Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
reservation .exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\qilq\ast.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\astclient.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\astrct.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\aw_sas32.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\hatls.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-26KIS.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-5KIJJ.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-8MMT6.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-9MCCS.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-BFIN6.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-BI7PN.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-HE32K.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-K402A.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-MGO66.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-OUNKJ.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-PO10S.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-RFQHO.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-SJ8AI.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\is-SSL54.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\libcrypto-1_1.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\libcryptoMD.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\libcurl.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\libeay32.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\libjpeg-turbo-win.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\libssl-1_1.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\opus.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qilq\quartz.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\AstCrp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\ast.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\astclient.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\astrct.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\aw_sas32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\hatls.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\libcrypto-1_1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\libcryptoMD.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\libcurl.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\libeay32.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\libjpeg-turbo-win.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\libssl-1_1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\opus.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fat\quartz.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\is-4SM5O.tmp\reservation .tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-BE9V9.tmp\_isetup\_iscrypt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-BE9V9.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-GMPCP.tmp\reservation .tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-I3C98.tmp\_isetup\_iscrypt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-I3C98.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\2teu9t.cfg (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\AstCrp.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\config.ini (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\fguwrtug.bmp (copy)
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\g3ll5lm.bat (copy)
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\is-9LOO0.tmp
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\is-GB3EG.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\is-LREC4.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\is-O3LDO.tmp
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\is-PDQGE.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qilq\msvcr120.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fat\2teu9t.cfg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fat\config.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fat\fguwrtug.bmp
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fat\g3ll5lm.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fat\msvcr120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 54 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\reservation .exe
|
"C:\Users\user\Desktop\reservation .exe"
|
|
|
|
C:\Users\user\Desktop\reservation .exe
|
"C:\Users\user\Desktop\reservation .exe" /verysilent /password=84t66giu
|
|
|
|
C:\Users\user\AppData\Roaming\fat\ast.exe
|
"C:\Users\user\AppData\Roaming\fat\ast.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\fat\ast.exe
|
"C:\Users\user\AppData\Roaming\fat\ast.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\fat\ast.exe
|
"C:\Users\user\AppData\Roaming\fat\ast.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\is-GMPCP.tmp\reservation .tmp
|
"C:\Users\user\AppData\Local\Temp\is-GMPCP.tmp\reservation .tmp" /SL5="$10464,7120736,816128,C:\Users\user\Desktop\reservation
.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\is-4SM5O.tmp\reservation .tmp
|
"C:\Users\user\AppData\Local\Temp\is-4SM5O.tmp\reservation .tmp" /SL5="$2046A,7120736,816128,C:\Users\user\Desktop\reservation
.exe" /verysilent /password=84t66giu
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /C ""C:\Users\user\AppData\Local\Temp\qilq\g3ll5lm.bat""
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\xcopy.exe
|
xcopy /Y /I /S "C:\Users\user\AppData\Local\Temp\qilq\*" "C:\Users\user\AppData\Roaming\fat\"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://id.xn--80akicokc0aablc.xn--p1ai:4439c0
|
unknown
|
||
|
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/Nhttp://www.borland.com/namespaces/Types
|
unknown
|
||
|
https://id.xn--80akicokc0aai
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443g
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443lnd
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aiheGu
|
unknown
|
||
|
http://crl.sectigo.com/COMODOTimeStampingCA_2.crl0r
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aie03
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443/stClnstCln
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html#
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443lnJm&
|
unknown
|
||
|
https://datatracker.ietf.org/ipr/1526/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:44335-
|
unknown
|
||
|
https://www.remobjects.com/ps
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai4j1
|
unknown
|
||
|
https://curl.haxx.se/docs/copyright.htmlD
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aiexe03
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aifgGu
|
unknown
|
||
|
https://www.innosetup.com/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aim;
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443-
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aierW
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:4432
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ait.exeje
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aiget
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443ln
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443lnmm
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443/stClnD956C
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aigiGu
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:44335y
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesw
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesy
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443dm
|
unknown
|
||
|
http://jrsoftware.github.io/issrc/ISHelp/isxfunc.xml
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:44335
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443...43
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aiZ
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ait.exe
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/exe
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesbcrypt
|
unknown
|
||
|
https://datatracker.ietf.org/ipr/1524/
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aid003
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ainkEx
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aii
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aid
|
unknown
|
||
|
http://www.openssl.org/)
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aie
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai3
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443gE
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443gD
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://solicecare.website/de37/update.phph?
|
unknown
|
||
|
http://www.openssl.org/V
|
unknown
|
||
|
https://id.xn--80akicokc0aa
|
unknown
|
||
|
https://id.xn--8X
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443g=
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443gW
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aiI
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0#
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai.dllC;1
|
unknown
|
||
|
http://www.borland.com/namespaces/TypesE
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai.dllM
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai.dllI
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443ata
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443gK
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesn
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443mm
|
unknown
|
||
|
http://www.borland.com/namespaces/Types
|
unknown
|
||
|
https://sectigo.com/CPS0B
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesu
|
unknown
|
||
|
https://curl.haxx.se/V
|
unknown
|
||
|
https://datatracker.ietf.org/ipr/1914/
|
unknown
|
||
|
https://sectigo.com/CPS0C
|
unknown
|
||
|
https://sectigo.com/CPS0D
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai)
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443lnw#
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443...
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443g1
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443lndm
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443...4335AW
|
unknown
|
||
|
http://crt.sectigo.com/COMODOTimeStampingCA_2.crt0#
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai00
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://www.openssl.org/docs/faq.html
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443/api/exec
|
212.193.169.65
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aieY
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:44335...
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aidll
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1aidllm
|
unknown
|
||
|
https://id.xn-
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://id.xn--80akicokc0aablc.xn--p1ai:443gh
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
id.xn--80akicokc0aablc.xn--p1ai
|
212.193.169.65
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
212.193.169.65
|
id.xn--80akicokc0aablc.xn--p1ai
|
Russian Federation
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.FixPass
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Main.Autorun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Main.CloseButtonOperation
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Main.CheckUpdates
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.UseLocalSecuritySettings
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.DynPassKind
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.PassLifetime
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.CanWinAuth
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.AccessKind
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.CanWinLoginAnotherUser
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.UNCONTROLLED_ACCESS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.CanWinLoginNotAdmin
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.DenyRemoteSettingsControl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Security.DenyLockControls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Log.ServerStoreTechLog
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Main.AWAYMODE_REQUIRED
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Main.LogsLifetime
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Main.LogsForMail2Support
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
ProxySettings.UseKind
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
ProxySettings.StoreUserAndPassw
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
|
fat
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
Values.HDD
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
IEProxyAttributes.Server
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
IEProxyAttributes.Port
|
||
|
HKEY_CURRENT_USER\SOFTWARE\safib\ast\SSc
|
IEProxyAttributes.ProxyBypass
|
There are 23 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
401000
|
unkown
|
page execute read
|
|
|
|
2790000
|
heap
|
page read and write
|
||
|
5C39000
|
heap
|
page read and write
|
||
|
2485000
|
direct allocation
|
page read and write
|
||
|
3416000
|
direct allocation
|
page read and write
|
||
|
6C1F9000
|
unkown
|
page execute read
|
||
|
720000
|
heap
|
page read and write
|
||
|
21B2000
|
direct allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
8C8000
|
unkown
|
page read and write
|
||
|
618E000
|
stack
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
34D0000
|
direct allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
34BE000
|
direct allocation
|
page read and write
|
||
|
34E9000
|
direct allocation
|
page read and write
|
||
|
6520000
|
heap
|
page read and write
|
||
|
3501000
|
direct allocation
|
page read and write
|
||
|
7FE26000
|
direct allocation
|
page read and write
|
||
|
6B741000
|
unkown
|
page read and write
|
||
|
3129000
|
direct allocation
|
page read and write
|
||
|
5C64000
|
heap
|
page read and write
|
||
|
3108000
|
heap
|
page read and write
|
||
|
5C1E000
|
heap
|
page read and write
|
||
|
C9A000
|
direct allocation
|
page read and write
|
||
|
6C0BE000
|
unkown
|
page readonly
|
||
|
2FD7000
|
direct allocation
|
page read and write
|
||
|
1F7000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
5C78000
|
heap
|
page read and write
|
||
|
30E3000
|
direct allocation
|
page read and write
|
||
|
7088000
|
unkown
|
page read and write
|
||
|
22AC000
|
direct allocation
|
page read and write
|
||
|
3461000
|
direct allocation
|
page read and write
|
||
|
5BFC000
|
heap
|
page read and write
|
||
|
2D8C000
|
direct allocation
|
page read and write
|
||
|
D78000
|
heap
|
page read and write
|
||
|
8C3000
|
unkown
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
21DF000
|
direct allocation
|
page read and write
|
||
|
3A5F000
|
stack
|
page read and write
|
||
|
2229000
|
direct allocation
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
21C3000
|
direct allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
3474000
|
direct allocation
|
page read and write
|
||
|
2D7D000
|
direct allocation
|
page read and write
|
||
|
2301000
|
direct allocation
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
3786000
|
direct allocation
|
page read and write
|
||
|
5C53000
|
heap
|
page read and write
|
||
|
CA1000
|
direct allocation
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
21F5000
|
direct allocation
|
page read and write
|
||
|
2F16000
|
direct allocation
|
page read and write
|
||
|
5C63000
|
heap
|
page read and write
|
||
|
5C31000
|
heap
|
page read and write
|
||
|
2271000
|
direct allocation
|
page read and write
|
||
|
245A000
|
direct allocation
|
page read and write
|
||
|
6C0CE000
|
unkown
|
page readonly
|
||
|
4384000
|
direct allocation
|
page read and write
|
||
|
3147000
|
heap
|
page read and write
|
||
|
43B6000
|
direct allocation
|
page read and write
|
||
|
3403000
|
direct allocation
|
page read and write
|
||
|
438A000
|
direct allocation
|
page read and write
|
||
|
CE3000
|
direct allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
386F000
|
stack
|
page read and write
|
||
|
2DB9000
|
direct allocation
|
page read and write
|
||
|
5C00000
|
heap
|
page read and write
|
||
|
5C34000
|
heap
|
page read and write
|
||
|
5C1E000
|
heap
|
page read and write
|
||
|
33E6000
|
direct allocation
|
page read and write
|
||
|
6BC52000
|
unkown
|
page readonly
|
||
|
68CF000
|
stack
|
page read and write
|
||
|
5C1C000
|
heap
|
page read and write
|
||
|
61E9D000
|
unkown
|
page read and write
|
||
|
5C1F000
|
heap
|
page read and write
|
||
|
5C8D000
|
heap
|
page read and write
|
||
|
5C7B000
|
heap
|
page read and write
|
||
|
2FA1000
|
direct allocation
|
page read and write
|
||
|
5BC1000
|
heap
|
page read and write
|
||
|
6C1FF000
|
unkown
|
page execute read
|
||
|
5BFD000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
7FDDB000
|
direct allocation
|
page read and write
|
||
|
2DDD000
|
direct allocation
|
page read and write
|
||
|
382F000
|
stack
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
5BFB000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
64B000
|
heap
|
page read and write
|
||
|
437B000
|
direct allocation
|
page read and write
|
||
|
5BFB000
|
heap
|
page read and write
|
||
|
34F3000
|
direct allocation
|
page read and write
|
||
|
5C95000
|
heap
|
page read and write
|
||
|
4C2000
|
unkown
|
page write copy
|
||
|
61E000
|
stack
|
page read and write
|
||
|
6C8C0000
|
unkown
|
page readonly
|
||
|
D87000
|
heap
|
page read and write
|
||
|
C0F000
|
direct allocation
|
page read and write
|
||
|
CA8000
|
direct allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
24FA000
|
direct allocation
|
page read and write
|
||
|
43A0000
|
direct allocation
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
3578000
|
direct allocation
|
page read and write
|
||
|
6C949000
|
unkown
|
page readonly
|
||
|
5C3D000
|
heap
|
page read and write
|
||
|
2DC8000
|
direct allocation
|
page read and write
|
||
|
30E6000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
2EE8000
|
heap
|
page read and write
|
||
|
6C110000
|
unkown
|
page readonly
|
||
|
6B72B000
|
unkown
|
page readonly
|
||
|
5C51000
|
heap
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
5C4F000
|
heap
|
page read and write
|
||
|
2DAB000
|
direct allocation
|
page read and write
|
||
|
5BA1000
|
heap
|
page read and write
|
||
|
34F3000
|
direct allocation
|
page read and write
|
||
|
5C0D000
|
heap
|
page read and write
|
||
|
5C7E000
|
heap
|
page read and write
|
||
|
34F1000
|
direct allocation
|
page read and write
|
||
|
482C000
|
stack
|
page read and write
|
||
|
5C58000
|
heap
|
page read and write
|
||
|
2F3A000
|
direct allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
2EA8000
|
heap
|
page read and write
|
||
|
34A6000
|
direct allocation
|
page read and write
|
||
|
937000
|
unkown
|
page read and write
|
||
|
4B9000
|
unkown
|
page read and write
|
||
|
2EA9000
|
heap
|
page read and write
|
||
|
2F1D000
|
direct allocation
|
page read and write
|
||
|
6C120000
|
unkown
|
page readonly
|
||
|
5C74000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
5C1F000
|
heap
|
page read and write
|
||
|
5BFD000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
6C0A5000
|
unkown
|
page readonly
|
||
|
2F70000
|
direct allocation
|
page execute and read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
5C7D000
|
heap
|
page read and write
|
||
|
24DD000
|
direct allocation
|
page read and write
|
||
|
34A2000
|
direct allocation
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3452000
|
direct allocation
|
page read and write
|
||
|
CBC000
|
heap
|
page read and write
|
||
|
6522000
|
heap
|
page read and write
|
||
|
5FE2000
|
direct allocation
|
page read and write
|
||
|
3119000
|
heap
|
page read and write
|
||
|
372F000
|
stack
|
page read and write
|
||
|
7089000
|
unkown
|
page write copy
|
||
|
708A000
|
unkown
|
page readonly
|
||
|
61EA0000
|
unkown
|
page write copy
|
||
|
333E000
|
stack
|
page read and write
|
||
|
30DC000
|
heap
|
page read and write
|
||
|
5C4F000
|
heap
|
page read and write
|
||
|
2FF9000
|
direct allocation
|
page read and write
|
||
|
42C8000
|
direct allocation
|
page read and write
|
||
|
2900000
|
direct allocation
|
page read and write
|
||
|
6A20000
|
heap
|
page read and write
|
||
|
6C923000
|
unkown
|
page readonly
|
||
|
D73000
|
heap
|
page read and write
|
||
|
43A2000
|
direct allocation
|
page read and write
|
||
|
6E0000
|
unkown
|
page readonly
|
||
|
226A000
|
direct allocation
|
page read and write
|
||
|
2D7D000
|
direct allocation
|
page read and write
|
||
|
6D1000
|
unkown
|
page read and write
|
||
|
22A4000
|
direct allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
214F000
|
stack
|
page read and write
|
||
|
37A0000
|
direct allocation
|
page read and write
|
||
|
37ED000
|
direct allocation
|
page read and write
|
||
|
34FD000
|
direct allocation
|
page read and write
|
||
|
34B0000
|
direct allocation
|
page read and write
|
||
|
2EC8000
|
heap
|
page read and write
|
||
|
4386000
|
direct allocation
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
67CD000
|
stack
|
page read and write
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
6A11000
|
heap
|
page read and write
|
||
|
3462000
|
direct allocation
|
page read and write
|
||
|
8A6000
|
heap
|
page read and write
|
||
|
6C6A1000
|
unkown
|
page execute read
|
||
|
2D9C000
|
direct allocation
|
page read and write
|
||
|
5C2C000
|
heap
|
page read and write
|
||
|
3468000
|
direct allocation
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
295F000
|
stack
|
page read and write
|
||
|
937000
|
unkown
|
page read and write
|
||
|
2ED6000
|
heap
|
page read and write
|
||
|
4B7000
|
unkown
|
page read and write
|
||
|
2FA7000
|
direct allocation
|
page read and write
|
||
|
8CA000
|
unkown
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
6D4D000
|
stack
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
3476000
|
direct allocation
|
page read and write
|
||
|
2C7D000
|
stack
|
page read and write
|
||
|
4394000
|
direct allocation
|
page read and write
|
||
|
4382000
|
direct allocation
|
page read and write
|
||
|
5FEA000
|
direct allocation
|
page read and write
|
||
|
5C69000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
2E01000
|
direct allocation
|
page read and write
|
||
|
254A000
|
direct allocation
|
page read and write
|
||
|
5C4E000
|
heap
|
page read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
3106000
|
heap
|
page read and write
|
||
|
220B000
|
direct allocation
|
page read and write
|
||
|
2EF2000
|
direct allocation
|
page read and write
|
||
|
3494000
|
direct allocation
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
242C000
|
direct allocation
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2DFA000
|
direct allocation
|
page read and write
|
||
|
2E10000
|
direct allocation
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
5C1F000
|
heap
|
page read and write
|
||
|
43CE000
|
direct allocation
|
page read and write
|
||
|
42D0000
|
direct allocation
|
page read and write
|
||
|
6BA41000
|
unkown
|
page execute read
|
||
|
3014000
|
direct allocation
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
6BC70000
|
unkown
|
page readonly
|
||
|
3A5F000
|
stack
|
page read and write
|
||
|
5C46000
|
heap
|
page read and write
|
||
|
3525000
|
direct allocation
|
page read and write
|
||
|
8BA000
|
heap
|
page read and write
|
||
|
5BC3000
|
heap
|
page read and write
|
||
|
5C0C000
|
heap
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
22FA000
|
direct allocation
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
2428000
|
direct allocation
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
5C97000
|
heap
|
page read and write
|
||
|
349C000
|
direct allocation
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
9A8000
|
unkown
|
page readonly
|
||
|
5BFF000
|
heap
|
page read and write
|
||
|
8C3000
|
unkown
|
page read and write
|
||
|
6C71C000
|
unkown
|
page readonly
|
||
|
39F0000
|
direct allocation
|
page execute and read and write
|
||
|
3EBE000
|
stack
|
page read and write
|
||
|
61E00000
|
unkown
|
page readonly
|
||
|
361E000
|
stack
|
page read and write
|
||
|
6BAA5000
|
unkown
|
page execute read
|
||
|
34D4000
|
direct allocation
|
page read and write
|
||
|
358F000
|
stack
|
page read and write
|
||
|
92A000
|
unkown
|
page read and write
|
||
|
34EF000
|
direct allocation
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
6B744000
|
unkown
|
page readonly
|
||
|
5BFC000
|
heap
|
page read and write
|
||
|
8AC000
|
heap
|
page read and write
|
||
|
34D1000
|
heap
|
page read and write
|
||
|
43FE000
|
direct allocation
|
page read and write
|
||
|
8C3000
|
unkown
|
page read and write
|
||
|
2DC1000
|
direct allocation
|
page read and write
|
||
|
6D9E1000
|
unkown
|
page execute read
|
||
|
95000
|
stack
|
page read and write
|
||
|
6A28000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
2477000
|
direct allocation
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
5BB3000
|
heap
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
5C1E000
|
heap
|
page read and write
|
||
|
3589000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
34CE000
|
direct allocation
|
page read and write
|
||
|
7E9D000
|
stack
|
page read and write
|
||
|
5C23000
|
heap
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
C49000
|
direct allocation
|
page read and write
|
||
|
2EA8000
|
heap
|
page read and write
|
||
|
3412000
|
direct allocation
|
page read and write
|
||
|
37BA000
|
direct allocation
|
page read and write
|
||
|
37C6000
|
direct allocation
|
page read and write
|
||
|
2FAB000
|
direct allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
3464000
|
direct allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
43C5000
|
direct allocation
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
6C3F7000
|
unkown
|
page readonly
|
||
|
3DD0000
|
heap
|
page read and write
|
||
|
6C3F3000
|
unkown
|
page read and write
|
||
|
372E000
|
stack
|
page read and write
|
||
|
5C5B000
|
heap
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
21E7000
|
direct allocation
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
61EA1000
|
unkown
|
page readonly
|
||
|
347E000
|
direct allocation
|
page read and write
|
||
|
355B000
|
direct allocation
|
page read and write
|
||
|
3459000
|
direct allocation
|
page read and write
|
||
|
6BAAA000
|
unkown
|
page execute read
|
||
|
395F000
|
stack
|
page read and write
|
||
|
32FC000
|
stack
|
page read and write
|
||
|
5C68000
|
heap
|
page read and write
|
||
|
2DB2000
|
direct allocation
|
page read and write
|
||
|
315E000
|
heap
|
page read and write
|
||
|
2526000
|
direct allocation
|
page read and write
|
||
|
5FE4000
|
direct allocation
|
page read and write
|
||
|
6C3F1000
|
unkown
|
page write copy
|
||
|
438E000
|
direct allocation
|
page read and write
|
||
|
24C6000
|
direct allocation
|
page read and write
|
||
|
34B8000
|
direct allocation
|
page read and write
|
||
|
5C70000
|
heap
|
page read and write
|
||
|
21D8000
|
direct allocation
|
page read and write
|
||
|
61E9B000
|
unkown
|
page readonly
|
||
|
5BEC000
|
heap
|
page read and write
|
||
|
24A9000
|
direct allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
4398000
|
direct allocation
|
page read and write
|
||
|
21FC000
|
direct allocation
|
page read and write
|
||
|
3492000
|
direct allocation
|
page read and write
|
||
|
5C36000
|
heap
|
page read and write
|
||
|
2DF3000
|
direct allocation
|
page read and write
|
||
|
6DA09000
|
unkown
|
page readonly
|
||
|
2FCC000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
BEB000
|
direct allocation
|
page read and write
|
||
|
8E0000
|
unkown
|
page read and write
|
||
|
5C3F000
|
heap
|
page read and write
|
||
|
C84000
|
direct allocation
|
page read and write
|
||
|
21EE000
|
direct allocation
|
page read and write
|
||
|
3756000
|
direct allocation
|
page read and write
|
||
|
2EA8000
|
heap
|
page read and write
|
||
|
2DB4000
|
direct allocation
|
page read and write
|
||
|
8BB000
|
unkown
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
2640000
|
direct allocation
|
page read and write
|
||
|
24EB000
|
direct allocation
|
page read and write
|
||
|
2ECC000
|
direct allocation
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
3538000
|
direct allocation
|
page read and write
|
||
|
37F7000
|
direct allocation
|
page read and write
|
||
|
6CE000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
34FF000
|
direct allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
365E000
|
stack
|
page read and write
|
||
|
8E2000
|
unkown
|
page read and write
|
||
|
5C8D000
|
heap
|
page read and write
|
||
|
24B4000
|
direct allocation
|
page read and write
|
||
|
43DB000
|
direct allocation
|
page read and write
|
||
|
7000000
|
unkown
|
page readonly
|
||
|
244B000
|
direct allocation
|
page read and write
|
||
|
2EBC000
|
direct allocation
|
page read and write
|
||
|
312D000
|
heap
|
page read and write
|
||
|
5FEE000
|
direct allocation
|
page read and write
|
||
|
5FF2000
|
direct allocation
|
page read and write
|
||
|
6E0E3000
|
unkown
|
page readonly
|
||
|
2FA9000
|
direct allocation
|
page read and write
|
||
|
3468000
|
direct allocation
|
page read and write
|
||
|
21AA000
|
direct allocation
|
page read and write
|
||
|
5C51000
|
heap
|
page read and write
|
||
|
5C68000
|
heap
|
page read and write
|
||
|
5C20000
|
heap
|
page read and write
|
||
|
34CC000
|
direct allocation
|
page read and write
|
||
|
2FD0000
|
direct allocation
|
page read and write
|
||
|
62CE000
|
stack
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
5C82000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
34E1000
|
direct allocation
|
page read and write
|
||
|
5C75000
|
heap
|
page read and write
|
||
|
348A000
|
direct allocation
|
page read and write
|
||
|
6C10E000
|
unkown
|
page read and write
|
||
|
5C59000
|
heap
|
page read and write
|
||
|
5C4E000
|
heap
|
page read and write
|
||
|
2FD4000
|
direct allocation
|
page read and write
|
||
|
93A000
|
unkown
|
page read and write
|
||
|
5C86000
|
heap
|
page read and write
|
||
|
45E0000
|
remote allocation
|
page read and write
|
||
|
2760000
|
direct allocation
|
page read and write
|
||
|
34B4000
|
direct allocation
|
page read and write
|
||
|
33D6000
|
direct allocation
|
page read and write
|
||
|
5C15000
|
heap
|
page read and write
|
||
|
2EA9000
|
heap
|
page read and write
|
||
|
2DC8000
|
direct allocation
|
page read and write
|
||
|
61E8A000
|
unkown
|
page read and write
|
||
|
346E000
|
direct allocation
|
page read and write
|
||
|
6C9000
|
unkown
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
37B6000
|
direct allocation
|
page read and write
|
||
|
301B000
|
direct allocation
|
page read and write
|
||
|
3A02000
|
heap
|
page read and write
|
||
|
34AC000
|
direct allocation
|
page read and write
|
||
|
2453000
|
direct allocation
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
5D8C000
|
stack
|
page read and write
|
||
|
27C3000
|
heap
|
page read and write
|
||
|
300C000
|
direct allocation
|
page read and write
|
||
|
61E89000
|
unkown
|
page write copy
|
||
|
6A20000
|
heap
|
page read and write
|
||
|
5C1C000
|
heap
|
page read and write
|
||
|
5C69000
|
heap
|
page read and write
|
||
|
34B6000
|
direct allocation
|
page read and write
|
||
|
5C3A000
|
heap
|
page read and write
|
||
|
36CE000
|
stack
|
page read and write
|
||
|
8D3000
|
unkown
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
8C9000
|
heap
|
page read and write
|
||
|
BFA000
|
direct allocation
|
page read and write
|
||
|
C5F000
|
direct allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
5C68000
|
heap
|
page read and write
|
||
|
6BA4D000
|
unkown
|
page execute read
|
||
|
43D4000
|
direct allocation
|
page read and write
|
||
|
45E0000
|
remote allocation
|
page read and write
|
||
|
3428000
|
direct allocation
|
page read and write
|
||
|
34AE000
|
direct allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
6BA8F000
|
unkown
|
page execute read
|
||
|
DBB000
|
heap
|
page read and write
|
||
|
DB7000
|
heap
|
page read and write
|
||
|
6A32000
|
heap
|
page read and write
|
||
|
5C03000
|
heap
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
6C0DF000
|
unkown
|
page readonly
|
||
|
8DE000
|
unkown
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
30D7000
|
direct allocation
|
page read and write
|
||
|
8BF000
|
unkown
|
page read and write
|
||
|
2491000
|
direct allocation
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
2EA9000
|
heap
|
page read and write
|
||
|
42CE000
|
direct allocation
|
page read and write
|
||
|
6BF70000
|
unkown
|
page readonly
|
||
|
3340000
|
heap
|
page read and write
|
||
|
DCF000
|
heap
|
page read and write
|
||
|
5BCA000
|
heap
|
page read and write
|
||
|
6BF71000
|
unkown
|
page execute read
|
||
|
351B000
|
direct allocation
|
page read and write
|
||
|
2288000
|
direct allocation
|
page read and write
|
||
|
2493000
|
direct allocation
|
page read and write
|
||
|
8E2000
|
unkown
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
3598000
|
direct allocation
|
page read and write
|
||
|
349A000
|
direct allocation
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
8C8000
|
unkown
|
page read and write
|
||
|
690D000
|
stack
|
page read and write
|
||
|
7FE00000
|
direct allocation
|
page read and write
|
||
|
5C58000
|
heap
|
page read and write
|
||
|
3571000
|
direct allocation
|
page read and write
|
||
|
5BBB000
|
heap
|
page read and write
|
||
|
2237000
|
direct allocation
|
page read and write
|
||
|
5C4F000
|
heap
|
page read and write
|
||
|
C08000
|
direct allocation
|
page read and write
|
||
|
45E0000
|
remote allocation
|
page read and write
|
||
|
C54000
|
direct allocation
|
page read and write
|
||
|
346A000
|
direct allocation
|
page read and write
|
||
|
35DE000
|
stack
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
C1E000
|
direct allocation
|
page read and write
|
||
|
5C8C000
|
heap
|
page read and write
|
||
|
1E7000
|
heap
|
page read and write
|
||
|
5C5D000
|
heap
|
page read and write
|
||
|
243D000
|
direct allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
2FF6000
|
direct allocation
|
page read and write
|
||
|
8C2000
|
heap
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
34F5000
|
direct allocation
|
page read and write
|
||
|
7062000
|
unkown
|
page execute and read and write
|
||
|
5C83000
|
heap
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
4BA000
|
unkown
|
page read and write
|
||
|
2D9C000
|
direct allocation
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
22DA000
|
direct allocation
|
page read and write
|
||
|
5E8F000
|
stack
|
page read and write
|
||
|
6DE000
|
unkown
|
page readonly
|
||
|
22BA000
|
direct allocation
|
page read and write
|
||
|
34C0000
|
direct allocation
|
page read and write
|
||
|
923000
|
unkown
|
page read and write
|
||
|
8C6000
|
heap
|
page read and write
|
||
|
2219000
|
direct allocation
|
page read and write
|
||
|
5C6D000
|
heap
|
page read and write
|
||
|
3470000
|
direct allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
6BC97000
|
unkown
|
page read and write
|
||
|
343C000
|
direct allocation
|
page read and write
|
||
|
8DE000
|
unkown
|
page read and write
|
||
|
CF8000
|
direct allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
D98000
|
heap
|
page read and write
|
||
|
248B000
|
direct allocation
|
page read and write
|
||
|
6A10000
|
heap
|
page read and write
|
||
|
3029000
|
direct allocation
|
page read and write
|
||
|
5C3C000
|
heap
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
314A000
|
heap
|
page read and write
|
||
|
5C83000
|
heap
|
page read and write
|
||
|
2EB5000
|
direct allocation
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
5BEF000
|
heap
|
page read and write
|
||
|
DBB000
|
heap
|
page read and write
|
||
|
6C7000
|
unkown
|
page read and write
|
||
|
5C9B000
|
heap
|
page read and write
|
||
|
C41000
|
direct allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
2FC3000
|
heap
|
page read and write
|
||
|
2FE9000
|
direct allocation
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
34C4000
|
direct allocation
|
page read and write
|
||
|
34A8000
|
direct allocation
|
page read and write
|
||
|
34F9000
|
direct allocation
|
page read and write
|
||
|
BC0000
|
direct allocation
|
page read and write
|
||
|
7083000
|
unkown
|
page execute and write copy
|
||
|
21D1000
|
direct allocation
|
page read and write
|
||
|
736000
|
unkown
|
page execute read
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
6D6000
|
unkown
|
page read and write
|
||
|
8BB000
|
unkown
|
page write copy
|
||
|
3A01000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
5C8E000
|
heap
|
page read and write
|
||
|
3486000
|
direct allocation
|
page read and write
|
||
|
247E000
|
direct allocation
|
page read and write
|
||
|
CB8000
|
direct allocation
|
page read and write
|
||
|
4B7000
|
unkown
|
page read and write
|
||
|
5C3B000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
42D4000
|
direct allocation
|
page read and write
|
||
|
8BB000
|
unkown
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
8D7000
|
unkown
|
page read and write
|
||
|
6BADE000
|
unkown
|
page execute read
|
||
|
1D7000
|
heap
|
page read and write
|
||
|
2543000
|
direct allocation
|
page read and write
|
||
|
34C6000
|
direct allocation
|
page read and write
|
||
|
30DF000
|
heap
|
page read and write
|
||
|
5041000
|
heap
|
page read and write
|
||
|
614D000
|
stack
|
page read and write
|
||
|
344B000
|
direct allocation
|
page read and write
|
||
|
C6D000
|
direct allocation
|
page read and write
|
||
|
42F4000
|
direct allocation
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
8D3000
|
unkown
|
page read and write
|
||
|
2DA3000
|
direct allocation
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
7088000
|
unkown
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
4C6000
|
unkown
|
page readonly
|
||
|
5BF1000
|
heap
|
page read and write
|
||
|
4303000
|
direct allocation
|
page read and write
|
||
|
5C7C000
|
heap
|
page read and write
|
||
|
5041000
|
heap
|
page read and write
|
||
|
5C1F000
|
heap
|
page read and write
|
||
|
830000
|
direct allocation
|
page execute and read and write
|
||
|
CF1000
|
direct allocation
|
page read and write
|
||
|
432E000
|
direct allocation
|
page read and write
|
||
|
311B000
|
direct allocation
|
page read and write
|
||
|
2EEB000
|
direct allocation
|
page read and write
|
||
|
C76000
|
direct allocation
|
page read and write
|
||
|
2D75000
|
direct allocation
|
page read and write
|
||
|
5041000
|
heap
|
page read and write
|
||
|
6BCA0000
|
unkown
|
page readonly
|
||
|
3122000
|
direct allocation
|
page read and write
|
||
|
272A000
|
direct allocation
|
page read and write
|
||
|
30D6000
|
heap
|
page read and write
|
||
|
6B6C0000
|
unkown
|
page readonly
|
||
|
2EBF000
|
heap
|
page read and write
|
||
|
5C50000
|
heap
|
page read and write
|
||
|
6D9000
|
unkown
|
page write copy
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
34D0000
|
direct allocation
|
page read and write
|
||
|
2558000
|
direct allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
5C1C000
|
heap
|
page read and write
|
||
|
2FA5000
|
direct allocation
|
page read and write
|
||
|
21BA000
|
direct allocation
|
page read and write
|
||
|
650D000
|
stack
|
page read and write
|
||
|
2EDC000
|
direct allocation
|
page read and write
|
||
|
348E000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
6D9F9000
|
unkown
|
page readonly
|
||
|
3114000
|
direct allocation
|
page read and write
|
||
|
34FB000
|
direct allocation
|
page read and write
|
||
|
4379000
|
direct allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
6D6000
|
unkown
|
page read and write
|
||
|
2FB0000
|
direct allocation
|
page execute and read and write
|
||
|
362E000
|
stack
|
page read and write
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
8D9000
|
unkown
|
page read and write
|
||
|
2FC3000
|
heap
|
page read and write
|
||
|
5C39000
|
heap
|
page read and write
|
||
|
2DE4000
|
direct allocation
|
page read and write
|
||
|
640C000
|
stack
|
page read and write
|
||
|
42C4000
|
direct allocation
|
page read and write
|
||
|
6BC2C000
|
unkown
|
page readonly
|
||
|
889D000
|
stack
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
CBF000
|
direct allocation
|
page read and write
|
||
|
BF3000
|
direct allocation
|
page read and write
|
||
|
3761000
|
direct allocation
|
page read and write
|
||
|
5C29000
|
heap
|
page read and write
|
||
|
5C25000
|
heap
|
page read and write
|
||
|
2E10000
|
direct allocation
|
page read and write
|
||
|
368E000
|
stack
|
page read and write
|
||
|
65BE000
|
direct allocation
|
page read and write
|
||
|
2F97000
|
direct allocation
|
page read and write
|
||
|
6C944000
|
unkown
|
page write copy
|
||
|
5FE6000
|
direct allocation
|
page read and write
|
||
|
5BB9000
|
heap
|
page read and write
|
||
|
5C9E000
|
heap
|
page read and write
|
||
|
3F0E000
|
stack
|
page read and write
|
||
|
6C7000
|
unkown
|
page write copy
|
||
|
EDF000
|
stack
|
page read and write
|
||
|
5C93000
|
heap
|
page read and write
|
||
|
2CBA000
|
stack
|
page read and write
|
||
|
6C1E7000
|
unkown
|
page execute read
|
||
|
3480000
|
direct allocation
|
page read and write
|
||
|
5BAC000
|
heap
|
page read and write
|
||
|
3553000
|
direct allocation
|
page read and write
|
||
|
8C6000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
8C7000
|
heap
|
page read and write
|
||
|
2203000
|
direct allocation
|
page read and write
|
||
|
42D8000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
5C8B000
|
heap
|
page read and write
|
||
|
2FC5000
|
direct allocation
|
page read and write
|
||
|
3562000
|
direct allocation
|
page read and write
|
||
|
30EB000
|
direct allocation
|
page read and write
|
||
|
24BF000
|
direct allocation
|
page read and write
|
||
|
6BC9D000
|
unkown
|
page readonly
|
||
|
42C6000
|
direct allocation
|
page read and write
|
||
|
5C68000
|
heap
|
page read and write
|
||
|
246F000
|
direct allocation
|
page read and write
|
||
|
42D2000
|
direct allocation
|
page read and write
|
||
|
2760000
|
direct allocation
|
page read and write
|
||
|
400F000
|
stack
|
page read and write
|
||
|
939000
|
unkown
|
page write copy
|
||
|
6C7000
|
unkown
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
61E8B000
|
unkown
|
page readonly
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
6CA000
|
unkown
|
page read and write
|
||
|
310C000
|
direct allocation
|
page read and write
|
||
|
431E000
|
direct allocation
|
page read and write
|
||
|
6A2A000
|
heap
|
page read and write
|
||
|
5C29000
|
heap
|
page read and write
|
||
|
34E9000
|
direct allocation
|
page read and write
|
||
|
C58000
|
direct allocation
|
page read and write
|
||
|
2FDB000
|
direct allocation
|
page read and write
|
||
|
30E5000
|
heap
|
page read and write
|
||
|
115F000
|
stack
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
8E2000
|
unkown
|
page read and write
|
||
|
942000
|
unkown
|
page readonly
|
||
|
6B6C1000
|
unkown
|
page execute read
|
||
|
228F000
|
direct allocation
|
page read and write
|
||
|
927000
|
unkown
|
page read and write
|
||
|
7088000
|
unkown
|
page read and write
|
||
|
33FC000
|
direct allocation
|
page read and write
|
||
|
3466000
|
direct allocation
|
page read and write
|
||
|
43ED000
|
direct allocation
|
page read and write
|
||
|
43A8000
|
direct allocation
|
page read and write
|
||
|
304F000
|
stack
|
page read and write
|
||
|
5C68000
|
heap
|
page read and write
|
||
|
5C30000
|
heap
|
page read and write
|
||
|
5BA0000
|
heap
|
page read and write
|
||
|
30D0000
|
direct allocation
|
page read and write
|
||
|
6C942000
|
unkown
|
page read and write
|
||
|
4C4000
|
unkown
|
page readonly
|
||
|
B8B000
|
unkown
|
page readonly
|
||
|
21CA000
|
direct allocation
|
page read and write
|
||
|
6BA5E000
|
unkown
|
page execute read
|
||
|
9B000
|
stack
|
page read and write
|
||
|
5C65000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
7FB40000
|
direct allocation
|
page read and write
|
||
|
2DD6000
|
direct allocation
|
page read and write
|
||
|
937000
|
unkown
|
page read and write
|
||
|
6E0E0000
|
unkown
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
5C0A000
|
heap
|
page read and write
|
||
|
3496000
|
direct allocation
|
page read and write
|
||
|
2FE2000
|
direct allocation
|
page read and write
|
||
|
89B000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
5C11000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
5C57000
|
heap
|
page read and write
|
||
|
372F000
|
stack
|
page read and write
|
||
|
2F08000
|
direct allocation
|
page read and write
|
||
|
5C1E000
|
heap
|
page read and write
|
||
|
63CF000
|
stack
|
page read and write
|
||
|
101F000
|
stack
|
page read and write
|
||
|
2261000
|
direct allocation
|
page read and write
|
||
|
6C718000
|
unkown
|
page write copy
|
||
|
36DD000
|
stack
|
page read and write
|
||
|
5BEA000
|
heap
|
page read and write
|
||
|
5C0B000
|
heap
|
page read and write
|
||
|
5C53000
|
heap
|
page read and write
|
||
|
3758000
|
direct allocation
|
page read and write
|
||
|
5C5A000
|
heap
|
page read and write
|
||
|
24E4000
|
direct allocation
|
page read and write
|
||
|
2DE4000
|
direct allocation
|
page read and write
|
||
|
5C93000
|
heap
|
page read and write
|
||
|
D2A000
|
heap
|
page read and write
|
||
|
2DB2000
|
direct allocation
|
page read and write
|
||
|
4388000
|
direct allocation
|
page read and write
|
||
|
CEA000
|
direct allocation
|
page read and write
|
||
|
DC9000
|
heap
|
page read and write
|
||
|
CE8000
|
heap
|
page read and write
|
||
|
3448000
|
direct allocation
|
page read and write
|
||
|
2DCF000
|
direct allocation
|
page read and write
|
||
|
6C108000
|
unkown
|
page write copy
|
||
|
5C82000
|
heap
|
page read and write
|
||
|
34C2000
|
direct allocation
|
page read and write
|
||
|
1D5000
|
heap
|
page read and write
|
||
|
253C000
|
direct allocation
|
page read and write
|
||
|
6E0D000
|
stack
|
page read and write
|
||
|
5FEC000
|
direct allocation
|
page read and write
|
||
|
926000
|
unkown
|
page read and write
|
||
|
6C4D000
|
stack
|
page read and write
|
||
|
61E8A000
|
unkown
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
7087000
|
unkown
|
page execute read
|
||
|
2E07000
|
direct allocation
|
page read and write
|
||
|
2F53000
|
heap
|
page read and write
|
||
|
3478000
|
direct allocation
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
24F2000
|
direct allocation
|
page read and write
|
||
|
5C4E000
|
heap
|
page read and write
|
||
|
2AB5000
|
heap
|
page read and write
|
||
|
859000
|
heap
|
page read and write
|
||
|
34D2000
|
direct allocation
|
page read and write
|
||
|
5C41000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
3B30000
|
direct allocation
|
page execute and read and write
|
||
|
6C8C1000
|
unkown
|
page execute read
|
||
|
61E8A000
|
unkown
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
34D0000
|
direct allocation
|
page read and write
|
||
|
42CA000
|
direct allocation
|
page read and write
|
||
|
2534000
|
direct allocation
|
page read and write
|
||
|
3488000
|
direct allocation
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
6BA40000
|
unkown
|
page readonly
|
||
|
878000
|
heap
|
page read and write
|
||
|
5C93000
|
heap
|
page read and write
|
||
|
6E0D0000
|
unkown
|
page readonly
|
||
|
2551000
|
direct allocation
|
page read and write
|
||
|
5C4F000
|
heap
|
page read and write
|
||
|
5C5A000
|
heap
|
page read and write
|
||
|
5C65000
|
heap
|
page read and write
|
||
|
D39000
|
heap
|
page read and write
|
||
|
24A1000
|
direct allocation
|
page read and write
|
||
|
5C23000
|
heap
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
6C3FC000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
8E2000
|
heap
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
2245000
|
direct allocation
|
page read and write
|
||
|
42D6000
|
direct allocation
|
page read and write
|
||
|
8DE000
|
unkown
|
page read and write
|
||
|
3421000
|
direct allocation
|
page read and write
|
||
|
5C2E000
|
heap
|
page read and write
|
||
|
3022000
|
direct allocation
|
page read and write
|
||
|
6BAA0000
|
unkown
|
page execute read
|
||
|
604D000
|
stack
|
page read and write
|
||
|
9BC000
|
unkown
|
page readonly
|
||
|
638000
|
heap
|
page read and write
|
||
|
6DA07000
|
unkown
|
page read and write
|
||
|
6C3F0000
|
unkown
|
page read and write
|
||
|
2DEC000
|
direct allocation
|
page read and write
|
||
|
5C36000
|
heap
|
page read and write
|
||
|
42C0000
|
direct allocation
|
page read and write
|
||
|
438C000
|
direct allocation
|
page read and write
|
||
|
3498000
|
direct allocation
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
3490000
|
direct allocation
|
page read and write
|
||
|
6D8D000
|
unkown
|
page read and write
|
||
|
30F9000
|
direct allocation
|
page read and write
|
||
|
CC6000
|
direct allocation
|
page read and write
|
||
|
5BA9000
|
heap
|
page read and write
|
||
|
5C68000
|
heap
|
page read and write
|
||
|
30DD000
|
heap
|
page read and write
|
||
|
5C10000
|
heap
|
page read and write
|
||
|
C66000
|
direct allocation
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
CDC000
|
direct allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
3426000
|
direct allocation
|
page read and write
|
||
|
3545000
|
direct allocation
|
page read and write
|
||
|
5C5E000
|
heap
|
page read and write
|
||
|
3B9F000
|
stack
|
page read and write
|
||
|
3505000
|
direct allocation
|
page read and write
|
||
|
2D6E000
|
direct allocation
|
page read and write
|
||
|
5C70000
|
heap
|
page read and write
|
||
|
2220000
|
direct allocation
|
page read and write
|
||
|
251F000
|
direct allocation
|
page read and write
|
||
|
22B3000
|
direct allocation
|
page read and write
|
||
|
22C1000
|
direct allocation
|
page read and write
|
||
|
348E000
|
direct allocation
|
page read and write
|
||
|
5C98000
|
heap
|
page read and write
|
||
|
5C85000
|
heap
|
page read and write
|
||
|
5C90000
|
heap
|
page read and write
|
||
|
3460000
|
direct allocation
|
page read and write
|
||
|
5C1F000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8C6000
|
heap
|
page read and write
|
||
|
5BFE000
|
heap
|
page read and write
|
||
|
5C31000
|
heap
|
page read and write
|
||
|
BCB000
|
direct allocation
|
page read and write
|
||
|
5BA9000
|
heap
|
page read and write
|
||
|
5C02000
|
heap
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
34ED000
|
direct allocation
|
page read and write
|
||
|
5C37000
|
heap
|
page read and write
|
||
|
34BA000
|
direct allocation
|
page read and write
|
||
|
6A11000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
5C1A000
|
heap
|
page read and write
|
||
|
2420000
|
direct allocation
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
5C9D000
|
heap
|
page read and write
|
||
|
4392000
|
direct allocation
|
page read and write
|
||
|
2EE3000
|
direct allocation
|
page read and write
|
||
|
5C10000
|
heap
|
page read and write
|
||
|
3DBD000
|
stack
|
page read and write
|
||
|
358F000
|
stack
|
page read and write
|
||
|
6F4000
|
unkown
|
page readonly
|
||
|
313E000
|
heap
|
page read and write
|
||
|
2F24000
|
direct allocation
|
page read and write
|
||
|
5C7E000
|
heap
|
page read and write
|
||
|
24B8000
|
direct allocation
|
page read and write
|
||
|
5C7A000
|
heap
|
page read and write
|
||
|
5C95000
|
heap
|
page read and write
|
||
|
30E7000
|
direct allocation
|
page read and write
|
||
|
2DDD000
|
direct allocation
|
page read and write
|
||
|
2518000
|
direct allocation
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
34B2000
|
direct allocation
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
93A000
|
unkown
|
page read and write
|
||
|
5BE5000
|
heap
|
page read and write
|
||
|
5041000
|
heap
|
page read and write
|
||
|
2F0F000
|
direct allocation
|
page read and write
|
||
|
2DB9000
|
direct allocation
|
page read and write
|
||
|
2DE9000
|
direct allocation
|
page read and write
|
||
|
24CD000
|
direct allocation
|
page read and write
|
||
|
34A4000
|
direct allocation
|
page read and write
|
||
|
34EB000
|
direct allocation
|
page read and write
|
||
|
6A0C000
|
unkown
|
page read and write
|
||
|
C33000
|
direct allocation
|
page read and write
|
||
|
C3F000
|
stack
|
page read and write
|
||
|
2E98000
|
heap
|
page read and write
|
||
|
4313000
|
direct allocation
|
page read and write
|
||
|
346C000
|
direct allocation
|
page read and write
|
||
|
376E000
|
stack
|
page read and write
|
||
|
5C82000
|
heap
|
page read and write
|
||
|
8CA000
|
unkown
|
page read and write
|
||
|
628F000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1E5000
|
heap
|
page read and write
|
||
|
229D000
|
direct allocation
|
page read and write
|
||
|
3105000
|
direct allocation
|
page read and write
|
||
|
6C722000
|
unkown
|
page readonly
|
||
|
22F3000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
F3F000
|
stack
|
page read and write
|
||
|
5C19000
|
heap
|
page read and write
|
||
|
5C0E000
|
heap
|
page read and write
|
||
|
C01000
|
direct allocation
|
page read and write
|
||
|
5C4F000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
6A33000
|
heap
|
page read and write
|
||
|
439A000
|
direct allocation
|
page read and write
|
||
|
34F7000
|
direct allocation
|
page read and write
|
||
|
5C58000
|
heap
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
5C3D000
|
heap
|
page read and write
|
||
|
3B00000
|
trusted library allocation
|
page read and write
|
||
|
5C4F000
|
heap
|
page read and write
|
||
|
6BC07000
|
unkown
|
page readonly
|
||
|
5C08000
|
heap
|
page read and write
|
||
|
310F000
|
heap
|
page read and write
|
||
|
2D6E000
|
direct allocation
|
page read and write
|
||
|
6A3B000
|
heap
|
page read and write
|
||
|
8BB000
|
unkown
|
page read and write
|
||
|
5C1F000
|
heap
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
376B000
|
direct allocation
|
page read and write
|
||
|
5C10000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
F6F000
|
stack
|
page read and write
|
||
|
5C19000
|
heap
|
page read and write
|
||
|
2FE9000
|
direct allocation
|
page read and write
|
||
|
5C02000
|
heap
|
page read and write
|
||
|
6C946000
|
unkown
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
30E9000
|
direct allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
347A000
|
direct allocation
|
page read and write
|
||
|
2DFA000
|
direct allocation
|
page read and write
|
||
|
2DEC000
|
direct allocation
|
page read and write
|
||
|
2E01000
|
direct allocation
|
page read and write
|
||
|
C92000
|
direct allocation
|
page read and write
|
||
|
43A4000
|
direct allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
5C02000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
6D1000
|
unkown
|
page read and write
|
||
|
2461000
|
direct allocation
|
page read and write
|
||
|
5BEC000
|
heap
|
page read and write
|
||
|
492C000
|
stack
|
page read and write
|
||
|
61E01000
|
unkown
|
page execute read
|
||
|
5C57000
|
heap
|
page read and write
|
||
|
34A0000
|
direct allocation
|
page read and write
|
||
|
6A19000
|
heap
|
page read and write
|
||
|
5C5B000
|
heap
|
page read and write
|
||
|
5C2C000
|
heap
|
page read and write
|
||
|
C2E000
|
stack
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
5BEA000
|
heap
|
page read and write
|
||
|
5BF2000
|
heap
|
page read and write
|
||
|
439C000
|
direct allocation
|
page read and write
|
||
|
C17000
|
direct allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
37CA000
|
direct allocation
|
page read and write
|
||
|
347C000
|
direct allocation
|
page read and write
|
||
|
68C5000
|
stack
|
page read and write
|
||
|
30E1000
|
direct allocation
|
page read and write
|
||
|
395E000
|
stack
|
page read and write
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
BC8000
|
direct allocation
|
page read and write
|
||
|
3472000
|
direct allocation
|
page read and write
|
||
|
5C80000
|
heap
|
page read and write
|
||
|
6C380000
|
unkown
|
page execute read
|
||
|
5C4A000
|
heap
|
page read and write
|
||
|
34C8000
|
direct allocation
|
page read and write
|
||
|
5C70000
|
heap
|
page read and write
|
||
|
6E0E1000
|
unkown
|
page readonly
|
||
|
8D0000
|
unkown
|
page read and write
|
||
|
C25000
|
direct allocation
|
page read and write
|
||
|
2EA8000
|
heap
|
page read and write
|
||
|
380D000
|
direct allocation
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
37C8000
|
direct allocation
|
page read and write
|
||
|
34BC000
|
direct allocation
|
page read and write
|
||
|
26D0000
|
direct allocation
|
page execute and read and write
|
||
|
5C37000
|
heap
|
page read and write
|
||
|
42CC000
|
direct allocation
|
page read and write
|
||
|
5C57000
|
heap
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
30E5000
|
direct allocation
|
page read and write
|
||
|
5C0B000
|
heap
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
5C96000
|
heap
|
page read and write
|
||
|
E09000
|
heap
|
page read and write
|
||
|
6C392000
|
unkown
|
page readonly
|
||
|
5C5E000
|
heap
|
page read and write
|
||
|
2468000
|
direct allocation
|
page read and write
|
||
|
3BDC000
|
stack
|
page read and write
|
||
|
5C19000
|
heap
|
page read and write
|
||
|
8BD000
|
heap
|
page read and write
|
||
|
349E000
|
direct allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
90B000
|
heap
|
page read and write
|
||
|
5C61000
|
heap
|
page read and write
|
||
|
8D0000
|
unkown
|
page read and write
|
||
|
4390000
|
direct allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
2296000
|
direct allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
5BF5000
|
heap
|
page read and write
|
||
|
6C6A0000
|
unkown
|
page readonly
|
||
|
30F6000
|
direct allocation
|
page read and write
|
||
|
43A6000
|
direct allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
6F4F000
|
stack
|
page read and write
|
||
|
22C8000
|
direct allocation
|
page read and write
|
||
|
3488000
|
direct allocation
|
page read and write
|
||
|
6A33000
|
heap
|
page read and write
|
||
|
3CDD000
|
stack
|
page read and write
|
||
|
2F60000
|
direct allocation
|
page execute and read and write
|
||
|
5C32000
|
heap
|
page read and write
|
||
|
252D000
|
direct allocation
|
page read and write
|
||
|
3439000
|
direct allocation
|
page read and write
|
||
|
DC4000
|
heap
|
page read and write
|
||
|
6D9E0000
|
unkown
|
page readonly
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
204E000
|
stack
|
page read and write
|
||
|
3484000
|
direct allocation
|
page read and write
|
||
|
7FD90000
|
direct allocation
|
page read and write
|
||
|
2FB6000
|
direct allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
3482000
|
direct allocation
|
page read and write
|
||
|
6E0D1000
|
unkown
|
page execute read
|
||
|
3443000
|
direct allocation
|
page read and write
|
||
|
223E000
|
direct allocation
|
page read and write
|
||
|
5C28000
|
heap
|
page read and write
|
||
|
6C10A000
|
unkown
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
5C5F000
|
heap
|
page read and write
|
||
|
6C701000
|
unkown
|
page readonly
|
||
|
3B41000
|
heap
|
page read and write
|
||
|
7001000
|
unkown
|
page execute and read and write
|
||
|
C7D000
|
direct allocation
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
340B000
|
direct allocation
|
page read and write
|
||
|
5C66000
|
heap
|
page read and write
|
||
|
6CE000
|
unkown
|
page read and write
|
||
|
43D6000
|
direct allocation
|
page read and write
|
||
|
2E9B000
|
heap
|
page read and write
|
||
|
30FC000
|
heap
|
page read and write
|
||
|
3479000
|
direct allocation
|
page read and write
|
||
|
3B41000
|
heap
|
page read and write
|
||
|
35D0000
|
direct allocation
|
page read and write
|
||
|
5C69000
|
heap
|
page read and write
|
||
|
4B7000
|
unkown
|
page write copy
|
||
|
3419000
|
direct allocation
|
page read and write
|
||
|
5C27000
|
heap
|
page read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
2640000
|
direct allocation
|
page read and write
|
||
|
7064000
|
unkown
|
page execute and read and write
|
||
|
6C71B000
|
unkown
|
page read and write
|
||
|
7F3000
|
heap
|
page read and write
|
||
|
2DC0000
|
direct allocation
|
page read and write
|
||
|
41BC000
|
stack
|
page read and write
|
||
|
CD4000
|
direct allocation
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
2855000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
CCD000
|
direct allocation
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
6C107000
|
unkown
|
page read and write
|
||
|
2F00000
|
direct allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
2DCF000
|
direct allocation
|
page read and write
|
||
|
3B30000
|
direct allocation
|
page execute and read and write
|
||
|
354C000
|
direct allocation
|
page read and write
|
||
|
3776000
|
direct allocation
|
page read and write
|
||
|
2212000
|
direct allocation
|
page read and write
|
||
|
E05000
|
heap
|
page read and write
|
||
|
2FB9000
|
direct allocation
|
page read and write
|
||
|
C8B000
|
direct allocation
|
page read and write
|
||
|
348C000
|
direct allocation
|
page read and write
|
||
|
94D000
|
heap
|
page read and write
|
||
|
312B000
|
heap
|
page read and write
|
||
|
362E000
|
stack
|
page read and write
|
||
|
5C3F000
|
heap
|
page read and write
|
||
|
5C57000
|
heap
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
372F000
|
direct allocation
|
page read and write
|
||
|
2EA3000
|
heap
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
2FEB000
|
direct allocation
|
page read and write
|
||
|
2278000
|
direct allocation
|
page read and write
|
||
|
4396000
|
direct allocation
|
page read and write
|
||
|
5C39000
|
heap
|
page read and write
|
||
|
2F90000
|
direct allocation
|
page read and write
|
||
|
34CA000
|
direct allocation
|
page read and write
|
||
|
3005000
|
direct allocation
|
page read and write
|
||
|
34AA000
|
direct allocation
|
page read and write
|
There are 1090 hidden memdumps, click here to show them.