Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.InjectorX-gen.20521.11680.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\intercessionate\Favourablies117\sulfonylurea\Aerognosy.Res
|
ASCII text, with very long lines (3095), with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER77C9.tmp.dmp
|
Mini DuMP crash report, 14 streams, Mon Sep 30 12:01:07 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER80C2.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER80F2.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gdteyhmj.s2h.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_idym0olg.jbk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rzzrjaju.32h.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xsqnp4wm.tuq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv4DB0.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x6eec0579, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv64C2.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x6eec0579, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dpvrcfd
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\lkcwddclh
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\intercessionate\Favourablies117\sulfonylurea\Playlet\brkops.ind
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\intercessionate\Favourablies117\sulfonylurea\Playlet\dumrians.und
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\intercessionate\Favourablies117\sulfonylurea\Tribades.vir
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\intercessionate\Favourablies117\sulfonylurea\Ukr.txt
|
ASCII text, with very long lines (359), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\intercessionate\Favourablies117\sulfonylurea\Valvulate.Cru
|
data
|
dropped
|
||
|
C:\Windows\brandbombernes.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.InjectorX-gen.20521.11680.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.InjectorX-gen.20521.11680.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$krjning=Get-Content -Raw 'C:\Users\user\AppData\Roaming\intercessionate\Favourablies117\sulfonylurea\Aerognosy.Res';$Lukewarmly95=$krjning.SubString(5322,3);.$Lukewarmly95($krjning)"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe
|
"C:\Users\user\AppData\Local\Temp\Vaccinerende.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe /stext "C:\Users\user\AppData\Local\Temp\lkcwddclh"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe /stext "C:\Users\user\AppData\Local\Temp\omhpewnevqbu"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe /stext "C:\Users\user\AppData\Local\Temp\yguhfoygjytgatk"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe /stext "C:\Users\user\AppData\Local\Temp\dpvrcfd"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe /stext "C:\Users\user\AppData\Local\Temp\fsbcdyonhlh"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe
|
C:\Users\user\AppData\Local\Temp\Vaccinerende.exe /stext "C:\Users\user\AppData\Local\Temp\qmgvdqygubzojv"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Chivey57" /t REG_EXPAND_SZ
/d "%Misbehavers% -windowstyle 1 $Frligheden=(gp -Path 'HKCU:\Software\Roscoelite\').Aftvttedes;%Misbehavers% ($Frligheden)"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Chivey57" /t REG_EXPAND_SZ /d "%Misbehavers% -windowstyle
1 $Frligheden=(gp -Path 'HKCU:\Software\Roscoelite\').Aftvttedes;%Misbehavers% ($Frligheden)"
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5916 -s 892
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://www.imvu.comta
|
unknown
|
||
|
https://aka.ms/pscore6lBfq
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://192.3.220.22/hFXELFSwRHRwqbE214.bin
|
192.3.220.22
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://crl.microv
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
107.173.4.16
|
unknown
|
United States
|
|
|
|
192.3.220.22
|
unknown
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DSGECX
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DSGECX
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DSGECX
|
time
|
|
|
|
HKEY_CURRENT_USER\Hayweed88\Uninstall\Cakiest237\heelers
|
Armgangen
|
||
|
HKEY_CURRENT_USER\brdbakken\Equableness66\Skvalderen137
|
inoperculate
|
||
|
HKEY_CURRENT_USER\seers\Uninstall\saleably
|
zaffers
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Roscoelite
|
Aftvttedes
|
||
|
HKEY_CURRENT_USER\Environment
|
Misbehavers
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Chivey57
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
ProgramId
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
FileId
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
LongPathHash
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
Name
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
OriginalFileName
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
Publisher
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
Version
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
BinFileVersion
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
BinaryType
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
ProductName
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
ProductVersion
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
LinkDate
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
BinProductVersion
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
Size
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
Language
|
||
|
\REGISTRY\A\{207d8312-10d5-1de1-c59a-959032086811}\Root\InventoryApplicationFile\vaccinerende.exe|4d808e49e249b9de
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 20 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
C608000
|
direct allocation
|
page execute and read and write
|
|
|
|
2C30000
|
direct allocation
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
90D000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
20E6000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
7F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
20DC000
|
heap
|
page read and write
|
||
|
9E08000
|
direct allocation
|
page execute and read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
494000
|
heap
|
page read and write
|
||
|
825E000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
6BB000
|
heap
|
page read and write
|
||
|
463E000
|
stack
|
page read and write
|
||
|
853000
|
heap
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
heap
|
page execute and read and write
|
||
|
2314B000
|
heap
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
225B000
|
heap
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
71C6000
|
heap
|
page read and write
|
||
|
20E1000
|
heap
|
page read and write
|
||
|
2104000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
85D000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
8110000
|
trusted library allocation
|
page read and write
|
||
|
4A3000
|
unkown
|
page readonly
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
DA08000
|
direct allocation
|
page execute and read and write
|
||
|
289B000
|
heap
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
28CF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
525000
|
heap
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
2B5F000
|
unkown
|
page read and write
|
||
|
80C5000
|
trusted library allocation
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
2110000
|
heap
|
page read and write
|
||
|
2BAD000
|
heap
|
page read and write
|
||
|
8E80000
|
heap
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
690B000
|
heap
|
page read and write
|
||
|
68FA000
|
heap
|
page read and write
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
20E1000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
244EC000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
20F7000
|
heap
|
page read and write
|
||
|
82DA000
|
heap
|
page read and write
|
||
|
25FF000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
21D7000
|
heap
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
225B000
|
heap
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
851E000
|
stack
|
page read and write
|
||
|
5D8F000
|
trusted library allocation
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
20FE000
|
heap
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
21C9000
|
heap
|
page read and write
|
||
|
20FB000
|
heap
|
page read and write
|
||
|
21D7000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
25F1000
|
heap
|
page read and write
|
||
|
2718000
|
stack
|
page read and write
|
||
|
20DC000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
26DC000
|
stack
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
244E1000
|
heap
|
page read and write
|
||
|
2310B000
|
heap
|
page read and write
|
||
|
22F42000
|
heap
|
page read and write
|
||
|
5C69000
|
trusted library allocation
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
5C29000
|
trusted library allocation
|
page read and write
|
||
|
2D19000
|
trusted library allocation
|
page read and write
|
||
|
2601000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
21D9000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
20D9000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
231A9000
|
heap
|
page read and write
|
||
|
81F9000
|
heap
|
page read and write
|
||
|
21CC000
|
heap
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
20ED000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
21FF000
|
heap
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
20FF000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
73B0000
|
heap
|
page execute and read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
2C20000
|
direct allocation
|
page read and write
|
||
|
830E000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
22FA1000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
2B88000
|
heap
|
page read and write
|
||
|
27FB000
|
heap
|
page read and write
|
||
|
71CC000
|
heap
|
page read and write
|
||
|
690B000
|
heap
|
page read and write
|
||
|
216B000
|
heap
|
page read and write
|
||
|
261E000
|
stack
|
page read and write
|
||
|
7FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20D1000
|
heap
|
page read and write
|
||
|
8000000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
68FD000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
24F1000
|
heap
|
page read and write
|
||
|
27F4000
|
heap
|
page read and write
|
||
|
26EF000
|
stack
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
21B8000
|
heap
|
page read and write
|
||
|
2D0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
20B8000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
27F5000
|
heap
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page execute and read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
95F000
|
stack
|
page read and write
|
||
|
216B000
|
heap
|
page read and write
|
||
|
21FD000
|
heap
|
page read and write
|
||
|
276D000
|
stack
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
20DF000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
2BFF000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
216B000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
6950000
|
heap
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
71BF000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
20D9000
|
heap
|
page read and write
|
||
|
86C000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
20EA000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
82CA000
|
heap
|
page read and write
|
||
|
20FE000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
20FE000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
221F000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
7207000
|
trusted library allocation
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
74D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
7F80000
|
heap
|
page read and write
|
||
|
20FD000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
2AE0000
|
direct allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
81F4000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
2318D000
|
heap
|
page read and write
|
||
|
216B000
|
heap
|
page read and write
|
||
|
20D1000
|
heap
|
page read and write
|
||
|
68FE000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
743F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
690B000
|
heap
|
page read and write
|
||
|
45FC000
|
stack
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
249F2000
|
heap
|
page read and write
|
||
|
29AF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
5C01000
|
trusted library allocation
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
21ED000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
690B000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
244E5000
|
heap
|
page read and write
|
||
|
55A4000
|
trusted library allocation
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
58A000
|
heap
|
page read and write
|
||
|
20B0000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
20F7000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
D008000
|
direct allocation
|
page execute and read and write
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
4A3000
|
unkown
|
page readonly
|
||
|
18F000
|
stack
|
page read and write
|
||
|
20E1000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
2CD8000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
28B5000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
249FB000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
7F74000
|
stack
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
855E000
|
stack
|
page read and write
|
||
|
86C000
|
heap
|
page read and write
|
||
|
20E7000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20D1000
|
heap
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
177000
|
stack
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
47E000
|
stack
|
page read and write
|
||
|
20FD000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
4C01000
|
trusted library allocation
|
page read and write
|
||
|
2BCF000
|
stack
|
page read and write
|
||
|
20D1000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library section
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
21D9000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
20FC000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
22EC9000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
21ED000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
23ED5000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
225B000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
2313C000
|
heap
|
page read and write
|
||
|
808E000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
480000
|
heap
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
21F9000
|
heap
|
page read and write
|
||
|
84E000
|
stack
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
68F4000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
20D1000
|
heap
|
page read and write
|
||
|
23193000
|
heap
|
page read and write
|
||
|
23ED9000
|
heap
|
page read and write
|
||
|
68FD000
|
heap
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
7133000
|
heap
|
page read and write
|
||
|
2AD0000
|
direct allocation
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
2BB4000
|
heap
|
page read and write
|
||
|
2317B000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
5DA8000
|
trusted library allocation
|
page read and write
|
||
|
22E51000
|
heap
|
page read and write
|
||
|
46AE000
|
stack
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
210F000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
23193000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
87F000
|
stack
|
page read and write
|
||
|
28B2000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
27F9000
|
heap
|
page read and write
|
||
|
27C0000
|
direct allocation
|
page read and write
|
||
|
20B0000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
4650000
|
trusted library allocation
|
page read and write
|
||
|
46B0000
|
heap
|
page read and write
|
||
|
7FE0000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
85C0000
|
trusted library allocation
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
20FB000
|
heap
|
page read and write
|
||
|
5D93000
|
trusted library allocation
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
27E6000
|
heap
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
21DA000
|
heap
|
page read and write
|
||
|
454E000
|
stack
|
page read and write
|
||
|
20D9000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
6DA5000
|
heap
|
page execute and read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
22E51000
|
heap
|
page read and write
|
||
|
20FB000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
20FE000
|
heap
|
page read and write
|
||
|
21C9000
|
heap
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
690B000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
214D000
|
heap
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
7360000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
2C40000
|
direct allocation
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
249F9000
|
heap
|
page read and write
|
||
|
20FD000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
27A0000
|
direct allocation
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
27CE000
|
unkown
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
21D4000
|
heap
|
page read and write
|
||
|
45A8000
|
trusted library allocation
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
46B7000
|
heap
|
page read and write
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
239D1000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
90D000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4B3E000
|
stack
|
page read and write
|
||
|
2BB7000
|
heap
|
page read and write
|
||
|
804E000
|
stack
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
223D000
|
heap
|
page read and write
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
21CC000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
23190000
|
heap
|
page read and write
|
||
|
249FC000
|
heap
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page read and write
|
||
|
B208000
|
direct allocation
|
page execute and read and write
|
||
|
21CF000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
218E000
|
stack
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
820D000
|
heap
|
page read and write
|
||
|
20D5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
77F000
|
stack
|
page read and write
|
||
|
8E70000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
20DC000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
21FD000
|
heap
|
page read and write
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
230C7000
|
heap
|
page read and write
|
||
|
27AD000
|
stack
|
page read and write
|
||
|
212F000
|
heap
|
page read and write
|
||
|
4BE000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
4A3000
|
unkown
|
page readonly
|
||
|
92B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
500000
|
heap
|
page read and write
|
||
|
221F000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
21C5000
|
heap
|
page read and write
|
||
|
21ED000
|
heap
|
page read and write
|
||
|
BC08000
|
direct allocation
|
page execute and read and write
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
68FD000
|
heap
|
page read and write
|
||
|
2104000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
20D5000
|
heap
|
page read and write
|
||
|
6BF000
|
stack
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
210D000
|
heap
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
534000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
8120000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
21CC000
|
heap
|
page read and write
|
||
|
20FE000
|
heap
|
page read and write
|
||
|
21E9000
|
heap
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
587000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
22ECA000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
23ED1000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
244E0000
|
heap
|
page read and write
|
||
|
23193000
|
heap
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
239D3000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
27EF000
|
stack
|
page read and write
|
||
|
6CF000
|
stack
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
68F5000
|
heap
|
page read and write
|
||
|
243ED000
|
heap
|
page read and write
|
||
|
22FA1000
|
heap
|
page read and write
|
||
|
5D9C000
|
trusted library allocation
|
page read and write
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
80F0000
|
trusted library allocation
|
page read and write
|
||
|
68F4000
|
heap
|
page read and write
|
||
|
23093000
|
heap
|
page read and write
|
||
|
2D67000
|
heap
|
page read and write
|
||
|
2B71000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
2ACF000
|
stack
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
92A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
239D8000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
25FF000
|
stack
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
21C5000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
8319000
|
heap
|
page read and write
|
||
|
216B000
|
heap
|
page read and write
|
||
|
26BA000
|
heap
|
page read and write
|
||
|
559C000
|
trusted library allocation
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
82AC000
|
heap
|
page read and write
|
||
|
21FF000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
22EC8000
|
heap
|
page read and write
|
||
|
2BBB000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
210F000
|
heap
|
page read and write
|
||
|
27F8000
|
heap
|
page read and write
|
||
|
7FDA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
27FE000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
5DAD000
|
trusted library allocation
|
page read and write
|
||
|
26D6000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
20FB000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
239DD000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
20DC000
|
heap
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
21E9000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
204E000
|
stack
|
page read and write
|
||
|
21EC000
|
heap
|
page read and write
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
4BA0000
|
heap
|
page execute and read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
6D8000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
208E000
|
stack
|
page read and write
|
||
|
2B4A000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
870D000
|
stack
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
68F4000
|
heap
|
page read and write
|
||
|
75EB000
|
stack
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
25EC000
|
heap
|
page read and write
|
||
|
216B000
|
heap
|
page read and write
|
||
|
A808000
|
direct allocation
|
page execute and read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
254F000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
21ED000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
23093000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
4D56000
|
trusted library allocation
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
223D000
|
heap
|
page read and write
|
||
|
9280000
|
trusted library allocation
|
page read and write
|
||
|
74BD000
|
stack
|
page read and write
|
||
|
21EC000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
6DB0000
|
heap
|
page read and write
|
||
|
73FE000
|
stack
|
page read and write
|
||
|
668000
|
heap
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
23ED5000
|
heap
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
47E000
|
stack
|
page read and write
|
||
|
2D35000
|
trusted library allocation
|
page execute and read and write
|
||
|
20D9000
|
heap
|
page read and write
|
||
|
2CE0000
|
trusted library section
|
page read and write
|
||
|
21C5000
|
heap
|
page read and write
|
||
|
21E9000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2C60000
|
direct allocation
|
page read and write
|
||
|
716A000
|
heap
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
4A3000
|
unkown
|
page readonly
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
61E000
|
stack
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
4590000
|
heap
|
page readonly
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
20E7000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
2B3E000
|
heap
|
page read and write
|
||
|
2301A000
|
heap
|
page read and write
|
||
|
2010000
|
trusted library allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
20FB000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
4A3000
|
unkown
|
page readonly
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
22ECA000
|
heap
|
page read and write
|
||
|
244E4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
860000
|
heap
|
page read and write
|
||
|
4A3000
|
unkown
|
page readonly
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
4A3000
|
unkown
|
page readonly
|
||
|
714D000
|
heap
|
page read and write
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
5A8000
|
heap
|
page read and write
|
||
|
21C9000
|
heap
|
page read and write
|
||
|
7200000
|
trusted library allocation
|
page read and write
|
||
|
4C64000
|
trusted library allocation
|
page read and write
|
||
|
21D6000
|
heap
|
page read and write
|
||
|
2B00000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
883000
|
heap
|
page read and write
|
||
|
27D0000
|
direct allocation
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
239DA000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7FA0000
|
trusted library allocation
|
page read and write
|
||
|
20F5000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
2D32000
|
trusted library allocation
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
21CD000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
23ED8000
|
heap
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
70DE000
|
stack
|
page read and write
|
||
|
2B18000
|
heap
|
page read and write
|
||
|
20FD000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
7FB0000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
589000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
83D0000
|
trusted library allocation
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
225B000
|
heap
|
page read and write
|
||
|
20E1000
|
heap
|
page read and write
|
||
|
81D0000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
20D1000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
92D0000
|
direct allocation
|
page execute and read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
22A5000
|
heap
|
page read and write
|
||
|
21CC000
|
heap
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
direct allocation
|
page read and write
|
||
|
9290000
|
trusted library allocation
|
page read and write
|
||
|
7231000
|
heap
|
page read and write
|
||
|
20F5000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
92C0000
|
direct allocation
|
page execute and read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
2C02000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
225B000
|
heap
|
page read and write
|
||
|
2D04000
|
trusted library allocation
|
page read and write
|
||
|
24F1000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
225B000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
20FE000
|
heap
|
page read and write
|
||
|
23189000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
23ED5000
|
heap
|
page read and write
|
||
|
23190000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
4A3000
|
unkown
|
page readonly
|
||
|
46F000
|
unkown
|
page readonly
|
||
|
249F1000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
27F1000
|
heap
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
877B000
|
stack
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
27B0000
|
direct allocation
|
page read and write
|
||
|
58A000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
23190000
|
heap
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6933000
|
heap
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
248FF000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
68FD000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
81E9000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
20FE000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
20EE000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
490000
|
heap
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
4B8000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
2D03000
|
trusted library allocation
|
page execute and read and write
|
||
|
219F000
|
stack
|
page read and write
|
||
|
86B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
9408000
|
direct allocation
|
page execute and read and write
|
||
|
85D000
|
heap
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21DD000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
2310B000
|
heap
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
20D5000
|
heap
|
page read and write
|
||
|
23092000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page readonly
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
20F1000
|
heap
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
20DD000
|
heap
|
page read and write
|
||
|
22EC8000
|
heap
|
page read and write
|
||
|
212F000
|
heap
|
page read and write
|
||
|
68F1000
|
heap
|
page read and write
|
||
|
70F0000
|
heap
|
page read and write
|
||
|
68F6000
|
heap
|
page read and write
|
||
|
690B000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
690B000
|
heap
|
page read and write
|
||
|
68F4000
|
heap
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
8233000
|
heap
|
page read and write
|
||
|
7FDB8000
|
trusted library allocation
|
page execute and read and write
|
||
|
83D5000
|
trusted library allocation
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
21CE000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
2D2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BAF000
|
stack
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
23ED5000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
5FE000
|
heap
|
page read and write
|
||
|
177000
|
stack
|
page read and write
|
||
|
8100000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
81E1000
|
heap
|
page read and write
|
||
|
21C9000
|
heap
|
page read and write
|
||
|
23189000
|
heap
|
page read and write
|
||
|
20E9000
|
heap
|
page read and write
|
||
|
8205000
|
heap
|
page read and write
|
||
|
20E8000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
694E000
|
heap
|
page read and write
|
||
|
20DE000
|
heap
|
page read and write
|
||
|
68FD000
|
heap
|
page read and write
|
||
|
239D2000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
2BAF000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2109000
|
heap
|
page read and write
|
||
|
20E9000
|
heap
|
page read and write
|
||
|
263D000
|
stack
|
page read and write
|
||
|
210D000
|
heap
|
page read and write
|
||
|
86F000
|
stack
|
page read and write
|
||
|
214D000
|
heap
|
page read and write
|
||
|
25F1000
|
heap
|
page read and write
|
||
|
20FC000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
713D000
|
heap
|
page read and write
|
||
|
273D000
|
stack
|
page read and write
|
||
|
68FC000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
4A3000
|
unkown
|
page readonly
|
There are 1001 hidden memdumps, click here to show them.