Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
G3izWAY3Fa.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Windows\SysWOW64\033726\RCX773C.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\033726\svchost.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\034031\RCX8B31.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\034031\svchost.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Temp\ .exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Temp\server.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Temp\v5.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
|
|
|
C:\Windows\XXXXXX05CA35CC\svchsot.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\XXXXXX579E5A5B VVVVVVrr2unw==\svchsot.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\05CA35CC
|
ASCII text, with no line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\G3izWAY3Fa.exe
|
"C:\Users\user\Desktop\G3izWAY3Fa.exe"
|
|
|
|
C:\Windows\Temp\v5.exe
|
"C:\Windows\temp\v5.exe"
|
|
|
|
C:\Windows\Temp\server.exe
|
"C:\Windows\temp\server.exe"
|
|
|
|
C:\Windows\Temp\v5.exe
|
C:\Windows\temp\v5.exe
|
|
|
|
C:\Windows\Temp\ .exe
|
"C:\Windows\temp\ .exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c del C:\Windows\temp\v5.exe > nul
|
|
|
|
C:\Windows\SysWOW64\033726\svchost.exe
|
"C:\Windows\system32\033726\svchost.exe"
|
|
|
|
C:\Windows\SysWOW64\034031\svchost.exe
|
"C:\Windows\system32\034031\svchost.exe"
|
|
|
|
C:\Windows\XXXXXX05CA35CC\svchsot.exe
|
"C:\Windows\XXXXXX05CA35CC\svchsot.exe"
|
|
|
|
C:\Windows\XXXXXX579E5A5B VVVVVVrr2unw==\svchsot.exe
|
"C:\Windows\XXXXXX579E5A5B VVVVVVrr2unw==\svchsot.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.tmp & del /f /s /q %systemdrive%\*._mp & del /f /a /q %systemdrive%*.sqm
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.gid && exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.chk & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %windir%\*.bak & del /f /s /q %systemdrive%\*.old & del /f /s /q %windir%\softwaredistribution\download\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\recycled\*.* & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %userprofile%\Local Settings\Temp\*.* & del /f /q %userprofile%\cookies\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %userprofile%\Local Settings\Temporary Internet Files\*.* & del /f /s /q %userprofile%\recent\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %windir%\$NtUninstal*.* & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.tmp & del /f /s /q %systemdrive%\*._mp & del /f /a /q %systemdrive%*.sqm
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.gid && exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.chk & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %windir%\*.bak & del /f /s /q %systemdrive%\*.old & del /f /s /q %windir%\softwaredistribution\download\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\recycled\*.* & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %userprofile%\Local Settings\Temp\*.* & del /f /q %userprofile%\cookies\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %userprofile%\Local Settings\Temporary Internet Files\*.* & del /f /s /q %userprofile%\recent\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %windir%\$NtUninstal*.* & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.tmp & del /f /s /q %systemdrive%\*._mp & del /f /a /q %systemdrive%*.sqm
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.gid && exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.chk & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %windir%\*.bak & del /f /s /q %systemdrive%\*.old & del /f /s /q %windir%\softwaredistribution\download\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\recycled\*.* & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %userprofile%\Local Settings\Temp\*.* & del /f /q %userprofile%\cookies\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %userprofile%\Local Settings\Temporary Internet Files\*.* & del /f /s /q %userprofile%\recent\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %windir%\$NtUninstal*.* & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.tmp & del /f /s /q %systemdrive%\*._mp & del /f /a /q %systemdrive%*.sqm
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.gid && exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\*.chk & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %windir%\*.bak & del /f /s /q %systemdrive%\*.old & del /f /s /q %windir%\softwaredistribution\download\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %systemdrive%\recycled\*.* & exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %userprofile%\Local Settings\Temp\*.* & del /f /q %userprofile%\cookies\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %userprofile%\Local Settings\Temporary Internet Files\*.* & del /f /s /q %userprofile%\recent\*.*
& exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k del /f /s /q %windir%\$NtUninstal*.* & exit
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 65 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.af0575.com:2011/1.exe8
|
unknown
|
||
|
http://www.wk1888.com:2011/1.exer
|
unknown
|
||
|
http://www.af0575.com:2011/1.exe
|
unknown
|
||
|
http://www.af0575.com:2011/1.exer
|
unknown
|
||
|
http://www.fz0575.com:2011/1.exe
|
unknown
|
||
|
http://www.wk1888.com/
|
unknown
|
||
|
http://www.af0575.com:2011/1.exee3
|
unknown
|
||
|
http://www.af0575.com:2011/1.exe~l
|
unknown
|
||
|
https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGY
|
unknown
|
||
|
http://192.168.2.1
|
unknown
|
||
|
http://192.168.2.1:80/_
|
unknown
|
||
|
http://192.168.2.1:80/6to4
|
unknown
|
||
|
http://192.168.2.1/1
|
unknown
|
||
|
http://www.af0575.com:2011/1.exee
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.af0575.com:2011/1.exeb
|
unknown
|
||
|
http://www.fz0575.com:2011/1.exew
|
unknown
|
||
|
http://192.168.2.1:80/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://192.168.2.1/VZ
|
unknown
|
||
|
http://192.168.2.1/h
|
unknown
|
||
|
http://www.fz0575.com:2011/1.exer
|
unknown
|
||
|
http://192.168.2.1/
|
unknown
|
||
|
http://www.wk1888.com:2011/1.exe
|
unknown
|
||
|
http://www.fz0575.com:2011/1.exe-
|
unknown
|
||
|
http://www.fz0575.com:2011/1.exelo~
|
unknown
|
||
|
http://www.af0575.com:2011/1.exejlt
|
unknown
|
||
|
http://192.168.2.1:80/~
|
unknown
|
||
|
http://www.wk1888.com:2011/1.exetlV
|
unknown
|
||
|
http://192.168.2.1/b6
|
unknown
|
||
|
http://www.fz0575.com:2011/1.exeNoP
|
unknown
|
||
|
http://192.168.2.1:80/4
|
unknown
|
||
|
http://www.fz0575.com:2011/1.exepoj
|
unknown
|
There are 24 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chinagov.8800.org
|
8.7.198.46
|
|
|
|
www.af0575.com
|
unknown
|
|
|
|
www.wk1888.com
|
unknown
|
|
|
|
www.fz0575.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
120.48.34.233
|
unknown
|
China
|
|
|
|
8.7.198.46
|
chinagov.8800.org
|
United States
|
|
|
|
46.82.174.69
|
unknown
|
Germany
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
XXXXXX05CA35CC
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
XXXXXX579E5A5B VVVVVVrr2unw==
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1007A000
|
direct allocation
|
page read and write
|
|
|
|
1007A000
|
direct allocation
|
page read and write
|
|
|
|
401000
|
unkown
|
page execute and read and write
|
|
|
|
1007A000
|
direct allocation
|
page read and write
|
|
|
|
650000
|
direct allocation
|
page read and write
|
|
|
|
401000
|
unkown
|
page execute and read and write
|
|
|
|
1007A000
|
direct allocation
|
page read and write
|
|
|
|
2A5D000
|
stack
|
page read and write
|
|
|
|
1007A000
|
direct allocation
|
page read and write
|
|
|
|
889000
|
heap
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
25EE000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
2B1C000
|
heap
|
page read and write
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
388F000
|
stack
|
page read and write
|
||
|
6B6000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
4277000
|
trusted library allocation
|
page read and write
|
||
|
249E000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
84C000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
10001000
|
direct allocation
|
page execute read
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
603000
|
heap
|
page read and write
|
||
|
188F000
|
stack
|
page read and write
|
||
|
51E000
|
stack
|
page read and write
|
||
|
2302000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
409000
|
unkown
|
page execute and write copy
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
1006E000
|
direct allocation
|
page readonly
|
||
|
470000
|
unkown
|
page readonly
|
||
|
353F000
|
stack
|
page read and write
|
||
|
2441000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
234D000
|
heap
|
page read and write
|
||
|
2551000
|
trusted library allocation
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
246B000
|
heap
|
page read and write
|
||
|
2090000
|
direct allocation
|
page read and write
|
||
|
100F8000
|
direct allocation
|
page read and write
|
||
|
6AF000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
378E000
|
stack
|
page read and write
|
||
|
4C4B000
|
stack
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
5E0000
|
direct allocation
|
page execute and read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
64D000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
313C000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
22F1000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page write copy
|
||
|
174F000
|
stack
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
358C000
|
stack
|
page read and write
|
||
|
6DC000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
21F4000
|
stack
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
4274000
|
trusted library allocation
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
71F000
|
heap
|
page read and write
|
||
|
100F8000
|
direct allocation
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
4279000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
direct allocation
|
page read and write
|
||
|
24C8000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
285A000
|
trusted library allocation
|
page read and write
|
||
|
1C50000
|
remote allocation
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
74C000
|
heap
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
52F000
|
unkown
|
page readonly
|
||
|
61E000
|
stack
|
page read and write
|
||
|
2488000
|
heap
|
page read and write
|
||
|
2DBD000
|
stack
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
2479000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
75A000
|
heap
|
page read and write
|
||
|
24A2000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
23EC000
|
stack
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
21DF000
|
stack
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
4DB000
|
unkown
|
page readonly
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
520000
|
heap
|
page read and write
|
||
|
247C000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
2347000
|
heap
|
page read and write
|
||
|
1C50000
|
remote allocation
|
page read and write
|
||
|
5EC000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
2459000
|
heap
|
page read and write
|
||
|
717000
|
heap
|
page read and write
|
||
|
24D8000
|
heap
|
page read and write
|
||
|
24AE000
|
stack
|
page read and write
|
||
|
835000
|
heap
|
page read and write
|
||
|
26FF000
|
stack
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
26EF000
|
stack
|
page read and write
|
||
|
427B000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
602000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
249E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
25BB000
|
stack
|
page read and write
|
||
|
96D000
|
stack
|
page read and write
|
||
|
100F8000
|
direct allocation
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
2466000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
100F3000
|
direct allocation
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
660000
|
heap
|
page read and write
|
||
|
337F000
|
stack
|
page read and write
|
||
|
427E000
|
trusted library allocation
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
67D000
|
heap
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
2CBC000
|
stack
|
page read and write
|
||
|
2491000
|
heap
|
page read and write
|
||
|
2853000
|
trusted library allocation
|
page read and write
|
||
|
2852000
|
trusted library allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
865000
|
heap
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
2501000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
4276000
|
trusted library allocation
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
812000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
6CC000
|
heap
|
page read and write
|
||
|
40C000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute read
|
||
|
245B000
|
heap
|
page read and write
|
||
|
6DD000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6DA000
|
heap
|
page read and write
|
||
|
470000
|
unkown
|
page readonly
|
||
|
785000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page execute and read and write
|
||
|
4273000
|
trusted library allocation
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
93000
|
stack
|
page read and write
|
||
|
10001000
|
direct allocation
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page read and write
|
||
|
24C6000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
212F000
|
stack
|
page read and write
|
||
|
285B000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
4276000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
8B1000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
285C000
|
heap
|
page read and write
|
||
|
2DFC000
|
stack
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
2477000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
4278000
|
trusted library allocation
|
page read and write
|
||
|
51D000
|
unkown
|
page readonly
|
||
|
4D5000
|
unkown
|
page write copy
|
||
|
411F000
|
stack
|
page read and write
|
||
|
40B000
|
unkown
|
page execute and read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
2857000
|
trusted library allocation
|
page read and write
|
||
|
246A000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
23D1000
|
heap
|
page read and write
|
||
|
100FA000
|
direct allocation
|
page execute and read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
6AE000
|
heap
|
page read and write
|
||
|
2856000
|
trusted library allocation
|
page read and write
|
||
|
287F000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
427F000
|
trusted library allocation
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
2459000
|
heap
|
page read and write
|
||
|
100F3000
|
direct allocation
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page readonly
|
||
|
407000
|
unkown
|
page write copy
|
||
|
283F000
|
stack
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
2455000
|
heap
|
page read and write
|
||
|
20BE000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2576000
|
heap
|
page read and write
|
||
|
2447000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
203C000
|
stack
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24A8000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
2451000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
2851000
|
heap
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
100FA000
|
direct allocation
|
page execute and read and write
|
||
|
100FA000
|
direct allocation
|
page execute and read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
368C000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
2445000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
603000
|
heap
|
page read and write
|
||
|
104C000
|
stack
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
66E000
|
heap
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
23F0000
|
direct allocation
|
page execute and read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
5F0000
|
direct allocation
|
page read and write
|
||
|
23B0000
|
direct allocation
|
page execute and read and write
|
||
|
2401000
|
heap
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
2401000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
4272000
|
trusted library allocation
|
page read and write
|
||
|
2501000
|
heap
|
page read and write
|
||
|
247A000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
248D000
|
heap
|
page read and write
|
||
|
4275000
|
trusted library allocation
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
1006E000
|
direct allocation
|
page readonly
|
||
|
407000
|
unkown
|
page read and write
|
||
|
198000
|
stack
|
page read and write
|
||
|
48AE000
|
stack
|
page read and write
|
||
|
23C4000
|
stack
|
page read and write
|
||
|
25AF000
|
stack
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
23EE000
|
stack
|
page read and write
|
||
|
21FF000
|
stack
|
page read and write
|
||
|
2040000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
244D000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
22E2000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
2495000
|
heap
|
page read and write
|
||
|
69D000
|
heap
|
page read and write
|
||
|
1C9E000
|
stack
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
1006E000
|
direct allocation
|
page readonly
|
||
|
88B000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
2854000
|
trusted library allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
4ADF000
|
stack
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
6DC000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
354F000
|
stack
|
page read and write
|
||
|
285F000
|
trusted library allocation
|
page read and write
|
||
|
24D8000
|
heap
|
page read and write
|
||
|
7BE000
|
heap
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
22E2000
|
heap
|
page read and write
|
||
|
77F000
|
stack
|
page read and write
|
||
|
2E01000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
470F000
|
stack
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page write copy
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
1006E000
|
direct allocation
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page write copy
|
||
|
2484000
|
heap
|
page read and write
|
||
|
2454000
|
heap
|
page read and write
|
||
|
427B000
|
trusted library allocation
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
2551000
|
trusted library allocation
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
297D000
|
heap
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
4273000
|
trusted library allocation
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
245F000
|
heap
|
page read and write
|
||
|
100F3000
|
direct allocation
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
427C000
|
trusted library allocation
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
2477000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
246F000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
82C000
|
heap
|
page read and write
|
||
|
24F4000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
6DC000
|
heap
|
page read and write
|
||
|
6A9000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
2484000
|
heap
|
page read and write
|
||
|
2468000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
2455000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
202F000
|
stack
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
4E7000
|
unkown
|
page readonly
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
460E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
4B4C000
|
stack
|
page read and write
|
||
|
4270000
|
heap
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
2412000
|
heap
|
page read and write
|
||
|
46C000
|
unkown
|
page readonly
|
||
|
6F1000
|
heap
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
4274000
|
trusted library allocation
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
244C000
|
heap
|
page read and write
|
||
|
45CF000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
393E000
|
stack
|
page read and write
|
||
|
22E2000
|
heap
|
page read and write
|
||
|
2591000
|
heap
|
page read and write
|
||
|
2700000
|
direct allocation
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
2768000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
2040000
|
trusted library allocation
|
page read and write
|
||
|
708000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
2583000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
100FA000
|
direct allocation
|
page execute and read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
94F000
|
stack
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
249A000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
51D000
|
unkown
|
page readonly
|
||
|
295C000
|
stack
|
page read and write
|
||
|
100FA000
|
direct allocation
|
page execute and read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
2853000
|
trusted library allocation
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
10001000
|
direct allocation
|
page execute read
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
250E000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
100F8000
|
direct allocation
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
1D5000
|
heap
|
page read and write
|
||
|
24B3000
|
heap
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
22E2000
|
heap
|
page read and write
|
||
|
2477000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6DD000
|
heap
|
page read and write
|
||
|
22D3000
|
stack
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
285C000
|
heap
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page readonly
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
4E7000
|
unkown
|
page readonly
|
||
|
58A000
|
heap
|
page read and write
|
||
|
2499000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
256E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
436000
|
unkown
|
page readonly
|
||
|
4270000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
602000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
22DF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6F1000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6A9000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page readonly
|
||
|
164E000
|
stack
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
2444000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
4274000
|
trusted library allocation
|
page read and write
|
||
|
40C000
|
unkown
|
page execute and write copy
|
||
|
296B000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
844000
|
heap
|
page read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
5CB000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
24AD000
|
heap
|
page read and write
|
||
|
4C4000
|
heap
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page read and write
|
||
|
47E000
|
unkown
|
page readonly
|
||
|
6DC000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
603000
|
heap
|
page read and write
|
||
|
26F3000
|
stack
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
197E000
|
stack
|
page read and write
|
||
|
2DDC000
|
stack
|
page read and write
|
||
|
2453000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
100F3000
|
direct allocation
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
2080000
|
direct allocation
|
page execute and read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
23C0000
|
direct allocation
|
page read and write
|
||
|
20DD000
|
stack
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
52F000
|
unkown
|
page readonly
|
||
|
691000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
4D5000
|
unkown
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
401E000
|
stack
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
231E000
|
stack
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
406000
|
unkown
|
page readonly
|
||
|
303F000
|
stack
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
22E2000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
2855000
|
trusted library allocation
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
47E000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
247A000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
234E000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
2454000
|
heap
|
page read and write
|
||
|
20C0000
|
direct allocation
|
page read and write
|
||
|
2473000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
193E000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page write copy
|
||
|
22E2000
|
heap
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4278000
|
trusted library allocation
|
page read and write
|
||
|
1B7D000
|
stack
|
page read and write
|
||
|
879000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
24A2000
|
heap
|
page read and write
|
||
|
22E1000
|
heap
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
209E000
|
stack
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
24C2000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
2857000
|
trusted library allocation
|
page read and write
|
||
|
100F8000
|
direct allocation
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
6940000
|
heap
|
page read and write
|
||
|
10001000
|
direct allocation
|
page execute read
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6140000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
521000
|
unkown
|
page readonly
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
178E000
|
stack
|
page read and write
|
||
|
2501000
|
heap
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
683000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
340F000
|
stack
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
465000
|
unkown
|
page readonly
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
7AC000
|
stack
|
page read and write
|
||
|
6DC000
|
heap
|
page read and write
|
||
|
425F000
|
stack
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2495000
|
heap
|
page read and write
|
||
|
6D9000
|
heap
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
465000
|
unkown
|
page readonly
|
||
|
1006E000
|
direct allocation
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2854000
|
trusted library allocation
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
6F1000
|
heap
|
page read and write
|
||
|
285E000
|
trusted library allocation
|
page read and write
|
||
|
317F000
|
stack
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
2460000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
80A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2851000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
4DB000
|
unkown
|
page readonly
|
||
|
407000
|
unkown
|
page write copy
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
383E000
|
stack
|
page read and write
|
||
|
40D000
|
unkown
|
page write copy
|
||
|
4279000
|
trusted library allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
160D000
|
stack
|
page read and write
|
||
|
521000
|
unkown
|
page readonly
|
||
|
570000
|
heap
|
page read and write
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
1D9F000
|
stack
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
2651000
|
trusted library allocation
|
page read and write
|
||
|
5DD000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
247A000
|
heap
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
6FF000
|
stack
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
4274000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
296F000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
669000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
32CF000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
4A5000
|
heap
|
page read and write
|
||
|
2446000
|
heap
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
6DA000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
6F1000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
44CE000
|
stack
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
22E1000
|
heap
|
page read and write
|
||
|
4271000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page execute and read and write
|
||
|
49DE000
|
stack
|
page read and write
|
||
|
10001000
|
direct allocation
|
page execute read
|
||
|
1F9F000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
83C000
|
heap
|
page read and write
|
||
|
23CF000
|
stack
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
26FF000
|
stack
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
32BF000
|
stack
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
4270000
|
trusted library allocation
|
page read and write
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
2472000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
285A000
|
trusted library allocation
|
page read and write
|
||
|
285E000
|
trusted library allocation
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
6F3000
|
heap
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
24BB000
|
heap
|
page read and write
|
||
|
2458000
|
heap
|
page read and write
|
||
|
234B000
|
heap
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
415E000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
46C000
|
unkown
|
page readonly
|
||
|
407000
|
unkown
|
page read and write
|
||
|
3FDF000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
249A000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
285C000
|
trusted library allocation
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
2758000
|
heap
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page execute and write copy
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
27BF000
|
stack
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
2834000
|
stack
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
100F3000
|
direct allocation
|
page read and write
|
||
|
285F000
|
trusted library allocation
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
2588000
|
heap
|
page read and write
|
||
|
22E2000
|
heap
|
page read and write
|
||
|
285F000
|
trusted library allocation
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
65A000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
22E1000
|
heap
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
6DC000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
22E2000
|
heap
|
page read and write
|
||
|
2460000
|
heap
|
page read and write
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
18DE000
|
stack
|
page read and write
|
||
|
244C000
|
heap
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
2348000
|
heap
|
page read and write
|
||
|
6B3F000
|
stack
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
1C50000
|
remote allocation
|
page read and write
|
||
|
42E000
|
unkown
|
page write copy
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
812000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
2456000
|
heap
|
page read and write
|
||
|
86F000
|
stack
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
There are 850 hidden memdumps, click here to show them.