Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Xtks4KI16J.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Windows\SysWOW64\Alqeloga.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Beofla32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Biiggc32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cacope32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ckllojnq.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cmjgejad.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dajmooqf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dblkhkce.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Efqdik32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Egobfg32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ekicli32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Epibpnek.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Fpianhmj.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Gedgjccb.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ghhjiigd.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Gjdogi32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Glblcojl.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hdlllf32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hiiodl32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Windows\SysWOW64\Hilimkhd.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Idogffko.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ikgcna32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ikgcna32.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ikklipqi.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ipfhkgac.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jbogli32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jccpao32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jddqaf32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jdhlnhlh.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jebgbcgg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jgdjcadj.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jjqijmeq.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jkbbioja.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jlihgcil.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jpjjpdfj.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jqmnlf32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Khbbobom.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Khnicb32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kjjlpk32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kkjhjn32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Lbmcmgck.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ledhoq32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Lgqbfmlj.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Lileeqgb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Lqbqnc32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Maefjq32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mapmoalc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mbiciein.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mhlaakam.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mmppcahg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mndmif32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mnjfhgoc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mnodnfob.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Moqmapgi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Naipepdh.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nbdbdc32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ndbcmg32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nghjeepc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Njfmiegc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nlaqhh32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nnmpodcb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Obbofa32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ocnhkj32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oelbhifg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oihnglob.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ojkfapce.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Olmpdg32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Olpmjffk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Omfmbkgb.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ooipkb32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Peadik32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pkdiefem.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pkgfpbhq.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pklpkb32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Plbiofci.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pmallabk.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pnnifl32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Poeofa32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pojhapkb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ppgdmofd.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Qelfpmpj.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
There are 72 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Xtks4KI16J.exe
|
"C:\Users\user\Desktop\Xtks4KI16J.exe"
|
|
|
|
C:\Windows\SysWOW64\Ikgcna32.exe
|
C:\Windows\system32\Ikgcna32.exe
|
|
|
|
C:\Windows\SysWOW64\Idogffko.exe
|
C:\Windows\system32\Idogffko.exe
|
|
|
|
C:\Windows\SysWOW64\Ipfhkgac.exe
|
C:\Windows\system32\Ipfhkgac.exe
|
|
|
|
C:\Windows\SysWOW64\Ikklipqi.exe
|
C:\Windows\system32\Ikklipqi.exe
|
|
|
|
C:\Windows\SysWOW64\Jddqaf32.exe
|
C:\Windows\system32\Jddqaf32.exe
|
|
|
|
C:\Windows\SysWOW64\Jjqijmeq.exe
|
C:\Windows\system32\Jjqijmeq.exe
|
|
|
|
C:\Windows\SysWOW64\Jgdjcadj.exe
|
C:\Windows\system32\Jgdjcadj.exe
|
|
|
|
C:\Windows\SysWOW64\Jqmnlf32.exe
|
C:\Windows\system32\Jqmnlf32.exe
|
|
|
|
C:\Windows\SysWOW64\Jkbbioja.exe
|
C:\Windows\system32\Jkbbioja.exe
|
|
|
|
C:\Windows\SysWOW64\Jbogli32.exe
|
C:\Windows\system32\Jbogli32.exe
|
|
|
|
C:\Windows\SysWOW64\Kjjlpk32.exe
|
C:\Windows\system32\Kjjlpk32.exe
|
|
|
|
C:\Windows\SysWOW64\Kkjhjn32.exe
|
C:\Windows\system32\Kkjhjn32.exe
|
|
|
|
C:\Windows\SysWOW64\Khnicb32.exe
|
C:\Windows\system32\Khnicb32.exe
|
|
|
|
C:\Windows\SysWOW64\Khbbobom.exe
|
C:\Windows\system32\Khbbobom.exe
|
|
|
|
C:\Windows\SysWOW64\Lbmcmgck.exe
|
C:\Windows\system32\Lbmcmgck.exe
|
|
|
|
C:\Windows\SysWOW64\Lqbqnc32.exe
|
C:\Windows\system32\Lqbqnc32.exe
|
|
|
|
C:\Windows\SysWOW64\Lileeqgb.exe
|
C:\Windows\system32\Lileeqgb.exe
|
|
|
|
C:\Windows\SysWOW64\Lgqbfmlj.exe
|
C:\Windows\system32\Lgqbfmlj.exe
|
|
|
|
C:\Windows\SysWOW64\Mbiciein.exe
|
C:\Windows\system32\Mbiciein.exe
|
|
|
|
C:\Windows\SysWOW64\Mnodnfob.exe
|
C:\Windows\system32\Mnodnfob.exe
|
|
|
|
C:\Windows\SysWOW64\Mapmoalc.exe
|
C:\Windows\system32\Mapmoalc.exe
|
|
|
|
C:\Windows\SysWOW64\Mndmif32.exe
|
C:\Windows\system32\Mndmif32.exe
|
|
|
|
C:\Windows\SysWOW64\Mhlaakam.exe
|
C:\Windows\system32\Mhlaakam.exe
|
|
|
|
C:\Windows\SysWOW64\Maefjq32.exe
|
C:\Windows\system32\Maefjq32.exe
|
|
|
|
C:\Windows\SysWOW64\Nbdbdc32.exe
|
C:\Windows\system32\Nbdbdc32.exe
|
|
|
|
C:\Windows\SysWOW64\Naipepdh.exe
|
C:\Windows\system32\Naipepdh.exe
|
|
|
|
C:\Windows\SysWOW64\Nnmpodcb.exe
|
C:\Windows\system32\Nnmpodcb.exe
|
|
|
|
C:\Windows\SysWOW64\Nlaqhh32.exe
|
C:\Windows\system32\Nlaqhh32.exe
|
|
|
|
C:\Windows\SysWOW64\Njfmiegc.exe
|
C:\Windows\system32\Njfmiegc.exe
|
|
|
|
C:\Windows\SysWOW64\Oihnglob.exe
|
C:\Windows\system32\Oihnglob.exe
|
|
|
|
C:\Windows\SysWOW64\Obbofa32.exe
|
C:\Windows\system32\Obbofa32.exe
|
|
|
|
C:\Windows\SysWOW64\Ooipkb32.exe
|
C:\Windows\system32\Ooipkb32.exe
|
|
|
|
C:\Windows\SysWOW64\Olmpdg32.exe
|
C:\Windows\system32\Olmpdg32.exe
|
|
|
|
C:\Windows\SysWOW64\Olpmjffk.exe
|
C:\Windows\system32\Olpmjffk.exe
|
|
|
|
C:\Windows\SysWOW64\Plbiofci.exe
|
C:\Windows\system32\Plbiofci.exe
|
|
|
|
C:\Windows\SysWOW64\Pkgfpbhq.exe
|
C:\Windows\system32\Pkgfpbhq.exe
|
|
|
|
C:\Windows\SysWOW64\Poeofa32.exe
|
C:\Windows\system32\Poeofa32.exe
|
|
|
|
C:\Windows\SysWOW64\Pklpkb32.exe
|
C:\Windows\system32\Pklpkb32.exe
|
|
|
|
C:\Windows\SysWOW64\Peadik32.exe
|
C:\Windows\system32\Peadik32.exe
|
|
There are 30 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://color-bank.ru/index.php
|
unknown
|
|
|
|
http://parex-bank.ru/index.htm
|
unknown
|
|
|
|
http://kidos-bank.ru/index.htm
|
unknown
|
|
|
|
http://ros-neftbank.ru/index.php
|
unknown
|
|
|
|
http://ldark.nm.ru/index.htm
|
unknown
|
||
|
http://asechka.ru/index.php
|
unknown
|
||
|
http://goldensand.ru/index.php
|
unknown
|
||
|
http://gaz-prom.ru/index.htm
|
unknown
|
||
|
http://devx.nm.ru/index.php
|
unknown
|
||
|
http://crutop.nu/index.htm
|
unknown
|
||
|
http://mazafaka.ru/index.htm
|
unknown
|
||
|
http://fethard.biz/index.php
|
unknown
|
||
|
http://crutop.nuAWM
|
unknown
|
||
|
http://kadet.ru/index.htm
|
unknown
|
||
|
http://cvv.ru/index.htm
|
unknown
|
||
|
http://lovingod.host.sk/index.php
|
unknown
|
||
|
http://fuck.ru/index.php
|
unknown
|
||
|
http://crutop.nu
|
unknown
|
||
|
http://crutop.ru/index.htm
|
unknown
|
||
|
http://crutop.nu/index.phphttp://crutop.ru/index.phphttp://mazafaka.ru/index.phphttp://color-bank.ru
|
unknown
|
||
|
http://www.redline.ru/index.php
|
unknown
|
||
|
http://cvv.ru/index.php
|
unknown
|
||
|
http://kavkaz.ru/index.htm
|
unknown
|
||
|
http://potleaf.chat.ru/index.htm
|
unknown
|
||
|
http://trojan.ru/index.php
|
unknown
|
||
|
http://xware.cjb.net/index.htm
|
unknown
|
||
|
http://filesearch.ru/index.php
|
unknown
|
||
|
http://hackers.lv/index.php
|
unknown
|
||
|
http://konfiskat.org/index.htm
|
unknown
|
||
|
http://mazafaka.ru/index.php
|
unknown
|
||
|
http://crutop.nu/index.php
|
unknown
|
||
|
http://fethard.biz/index.htm
|
unknown
|
||
|
http://promo.ru/index.htm
|
unknown
|
||
|
http://crutop.ru/index.php
|
unknown
|
There are 24 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
|
Web Event Logger
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
498000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
797000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
766000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
566000
|
heap
|
page read and write
|
|
|
|
6D6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
707000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
625000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5E7000
|
heap
|
page read and write
|
|
|
|
5C7000
|
heap
|
page read and write
|
|
|
|
596000
|
heap
|
page read and write
|
|
|
|
4E6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
566000
|
heap
|
page read and write
|
|
|
|
685000
|
heap
|
page read and write
|
|
|
|
4A6000
|
heap
|
page read and write
|
|
|
|
6A6000
|
heap
|
page read and write
|
|
|
|
4E6000
|
heap
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
529000
|
heap
|
page read and write
|
|
|
|
567000
|
heap
|
page read and write
|
|
|
|
4E7000
|
heap
|
page read and write
|
|
|
|
4C6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
677000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
6C7000
|
heap
|
page read and write
|
|
|
|
6D6000
|
heap
|
page read and write
|
|
|
|
786000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
6B6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
796000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5C6000
|
heap
|
page read and write
|
|
|
|
5C6000
|
heap
|
page read and write
|
|
|
|
4B9000
|
heap
|
page read and write
|
|
|
|
517000
|
heap
|
page read and write
|
|
|
|
567000
|
heap
|
page read and write
|
|
|
|
6E6000
|
heap
|
page read and write
|
|
|
|
526000
|
heap
|
page read and write
|
|
|
|
746000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
596000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
627000
|
heap
|
page read and write
|
|
|
|
547000
|
heap
|
page read and write
|
|
|
|
627000
|
heap
|
page read and write
|
|
|
|
596000
|
heap
|
page read and write
|
|
|
|
5A5000
|
heap
|
page read and write
|
|
|
|
7D6000
|
heap
|
page read and write
|
|
|
|
4E6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
7F7000
|
heap
|
page read and write
|
|
|
|
775000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
4A6000
|
heap
|
page read and write
|
|
|
|
647000
|
heap
|
page read and write
|
|
|
|
627000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
518000
|
heap
|
page read and write
|
|
|
|
787000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
506000
|
heap
|
page read and write
|
|
|
|
776000
|
heap
|
page read and write
|
|
|
|
786000
|
heap
|
page read and write
|
|
|
|
506000
|
heap
|
page read and write
|
|
|
|
606000
|
heap
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
6A6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
796000
|
heap
|
page read and write
|
|
|
|
5C6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
656000
|
heap
|
page read and write
|
|
|
|
767000
|
heap
|
page read and write
|
|
|
|
517000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
508000
|
heap
|
page read and write
|
|
|
|
596000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
787000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
6A6000
|
heap
|
page read and write
|
|
|
|
596000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5B6000
|
heap
|
page read and write
|
|
|
|
5B6000
|
heap
|
page read and write
|
|
|
|
776000
|
heap
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
4E6000
|
heap
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
539000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
6A7000
|
heap
|
page read and write
|
|
|
|
6B6000
|
heap
|
page read and write
|
|
|
|
440000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
2200000
|
heap
|
page read and write
|
||
|
48E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
520000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
540000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
1FA0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
625000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
5AE000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
57A000
|
heap
|
page read and write
|
||
|
73F000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
59E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
50E000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
2080000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
4E5000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
606000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
69F000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
69E000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
78F000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
58A000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
626000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
686000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
207F000
|
stack
|
page read and write
|
||
|
526000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
47A000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
54A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
470000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
4A7000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
68E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
5FF000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20B0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
480000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
55F000
|
heap
|
page read and write
|
||
|
4CE000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5F7000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
54A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
705000
|
heap
|
page read and write
|
||
|
77F000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
60E000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
6DF000
|
heap
|
page read and write
|
||
|
675000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
500000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
50A000
|
heap
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
760000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
76E000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4FA000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
795000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
2120000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
5BF000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4CA000
|
heap
|
page read and write
|
||
|
4C5000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
4E5000
|
heap
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
546000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
537000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
605000
|
heap
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
750000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2180000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
5BF000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
7CF000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
2120000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
1F70000
|
heap
|
page read and write
|
||
|
75A000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
54E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
74E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
66A000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
500000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
74A000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
75F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
596000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
2060000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
507000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4FE000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
7D6000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
7BE000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
705000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
580000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
4B7000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
54E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
1FE0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
48A000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
527000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
58E000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
75E000
|
heap
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
625000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
68E000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
4E5000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
19C000
|
stack
|
page read and write
|
||
|
2150000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
75E000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
546000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
4CE000
|
heap
|
page read and write
|
||
|
6B7000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
570000
|
heap
|
page read and write
|
||
|
705000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
766000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
5AE000
|
heap
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4FA000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
77F000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4C6000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
51F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
786000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
55F000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
19C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
6CE000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
655000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
60A000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
520000
|
heap
|
page read and write
|
||
|
2150000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
68A000
|
heap
|
page read and write
|
||
|
57E000
|
heap
|
page read and write
|
||
|
518000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
4EA000
|
heap
|
page read and write
|
||
|
69F000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
1F6E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
675000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
47E000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
560000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
740000
|
heap
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
520000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
75A000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
68A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
66E000
|
heap
|
page read and write
|
||
|
69A000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
76A000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
4EA000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
590000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
2150000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
766000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
656000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
596000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
5AF000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
59A000
|
heap
|
page read and write
|
||
|
63A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
5F7000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
786000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
4CA000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
517000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
57A000
|
heap
|
page read and write
|
||
|
60A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
570000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
2070000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
560000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
57E000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
675000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
57E000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
645000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
546000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
5EE000
|
heap
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
537000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
4FE000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
60E000
|
heap
|
page read and write
|
||
|
76A000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
760000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
76F000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
5EA000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
600000
|
heap
|
page read and write
|
There are 1016 hidden memdumps, click here to show them.