Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
f6t9qa761D.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Windows\SysWOW64\Abagca32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Abgiogom.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Abnopf32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Afeaee32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Aiejgqbd.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Akecacdm.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Apmfnklc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Beadgadc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bkmjkjhd.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bmfpbogh.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Boepdgoi.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Caghjf32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cboabb32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cjemgabj.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Clajoglf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Doaepp32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Windows\SysWOW64\Eakcoodc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Eeflcm32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Efhade32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Efljmjpm.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ekdhoi32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Eoifoe32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Fkcpdl32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Flbkld32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Folfac32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Fompebbg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Gdcmha32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Gfhipbln.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Gkehlfaa.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ihifngfk.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Imjgmahp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jagibbdg.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jagibbdg.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jdlgaj32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jflaad32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jhemcd32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jokilfca.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jpegka32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kbelgk32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kegnnphk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Khhkcgiq.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kkgclgep.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kkipaf32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kkpgnmhh.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kkqaeb32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Knccbbff.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Loplncai.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Makogp32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mbhkpnhb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mddjfiih.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mdicai32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mfhplllf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mhmiah32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mkqoicnb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mlfimg32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nfacbjdk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nfmigk32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nikaqk32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ninbhfea.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Njcedipl.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nmdeneap.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nncepn32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nnglhjfe.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nnhnkmek.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Npjgkp32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Obmmbkej.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ofmbni32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oiehie32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oiibddkd.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Okilnjci.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oleakplj.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Onigbk32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Opldpphi.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pilbmhcp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Plaafobm.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Plfjan32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pnkdgk32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pppjem32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Qanqbgdb.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
There are 70 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\f6t9qa761D.exe
|
"C:\Users\user\Desktop\f6t9qa761D.exe"
|
|
|
|
C:\Windows\SysWOW64\Jagibbdg.exe
|
C:\Windows\system32\Jagibbdg.exe
|
|
|
|
C:\Windows\SysWOW64\Jokilfca.exe
|
C:\Windows\system32\Jokilfca.exe
|
|
|
|
C:\Windows\SysWOW64\Kegnnphk.exe
|
C:\Windows\system32\Kegnnphk.exe
|
|
|
|
C:\Windows\SysWOW64\Knccbbff.exe
|
C:\Windows\system32\Knccbbff.exe
|
|
|
|
C:\Windows\SysWOW64\Kkgclgep.exe
|
C:\Windows\system32\Kkgclgep.exe
|
|
|
|
C:\Windows\SysWOW64\Kkipaf32.exe
|
C:\Windows\system32\Kkipaf32.exe
|
|
|
|
C:\Windows\SysWOW64\Loplncai.exe
|
C:\Windows\system32\Loplncai.exe
|
|
|
|
C:\Windows\SysWOW64\Mlfimg32.exe
|
C:\Windows\system32\Mlfimg32.exe
|
|
|
|
C:\Windows\SysWOW64\Mhmiah32.exe
|
C:\Windows\system32\Mhmiah32.exe
|
|
|
|
C:\Windows\SysWOW64\Mddjfiih.exe
|
C:\Windows\system32\Mddjfiih.exe
|
|
|
|
C:\Windows\SysWOW64\Mbhkpnhb.exe
|
C:\Windows\system32\Mbhkpnhb.exe
|
|
|
|
C:\Windows\SysWOW64\Mkqoicnb.exe
|
C:\Windows\system32\Mkqoicnb.exe
|
|
|
|
C:\Windows\SysWOW64\Mdicai32.exe
|
C:\Windows\system32\Mdicai32.exe
|
|
|
|
C:\Windows\SysWOW64\Mfhplllf.exe
|
C:\Windows\system32\Mfhplllf.exe
|
|
|
|
C:\Windows\SysWOW64\Nncepn32.exe
|
C:\Windows\system32\Nncepn32.exe
|
|
|
|
C:\Windows\SysWOW64\Nmdeneap.exe
|
C:\Windows\system32\Nmdeneap.exe
|
|
|
|
C:\Windows\SysWOW64\Nfmigk32.exe
|
C:\Windows\system32\Nfmigk32.exe
|
|
|
|
C:\Windows\SysWOW64\Nnhnkmek.exe
|
C:\Windows\system32\Nnhnkmek.exe
|
|
|
|
C:\Windows\SysWOW64\Ninbhfea.exe
|
C:\Windows\system32\Ninbhfea.exe
|
|
|
|
C:\Windows\SysWOW64\Nfacbjdk.exe
|
C:\Windows\system32\Nfacbjdk.exe
|
|
|
|
C:\Windows\SysWOW64\Npjgkp32.exe
|
C:\Windows\system32\Npjgkp32.exe
|
|
|
|
C:\Windows\SysWOW64\Opldpphi.exe
|
C:\Windows\system32\Opldpphi.exe
|
|
|
|
C:\Windows\SysWOW64\Oiehie32.exe
|
C:\Windows\system32\Oiehie32.exe
|
|
|
|
C:\Windows\SysWOW64\Obmmbkej.exe
|
C:\Windows\system32\Obmmbkej.exe
|
|
|
|
C:\Windows\SysWOW64\Oleakplj.exe
|
C:\Windows\system32\Oleakplj.exe
|
|
|
|
C:\Windows\SysWOW64\Oiibddkd.exe
|
C:\Windows\system32\Oiibddkd.exe
|
|
|
|
C:\Windows\SysWOW64\Ofmbni32.exe
|
C:\Windows\system32\Ofmbni32.exe
|
|
|
|
C:\Windows\SysWOW64\Onigbk32.exe
|
C:\Windows\system32\Onigbk32.exe
|
|
|
|
C:\Windows\SysWOW64\Pnkdgk32.exe
|
C:\Windows\system32\Pnkdgk32.exe
|
|
|
|
C:\Windows\SysWOW64\Plaafobm.exe
|
C:\Windows\system32\Plaafobm.exe
|
|
|
|
C:\Windows\SysWOW64\Plfjan32.exe
|
C:\Windows\system32\Plfjan32.exe
|
|
|
|
C:\Windows\SysWOW64\Abgiogom.exe
|
C:\Windows\system32\Abgiogom.exe
|
|
|
|
C:\Windows\SysWOW64\Afeaee32.exe
|
C:\Windows\system32\Afeaee32.exe
|
|
|
|
C:\Windows\SysWOW64\Apmfnklc.exe
|
C:\Windows\system32\Apmfnklc.exe
|
|
|
|
C:\Windows\SysWOW64\Aiejgqbd.exe
|
C:\Windows\system32\Aiejgqbd.exe
|
|
|
|
C:\Windows\SysWOW64\Abnopf32.exe
|
C:\Windows\system32\Abnopf32.exe
|
|
|
|
C:\Windows\SysWOW64\Boepdgoi.exe
|
C:\Windows\system32\Boepdgoi.exe
|
|
|
|
C:\Windows\SysWOW64\Bmfpbogh.exe
|
C:\Windows\system32\Bmfpbogh.exe
|
|
There are 29 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://color-bank.ru/index.php
|
unknown
|
|
|
|
http://ldark.nm.ru/index.htm
|
unknown
|
||
|
http://asechka.ru/index.php
|
unknown
|
||
|
http://goldensand.ru/index.php
|
unknown
|
||
|
http://gaz-prom.ru/index.htm
|
unknown
|
||
|
http://devx.nm.ru/index.php
|
unknown
|
||
|
http://crutop.nu/index.htm
|
unknown
|
||
|
http://mazafaka.ru/index.htm
|
unknown
|
||
|
http://fethard.biz/index.php
|
unknown
|
||
|
http://crutop.nuAWM
|
unknown
|
||
|
http://kadet.ru/index.htm
|
unknown
|
||
|
http://cvv.ru/index.htm
|
unknown
|
||
|
http://lovingod.host.sk/index.php
|
unknown
|
||
|
http://parex-bank.ru/index.htm
|
unknown
|
||
|
http://kidos-bank.ru/index.htm
|
unknown
|
||
|
http://fuck.ru/index.php
|
unknown
|
||
|
http://crutop.nu
|
unknown
|
||
|
http://crutop.ru/index.htm
|
unknown
|
||
|
http://ros-neftbank.ru/index.php
|
unknown
|
||
|
http://crutop.nu/index.phphttp://crutop.ru/index.phphttp://mazafaka.ru/index.phphttp://color-bank.ru
|
unknown
|
||
|
http://www.redline.ru/index.php
|
unknown
|
||
|
http://cvv.ru/index.php
|
unknown
|
||
|
http://kavkaz.ru/index.htm
|
unknown
|
||
|
http://potleaf.chat.ru/index.htm
|
unknown
|
||
|
http://trojan.ru/index.php
|
unknown
|
||
|
http://xware.cjb.net/index.htm
|
unknown
|
||
|
http://filesearch.ru/index.php
|
unknown
|
||
|
http://hackers.lv/index.php
|
unknown
|
||
|
http://konfiskat.org/index.htm
|
unknown
|
||
|
http://mazafaka.ru/index.php
|
unknown
|
||
|
http://crutop.nu/index.php
|
unknown
|
||
|
http://fethard.biz/index.htm
|
unknown
|
||
|
http://promo.ru/index.htm
|
unknown
|
||
|
http://crutop.ru/index.php
|
unknown
|
There are 24 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
|
Web Event Logger
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\InProcServer32
|
NULL
|
There are 31 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4C6000
|
heap
|
page read and write
|
|
|
|
556000
|
heap
|
page read and write
|
|
|
|
805000
|
heap
|
page read and write
|
|
|
|
745000
|
heap
|
page read and write
|
|
|
|
696000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
716000
|
heap
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
7C7000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
517000
|
heap
|
page read and write
|
|
|
|
787000
|
heap
|
page read and write
|
|
|
|
827000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5E5000
|
heap
|
page read and write
|
|
|
|
665000
|
heap
|
page read and write
|
|
|
|
4B6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
736000
|
heap
|
page read and write
|
|
|
|
5A7000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5D6000
|
heap
|
page read and write
|
|
|
|
666000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
4D7000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
467000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
607000
|
heap
|
page read and write
|
|
|
|
687000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
665000
|
heap
|
page read and write
|
|
|
|
4C7000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
506000
|
heap
|
page read and write
|
|
|
|
617000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
727000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
757000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
586000
|
heap
|
page read and write
|
|
|
|
7B5000
|
heap
|
page read and write
|
|
|
|
4D7000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
656000
|
heap
|
page read and write
|
|
|
|
4C7000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
517000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
4B6000
|
heap
|
page read and write
|
|
|
|
5C7000
|
heap
|
page read and write
|
|
|
|
665000
|
heap
|
page read and write
|
|
|
|
687000
|
heap
|
page read and write
|
|
|
|
706000
|
heap
|
page read and write
|
|
|
|
767000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
687000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
7A6000
|
heap
|
page read and write
|
|
|
|
7F6000
|
heap
|
page read and write
|
|
|
|
586000
|
heap
|
page read and write
|
|
|
|
5F7000
|
heap
|
page read and write
|
|
|
|
5D5000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5A6000
|
heap
|
page read and write
|
|
|
|
4F6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
765000
|
heap
|
page read and write
|
|
|
|
5F5000
|
heap
|
page read and write
|
|
|
|
467000
|
heap
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
586000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
7A6000
|
heap
|
page read and write
|
|
|
|
5A5000
|
heap
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
5F7000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
507000
|
heap
|
page read and write
|
|
|
|
7D7000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
666000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
506000
|
heap
|
page read and write
|
|
|
|
696000
|
heap
|
page read and write
|
|
|
|
4A5000
|
heap
|
page read and write
|
|
|
|
786000
|
heap
|
page read and write
|
|
|
|
4F6000
|
heap
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
5F6000
|
heap
|
page read and write
|
|
|
|
4C7000
|
heap
|
page read and write
|
|
|
|
4E6000
|
heap
|
page read and write
|
|
|
|
9DF000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
765000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
825000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7AF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
4CE000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
49F000
|
heap
|
page read and write
|
||
|
64E000
|
heap
|
page read and write
|
||
|
4FA000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
49E000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
1FC0000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
83F000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
56E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
5CA000
|
heap
|
page read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
19C000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8EF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
505000
|
heap
|
page read and write
|
||
|
7DA000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
4E5000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
540000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2060000
|
heap
|
page read and write
|
||
|
86F000
|
stack
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
55E000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
505000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2080000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
20B0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
67E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
2000000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
666000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
64E000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
B0F000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
755000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
74E000
|
heap
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
7A6000
|
heap
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
55E000
|
stack
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
600000
|
heap
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
58E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
630000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
58A000
|
heap
|
page read and write
|
||
|
586000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
98F000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
66F000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
83F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
71F000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
7A6000
|
heap
|
page read and write
|
||
|
1F9E000
|
stack
|
page read and write
|
||
|
97F000
|
stack
|
page read and write
|
||
|
2300000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
55E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
56E000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4EA000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
530000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
696000
|
heap
|
page read and write
|
||
|
83F000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
2150000
|
heap
|
page read and write
|
||
|
76F000
|
stack
|
page read and write
|
||
|
49A000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
70F000
|
stack
|
page read and write
|
||
|
77F000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
48E000
|
heap
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
620000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
2290000
|
heap
|
page read and write
|
||
|
20B0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
590000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
209F000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
716000
|
heap
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
4C7000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
2170000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
505000
|
heap
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
71F000
|
stack
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
710000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
490000
|
heap
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
656000
|
heap
|
page read and write
|
||
|
4C5000
|
heap
|
page read and write
|
||
|
74A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7EA000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
216F000
|
stack
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
2240000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
77F000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
59E000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2160000
|
heap
|
page read and write
|
||
|
57F000
|
heap
|
page read and write
|
||
|
7AF000
|
stack
|
page read and write
|
||
|
7A5000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
210F000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
766000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
83F000
|
stack
|
page read and write
|
||
|
76F000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
57F000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
685000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
2110000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
64E000
|
heap
|
page read and write
|
||
|
1F7E000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
72F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
78A000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
53E000
|
heap
|
page read and write
|
||
|
21FF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
530000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
670000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
806000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
4DE000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
58E000
|
stack
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
71E000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
69F000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
4CA000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
825000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
72F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
4A6000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
450000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
71A000
|
heap
|
page read and write
|
||
|
2110000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
55E000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
786000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
19C000
|
stack
|
page read and write
|
||
|
4DE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
4BE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
736000
|
heap
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
73F000
|
stack
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
556000
|
heap
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
64A000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
90F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
59E000
|
stack
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
4FE000
|
heap
|
page read and write
|
||
|
44A000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
685000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
44E000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
4EF000
|
heap
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
490000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
58A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
80F000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4D7000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
20CF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
55E000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
467000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
88F000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
4E6000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
206F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
20FF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
7AF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
93F000
|
stack
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
50E000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
4DA000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
55E000
|
stack
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
56E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
725000
|
heap
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
79A000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
55E000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
1FC0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
785000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
2100000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
587000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
19C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
76A000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
66E000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
63A000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
82F000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
48E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6CF000
|
stack
|
page read and write
|
||
|
82F000
|
stack
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
93F000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
630000
|
heap
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
66F000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
48E000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6EF000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
20CF000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page execute read
|
||
|
92F000
|
stack
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
218F000
|
stack
|
page read and write
|
||
|
64E000
|
heap
|
page read and write
|
||
|
82F000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
600000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
49E000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
78F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
56A000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4C5000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
20CF000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
59E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
45F000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute and write copy
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
53A000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
4BA000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
56A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page write copy
|
||
|
98F000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
430000
|
unkown
|
page execute read
|
||
|
430000
|
unkown
|
page execute read
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page execute and write copy
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
4C5000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
705000
|
heap
|
page read and write
|
||
|
48A000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page execute read
|
||
|
79E000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
There are 1123 hidden memdumps, click here to show them.