Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
UnmxRI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\UnmxRI.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpB814.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\tehuvFgZlLZK.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\tehuvFgZlLZK.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\tehuvFgZlLZK.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_50cjj3ho.kq4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dx25u534.mhk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dy4y4iox.nsi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g04nl2g1.owh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kibruxtj.im2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t3gemjeh.our.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_winn5gu0.h3t.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yuonz50t.ybr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpD59E.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\y14291878
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\UnmxRI.exe
|
"C:\Users\user\Desktop\UnmxRI.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\UnmxRI.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\tehuvFgZlLZK.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\tehuvFgZlLZK" /XML "C:\Users\user\AppData\Local\Temp\tmpB814.tmp"
|
|
|
|
C:\Users\user\Desktop\UnmxRI.exe
|
"C:\Users\user\Desktop\UnmxRI.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\tehuvFgZlLZK.exe
|
C:\Users\user\AppData\Roaming\tehuvFgZlLZK.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\tehuvFgZlLZK" /XML "C:\Users\user\AppData\Local\Temp\tmpD59E.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\tehuvFgZlLZK.exe
|
"C:\Users\user\AppData\Roaming\tehuvFgZlLZK.exe"
|
|
|
|
C:\Program Files (x86)\CtkKkqRCKTeLWorQMANFOxEffNdIrCJxUciuGWmfIeGBgUxWfyrOBLfjyucmmacESEsiL\NUJqNHNKrrpXWLOEvky.exe
|
"C:\Program Files (x86)\CtkKkqRCKTeLWorQMANFOxEffNdIrCJxUciuGWmfIeGBgUxWfyrOBLfjyucmmacESEsiL\NUJqNHNKrrpXWLOEvky.exe"
|
|
|
|
C:\Windows\SysWOW64\print.exe
|
"C:\Windows\SysWOW64\print.exe"
|
|
|
|
C:\Program Files (x86)\CtkKkqRCKTeLWorQMANFOxEffNdIrCJxUciuGWmfIeGBgUxWfyrOBLfjyucmmacESEsiL\NUJqNHNKrrpXWLOEvky.exe
|
"C:\Program Files (x86)\CtkKkqRCKTeLWorQMANFOxEffNdIrCJxUciuGWmfIeGBgUxWfyrOBLfjyucmmacESEsiL\NUJqNHNKrrpXWLOEvky.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.theranchobizarro.com/fgkz/
|
52.9.242.57
|
|
|
|
http://www.pheonix-travels.com/fgkz/?4f2t8=qUFBQvWBSx+bgMqyDmLQ5iNb4eTiibWqPMlygN/fc4+dM2Q0fApyvpqDNInFWFQ7PUEWbfd7zdq6gjmLUkGdSLdX5yRbFI8ZXQ==&nFeHa=dbNpTj
|
91.195.240.19
|
|
|
|
http://www.slimdut.top/fgkz/
|
66.29.154.248
|
|
|
|
http://www.slimdut.top/fgkz/?4f2t8=+meHlBDXvFG0tp5IHuNp5aNfi3jbma4/KPg1jYwxKUxzXvorilFM4RqNjl5oI+tAWQpMLL6Kz03IcJJlzmvukn6IT7E7w1sf4w==&nFeHa=dbNpTj
|
66.29.154.248
|
|
|
|
http://www.sciencebot.sbs/fgkz/?4f2t8=Es1t8vCK0sN7XyYvnVVOljQ55acH3Wz1kLP2QzEOa9660+rpR75GQvSkA30bAYbOR2lPGVNfcPr7Ljt/1l/fB9BodoBufVLUjg==&nFeHa=dbNpTj
|
91.195.240.19
|
|
|
|
http://www.uty803.com/fgkz/
|
122.10.12.59
|
|
|
|
http://www.noobblaster.com/fgkz/
|
167.172.228.26
|
|
|
|
http://www.noobblaster.com/fgkz/?4f2t8=3m5S8RLi2FvoSMlAd2YNW/TJwuNR/4L3lTg0ZykUeQS0d3bBVkf5OCtf3wLO2p5Qie0G5ZQmXW/kTWMxHN/hjFLiWPmpcdZuTA==&nFeHa=dbNpTj
|
167.172.228.26
|
|
|
|
http://www.sportspaj.com/fgkz/?nFeHa=dbNpTj&4f2t8=WwxZJefTXlbC80/BpveukZyNeg7V77XnTSoth6J++MJln1PDQgVuwSMNXVc16zr9hGsIX6790/Sw0PUDFf+oDAGEaENhNNwIZQ==
|
212.32.237.90
|
|
|
|
http://www.otomain.info/fgkz/
|
104.21.92.135
|
|
|
|
http://www.nexgen-gaming.com/fgkz/
|
167.172.228.26
|
|
|
|
http://www.hugelmann.org/fgkz/?4f2t8=zruAGbX+zzZzwXhsAlQZAULZe4pnPcBNBYGP0N8wJF4ze778247Xmh3iJl2/TqyIQwvJNtjZAjEGWTxWxFAMT6BKV60sGMz7yg==&nFeHa=dbNpTj
|
216.40.34.41
|
|
|
|
http://www.hugelmann.org/fgkz/
|
216.40.34.41
|
|
|
|
http://www.sciencebot.sbs/fgkz/
|
91.195.240.19
|
|
|
|
http://www.sportspaj.com/fgkz/
|
212.32.237.90
|
|
|
|
http://www.theranchobizarro.com/fgkz/?4f2t8=ry+CYqlVG72iLi2DaEIeXBgMIr7sqRG0JYSJyoRnJC6JbGcr+8VOMaxMsy8Il53Bf6hY6wX/QfSecMpBbFe/nj9vDatoU4SrVQ==&nFeHa=dbNpTj
|
52.9.242.57
|
|
|
|
http://www.gpcamservices.com/fgkz/
|
119.18.54.85
|
|
|
|
http://www.nathanladd.software/fgkz/
|
91.195.240.19
|
|
|
|
http://www.uty803.com/fgkz/?4f2t8=aeeJEj57mUSUfFc8r0lYWf5TLjzOukydlBenCzdgyGJ4dbEC60EhS0rD3xa7pQMeZFPdLFyN09CO6nuGrnlSNGPfsMX8qY9T/A==&nFeHa=dbNpTj
|
122.10.12.59
|
|
|
|
http://www.nexgen-gaming.com/fgkz/?nFeHa=dbNpTj&4f2t8=L1TZCS35bu0vOYHNzZCPIdU0sWDhLvNiLfum3bQ18rX1WKbURfbupmyOYdxIRu4IbjlY68Wfuxyw3QRU1unQYy2+VkzFUIUgoQ==
|
167.172.228.26
|
|
|
|
http://www.theranchobizarro.com/terms
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://s3-us-west-2.amazonaws.com/listingzen/agents/agent4/450/agent1482359813.jpg
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.instagram.com/hover_domains
|
unknown
|
||
|
http://www.theranchobizarro.com/img/site/dark_logo.png
|
unknown
|
||
|
http://www.theranchobizarro.com/pricing#pricing
|
unknown
|
||
|
http://www.theranchobizarro.com/img/site/light_logo.png
|
unknown
|
||
|
https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881
|
unknown
|
||
|
https://performance.radar.cloudflare.com/beacon.js
|
unknown
|
||
|
https://www.cloudflare.com/login?utm_source=error_100x
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://sparrow.cloudflare.com/api/v1/event
|
unknown
|
||
|
http://ww1.nexgen-gaming.com
|
unknown
|
||
|
http://www.theranchobizarro.com/img/site/dark_logo_250.jpg
|
unknown
|
||
|
https://www.hover.com/email?source=parked
|
unknown
|
||
|
http://www.theranchobizarro.com/pricing
|
unknown
|
||
|
https://www.hover.com/about?source=parked
|
unknown
|
||
|
http://www.theranchobizarro.com/build/js/compiled/backend/app-56cea615a1.js
|
unknown
|
||
|
http://www.sportspaj.com/fgkz/?4f2t8=WwxZJefTXlbC80%2FBpveukZyNeg7V77XnTSoth6J
|
unknown
|
||
|
http://www.theranchobizarro.com/assets/materialize/dist/js/materialize.min.js
|
unknown
|
||
|
http://www.theranchobizarro.com/assets/pusher-js/dist/web/pusher.js
|
unknown
|
||
|
http://schema.org
|
unknown
|
||
|
https://www.hover.com/domains/results
|
unknown
|
||
|
http://www.theranchobizarro.com/marketplace
|
unknown
|
||
|
http://www.theranchobizarro.com/img/site/light_icon.png
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://www.theranchobizarro.com/favicon.ico
|
unknown
|
||
|
http://www.theranchobizarro.com/contact
|
unknown
|
||
|
http://www.theranchobizarro.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.hover.com/tools?source=parked
|
unknown
|
||
|
https://help.hover.com/home?source=parked
|
unknown
|
||
|
http://cdn.jsinit.directfwd.com/sk-jspark_init.php
|
unknown
|
||
|
https://www.hover.com/domain_pricing?source=parked
|
unknown
|
||
|
https://www.hover.com/privacy?source=parked
|
unknown
|
||
|
http://www.theranchobizarro.com/js/compiled/unlogged/unlogged.js
|
unknown
|
||
|
https://uk.pinterest.com/listingzen
|
unknown
|
||
|
https://twitter.com/hover
|
unknown
|
||
|
https://mozilla.org0/
|
unknown
|
||
|
https://crash-reports.mozilla.com/submit?id=
|
unknown
|
||
|
https://www.hover.com/transfer_in?source=parked
|
unknown
|
||
|
https://www.hover.com/renew?source=parked
|
unknown
|
||
|
http://www.theranchobizarro.com/login
|
unknown
|
||
|
http://www.theranchobizarro.com/privacy
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://www.theranchobizarro.com/build/css/compiled/backend/backend-f2bf381915.css
|
unknown
|
||
|
https://www.listingzen.com/
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://www.theranchobizarro.com/faq
|
unknown
|
||
|
http://www.theranchobizarro.com/register
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-landing
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://www.theranchobizarro.com/profile
|
unknown
|
||
|
https://www.hover.com/tos?source=parked
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-landing/
|
unknown
|
||
|
http://www.theranchobizarro.com/assets/jquery/dist/jquery.min.js
|
unknown
|
||
|
http://www.ListingZen.com
|
unknown
|
||
|
https://s3-us-west-2.amazonaws.com/listingzen/vendors/vendor2/450/vendor1472074370.jpg
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.noobblaster.com
|
unknown
|
||
|
http://www.theranchobizarro.com/sitemap.xml
|
unknown
|
||
|
https://www.hover.com/?source=parked
|
unknown
|
There are 73 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
2xin1.zhanghonghong.com
|
122.10.12.59
|
|
|
|
gpcamservices.com
|
119.18.54.85
|
|
|
|
www.otomain.info
|
104.21.92.135
|
|
|
|
www.sportspaj.com
|
212.32.237.90
|
|
|
|
www.theranchobizarro.com
|
52.9.242.57
|
|
|
|
www.slimdut.top
|
66.29.154.248
|
|
|
|
parkingpage.namecheap.com
|
91.195.240.19
|
|
|
|
nexgen-gaming.com
|
167.172.228.26
|
|
|
|
noobblaster.com
|
167.172.228.26
|
|
|
|
www.hugelmann.org
|
216.40.34.41
|
|
|
|
www.mlfloor.net
|
unknown
|
|
|
|
www.7789552398763.net
|
unknown
|
|
|
|
www.heilao9.xyz
|
unknown
|
|
|
|
www.defengnm.com
|
unknown
|
|
|
|
www.gpcamservices.com
|
unknown
|
|
|
|
www.nathanladd.software
|
unknown
|
|
|
|
www.nexgen-gaming.com
|
unknown
|
|
|
|
www.uty803.com
|
unknown
|
|
|
|
www.pheonix-travels.com
|
unknown
|
|
|
|
www.noobblaster.com
|
unknown
|
|
|
|
www.sciencebot.sbs
|
unknown
|
|
There are 11 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
122.10.12.59
|
2xin1.zhanghonghong.com
|
Hong Kong
|
|
|
|
52.9.242.57
|
www.theranchobizarro.com
|
United States
|
|
|
|
212.32.237.90
|
www.sportspaj.com
|
Netherlands
|
|
|
|
167.172.228.26
|
nexgen-gaming.com
|
United States
|
|
|
|
91.195.240.19
|
parkingpage.namecheap.com
|
Germany
|
|
|
|
66.29.154.248
|
www.slimdut.top
|
United States
|
|
|
|
104.21.92.135
|
www.otomain.info
|
United States
|
|
|
|
119.18.54.85
|
gpcamservices.com
|
India
|
|
|
|
216.40.34.41
|
www.hugelmann.org
|
Canada
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6850000
|
trusted library section
|
page read and write
|
|
|
|
26E9000
|
trusted library allocation
|
page read and write
|
|
|
|
4A0000
|
system
|
page execute and read and write
|
|
|
|
5070000
|
system
|
page execute and read and write
|
|
|
|
2691000
|
trusted library allocation
|
page read and write
|
|
|
|
2727000
|
trusted library allocation
|
page read and write
|
|
|
|
4FB0000
|
trusted library section
|
page read and write
|
|
|
|
1750000
|
unclassified section
|
page execute and read and write
|
|
|
|
760000
|
trusted library allocation
|
page read and write
|
|
|
|
4F30000
|
unkown
|
page execute and read and write
|
|
|
|
2917000
|
trusted library allocation
|
page read and write
|
|
|
|
35B9000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
24A1000
|
trusted library allocation
|
page read and write
|
|
|
|
39C0000
|
unclassified section
|
page execute and read and write
|
|
|
|
28D9000
|
trusted library allocation
|
page read and write
|
|
|
|
720000
|
trusted library allocation
|
page read and write
|
|
|
|
694000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
4C9B000
|
stack
|
page read and write
|
||
|
255FC000
|
system
|
page read and write
|
||
|
160F000
|
stack
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
103C000
|
stack
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
47CC000
|
stack
|
page read and write
|
||
|
7226000
|
heap
|
page read and write
|
||
|
7221000
|
heap
|
page read and write
|
||
|
A59E000
|
stack
|
page read and write
|
||
|
A5E000
|
unkown
|
page readonly
|
||
|
9A4E000
|
stack
|
page read and write
|
||
|
7255000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
4980000
|
trusted library allocation
|
page read and write
|
||
|
7123000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2D53000
|
unkown
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
6B56000
|
heap
|
page read and write
|
||
|
6D1E000
|
stack
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
10A0000
|
unkown
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
2592000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
13ED000
|
direct allocation
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
3F9000
|
stack
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
25CE000
|
unkown
|
page read and write
|
||
|
2FCF000
|
stack
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
2675000
|
trusted library allocation
|
page read and write
|
||
|
FCA000
|
stack
|
page read and write
|
||
|
1243000
|
direct allocation
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4AC0000
|
trusted library section
|
page readonly
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
2F9E000
|
direct allocation
|
page execute and read and write
|
||
|
466C000
|
unclassified section
|
page read and write
|
||
|
91A000
|
trusted library allocation
|
page execute and read and write
|
||
|
49A6000
|
trusted library allocation
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
8C0C000
|
stack
|
page read and write
|
||
|
49B2000
|
trusted library allocation
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
A65000
|
unkown
|
page read and write
|
||
|
4990000
|
unclassified section
|
page read and write
|
||
|
95B000
|
heap
|
page read and write
|
||
|
4CD6000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
unkown
|
page readonly
|
||
|
71EB000
|
heap
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
7FD6000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
3030000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
36C6000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
12FF000
|
stack
|
page read and write
|
||
|
1B21000
|
direct allocation
|
page execute and read and write
|
||
|
50FB000
|
system
|
page execute and read and write
|
||
|
2B34000
|
heap
|
page read and write
|
||
|
4CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
71F5000
|
heap
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
2D42000
|
unkown
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
429000
|
remote allocation
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
8CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3172000
|
unclassified section
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
2AA0000
|
unkown
|
page readonly
|
||
|
1091000
|
unkown
|
page readonly
|
||
|
1BB8000
|
direct allocation
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
2390000
|
heap
|
page execute and read and write
|
||
|
38E1000
|
trusted library allocation
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
14C8000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
24E1000
|
trusted library allocation
|
page read and write
|
||
|
68C0000
|
trusted library allocation
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
1BC0000
|
unclassified section
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
498B000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
A55C000
|
stack
|
page read and write
|
||
|
14E2000
|
heap
|
page read and write
|
||
|
3714000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
7D0000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
A67000
|
unkown
|
page readonly
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
3152000
|
unclassified section
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
3AD2000
|
trusted library allocation
|
page read and write
|
||
|
4E3B000
|
stack
|
page read and write
|
||
|
2AC0000
|
unkown
|
page read and write
|
||
|
3B30000
|
unkown
|
page execute and read and write
|
||
|
4CD2000
|
trusted library allocation
|
page read and write
|
||
|
84BE000
|
stack
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
3C64000
|
trusted library allocation
|
page read and write
|
||
|
2F29000
|
direct allocation
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
3BEB000
|
trusted library allocation
|
page read and write
|
||
|
A1CE000
|
stack
|
page read and write
|
||
|
4026000
|
unclassified section
|
page execute and read and write
|
||
|
8227000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2680000
|
heap
|
page execute and read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
1B3D000
|
direct allocation
|
page execute and read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
E56000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
2370000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4580000
|
unkown
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
6840000
|
trusted library section
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
995000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
B47000
|
heap
|
page read and write
|
||
|
37A9000
|
trusted library allocation
|
page read and write
|
||
|
8BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
992000
|
heap
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
8F0000
|
trusted library allocation
|
page read and write
|
||
|
43B000
|
stack
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
50D3000
|
system
|
page execute and read and write
|
||
|
4AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
4348000
|
unclassified section
|
page read and write
|
||
|
13D1000
|
direct allocation
|
page execute and read and write
|
||
|
F40000
|
unkown
|
page readonly
|
||
|
4C10000
|
trusted library allocation
|
page read and write
|
||
|
6B87000
|
heap
|
page read and write
|
||
|
38A4000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
514F000
|
system
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
2B1C000
|
unkown
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
943000
|
heap
|
page read and write
|
||
|
8A9000
|
heap
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
92D000
|
heap
|
page read and write
|
||
|
C90000
|
unkown
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
2546000
|
trusted library allocation
|
page read and write
|
||
|
A5E000
|
unkown
|
page readonly
|
||
|
10FF000
|
stack
|
page read and write
|
||
|
16C0000
|
unkown
|
page readonly
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
384A000
|
unclassified section
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
694000
|
heap
|
page read and write
|
||
|
10A0000
|
unkown
|
page read and write
|
||
|
A65000
|
unkown
|
page read and write
|
||
|
3130000
|
unkown
|
page execute and read and write
|
||
|
4D30000
|
trusted library section
|
page readonly
|
||
|
67D000
|
stack
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
F30000
|
unkown
|
page readonly
|
||
|
6860000
|
trusted library allocation
|
page execute and read and write
|
||
|
7258000
|
heap
|
page read and write
|
||
|
50EC000
|
system
|
page execute and read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
7460000
|
heap
|
page read and write
|
||
|
28AD000
|
stack
|
page read and write
|
||
|
9F4E000
|
stack
|
page read and write
|
||
|
4530000
|
unkown
|
page execute and read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4B22000
|
unclassified section
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
BEA000
|
stack
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
39DC000
|
unclassified section
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
525C000
|
unkown
|
page read and write
|
||
|
408F000
|
unclassified section
|
page execute and read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
2F56000
|
unkown
|
page read and write
|
||
|
A65000
|
unkown
|
page read and write
|
||
|
44DE000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
478000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
E54000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D95000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
890000
|
trusted library allocation
|
page read and write
|
||
|
3699000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
7261000
|
heap
|
page read and write
|
||
|
3040000
|
unkown
|
page readonly
|
||
|
1A51000
|
unkown
|
page readonly
|
||
|
1691000
|
unkown
|
page readonly
|
||
|
893000
|
trusted library allocation
|
page execute and read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
249E000
|
stack
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
916000
|
trusted library allocation
|
page execute and read and write
|
||
|
199D000
|
direct allocation
|
page execute and read and write
|
||
|
4C36000
|
trusted library allocation
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
49AD000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
8FF000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
567000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
A51000
|
unkown
|
page execute read
|
||
|
11A6000
|
direct allocation
|
page execute and read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
8C5000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
A5E000
|
unkown
|
page readonly
|
||
|
694000
|
heap
|
page read and write
|
||
|
499E000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
68E0000
|
heap
|
page read and write
|
||
|
50F8000
|
system
|
page execute and read and write
|
||
|
2C50000
|
unkown
|
page readonly
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
927000
|
trusted library allocation
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
A41F000
|
stack
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
50BE000
|
stack
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
BEA000
|
stack
|
page read and write
|
||
|
3DA6000
|
unkown
|
page read and write
|
||
|
3F38000
|
unkown
|
page read and write
|
||
|
68FE000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
F50000
|
unkown
|
page readonly
|
||
|
991000
|
heap
|
page read and write
|
||
|
849F000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
3040000
|
unkown
|
page readonly
|
||
|
695000
|
heap
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
unkown
|
page readonly
|
||
|
8AD000
|
heap
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
B4F000
|
stack
|
page read and write
|
||
|
8F4000
|
trusted library allocation
|
page read and write
|
||
|
4EA0000
|
heap
|
page execute and read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
899E000
|
stack
|
page read and write
|
||
|
F40000
|
unkown
|
page readonly
|
||
|
330C000
|
unclassified section
|
page read and write
|
||
|
3CDD000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
A0CE000
|
stack
|
page read and write
|
||
|
8E8E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
1146000
|
direct allocation
|
page execute and read and write
|
||
|
2380000
|
trusted library allocation
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
923000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
30D1000
|
direct allocation
|
page execute and read and write
|
||
|
29DF000
|
unkown
|
page read and write
|
||
|
6B35000
|
heap
|
page read and write
|
||
|
71D0000
|
trusted library allocation
|
page read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
2EFC000
|
unkown
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
BF7000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page readonly
|
||
|
726C000
|
heap
|
page read and write
|
||
|
7264000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
34AB000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
343A000
|
unkown
|
page read and write
|
||
|
1A51000
|
unkown
|
page readonly
|
||
|
113A000
|
stack
|
page read and write
|
||
|
16BF000
|
stack
|
page read and write
|
||
|
7FD000
|
stack
|
page read and write
|
||
|
720000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
7132000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
25453000
|
system
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
50DC000
|
system
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
36F4000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4984000
|
trusted library allocation
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
6B2A000
|
heap
|
page read and write
|
||
|
1471000
|
unkown
|
page readonly
|
||
|
694000
|
heap
|
page read and write
|
||
|
A69E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2AA0000
|
unkown
|
page readonly
|
||
|
991000
|
heap
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
F50000
|
unkown
|
page readonly
|
||
|
900000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
3A73000
|
trusted library allocation
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
1340000
|
heap
|
page read and write
|
||
|
A22000
|
heap
|
page read and write
|
||
|
170F000
|
stack
|
page read and write
|
||
|
7271000
|
heap
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
3142000
|
direct allocation
|
page execute and read and write
|
||
|
AFD000
|
stack
|
page read and write
|
||
|
8EB000
|
heap
|
page read and write
|
||
|
1080000
|
unkown
|
page read and write
|
||
|
3904000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
90D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
2D62000
|
unkown
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
258E000
|
stack
|
page read and write
|
||
|
2789000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
3E92000
|
unclassified section
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
8AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1080000
|
unkown
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
FCA000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
879D000
|
stack
|
page read and write
|
||
|
3691000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
9C4E000
|
stack
|
page read and write
|
||
|
8B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
25442000
|
system
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1310000
|
unkown
|
page readonly
|
||
|
694000
|
heap
|
page read and write
|
||
|
1120000
|
direct allocation
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
C2000
|
unkown
|
page readonly
|
||
|
82DE000
|
stack
|
page read and write
|
||
|
260E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
724E000
|
heap
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page read and write
|
||
|
1691000
|
unkown
|
page readonly
|
||
|
233C000
|
stack
|
page read and write
|
||
|
111F000
|
heap
|
page read and write
|
||
|
4A62000
|
trusted library allocation
|
page read and write
|
||
|
A45C000
|
stack
|
page read and write
|
||
|
9C6000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
4712000
|
unkown
|
page read and write
|
||
|
2E00000
|
direct allocation
|
page execute and read and write
|
||
|
1310000
|
unkown
|
page readonly
|
||
|
4A8F000
|
unclassified section
|
page execute and read and write
|
||
|
9D4D000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4C2E000
|
trusted library allocation
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
6EF000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
A51000
|
unkown
|
page execute read
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
A67000
|
unkown
|
page readonly
|
||
|
694000
|
heap
|
page read and write
|
||
|
825F000
|
stack
|
page read and write
|
||
|
984D000
|
stack
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
14A0000
|
unkown
|
page readonly
|
||
|
694000
|
heap
|
page read and write
|
||
|
5D7000
|
stack
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
30CD000
|
direct allocation
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4D9000
|
stack
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
7242000
|
heap
|
page read and write
|
||
|
7894000
|
heap
|
page read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
36B8000
|
unclassified section
|
page read and write
|
||
|
8F8E000
|
stack
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2D62000
|
unkown
|
page read and write
|
||
|
E77000
|
heap
|
page read and write
|
||
|
A65000
|
unkown
|
page read and write
|
||
|
A5E000
|
unkown
|
page readonly
|
||
|
991000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
463C000
|
stack
|
page read and write
|
||
|
1460000
|
unkown
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page execute and read and write
|
||
|
374E000
|
trusted library allocation
|
page read and write
|
||
|
28EA000
|
stack
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
89D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
1249000
|
direct allocation
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
71E0000
|
heap
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
2D53000
|
unkown
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
25CE000
|
stack
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
B6D11FE000
|
stack
|
page read and write
|
||
|
6920000
|
heap
|
page read and write
|
||
|
3A82000
|
unkown
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
7190000
|
trusted library section
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
38F0000
|
unkown
|
page read and write
|
||
|
6590000
|
heap
|
page read and write
|
||
|
7266000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
A67000
|
unkown
|
page readonly
|
||
|
AB8000
|
heap
|
page read and write
|
||
|
8FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A23000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
869F000
|
stack
|
page read and write
|
||
|
7204000
|
heap
|
page read and write
|
||
|
1091000
|
unkown
|
page readonly
|
||
|
936000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
299E000
|
unkown
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
11E2000
|
direct allocation
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
5175000
|
heap
|
page read and write
|
||
|
66F000
|
stack
|
page read and write
|
||
|
8D0C000
|
stack
|
page read and write
|
||
|
7944000
|
heap
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
4C42000
|
trusted library allocation
|
page read and write
|
||
|
A51000
|
unkown
|
page execute read
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
heap
|
page execute and read and write
|
||
|
12FF000
|
stack
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
692E000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
55FF000
|
unkown
|
page execute and read and write
|
||
|
34A1000
|
trusted library allocation
|
page read and write
|
||
|
1F4E54B0000
|
system
|
page execute and read and write
|
||
|
A08E000
|
stack
|
page read and write
|
||
|
2F2D000
|
direct allocation
|
page execute and read and write
|
||
|
4E60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7271000
|
heap
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
958000
|
heap
|
page read and write
|
||
|
37FF000
|
trusted library allocation
|
page read and write
|
||
|
1F4E56A0000
|
heap
|
page read and write
|
||
|
8C2000
|
trusted library allocation
|
page read and write
|
||
|
48CC000
|
stack
|
page read and write
|
||
|
894000
|
trusted library allocation
|
page read and write
|
||
|
9D50000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
49D5000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
71E6000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
39EF000
|
trusted library allocation
|
page read and write
|
||
|
9B4E000
|
stack
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
8F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
3366000
|
unclassified section
|
page read and write
|
||
|
1870000
|
direct allocation
|
page execute and read and write
|
||
|
6B20000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
unkown
|
page readonly
|
||
|
991000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
9D3000
|
heap
|
page read and write
|
||
|
6B1D000
|
stack
|
page read and write
|
||
|
6A1E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
A6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2360000
|
trusted library allocation
|
page execute and read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
4A66000
|
trusted library allocation
|
page read and write
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page readonly
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
2D42000
|
unkown
|
page read and write
|
||
|
68B0000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
7248000
|
heap
|
page read and write
|
||
|
859F000
|
stack
|
page read and write
|
||
|
F60000
|
unkown
|
page readonly
|
||
|
26D1000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
unkown
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page readonly
|
||
|
A67000
|
unkown
|
page readonly
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
1127000
|
direct allocation
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
1710000
|
direct allocation
|
page read and write
|
||
|
35CC000
|
unkown
|
page read and write
|
||
|
2EA0000
|
unkown
|
page read and write
|
||
|
3A94000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
unkown
|
page readonly
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
95E000
|
heap
|
page read and write
|
||
|
8A9E000
|
stack
|
page read and write
|
||
|
49A1000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
725B000
|
heap
|
page read and write
|
||
|
A51000
|
unkown
|
page execute read
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
6AB6000
|
trusted library allocation
|
page read and write
|
||
|
2C3F000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
14A0000
|
unkown
|
page readonly
|
||
|
694000
|
heap
|
page read and write
|
||
|
6870000
|
trusted library allocation
|
page read and write
|
||
|
66CE000
|
stack
|
page read and write
|
||
|
87A0000
|
heap
|
page read and write
|
||
|
3678000
|
trusted library allocation
|
page read and write
|
||
|
7251000
|
heap
|
page read and write
|
||
|
91E000
|
heap
|
page read and write
|
||
|
1460000
|
unkown
|
page read and write
|
||
|
9F8E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
8AF000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
3163000
|
unclassified section
|
page read and write
|
||
|
8FF000
|
heap
|
page read and write
|
||
|
829E000
|
stack
|
page read and write
|
||
|
721B000
|
heap
|
page read and write
|
||
|
988E000
|
stack
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
1480000
|
unkown
|
page read and write
|
||
|
966000
|
heap
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
16C0000
|
unkown
|
page readonly
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
34A9000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
trusted library allocation
|
page read and write
|
||
|
A31E000
|
stack
|
page read and write
|
||
|
26E6000
|
trusted library allocation
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
5FFF000
|
unkown
|
page execute and read and write
|
||
|
1B36000
|
direct allocation
|
page execute and read and write
|
||
|
1480000
|
unkown
|
page read and write
|
||
|
287B000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
2EA0000
|
unkown
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
425C000
|
unkown
|
page read and write
|
||
|
7136000
|
heap
|
page read and write
|
||
|
7256000
|
heap
|
page read and write
|
||
|
CE5000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4C3D000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
8D4E000
|
stack
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
F30000
|
unkown
|
page readonly
|
||
|
725E000
|
heap
|
page read and write
|
||
|
4CE0000
|
heap
|
page read and write
|
||
|
2C9A000
|
heap
|
page read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
478F000
|
stack
|
page read and write
|
||
|
3803000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
6C92000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
92B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
8F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
25462000
|
system
|
page read and write
|
||
|
32A8000
|
unkown
|
page read and write
|
||
|
5596000
|
unkown
|
page execute and read and write
|
||
|
1A0E000
|
direct allocation
|
page execute and read and write
|
||
|
8A0000
|
trusted library allocation
|
page read and write
|
||
|
786F000
|
stack
|
page read and write
|
||
|
13E6000
|
direct allocation
|
page execute and read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
4C31000
|
trusted library allocation
|
page read and write
|
||
|
1999000
|
direct allocation
|
page execute and read and write
|
||
|
2FC0000
|
unclassified section
|
page execute and read and write
|
||
|
68F5000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
2AC0000
|
unkown
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
3D00000
|
unclassified section
|
page read and write
|
||
|
4CB3000
|
heap
|
page read and write
|
||
|
71F8000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
722B000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
922000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1471000
|
unkown
|
page readonly
|
||
|
991000
|
heap
|
page read and write
|
||
|
7264000
|
heap
|
page read and write
|
||
|
469000
|
stack
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
3BD000
|
stack
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
CAF000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2C50000
|
unkown
|
page readonly
|
||
|
11A0000
|
direct allocation
|
page execute and read and write
|
||
|
4C1B000
|
trusted library allocation
|
page read and write
|
||
|
912000
|
trusted library allocation
|
page read and write
|
||
|
283F000
|
unkown
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
259A8000
|
system
|
page read and write
|
||
|
14C8000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2B34000
|
heap
|
page read and write
|
||
|
8C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C0000
|
unclassified section
|
page execute and read and write
|
||
|
49E0000
|
trusted library allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
723F000
|
heap
|
page read and write
|
||
|
451E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
41B6000
|
unclassified section
|
page read and write
|
||
|
71F0000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
8E4F000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
6929000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
There are 856 hidden memdumps, click here to show them.