Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
useraccount.aspx.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\8f08\user-PC\user-PC.ocx
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_2bd39bf03e29e03d545b368d7283e7143433c9c5_7522e4b5_35332fbf-2f36-469b-9e33-73fbd09af959\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5F96.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat Sep 28 01:22:09 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER637F.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER65C2.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\useraccount.aspx.dll,DllInit
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\useraccount.aspx.dll,DllInitialize
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\useraccount.aspx.dll,DllInstall
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",DllInit
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",DllInitialize
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",DllInstall
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",curl_easy_setopt
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",curl_easy_perform
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",curl_easy_init
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",curl_easy_cleanup
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",_Uninitialize
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",UnregisterDll
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",Uninitialize
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",ThreadFunction
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",Main
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",Init
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",ExportDll
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",Export
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",DllUninitialize
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe -e -n -i:"C:\Users\user\8f08\user-PC\user-PC.ocx" "C:\Users\user\8f08\user-PC\user-PC.ocx"
|
|
|
|
C:\Windows\SysWOW64\regsvr32.exe
|
-e -n -i:"C:\Users\user\8f08\user-PC\user-PC.ocx" "C:\Users\user\8f08\user-PC\user-PC.ocx"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe -e -n -i:"C:\Users\user\8f08\user-PC\user-PC.ocx" "C:\Users\user\8f08\user-PC\user-PC.ocx"
|
|
|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\useraccount.aspx.dll",#1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7584 -s 612
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 19 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://sumonare.com/projects/cloud-solutions/api-v2/index.php
|
194.67.193.12
|
|
|
|
https://baruopas.com/projects/useraccount.aspx
|
194.67.193.13
|
|
|
|
https://sumonare.com/projects/index.aspx
|
194.67.193.12
|
|
|
|
https://sumonare.com/
|
unknown
|
||
|
https://sumonare.com/projects/index.aspxh=
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
baruopas.com
|
194.67.193.13
|
|
|
|
sumonare.com
|
194.67.193.12
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
194.67.193.12
|
sumonare.com
|
Russian Federation
|
|
|
|
194.67.193.13
|
baruopas.com
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\MyApp\TempKey
|
TempValue
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProgramId
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
FileId
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LongPathHash
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Name
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
OriginalFileName
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Publisher
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Version
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinFileVersion
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinaryType
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductName
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductVersion
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LinkDate
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinProductVersion
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Size
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Language
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
IsOsComponent
|
||
|
\REGISTRY\A\{b7450f07-e7bf-3cdb-2f8c-70712c09fd98}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 13 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7F0B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
7F770000
|
direct allocation
|
page execute and read and write
|
|
|
|
52C0000
|
direct allocation
|
page read and write
|
|
|
|
7ED90000
|
direct allocation
|
page execute and read and write
|
|
|
|
4C11000
|
heap
|
page read and write
|
||
|
6CFC3000
|
unkown
|
page read and write
|
||
|
45AE000
|
stack
|
page read and write
|
||
|
4BAF000
|
stack
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
7CB000
|
stack
|
page read and write
|
||
|
5556000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
AFC000
|
stack
|
page read and write
|
||
|
452E000
|
stack
|
page read and write
|
||
|
555C000
|
heap
|
page read and write
|
||
|
277F000
|
stack
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
26B000
|
stack
|
page read and write
|
||
|
2C4B000
|
heap
|
page read and write
|
||
|
23FF000
|
stack
|
page read and write
|
||
|
F6B000
|
heap
|
page read and write
|
||
|
4B73000
|
heap
|
page read and write
|
||
|
6B573000
|
unkown
|
page read and write
|
||
|
274E000
|
stack
|
page read and write
|
||
|
569D000
|
heap
|
page read and write
|
||
|
5601000
|
heap
|
page read and write
|
||
|
2A7C000
|
stack
|
page read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
11B000
|
stack
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
2AFB000
|
stack
|
page read and write
|
||
|
518A000
|
heap
|
page read and write
|
||
|
5551000
|
heap
|
page read and write
|
||
|
42AF000
|
stack
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
25DE000
|
stack
|
page read and write
|
||
|
5618000
|
heap
|
page read and write
|
||
|
473E000
|
stack
|
page read and write
|
||
|
31C7000
|
heap
|
page read and write
|
||
|
505D000
|
stack
|
page read and write
|
||
|
504A000
|
heap
|
page read and write
|
||
|
31BB000
|
heap
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
4720000
|
heap
|
page read and write
|
||
|
4C6F000
|
stack
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
4C35000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
481E000
|
stack
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
239F000
|
stack
|
page read and write
|
||
|
2B9A000
|
heap
|
page read and write
|
||
|
5558000
|
heap
|
page read and write
|
||
|
701CF000
|
unkown
|
page readonly
|
||
|
4CB0000
|
remote allocation
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
4CDE000
|
heap
|
page read and write
|
||
|
506C000
|
heap
|
page read and write
|
||
|
2AEA000
|
heap
|
page read and write
|
||
|
23EE000
|
stack
|
page read and write
|
||
|
DB000
|
stack
|
page read and write
|
||
|
5559000
|
heap
|
page read and write
|
||
|
4FB6000
|
heap
|
page read and write
|
||
|
290C000
|
stack
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
6D591000
|
unkown
|
page readonly
|
||
|
509E000
|
heap
|
page read and write
|
||
|
4760000
|
heap
|
page read and write
|
||
|
5633000
|
heap
|
page read and write
|
||
|
5637000
|
heap
|
page read and write
|
||
|
7F312000
|
direct allocation
|
page execute and read and write
|
||
|
47E0000
|
remote allocation
|
page read and write
|
||
|
BFC000
|
stack
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
24EC000
|
stack
|
page read and write
|
||
|
24B000
|
stack
|
page read and write
|
||
|
2AEF000
|
stack
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
32F7000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
4B79000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
5559000
|
heap
|
page read and write
|
||
|
4FB9000
|
heap
|
page read and write
|
||
|
4FB5000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
24AB000
|
stack
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
4B7B000
|
heap
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
2BCC000
|
heap
|
page read and write
|
||
|
4C3B000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
543B000
|
stack
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
4C5D000
|
heap
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
4C54000
|
heap
|
page read and write
|
||
|
4A4E000
|
stack
|
page read and write
|
||
|
4C5F000
|
stack
|
page read and write
|
||
|
7EFF2000
|
direct allocation
|
page execute and read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
515F000
|
heap
|
page read and write
|
||
|
4FBF000
|
heap
|
page read and write
|
||
|
4D1B000
|
heap
|
page read and write
|
||
|
5557000
|
heap
|
page read and write
|
||
|
4C47000
|
heap
|
page read and write
|
||
|
5551000
|
heap
|
page read and write
|
||
|
4A8E000
|
stack
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
2B8D000
|
stack
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
3E1F000
|
stack
|
page read and write
|
||
|
4C1E000
|
stack
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
3F20000
|
heap
|
page read and write
|
||
|
56EC000
|
heap
|
page read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
5230000
|
remote allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
42F0000
|
heap
|
page read and write
|
||
|
2C26000
|
heap
|
page read and write
|
||
|
4C3F000
|
heap
|
page read and write
|
||
|
4FB8000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
4AEE000
|
stack
|
page read and write
|
||
|
4FB2000
|
heap
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
4CB0000
|
remote allocation
|
page read and write
|
||
|
5553000
|
heap
|
page read and write
|
||
|
252C000
|
stack
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
56CE000
|
heap
|
page read and write
|
||
|
563D000
|
heap
|
page read and write
|
||
|
5618000
|
heap
|
page read and write
|
||
|
321C000
|
heap
|
page read and write
|
||
|
4FBA000
|
heap
|
page read and write
|
||
|
7EFF6000
|
direct allocation
|
page execute and read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
4C28000
|
heap
|
page read and write
|
||
|
4B72000
|
heap
|
page read and write
|
||
|
362E000
|
stack
|
page read and write
|
||
|
555A000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
50A5000
|
heap
|
page read and write
|
||
|
5623000
|
heap
|
page read and write
|
||
|
4790000
|
heap
|
page read and write
|
||
|
4C67000
|
heap
|
page read and write
|
||
|
4871000
|
heap
|
page read and write
|
||
|
4B7B000
|
heap
|
page read and write
|
||
|
289D000
|
heap
|
page read and write
|
||
|
567E000
|
heap
|
page read and write
|
||
|
555F000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
563C000
|
heap
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
4FB6000
|
heap
|
page read and write
|
||
|
6B54F000
|
unkown
|
page readonly
|
||
|
6CF9F000
|
unkown
|
page readonly
|
||
|
29FC000
|
stack
|
page read and write
|
||
|
2E8F000
|
stack
|
page read and write
|
||
|
561A000
|
heap
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
5551000
|
heap
|
page read and write
|
||
|
35EF000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
4CB1000
|
heap
|
page read and write
|
||
|
2A6F000
|
stack
|
page read and write
|
||
|
5066000
|
heap
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
119E000
|
stack
|
page read and write
|
||
|
5558000
|
heap
|
page read and write
|
||
|
2A3B000
|
stack
|
page read and write
|
||
|
505E000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
5558000
|
heap
|
page read and write
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
570D000
|
heap
|
page read and write
|
||
|
4C4B000
|
heap
|
page read and write
|
||
|
28AA000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
239E000
|
stack
|
page read and write
|
||
|
4C19000
|
heap
|
page read and write
|
||
|
5553000
|
heap
|
page read and write
|
||
|
4CDF000
|
heap
|
page read and write
|
||
|
5124000
|
heap
|
page read and write
|
||
|
22CC000
|
stack
|
page read and write
|
||
|
4FBD000
|
heap
|
page read and write
|
||
|
4FB2000
|
heap
|
page read and write
|
||
|
6D591000
|
unkown
|
page readonly
|
||
|
4DB1000
|
heap
|
page read and write
|
||
|
4B74000
|
heap
|
page read and write
|
||
|
5068000
|
heap
|
page read and write
|
||
|
3E9F000
|
stack
|
page read and write
|
||
|
366F000
|
stack
|
page read and write
|
||
|
50B000
|
stack
|
page read and write
|
||
|
4DD0000
|
heap
|
page read and write
|
||
|
4966000
|
heap
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
5637000
|
heap
|
page read and write
|
||
|
6B4A1000
|
unkown
|
page execute read
|
||
|
5557000
|
heap
|
page read and write
|
||
|
2C7C000
|
stack
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
4C24000
|
heap
|
page read and write
|
||
|
EC000
|
stack
|
page read and write
|
||
|
508F000
|
heap
|
page read and write
|
||
|
701B1000
|
unkown
|
page execute read
|
||
|
55FB000
|
heap
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
555C000
|
heap
|
page read and write
|
||
|
55F1000
|
heap
|
page read and write
|
||
|
3105000
|
heap
|
page read and write
|
||
|
32AC000
|
stack
|
page read and write
|
||
|
4B74000
|
heap
|
page read and write
|
||
|
5614000
|
heap
|
page read and write
|
||
|
426E000
|
stack
|
page read and write
|
||
|
4FBF000
|
heap
|
page read and write
|
||
|
46EE000
|
stack
|
page read and write
|
||
|
4B76000
|
heap
|
page read and write
|
||
|
287E000
|
stack
|
page read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
4C1F000
|
stack
|
page read and write
|
||
|
4871000
|
heap
|
page read and write
|
||
|
47E0000
|
remote allocation
|
page read and write
|
||
|
5605000
|
heap
|
page read and write
|
||
|
555A000
|
heap
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
4FB4000
|
heap
|
page read and write
|
||
|
4A22000
|
heap
|
page read and write
|
||
|
5727000
|
heap
|
page read and write
|
||
|
5555000
|
heap
|
page read and write
|
||
|
4B77000
|
heap
|
page read and write
|
||
|
4FBB000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C33000
|
heap
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
315A000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
7F9D2000
|
direct allocation
|
page execute and read and write
|
||
|
53FC000
|
stack
|
page read and write
|
||
|
286F000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
4C0B000
|
heap
|
page read and write
|
||
|
2F9C000
|
stack
|
page read and write
|
||
|
4E50000
|
heap
|
page read and write
|
||
|
4B7F000
|
heap
|
page read and write
|
||
|
33EA000
|
heap
|
page read and write
|
||
|
22AA000
|
heap
|
page read and write
|
||
|
6BB41000
|
unkown
|
page readonly
|
||
|
45ED000
|
stack
|
page read and write
|
||
|
4B7B000
|
heap
|
page read and write
|
||
|
505E000
|
heap
|
page read and write
|
||
|
4FB4000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
4AA0000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
4CAE000
|
heap
|
page read and write
|
||
|
4B7F000
|
heap
|
page read and write
|
||
|
6CEF1000
|
unkown
|
page execute read
|
||
|
32AF000
|
stack
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
2E6D000
|
stack
|
page read and write
|
||
|
A37000
|
stack
|
page read and write
|
||
|
324E000
|
heap
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
28BF000
|
stack
|
page read and write
|
||
|
555C000
|
heap
|
page read and write
|
||
|
5049000
|
heap
|
page read and write
|
||
|
4870000
|
heap
|
page read and write
|
||
|
4FB5000
|
heap
|
page read and write
|
||
|
4B76000
|
heap
|
page read and write
|
||
|
6CEF0000
|
unkown
|
page readonly
|
||
|
4D2E000
|
heap
|
page read and write
|
||
|
4CBD000
|
heap
|
page read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
307C000
|
stack
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
55F7000
|
heap
|
page read and write
|
||
|
4C3E000
|
heap
|
page read and write
|
||
|
50EF000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
4FB7000
|
heap
|
page read and write
|
||
|
6D58F000
|
unkown
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
5556000
|
heap
|
page read and write
|
||
|
5097000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
AB000
|
stack
|
page read and write
|
||
|
4C35000
|
heap
|
page read and write
|
||
|
5553000
|
heap
|
page read and write
|
||
|
30AC000
|
stack
|
page read and write
|
||
|
555F000
|
heap
|
page read and write
|
||
|
6D591000
|
unkown
|
page readonly
|
||
|
571A000
|
heap
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
48B0000
|
heap
|
page read and write
|
||
|
12DF000
|
stack
|
page read and write
|
||
|
4CB0000
|
remote allocation
|
page read and write
|
||
|
4FBE000
|
heap
|
page read and write
|
||
|
4D3C000
|
heap
|
page read and write
|
||
|
4B7B000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
4B6E000
|
stack
|
page read and write
|
||
|
5055000
|
heap
|
page read and write
|
||
|
F6F000
|
heap
|
page read and write
|
||
|
4C42000
|
heap
|
page read and write
|
||
|
4D0D000
|
heap
|
page read and write
|
||
|
46AE000
|
stack
|
page read and write
|
||
|
6D58F000
|
unkown
|
page read and write
|
||
|
5608000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
3216000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
4C17000
|
heap
|
page read and write
|
||
|
416E000
|
stack
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
5230000
|
remote allocation
|
page read and write
|
||
|
5556000
|
heap
|
page read and write
|
||
|
29BB000
|
stack
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
4350000
|
heap
|
page read and write
|
||
|
5556000
|
heap
|
page read and write
|
||
|
462C000
|
stack
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
2CD5000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
55ED000
|
heap
|
page read and write
|
||
|
508B000
|
heap
|
page read and write
|
||
|
4FB5000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
4FB2000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
562C000
|
heap
|
page read and write
|
||
|
2020000
|
heap
|
page read and write
|
||
|
4FB9000
|
heap
|
page read and write
|
||
|
5067000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
5078000
|
heap
|
page read and write
|
||
|
4D29000
|
heap
|
page read and write
|
||
|
4C05000
|
heap
|
page read and write
|
||
|
56BF000
|
heap
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
50AA000
|
heap
|
page read and write
|
||
|
4C33000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
3E5E000
|
stack
|
page read and write
|
||
|
5558000
|
heap
|
page read and write
|
||
|
5632000
|
heap
|
page read and write
|
||
|
5094000
|
heap
|
page read and write
|
||
|
4BBC000
|
stack
|
page read and write
|
||
|
563E000
|
heap
|
page read and write
|
||
|
4FBE000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
271E000
|
stack
|
page read and write
|
||
|
5729000
|
heap
|
page read and write
|
||
|
6CFC3000
|
unkown
|
page read and write
|
||
|
5098000
|
heap
|
page read and write
|
||
|
47E0000
|
remote allocation
|
page read and write
|
||
|
5552000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
4B2F000
|
stack
|
page read and write
|
||
|
2E8A000
|
heap
|
page read and write
|
||
|
509D000
|
stack
|
page read and write
|
||
|
5634000
|
heap
|
page read and write
|
||
|
23DE000
|
stack
|
page read and write
|
||
|
307C000
|
stack
|
page read and write
|
||
|
4B75000
|
heap
|
page read and write
|
||
|
507B000
|
heap
|
page read and write
|
||
|
517C000
|
heap
|
page read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
4CAF000
|
heap
|
page read and write
|
||
|
4B73000
|
heap
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
2BDF000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
4CA7000
|
heap
|
page read and write
|
||
|
2CBB000
|
stack
|
page read and write
|
||
|
4B72000
|
heap
|
page read and write
|
||
|
6D229000
|
unkown
|
page read and write
|
||
|
5072000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
4490000
|
heap
|
page read and write
|
||
|
120000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
31CC000
|
heap
|
page read and write
|
||
|
4C6E000
|
stack
|
page read and write
|
||
|
2E2C000
|
stack
|
page read and write
|
||
|
306B000
|
stack
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
4B7A000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
422F000
|
stack
|
page read and write
|
||
|
7F9D6000
|
direct allocation
|
page execute and read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
290E000
|
stack
|
page read and write
|
||
|
6BB3F000
|
unkown
|
page read and write
|
||
|
24E000
|
stack
|
page read and write
|
||
|
4EF000
|
stack
|
page read and write
|
||
|
510E000
|
heap
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
4B79000
|
heap
|
page read and write
|
||
|
5558000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
28FA000
|
heap
|
page read and write
|
||
|
5450000
|
heap
|
page read and write
|
||
|
2F6B000
|
stack
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
6CEF0000
|
unkown
|
page readonly
|
||
|
3200000
|
heap
|
page read and write
|
||
|
2B4F000
|
stack
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
6D58F000
|
unkown
|
page read and write
|
||
|
564F000
|
heap
|
page read and write
|
||
|
5099000
|
heap
|
page read and write
|
||
|
49CE000
|
heap
|
page read and write
|
||
|
4B7D000
|
heap
|
page read and write
|
||
|
326B000
|
stack
|
page read and write
|
||
|
5559000
|
heap
|
page read and write
|
||
|
4C59000
|
heap
|
page read and write
|
||
|
555B000
|
heap
|
page read and write
|
||
|
4FB7000
|
heap
|
page read and write
|
||
|
561A000
|
heap
|
page read and write
|
||
|
263F000
|
stack
|
page read and write
|
||
|
560F000
|
heap
|
page read and write
|
||
|
293F000
|
stack
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
4FB8000
|
heap
|
page read and write
|
||
|
5678000
|
heap
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
4B7E000
|
heap
|
page read and write
|
||
|
5069000
|
heap
|
page read and write
|
||
|
47AF000
|
stack
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
5557000
|
heap
|
page read and write
|
||
|
5451000
|
heap
|
page read and write
|
||
|
289A000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
4C28000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
5555000
|
heap
|
page read and write
|
||
|
4B7D000
|
heap
|
page read and write
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
555F000
|
heap
|
page read and write
|
||
|
4FB2000
|
heap
|
page read and write
|
||
|
5635000
|
heap
|
page read and write
|
||
|
5043000
|
heap
|
page read and write
|
||
|
560D000
|
heap
|
page read and write
|
||
|
5606000
|
heap
|
page read and write
|
||
|
508B000
|
heap
|
page read and write
|
||
|
4B7D000
|
heap
|
page read and write
|
||
|
4B78000
|
heap
|
page read and write
|
||
|
4B73000
|
heap
|
page read and write
|
||
|
4C59000
|
heap
|
page read and write
|
||
|
862000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
4912000
|
heap
|
page read and write
|
||
|
5083000
|
heap
|
page read and write
|
||
|
4B70000
|
heap
|
page read and write
|
||
|
2D1F000
|
stack
|
page read and write
|
||
|
4B71000
|
heap
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
2B1A000
|
heap
|
page read and write
|
||
|
4913000
|
heap
|
page read and write
|
||
|
4C59000
|
heap
|
page read and write
|
||
|
4CDD000
|
heap
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
55E1000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
4FBC000
|
heap
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
2C45000
|
heap
|
page read and write
|
||
|
514E000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
485E000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
562C000
|
heap
|
page read and write
|
||
|
555E000
|
heap
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
42F0000
|
heap
|
page read and write
|
||
|
32BF000
|
stack
|
page read and write
|
||
|
5559000
|
heap
|
page read and write
|
||
|
5556000
|
heap
|
page read and write
|
||
|
4C3D000
|
heap
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
4B74000
|
heap
|
page read and write
|
||
|
31A5000
|
heap
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
4FBF000
|
heap
|
page read and write
|
||
|
2E0F000
|
stack
|
page read and write
|
||
|
6B4A0000
|
unkown
|
page readonly
|
||
|
323A000
|
heap
|
page read and write
|
||
|
F78000
|
heap
|
page read and write
|
||
|
4FBB000
|
heap
|
page read and write
|
||
|
506A000
|
heap
|
page read and write
|
||
|
50DA000
|
heap
|
page read and write
|
||
|
48C6000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4A0E000
|
stack
|
page read and write
|
||
|
4FB2000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
4CCA000
|
heap
|
page read and write
|
||
|
701C6000
|
unkown
|
page readonly
|
||
|
263A000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
561E000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
50AD000
|
heap
|
page read and write
|
||
|
505C000
|
heap
|
page read and write
|
||
|
513F000
|
heap
|
page read and write
|
||
|
505A000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
5085000
|
heap
|
page read and write
|
||
|
4B73000
|
heap
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
4E2C000
|
heap
|
page read and write
|
||
|
5617000
|
heap
|
page read and write
|
||
|
475E000
|
stack
|
page read and write
|
||
|
3720000
|
heap
|
page read and write
|
||
|
6CF9F000
|
unkown
|
page readonly
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
6CEF0000
|
unkown
|
page readonly
|
||
|
560A000
|
heap
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
5097000
|
heap
|
page read and write
|
||
|
4FB5000
|
heap
|
page read and write
|
||
|
4B7C000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
32DA000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
6CEF1000
|
unkown
|
page execute read
|
||
|
23FB000
|
stack
|
page read and write
|
||
|
4FBC000
|
heap
|
page read and write
|
||
|
4FBA000
|
heap
|
page read and write
|
||
|
4CB1000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
517C000
|
heap
|
page read and write
|
||
|
4B7D000
|
heap
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
4FB2000
|
heap
|
page read and write
|
||
|
286B000
|
heap
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
456D000
|
stack
|
page read and write
|
||
|
5437000
|
stack
|
page read and write
|
||
|
6D229000
|
unkown
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
576C000
|
heap
|
page read and write
|
||
|
2C3B000
|
stack
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
23A5000
|
heap
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
56FF000
|
heap
|
page read and write
|
||
|
4FBA000
|
heap
|
page read and write
|
||
|
15C000
|
stack
|
page read and write
|
||
|
56F000
|
stack
|
page read and write
|
||
|
701B0000
|
unkown
|
page readonly
|
||
|
2320000
|
heap
|
page read and write
|
||
|
4C02000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
4330000
|
heap
|
page read and write
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
55E9000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
56DB000
|
heap
|
page read and write
|
||
|
4B77000
|
heap
|
page read and write
|
||
|
4B7A000
|
heap
|
page read and write
|
||
|
6B7D9000
|
unkown
|
page read and write
|
||
|
5617000
|
heap
|
page read and write
|
||
|
4C6C000
|
heap
|
page read and write
|
||
|
230B000
|
stack
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
55FB000
|
heap
|
page read and write
|
||
|
2C27000
|
heap
|
page read and write
|
||
|
4B73000
|
heap
|
page read and write
|
||
|
4B70000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
303B000
|
stack
|
page read and write
|
||
|
4B76000
|
heap
|
page read and write
|
||
|
6CF9F000
|
unkown
|
page readonly
|
||
|
5554000
|
heap
|
page read and write
|
||
|
701CD000
|
unkown
|
page read and write
|
||
|
5096000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
24EB000
|
stack
|
page read and write
|
||
|
4FB2000
|
heap
|
page read and write
|
||
|
2CF8000
|
stack
|
page read and write
|
||
|
4C2C000
|
heap
|
page read and write
|
||
|
5086000
|
heap
|
page read and write
|
||
|
4B71000
|
heap
|
page read and write
|
||
|
4B78000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
4B72000
|
heap
|
page read and write
|
||
|
4FBE000
|
heap
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
23BE000
|
stack
|
page read and write
|
||
|
5552000
|
heap
|
page read and write
|
||
|
28CB000
|
stack
|
page read and write
|
||
|
511D000
|
heap
|
page read and write
|
||
|
3550000
|
heap
|
page read and write
|
||
|
4FB5000
|
heap
|
page read and write
|
||
|
504A000
|
heap
|
page read and write
|
||
|
4B7D000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
506E000
|
heap
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
2B3C000
|
stack
|
page read and write
|
||
|
293A000
|
heap
|
page read and write
|
||
|
5066000
|
heap
|
page read and write
|
||
|
4FBA000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
A8F000
|
stack
|
page read and write
|
||
|
56A7000
|
heap
|
page read and write
|
||
|
4B77000
|
heap
|
page read and write
|
||
|
4C3E000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
563F000
|
heap
|
page read and write
|
||
|
5088000
|
heap
|
page read and write
|
||
|
5623000
|
heap
|
page read and write
|
||
|
4D1E000
|
heap
|
page read and write
|
||
|
4FB7000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
2FAC000
|
stack
|
page read and write
|
||
|
2815000
|
heap
|
page read and write
|
||
|
506E000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
4B2E000
|
stack
|
page read and write
|
||
|
6D229000
|
unkown
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
4B7E000
|
heap
|
page read and write
|
||
|
5552000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
4C4D000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
5089000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
5059000
|
heap
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
4C45000
|
heap
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
5064000
|
heap
|
page read and write
|
||
|
2F6A000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
2831000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
234C000
|
stack
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
2804000
|
heap
|
page read and write
|
||
|
27BA000
|
heap
|
page read and write
|
||
|
4B70000
|
heap
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
31BA000
|
heap
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
4C54000
|
heap
|
page read and write
|
||
|
2F0F000
|
stack
|
page read and write
|
||
|
4C55000
|
heap
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
2C33000
|
heap
|
page read and write
|
||
|
55FC000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
6CFC3000
|
unkown
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
477E000
|
stack
|
page read and write
|
||
|
320A000
|
heap
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
4D5D000
|
heap
|
page read and write
|
||
|
4C02000
|
heap
|
page read and write
|
||
|
2C48000
|
heap
|
page read and write
|
||
|
34DA000
|
heap
|
page read and write
|
||
|
4FB2000
|
heap
|
page read and write
|
||
|
4B72000
|
heap
|
page read and write
|
||
|
41AF000
|
stack
|
page read and write
|
||
|
7F316000
|
direct allocation
|
page execute and read and write
|
||
|
303B000
|
stack
|
page read and write
|
||
|
6CEF1000
|
unkown
|
page execute read
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
560B000
|
heap
|
page read and write
|
||
|
5230000
|
remote allocation
|
page read and write
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
22C8000
|
stack
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
263C000
|
stack
|
page read and write
|
||
|
555B000
|
heap
|
page read and write
|
||
|
5643000
|
heap
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
4FBE000
|
heap
|
page read and write
|
||
|
3226000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
49CE000
|
stack
|
page read and write
|
||
|
555A000
|
heap
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
23EF000
|
stack
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2F5B000
|
stack
|
page read and write
|
||
|
31D6000
|
heap
|
page read and write
|
||
|
5605000
|
heap
|
page read and write
|
There are 743 hidden memdumps, click here to show them.