Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
h879iieoae.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Windows\SysWOW64\Accicdme.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ahhhnd32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ajikgq32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ajkolbad.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Akghbg32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Baagdk32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bdlhdkdf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bgamkfnl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bgibkegc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bmlhnnne.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bnnampcf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bnpnbp32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bpghkh32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bqjacldl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Camgpi32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ccapffke.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ceampi32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cfnpmb32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Chfnmf32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ckaenpam.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Clqdacnn.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cnjaioih.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dfcboo32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dmfdkj32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dnhmjm32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Edgbhcim.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Efgkjnfn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ekpjke32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ekpkmk32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Emogai32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Eoappk32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Fcjdhk32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Fehgpcld.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Feidnc32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Fhedeo32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Fkdfmkhi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Fkogfkdj.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Flhljo32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Foaigifk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Foelkeee.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Gfdcflnh.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ggmnlk32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hdgplo32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hjanmb32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hjdhea32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hjjfnehb.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ibbpip32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ibigijoc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Iemjhp32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ipqipqal.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jcofqqkm.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Windows\SysWOW64\Jdackq32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jgemldcp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kfnpbj32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Khlnhl32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Lbfpda32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Lfcadoap.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Lfjejf32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ligdce32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mfdadc32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nejhbi32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nejhbi32.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Njaakj32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oceoll32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Odekfoij.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oeanchcn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ogjdllpi.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oglabl32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ojacofgb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Olijjb32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Onkcje32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Opbieagi.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pdkggn32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pdmohf32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pfgpqb32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pkjmee32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Plbmqa32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Plgflqpn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ppllkpoo.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pqeoao32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Qgcpihjl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
There are 72 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\h879iieoae.exe
|
"C:\Users\user\Desktop\h879iieoae.exe"
|
|
|
|
C:\Windows\SysWOW64\Nejhbi32.exe
|
C:\Windows\system32\Nejhbi32.exe
|
|
|
|
C:\Windows\SysWOW64\Ogjdllpi.exe
|
C:\Windows\system32\Ogjdllpi.exe
|
|
|
|
C:\Windows\SysWOW64\Opbieagi.exe
|
C:\Windows\system32\Opbieagi.exe
|
|
|
|
C:\Windows\SysWOW64\Oglabl32.exe
|
C:\Windows\system32\Oglabl32.exe
|
|
|
|
C:\Windows\SysWOW64\Olijjb32.exe
|
C:\Windows\system32\Olijjb32.exe
|
|
|
|
C:\Windows\SysWOW64\Oeanchcn.exe
|
C:\Windows\system32\Oeanchcn.exe
|
|
|
|
C:\Windows\SysWOW64\Oceoll32.exe
|
C:\Windows\system32\Oceoll32.exe
|
|
|
|
C:\Windows\SysWOW64\Onkcje32.exe
|
C:\Windows\system32\Onkcje32.exe
|
|
|
|
C:\Windows\SysWOW64\Odekfoij.exe
|
C:\Windows\system32\Odekfoij.exe
|
|
|
|
C:\Windows\SysWOW64\Ojacofgb.exe
|
C:\Windows\system32\Ojacofgb.exe
|
|
|
|
C:\Windows\SysWOW64\Ppllkpoo.exe
|
C:\Windows\system32\Ppllkpoo.exe
|
|
|
|
C:\Windows\SysWOW64\Plbmqa32.exe
|
C:\Windows\system32\Plbmqa32.exe
|
|
|
|
C:\Windows\SysWOW64\Plgflqpn.exe
|
C:\Windows\system32\Plgflqpn.exe
|
|
|
|
C:\Windows\SysWOW64\Pqeoao32.exe
|
C:\Windows\system32\Pqeoao32.exe
|
|
|
|
C:\Windows\SysWOW64\Qgcpihjl.exe
|
C:\Windows\system32\Qgcpihjl.exe
|
|
|
|
C:\Windows\SysWOW64\Ajkolbad.exe
|
C:\Windows\system32\Ajkolbad.exe
|
|
|
|
C:\Windows\SysWOW64\Bmlhnnne.exe
|
C:\Windows\system32\Bmlhnnne.exe
|
|
|
|
C:\Windows\SysWOW64\Bgamkfnl.exe
|
C:\Windows\system32\Bgamkfnl.exe
|
|
|
|
C:\Windows\SysWOW64\Bqjacldl.exe
|
C:\Windows\system32\Bqjacldl.exe
|
|
|
|
C:\Windows\SysWOW64\Bnnampcf.exe
|
C:\Windows\system32\Bnnampcf.exe
|
|
|
|
C:\Windows\SysWOW64\Bnpnbp32.exe
|
C:\Windows\system32\Bnpnbp32.exe
|
|
|
|
C:\Windows\SysWOW64\Bgibkegc.exe
|
C:\Windows\system32\Bgibkegc.exe
|
|
|
|
C:\Windows\SysWOW64\Baagdk32.exe
|
C:\Windows\system32\Baagdk32.exe
|
|
|
|
C:\Windows\SysWOW64\Cfnpmb32.exe
|
C:\Windows\system32\Cfnpmb32.exe
|
|
|
|
C:\Windows\SysWOW64\Ccapffke.exe
|
C:\Windows\system32\Ccapffke.exe
|
|
|
|
C:\Windows\SysWOW64\Ceampi32.exe
|
C:\Windows\system32\Ceampi32.exe
|
|
|
|
C:\Windows\SysWOW64\Cnjaioih.exe
|
C:\Windows\system32\Cnjaioih.exe
|
|
|
|
C:\Windows\SysWOW64\Camgpi32.exe
|
C:\Windows\system32\Camgpi32.exe
|
|
|
|
C:\Windows\SysWOW64\Dmfdkj32.exe
|
C:\Windows\system32\Dmfdkj32.exe
|
|
|
|
C:\Windows\SysWOW64\Dnhmjm32.exe
|
C:\Windows\system32\Dnhmjm32.exe
|
|
|
|
C:\Windows\SysWOW64\Dfcboo32.exe
|
C:\Windows\system32\Dfcboo32.exe
|
|
|
|
C:\Windows\SysWOW64\Edgbhcim.exe
|
C:\Windows\system32\Edgbhcim.exe
|
|
|
|
C:\Windows\SysWOW64\Emogai32.exe
|
C:\Windows\system32\Emogai32.exe
|
|
|
|
C:\Windows\SysWOW64\Efgkjnfn.exe
|
C:\Windows\system32\Efgkjnfn.exe
|
|
|
|
C:\Windows\SysWOW64\Eoappk32.exe
|
C:\Windows\system32\Eoappk32.exe
|
|
|
|
C:\Windows\SysWOW64\Fkogfkdj.exe
|
C:\Windows\system32\Fkogfkdj.exe
|
|
|
|
C:\Windows\SysWOW64\Fhedeo32.exe
|
C:\Windows\system32\Fhedeo32.exe
|
|
|
|
C:\Windows\SysWOW64\Feidnc32.exe
|
C:\Windows\system32\Feidnc32.exe
|
|
|
|
C:\Windows\SysWOW64\Foaigifk.exe
|
C:\Windows\system32\Foaigifk.exe
|
|
There are 30 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://tat-neftbank.ru/kkq.phphttp://tat-neftbank.ru/wcmd.htmSoftware
|
unknown
|
||
|
http://oracle.com/contracts.
|
unknown
|
||
|
http://tat-neftbank.ru/wcmd.htm
|
unknown
|
||
|
http://tat-neftbank.ru/kkq.php
|
unknown
|
||
|
http://www.oracle.com/education/oln.
|
unknown
|
||
|
http://oracle.com/contracts
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
|
Web Event Logger
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
42A000
|
unkown
|
page read and write
|
|
|
|
2210000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
218F000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
516000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5BF000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
6AE000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
53A000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
45E000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
707000
|
heap
|
page read and write
|
||
|
636000
|
heap
|
page read and write
|
||
|
4C7000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
438000
|
unkown
|
page readonly
|
||
|
69E000
|
heap
|
page read and write
|
||
|
527000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
69A000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
616000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
550000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
45A000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
736000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
436000
|
unkown
|
page execute read
|
||
|
590000
|
heap
|
page read and write
|
||
|
635000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
717000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
48E000
|
stack
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
59E000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
19D000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
4FE000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
438000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
67E000
|
stack
|
page read and write
|
||
|
74E000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
450000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
740000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
53E000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
5EE000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
520000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
5AE000
|
heap
|
page read and write
|
||
|
527000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
19D000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
209F000
|
stack
|
page read and write
|
||
|
45A000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
507000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
476000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
1F5E000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
62E000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
466000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
5CF000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
520000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
506000
|
heap
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
717000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
496000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
556000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
560000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
477000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
438000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
438000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
647000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
6FF000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
707000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
78A000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
61A000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
47A000
|
heap
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
47E000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
51E000
|
stack
|
page read and write
|
||
|
1F80000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
660000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
8EF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
506000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
438000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
580000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
67A000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
470000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
76E000
|
heap
|
page read and write
|
||
|
59A000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
706000
|
heap
|
page read and write
|
||
|
67E000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
19D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
2170000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
438000
|
unkown
|
page readonly
|
||
|
71A000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
716000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
2090000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
556000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
5FF000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
60F000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
436000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
2220000
|
heap
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
570000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
765000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
520000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
208F000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
716000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
616000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
496000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
7AA000
|
heap
|
page read and write
|
||
|
5B6000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6CE000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
660000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2010000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
6BF000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
44E000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
710000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
500000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
520000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
527000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
211F000
|
stack
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2270000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
7AE000
|
heap
|
page read and write
|
||
|
71A000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
500000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
61E000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
5FE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
496000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
450000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
2210000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
5EA000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
67E000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2290000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
738000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
53A000
|
heap
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
19D000
|
stack
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
4EA000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
53E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
636000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
726000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
438000
|
unkown
|
page readonly
|
||
|
7A6000
|
heap
|
page read and write
|
||
|
5D7000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
570000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
726000
|
heap
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
77F000
|
stack
|
page read and write
|
||
|
647000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
5D7000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
606000
|
heap
|
page read and write
|
||
|
51F000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
53E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
5FA000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
520000
|
heap
|
page read and write
|
||
|
557000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2130000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
2150000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
696000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
2210000
|
heap
|
page read and write
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
44A000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
74A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
736000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
516000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
610000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
556000
|
heap
|
page read and write
|
||
|
2150000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
706000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
4C7000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
47A000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
6B7000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
45E000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
476000
|
heap
|
page read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
500000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
670000
|
heap
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
47E000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
76A000
|
heap
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
4FA000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
19D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
5B6000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
2120000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
556000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
436000
|
unkown
|
page execute read
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
620000
|
heap
|
page read and write
|
||
|
467000
|
heap
|
page read and write
|
||
|
70A000
|
heap
|
page read and write
|
||
|
45F000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
2110000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
53A000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
780000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5AF000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
4DE000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42A000
|
unkown
|
page write copy
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
4EA000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
50A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
62A000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
555000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
438000
|
unkown
|
page readonly
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page execute read
|
||
|
2180000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
There are 1027 hidden memdumps, click here to show them.