Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
tiiEwuElgl.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_2fe5f38a4f5ae3ed51518cca5baa2e5e637fb76_7522e4b5_64422e78-53cc-46d8-a19d-7baef0af0e5c\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_2fe5f38a4f5ae3ed51518cca5baa2e5e637fb76_7522e4b5_d2f2c237-4255-4da5-8098-3eac21645fd8\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_b0cdffbca525ee12a6aa688b50d1504e3557d02a_7522e4b5_063399f1-1e56-4d88-a8ba-4023344517e5\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER12A0.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Oct 29 17:54:24 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER12FE.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Oct 29 17:54:24 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER133E.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER13BC.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER13DA.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER140A.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE576.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Oct 29 17:54:12 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE632.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE662.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\tiiEwuElgl.dll,BarCreate
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",#1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8004 -s 648
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\tiiEwuElgl.dll,BarDestroy
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\tiiEwuElgl.dll,BarFreeRec
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",BarCreate
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",BarDestroy
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",BarFreeRec
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeSetFocus
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeSetDirty
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeResize
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkePaint2
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeKillFocus
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeIsDirty
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeInitialize
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeGetCaretRect
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeFireMouseWheelEvent
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeFireMouseEvent
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeFireKeyUpEvent
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeFireKeyPressEvent
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeFireKeyDownEvent
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeFireContextMenuEvent
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeFinalize
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeDestroyWebView
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",wkeCreateWebView
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",dbkFCallWrapperAddr
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",__dbk_fcall_wrapper
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",TMethodImplementationIntercept
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\tiiEwuElgl.dll",BarRecognize
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5840 -s 648
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8020 -s 640
|
There are 24 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProgramId
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
FileId
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LongPathHash
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Name
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
OriginalFileName
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Publisher
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Version
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinFileVersion
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinaryType
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductName
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductVersion
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LinkDate
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinProductVersion
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Size
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Language
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
IsOsComponent
|
||
|
\REGISTRY\A\{38076a71-8bc9-90d6-922c-925b75ee5168}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018400CF081ADAB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018400CF081ADAB
|
There are 18 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
44A8000
|
direct allocation
|
page read and write
|
||
|
44A1000
|
direct allocation
|
page read and write
|
||
|
4B08000
|
direct allocation
|
page read and write
|
||
|
4EEA000
|
direct allocation
|
page read and write
|
||
|
2DB2000
|
direct allocation
|
page read and write
|
||
|
12FF000
|
heap
|
page read and write
|
||
|
14EF000
|
stack
|
page read and write
|
||
|
4DA8000
|
direct allocation
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
279F000
|
stack
|
page read and write
|
||
|
4EF8000
|
direct allocation
|
page read and write
|
||
|
4476000
|
direct allocation
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
4E78000
|
direct allocation
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
4ECA000
|
direct allocation
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
49F8000
|
direct allocation
|
page read and write
|
||
|
4A41000
|
direct allocation
|
page read and write
|
||
|
4F14000
|
direct allocation
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
4F0C000
|
direct allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
42B1000
|
direct allocation
|
page read and write
|
||
|
4AED000
|
direct allocation
|
page read and write
|
||
|
283C000
|
stack
|
page read and write
|
||
|
4DBF000
|
stack
|
page read and write
|
||
|
4DD4000
|
direct allocation
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
43A2000
|
direct allocation
|
page read and write
|
||
|
2BCB000
|
stack
|
page read and write
|
||
|
30BC000
|
stack
|
page read and write
|
||
|
12FB000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
42A1000
|
direct allocation
|
page read and write
|
||
|
44AF000
|
direct allocation
|
page read and write
|
||
|
46D2000
|
direct allocation
|
page read and write
|
||
|
4DA8000
|
direct allocation
|
page read and write
|
||
|
48B8000
|
direct allocation
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
44CC000
|
direct allocation
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
4DDA000
|
direct allocation
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
43CF000
|
direct allocation
|
page read and write
|
||
|
32EA000
|
heap
|
page read and write
|
||
|
4DA1000
|
direct allocation
|
page read and write
|
||
|
4361000
|
direct allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
47A1000
|
direct allocation
|
page read and write
|
||
|
4EE6000
|
direct allocation
|
page read and write
|
||
|
4F18000
|
direct allocation
|
page read and write
|
||
|
43E4000
|
direct allocation
|
page read and write
|
||
|
285A000
|
heap
|
page read and write
|
||
|
47EA000
|
direct allocation
|
page read and write
|
||
|
24B0000
|
heap
|
page read and write
|
||
|
4223000
|
direct allocation
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
437F000
|
direct allocation
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
4DBE000
|
stack
|
page read and write
|
||
|
4B94000
|
direct allocation
|
page read and write
|
||
|
4B7F000
|
direct allocation
|
page read and write
|
||
|
4498000
|
direct allocation
|
page read and write
|
||
|
520000
|
unkown
|
page write copy
|
||
|
47A8000
|
direct allocation
|
page read and write
|
||
|
2EFC000
|
stack
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
4D4D000
|
direct allocation
|
page read and write
|
||
|
4F28000
|
direct allocation
|
page read and write
|
||
|
4DCC000
|
direct allocation
|
page read and write
|
||
|
4D8A000
|
direct allocation
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
43AA000
|
direct allocation
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
51F000
|
unkown
|
page read and write
|
||
|
2AAC000
|
stack
|
page read and write
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
2DED000
|
direct allocation
|
page read and write
|
||
|
4378000
|
direct allocation
|
page read and write
|
||
|
32CA000
|
heap
|
page read and write
|
||
|
4DF1000
|
direct allocation
|
page read and write
|
||
|
4238000
|
direct allocation
|
page read and write
|
||
|
4AE1000
|
direct allocation
|
page read and write
|
||
|
263F000
|
stack
|
page read and write
|
||
|
476F000
|
direct allocation
|
page read and write
|
||
|
4442000
|
direct allocation
|
page read and write
|
||
|
49EA000
|
direct allocation
|
page read and write
|
||
|
447D000
|
direct allocation
|
page read and write
|
||
|
299B000
|
stack
|
page read and write
|
||
|
41FF000
|
direct allocation
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
428C000
|
direct allocation
|
page read and write
|
||
|
4EEF000
|
direct allocation
|
page read and write
|
||
|
424A000
|
direct allocation
|
page read and write
|
||
|
4EF8000
|
direct allocation
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
4776000
|
direct allocation
|
page read and write
|
||
|
4B68000
|
direct allocation
|
page read and write
|
||
|
2D4F000
|
stack
|
page read and write
|
||
|
2A7C000
|
stack
|
page read and write
|
||
|
2F2C000
|
stack
|
page read and write
|
||
|
4EF6000
|
direct allocation
|
page read and write
|
||
|
4D92000
|
direct allocation
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
4DF8000
|
direct allocation
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
41F8000
|
direct allocation
|
page read and write
|
||
|
4D54000
|
direct allocation
|
page read and write
|
||
|
4458000
|
direct allocation
|
page read and write
|
||
|
495F000
|
stack
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
2E0A000
|
direct allocation
|
page read and write
|
||
|
4DF1000
|
direct allocation
|
page read and write
|
||
|
333F000
|
stack
|
page read and write
|
||
|
2CEA000
|
heap
|
page read and write
|
||
|
524000
|
unkown
|
page readonly
|
||
|
22DC000
|
stack
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
2EEB000
|
stack
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
4706000
|
direct allocation
|
page read and write
|
||
|
4B3C000
|
direct allocation
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
45C1000
|
direct allocation
|
page read and write
|
||
|
4482000
|
direct allocation
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
252B000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
4484000
|
direct allocation
|
page read and write
|
||
|
2A9A000
|
heap
|
page read and write
|
||
|
459D000
|
direct allocation
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
341A000
|
heap
|
page read and write
|
||
|
2DFC000
|
direct allocation
|
page read and write
|
||
|
4D92000
|
direct allocation
|
page read and write
|
||
|
45BA000
|
direct allocation
|
page read and write
|
||
|
4A08000
|
direct allocation
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
487E000
|
stack
|
page read and write
|
||
|
42C8000
|
direct allocation
|
page read and write
|
||
|
44C4000
|
direct allocation
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
332A000
|
heap
|
page read and write
|
||
|
307C000
|
stack
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
263C000
|
stack
|
page read and write
|
||
|
46E1000
|
direct allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
44E8000
|
direct allocation
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
471C000
|
direct allocation
|
page read and write
|
||
|
41E1000
|
direct allocation
|
page read and write
|
||
|
524000
|
unkown
|
page readonly
|
||
|
488F000
|
stack
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
4843000
|
direct allocation
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
4858000
|
direct allocation
|
page read and write
|
||
|
43B1000
|
direct allocation
|
page read and write
|
||
|
42B8000
|
direct allocation
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
4DEA000
|
direct allocation
|
page read and write
|
||
|
4D63000
|
direct allocation
|
page read and write
|
||
|
307B000
|
stack
|
page read and write
|
||
|
4B1C000
|
direct allocation
|
page read and write
|
||
|
427D000
|
direct allocation
|
page read and write
|
||
|
4D71000
|
direct allocation
|
page read and write
|
||
|
28EB000
|
stack
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
422A000
|
direct allocation
|
page read and write
|
||
|
126F000
|
stack
|
page read and write
|
||
|
42DD000
|
direct allocation
|
page read and write
|
||
|
2FEC000
|
stack
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
4D38000
|
direct allocation
|
page read and write
|
||
|
266A000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
4BA3000
|
direct allocation
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
4386000
|
direct allocation
|
page read and write
|
||
|
4EDC000
|
direct allocation
|
page read and write
|
||
|
520000
|
unkown
|
page write copy
|
||
|
46E8000
|
direct allocation
|
page read and write
|
||
|
4DFD000
|
direct allocation
|
page read and write
|
||
|
4DFF000
|
stack
|
page read and write
|
||
|
4491000
|
direct allocation
|
page read and write
|
||
|
510000
|
unkown
|
page write copy
|
||
|
421C000
|
direct allocation
|
page read and write
|
||
|
4DCA000
|
direct allocation
|
page read and write
|
||
|
288A000
|
heap
|
page read and write
|
||
|
4401000
|
direct allocation
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
4E63000
|
direct allocation
|
page read and write
|
||
|
4EC6000
|
direct allocation
|
page read and write
|
||
|
4DD3000
|
direct allocation
|
page read and write
|
||
|
484B000
|
direct allocation
|
page read and write
|
||
|
47E3000
|
direct allocation
|
page read and write
|
||
|
4D6A000
|
direct allocation
|
page read and write
|
||
|
260E000
|
stack
|
page read and write
|
||
|
490E000
|
stack
|
page read and write
|
||
|
4E1A000
|
direct allocation
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
439C000
|
direct allocation
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
2A6B000
|
stack
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
4D78000
|
direct allocation
|
page read and write
|
||
|
4B2D000
|
direct allocation
|
page read and write
|
||
|
4B86000
|
direct allocation
|
page read and write
|
||
|
4B78000
|
direct allocation
|
page read and write
|
||
|
520000
|
unkown
|
page write copy
|
||
|
4AF4000
|
direct allocation
|
page read and write
|
||
|
429A000
|
direct allocation
|
page read and write
|
||
|
4B9C000
|
direct allocation
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
4BB1000
|
direct allocation
|
page read and write
|
||
|
301A000
|
heap
|
page read and write
|
||
|
4D5F000
|
stack
|
page read and write
|
||
|
4E9A000
|
direct allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
4368000
|
direct allocation
|
page read and write
|
||
|
524000
|
unkown
|
page readonly
|
||
|
3590000
|
heap
|
page read and write
|
||
|
522000
|
unkown
|
page readonly
|
||
|
3290000
|
heap
|
page read and write
|
||
|
4206000
|
direct allocation
|
page read and write
|
||
|
47A1000
|
direct allocation
|
page read and write
|
||
|
4301000
|
direct allocation
|
page read and write
|
||
|
513000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4E38000
|
direct allocation
|
page read and write
|
||
|
2FAC000
|
stack
|
page read and write
|
||
|
4B51000
|
direct allocation
|
page read and write
|
||
|
4AE8000
|
direct allocation
|
page read and write
|
||
|
2E18000
|
direct allocation
|
page read and write
|
||
|
4723000
|
direct allocation
|
page read and write
|
||
|
50F000
|
unkown
|
page read and write
|
||
|
479A000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3320000
|
heap
|
page read and write
|
||
|
4AB2000
|
direct allocation
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
43AA000
|
direct allocation
|
page read and write
|
||
|
44BD000
|
direct allocation
|
page read and write
|
||
|
29BD000
|
stack
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
273F000
|
stack
|
page read and write
|
||
|
4258000
|
direct allocation
|
page read and write
|
||
|
4886000
|
direct allocation
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
2BAC000
|
stack
|
page read and write
|
||
|
4EBF000
|
direct allocation
|
page read and write
|
||
|
303B000
|
stack
|
page read and write
|
||
|
4EE1000
|
direct allocation
|
page read and write
|
||
|
4768000
|
direct allocation
|
page read and write
|
||
|
420D000
|
direct allocation
|
page read and write
|
||
|
478C000
|
direct allocation
|
page read and write
|
||
|
4DBF000
|
direct allocation
|
page read and write
|
||
|
436F000
|
stack
|
page read and write
|
||
|
4EC8000
|
direct allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
2DF4000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
47D4000
|
direct allocation
|
page read and write
|
||
|
4F50000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
44B6000
|
direct allocation
|
page read and write
|
||
|
4DEF000
|
direct allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
48A0000
|
heap
|
page read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
474A000
|
direct allocation
|
page read and write
|
||
|
29DC000
|
stack
|
page read and write
|
||
|
482D000
|
direct allocation
|
page read and write
|
||
|
4FBF000
|
stack
|
page read and write
|
||
|
518000
|
unkown
|
page read and write
|
||
|
51D000
|
unkown
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
4596000
|
direct allocation
|
page read and write
|
||
|
4AD8000
|
direct allocation
|
page read and write
|
||
|
256C000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
4EED000
|
direct allocation
|
page read and write
|
||
|
4268000
|
direct allocation
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
44E1000
|
direct allocation
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
2FEC000
|
stack
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
4284000
|
direct allocation
|
page read and write
|
||
|
4AE6000
|
direct allocation
|
page read and write
|
||
|
47CD000
|
direct allocation
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
4D6F000
|
stack
|
page read and write
|
||
|
4D28000
|
direct allocation
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
4DB6000
|
direct allocation
|
page read and write
|
||
|
423B000
|
direct allocation
|
page read and write
|
||
|
4E92000
|
direct allocation
|
page read and write
|
||
|
41E8000
|
direct allocation
|
page read and write
|
||
|
42D6000
|
direct allocation
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
329C000
|
stack
|
page read and write
|
||
|
4D82000
|
direct allocation
|
page read and write
|
||
|
511000
|
unkown
|
page read and write
|
||
|
521000
|
unkown
|
page read and write
|
||
|
4A3A000
|
direct allocation
|
page read and write
|
||
|
4ED8000
|
direct allocation
|
page read and write
|
||
|
42A8000
|
direct allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
4214000
|
direct allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
4B11000
|
direct allocation
|
page read and write
|
||
|
349F000
|
stack
|
page read and write
|
||
|
4AF8000
|
direct allocation
|
page read and write
|
||
|
4DBF000
|
direct allocation
|
page read and write
|
||
|
42FA000
|
direct allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
47DC000
|
direct allocation
|
page read and write
|
||
|
4B26000
|
direct allocation
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
4F23000
|
direct allocation
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
4DE8000
|
direct allocation
|
page read and write
|
||
|
4868000
|
direct allocation
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
308A000
|
heap
|
page read and write
|
||
|
2EBB000
|
stack
|
page read and write
|
||
|
4468000
|
direct allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
289F000
|
stack
|
page read and write
|
||
|
45AC000
|
direct allocation
|
page read and write
|
||
|
292C000
|
stack
|
page read and write
|
||
|
456A000
|
direct allocation
|
page read and write
|
||
|
4D9A000
|
direct allocation
|
page read and write
|
||
|
4B18000
|
direct allocation
|
page read and write
|
||
|
43B8000
|
direct allocation
|
page read and write
|
||
|
4588000
|
direct allocation
|
page read and write
|
||
|
42A2000
|
direct allocation
|
page read and write
|
||
|
4F13000
|
direct allocation
|
page read and write
|
||
|
448A000
|
direct allocation
|
page read and write
|
||
|
4394000
|
direct allocation
|
page read and write
|
||
|
4738000
|
direct allocation
|
page read and write
|
||
|
4740000
|
heap
|
page read and write
|
||
|
4E54000
|
direct allocation
|
page read and write
|
||
|
4D91000
|
direct allocation
|
page read and write
|
||
|
4EDA000
|
direct allocation
|
page read and write
|
||
|
4D9E000
|
stack
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
4A1D000
|
direct allocation
|
page read and write
|
||
|
42AA000
|
direct allocation
|
page read and write
|
||
|
4DA8000
|
direct allocation
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
4E21000
|
direct allocation
|
page read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
2E8A000
|
heap
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
4E28000
|
direct allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
42CF000
|
direct allocation
|
page read and write
|
||
|
32AA000
|
heap
|
page read and write
|
||
|
4ED4000
|
direct allocation
|
page read and write
|
||
|
47C6000
|
direct allocation
|
page read and write
|
||
|
4E1A000
|
direct allocation
|
page read and write
|
||
|
4AD2000
|
direct allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
4EE8000
|
direct allocation
|
page read and write
|
||
|
284F000
|
stack
|
page read and write
|
||
|
4B03000
|
direct allocation
|
page read and write
|
||
|
4308000
|
direct allocation
|
page read and write
|
||
|
27BF000
|
stack
|
page read and write
|
||
|
329F000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
4451000
|
direct allocation
|
page read and write
|
||
|
484A000
|
direct allocation
|
page read and write
|
||
|
4E28000
|
direct allocation
|
page read and write
|
||
|
41DA000
|
direct allocation
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
4EC1000
|
direct allocation
|
page read and write
|
||
|
511000
|
unkown
|
page read and write
|
||
|
4AFC000
|
direct allocation
|
page read and write
|
||
|
4B2A000
|
direct allocation
|
page read and write
|
||
|
4571000
|
direct allocation
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
47A8000
|
direct allocation
|
page read and write
|
||
|
3590000
|
heap
|
page read and write
|
||
|
483C000
|
direct allocation
|
page read and write
|
||
|
2A3B000
|
stack
|
page read and write
|
||
|
4B61000
|
direct allocation
|
page read and write
|
||
|
4A24000
|
direct allocation
|
page read and write
|
||
|
444A000
|
direct allocation
|
page read and write
|
||
|
48A3000
|
direct allocation
|
page read and write
|
||
|
334F000
|
stack
|
page read and write
|
||
|
4B5A000
|
direct allocation
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
2CEF000
|
stack
|
page read and write
|
||
|
4DC6000
|
direct allocation
|
page read and write
|
||
|
4DDC000
|
direct allocation
|
page read and write
|
||
|
4DD8000
|
direct allocation
|
page read and write
|
||
|
2EFD000
|
stack
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
4F03000
|
direct allocation
|
page read and write
|
||
|
489C000
|
direct allocation
|
page read and write
|
||
|
2EEA000
|
heap
|
page read and write
|
||
|
4F2A000
|
direct allocation
|
page read and write
|
||
|
4EF1000
|
direct allocation
|
page read and write
|
||
|
23FE000
|
stack
|
page read and write
|
||
|
4731000
|
direct allocation
|
page read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
4D98000
|
direct allocation
|
page read and write
|
||
|
21EB000
|
stack
|
page read and write
|
||
|
4276000
|
direct allocation
|
page read and write
|
||
|
4792000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
4ED2000
|
direct allocation
|
page read and write
|
||
|
51D000
|
unkown
|
page read and write
|
||
|
234B000
|
stack
|
page read and write
|
||
|
4D7E000
|
stack
|
page read and write
|
||
|
2E03000
|
direct allocation
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
4B0D000
|
direct allocation
|
page read and write
|
||
|
4E12000
|
direct allocation
|
page read and write
|
||
|
4D3F000
|
direct allocation
|
page read and write
|
||
|
4D46000
|
direct allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
275E000
|
stack
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
4F06000
|
direct allocation
|
page read and write
|
||
|
23EB000
|
stack
|
page read and write
|
||
|
48B1000
|
direct allocation
|
page read and write
|
||
|
4A0F000
|
direct allocation
|
page read and write
|
||
|
42EC000
|
direct allocation
|
page read and write
|
||
|
513000
|
unkown
|
page write copy
|
||
|
2DC8000
|
direct allocation
|
page read and write
|
||
|
4DEA000
|
direct allocation
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
4EFF000
|
direct allocation
|
page read and write
|
||
|
4E04000
|
direct allocation
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
4EA8000
|
direct allocation
|
page read and write
|
||
|
4B58000
|
direct allocation
|
page read and write
|
||
|
289A000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
325B000
|
stack
|
page read and write
|
||
|
4B4A000
|
direct allocation
|
page read and write
|
||
|
46DA000
|
direct allocation
|
page read and write
|
||
|
485A000
|
direct allocation
|
page read and write
|
||
|
4EE8000
|
direct allocation
|
page read and write
|
||
|
4DCD000
|
direct allocation
|
page read and write
|
||
|
4808000
|
direct allocation
|
page read and write
|
||
|
522000
|
unkown
|
page readonly
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
4EBA000
|
direct allocation
|
page read and write
|
||
|
521000
|
unkown
|
page read and write
|
||
|
2DDF000
|
direct allocation
|
page read and write
|
||
|
25DB000
|
stack
|
page read and write
|
||
|
4EF4000
|
direct allocation
|
page read and write
|
||
|
49E2000
|
direct allocation
|
page read and write
|
||
|
4DAF000
|
direct allocation
|
page read and write
|
||
|
472A000
|
direct allocation
|
page read and write
|
||
|
4D2E000
|
stack
|
page read and write
|
||
|
4EFD000
|
direct allocation
|
page read and write
|
||
|
243C000
|
stack
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
4DCD000
|
direct allocation
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
4B43000
|
direct allocation
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
518000
|
unkown
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
2DE6000
|
direct allocation
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
477D000
|
direct allocation
|
page read and write
|
||
|
43DD000
|
direct allocation
|
page read and write
|
||
|
43B8000
|
direct allocation
|
page read and write
|
||
|
229B000
|
stack
|
page read and write
|
||
|
4DC4000
|
direct allocation
|
page read and write
|
||
|
4B0A000
|
direct allocation
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
4DE3000
|
direct allocation
|
page read and write
|
||
|
4A16000
|
direct allocation
|
page read and write
|
||
|
49DF000
|
stack
|
page read and write
|
||
|
4B38000
|
direct allocation
|
page read and write
|
||
|
2FAB000
|
stack
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
2D7A000
|
heap
|
page read and write
|
||
|
51F000
|
unkown
|
page read and write
|
||
|
4E46000
|
direct allocation
|
page read and write
|
||
|
2FAB000
|
stack
|
page read and write
|
||
|
4ADA000
|
direct allocation
|
page read and write
|
||
|
477F000
|
stack
|
page read and write
|
||
|
4E3F000
|
direct allocation
|
page read and write
|
||
|
487F000
|
direct allocation
|
page read and write
|
||
|
4D7F000
|
stack
|
page read and write
|
||
|
41D2000
|
direct allocation
|
page read and write
|
||
|
2E3C000
|
stack
|
page read and write
|
||
|
43FA000
|
direct allocation
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
4231000
|
direct allocation
|
page read and write
|
||
|
4751000
|
direct allocation
|
page read and write
|
||
|
4ED1000
|
direct allocation
|
page read and write
|
||
|
4DEF000
|
stack
|
page read and write
|
||
|
448C000
|
direct allocation
|
page read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
2DDA000
|
heap
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
4D9A000
|
direct allocation
|
page read and write
|
||
|
438D000
|
direct allocation
|
page read and write
|
||
|
4B01000
|
direct allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
44DA000
|
direct allocation
|
page read and write
|
||
|
4352000
|
direct allocation
|
page read and write
|
||
|
47BF000
|
direct allocation
|
page read and write
|
||
|
4D1A000
|
direct allocation
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
4878000
|
direct allocation
|
page read and write
|
||
|
449A000
|
direct allocation
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
4E71000
|
direct allocation
|
page read and write
|
||
|
243C000
|
stack
|
page read and write
|
||
|
4758000
|
direct allocation
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
43B1000
|
direct allocation
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
4A1F000
|
stack
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
4EA1000
|
direct allocation
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
4F11000
|
direct allocation
|
page read and write
|
||
|
4EB2000
|
direct allocation
|
page read and write
|
||
|
47F1000
|
direct allocation
|
page read and write
|
||
|
4DF6000
|
direct allocation
|
page read and write
|
||
|
35F0000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
4EDF000
|
direct allocation
|
page read and write
|
||
|
285E000
|
stack
|
page read and write
|
||
|
4894000
|
direct allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
522000
|
unkown
|
page readonly
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
4CAF000
|
stack
|
page read and write
|
||
|
42E4000
|
direct allocation
|
page read and write
|
||
|
4B31000
|
direct allocation
|
page read and write
|
||
|
43D6000
|
direct allocation
|
page read and write
|
||
|
4DE1000
|
direct allocation
|
page read and write
|
||
|
4B18000
|
direct allocation
|
page read and write
|
||
|
32DE000
|
stack
|
page read and write
|
||
|
4834000
|
direct allocation
|
page read and write
|
||
|
27DF000
|
stack
|
page read and write
|
||
|
43C8000
|
direct allocation
|
page read and write
|
||
|
48BF000
|
stack
|
page read and write
|
||
|
4F1A000
|
direct allocation
|
page read and write
|
||
|
4F21000
|
direct allocation
|
page read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
479A000
|
direct allocation
|
page read and write
|
||
|
4714000
|
direct allocation
|
page read and write
|
||
|
35EE000
|
stack
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
4826000
|
direct allocation
|
page read and write
|
||
|
432E000
|
stack
|
page read and write
|
||
|
510000
|
unkown
|
page write copy
|
||
|
4DD4000
|
direct allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
4A48000
|
direct allocation
|
page read and write
|
||
|
4D12000
|
direct allocation
|
page read and write
|
||
|
305B000
|
stack
|
page read and write
|
||
|
45B3000
|
direct allocation
|
page read and write
|
||
|
4A33000
|
direct allocation
|
page read and write
|
||
|
4E21000
|
direct allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
4F1C000
|
direct allocation
|
page read and write
|
||
|
4B23000
|
direct allocation
|
page read and write
|
||
|
43A3000
|
direct allocation
|
page read and write
|
||
|
4F0D000
|
direct allocation
|
page read and write
|
||
|
510000
|
unkown
|
page write copy
|
||
|
426F000
|
direct allocation
|
page read and write
|
||
|
47B8000
|
direct allocation
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
327C000
|
stack
|
page read and write
|
||
|
2CBB000
|
stack
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
2A8B000
|
stack
|
page read and write
|
||
|
275F000
|
stack
|
page read and write
|
||
|
47F2000
|
direct allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
4A2C000
|
direct allocation
|
page read and write
|
||
|
4F04000
|
direct allocation
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
4D5C000
|
direct allocation
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
4EE3000
|
direct allocation
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
4D3E000
|
stack
|
page read and write
|
||
|
50F0000
|
heap
|
page read and write
|
||
|
4493000
|
direct allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
499E000
|
stack
|
page read and write
|
||
|
237C000
|
stack
|
page read and write
|
||
|
4780000
|
heap
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
4960000
|
heap
|
page read and write
|
||
|
2F6B000
|
stack
|
page read and write
|
||
|
470D000
|
direct allocation
|
page read and write
|
||
|
271E000
|
stack
|
page read and write
|
||
|
4AFF000
|
direct allocation
|
page read and write
|
||
|
4B14000
|
direct allocation
|
page read and write
|
||
|
44A8000
|
direct allocation
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
4DDC000
|
direct allocation
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
4360000
|
heap
|
page read and write
|
||
|
35FA000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
4DA1000
|
direct allocation
|
page read and write
|
||
|
4E5C000
|
direct allocation
|
page read and write
|
||
|
238C000
|
stack
|
page read and write
|
||
|
4ABA000
|
direct allocation
|
page read and write
|
||
|
4818000
|
direct allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
43EC000
|
direct allocation
|
page read and write
|
||
|
446F000
|
direct allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
255A000
|
heap
|
page read and write
|
||
|
21DB000
|
stack
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
4DBD000
|
direct allocation
|
page read and write
|
||
|
45FF000
|
stack
|
page read and write
|
||
|
50F000
|
unkown
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
4DF8000
|
direct allocation
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
51F000
|
unkown
|
page read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
49DE000
|
stack
|
page read and write
|
||
|
2A5A000
|
heap
|
page read and write
|
||
|
518000
|
unkown
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
4578000
|
direct allocation
|
page read and write
|
||
|
2DD8000
|
direct allocation
|
page read and write
|
||
|
331F000
|
stack
|
page read and write
|
||
|
4AC1000
|
direct allocation
|
page read and write
|
||
|
48CD000
|
stack
|
page read and write
|
||
|
4E6A000
|
direct allocation
|
page read and write
|
||
|
4E13000
|
direct allocation
|
page read and write
|
||
|
2DC1000
|
direct allocation
|
page read and write
|
||
|
36DE000
|
stack
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
511000
|
unkown
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
4861000
|
direct allocation
|
page read and write
|
||
|
50F000
|
unkown
|
page read and write
|
||
|
513000
|
unkown
|
page write copy
|
||
|
4784000
|
direct allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
481F000
|
direct allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
4BAA000
|
direct allocation
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
46FF000
|
direct allocation
|
page read and write
|
||
|
4408000
|
direct allocation
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
4851000
|
direct allocation
|
page read and write
|
||
|
4DB8000
|
direct allocation
|
page read and write
|
||
|
4B8D000
|
direct allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
49FF000
|
stack
|
page read and write
|
||
|
45C8000
|
direct allocation
|
page read and write
|
||
|
4AF2000
|
direct allocation
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
4E4D000
|
direct allocation
|
page read and write
|
||
|
4793000
|
direct allocation
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
2E3B000
|
stack
|
page read and write
|
||
|
247A000
|
heap
|
page read and write
|
||
|
3550000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
4DC2000
|
direct allocation
|
page read and write
|
||
|
233B000
|
stack
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
2DBA000
|
direct allocation
|
page read and write
|
||
|
4DE8000
|
direct allocation
|
page read and write
|
||
|
4ED8000
|
direct allocation
|
page read and write
|
||
|
4B52000
|
direct allocation
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
521000
|
unkown
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
4742000
|
direct allocation
|
page read and write
|
||
|
4B34000
|
direct allocation
|
page read and write
|
||
|
41CF000
|
stack
|
page read and write
|
||
|
4C3F000
|
stack
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
45A4000
|
direct allocation
|
page read and write
|
||
|
4BB8000
|
direct allocation
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
4B06000
|
direct allocation
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
44D3000
|
direct allocation
|
page read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
4E0C000
|
direct allocation
|
page read and write
|
||
|
283F000
|
stack
|
page read and write
|
||
|
4DD1000
|
direct allocation
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
4801000
|
direct allocation
|
page read and write
|
||
|
4EB8000
|
direct allocation
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
488D000
|
direct allocation
|
page read and write
|
||
|
4251000
|
direct allocation
|
page read and write
|
||
|
4F31000
|
direct allocation
|
page read and write
|
||
|
47FA000
|
direct allocation
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
4EC2000
|
direct allocation
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
35E0000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
43F3000
|
direct allocation
|
page read and write
|
||
|
2E11000
|
direct allocation
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
334A000
|
heap
|
page read and write
|
||
|
4F38000
|
direct allocation
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
4AC8000
|
direct allocation
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
4B1F000
|
direct allocation
|
page read and write
|
||
|
51D000
|
unkown
|
page read and write
|
||
|
4ADF000
|
direct allocation
|
page read and write
|
||
|
435A000
|
direct allocation
|
page read and write
|
||
|
42F3000
|
direct allocation
|
page read and write
|
||
|
4DB8000
|
direct allocation
|
page read and write
|
||
|
4D21000
|
direct allocation
|
page read and write
|
||
|
4AFA000
|
direct allocation
|
page read and write
|
||
|
46D0000
|
heap
|
page read and write
|
||
|
48AA000
|
direct allocation
|
page read and write
|
||
|
303A000
|
heap
|
page read and write
|
||
|
2E3B000
|
stack
|
page read and write
|
||
|
323B000
|
stack
|
page read and write
|
||
|
F7C000
|
stack
|
page read and write
|
||
|
309C000
|
stack
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
2B6B000
|
stack
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
4562000
|
direct allocation
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
4293000
|
direct allocation
|
page read and write
|
||
|
4DE3000
|
direct allocation
|
page read and write
|
||
|
47F8000
|
direct allocation
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
4ECD000
|
direct allocation
|
page read and write
|
||
|
33FA000
|
heap
|
page read and write
|
||
|
46F8000
|
direct allocation
|
page read and write
|
||
|
4DC6000
|
direct allocation
|
page read and write
|
||
|
4F0A000
|
direct allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
2ACC000
|
stack
|
page read and write
|
||
|
49F1000
|
direct allocation
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
338A000
|
heap
|
page read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
458F000
|
direct allocation
|
page read and write
|
||
|
4EFC000
|
direct allocation
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
4DDF000
|
stack
|
page read and write
|
||
|
2EFA000
|
heap
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
There are 819 hidden memdumps, click here to show them.