Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
test1.txt
|
EICAR virus test files
|
initial sample
|
||
|
C:\Users\user\Desktop\test22.txt
|
EICAR virus test files
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\test1.txt
|
||
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\test22.txt
|
||
|
C:\Windows\System32\SystemSettingsBroker.exe
|
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
|
||
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\test22.txt
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fWindowsOnlyEOL
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fPasteOriginalEOL
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fReverse
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fWrapAround
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fMatchCase
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRU
|
MRUListEx
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3
|
1
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\1
|
NodeSlot
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\1
|
MRUListEx
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\Shell
|
SniffedFolderType
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
Mode
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
LogicalViewMode
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
FFlags
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
IconSize
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
Sort
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
ColInfo
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
GroupView
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
GroupByKey:FMTID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
GroupByKey:PID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
GroupByDirection
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRU
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\txt
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\txt
|
MRUListEx
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*
|
MRUListEx
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU
|
MRUListEx
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CIDSave\Modules\GlobalSettings\ProperTreeModuleInner
|
ProperTreeModuleInner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
iWindowPosX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
iWindowPosY
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
iWindowPosDX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
iWindowPosDY
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
|
MRUListEx
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3
|
MRUListEx
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
|
NodeSlots
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRU
|
MRUListEx
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
|
FFlags
|
There are 29 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1CE9F150000
|
heap
|
page read and write
|
||
|
1506D0FF000
|
heap
|
page read and write
|
||
|
1CE9EBCA000
|
heap
|
page read and write
|
||
|
1CE9EEF5000
|
heap
|
page read and write
|
||
|
1CE9EF3C000
|
heap
|
page read and write
|
||
|
1CE9EE67000
|
heap
|
page read and write
|
||
|
1CE9EB7C000
|
heap
|
page read and write
|
||
|
33045F8000
|
stack
|
page read and write
|
||
|
1CE9EB40000
|
heap
|
page read and write
|
||
|
1CE9F15C000
|
heap
|
page read and write
|
||
|
1CE9EFE5000
|
heap
|
page read and write
|
||
|
1CE992F0000
|
heap
|
page read and write
|
||
|
1CE9EE8D000
|
heap
|
page read and write
|
||
|
1CE9EBBD000
|
heap
|
page read and write
|
||
|
40D61FF000
|
stack
|
page read and write
|
||
|
1CE9EE84000
|
heap
|
page read and write
|
||
|
1CE9938A000
|
heap
|
page read and write
|
||
|
1CE9EB47000
|
heap
|
page read and write
|
||
|
25B82600000
|
heap
|
page read and write
|
||
|
1CE9EE88000
|
heap
|
page read and write
|
||
|
1CE9EBC5000
|
heap
|
page read and write
|
||
|
1506EA40000
|
trusted library allocation
|
page read and write
|
||
|
1CE9EED0000
|
heap
|
page read and write
|
||
|
1CE9EF19000
|
heap
|
page read and write
|
||
|
1CE9EBD8000
|
heap
|
page read and write
|
||
|
1506D0E2000
|
heap
|
page read and write
|
||
|
1CE993D2000
|
heap
|
page read and write
|
||
|
1CE9937C000
|
heap
|
page read and write
|
||
|
1CE9EBAA000
|
heap
|
page read and write
|
||
|
1450924E000
|
heap
|
page read and write
|
||
|
1CE9EF8D000
|
heap
|
page read and write
|
||
|
33041BE000
|
stack
|
page read and write
|
||
|
1CE9EF62000
|
heap
|
page read and write
|
||
|
1CE993B6000
|
heap
|
page read and write
|
||
|
1CE9EE5A000
|
heap
|
page read and write
|
||
|
1CE9EE71000
|
heap
|
page read and write
|
||
|
1CE993B0000
|
heap
|
page read and write
|
||
|
1CE99325000
|
heap
|
page read and write
|
||
|
1CE9B4B0000
|
heap
|
page read and write
|
||
|
1CE9EBA7000
|
heap
|
page read and write
|
||
|
1CE9EBC5000
|
heap
|
page read and write
|
||
|
1CE9EFA2000
|
heap
|
page read and write
|
||
|
1CE9EBC9000
|
heap
|
page read and write
|
||
|
1CE9EEAC000
|
heap
|
page read and write
|
||
|
1CE9EE82000
|
heap
|
page read and write
|
||
|
E141A7F000
|
stack
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
1CE9937A000
|
heap
|
page read and write
|
||
|
1CE9EE8B000
|
heap
|
page read and write
|
||
|
1CE9939E000
|
heap
|
page read and write
|
||
|
1CE9EF55000
|
heap
|
page read and write
|
||
|
1CE9EBB0000
|
heap
|
page read and write
|
||
|
1506D0E7000
|
heap
|
page read and write
|
||
|
1CE9EBE4000
|
heap
|
page read and write
|
||
|
1CE9ABE5000
|
heap
|
page read and write
|
||
|
1CE9EE5C000
|
heap
|
page read and write
|
||
|
1CE9EBBE000
|
heap
|
page read and write
|
||
|
1CE9EE64000
|
heap
|
page read and write
|
||
|
1506E990000
|
heap
|
page read and write
|
||
|
1CE9EEB0000
|
heap
|
page read and write
|
||
|
1506D110000
|
heap
|
page read and write
|
||
|
1CE9931E000
|
heap
|
page read and write
|
||
|
1CE9EF29000
|
heap
|
page read and write
|
||
|
1CE9EEAE000
|
heap
|
page read and write
|
||
|
14509240000
|
heap
|
page read and write
|
||
|
1CE993CA000
|
heap
|
page read and write
|
||
|
1506EB50000
|
heap
|
page read and write
|
||
|
1CE9EBD6000
|
heap
|
page read and write
|
||
|
1CE9EEFE000
|
heap
|
page read and write
|
||
|
1CE9EF98000
|
heap
|
page read and write
|
||
|
1CE9EE7D000
|
heap
|
page read and write
|
||
|
1CE9EF0A000
|
heap
|
page read and write
|
||
|
1CE9EBD6000
|
heap
|
page read and write
|
||
|
1CE9EBCE000
|
heap
|
page read and write
|
||
|
1CE9F156000
|
heap
|
page read and write
|
||
|
1CE993D3000
|
heap
|
page read and write
|
||
|
330447F000
|
stack
|
page read and write
|
||
|
25B80C59000
|
heap
|
page read and write
|
||
|
1CE9EE31000
|
heap
|
page read and write
|
||
|
1CE9EF1F000
|
heap
|
page read and write
|
||
|
1CE9EBE4000
|
heap
|
page read and write
|
||
|
1CE9EE52000
|
heap
|
page read and write
|
||
|
1CE9EBD4000
|
heap
|
page read and write
|
||
|
1CE9EBD0000
|
heap
|
page read and write
|
||
|
1506EB73000
|
heap
|
page read and write
|
||
|
1CE9933A000
|
heap
|
page read and write
|
||
|
1CE9EF27000
|
heap
|
page read and write
|
||
|
1CE9EE3F000
|
heap
|
page read and write
|
||
|
25B80C76000
|
heap
|
page read and write
|
||
|
1CE9EF31000
|
heap
|
page read and write
|
||
|
1CE9EBD0000
|
heap
|
page read and write
|
||
|
1CE9EF23000
|
heap
|
page read and write
|
||
|
1CE9EF13000
|
heap
|
page read and write
|
||
|
1CE993AC000
|
heap
|
page read and write
|
||
|
1CE9EE95000
|
heap
|
page read and write
|
||
|
1506D0EC000
|
heap
|
page read and write
|
||
|
1CE9EB36000
|
heap
|
page read and write
|
||
|
1CE9EBC9000
|
heap
|
page read and write
|
||
|
1506D0C9000
|
heap
|
page read and write
|
||
|
1CE9EE36000
|
heap
|
page read and write
|
||
|
1CE993B0000
|
heap
|
page read and write
|
||
|
1CE9EE9E000
|
heap
|
page read and write
|
||
|
1CE9EE33000
|
heap
|
page read and write
|
||
|
1CE9EBA7000
|
heap
|
page read and write
|
||
|
1506D101000
|
heap
|
page read and write
|
||
|
1CE99348000
|
heap
|
page read and write
|
||
|
1CE9EF55000
|
heap
|
page read and write
|
||
|
1CE993EE000
|
heap
|
page read and write
|
||
|
1CE9EBDF000
|
heap
|
page read and write
|
||
|
1CE9EBA7000
|
heap
|
page read and write
|
||
|
25B80C75000
|
heap
|
page read and write
|
||
|
1CE9EED6000
|
heap
|
page read and write
|
||
|
E14187E000
|
stack
|
page read and write
|
||
|
1CE9EE8D000
|
heap
|
page read and write
|
||
|
1CE9EB3D000
|
heap
|
page read and write
|
||
|
1CE99386000
|
heap
|
page read and write
|
||
|
1CE9EFC1000
|
heap
|
page read and write
|
||
|
1CE99347000
|
heap
|
page read and write
|
||
|
25B84DF0000
|
heap
|
page read and write
|
||
|
1CE9EBE2000
|
heap
|
page read and write
|
||
|
1CE9EEBA000
|
heap
|
page read and write
|
||
|
1CE9EFD1000
|
heap
|
page read and write
|
||
|
1CE9EDF6000
|
heap
|
page read and write
|
||
|
40D5DAE000
|
stack
|
page read and write
|
||
|
1CE9EBB9000
|
heap
|
page read and write
|
||
|
1CE9EF97000
|
heap
|
page read and write
|
||
|
1CE9EBB3000
|
heap
|
page read and write
|
||
|
1CE993C8000
|
heap
|
page read and write
|
||
|
1CE9EF9F000
|
heap
|
page read and write
|
||
|
1CE99334000
|
heap
|
page read and write
|
||
|
1CE9EE06000
|
heap
|
page read and write
|
||
|
1CE9EBD0000
|
heap
|
page read and write
|
||
|
1CE9EB80000
|
heap
|
page read and write
|
||
|
25B80C9E000
|
heap
|
page read and write
|
||
|
1CE9EE48000
|
heap
|
page read and write
|
||
|
1CE9EBAF000
|
heap
|
page read and write
|
||
|
1CE9EE6B000
|
heap
|
page read and write
|
||
|
1506E995000
|
heap
|
page read and write
|
||
|
1CE9EBE2000
|
heap
|
page read and write
|
||
|
E14197E000
|
stack
|
page read and write
|
||
|
1CE9EBC5000
|
heap
|
page read and write
|
||
|
1CE9EB44000
|
heap
|
page read and write
|
||
|
1CE99394000
|
heap
|
page read and write
|
||
|
1CE9EF5A000
|
heap
|
page read and write
|
||
|
1CE9EE92000
|
heap
|
page read and write
|
||
|
1CE99376000
|
heap
|
page read and write
|
||
|
1CE9EB9A000
|
heap
|
page read and write
|
||
|
419E37E000
|
stack
|
page read and write
|
||
|
33044FB000
|
stack
|
page read and write
|
||
|
1CE9CD40000
|
trusted library allocation
|
page read and write
|
||
|
1CE9EE33000
|
heap
|
page read and write
|
||
|
E1415D7000
|
stack
|
page read and write
|
||
|
1CE9EF91000
|
heap
|
page read and write
|
||
|
1CE9EBB3000
|
heap
|
page read and write
|
||
|
1CE9EE7B000
|
heap
|
page read and write
|
||
|
1CE993BD000
|
heap
|
page read and write
|
||
|
1CE9EBE6000
|
heap
|
page read and write
|
||
|
1CE9EE91000
|
heap
|
page read and write
|
||
|
1CE99346000
|
heap
|
page read and write
|
||
|
1CE9EE84000
|
heap
|
page read and write
|
||
|
1CE9EBD0000
|
heap
|
page read and write
|
||
|
1CE9EFA5000
|
heap
|
page read and write
|
||
|
1CE9EF09000
|
heap
|
page read and write
|
||
|
1CE99370000
|
heap
|
page read and write
|
||
|
1CE9EBC1000
|
heap
|
page read and write
|
||
|
419DF28000
|
stack
|
page read and write
|
||
|
1CE99399000
|
heap
|
page read and write
|
||
|
1CE99352000
|
heap
|
page read and write
|
||
|
1CE9EE21000
|
heap
|
page read and write
|
||
|
1CE993D6000
|
heap
|
page read and write
|
||
|
1CE9EE0E000
|
heap
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
1CE9EFA7000
|
heap
|
page read and write
|
||
|
1CE9EDFE000
|
heap
|
page read and write
|
||
|
1CE9EBE4000
|
heap
|
page read and write
|
||
|
1CE9B0C0000
|
heap
|
page read and write
|
||
|
1CE9EEAB000
|
heap
|
page read and write
|
||
|
1CE9EB95000
|
heap
|
page read and write
|
||
|
1CE9933E000
|
heap
|
page read and write
|
||
|
1CE9EF31000
|
heap
|
page read and write
|
||
|
40D607E000
|
stack
|
page read and write
|
||
|
25B825E0000
|
trusted library allocation
|
page read and write
|
||
|
1CE9EEF2000
|
heap
|
page read and write
|
||
|
1506D0CA000
|
heap
|
page read and write
|
||
|
1CE9EFEB000
|
heap
|
page read and write
|
||
|
25B80C7E000
|
heap
|
page read and write
|
||
|
1506D0C1000
|
heap
|
page read and write
|
||
|
1CE9EB52000
|
heap
|
page read and write
|
||
|
1CE9EF85000
|
heap
|
page read and write
|
||
|
1CE9EF39000
|
heap
|
page read and write
|
||
|
1506D098000
|
heap
|
page read and write
|
||
|
1CE99349000
|
heap
|
page read and write
|
||
|
1CE9EF82000
|
heap
|
page read and write
|
||
|
1CE9EB9F000
|
heap
|
page read and write
|
||
|
1CE9EF15000
|
heap
|
page read and write
|
||
|
1506E950000
|
heap
|
page read and write
|
||
|
1CE9AC80000
|
heap
|
page read and write
|
||
|
1CE9EB7B000
|
heap
|
page read and write
|
||
|
1CE9EBC5000
|
heap
|
page read and write
|
||
|
1CE9AC60000
|
trusted library allocation
|
page read and write
|
||
|
25B80C20000
|
heap
|
page read and write
|
||
|
40D6179000
|
stack
|
page read and write
|
||
|
1CE9EBC5000
|
heap
|
page read and write
|
||
|
14509525000
|
heap
|
page read and write
|
||
|
419E3FE000
|
stack
|
page read and write
|
||
|
1CE9EE95000
|
heap
|
page read and write
|
||
|
1CE9EBD7000
|
heap
|
page read and write
|
||
|
1506D0E9000
|
heap
|
page read and write
|
||
|
1CE9EBD8000
|
heap
|
page read and write
|
||
|
1CE99321000
|
heap
|
page read and write
|
||
|
1CE9EF33000
|
heap
|
page read and write
|
||
|
1CE9EF85000
|
heap
|
page read and write
|
||
|
1CE9EF82000
|
heap
|
page read and write
|
||
|
1CE9EBEC000
|
heap
|
page read and write
|
||
|
1CE9AC83000
|
heap
|
page read and write
|
||
|
1CE9EF4D000
|
heap
|
page read and write
|
||
|
1CE9EE16000
|
heap
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
1CE9EEBE000
|
heap
|
page read and write
|
||
|
1CE9EBD8000
|
heap
|
page read and write
|
||
|
25B845F0000
|
trusted library allocation
|
page read and write
|
||
|
1CE9EEBE000
|
heap
|
page read and write
|
||
|
25B82623000
|
heap
|
page read and write
|
||
|
1CE9EBDA000
|
heap
|
page read and write
|
||
|
1CE9EE13000
|
heap
|
page read and write
|
||
|
1CE9EE2C000
|
heap
|
page read and write
|
||
|
1CE9EBC5000
|
heap
|
page read and write
|
||
|
1CE9EED9000
|
heap
|
page read and write
|
||
|
330467F000
|
stack
|
page read and write
|
||
|
1CE9EB41000
|
heap
|
page read and write
|
||
|
1450926F000
|
heap
|
page read and write
|
||
|
1CE9EE5B000
|
heap
|
page read and write
|
||
|
1CE9EF55000
|
heap
|
page read and write
|
||
|
1CE9ECF0000
|
heap
|
page read and write
|
||
|
1CE9EB4A000
|
heap
|
page read and write
|
||
|
1CE9EBD8000
|
heap
|
page read and write
|
||
|
1CE9EE27000
|
heap
|
page read and write
|
||
|
1CE9EE0E000
|
heap
|
page read and write
|
||
|
1CE9932E000
|
heap
|
page read and write
|
||
|
1CE993AA000
|
heap
|
page read and write
|
||
|
1CE9EE67000
|
heap
|
page read and write
|
||
|
1CE9EF8D000
|
heap
|
page read and write
|
||
|
1CE99373000
|
heap
|
page read and write
|
||
|
1CE9EB98000
|
heap
|
page read and write
|
||
|
1CE9EBA5000
|
heap
|
page read and write
|
||
|
1CE9EBDA000
|
heap
|
page read and write
|
||
|
1CE9EBB9000
|
heap
|
page read and write
|
||
|
1CE9937E000
|
heap
|
page read and write
|
||
|
419DFAE000
|
stack
|
page read and write
|
||
|
150711F0000
|
heap
|
page read and write
|
||
|
1CE9EED6000
|
heap
|
page read and write
|
||
|
1CE9936D000
|
heap
|
page read and write
|
||
|
1CE9EBAA000
|
heap
|
page read and write
|
||
|
1CE9EBE6000
|
heap
|
page read and write
|
||
|
1CE9EBEC000
|
heap
|
page read and write
|
||
|
1CE9EF29000
|
heap
|
page read and write
|
||
|
1CE9EE48000
|
heap
|
page read and write
|
||
|
1CE9EBA7000
|
heap
|
page read and write
|
||
|
1CE9EE74000
|
heap
|
page read and write
|
||
|
145091D0000
|
heap
|
page read and write
|
||
|
1CE9F151000
|
heap
|
page read and write
|
||
|
1CE9EF37000
|
heap
|
page read and write
|
||
|
1CE9EBD8000
|
heap
|
page read and write
|
||
|
1CE993BD000
|
heap
|
page read and write
|
||
|
1CE9EE8F000
|
heap
|
page read and write
|
||
|
1CE9EF8B000
|
heap
|
page read and write
|
||
|
150709F0000
|
trusted library allocation
|
page read and write
|
||
|
1CE993C6000
|
heap
|
page read and write
|
||
|
419E47E000
|
stack
|
page read and write
|
||
|
1CE9EFB1000
|
heap
|
page read and write
|
||
|
1CE9EB79000
|
heap
|
page read and write
|
||
|
1CE9EF5B000
|
heap
|
page read and write
|
||
|
1CE9EFE3000
|
heap
|
page read and write
|
||
|
1CE9EBE3000
|
heap
|
page read and write
|
||
|
1CE9ABE0000
|
heap
|
page read and write
|
||
|
1CE993B6000
|
heap
|
page read and write
|
||
|
1CE9EBC0000
|
heap
|
page read and write
|
||
|
1CE9EEAE000
|
heap
|
page read and write
|
||
|
1CE9EE41000
|
heap
|
page read and write
|
||
|
25B80C56000
|
heap
|
page read and write
|
||
|
1CE993D1000
|
heap
|
page read and write
|
||
|
1CE9EE5F000
|
heap
|
page read and write
|
||
|
1CE9EBE3000
|
heap
|
page read and write
|
||
|
1CE9932A000
|
heap
|
page read and write
|
||
|
1506D106000
|
heap
|
page read and write
|
||
|
1CE9F13F000
|
heap
|
page read and write
|
||
|
E1419FE000
|
stack
|
page read and write
|
||
|
25B80C5A000
|
heap
|
page read and write
|
||
|
1CE9EE81000
|
heap
|
page read and write
|
||
|
1CE9936E000
|
heap
|
page read and write
|
||
|
25B80B40000
|
heap
|
page read and write
|
||
|
419E2FE000
|
stack
|
page read and write
|
||
|
1CE993ED000
|
heap
|
page read and write
|
||
|
1CE9EB32000
|
heap
|
page read and write
|
||
|
1CE9EE61000
|
heap
|
page read and write
|
||
|
1CE9EE3D000
|
heap
|
page read and write
|
||
|
1CE992D0000
|
heap
|
page read and write
|
||
|
1CE9EBBB000
|
heap
|
page read and write
|
||
|
1CE993C6000
|
heap
|
page read and write
|
||
|
1CE9EEAB000
|
heap
|
page read and write
|
||
|
1CE9EEF7000
|
heap
|
page read and write
|
||
|
1CE9EBA1000
|
heap
|
page read and write
|
||
|
1CE9EEE8000
|
heap
|
page read and write
|
||
|
1CE9EE94000
|
heap
|
page read and write
|
||
|
1CE9EF20000
|
heap
|
page read and write
|
||
|
1CE9EE0B000
|
heap
|
page read and write
|
||
|
1CE9EEA2000
|
heap
|
page read and write
|
||
|
25B826AC000
|
heap
|
page read and write
|
||
|
1CE9EBB4000
|
heap
|
page read and write
|
||
|
1506D117000
|
heap
|
page read and write
|
||
|
1CE9EB47000
|
heap
|
page read and write
|
||
|
1CE9EF2D000
|
heap
|
page read and write
|
||
|
1CE9EF5E000
|
heap
|
page read and write
|
||
|
1506D0D2000
|
heap
|
page read and write
|
||
|
1CE9EFE3000
|
heap
|
page read and write
|
||
|
1506CF90000
|
heap
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
1CE9938A000
|
heap
|
page read and write
|
||
|
1506D0F8000
|
heap
|
page read and write
|
||
|
1CE9F130000
|
heap
|
page read and write
|
||
|
1CE99363000
|
heap
|
page read and write
|
||
|
1CE9EE3B000
|
heap
|
page read and write
|
||
|
1CE993B6000
|
heap
|
page read and write
|
||
|
1CE991B0000
|
heap
|
page read and write
|
||
|
40D64FA000
|
stack
|
page read and write
|
||
|
1CE9EBD6000
|
heap
|
page read and write
|
||
|
1CE993A7000
|
heap
|
page read and write
|
||
|
1CE9EE52000
|
heap
|
page read and write
|
||
|
1CE993B6000
|
heap
|
page read and write
|
||
|
1CE9EBE2000
|
heap
|
page read and write
|
||
|
1CE9EBB6000
|
heap
|
page read and write
|
||
|
1CE9EF82000
|
heap
|
page read and write
|
||
|
1CE993BD000
|
heap
|
page read and write
|
||
|
25B80C28000
|
heap
|
page read and write
|
||
|
1CE9EEDA000
|
heap
|
page read and write
|
||
|
1CE9EFE1000
|
heap
|
page read and write
|
||
|
1CE9EBC2000
|
heap
|
page read and write
|
||
|
1CE9EF5F000
|
heap
|
page read and write
|
||
|
1CE993A4000
|
heap
|
page read and write
|
||
|
1CE9EEF7000
|
heap
|
page read and write
|
||
|
1CE9EF82000
|
heap
|
page read and write
|
||
|
1CE993C8000
|
heap
|
page read and write
|
||
|
1CE993B0000
|
heap
|
page read and write
|
||
|
1CE9EBAD000
|
heap
|
page read and write
|
||
|
1CE9EF62000
|
heap
|
page read and write
|
||
|
40D5D23000
|
stack
|
page read and write
|
||
|
1CE9EF13000
|
heap
|
page read and write
|
||
|
40D60FE000
|
stack
|
page read and write
|
||
|
1CE9EF86000
|
heap
|
page read and write
|
||
|
1506D10D000
|
heap
|
page read and write
|
||
|
1506D070000
|
heap
|
page read and write
|
||
|
40D6478000
|
stack
|
page read and write
|
||
|
330413E000
|
stack
|
page read and write
|
||
|
14509247000
|
heap
|
page read and write
|
||
|
1CE9EE52000
|
heap
|
page read and write
|
||
|
1CE9EBBD000
|
heap
|
page read and write
|
||
|
1CE9EBAE000
|
heap
|
page read and write
|
||
|
1CE9EF8B000
|
heap
|
page read and write
|
||
|
1CE9EF57000
|
heap
|
page read and write
|
||
|
1CE9EB7B000
|
heap
|
page read and write
|
||
|
1CE9EE31000
|
heap
|
page read and write
|
||
|
1CE9936D000
|
heap
|
page read and write
|
||
|
1CE9EBEC000
|
heap
|
page read and write
|
||
|
1CE9EBE3000
|
heap
|
page read and write
|
||
|
E1418FE000
|
stack
|
page read and write
|
||
|
1CE9EF3D000
|
heap
|
page read and write
|
||
|
1CE9EFC8000
|
heap
|
page read and write
|
||
|
1CE9EB43000
|
heap
|
page read and write
|
||
|
1CE9935F000
|
heap
|
page read and write
|
||
|
1CE9EF85000
|
heap
|
page read and write
|
||
|
1CE9EAF0000
|
heap
|
page read and write
|
||
|
25B80C77000
|
heap
|
page read and write
|
||
|
40D657C000
|
stack
|
page read and write
|
||
|
1CE9EBC5000
|
heap
|
page read and write
|
||
|
1CE9EDF0000
|
heap
|
page read and write
|
||
|
1CE993B0000
|
heap
|
page read and write
|
||
|
1CE99327000
|
heap
|
page read and write
|
||
|
25B80D20000
|
heap
|
page read and write
|
||
|
1506D090000
|
heap
|
page read and write
|
||
|
1CE9EE48000
|
heap
|
page read and write
|
||
|
1CE9EF19000
|
heap
|
page read and write
|
||
|
1CE9EB7F000
|
heap
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
1CE9EEC8000
|
heap
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
145091B0000
|
heap
|
page read and write
|
||
|
14509520000
|
heap
|
page read and write
|
||
|
1506D116000
|
heap
|
page read and write
|
||
|
1CE9932A000
|
heap
|
page read and write
|
||
|
E141AFE000
|
stack
|
page read and write
|
||
|
1CE9EFEE000
|
heap
|
page read and write
|
||
|
1CE9EE39000
|
heap
|
page read and write
|
||
|
25B80C59000
|
heap
|
page read and write
|
||
|
1CE9EBD6000
|
heap
|
page read and write
|
||
|
1CE9EBAD000
|
heap
|
page read and write
|
||
|
1CE9F159000
|
heap
|
page read and write
|
||
|
330457F000
|
stack
|
page read and write
|
||
|
1CE9ABEC000
|
heap
|
page read and write
|
||
|
25B826A5000
|
heap
|
page read and write
|
||
|
1CE993D1000
|
heap
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
1CE9EB37000
|
heap
|
page read and write
|
||
|
1CE9EE11000
|
heap
|
page read and write
|
||
|
33040BD000
|
stack
|
page read and write
|
||
|
1CE9938A000
|
heap
|
page read and write
|
||
|
1CE9EBE2000
|
heap
|
page read and write
|
||
|
1CE9EDF4000
|
heap
|
page read and write
|
||
|
1CE99290000
|
heap
|
page read and write
|
||
|
1CE9EBE6000
|
heap
|
page read and write
|
||
|
419E27E000
|
stack
|
page read and write
|
||
|
25B82500000
|
heap
|
page read and write
|
||
|
1CE9EE56000
|
heap
|
page read and write
|
||
|
25B826A0000
|
heap
|
page read and write
|
||
|
33046FE000
|
stack
|
page read and write
|
||
|
1506EB70000
|
heap
|
page read and write
|
||
|
1CE993CE000
|
heap
|
page read and write
|
||
|
1506D0C5000
|
heap
|
page read and write
|
||
|
1CE9EBD1000
|
heap
|
page read and write
|
||
|
1CE9EBD6000
|
heap
|
page read and write
|
||
|
1CE9EEC8000
|
heap
|
page read and write
|
||
|
1CE9F157000
|
heap
|
page read and write
|
||
|
1CE993AA000
|
heap
|
page read and write
|
||
|
1CE99372000
|
heap
|
page read and write
|
||
|
40D637C000
|
stack
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
1CE9EBD6000
|
heap
|
page read and write
|
||
|
1CE9F155000
|
heap
|
page read and write
|
||
|
1CE9EBB7000
|
heap
|
page read and write
|
||
|
1CE9EBD1000
|
heap
|
page read and write
|
||
|
1CE9EE88000
|
heap
|
page read and write
|
||
|
1CE9EB95000
|
heap
|
page read and write
|
||
|
1CE9EED7000
|
heap
|
page read and write
|
||
|
1CE9EBD6000
|
heap
|
page read and write
|
||
|
145091A0000
|
heap
|
page read and write
|
||
|
1CE993A4000
|
heap
|
page read and write
|
||
|
1CE9EF3C000
|
heap
|
page read and write
|
||
|
1CE9932F000
|
heap
|
page read and write
|
||
|
1506D0C1000
|
heap
|
page read and write
|
||
|
1CE9EF1E000
|
heap
|
page read and write
|
||
|
1CE9EF93000
|
heap
|
page read and write
|
||
|
1CE9EBAE000
|
heap
|
page read and write
|
||
|
40D6278000
|
stack
|
page read and write
|
||
|
1CE9EE8F000
|
heap
|
page read and write
|
||
|
1506E99C000
|
heap
|
page read and write
|
||
|
1CE9F158000
|
heap
|
page read and write
|
||
|
25B80C51000
|
heap
|
page read and write
|
||
|
1CE9EF39000
|
heap
|
page read and write
|
||
|
25B82620000
|
heap
|
page read and write
|
||
|
1506D109000
|
heap
|
page read and write
|
||
|
1CE9EDF1000
|
heap
|
page read and write
|
||
|
1CE9EFAA000
|
heap
|
page read and write
|
||
|
1CE9EEB0000
|
heap
|
page read and write
|
||
|
1CE993AA000
|
heap
|
page read and write
|
||
|
1CE9EEAD000
|
heap
|
page read and write
|
||
|
1CE993A4000
|
heap
|
page read and write
|
||
|
40D65FF000
|
stack
|
page read and write
|
||
|
40D63F8000
|
stack
|
page read and write
|
||
|
1CE9EBB4000
|
heap
|
page read and write
|
||
|
1CE9EDF8000
|
heap
|
page read and write
|
||
|
1CE9EEBE000
|
heap
|
page read and write
|
||
|
1CE99321000
|
heap
|
page read and write
|
||
|
1CE9EBEC000
|
heap
|
page read and write
|
||
|
1CE9EF55000
|
heap
|
page read and write
|
||
|
1CE993D1000
|
heap
|
page read and write
|
||
|
1CE9F153000
|
heap
|
page read and write
|
There are 455 hidden memdumps, click here to show them.