Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
oZ3vtWXObB.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\u3w5\ast.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\astclient.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\astrct.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\aw_sas32.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\hatls.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-02JO0.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-0I1DI.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-16M5V.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-4DKN3.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-9P1JU.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-HTIEL.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-J00N2.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-JTK9U.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-L5V14.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-QB9RB.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-T74LT.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-TI6M0.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-U37IG.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-U4T29.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\is-V6G0T.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\libcrypto-1_1.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\libcryptoMD.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\libcurl.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\libeay32.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\libjpeg-turbo-win.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\libssl-1_1.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\opus.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\quartz.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\u3w5\unins000.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\AstCrp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\ast.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\astclient.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\astrct.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\aw_sas32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\hatls.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\libcrypto-1_1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\libcryptoMD.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\libcurl.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\libeay32.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\libjpeg-turbo-win.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\libssl-1_1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\opus.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\is\quartz.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\is-30F0I.tmp\oZ3vtWXObB.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-7K2HG.tmp\_isetup\_iscrypt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-7K2HG.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-GEEHR.tmp\oZ3vtWXObB.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-J9P8D.tmp\_isetup\_iscrypt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-J9P8D.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\6nnnc.bmp (copy)
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 304x165, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\AstCrp.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\config.ini (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\dsm7v.cfg (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\is-6KVQP.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\is-CH79V.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\is-EHIT0.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\is-L5GBL.tmp
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 304x165, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\u3w5\msvcr120.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\is\6nnnc.bmp
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 304x165, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\is\config.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\is\dsm7v.cfg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\is\msvcr120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 53 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\oZ3vtWXObB.exe
|
"C:\Users\user\Desktop\oZ3vtWXObB.exe"
|
|
|
|
C:\Users\user\Desktop\oZ3vtWXObB.exe
|
"C:\Users\user\Desktop\oZ3vtWXObB.exe" /verysilent /password=6s7w4
|
|
|
|
C:\Users\user\AppData\Roaming\is\ast.exe
|
"C:\Users\user\AppData\Roaming\is\ast.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\is\ast.exe
|
"C:\Users\user\AppData\Roaming\is\ast.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\is\ast.exe
|
"C:\Users\user\AppData\Roaming\is\ast.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\is-GEEHR.tmp\oZ3vtWXObB.tmp
|
"C:\Users\user\AppData\Local\Temp\is-GEEHR.tmp\oZ3vtWXObB.tmp" /SL5="$10408,7132714,832512,C:\Users\user\Desktop\oZ3vtWXObB.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\is-30F0I.tmp\oZ3vtWXObB.tmp
|
"C:\Users\user\AppData\Local\Temp\is-30F0I.tmp\oZ3vtWXObB.tmp" /SL5="$20416,7132714,832512,C:\Users\user\Desktop\oZ3vtWXObB.exe"
/verysilent /password=6s7w4
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /C ""C:\Users\user\AppData\Local\Temp\u3w5\rbxsdlx.bat""
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\xcopy.exe
|
xcopy /Y /I /S "C:\Users\user\AppData\Local\Temp\u3w5\*" "C:\Users\user\AppData\Roaming\is\"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.openssl.org/support/faq.html....................rbwb.rndC:HOMERANDFILEPRNG
|
unknown
|
||
|
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
http://www.borland.com/namespaces/TypesM
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/Nhttp://www.borland.com/namespaces/Types
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://www.openssl.org/V
|
unknown
|
||
|
https://id.xn--80akicokc0aa
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aidllb/y
|
unknown
|
||
|
http://crl.sectigo.com/COMODOTimeStampingCA_2.crl0r
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aiI
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aixe03
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/xe
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aiE
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0#
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html#
|
unknown
|
||
|
http://www.openssl.org/support/faq.html
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443RW
|
unknown
|
||
|
https://datatracker.ietf.org/ipr/1526/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:44335-
|
unknown
|
||
|
http://www.borland.com/namespaces/Types
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:44335/api/exec
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443rO
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443uIz
|
unknown
|
||
|
https://sectigo.com/CPS0B
|
unknown
|
||
|
https://www.remobjects.com/ps
|
unknown
|
||
|
https://curl.haxx.se/docs/copyright.htmlD
|
unknown
|
||
|
https://curl.haxx.se/V
|
unknown
|
||
|
https://datatracker.ietf.org/ipr/1914/
|
unknown
|
||
|
https://www.innosetup.com/
|
unknown
|
||
|
https://sectigo.com/CPS0C
|
unknown
|
||
|
https://sectigo.com/CPS0D
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443/Log
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:4433
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ainke
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:4432
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai03
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesd
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443...
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai1
|
unknown
|
||
|
http://crt.sectigo.com/COMODOTimeStampingCA_2.crt0#
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai00
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aillQ/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aillU
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://www.openssl.org/docs/faq.html
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443/api/exec
|
212.193.169.65
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ar
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai
|
unknown
|
||
|
http://www.borland.com/namespaces/Typescrypto
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:44335...
|
unknown
|
||
|
https://id.xn--80akico
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443nA
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aidll
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s
|
unknown
|
||
|
https://id.xn-
|
unknown
|
||
|
http://www.borland.com/namespaces/Typeswuu
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:44335
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443...43
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443/tClnstCln
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aills
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aiU
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://www.borland.com/namespaces/Types6
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesuntime
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443SI
|
unknown
|
||
|
https://id.xn--80akicokc0aablcZ
|
unknown
|
||
|
https://datatracker.ietf.org/ipr/1524/
|
unknown
|
||
|
https://www.openssl.org/H
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aid003
|
unknown
|
||
|
https://id.xn--80a
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ainkEx
|
unknown
|
||
|
http://crypto-st.art/update.php
|
unknown
|
||
|
https://id.xn--80akicokc0aaP
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443n
|
unknown
|
||
|
http://www.openssl.org/)
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesx6
|
unknown
|
||
|
http://www.borland.com/namespaces/Types%
|
unknown
|
||
|
http://www.borland.com/namespaces/Types_9
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1airq
|
unknown
|
There are 75 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
id.xn--80akicokc0aablc.xn--p1ai
|
212.193.169.65
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
212.193.169.65
|
id.xn--80akicokc0aablc.xn--p1ai
|
Russian Federation
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
Inno Setup: Setup Version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
Inno Setup: App Path
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
InstallLocation
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
Inno Setup: Icon Group
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
Inno Setup: User
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
Inno Setup: Language
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
DisplayName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
UninstallString
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
QuietUninstallString
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
NoModify
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
NoRepair
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
InstallDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
EstimatedSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
Inno Setup CodeFile: Name
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
Inno Setup CodeFile: UsageMode
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\folder_is1
|
Inno Setup CodeFile: DataDir
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.FixPass
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Main.Autorun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Main.CloseButtonOperation
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Main.CheckUpdates
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.UseLocalSecuritySettings
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.DynPassKind
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.PassLifetime
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.CanWinAuth
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.AccessKind
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.CanWinLoginAnotherUser
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.UNCONTROLLED_ACCESS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.CanWinLoginNotAdmin
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.DenyRemoteSettingsControl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Security.DenyLockControls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Log.ServerStoreTechLog
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Main.AWAYMODE_REQUIRED
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Main.LogsLifetime
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Main.LogsForMail2Support
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
ProxySettings.UseKind
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
ProxySettings.StoreUserAndPassw
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
|
act
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
Values.HDD
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
IEProxyAttributes.Server
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
IEProxyAttributes.Port
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SS
|
IEProxyAttributes.ProxyBypass
|
There are 39 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
401000
|
unkown
|
page execute read
|
|
|
|
19A000
|
stack
|
page read and write
|
||
|
4B7000
|
unkown
|
page read and write
|
||
|
2353000
|
direct allocation
|
page read and write
|
||
|
302C000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
34D2000
|
direct allocation
|
page read and write
|
||
|
6C943000
|
unkown
|
page read and write
|
||
|
5FDE000
|
stack
|
page read and write
|
||
|
AFE000
|
direct allocation
|
page read and write
|
||
|
660F000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2986000
|
heap
|
page read and write
|
||
|
6C3A8000
|
unkown
|
page write copy
|
||
|
910000
|
heap
|
page read and write
|
||
|
6D0F0000
|
unkown
|
page readonly
|
||
|
23EE000
|
stack
|
page read and write
|
||
|
2DBF000
|
direct allocation
|
page read and write
|
||
|
718F000
|
stack
|
page read and write
|
||
|
33F3000
|
direct allocation
|
page read and write
|
||
|
3129000
|
direct allocation
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
3049000
|
direct allocation
|
page read and write
|
||
|
6C737000
|
unkown
|
page execute read
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
6C947000
|
unkown
|
page readonly
|
||
|
A29000
|
direct allocation
|
page read and write
|
||
|
2D65000
|
direct allocation
|
page read and write
|
||
|
6FC61000
|
unkown
|
page readonly
|
||
|
3413000
|
direct allocation
|
page read and write
|
||
|
2DDC000
|
direct allocation
|
page read and write
|
||
|
3087000
|
direct allocation
|
page read and write
|
||
|
AC6000
|
direct allocation
|
page read and write
|
||
|
34BE000
|
direct allocation
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
C27000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6D4B9000
|
unkown
|
page readonly
|
||
|
42A0000
|
direct allocation
|
page read and write
|
||
|
3111000
|
direct allocation
|
page read and write
|
||
|
30A5000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
43A6000
|
direct allocation
|
page read and write
|
||
|
436A000
|
direct allocation
|
page read and write
|
||
|
24CC000
|
direct allocation
|
page read and write
|
||
|
2FDD000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
DF9000
|
heap
|
page read and write
|
||
|
77B0000
|
heap
|
page read and write
|
||
|
8D9000
|
unkown
|
page read and write
|
||
|
8BB000
|
unkown
|
page read and write
|
||
|
3D8D000
|
stack
|
page read and write
|
||
|
351B000
|
direct allocation
|
page read and write
|
||
|
359F000
|
stack
|
page read and write
|
||
|
7FD90000
|
direct allocation
|
page read and write
|
||
|
2F97000
|
direct allocation
|
page read and write
|
||
|
5BF4000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
2D11000
|
heap
|
page read and write
|
||
|
2FBD000
|
direct allocation
|
page read and write
|
||
|
B3D000
|
direct allocation
|
page read and write
|
||
|
2EFC000
|
direct allocation
|
page read and write
|
||
|
2FF0000
|
direct allocation
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
334E000
|
stack
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
6D23E000
|
unkown
|
page readonly
|
||
|
34BC000
|
direct allocation
|
page read and write
|
||
|
34E8000
|
direct allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
A4E000
|
direct allocation
|
page read and write
|
||
|
2911000
|
heap
|
page read and write
|
||
|
5BF4000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
7083000
|
unkown
|
page execute and write copy
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
2EE6000
|
direct allocation
|
page read and write
|
||
|
3126000
|
direct allocation
|
page read and write
|
||
|
2513000
|
direct allocation
|
page read and write
|
||
|
303B000
|
direct allocation
|
page read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
3545000
|
direct allocation
|
page read and write
|
||
|
619D000
|
stack
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
6FC63000
|
unkown
|
page readonly
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
3480000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
6D4B6000
|
unkown
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
A37000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
42DA000
|
direct allocation
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
2EBB000
|
direct allocation
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
61E01000
|
unkown
|
page execute read
|
||
|
4395000
|
direct allocation
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
26D3000
|
heap
|
page read and write
|
||
|
473E000
|
direct allocation
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
25CD000
|
direct allocation
|
page read and write
|
||
|
2EFC000
|
direct allocation
|
page read and write
|
||
|
5C10000
|
heap
|
page read and write
|
||
|
61E9D000
|
unkown
|
page read and write
|
||
|
8BF000
|
unkown
|
page read and write
|
||
|
6DD000
|
unkown
|
page readonly
|
||
|
5F9D000
|
stack
|
page read and write
|
||
|
2E9C000
|
direct allocation
|
page read and write
|
||
|
AA6000
|
direct allocation
|
page read and write
|
||
|
93A000
|
unkown
|
page read and write
|
||
|
C17000
|
heap
|
page read and write
|
||
|
3558000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
35A9000
|
direct allocation
|
page read and write
|
||
|
92A000
|
unkown
|
page read and write
|
||
|
25DC000
|
direct allocation
|
page read and write
|
||
|
7AF000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
26F8000
|
heap
|
page read and write
|
||
|
6D430000
|
unkown
|
page readonly
|
||
|
2F64000
|
direct allocation
|
page read and write
|
||
|
36AE000
|
stack
|
page read and write
|
||
|
3E8E000
|
stack
|
page read and write
|
||
|
5BC2000
|
heap
|
page read and write
|
||
|
5B79000
|
heap
|
page read and write
|
||
|
61EA1000
|
unkown
|
page readonly
|
||
|
34AE000
|
direct allocation
|
page read and write
|
||
|
2301000
|
direct allocation
|
page read and write
|
||
|
6D290000
|
unkown
|
page readonly
|
||
|
3591000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
E1B000
|
heap
|
page read and write
|
||
|
256E000
|
stack
|
page read and write
|
||
|
6C14E000
|
unkown
|
page execute read
|
||
|
7790000
|
heap
|
page read and write
|
||
|
30AC000
|
direct allocation
|
page read and write
|
||
|
26F8000
|
heap
|
page read and write
|
||
|
23D8000
|
direct allocation
|
page read and write
|
||
|
5B7C000
|
heap
|
page read and write
|
||
|
5DCC000
|
direct allocation
|
page read and write
|
||
|
480A000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
3D2F000
|
stack
|
page read and write
|
||
|
B9D000
|
direct allocation
|
page read and write
|
||
|
2726000
|
heap
|
page read and write
|
||
|
34C4000
|
direct allocation
|
page read and write
|
||
|
7089000
|
unkown
|
page write copy
|
||
|
24F6000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
42A8000
|
direct allocation
|
page read and write
|
||
|
B8B000
|
unkown
|
page readonly
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2E8D000
|
direct allocation
|
page read and write
|
||
|
34A6000
|
direct allocation
|
page read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
34EE000
|
direct allocation
|
page read and write
|
||
|
3BEF000
|
stack
|
page read and write
|
||
|
AE3000
|
direct allocation
|
page read and write
|
||
|
6C9000
|
unkown
|
page read and write
|
||
|
B2C000
|
direct allocation
|
page read and write
|
||
|
AF8000
|
direct allocation
|
page read and write
|
||
|
418C000
|
stack
|
page read and write
|
||
|
8CB000
|
unkown
|
page read and write
|
||
|
3019000
|
direct allocation
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
3016000
|
direct allocation
|
page read and write
|
||
|
2F79000
|
direct allocation
|
page read and write
|
||
|
3409000
|
direct allocation
|
page read and write
|
||
|
4736000
|
direct allocation
|
page read and write
|
||
|
357B000
|
direct allocation
|
page read and write
|
||
|
341B000
|
direct allocation
|
page read and write
|
||
|
81C8000
|
heap
|
page read and write
|
||
|
34DA000
|
direct allocation
|
page read and write
|
||
|
383D000
|
stack
|
page read and write
|
||
|
5C02000
|
heap
|
page read and write
|
||
|
25F1000
|
direct allocation
|
page read and write
|
||
|
3070000
|
direct allocation
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
900000
|
direct allocation
|
page execute and read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2956000
|
heap
|
page read and write
|
||
|
10BF000
|
stack
|
page read and write
|
||
|
3449000
|
direct allocation
|
page read and write
|
||
|
3521000
|
direct allocation
|
page read and write
|
||
|
4296000
|
direct allocation
|
page read and write
|
||
|
25F0000
|
direct allocation
|
page execute and read and write
|
||
|
E16000
|
heap
|
page read and write
|
||
|
5C26000
|
heap
|
page read and write
|
||
|
34A0000
|
direct allocation
|
page read and write
|
||
|
8E2000
|
unkown
|
page read and write
|
||
|
3484000
|
direct allocation
|
page read and write
|
||
|
6BE04000
|
unkown
|
page readonly
|
||
|
9F6000
|
direct allocation
|
page read and write
|
||
|
6D0F1000
|
unkown
|
page execute read
|
||
|
23C8000
|
direct allocation
|
page read and write
|
||
|
6C30D000
|
unkown
|
page readonly
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
DEB000
|
heap
|
page read and write
|
||
|
34D0000
|
direct allocation
|
page read and write
|
||
|
2566000
|
direct allocation
|
page read and write
|
||
|
2D9B000
|
direct allocation
|
page read and write
|
||
|
9D1000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2549000
|
direct allocation
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
A98000
|
direct allocation
|
page read and write
|
||
|
371F000
|
stack
|
page read and write
|
||
|
5C37000
|
heap
|
page read and write
|
||
|
34D0000
|
direct allocation
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
350B000
|
direct allocation
|
page read and write
|
||
|
2E60000
|
direct allocation
|
page execute and read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
3482000
|
direct allocation
|
page read and write
|
||
|
2D93000
|
direct allocation
|
page read and write
|
||
|
5C45000
|
heap
|
page read and write
|
||
|
BFF000
|
heap
|
page read and write
|
||
|
7000000
|
unkown
|
page readonly
|
||
|
8D0000
|
unkown
|
page read and write
|
||
|
2EC9000
|
direct allocation
|
page read and write
|
||
|
3025000
|
direct allocation
|
page read and write
|
||
|
6FBE000
|
stack
|
page read and write
|
||
|
6CD000
|
unkown
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
357F000
|
stack
|
page read and write
|
||
|
44DC000
|
stack
|
page read and write
|
||
|
5BF4000
|
heap
|
page read and write
|
||
|
5BBD000
|
heap
|
page read and write
|
||
|
8E2000
|
unkown
|
page read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
A1A000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2660000
|
direct allocation
|
page read and write
|
||
|
6C277000
|
unkown
|
page readonly
|
||
|
5C28000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
AC3000
|
direct allocation
|
page read and write
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
326F000
|
stack
|
page read and write
|
||
|
A90000
|
direct allocation
|
page read and write
|
||
|
3486000
|
direct allocation
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
2680000
|
direct allocation
|
page read and write
|
||
|
34AA000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
A13000
|
direct allocation
|
page read and write
|
||
|
6D431000
|
unkown
|
page execute read
|
||
|
43AB000
|
direct allocation
|
page read and write
|
||
|
6C940000
|
unkown
|
page read and write
|
||
|
A7A000
|
direct allocation
|
page read and write
|
||
|
32EC000
|
stack
|
page read and write
|
||
|
85AD000
|
stack
|
page read and write
|
||
|
2F6C000
|
direct allocation
|
page read and write
|
||
|
43A4000
|
direct allocation
|
page read and write
|
||
|
4B9000
|
unkown
|
page read and write
|
||
|
5BDA000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5E5F000
|
stack
|
page read and write
|
||
|
B54000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
728D000
|
stack
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
33FB000
|
direct allocation
|
page read and write
|
||
|
99F000
|
stack
|
page read and write
|
||
|
BB3000
|
direct allocation
|
page read and write
|
||
|
B5B000
|
direct allocation
|
page read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
5D5E000
|
stack
|
page read and write
|
||
|
8C8000
|
unkown
|
page read and write
|
||
|
A8F000
|
stack
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
349E000
|
direct allocation
|
page read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
2F5D000
|
direct allocation
|
page read and write
|
||
|
81B0000
|
heap
|
page read and write
|
||
|
9E1000
|
direct allocation
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
4354000
|
direct allocation
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page execute and read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
291A000
|
heap
|
page read and write
|
||
|
792D000
|
stack
|
page read and write
|
||
|
939000
|
unkown
|
page write copy
|
||
|
8C3000
|
unkown
|
page read and write
|
||
|
E2D000
|
heap
|
page read and write
|
||
|
2DA2000
|
direct allocation
|
page read and write
|
||
|
37F7000
|
direct allocation
|
page read and write
|
||
|
3496000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
34CC000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
33EC000
|
direct allocation
|
page read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
299A000
|
heap
|
page read and write
|
||
|
918000
|
heap
|
page read and write
|
||
|
2E50000
|
direct allocation
|
page read and write
|
||
|
3492000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
353B000
|
direct allocation
|
page read and write
|
||
|
C0A000
|
heap
|
page read and write
|
||
|
3144000
|
direct allocation
|
page read and write
|
||
|
270F000
|
heap
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
6D5000
|
unkown
|
page read and write
|
||
|
3135000
|
direct allocation
|
page read and write
|
||
|
3515000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
24EF000
|
stack
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
39F7000
|
heap
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
6C110000
|
unkown
|
page execute read
|
||
|
313C000
|
direct allocation
|
page read and write
|
||
|
BA4000
|
direct allocation
|
page read and write
|
||
|
6FC51000
|
unkown
|
page execute read
|
||
|
3438000
|
direct allocation
|
page read and write
|
||
|
35DE000
|
stack
|
page read and write
|
||
|
4356000
|
direct allocation
|
page read and write
|
||
|
47D0000
|
heap
|
page read and write
|
||
|
5C52000
|
heap
|
page read and write
|
||
|
26E8000
|
heap
|
page read and write
|
||
|
3517000
|
direct allocation
|
page read and write
|
||
|
7062000
|
unkown
|
page execute and read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2905000
|
heap
|
page read and write
|
||
|
640D000
|
stack
|
page read and write
|
||
|
A88000
|
direct allocation
|
page read and write
|
||
|
34B2000
|
direct allocation
|
page read and write
|
||
|
2E7E000
|
direct allocation
|
page read and write
|
||
|
5C45000
|
heap
|
page read and write
|
||
|
259A000
|
direct allocation
|
page read and write
|
||
|
8BB000
|
unkown
|
page read and write
|
||
|
C00000
|
direct allocation
|
page read and write
|
||
|
2F48000
|
direct allocation
|
page read and write
|
||
|
2533000
|
direct allocation
|
page read and write
|
||
|
8D3000
|
unkown
|
page read and write
|
||
|
2FA1000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
8D3000
|
unkown
|
page read and write
|
||
|
5B79000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2D6D000
|
direct allocation
|
page read and write
|
||
|
2FB1000
|
direct allocation
|
page read and write
|
||
|
3085000
|
direct allocation
|
page read and write
|
||
|
34CA000
|
direct allocation
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
39F0000
|
heap
|
page read and write
|
||
|
4360000
|
direct allocation
|
page read and write
|
||
|
311B000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
289F000
|
stack
|
page read and write
|
||
|
B88000
|
direct allocation
|
page read and write
|
||
|
E0B000
|
heap
|
page read and write
|
||
|
380D000
|
direct allocation
|
page read and write
|
||
|
103F000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
3AF0000
|
trusted library allocation
|
page read and write
|
||
|
8D0000
|
unkown
|
page read and write
|
||
|
308B000
|
direct allocation
|
page read and write
|
||
|
2DB8000
|
direct allocation
|
page read and write
|
||
|
6C29C000
|
unkown
|
page readonly
|
||
|
E1D000
|
heap
|
page read and write
|
||
|
C0F000
|
stack
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
34E4000
|
direct allocation
|
page read and write
|
||
|
34F0000
|
direct allocation
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
4732000
|
direct allocation
|
page read and write
|
||
|
285E000
|
stack
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
||
|
5C1A000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
23F4000
|
direct allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
2F50000
|
direct allocation
|
page execute and read and write
|
||
|
BAC000
|
direct allocation
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
ACA000
|
direct allocation
|
page read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
2AF0000
|
direct allocation
|
page execute and read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
23FC000
|
direct allocation
|
page read and write
|
||
|
23B2000
|
direct allocation
|
page read and write
|
||
|
6C307000
|
unkown
|
page read and write
|
||
|
231A000
|
direct allocation
|
page read and write
|
||
|
25BF000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3107000
|
direct allocation
|
page read and write
|
||
|
E07000
|
heap
|
page read and write
|
||
|
348E000
|
direct allocation
|
page read and write
|
||
|
2F2B000
|
direct allocation
|
page read and write
|
||
|
3EDE000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5C4C000
|
heap
|
page read and write
|
||
|
5C2B000
|
heap
|
page read and write
|
||
|
5C14000
|
heap
|
page read and write
|
||
|
A98000
|
direct allocation
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
2584000
|
direct allocation
|
page read and write
|
||
|
799000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
2F23000
|
direct allocation
|
page read and write
|
||
|
23DF000
|
direct allocation
|
page read and write
|
||
|
E23000
|
heap
|
page read and write
|
||
|
A62000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
373E000
|
stack
|
page read and write
|
||
|
34C6000
|
direct allocation
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
294B000
|
heap
|
page read and write
|
||
|
2592000
|
direct allocation
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
5C1D000
|
heap
|
page read and write
|
||
|
7AA000
|
heap
|
page read and write
|
||
|
81C0000
|
heap
|
page read and write
|
||
|
3AEE000
|
stack
|
page read and write
|
||
|
25B8000
|
direct allocation
|
page read and write
|
||
|
2377000
|
direct allocation
|
page read and write
|
||
|
BC7000
|
heap
|
page read and write
|
||
|
235A000
|
direct allocation
|
page read and write
|
||
|
6C115000
|
unkown
|
page execute read
|
||
|
2EF5000
|
direct allocation
|
page read and write
|
||
|
5B88000
|
heap
|
page read and write
|
||
|
25F8000
|
direct allocation
|
page read and write
|
||
|
AB0000
|
direct allocation
|
page read and write
|
||
|
B36000
|
direct allocation
|
page read and write
|
||
|
5C32000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
5B86000
|
heap
|
page read and write
|
||
|
34A2000
|
direct allocation
|
page read and write
|
||
|
42C4000
|
direct allocation
|
page read and write
|
||
|
2F40000
|
direct allocation
|
page read and write
|
||
|
43CE000
|
direct allocation
|
page read and write
|
||
|
6C2C2000
|
unkown
|
page readonly
|
||
|
5C34000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6C6000
|
unkown
|
page write copy
|
||
|
ABC000
|
direct allocation
|
page read and write
|
||
|
3089000
|
direct allocation
|
page read and write
|
||
|
3565000
|
direct allocation
|
page read and write
|
||
|
33C6000
|
direct allocation
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
84B000
|
heap
|
page read and write
|
||
|
2F11000
|
direct allocation
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
7A6000
|
heap
|
page read and write
|
||
|
3003000
|
heap
|
page read and write
|
||
|
5C6E000
|
heap
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
2521000
|
direct allocation
|
page read and write
|
||
|
349A000
|
direct allocation
|
page read and write
|
||
|
61E9B000
|
unkown
|
page readonly
|
||
|
3FDF000
|
stack
|
page read and write
|
||
|
5BF4000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6FD69000
|
unkown
|
page readonly
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
3042000
|
direct allocation
|
page read and write
|
||
|
2660000
|
direct allocation
|
page read and write
|
||
|
35B8000
|
direct allocation
|
page read and write
|
||
|
923000
|
unkown
|
page read and write
|
||
|
24BA000
|
stack
|
page read and write
|
||
|
34C2000
|
direct allocation
|
page read and write
|
||
|
8B6000
|
heap
|
page read and write
|
||
|
6C0FF000
|
unkown
|
page execute read
|
||
|
2988000
|
heap
|
page read and write
|
||
|
348A000
|
direct allocation
|
page read and write
|
||
|
428E000
|
stack
|
page read and write
|
||
|
34D6000
|
direct allocation
|
page read and write
|
||
|
2403000
|
direct allocation
|
page read and write
|
||
|
A55000
|
direct allocation
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
BBA000
|
direct allocation
|
page read and write
|
||
|
2EB3000
|
direct allocation
|
page read and write
|
||
|
3502000
|
direct allocation
|
page read and write
|
||
|
4370000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5E9D000
|
stack
|
page read and write
|
||
|
34DC000
|
direct allocation
|
page read and write
|
||
|
4352000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5C32000
|
heap
|
page read and write
|
||
|
708A000
|
unkown
|
page readonly
|
||
|
2DF1000
|
direct allocation
|
page read and write
|
||
|
6C3B2000
|
unkown
|
page readonly
|
||
|
3490000
|
direct allocation
|
page read and write
|
||
|
2ED8000
|
direct allocation
|
page read and write
|
||
|
2EF4000
|
direct allocation
|
page read and write
|
||
|
435A000
|
direct allocation
|
page read and write
|
||
|
5BF5000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
5C08000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
4386000
|
direct allocation
|
page read and write
|
||
|
6C74F000
|
unkown
|
page execute read
|
||
|
2328000
|
direct allocation
|
page read and write
|
||
|
296A000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
2F0A000
|
direct allocation
|
page read and write
|
||
|
94D000
|
heap
|
page read and write
|
||
|
2336000
|
direct allocation
|
page read and write
|
||
|
86AD000
|
stack
|
page read and write
|
||
|
937000
|
unkown
|
page read and write
|
||
|
6C331000
|
unkown
|
page execute read
|
||
|
255C000
|
direct allocation
|
page read and write
|
||
|
7087000
|
unkown
|
page execute read
|
||
|
B90000
|
heap
|
page read and write
|
||
|
6D24E000
|
unkown
|
page readonly
|
||
|
5BF4000
|
heap
|
page read and write
|
||
|
5C02000
|
heap
|
page read and write
|
||
|
101F000
|
stack
|
page read and write
|
||
|
A9F000
|
direct allocation
|
page read and write
|
||
|
5C51000
|
heap
|
page read and write
|
||
|
A22000
|
direct allocation
|
page read and write
|
||
|
25A8000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6FC0000
|
remote allocation
|
page read and write
|
||
|
B96000
|
direct allocation
|
page read and write
|
||
|
8CA000
|
unkown
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
8C8000
|
unkown
|
page read and write
|
||
|
5BF4000
|
heap
|
page read and write
|
||
|
3F40000
|
heap
|
page read and write
|
||
|
AF1000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5C57000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
61EA0000
|
unkown
|
page write copy
|
||
|
C20000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
9FE000
|
direct allocation
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
24FD000
|
direct allocation
|
page read and write
|
||
|
ABF000
|
direct allocation
|
page read and write
|
||
|
473A000
|
direct allocation
|
page read and write
|
||
|
2EAC000
|
direct allocation
|
page read and write
|
||
|
2927000
|
heap
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
5BD8000
|
heap
|
page read and write
|
||
|
4290000
|
direct allocation
|
page read and write
|
||
|
34D0000
|
direct allocation
|
page read and write
|
||
|
4366000
|
direct allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
33D6000
|
direct allocation
|
page read and write
|
||
|
BFD000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5C04000
|
heap
|
page read and write
|
||
|
61E00000
|
unkown
|
page readonly
|
||
|
7FB40000
|
direct allocation
|
page read and write
|
||
|
A76000
|
direct allocation
|
page read and write
|
||
|
2345000
|
direct allocation
|
page read and write
|
||
|
429A000
|
direct allocation
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
5C27000
|
heap
|
page read and write
|
||
|
5BBC000
|
heap
|
page read and write
|
||
|
25AD000
|
stack
|
page read and write
|
||
|
2680000
|
direct allocation
|
page read and write
|
||
|
6D25F000
|
unkown
|
page readonly
|
||
|
2ED0000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5C1A000
|
heap
|
page read and write
|
||
|
A6A000
|
direct allocation
|
page read and write
|
||
|
2DD4000
|
direct allocation
|
page read and write
|
||
|
3582000
|
direct allocation
|
page read and write
|
||
|
3509000
|
direct allocation
|
page read and write
|
||
|
5C57000
|
heap
|
page read and write
|
||
|
4372000
|
direct allocation
|
page read and write
|
||
|
340C000
|
direct allocation
|
page read and write
|
||
|
2F8C000
|
direct allocation
|
page read and write
|
||
|
6FC60000
|
unkown
|
page read and write
|
||
|
4368000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
A3E000
|
direct allocation
|
page read and write
|
||
|
927000
|
unkown
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
9EF000
|
direct allocation
|
page read and write
|
||
|
2FF7000
|
direct allocation
|
page read and write
|
||
|
9DA000
|
direct allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
3E6D000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
6D287000
|
unkown
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
2550000
|
direct allocation
|
page read and write
|
||
|
4892000
|
heap
|
page read and write
|
||
|
2DEA000
|
direct allocation
|
page read and write
|
||
|
47D1000
|
heap
|
page read and write
|
||
|
26F8000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2937000
|
heap
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
34EA000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3458000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
4376000
|
direct allocation
|
page read and write
|
||
|
5BBB000
|
heap
|
page read and write
|
||
|
240A000
|
direct allocation
|
page read and write
|
||
|
702000
|
unkown
|
page readonly
|
||
|
A30000
|
direct allocation
|
page read and write
|
||
|
2F4F000
|
direct allocation
|
page read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
79B0000
|
trusted library allocation
|
page read and write
|
||
|
7088000
|
unkown
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
AEA000
|
direct allocation
|
page read and write
|
||
|
6C6000
|
unkown
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
239C000
|
direct allocation
|
page read and write
|
||
|
6FD51000
|
unkown
|
page execute read
|
||
|
5C41000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
8C3000
|
unkown
|
page read and write
|
||
|
2917000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
650C000
|
stack
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
4358000
|
direct allocation
|
page read and write
|
||
|
480A000
|
heap
|
page read and write
|
||
|
93A000
|
unkown
|
page read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
3D6C000
|
stack
|
page read and write
|
||
|
2387000
|
direct allocation
|
page read and write
|
||
|
435E000
|
direct allocation
|
page read and write
|
||
|
B01000
|
direct allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
2F7A000
|
direct allocation
|
page read and write
|
||
|
3C2E000
|
stack
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
6D5000
|
unkown
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
247D000
|
stack
|
page read and write
|
||
|
6C2E0000
|
unkown
|
page readonly
|
||
|
8BF000
|
unkown
|
page read and write
|
||
|
7A6000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2945000
|
heap
|
page read and write
|
||
|
2DE0000
|
direct allocation
|
page read and write
|
||
|
2418000
|
direct allocation
|
page read and write
|
||
|
26F8000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
84AC000
|
stack
|
page read and write
|
||
|
C07000
|
heap
|
page read and write
|
||
|
23E6000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6C94C000
|
unkown
|
page readonly
|
||
|
2FED000
|
direct allocation
|
page read and write
|
||
|
3081000
|
direct allocation
|
page read and write
|
||
|
396E000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
3519000
|
direct allocation
|
page read and write
|
||
|
434B000
|
direct allocation
|
page read and write
|
||
|
6C0BD000
|
unkown
|
page execute read
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6C0B1000
|
unkown
|
page execute read
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
429C000
|
direct allocation
|
page read and write
|
||
|
3418000
|
direct allocation
|
page read and write
|
||
|
2574000
|
direct allocation
|
page read and write
|
||
|
350F000
|
direct allocation
|
page read and write
|
||
|
36BF000
|
stack
|
page read and write
|
||
|
4349000
|
direct allocation
|
page read and write
|
||
|
25C6000
|
direct allocation
|
page read and write
|
||
|
257D000
|
direct allocation
|
page read and write
|
||
|
B2F000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6D493000
|
unkown
|
page readonly
|
||
|
C24000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
F3F000
|
stack
|
page read and write
|
||
|
6FFD000
|
stack
|
page read and write
|
||
|
39E0000
|
direct allocation
|
page execute and read and write
|
||
|
9E8000
|
direct allocation
|
page read and write
|
||
|
8E2000
|
unkown
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
237E000
|
direct allocation
|
page read and write
|
||
|
34F0000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
25A1000
|
direct allocation
|
page read and write
|
||
|
5C18000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
6BE01000
|
unkown
|
page read and write
|
||
|
A81000
|
direct allocation
|
page read and write
|
||
|
5BDE000
|
heap
|
page read and write
|
||
|
30BB000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
B44000
|
direct allocation
|
page read and write
|
||
|
34D4000
|
direct allocation
|
page read and write
|
||
|
3159000
|
direct allocation
|
page read and write
|
||
|
3488000
|
direct allocation
|
page read and write
|
||
|
8DE000
|
unkown
|
page read and write
|
||
|
926000
|
unkown
|
page read and write
|
||
|
AAD000
|
direct allocation
|
page read and write
|
||
|
6D8000
|
unkown
|
page write copy
|
||
|
A0C000
|
direct allocation
|
page read and write
|
||
|
5BF7000
|
heap
|
page read and write
|
||
|
34C8000
|
direct allocation
|
page read and write
|
||
|
3113000
|
direct allocation
|
page read and write
|
||
|
23ED000
|
direct allocation
|
page read and write
|
||
|
AD8000
|
direct allocation
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
2F0C000
|
direct allocation
|
page read and write
|
||
|
8BB000
|
unkown
|
page write copy
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
2362000
|
direct allocation
|
page read and write
|
||
|
34CE000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
34E0000
|
direct allocation
|
page read and write
|
||
|
3573000
|
direct allocation
|
page read and write
|
||
|
361E000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
ACD000
|
direct allocation
|
page read and write
|
||
|
37ED000
|
direct allocation
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5BC2000
|
heap
|
page read and write
|
||
|
538000
|
heap
|
page read and write
|
||
|
5C5F000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
34BA000
|
direct allocation
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
24E0000
|
direct allocation
|
page read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
34F4000
|
direct allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
7088000
|
unkown
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6C0CE000
|
unkown
|
page execute read
|
||
|
6D225000
|
unkown
|
page readonly
|
||
|
3513000
|
direct allocation
|
page read and write
|
||
|
5C0D000
|
heap
|
page read and write
|
||
|
6C330000
|
unkown
|
page readonly
|
||
|
2370000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5C57000
|
heap
|
page read and write
|
||
|
6FC0000
|
remote allocation
|
page read and write
|
||
|
34DE000
|
direct allocation
|
page read and write
|
||
|
255F000
|
direct allocation
|
page read and write
|
||
|
4892000
|
heap
|
page read and write
|
||
|
9A8000
|
unkown
|
page readonly
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6CD000
|
unkown
|
page read and write
|
||
|
42A2000
|
direct allocation
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
34D8000
|
direct allocation
|
page read and write
|
||
|
6BD81000
|
unkown
|
page execute read
|
||
|
436E000
|
direct allocation
|
page read and write
|
||
|
291B000
|
heap
|
page read and write
|
||
|
3411000
|
direct allocation
|
page read and write
|
||
|
B11000
|
direct allocation
|
page read and write
|
||
|
4742000
|
direct allocation
|
page read and write
|
||
|
436C000
|
direct allocation
|
page read and write
|
||
|
4B7000
|
unkown
|
page write copy
|
||
|
6C391000
|
unkown
|
page readonly
|
||
|
3000000
|
heap
|
page read and write
|
||
|
34C0000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C06000
|
heap
|
page read and write
|
||
|
258B000
|
direct allocation
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
3099000
|
direct allocation
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
7FDDB000
|
direct allocation
|
page read and write
|
||
|
2EC2000
|
direct allocation
|
page read and write
|
||
|
61E8A000
|
unkown
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
250C000
|
direct allocation
|
page read and write
|
||
|
6C0B0000
|
unkown
|
page readonly
|
||
|
9B000
|
stack
|
page read and write
|
||
|
3B10000
|
heap
|
page read and write
|
||
|
5B82000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2504000
|
direct allocation
|
page read and write
|
||
|
7FE34000
|
direct allocation
|
page read and write
|
||
|
6D28A000
|
unkown
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
6D28E000
|
unkown
|
page read and write
|
||
|
6BDEB000
|
unkown
|
page readonly
|
||
|
2B05000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
3498000
|
direct allocation
|
page read and write
|
||
|
6C8D0000
|
unkown
|
page execute read
|
||
|
B90000
|
heap
|
page read and write
|
||
|
6C8000
|
unkown
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
351D000
|
direct allocation
|
page read and write
|
||
|
3C10000
|
trusted library allocation
|
page read and write
|
||
|
3152000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
8DE000
|
unkown
|
page read and write
|
||
|
6FD77000
|
unkown
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
77B2000
|
heap
|
page read and write
|
||
|
5C33000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
C22000
|
heap
|
page read and write
|
||
|
2EDF000
|
direct allocation
|
page read and write
|
||
|
6FD50000
|
unkown
|
page readonly
|
||
|
D15000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2E85000
|
direct allocation
|
page read and write
|
||
|
2758000
|
direct allocation
|
page read and write
|
||
|
2411000
|
direct allocation
|
page read and write
|
||
|
6D4B4000
|
unkown
|
page write copy
|
||
|
4C4000
|
unkown
|
page readonly
|
||
|
473C000
|
direct allocation
|
page read and write
|
||
|
2DCD000
|
direct allocation
|
page read and write
|
||
|
DC8000
|
heap
|
page read and write
|
||
|
5C41000
|
heap
|
page read and write
|
||
|
6FD79000
|
unkown
|
page readonly
|
||
|
2DA9000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3117000
|
direct allocation
|
page read and write
|
||
|
39E0000
|
direct allocation
|
page execute and read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
3034000
|
direct allocation
|
page read and write
|
||
|
6C6000
|
unkown
|
page read and write
|
||
|
234C000
|
direct allocation
|
page read and write
|
||
|
26F9000
|
heap
|
page read and write
|
||
|
B6A000
|
direct allocation
|
page read and write
|
||
|
33E6000
|
direct allocation
|
page read and write
|
||
|
9BC000
|
unkown
|
page readonly
|
||
|
350D000
|
direct allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
C1C000
|
heap
|
page read and write
|
||
|
8D7000
|
unkown
|
page read and write
|
||
|
A72000
|
direct allocation
|
page read and write
|
||
|
6C749000
|
unkown
|
page execute read
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
AD1000
|
direct allocation
|
page read and write
|
||
|
4364000
|
direct allocation
|
page read and write
|
||
|
4374000
|
direct allocation
|
page read and write
|
||
|
3100000
|
direct allocation
|
page read and write
|
||
|
4BA000
|
unkown
|
page read and write
|
||
|
3422000
|
direct allocation
|
page read and write
|
||
|
2D8C000
|
direct allocation
|
page read and write
|
||
|
3511000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6BD80000
|
unkown
|
page readonly
|
||
|
C19000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
A9C000
|
direct allocation
|
page read and write
|
||
|
C0D000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
23BA000
|
direct allocation
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
5C1A000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
78EC000
|
stack
|
page read and write
|
||
|
61E8A000
|
unkown
|
page read and write
|
||
|
6D288000
|
unkown
|
page write copy
|
||
|
6D4B2000
|
unkown
|
page read and write
|
||
|
45DF000
|
stack
|
page read and write
|
||
|
8CA000
|
unkown
|
page read and write
|
||
|
39F0000
|
heap
|
page read and write
|
||
|
30B4000
|
direct allocation
|
page read and write
|
||
|
5C04000
|
heap
|
page read and write
|
||
|
796D000
|
stack
|
page read and write
|
||
|
2DC6000
|
direct allocation
|
page read and write
|
||
|
296C000
|
heap
|
page read and write
|
||
|
3063000
|
heap
|
page read and write
|
||
|
E07000
|
heap
|
page read and write
|
||
|
615D000
|
stack
|
page read and write
|
||
|
937000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2CC0000
|
direct allocation
|
page read and write
|
||
|
3AF0000
|
trusted library allocation
|
page read and write
|
||
|
C04000
|
heap
|
page read and write
|
||
|
611C000
|
stack
|
page read and write
|
||
|
2F56000
|
direct allocation
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
24EF000
|
direct allocation
|
page read and write
|
||
|
5C51000
|
heap
|
page read and write
|
||
|
BC1000
|
direct allocation
|
page read and write
|
||
|
26B3000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
2369000
|
direct allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
6FC0000
|
remote allocation
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
||
|
C2C000
|
heap
|
page read and write
|
||
|
256D000
|
direct allocation
|
page read and write
|
||
|
39F7000
|
heap
|
page read and write
|
||
|
61E89000
|
unkown
|
page write copy
|
||
|
26EB000
|
heap
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
3429000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
937000
|
unkown
|
page read and write
|
||
|
6C310000
|
unkown
|
page readonly
|
||
|
3B17000
|
heap
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
7A2000
|
heap
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
7BD000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
791000
|
heap
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
7AD000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
314B000
|
direct allocation
|
page read and write
|
||
|
6C3AB000
|
unkown
|
page read and write
|
||
|
8E0000
|
unkown
|
page read and write
|
||
|
8DE000
|
unkown
|
page read and write
|
||
|
6D0000
|
unkown
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
ADC000
|
direct allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
B19000
|
direct allocation
|
page read and write
|
||
|
A05000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2D5E000
|
direct allocation
|
page read and write
|
||
|
6DF000
|
unkown
|
page readonly
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
3429000
|
direct allocation
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
356C000
|
direct allocation
|
page read and write
|
||
|
6C11A000
|
unkown
|
page execute read
|
||
|
C24000
|
heap
|
page read and write
|
||
|
351F000
|
direct allocation
|
page read and write
|
||
|
23C1000
|
direct allocation
|
page read and write
|
||
|
5C27000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2EED000
|
direct allocation
|
page read and write
|
||
|
232F000
|
direct allocation
|
page read and write
|
||
|
251A000
|
direct allocation
|
page read and write
|
||
|
34A4000
|
direct allocation
|
page read and write
|
||
|
A47000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
3431000
|
direct allocation
|
page read and write
|
||
|
5B9A000
|
heap
|
page read and write
|
||
|
3119000
|
direct allocation
|
page read and write
|
||
|
25D4000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
4B7000
|
unkown
|
page read and write
|
||
|
6FC50000
|
unkown
|
page readonly
|
||
|
4811000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
AB4000
|
direct allocation
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
5C45000
|
heap
|
page read and write
|
||
|
7001000
|
unkown
|
page execute and read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
435C000
|
direct allocation
|
page read and write
|
||
|
3009000
|
direct allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
4C6000
|
unkown
|
page readonly
|
||
|
6C941000
|
unkown
|
page write copy
|
||
|
2541000
|
direct allocation
|
page read and write
|
||
|
5B71000
|
heap
|
page read and write
|
||
|
34A8000
|
direct allocation
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
5C04000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
25EA000
|
direct allocation
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
233E000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
25E3000
|
direct allocation
|
page read and write
|
||
|
AD4000
|
direct allocation
|
page read and write
|
||
|
2E10000
|
direct allocation
|
page read and write
|
||
|
5C4C000
|
heap
|
page read and write
|
||
|
B62000
|
direct allocation
|
page read and write
|
||
|
300B000
|
direct allocation
|
page read and write
|
||
|
42FE000
|
direct allocation
|
page read and write
|
||
|
7088000
|
unkown
|
page read and write
|
||
|
923000
|
unkown
|
page read and write
|
||
|
34B8000
|
direct allocation
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
6605000
|
stack
|
page read and write
|
||
|
61E8A000
|
unkown
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
42A6000
|
direct allocation
|
page read and write
|
||
|
5BB9000
|
heap
|
page read and write
|
||
|
4378000
|
direct allocation
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C05000
|
heap
|
page read and write
|
||
|
34AC000
|
direct allocation
|
page read and write
|
||
|
2321000
|
direct allocation
|
page read and write
|
||
|
942000
|
unkown
|
page readonly
|
||
|
6C670000
|
unkown
|
page readonly
|
||
|
95000
|
stack
|
page read and write
|
||
|
34DE000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
61E8B000
|
unkown
|
page readonly
|
||
|
7FE00000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
34E6000
|
direct allocation
|
page read and write
|
||
|
34E6000
|
direct allocation
|
page read and write
|
||
|
34B6000
|
direct allocation
|
page read and write
|
||
|
4362000
|
direct allocation
|
page read and write
|
||
|
4294000
|
direct allocation
|
page read and write
|
||
|
3402000
|
direct allocation
|
page read and write
|
||
|
2AB0000
|
direct allocation
|
page read and write
|
||
|
34EC000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
4892000
|
heap
|
page read and write
|
||
|
2917000
|
heap
|
page read and write
|
||
|
8BB000
|
unkown
|
page read and write
|
||
|
34B0000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
4734000
|
direct allocation
|
page read and write
|
||
|
B20000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
34B4000
|
direct allocation
|
page read and write
|
||
|
43BD000
|
direct allocation
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
2F1C000
|
direct allocation
|
page read and write
|
||
|
297F000
|
heap
|
page read and write
|
||
|
42A4000
|
direct allocation
|
page read and write
|
||
|
3B20000
|
heap
|
page read and write
|
||
|
3077000
|
direct allocation
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
34E2000
|
direct allocation
|
page read and write
|
||
|
349C000
|
direct allocation
|
page read and write
|
||
|
429E000
|
direct allocation
|
page read and write
|
||
|
60DF000
|
stack
|
page read and write
|
||
|
6D0000
|
unkown
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
5BA8000
|
heap
|
page read and write
|
||
|
5BA0000
|
heap
|
page read and write
|
||
|
2395000
|
direct allocation
|
page read and write
|
||
|
4C2000
|
unkown
|
page write copy
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
E03000
|
heap
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
5B70000
|
heap
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
3096000
|
direct allocation
|
page read and write
|
||
|
348C000
|
direct allocation
|
page read and write
|
||
|
30C2000
|
direct allocation
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
6C3AC000
|
unkown
|
page readonly
|
||
|
3438000
|
direct allocation
|
page read and write
|
||
|
7C1000
|
heap
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
238E000
|
direct allocation
|
page read and write
|
||
|
5C49000
|
heap
|
page read and write
|
||
|
30C9000
|
direct allocation
|
page read and write
|
||
|
8C3000
|
unkown
|
page read and write
|
||
|
3115000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
2F32000
|
direct allocation
|
page read and write
|
||
|
3494000
|
direct allocation
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
79D000
|
heap
|
page read and write
|
||
|
42EE000
|
direct allocation
|
page read and write
|
||
|
7064000
|
unkown
|
page execute and read and write
|
||
|
6C8E2000
|
unkown
|
page readonly
|
||
|
34F2000
|
direct allocation
|
page read and write
|
||
|
33F6000
|
direct allocation
|
page read and write
|
||
|
5BDE000
|
heap
|
page read and write
|
||
|
2528000
|
direct allocation
|
page read and write
|
||
|
C23000
|
heap
|
page read and write
|
||
|
24C0000
|
direct allocation
|
page read and write
|
||
|
3598000
|
direct allocation
|
page read and write
|
||
|
24C8000
|
direct allocation
|
page read and write
|
||
|
9C1000
|
direct allocation
|
page read and write
|
||
|
2F82000
|
direct allocation
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
BC8000
|
direct allocation
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
C19000
|
heap
|
page read and write
|
||
|
36DF000
|
stack
|
page read and write
|
||
|
4298000
|
direct allocation
|
page read and write
|
There are 1138 hidden memdumps, click here to show them.