|
||
|
14F57000
|
unkown
|
page read and write
|
||
|
3125000
|
heap
|
page read and write
|
||
|
44CE000
|
stack
|
page read and write
|
||
|
40E8000
|
direct allocation
|
page read and write
|
||
|
321F000
|
heap
|
page read and write
|
||
|
1783000
|
heap
|
page read and write
|
||
|
2FE3000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
8C5F000
|
stack
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
14DB5000
|
unkown
|
page write copy
|
||
|
16704000
|
direct allocation
|
page read and write
|
||
|
4CCC000
|
direct allocation
|
page read and write
|
||
|
410A000
|
direct allocation
|
page read and write
|
||
|
13279000
|
unkown
|
page write copy
|
||
|
168D0000
|
direct allocation
|
page read and write
|
||
|
6982000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
16428000
|
unkown
|
page readonly
|
||
|
15FD9000
|
unkown
|
page read and write
|
||
|
167AB000
|
direct allocation
|
page read and write
|
||
|
24C8000
|
unkown
|
page read and write
|
||
|
1684C000
|
direct allocation
|
page read and write
|
||
|
16874000
|
direct allocation
|
page read and write
|
||
|
4CB1000
|
direct allocation
|
page read and write
|
||
|
3E6F000
|
stack
|
page read and write
|
||
|
136D4000
|
unkown
|
page read and write
|
||
|
31AF000
|
heap
|
page read and write
|
||
|
4FEF000
|
stack
|
page read and write
|
||
|
4BBE000
|
stack
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
325F000
|
heap
|
page read and write
|
||
|
17B000
|
stack
|
page read and write
|
||
|
14F83000
|
unkown
|
page readonly
|
||
|
645000
|
heap
|
page read and write
|
||
|
6FE17000
|
unkown
|
page readonly
|
||
|
1336B000
|
unkown
|
page read and write
|
||
|
593000
|
unkown
|
page readonly
|
||
|
4ADF000
|
stack
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
40FA000
|
direct allocation
|
page read and write
|
||
|
6C8C5000
|
unkown
|
page write copy
|
||
|
16035000
|
unkown
|
page read and write
|
||
|
FC0000
|
unkown
|
page readonly
|
||
|
166C4000
|
direct allocation
|
page read and write
|
||
|
35BD000
|
heap
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
4104000
|
direct allocation
|
page read and write
|
||
|
15401000
|
unkown
|
page execute read
|
||
|
66D000
|
heap
|
page read and write
|
||
|
2589000
|
unkown
|
page readonly
|
||
|
641B000
|
stack
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
14F41000
|
unkown
|
page read and write
|
||
|
16058000
|
unkown
|
page read and write
|
||
|
177A000
|
heap
|
page read and write
|
||
|
165F8000
|
direct allocation
|
page read and write
|
||
|
177A000
|
heap
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
16894000
|
direct allocation
|
page read and write
|
||
|
2EE1000
|
unkown
|
page readonly
|
||
|
3371000
|
heap
|
page read and write
|
||
|
3564000
|
heap
|
page read and write
|
||
|
2C95000
|
unkown
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page read and write
|
||
|
16888000
|
direct allocation
|
page read and write
|
||
|
6FE1E000
|
unkown
|
page readonly
|
||
|
8880000
|
heap
|
page read and write
|
||
|
1536C000
|
unkown
|
page readonly
|
||
|
168DC000
|
direct allocation
|
page read and write
|
||
|
25D1000
|
unkown
|
page execute read
|
||
|
3171000
|
heap
|
page read and write
|
||
|
15700000
|
unkown
|
page readonly
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
752C000
|
unkown
|
page readonly
|
||
|
16600000
|
direct allocation
|
page read and write
|
||
|
6A86000
|
heap
|
page read and write
|
||
|
2FD5000
|
heap
|
page read and write
|
||
|
8EB7000
|
unkown
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
1603D000
|
unkown
|
page read and write
|
||
|
2410000
|
unkown
|
page read and write
|
||
|
4CD2000
|
direct allocation
|
page read and write
|
||
|
8ED1000
|
unkown
|
page readonly
|
||
|
2B0C000
|
unkown
|
page read and write
|
||
|
14DD5000
|
unkown
|
page readonly
|
||
|
15FDD000
|
unkown
|
page write copy
|
||
|
FC3000
|
unkown
|
page readonly
|
||
|
16634000
|
direct allocation
|
page read and write
|
||
|
3371000
|
heap
|
page read and write
|
||
|
1371C000
|
unkown
|
page read and write
|
||
|
3241000
|
heap
|
page read and write
|
||
|
14DA4000
|
unkown
|
page write copy
|
||
|
1606B000
|
unkown
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
16890000
|
direct allocation
|
page read and write
|
||
|
165DC000
|
direct allocation
|
page read and write
|
||
|
168B4000
|
direct allocation
|
page read and write
|
||
|
8DB0000
|
unkown
|
page readonly
|
||
|
61B0000
|
direct allocation
|
page execute and read and write
|
||
|
167C0000
|
direct allocation
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
166E8000
|
direct allocation
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
6FDF0000
|
unkown
|
page readonly
|
||
|
8F26000
|
unkown
|
page readonly
|
||
|
7740000
|
direct allocation
|
page read and write
|
||
|
1677C000
|
direct allocation
|
page read and write
|
||
|
16137000
|
unkown
|
page read and write
|
||
|
15356000
|
unkown
|
page read and write
|
||
|
16890000
|
direct allocation
|
page read and write
|
||
|
6FE21000
|
unkown
|
page execute read
|
||
|
15F88000
|
unkown
|
page read and write
|
||
|
31C2000
|
heap
|
page read and write
|
||
|
168D4000
|
direct allocation
|
page read and write
|
||
|
3179000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
16824000
|
direct allocation
|
page read and write
|
||
|
9900000
|
trusted library allocation
|
page read and write
|
||
|
168E8000
|
direct allocation
|
page read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
239A000
|
unkown
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
14F7E000
|
unkown
|
page readonly
|
||
|
6FE1D000
|
unkown
|
page read and write
|
||
|
1327D000
|
unkown
|
page read and write
|
||
|
3E74000
|
heap
|
page read and write
|
||
|
8A1E000
|
stack
|
page read and write
|
||
|
4914000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
1508C000
|
unkown
|
page readonly
|
||
|
6C8C8000
|
unkown
|
page readonly
|
||
|
646000
|
heap
|
page read and write
|
||
|
676000
|
heap
|
page read and write
|
||
|
88B8000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
167CC000
|
direct allocation
|
page read and write
|
||
|
168AC000
|
direct allocation
|
page read and write
|
||
|
321F000
|
heap
|
page read and write
|
||
|
955F000
|
stack
|
page read and write
|
||
|
40B8000
|
direct allocation
|
page read and write
|
||
|
167AB000
|
direct allocation
|
page read and write
|
||
|
6FC41000
|
unkown
|
page execute read
|
||
|
8855000
|
heap
|
page read and write
|
||
|
35F2000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
13472000
|
unkown
|
page read and write
|
||
|
4CCE000
|
direct allocation
|
page read and write
|
||
|
6901000
|
heap
|
page read and write
|
||
|
167AB000
|
direct allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
166F0000
|
direct allocation
|
page read and write
|
||
|
9800000
|
direct allocation
|
page read and write
|
||
|
14DB1000
|
unkown
|
page write copy
|
||
|
1504E000
|
unkown
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
588000
|
unkown
|
page write copy
|
||
|
6EAF1000
|
unkown
|
page write copy
|
||
|
14DC0000
|
unkown
|
page write copy
|
||
|
15F85000
|
unkown
|
page write copy
|
||
|
2B07000
|
unkown
|
page write copy
|
||
|
3571000
|
heap
|
page read and write
|
||
|
3447000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
167B0000
|
direct allocation
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
67D3000
|
heap
|
page read and write
|
||
|
6E6F1000
|
unkown
|
page read and write
|
||
|
4CD6000
|
direct allocation
|
page read and write
|
||
|
4CC6000
|
direct allocation
|
page read and write
|
||
|
241A000
|
unkown
|
page write copy
|
||
|
71B0000
|
unkown
|
page readonly
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
16494000
|
unkown
|
page readonly
|
||
|
66D000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
317E000
|
heap
|
page read and write
|
||
|
14F61000
|
unkown
|
page readonly
|
||
|
152EE000
|
unkown
|
page write copy
|
||
|
426E000
|
stack
|
page read and write
|
||
|
16036000
|
unkown
|
page write copy
|
||
|
1662C000
|
direct allocation
|
page read and write
|
||
|
1680C000
|
direct allocation
|
page read and write
|
||
|
4A0000
|
unkown
|
page write copy
|
||
|
167F4000
|
direct allocation
|
page read and write
|
||
|
40F8000
|
direct allocation
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
436F000
|
stack
|
page read and write
|
||
|
2E89000
|
unkown
|
page readonly
|
||
|
16614000
|
direct allocation
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
40B6000
|
direct allocation
|
page read and write
|
||
|
40C9000
|
direct allocation
|
page read and write
|
||
|
12C00000
|
unkown
|
page readonly
|
||
|
14DBC000
|
unkown
|
page read and write
|
||
|
170E000
|
stack
|
page read and write
|
||
|
1604B000
|
unkown
|
page write copy
|
||
|
35D2000
|
heap
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
1783000
|
heap
|
page read and write
|
||
|
14DAF000
|
unkown
|
page read and write
|
||
|
1641C000
|
unkown
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
24AF000
|
unkown
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
40B8000
|
direct allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
168D4000
|
direct allocation
|
page read and write
|
||
|
3371000
|
heap
|
page read and write
|
||
|
2B20000
|
unkown
|
page write copy
|
||
|
3611000
|
heap
|
page read and write
|
||
|
61EE000
|
heap
|
page read and write
|
||
|
16504000
|
direct allocation
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
6C810000
|
unkown
|
page readonly
|
||
|
14E0B000
|
unkown
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
1616A000
|
unkown
|
page readonly
|
||
|
17C2000
|
heap
|
page read and write
|
||
|
6FE54000
|
unkown
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
134AD000
|
unkown
|
page write copy
|
||
|
7570000
|
unkown
|
page readonly
|
||
|
488E000
|
stack
|
page read and write
|
||
|
31E1000
|
heap
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
5190000
|
heap
|
page read and write
|
||
|
35F4000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
448F000
|
stack
|
page read and write
|
||
|
3189000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
24B4000
|
unkown
|
page read and write
|
||
|
6FE3E000
|
unkown
|
page readonly
|
||
|
63B000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
16814000
|
direct allocation
|
page read and write
|
||
|
ECB000
|
stack
|
page read and write
|
||
|
2CAA000
|
unkown
|
page read and write
|
||
|
4910000
|
heap
|
page read and write
|
||
|
4D82000
|
heap
|
page read and write
|
||
|
16818000
|
direct allocation
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
31E1000
|
heap
|
page read and write
|
||
|
3504000
|
heap
|
page read and write
|
||
|
2FD1000
|
heap
|
page read and write
|
||
|
73971000
|
unkown
|
page execute read
|
||
|
3B28000
|
heap
|
page read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
8840000
|
heap
|
page read and write
|
||
|
1682C000
|
direct allocation
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
3E5E000
|
stack
|
page read and write
|
||
|
134EF000
|
unkown
|
page write copy
|
||
|
2E80000
|
unkown
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
384F000
|
stack
|
page read and write
|
||
|
FC1000
|
unkown
|
page execute read
|
||
|
6FE56000
|
unkown
|
page readonly
|
||
|
88B4000
|
heap
|
page read and write
|
||
|
3192000
|
heap
|
page read and write
|
||
|
152D6000
|
unkown
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
1614F000
|
unkown
|
page read and write
|
||
|
15458000
|
unkown
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
489000
|
unkown
|
page read and write
|
||
|
3314000
|
heap
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
14DCD000
|
unkown
|
page read and write
|
||
|
168E0000
|
direct allocation
|
page read and write
|
||
|
16790000
|
direct allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
4106000
|
direct allocation
|
page read and write
|
||
|
6FE20000
|
unkown
|
page readonly
|
||
|
14F5F000
|
unkown
|
page read and write
|
||
|
40F4000
|
direct allocation
|
page read and write
|
||
|
135AB000
|
unkown
|
page read and write
|
||
|
6FC43000
|
unkown
|
page readonly
|
||
|
3171000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
14F43000
|
unkown
|
page write copy
|
||
|
168A9000
|
direct allocation
|
page read and write
|
||
|
168D0000
|
direct allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
152EA000
|
unkown
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
166E0000
|
direct allocation
|
page read and write
|
||
|
8E93000
|
unkown
|
page read and write
|
||
|
152C1000
|
unkown
|
page read and write
|
||
|
14DC3000
|
unkown
|
page read and write
|
||
|
175D000
|
heap
|
page read and write
|
||
|
4CC8000
|
direct allocation
|
page read and write
|
||
|
8B7E000
|
stack
|
page read and write
|
||
|
2B1F000
|
unkown
|
page read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
16894000
|
direct allocation
|
page read and write
|
||
|
154B0000
|
unkown
|
page read and write
|
||
|
321F000
|
heap
|
page read and write
|
||
|
357B000
|
heap
|
page read and write
|
||
|
FC1000
|
unkown
|
page execute read
|
||
|
4CC8000
|
direct allocation
|
page read and write
|
||
|
1106000
|
unkown
|
page readonly
|
||
|
4BD000
|
unkown
|
page readonly
|
||
|
679000
|
heap
|
page read and write
|
||
|
6FDA2000
|
unkown
|
page read and write
|
||
|
410A000
|
direct allocation
|
page read and write
|
||
|
16066000
|
unkown
|
page read and write
|
||
|
31DE000
|
heap
|
page read and write
|
||
|
408E000
|
stack
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
B90000
|
direct allocation
|
page read and write
|
||
|
15040000
|
unkown
|
page write copy
|
||
|
3187000
|
heap
|
page read and write
|
||
|
2CC8000
|
unkown
|
page readonly
|
||
|
4105000
|
direct allocation
|
page read and write
|
||
|
16844000
|
direct allocation
|
page read and write
|
||
|
935E000
|
stack
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
134A2000
|
unkown
|
page write copy
|
||
|
14DB2000
|
unkown
|
page read and write
|
||
|
40B0000
|
direct allocation
|
page read and write
|
||
|
6C803000
|
unkown
|
page readonly
|
||
|
6FD81000
|
unkown
|
page execute read
|
||
|
16163000
|
unkown
|
page read and write
|
||
|
3198000
|
heap
|
page read and write
|
||
|
8864000
|
heap
|
page read and write
|
||
|
152BF000
|
unkown
|
page write copy
|
||
|
4CB0000
|
direct allocation
|
page read and write
|
||
|
61B000
|
heap
|
page read and write
|
||
|
15353000
|
unkown
|
page read and write
|
||
|
32AA000
|
heap
|
page read and write
|
||
|
16784000
|
direct allocation
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
6C757000
|
unkown
|
page readonly
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
7471000
|
unkown
|
page readonly
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
649000
|
heap
|
page read and write
|
||
|
1689B000
|
direct allocation
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
6C811000
|
unkown
|
page execute read
|
||
|
1760000
|
heap
|
page read and write
|
||
|
4D24000
|
direct allocation
|
page read and write
|
||
|
6A64000
|
heap
|
page read and write
|
||
|
67CF000
|
heap
|
page read and write
|
||
|
2FD5000
|
heap
|
page read and write
|
There are 903 hidden memdumps, click here to show them.