Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Swift Mesaj#U0131#09971.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\492576258725572177298999.tmp
|
SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 3, database pages 22, 1st free
page 7, free pages 2, cookie 0x10, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\nssdbm3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\E0F35830\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\nsjFA0C.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Bikes\Bombekrater210\Cykelhandlerne.Sme
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Castrate\memstat.c
|
C source, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Coasting102.For
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Novelizes\selection-end-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\libxml2-2.0.typelib
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
There are 46 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
||
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
||
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe" /c C:\Windows\system32\timeout.exe 3 & del "Swift Mesaj#U0131#09971.exe
|
||
C:\Windows\SysWOW64\timeout.exe
|
C:\Windows\system32\timeout.exe 3
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://dbxo1.shop/db1/index.php
|
172.67.203.65
|
||
https://aapancart.com/
|
unknown
|
||
http://dbxo1.shop/db1/index.phpp
|
unknown
|
||
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
http://dbxo1.shop/db1/index.phpft
|
unknown
|
||
http://dbxo1.shop/db1/index.phpl
|
unknown
|
||
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
http://dbxo1.shop/
|
unknown
|
||
http://ocsp.thawte.com0
|
unknown
|
||
http://www.mozilla.com0
|
unknown
|
||
http://dbxo1.shop/nr
|
unknown
|
||
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
http://dbxo1.shop/db1/index.phpC
|
unknown
|
There are 3 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
dbxo1.shop
|
172.67.203.65
|
||
aapancart.com
|
103.14.99.114
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.67.203.65
|
dbxo1.shop
|
United States
|
||
103.14.99.114
|
aapancart.com
|
Singapore
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fivefoldness\Endosseringerne\Fouragen
|
Arigue
|
||
HKEY_CURRENT_USER\SOFTWARE\Fruticeta\Lavandin\Kingliest\Ernringsenhed
|
Legating
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
1D9B8000
|
direct allocation
|
page read and write
|
||
2AF0000
|
direct allocation
|
page execute and read and write
|
||
1660000
|
remote allocation
|
page execute and read and write
|
||
5AB000
|
heap
|
page read and write
|
||
1D460000
|
direct allocation
|
page read and write
|
||
1D570000
|
direct allocation
|
page read and write
|
||
1D9BC000
|
direct allocation
|
page read and write
|
||
18BC000
|
heap
|
page read and write
|
||
1DD10000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D480000
|
direct allocation
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1D500000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
91E000
|
stack
|
page read and write
|
||
1E680000
|
direct allocation
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1D4E0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
179E000
|
stack
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
10020000
|
trusted library allocation
|
page read and write
|
||
242F000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
5BE000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD14000
|
direct allocation
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D1FD000
|
stack
|
page read and write
|
||
1D0AD000
|
stack
|
page read and write
|
||
1DD1C000
|
direct allocation
|
page read and write
|
||
431000
|
unkown
|
page read and write
|
||
1D02F000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D570000
|
direct allocation
|
page read and write
|
||
5C3000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1CFEE000
|
stack
|
page read and write
|
||
1E66C000
|
direct allocation
|
page read and write
|
||
1DAEC000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1CA31000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD10000
|
direct allocation
|
page read and write
|
||
45C000
|
unkown
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1E6E4000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1E694000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD10000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D990000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DA70000
|
direct allocation
|
page read and write
|
||
1DA80000
|
direct allocation
|
page read and write
|
||
186C000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1CA30000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
185A000
|
heap
|
page read and write
|
||
1E658000
|
direct allocation
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
1D29E000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4F0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4A0000
|
direct allocation
|
page read and write
|
||
1CA31000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1E70C000
|
direct allocation
|
page read and write
|
||
17F8000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4C0000
|
direct allocation
|
page read and write
|
||
1D4D0000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
473000
|
unkown
|
page read and write
|
||
95E000
|
stack
|
page read and write
|
||
2A40000
|
trusted library allocation
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DCE8000
|
direct allocation
|
page read and write
|
||
183A000
|
heap
|
page read and write
|
||
1D970000
|
direct allocation
|
page read and write
|
||
1E6B4000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
2C51000
|
heap
|
page read and write
|
||
1D480000
|
direct allocation
|
page read and write
|
||
28AF000
|
stack
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D540000
|
direct allocation
|
page read and write
|
||
1A6F000
|
stack
|
page read and write
|
||
1DD28000
|
direct allocation
|
page read and write
|
||
1D540000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1E90E000
|
direct allocation
|
page read and write
|
||
18BC000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
10003000
|
unkown
|
page readonly
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
178000
|
direct allocation
|
page read and write
|
||
18C4000
|
heap
|
page read and write
|
||
1D4D0000
|
direct allocation
|
page read and write
|
||
186C000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
20000
|
unclassified section
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
476000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
186C000
|
heap
|
page read and write
|
||
1E824000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
480000
|
heap
|
page read and write
|
||
1D47C000
|
direct allocation
|
page read and write
|
||
1D530000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DA70000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1D474000
|
direct allocation
|
page read and write
|
||
1E6F4000
|
direct allocation
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1DD5C000
|
direct allocation
|
page read and write
|
||
1DA80000
|
direct allocation
|
page read and write
|
||
1B2F000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
1914000
|
heap
|
page read and write
|
||
1D510000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D49C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
60000
|
trusted library allocation
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E6A8000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
2DD0000
|
trusted library allocation
|
page read and write
|
||
1D12E000
|
stack
|
page read and write
|
||
9DE000
|
stack
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1D530000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D670000
|
direct allocation
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D490000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
476000
|
unkown
|
page readonly
|
||
1D41C000
|
stack
|
page read and write
|
||
1D870000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
4530000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D0000
|
unclassified section
|
page readonly
|
||
1D520000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
51E000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D500000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D9B8000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
476000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1D4B0000
|
direct allocation
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1D0000
|
unclassified section
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1E6D8000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D4E0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
18AF000
|
heap
|
page read and write
|
||
18C2000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E700000
|
direct allocation
|
page read and write
|
||
2464000
|
heap
|
page read and write
|
||
18CA000
|
heap
|
page read and write
|
||
5EF000
|
stack
|
page read and write
|
||
186C000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DA9C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E710000
|
direct allocation
|
page read and write
|
||
178000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E65C000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1E6CC000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D978000
|
direct allocation
|
page read and write
|
||
1A70000
|
trusted library allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D06E000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E670000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
2D90000
|
trusted library allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1871000
|
heap
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1D260000
|
remote allocation
|
page read and write
|
||
1D480000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
83F000
|
stack
|
page read and write
|
||
18C6000
|
heap
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
476000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1D510000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
5C0000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D16F000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E83C000
|
direct allocation
|
page read and write
|
||
1DD14000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
9E0000
|
trusted library allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
43F000
|
unkown
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
570000
|
heap
|
page read and write
|
||
A0000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4C0000
|
direct allocation
|
page read and write
|
||
43C000
|
unkown
|
page read and write
|
||
19A000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E710000
|
direct allocation
|
page read and write
|
||
2460000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1CA31000
|
heap
|
page read and write
|
||
1DD18000
|
direct allocation
|
page read and write
|
||
1DB7C000
|
direct allocation
|
page read and write
|
||
1E6B0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
10000000
|
unkown
|
page readonly
|
||
1915000
|
heap
|
page read and write
|
||
1DB14000
|
direct allocation
|
page read and write
|
||
2320000
|
heap
|
page read and write
|
||
1E74C000
|
stack
|
page read and write
|
||
2C51000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
F0000
|
trusted library allocation
|
page read and write
|
||
96000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
4D0000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD10000
|
direct allocation
|
page read and write
|
||
186A000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4C8000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1D468000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1CBB0000
|
trusted library allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
A7E000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
17F0000
|
heap
|
page read and write
|
||
1875000
|
heap
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4F0000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
18F6000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1E6A4000
|
direct allocation
|
page read and write
|
||
1DCC4000
|
direct allocation
|
page read and write
|
||
1EB00000
|
trusted library allocation
|
page read and write
|
||
1D4A0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D260000
|
remote allocation
|
page read and write
|
||
520000
|
trusted library allocation
|
page read and write
|
||
1DDC0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D530000
|
direct allocation
|
page read and write
|
||
1DE90000
|
direct allocation
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D1BD000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1E70C000
|
direct allocation
|
page read and write
|
||
52C000
|
stack
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4B0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
1E6B8000
|
direct allocation
|
page read and write
|
||
1D4B0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1D498000
|
direct allocation
|
page read and write
|
||
1E698000
|
direct allocation
|
page read and write
|
||
1E6D0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E660000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD20000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E674000
|
direct allocation
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1915000
|
heap
|
page read and write
|
||
1D570000
|
direct allocation
|
page read and write
|
||
476000
|
unkown
|
page readonly
|
||
560000
|
unclassified section
|
page readonly
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DA70000
|
direct allocation
|
page read and write
|
||
1E900000
|
direct allocation
|
page read and write
|
||
22CE000
|
stack
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
4D4000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E704000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1914000
|
heap
|
page read and write
|
||
5AE000
|
stack
|
page read and write
|
||
1E6A0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E830000
|
direct allocation
|
page read and write
|
||
2B68000
|
heap
|
page read and write
|
||
1D520000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E654000
|
direct allocation
|
page read and write
|
||
1E68C000
|
direct allocation
|
page read and write
|
||
1D260000
|
remote allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4E0000
|
direct allocation
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD24000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D540000
|
direct allocation
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D540000
|
direct allocation
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
2B60000
|
heap
|
page read and write
|
||
40A000
|
unkown
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E678000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
2A00000
|
trusted library allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
4D4000
|
heap
|
page read and write
|
||
1D770000
|
direct allocation
|
page read and write
|
||
3359000
|
trusted library allocation
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1DDA8000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD10000
|
direct allocation
|
page read and write
|
||
1865000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D47C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
5C6000
|
heap
|
page read and write
|
||
1825000
|
heap
|
page read and write
|
||
1D520000
|
direct allocation
|
page read and write
|
||
1D490000
|
direct allocation
|
page read and write
|
||
470000
|
unclassified section
|
page readonly
|
||
17DE000
|
stack
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D478000
|
direct allocation
|
page read and write
|
||
1D4C0000
|
direct allocation
|
page read and write
|
||
1D2DF000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1E6C0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
437000
|
unkown
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
17C000
|
direct allocation
|
page read and write
|
||
1EB28000
|
trusted library allocation
|
page read and write
|
||
1CF6E000
|
stack
|
page read and write
|
||
1E64C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD1C000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
10059000
|
trusted library allocation
|
page read and write
|
||
1D520000
|
direct allocation
|
page read and write
|
||
18BC000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
18B4000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
93F000
|
stack
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD58000
|
direct allocation
|
page read and write
|
||
1D500000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4D0000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
18AD000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
29C0000
|
trusted library allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1CA31000
|
heap
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1A2E000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1660000
|
remote allocation
|
page execute and read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DA90000
|
direct allocation
|
page read and write
|
||
578000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E67C000
|
direct allocation
|
page read and write
|
||
1D500000
|
direct allocation
|
page read and write
|
||
1D490000
|
direct allocation
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
10001000
|
unkown
|
page execute read
|
||
1E6E8000
|
direct allocation
|
page read and write
|
||
1D480000
|
direct allocation
|
page read and write
|
||
1E6D4000
|
direct allocation
|
page read and write
|
||
42F000
|
unkown
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD10000
|
direct allocation
|
page read and write
|
||
1E6F8000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E800000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E912000
|
direct allocation
|
page read and write
|
||
4EC000
|
stack
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D530000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
2310000
|
heap
|
page read and write
|
||
1D490000
|
direct allocation
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
1DD18000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1EAFD000
|
stack
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
4CE000
|
stack
|
page read and write
|
||
1DD10000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1EB01000
|
trusted library allocation
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
2C50000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
99E000
|
stack
|
page read and write
|
||
20000
|
unclassified section
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1AEE000
|
stack
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D510000
|
direct allocation
|
page read and write
|
||
2325000
|
heap
|
page read and write
|
||
1E664000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
18F0000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
18BC000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DCAC000
|
direct allocation
|
page read and write
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D32C000
|
stack
|
page read and write
|
||
1D4A0000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1E840000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E6BC000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4C0000
|
direct allocation
|
page read and write
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4D0000
|
direct allocation
|
page read and write
|
||
8D0000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D42B000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D47C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1DD08000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
60000
|
direct allocation
|
page read and write
|
||
1D474000
|
direct allocation
|
page read and write
|
||
97E000
|
stack
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1CB70000
|
trusted library allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
1910000
|
heap
|
page read and write
|
||
1E2C0000
|
direct allocation
|
page read and write
|
||
1D464000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D474000
|
direct allocation
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1D4B0000
|
direct allocation
|
page read and write
|
||
1D490000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1868000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
10005000
|
unkown
|
page readonly
|
||
1E650000
|
direct allocation
|
page read and write
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1875000
|
heap
|
page read and write
|
||
1DA8C000
|
direct allocation
|
page read and write
|
||
1D4A0000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1DD04000
|
direct allocation
|
page read and write
|
||
1D4E0000
|
direct allocation
|
page read and write
|
||
228E000
|
stack
|
page read and write
|
||
1DD00000
|
direct allocation
|
page read and write
|
||
186C000
|
heap
|
page read and write
|
||
1CFAF000
|
stack
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D510000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
1DD28000
|
direct allocation
|
page read and write
|
||
476000
|
unkown
|
page readonly
|
||
1E69C000
|
direct allocation
|
page read and write
|
||
1E2C0000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1E208000
|
direct allocation
|
page read and write
|
||
1DD0C000
|
direct allocation
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1E690000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1914000
|
heap
|
page read and write
|
||
1D4F0000
|
direct allocation
|
page read and write
|
||
18BD000
|
heap
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
992000
|
unkown
|
page write copy
|
||
1D464000
|
direct allocation
|
page read and write
|
||
1915000
|
heap
|
page read and write
|
||
1914000
|
heap
|
page read and write
|
||
1D4F0000
|
direct allocation
|
page read and write
|
||
1D4E0000
|
direct allocation
|
page read and write
|
There are 742 hidden memdumps, click here to show them.