Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Payment Advice Note_Pdf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\toenailed\quoteworthy\Atoning\Skiftevis.sys
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\68560319414786744274685.tmp
|
SQLite 3.x database, last written using SQLite version 3045002, page size 2048, file counter 4, database pages 23, cookie
0x19, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\nssdbm3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DFE8CB31\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nseEFF9.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\toenailed\quoteworthy\Atoning\Kisaeng.Nus
|
data
|
dropped
|
||
|
C:\Users\user\toenailed\quoteworthy\Atoning\balow.kni
|
data
|
dropped
|
||
|
C:\Users\user\toenailed\quoteworthy\Atoning\hydrokinetic.und
|
data
|
dropped
|
||
|
C:\Users\user\toenailed\quoteworthy\Atoning\rundkreds.non
|
data
|
dropped
|
||
|
C:\Users\user\toenailed\quoteworthy\Atoning\unvociferously.txt
|
ASCII text, with very long lines (337), with no line terminators
|
dropped
|
There are 47 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Payment Advice Note_Pdf.exe
|
"C:\Users\user\Desktop\Payment Advice Note_Pdf.exe"
|
|
|
|
C:\Users\user\Desktop\Payment Advice Note_Pdf.exe
|
"C:\Users\user\Desktop\Payment Advice Note_Pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c C:\Windows\system32\timeout.exe 3 & del "Payment Advice Note_Pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\timeout.exe
|
C:\Windows\system32\timeout.exe 3
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://d4hk.shop/MI341/index.php
|
172.67.215.93
|
|
|
|
http://www.quovadis.bm0
|
unknown
|
||
|
http://d4hk.shop/MI341/index.phpA
|
unknown
|
||
|
https://uktnl.vantechdns.com/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
||
|
http://d4hk.shop/
|
unknown
|
||
|
https://uktnl.vantechdns.com/Hpgcc91.bin
|
172.93.121.126
|
||
|
https://uktnl.vantechdns.com/d4
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
d4hk.shop
|
172.67.215.93
|
|
|
|
uktnl.vantechdns.com
|
172.93.121.126
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.215.93
|
d4hk.shop
|
United States
|
|
|
|
172.93.121.126
|
uktnl.vantechdns.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
36590000
|
direct allocation
|
page read and write
|
|
|
|
77F5000
|
direct allocation
|
page execute and read and write
|
|
|
|
60000
|
direct allocation
|
page read and write
|
|
|
|
5A0000
|
heap
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
3675000
|
remote allocation
|
page execute and read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2CC6000
|
heap
|
page read and write
|
||
|
110000
|
direct allocation
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
358A0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
23D0000
|
direct allocation
|
page read and write
|
||
|
2946000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
37009000
|
heap
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
708E000
|
stack
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
53C7000
|
heap
|
page read and write
|
||
|
541B000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35AA0000
|
direct allocation
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
2CE1000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
453000
|
unkown
|
page readonly
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
32A0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
3AEC000
|
stack
|
page read and write
|
||
|
3585C000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
23E0000
|
direct allocation
|
page read and write
|
||
|
114000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
25FE000
|
unkown
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5340000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2947000
|
heap
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
D0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2CC6000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
53C6000
|
heap
|
page read and write
|
||
|
94000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35BB0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
32D0000
|
direct allocation
|
page read and write
|
||
|
2C75000
|
remote allocation
|
page execute and read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
36FCD000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5429000
|
heap
|
page read and write
|
||
|
3563F000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5418000
|
heap
|
page read and write
|
||
|
542F000
|
heap
|
page read and write
|
||
|
6FB0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
358A0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
7010000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
53C7000
|
heap
|
page read and write
|
||
|
58F000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
59B000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
36FE1000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
283F000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
59B000
|
heap
|
page read and write
|
||
|
3260000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
568F000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5418000
|
heap
|
page read and write
|
||
|
58F000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36B00000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
453000
|
unkown
|
page readonly
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5447000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
541B000
|
heap
|
page read and write
|
||
|
C0000
|
direct allocation
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
80000
|
direct allocation
|
page read and write
|
||
|
36128000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
354EF000
|
stack
|
page read and write
|
||
|
59B000
|
heap
|
page read and write
|
||
|
5B1000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5418000
|
heap
|
page read and write
|
||
|
35B30000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
69E000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
356A0000
|
remote allocation
|
page read and write
|
||
|
36C40000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
35BB0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
3553E000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
80000
|
direct allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
358A0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
16D0000
|
remote allocation
|
page execute and read and write
|
||
|
59B000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
541B000
|
heap
|
page read and write
|
||
|
35C0C000
|
direct allocation
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
E0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
3586B000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
358B8000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
5244000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
35AD0000
|
direct allocation
|
page read and write
|
||
|
35B10000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
6C000
|
direct allocation
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
36C81000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36D80000
|
trusted library allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
88000
|
direct allocation
|
page read and write
|
||
|
352AD000
|
stack
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
78000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
53C5000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
293F000
|
stack
|
page read and write
|
||
|
5429000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35A14000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5B1000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36C30000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
53C7000
|
heap
|
page read and write
|
||
|
5B1000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
58F000
|
heap
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
68000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
453000
|
unkown
|
page readonly
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
28FF000
|
unkown
|
page read and write
|
||
|
6C000
|
direct allocation
|
page read and write
|
||
|
554F000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
541B000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
5B1000
|
heap
|
page read and write
|
||
|
3576C000
|
stack
|
page read and write
|
||
|
3270000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
59B000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
29EC000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
59B000
|
heap
|
page read and write
|
||
|
74000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35B00000
|
direct allocation
|
page read and write
|
||
|
580F000
|
stack
|
page read and write
|
||
|
41D000
|
stack
|
page read and write
|
||
|
6FE0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
22DE000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2CC2000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
3516F000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
68000
|
direct allocation
|
page read and write
|
||
|
70CE000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
7C000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
568000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35B80000
|
direct allocation
|
page read and write
|
||
|
523E000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5B1000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
3571F000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
358B0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
7126000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
36FD0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
68000
|
direct allocation
|
page read and write
|
||
|
353EE000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
100000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
63F5000
|
direct allocation
|
page execute and read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5395000
|
heap
|
page read and write
|
||
|
5358000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2B0000
|
heap
|
page read and write
|
||
|
35954000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
58F000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
7030000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
356A0000
|
remote allocation
|
page read and write
|
||
|
2344000
|
heap
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
53CC000
|
heap
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36FE0000
|
heap
|
page read and write
|
||
|
27AC000
|
stack
|
page read and write
|
||
|
3BED000
|
stack
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
134000
|
direct allocation
|
page read and write
|
||
|
7020000
|
direct allocation
|
page read and write
|
||
|
1875000
|
remote allocation
|
page execute and read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
6FD0000
|
direct allocation
|
page read and write
|
||
|
3290000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
359A0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35AB0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
4A75000
|
remote allocation
|
page execute and read and write
|
||
|
359FC000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36ECC000
|
stack
|
page read and write
|
||
|
35AA0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
570E000
|
stack
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
4075000
|
remote allocation
|
page execute and read and write
|
||
|
358A0000
|
direct allocation
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
542E000
|
heap
|
page read and write
|
||
|
B0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35B40000
|
direct allocation
|
page read and write
|
||
|
5433000
|
heap
|
page read and write
|
||
|
36B0E000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
81F5000
|
direct allocation
|
page execute and read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
59B000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35AF0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
356DE000
|
stack
|
page read and write
|
||
|
359AC000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
358A0000
|
direct allocation
|
page read and write
|
||
|
53C7000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
541F000
|
heap
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
5415000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
84000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page read and write
|
||
|
36B12000
|
direct allocation
|
page read and write
|
||
|
2275000
|
remote allocation
|
page execute and read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
35AC0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
5244000
|
heap
|
page read and write
|
||
|
358B4000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2255000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
70F0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
358A0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
3250000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
541B000
|
heap
|
page read and write
|
||
|
53B4000
|
heap
|
page read and write
|
||
|
32B0000
|
direct allocation
|
page read and write
|
||
|
5B1000
|
heap
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
7000000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2CE1000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5418000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
4FF5000
|
direct allocation
|
page execute and read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36A00000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
6C000
|
direct allocation
|
page read and write
|
||
|
58F000
|
heap
|
page read and write
|
||
|
53FE000
|
heap
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
36140000
|
direct allocation
|
page read and write
|
||
|
5B1000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2A58000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35AF0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
359F0000
|
direct allocation
|
page read and write
|
||
|
358B0000
|
direct allocation
|
page read and write
|
||
|
58F000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35B20000
|
direct allocation
|
page read and write
|
||
|
58F000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5418000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
353AD000
|
stack
|
page read and write
|
||
|
453000
|
unkown
|
page readonly
|
||
|
5244000
|
heap
|
page read and write
|
||
|
6FF0000
|
direct allocation
|
page read and write
|
||
|
356A0000
|
remote allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2A02000
|
heap
|
page read and write
|
||
|
2948000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5418000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
229E000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
2945000
|
heap
|
page read and write
|
||
|
35B50000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36C81000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
294E000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
358A0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
358B8000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
74000
|
direct allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
450000
|
unkown
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
358C0000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
108000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36C80000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
36574000
|
direct allocation
|
page read and write
|
||
|
7120000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
53CC000
|
heap
|
page read and write
|
||
|
6FC0000
|
direct allocation
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
32C0000
|
direct allocation
|
page read and write
|
||
|
5418000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
31D000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
74C000
|
stack
|
page read and write
|
||
|
59F5000
|
direct allocation
|
page execute and read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5B1000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
3240000
|
direct allocation
|
page read and write
|
||
|
64000
|
direct allocation
|
page read and write
|
||
|
53C7000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
2CC6000
|
heap
|
page read and write
|
||
|
A5F000
|
stack
|
page read and write
|
||
|
5418000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5244000
|
heap
|
page read and write
|
||
|
3526E000
|
stack
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
59B000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
35930000
|
direct allocation
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
4650000
|
heap
|
page read and write
|
||
|
53FE000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
6DF5000
|
direct allocation
|
page execute and read and write
|
There are 689 hidden memdumps, click here to show them.