Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
dcmaM16D71.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\rage131MP.tmp
|
ASCII text, with no line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\dcmaM16D71.exe
|
"C:\Users\user\Desktop\dcmaM16D71.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
|
unknown
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
https://t.me/RiseProSUPPORT
|
unknown
|
||
|
https://t.me/RiseProSUPPORTV
|
unknown
|
||
|
https://ipinfo.io/
|
unknown
|
||
|
https://www.maxmind.com/en/locate-my-ip-address
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
147.45.47.126
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RageMP131
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1050000
|
heap
|
page read and write
|
||
|
5040000
|
direct allocation
|
page execute and read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
429F000
|
stack
|
page read and write
|
||
|
D99000
|
heap
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
30FF000
|
stack
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
5860000
|
direct allocation
|
page execute and read and write
|
||
|
517D000
|
stack
|
page read and write
|
||
|
5090000
|
direct allocation
|
page execute and read and write
|
||
|
7AD000
|
unkown
|
page execute and write copy
|
||
|
DB7000
|
heap
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
1156000
|
unkown
|
page execute and read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
12FB000
|
heap
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
271000
|
unkown
|
page execute and read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
4CC0000
|
direct allocation
|
page execute and read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
453E000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
4C20000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
3457000
|
heap
|
page read and write
|
||
|
7A6E000
|
stack
|
page read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
4D2F000
|
stack
|
page read and write
|
||
|
3C3F000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
548C000
|
stack
|
page read and write
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
4A7B000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
419E000
|
stack
|
page read and write
|
||
|
56B0000
|
direct allocation
|
page execute and read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
58C0000
|
direct allocation
|
page execute and read and write
|
||
|
4FDF000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page execute and read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
1A2D000
|
heap
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
7AA000
|
unkown
|
page execute and read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
7A2C000
|
heap
|
page read and write
|
||
|
130C000
|
unkown
|
page execute and read and write
|
||
|
270000
|
unkown
|
page readonly
|
||
|
39FE000
|
stack
|
page read and write
|
||
|
4BF0000
|
direct allocation
|
page execute and read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
3BFD000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
3FA000
|
unkown
|
page read and write
|
||
|
CAC000
|
stack
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
519F000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
57A0000
|
direct allocation
|
page execute and read and write
|
||
|
18A1000
|
heap
|
page read and write
|
||
|
5440000
|
direct allocation
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
432F000
|
stack
|
page read and write
|
||
|
7257000
|
heap
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
365E000
|
stack
|
page read and write
|
||
|
5440000
|
direct allocation
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
4B10000
|
direct allocation
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
447F000
|
stack
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
4DB0000
|
direct allocation
|
page execute and read and write
|
||
|
396E000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1A1F000
|
heap
|
page read and write
|
||
|
6BC000
|
unkown
|
page execute and write copy
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
1C1000
|
unkown
|
page execute and read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
3FA000
|
unkown
|
page read and write
|
||
|
433F000
|
stack
|
page read and write
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
1977000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
31BF000
|
stack
|
page read and write
|
||
|
3EDF000
|
stack
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
3DBE000
|
stack
|
page read and write
|
||
|
5620000
|
direct allocation
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
413E000
|
stack
|
page read and write
|
||
|
1A29000
|
heap
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
405E000
|
stack
|
page read and write
|
||
|
3FD000
|
unkown
|
page execute and read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
7AC000
|
unkown
|
page execute and read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
3D7F000
|
stack
|
page read and write
|
||
|
5780000
|
direct allocation
|
page execute and read and write
|
||
|
2B1F000
|
stack
|
page read and write
|
||
|
116D000
|
unkown
|
page execute and write copy
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
36BF000
|
stack
|
page read and write
|
||
|
3FD000
|
unkown
|
page execute and read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
50C0000
|
direct allocation
|
page execute and read and write
|
||
|
130B000
|
unkown
|
page execute and write copy
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
41FF000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
43DF000
|
stack
|
page read and write
|
||
|
5110000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
3E2F000
|
stack
|
page read and write
|
||
|
18C5000
|
heap
|
page read and write
|
||
|
36FE000
|
stack
|
page read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
373F000
|
stack
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
3D2E000
|
stack
|
page read and write
|
||
|
95C000
|
stack
|
page read and write
|
||
|
4C90000
|
direct allocation
|
page execute and read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
34D000
|
unkown
|
page execute and read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
DA2000
|
heap
|
page read and write
|
||
|
3DDE000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
702C000
|
heap
|
page read and write
|
||
|
3B5E000
|
stack
|
page read and write
|
||
|
174F000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
46C0000
|
trusted library allocation
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
5850000
|
direct allocation
|
page execute and read and write
|
||
|
1C0000
|
unkown
|
page read and write
|
||
|
2F3F000
|
stack
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
3C5F000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
5830000
|
direct allocation
|
page execute and read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
130B000
|
unkown
|
page execute and write copy
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
3EFE000
|
stack
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
DBC000
|
heap
|
page read and write
|
||
|
EAA000
|
unkown
|
page write copy
|
||
|
43EF000
|
stack
|
page read and write
|
||
|
35AE000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5130000
|
direct allocation
|
page execute and read and write
|
||
|
116C000
|
unkown
|
page execute and read and write
|
||
|
E3B000
|
stack
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
4C70000
|
direct allocation
|
page execute and read and write
|
||
|
E6E000
|
heap
|
page read and write
|
||
|
58A0000
|
direct allocation
|
page execute and read and write
|
||
|
4CC0000
|
direct allocation
|
page execute and read and write
|
||
|
111A000
|
unkown
|
page execute and read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
271000
|
unkown
|
page execute and read and write
|
||
|
3F5000
|
unkown
|
page execute and read and write
|
||
|
60C000
|
unkown
|
page execute and read and write
|
||
|
397E000
|
stack
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
5600000
|
direct allocation
|
page execute and read and write
|
||
|
5F6000
|
unkown
|
page execute and read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
4C94000
|
direct allocation
|
page read and write
|
||
|
DAC000
|
heap
|
page read and write
|
||
|
4BBD000
|
stack
|
page read and write
|
||
|
198E000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
37FF000
|
stack
|
page read and write
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
34A000
|
unkown
|
page read and write
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
357F000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
3F7F000
|
stack
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
4B10000
|
direct allocation
|
page read and write
|
||
|
50B0000
|
direct allocation
|
page execute and read and write
|
||
|
5BA000
|
unkown
|
page execute and read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
365F000
|
stack
|
page read and write
|
||
|
5870000
|
direct allocation
|
page execute and read and write
|
||
|
4B5F000
|
stack
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
422E000
|
stack
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
5840000
|
direct allocation
|
page execute and read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
85D000
|
unkown
|
page execute and write copy
|
||
|
576F000
|
stack
|
page read and write
|
||
|
3C7E000
|
stack
|
page read and write
|
||
|
EA8000
|
heap
|
page read and write
|
||
|
EAC000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
3DDE000
|
stack
|
page read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
185B000
|
heap
|
page read and write
|
||
|
566C000
|
stack
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
6E27000
|
heap
|
page read and write
|
||
|
4C5F000
|
stack
|
page read and write
|
||
|
1A3F000
|
heap
|
page read and write
|
||
|
4A1F000
|
stack
|
page read and write
|
||
|
1A32000
|
heap
|
page read and write
|
||
|
12FD000
|
heap
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
57D0000
|
direct allocation
|
page execute and read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
196B000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
57F0000
|
direct allocation
|
page execute and read and write
|
||
|
DD4000
|
heap
|
page read and write
|
||
|
60D000
|
unkown
|
page execute and write copy
|
||
|
214000
|
heap
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
57C0000
|
direct allocation
|
page execute and read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
42A0000
|
heap
|
page read and write
|
||
|
3D3E000
|
stack
|
page read and write
|
||
|
3CFF000
|
stack
|
page read and write
|
||
|
3B3E000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
12F1000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
472E000
|
stack
|
page read and write
|
||
|
D21000
|
unkown
|
page execute and read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
E97000
|
heap
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
D21000
|
unkown
|
page execute and write copy
|
||
|
214000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4BD0000
|
direct allocation
|
page execute and read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
7023000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
3A7F000
|
stack
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
D21000
|
unkown
|
page execute and read and write
|
||
|
85B000
|
unkown
|
page execute and write copy
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
7AB000
|
unkown
|
page execute and write copy
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
45AF000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
36AF000
|
stack
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
18BD000
|
heap
|
page read and write
|
||
|
4FAF000
|
stack
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
D40000
|
direct allocation
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
4A40000
|
direct allocation
|
page read and write
|
||
|
6BD000
|
unkown
|
page execute and write copy
|
||
|
4681000
|
heap
|
page read and write
|
||
|
442E000
|
stack
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
56E0000
|
direct allocation
|
page execute and read and write
|
||
|
49FF000
|
stack
|
page read and write
|
||
|
715E000
|
stack
|
page read and write
|
||
|
1034000
|
unkown
|
page execute and read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
415F000
|
stack
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page execute and read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
43FE000
|
stack
|
page read and write
|
||
|
4D4000
|
unkown
|
page execute and read and write
|
||
|
EE8000
|
heap
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
5820000
|
direct allocation
|
page execute and read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
1840000
|
heap
|
page read and write
|
||
|
5620000
|
direct allocation
|
page execute and read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
4A5E000
|
stack
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
4BEF000
|
stack
|
page read and write
|
||
|
50A0000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4B10000
|
direct allocation
|
page read and write
|
||
|
1A8F000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
429F000
|
stack
|
page read and write
|
||
|
E4F000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
E6A000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
3CEF000
|
stack
|
page read and write
|
||
|
3FBE000
|
stack
|
page read and write
|
||
|
6ECE000
|
heap
|
page read and write
|
||
|
DCC000
|
heap
|
page read and write
|
||
|
49AE000
|
stack
|
page read and write
|
||
|
DDE000
|
heap
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
3AFF000
|
stack
|
page read and write
|
||
|
4D10000
|
direct allocation
|
page execute and read and write
|
||
|
469E000
|
stack
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
3EDF000
|
stack
|
page read and write
|
||
|
377E000
|
stack
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
1156000
|
unkown
|
page execute and read and write
|
||
|
12DE000
|
heap
|
page read and write
|
||
|
2C1F000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
3E3F000
|
stack
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
7D1E000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
55F0000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
116C000
|
unkown
|
page execute and write copy
|
||
|
379E000
|
stack
|
page read and write
|
||
|
392F000
|
stack
|
page read and write
|
||
|
EAD000
|
unkown
|
page execute and read and write
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
6BC000
|
unkown
|
page execute and read and write
|
||
|
456E000
|
stack
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
5660000
|
direct allocation
|
page execute and read and write
|
||
|
361F000
|
stack
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4AAF000
|
stack
|
page read and write
|
||
|
375F000
|
stack
|
page read and write
|
||
|
19DE000
|
heap
|
page read and write
|
||
|
3D9F000
|
stack
|
page read and write
|
||
|
18A3000
|
heap
|
page read and write
|
||
|
B8B000
|
stack
|
page read and write
|
||
|
5014000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1893000
|
heap
|
page read and write
|
||
|
EAA000
|
unkown
|
page read and write
|
||
|
1750000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
D20000
|
unkown
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
401F000
|
stack
|
page read and write
|
||
|
5440000
|
direct allocation
|
page read and write
|
||
|
4DDF000
|
stack
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
379E000
|
stack
|
page read and write
|
||
|
45C0000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
3B1F000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
56F0000
|
direct allocation
|
page execute and read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
270000
|
unkown
|
page readonly
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page read and write
|
||
|
45BF000
|
stack
|
page read and write
|
||
|
40AF000
|
stack
|
page read and write
|
||
|
5690000
|
direct allocation
|
page execute and read and write
|
||
|
4780000
|
trusted library allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
5620000
|
direct allocation
|
page read and write
|
||
|
7780000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
325F000
|
stack
|
page read and write
|
||
|
451F000
|
stack
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
5060000
|
direct allocation
|
page execute and read and write
|
||
|
3FAE000
|
stack
|
page read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
EE8000
|
heap
|
page read and write
|
||
|
452F000
|
stack
|
page read and write
|
||
|
4CE0000
|
direct allocation
|
page execute and read and write
|
||
|
66A000
|
unkown
|
page execute and read and write
|
||
|
3F1E000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
417E000
|
stack
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
5880000
|
direct allocation
|
page execute and read and write
|
||
|
18C5000
|
heap
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
139B000
|
stack
|
page read and write
|
||
|
4CB0000
|
direct allocation
|
page execute and read and write
|
||
|
4C90000
|
direct allocation
|
page execute and read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
17E0000
|
heap
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
479F000
|
stack
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
EA5000
|
unkown
|
page execute and read and write
|
||
|
5800000
|
direct allocation
|
page execute and read and write
|
||
|
D21000
|
unkown
|
page execute and write copy
|
||
|
4D70000
|
direct allocation
|
page execute and read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
415F000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
35BE000
|
stack
|
page read and write
|
||
|
33EC000
|
stack
|
page read and write
|
||
|
40BF000
|
stack
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
A8B000
|
stack
|
page read and write
|
||
|
389F000
|
stack
|
page read and write
|
||
|
4680000
|
heap
|
page read and write
|
||
|
584000
|
unkown
|
page execute and read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
4B10000
|
direct allocation
|
page read and write
|
||
|
220000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
187C000
|
heap
|
page read and write
|
||
|
4BC0000
|
direct allocation
|
page execute and read and write
|
||
|
477F000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
115D000
|
unkown
|
page execute and read and write
|
||
|
5620000
|
direct allocation
|
page read and write
|
||
|
115D000
|
unkown
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
43BF000
|
stack
|
page read and write
|
||
|
5640000
|
direct allocation
|
page execute and read and write
|
||
|
3FA000
|
unkown
|
page write copy
|
||
|
1C1000
|
unkown
|
page execute and write copy
|
||
|
188A000
|
heap
|
page read and write
|
||
|
F3C000
|
stack
|
page read and write
|
||
|
85C000
|
unkown
|
page execute and read and write
|
||
|
5030000
|
direct allocation
|
page execute and read and write
|
||
|
D6B000
|
heap
|
page read and write
|
||
|
4F1F000
|
stack
|
page read and write
|
||
|
6BD000
|
unkown
|
page execute and write copy
|
||
|
446F000
|
stack
|
page read and write
|
||
|
D20000
|
unkown
|
page read and write
|
||
|
467E000
|
stack
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
D40000
|
direct allocation
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
3C9E000
|
stack
|
page read and write
|
||
|
16FC000
|
stack
|
page read and write
|
||
|
55C4000
|
direct allocation
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
189D000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
85C000
|
unkown
|
page execute and read and write
|
||
|
4E6F000
|
stack
|
page read and write
|
||
|
1884000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
465F000
|
stack
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page execute and read and write
|
||
|
56A0000
|
direct allocation
|
page execute and read and write
|
||
|
EA5000
|
unkown
|
page execute and read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
12AD000
|
heap
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
482F000
|
stack
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
85D000
|
unkown
|
page execute and write copy
|
||
|
4681000
|
heap
|
page read and write
|
||
|
337F000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
389F000
|
stack
|
page read and write
|
||
|
4AEE000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
383E000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
271000
|
unkown
|
page execute and write copy
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
4C60000
|
direct allocation
|
page execute and read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
131D000
|
heap
|
page read and write
|
||
|
5680000
|
direct allocation
|
page execute and read and write
|
||
|
3F5000
|
unkown
|
page execute and read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
307F000
|
stack
|
page read and write
|
||
|
18A6000
|
heap
|
page read and write
|
||
|
5050000
|
direct allocation
|
page execute and read and write
|
||
|
4C70000
|
direct allocation
|
page execute and read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
130D000
|
unkown
|
page execute and write copy
|
||
|
5920000
|
heap
|
page read and write
|
||
|
4C80000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
17E5000
|
heap
|
page read and write
|
||
|
558F000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
345000
|
unkown
|
page execute and read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
270000
|
unkown
|
page read and write
|
||
|
3C9E000
|
stack
|
page read and write
|
||
|
1AB000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
4CB0000
|
direct allocation
|
page execute and read and write
|
||
|
5100000
|
direct allocation
|
page execute and read and write
|
||
|
5630000
|
direct allocation
|
page execute and read and write
|
||
|
4D30000
|
direct allocation
|
page execute and read and write
|
||
|
4D60000
|
direct allocation
|
page execute and read and write
|
||
|
85A000
|
unkown
|
page execute and read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
EAA000
|
unkown
|
page write copy
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
121F000
|
stack
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
436E000
|
stack
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
1A1A000
|
heap
|
page read and write
|
||
|
DD4000
|
heap
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
5790000
|
direct allocation
|
page execute and read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
47DE000
|
stack
|
page read and write
|
||
|
1A50000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
48DF000
|
stack
|
page read and write
|
||
|
5810000
|
direct allocation
|
page execute and read and write
|
||
|
4BE0000
|
direct allocation
|
page execute and read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
4BC4000
|
direct allocation
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
3BEE000
|
stack
|
page read and write
|
||
|
44FF000
|
stack
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
293C000
|
stack
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
3EBF000
|
stack
|
page read and write
|
||
|
486E000
|
stack
|
page read and write
|
||
|
56C0000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
44BE000
|
stack
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
130A000
|
unkown
|
page execute and read and write
|
||
|
463F000
|
stack
|
page read and write
|
||
|
60C000
|
unkown
|
page execute and write copy
|
||
|
4B90000
|
direct allocation
|
page execute and read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
3A1E000
|
stack
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
BAB000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
57A4000
|
direct allocation
|
page read and write
|
||
|
1A10000
|
heap
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
401F000
|
stack
|
page read and write
|
||
|
1A47000
|
heap
|
page read and write
|
||
|
3E7E000
|
stack
|
page read and write
|
||
|
5620000
|
direct allocation
|
page read and write
|
||
|
441E000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
130A000
|
unkown
|
page execute and read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
1A58000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
382E000
|
stack
|
page read and write
|
||
|
4FF0000
|
direct allocation
|
page execute and read and write
|
||
|
6AD000
|
unkown
|
page execute and read and write
|
||
|
D9D000
|
heap
|
page read and write
|
||
|
55A0000
|
direct allocation
|
page execute and read and write
|
||
|
130D000
|
unkown
|
page execute and write copy
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
85A000
|
unkown
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
3A6F000
|
stack
|
page read and write
|
||
|
584000
|
unkown
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
38DE000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
311F000
|
stack
|
page read and write
|
||
|
4A00000
|
heap
|
page read and write
|
||
|
356F000
|
stack
|
page read and write
|
||
|
210000
|
heap
|
page read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
57E0000
|
direct allocation
|
page execute and read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
19BE000
|
stack
|
page read and write
|
||
|
F5F000
|
stack
|
page read and write
|
||
|
3FA000
|
unkown
|
page write copy
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
EC1000
|
heap
|
page read and write
|
||
|
3B5E000
|
stack
|
page read and write
|
||
|
EAD000
|
unkown
|
page execute and read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
4BA0000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
4D50000
|
direct allocation
|
page execute and read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
336F000
|
stack
|
page read and write
|
||
|
4C50000
|
direct allocation
|
page execute and read and write
|
||
|
4C00000
|
direct allocation
|
page execute and read and write
|
||
|
4C80000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
393F000
|
stack
|
page read and write
|
||
|
188E000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5000000
|
direct allocation
|
page execute and read and write
|
||
|
42DE000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
2E9F000
|
stack
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
3ABE000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
4EDC000
|
stack
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page execute and read and write
|
||
|
4E90000
|
direct allocation
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1327000
|
heap
|
page read and write
|
||
|
130C000
|
unkown
|
page execute and read and write
|
||
|
5440000
|
direct allocation
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
19D0000
|
heap
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
50D0000
|
direct allocation
|
page execute and read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
375F000
|
stack
|
page read and write
|
||
|
37EF000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
298F000
|
stack
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
4B7F000
|
stack
|
page read and write
|
||
|
427F000
|
stack
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
6BC000
|
unkown
|
page execute and write copy
|
||
|
1A30000
|
heap
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
116C000
|
unkown
|
page execute and read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
403D000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
85B000
|
unkown
|
page execute and write copy
|
||
|
46EF000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
3A1E000
|
stack
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
5770000
|
heap
|
page read and write
|
||
|
1A58000
|
heap
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
192E000
|
stack
|
page read and write
|
||
|
250000
|
heap
|
page read and write
|
||
|
3F1E000
|
stack
|
page read and write
|
||
|
5670000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1034000
|
unkown
|
page execute and read and write
|
||
|
42EE000
|
stack
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
38BE000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
5070000
|
direct allocation
|
page execute and read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
387F000
|
stack
|
page read and write
|
||
|
3F6F000
|
stack
|
page read and write
|
||
|
6AD000
|
unkown
|
page execute and read and write
|
||
|
116D000
|
unkown
|
page execute and write copy
|
||
|
4681000
|
heap
|
page read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
39DF000
|
stack
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
3B1F000
|
stack
|
page read and write
|
||
|
DB2000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1A34000
|
heap
|
page read and write
|
||
|
3FFF000
|
stack
|
page read and write
|
||
|
437E000
|
stack
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
D40000
|
direct allocation
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
39BF000
|
stack
|
page read and write
|
||
|
419E000
|
stack
|
page read and write
|
||
|
5010000
|
direct allocation
|
page execute and read and write
|
||
|
5120000
|
direct allocation
|
page execute and read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
55C0000
|
direct allocation
|
page execute and read and write
|
||
|
36EE000
|
stack
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page execute and read and write
|
||
|
5650000
|
direct allocation
|
page execute and read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
573D000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
2D7C000
|
stack
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
4C10000
|
direct allocation
|
page execute and read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
5610000
|
direct allocation
|
page execute and read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
58B0000
|
direct allocation
|
page execute and read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
2A17000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
466F000
|
stack
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
18AD000
|
heap
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
270000
|
unkown
|
page read and write
|
||
|
6A6000
|
unkown
|
page execute and read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
4DA0000
|
direct allocation
|
page execute and read and write
|
||
|
339F000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
E9D000
|
heap
|
page read and write
|
||
|
29CB000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
1307000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
3D9F000
|
stack
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
2D3F000
|
stack
|
page read and write
|
||
|
6A6000
|
unkown
|
page execute and read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
12ED000
|
heap
|
page read and write
|
||
|
1327000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
1A38000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
48BF000
|
stack
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
3BAF000
|
stack
|
page read and write
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
12E9000
|
heap
|
page read and write
|
||
|
4A01000
|
heap
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
423E000
|
stack
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
5890000
|
direct allocation
|
page execute and read and write
|
||
|
18A8000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
4C9F000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
505F000
|
stack
|
page read and write
|
||
|
55D0000
|
direct allocation
|
page execute and read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
271000
|
unkown
|
page execute and write copy
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
12F7000
|
heap
|
page read and write
|
||
|
40FE000
|
stack
|
page read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
CD0000
|
direct allocation
|
page read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
6BC000
|
unkown
|
page execute and read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
4B00000
|
trusted library allocation
|
page read and write
|
||
|
3C5F000
|
stack
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
5080000
|
direct allocation
|
page execute and read and write
|
||
|
10F0000
|
direct allocation
|
page read and write
|
||
|
12D6000
|
heap
|
page read and write
|
||
|
55B0000
|
direct allocation
|
page execute and read and write
|
||
|
455E000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
50E0000
|
direct allocation
|
page execute and read and write
|
||
|
EAA000
|
unkown
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page execute and read and write
|
||
|
496F000
|
stack
|
page read and write
|
||
|
5FD000
|
unkown
|
page execute and read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
66A000
|
unkown
|
page execute and read and write
|
||
|
4C40000
|
direct allocation
|
page execute and read and write
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
56D0000
|
direct allocation
|
page execute and read and write
|
||
|
19DA000
|
heap
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
4B80000
|
direct allocation
|
page execute and read and write
|
||
|
3AAE000
|
stack
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
19C0000
|
direct allocation
|
page read and write
|
||
|
3E6E000
|
stack
|
page read and write
|
||
|
44AE000
|
stack
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
405E000
|
stack
|
page read and write
|
||
|
111A000
|
unkown
|
page execute and read and write
|
||
|
116C000
|
unkown
|
page execute and write copy
|
||
|
1114000
|
heap
|
page read and write
|
||
|
41EF000
|
stack
|
page read and write
|
||
|
40EE000
|
stack
|
page read and write
|
||
|
2E7F000
|
stack
|
page read and write
|
||
|
363E000
|
stack
|
page read and write
|
||
|
34A000
|
unkown
|
page write copy
|
||
|
D04000
|
heap
|
page read and write
|
||
|
38DE000
|
stack
|
page read and write
|
||
|
57BD000
|
stack
|
page read and write
|
||
|
3BBF000
|
stack
|
page read and write
|
||
|
39DF000
|
stack
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
4B5C000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
There are 999 hidden memdumps, click here to show them.