Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Deolane-Video-PDF.vbs
|
Unicode text, UTF-8 text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\4wToa.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\n0EifhO_extraido\bOamY.exe (copy)
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\n0EifhO_extraido\wsx.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Software\registry_4131f52c.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\_MEI76722\VCRUNTIME140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\VCRUNTIME140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_asyncio.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_cffi_backend.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_ctypes.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_multiprocessing.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_overlapped.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_queue.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\_ssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-console-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-datetime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-debug-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-fibers-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-file-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-file-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-file-l2-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-handle-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-localization-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-memory-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-profile-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-synch-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-synch-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-timezone-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-core-util-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-conio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-convert-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-environment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-locale-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-math-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-process-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-time-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\api-ms-win-crt-utility-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\base_library.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\bcrypt\_bcrypt.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\certifi\cacert.pem
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\charset_normalizer\md.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\charset_normalizer\md__mypyc.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\INSTALLER
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\LICENSE.APACHE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\LICENSE.BSD
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\LICENSE.PSF
|
Unicode text, UTF-8 text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\METADATA
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\RECORD
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\WHEEL
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography-3.4.8.dist-info\top_level.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\cryptography\hazmat\bindings\_openssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\libffi-7.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\libssl-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\pyexpat.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\python3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\python38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\pywin32_system32\pywintypes38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\ucrtbase.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI76722\win32wnet.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\VCRUNTIME140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\VCRUNTIME140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_asyncio.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_cffi_backend.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_ctypes.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_multiprocessing.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_overlapped.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_queue.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\_ssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-console-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-datetime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-debug-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-fibers-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-file-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-file-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-file-l2-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-handle-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-localization-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-memory-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-profile-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-synch-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-synch-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-timezone-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-core-util-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-conio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-convert-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-environment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-locale-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-math-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-process-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-time-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\api-ms-win-crt-utility-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\base_library.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\bcrypt\_bcrypt.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\certifi\cacert.pem
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\charset_normalizer\md.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\charset_normalizer\md__mypyc.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\INSTALLER
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\LICENSE.APACHE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\LICENSE.BSD
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\LICENSE.PSF
|
Unicode text, UTF-8 text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\METADATA
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\RECORD
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\WHEEL
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography-3.4.8.dist-info\top_level.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\cryptography\hazmat\bindings\_openssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\libffi-7.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\libssl-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\pyexpat.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\python3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\python38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\pywin32_system32\pywintypes38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\ucrtbase.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI79002\win32wnet.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Software\lockfile
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 216
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 217
|
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
|
downloaded
|
||
|
Chrome Cache Entry: 218
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 219
|
data
|
downloaded
|
There are 158 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Deolane-Video-PDF.vbs"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\wscript.exe" "C:\Users\user\Desktop\Deolane-Video-PDF.vbs" /elevated
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /tn XHdU9gx7 /tr "C:\Users\user\AppData\Local\Temp\n0EifhO_extraido\bOamY.exe"
/sc once /st 05:31 /RL HIGHEST /f
|
|
|
|
C:\Users\user\AppData\Local\Temp\n0EifhO_extraido\bOamY.exe
|
C:\Users\user\AppData\Local\Temp\n0EifhO_extraido\bOamY.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\n0EifhO_extraido\bOamY.exe
|
C:\Users\user\AppData\Local\Temp\n0EifhO_extraido\bOamY.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "schtasks /query /tn "registry_4131f52c.exe""
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /query /tn "registry_4131f52c.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "schtasks /create /tn "registry_4131f52c.exe" /tr "C:\Users\user\AppData\Roaming\Software\registry_4131f52c.exe"
/sc onlogon /rl highest /f"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /create /tn "registry_4131f52c.exe" /tr "C:\Users\user\AppData\Roaming\Software\registry_4131f52c.exe" /sc onlogon
/rl highest /f
|
|
|
|
C:\Users\user\AppData\Roaming\Software\registry_4131f52c.exe
|
C:\Users\user\AppData\Roaming\Software\registry_4131f52c.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Software\registry_4131f52c.exe
|
C:\Users\user\AppData\Roaming\Software\registry_4131f52c.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "schtasks /query /tn "registry_4131f52c.exe""
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /query /tn "registry_4131f52c.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://estudosadulto.educacao.ws/deolane.mp4
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2368 --field-trial-handle=2336,i,6872769781051074881,1021578343780495582,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=5032 --field-trial-handle=2336,i,6872769781051074881,1021578343780495582,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 10 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://almeidadoprogresso.siteoficial.ws/wsx.zip
|
45.89.247.53
|
|
|
|
https://almeidadoprogresso.siteoficial.ws/
|
unknown
|
|
|
|
https://estudosadulto.educacao.ws/deola
|
unknown
|
|
|
|
https://github.com/asweigart/pyperclip/issues/55
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/conta.phprg
|
unknown
|
||
|
http://repository.swisssign.com/tV
|
unknown
|
||
|
https://cloud.google.com/appuser/docs/standard/runtimes
|
unknown
|
||
|
https://github.com/mhammond/pywin32
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/conta.php
|
191.252.83.191
|
||
|
http://crl.xrampsecurity.com/XGCA.crlbelow
|
unknown
|
||
|
http://docs.python.org/library/unittest.html
|
unknown
|
||
|
https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/salva.php
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crlY7
|
unknown
|
||
|
http://www.python.org/download/releases/2.3/mro/.
|
unknown
|
||
|
https://github.com/pyca/cryptography/actions?query=workflow%3ACI
|
unknown
|
||
|
http://crl.dhimyotis.com/certignarootca.crl;
|
unknown
|
||
|
http://www.cert.fnmt.es/dpcs/0J
|
unknown
|
||
|
https://tools.ietf.org/html/rfc2388#section-4.4
|
unknown
|
||
|
https://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://estudosadulto.educacao.ws/deolane.mp4#
|
unknown
|
||
|
http://docs.python.org/3/library/subprocess#subprocess.Popen.kill
|
unknown
|
||
|
https://codecov.io/github/pyca/cryptography/coverage.svg?branch=master
|
unknown
|
||
|
http://crl.dhimyotis.com/certignarootca.crl
|
unknown
|
||
|
http://curl.haxx.se/rfc/cookie_spec.html
|
unknown
|
||
|
http://ocsp.accv.es
|
unknown
|
||
|
http://www.python.org/dev/peps/pep-0205/
|
unknown
|
||
|
http://docs.python.org/3/library/subprocess#subprocess.Popen.returncode
|
unknown
|
||
|
https://stackoverflow.com/questions/455434/how-should-i-use-formatmessage-properly-in-c
|
unknown
|
||
|
https://estudosadulto.educacao.ws/contador/contador.php
|
unknown
|
||
|
http://json.org
|
unknown
|
||
|
https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
|
unknown
|
||
|
https://httpbin.org/get
|
unknown
|
||
|
http://httpbin.org/
|
unknown
|
||
|
http://91.92.246.171:5000/replace
|
unknown
|
||
|
https://wwww.certigna.fr/autorites/0m
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
|
unknown
|
||
|
https://codecov.io/github/pyca/cryptography?branch=master
|
unknown
|
||
|
https://httpbin.org/
|
unknown
|
||
|
https://www.apache.org/licenses/
|
unknown
|
||
|
https://wwww.certigna.fr/autorites/
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/conta.phprg)
|
unknown
|
||
|
http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
|
unknown
|
||
|
https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
|
unknown
|
||
|
https://cryptography.io/en/latest/installation.html
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl
|
unknown
|
||
|
http://wwwsearch.sf.net/):
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
|
unknown
|
||
|
http://www.accv.es/legislacion_c.htm
|
unknown
|
||
|
http://tools.ietf.org/html/rfc6125#section-6.4.3
|
unknown
|
||
|
https://github.com/pyca/bcrypt/__version_ex__4.2.0The
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl0
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/salva.phpp
|
unknown
|
||
|
http://www.cert.fnmt.es/dpcs/
|
unknown
|
||
|
http://www.accv.es00
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
|
unknown
|
||
|
https://github.com/pyca/cryptography/issues
|
unknown
|
||
|
https://readthedocs.org/projects/cryptography/badge/?version=latest
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
|
unknown
|
||
|
http://google.com/
|
unknown
|
||
|
http://repository.swisssign.com/76
|
unknown
|
||
|
https://mahler:8092/site-updates.py
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/stable/v2-migration-guide.html
|
unknown
|
||
|
http://ocsp.accv.esx
|
unknown
|
||
|
http://crl.securetrust.com/SGCA.crl
|
unknown
|
||
|
http://.../back.jpeg
|
unknown
|
||
|
https://github.com/pyca/cryptography
|
unknown
|
||
|
https://cryptography.io/
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#https-proxy-error-http-proxy
|
unknown
|
||
|
http://www.python.org/
|
unknown
|
||
|
https://httpbin.org/post
|
unknown
|
||
|
https://pyperclip.readthedocs.io/en/latest/index.html#not-implemented-error
|
unknown
|
||
|
https://docs.rs/getrandom#nodejs-es-module-support
|
unknown
|
||
|
https://github.com/Ousret/charset_normalizer
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/497
|
unknown
|
||
|
http://www.firmaprofesional.com/cps0
|
unknown
|
||
|
http://crl.securetrust.com/SGCA.crl0
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl0
|
unknown
|
||
|
http://yahoo.com/
|
unknown
|
||
|
https://estudosadulto.educacao.ws/deolane.mp4
|
|||
|
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
|
unknown
|
||
|
https://estudosadulto.educacao.ws/contador/contador.phpP
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
https://w3c.github.io/html/sec-forms.html#multipart-form-data
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
|
unknown
|
||
|
https://mail.python.org/mailman/listinfo/cryptography-dev
|
unknown
|
||
|
https://requests.readthedocs.io
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crlce
|
unknown
|
||
|
http://repository.swisssign.com/
|
unknown
|
||
|
http://python.org/dev/peps/pep-0263/
|
unknown
|
||
|
https://estudosadulto.educacao.ws/deolane.mp4C=N
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl
|
unknown
|
||
|
https://estudosadulto.educacao.ws/contador/contador.phpp
|
unknown
|
||
|
https://www.python.org
|
unknown
|
||
|
http://www.accv.es/legislacion_c.htm0U
|
unknown
|
||
|
http://ocsp.accv.es0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
almeidadoprogresso.siteoficial.ws
|
45.89.247.53
|
|
|
|
estudosadulto.educacao.ws
|
94.156.67.32
|
|
|
|
www.google.com
|
172.217.18.4
|
||
|
pontoslivelobb.servicos.ws
|
191.252.83.191
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.6
|
unknown
|
unknown
|
|
|
|
94.156.67.32
|
estudosadulto.educacao.ws
|
Bulgaria
|
|
|
|
45.89.247.53
|
almeidadoprogresso.siteoficial.ws
|
United Kingdom
|
|
|
|
172.217.18.4
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
191.252.83.191
|
pontoslivelobb.servicos.ws
|
Brazil
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} {000214E6-0000-0000-C000-000000000046} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
|
Implementing
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
25E7AF1D000
|
heap
|
page read and write
|
||
|
1E4F68BE000
|
heap
|
page read and write
|
||
|
1E4F61A0000
|
direct allocation
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
2F615AC000
|
stack
|
page read and write
|
||
|
7FFDA55E9000
|
unkown
|
page readonly
|
||
|
18B96790000
|
heap
|
page read and write
|
||
|
18B96988000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
18B9446F000
|
heap
|
page read and write
|
||
|
2F60DEC000
|
stack
|
page read and write
|
||
|
25E7C8B9000
|
heap
|
page read and write
|
||
|
1E4F66A5000
|
heap
|
page read and write
|
||
|
15670500000
|
heap
|
page read and write
|
||
|
23962D50000
|
heap
|
page read and write
|
||
|
844B9AC000
|
stack
|
page read and write
|
||
|
25E7C8B9000
|
heap
|
page read and write
|
||
|
7FF643AB0000
|
unkown
|
page readonly
|
||
|
25E7AF25000
|
heap
|
page read and write
|
||
|
7FF643AB0000
|
unkown
|
page readonly
|
||
|
25E7AF56000
|
heap
|
page read and write
|
||
|
23962D5C000
|
heap
|
page read and write
|
||
|
25E7C8B9000
|
heap
|
page read and write
|
||
|
7FFDAC066000
|
unkown
|
page readonly
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
18B944A1000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7E970000
|
heap
|
page read and write
|
||
|
25E7E5B2000
|
heap
|
page read and write
|
||
|
25E7E954000
|
heap
|
page read and write
|
||
|
7FFDA3C29000
|
unkown
|
page readonly
|
||
|
25E7CE82000
|
heap
|
page read and write
|
||
|
14CAE150000
|
heap
|
page readonly
|
||
|
7FFDA5819000
|
unkown
|
page readonly
|
||
|
2892CD30000
|
heap
|
page read and write
|
||
|
15670550000
|
heap
|
page read and write
|
||
|
7FFDA5B95000
|
unkown
|
page read and write
|
||
|
2892CCD0000
|
heap
|
page read and write
|
||
|
25E7E3F4000
|
heap
|
page read and write
|
||
|
7FF7ADC5C000
|
unkown
|
page read and write
|
||
|
7FFDA5499000
|
unkown
|
page readonly
|
||
|
7FFDA5BB4000
|
unkown
|
page readonly
|
||
|
258FED8F000
|
heap
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
7FFDA557A000
|
unkown
|
page read and write
|
||
|
7FF643AF0000
|
unkown
|
page read and write
|
||
|
7FFDA5592000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FFDA54C5000
|
unkown
|
page readonly
|
||
|
1E4F5D0D000
|
heap
|
page read and write
|
||
|
1E4F6E30000
|
direct allocation
|
page read and write
|
||
|
25E7C8BA000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
25E7AF2B000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7CE00000
|
remote allocation
|
page read and write
|
||
|
1E4F5CD1000
|
heap
|
page read and write
|
||
|
14CAE216000
|
heap
|
page read and write
|
||
|
7FFDA57FA000
|
unkown
|
page readonly
|
||
|
B6521FE000
|
stack
|
page read and write
|
||
|
18B96ECD000
|
heap
|
page read and write
|
||
|
1ABC06B0000
|
heap
|
page read and write
|
||
|
7FFDA39B2000
|
unkown
|
page readonly
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
18B96290000
|
direct allocation
|
page read and write
|
||
|
18B9445B000
|
heap
|
page read and write
|
||
|
B652AFB000
|
stack
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
18B94448000
|
heap
|
page read and write
|
||
|
7FFDA5490000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FFDA39AF000
|
unkown
|
page read and write
|
||
|
18B943D0000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
18B97200000
|
direct allocation
|
page read and write
|
||
|
25E7E8DF000
|
heap
|
page read and write
|
||
|
18B97660000
|
direct allocation
|
page read and write
|
||
|
18B972B0000
|
direct allocation
|
page read and write
|
||
|
18B97330000
|
direct allocation
|
page read and write
|
||
|
7FFDA5825000
|
unkown
|
page read and write
|
||
|
7FFDA3EB0000
|
unkown
|
page readonly
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
7FF643AB1000
|
unkown
|
page execute read
|
||
|
7FFDA3851000
|
unkown
|
page execute read
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
25E7AEBF000
|
heap
|
page read and write
|
||
|
25E7E371000
|
heap
|
page read and write
|
||
|
25E7ED0C000
|
heap
|
page read and write
|
||
|
25E7DC00000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FFDA3BF0000
|
unkown
|
page readonly
|
||
|
AAE69BE000
|
stack
|
page read and write
|
||
|
14CAE218000
|
heap
|
page read and write
|
||
|
18B97470000
|
direct allocation
|
page read and write
|
||
|
EB357FD000
|
stack
|
page read and write
|
||
|
7FFD93347000
|
unkown
|
page read and write
|
||
|
7FFDA3550000
|
unkown
|
page readonly
|
||
|
7FFDA4331000
|
unkown
|
page execute read
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
7FF643AB1000
|
unkown
|
page execute read
|
||
|
25E7CE30000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7AF40000
|
heap
|
page read and write
|
||
|
25E7E477000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
18B96730000
|
direct allocation
|
page read and write
|
||
|
2892EA30000
|
heap
|
page read and write
|
||
|
25E7E90C000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
EB34F14000
|
stack
|
page read and write
|
||
|
1E4F68FB000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7ED92000
|
heap
|
page read and write
|
||
|
25E7E3F4000
|
heap
|
page read and write
|
||
|
25E7E53E000
|
heap
|
page read and write
|
||
|
23962D81000
|
heap
|
page read and write
|
||
|
7FFDA4630000
|
unkown
|
page readonly
|
||
|
18B96A90000
|
direct allocation
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
25E7CEA6000
|
heap
|
page read and write
|
||
|
7FFDA386E000
|
unkown
|
page readonly
|
||
|
7FF7ADC11000
|
unkown
|
page execute read
|
||
|
1E4F6990000
|
direct allocation
|
page read and write
|
||
|
25E7EAFC000
|
heap
|
page read and write
|
||
|
25E7AE9E000
|
heap
|
page read and write
|
||
|
7FFDA54C0000
|
unkown
|
page readonly
|
||
|
18B971C0000
|
direct allocation
|
page read and write
|
||
|
25E7CE64000
|
heap
|
page read and write
|
||
|
25E7ED4F000
|
heap
|
page read and write
|
||
|
7FFD93469000
|
unkown
|
page read and write
|
||
|
25E7CE9F000
|
heap
|
page read and write
|
||
|
14CAE222000
|
heap
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
258FED8A000
|
heap
|
page read and write
|
||
|
7FFD83385000
|
unkown
|
page execute read
|
||
|
AAE63E3000
|
stack
|
page read and write
|
||
|
1E4F3B27000
|
heap
|
page read and write
|
||
|
7FFDA5560000
|
unkown
|
page readonly
|
||
|
7FFD83140000
|
unkown
|
page readonly
|
||
|
18B96650000
|
direct allocation
|
page read and write
|
||
|
1E4F6838000
|
heap
|
page read and write
|
||
|
3A783BF000
|
stack
|
page read and write
|
||
|
18B9449B000
|
heap
|
page read and write
|
||
|
1E4F3B5B000
|
heap
|
page read and write
|
||
|
25E7EE20000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
1E4F3B0F000
|
heap
|
page read and write
|
||
|
25E7DC07000
|
heap
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
25E7E906000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
2892CD5C000
|
heap
|
page read and write
|
||
|
25E7AE8C000
|
heap
|
page read and write
|
||
|
258FED93000
|
heap
|
page read and write
|
||
|
25E7E8CA000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
7FFD93352000
|
unkown
|
page readonly
|
||
|
7FFD83CFD000
|
unkown
|
page readonly
|
||
|
25E7E4FC000
|
heap
|
page read and write
|
||
|
18B94492000
|
heap
|
page read and write
|
||
|
1E4F3BB4000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
7FFDAC061000
|
unkown
|
page execute read
|
||
|
18B95E00000
|
heap
|
page read and write
|
||
|
EB356FE000
|
stack
|
page read and write
|
||
|
25E7EA78000
|
heap
|
page read and write
|
||
|
7FFDA55B1000
|
unkown
|
page execute read
|
||
|
1E4F3B68000
|
heap
|
page read and write
|
||
|
7FFD83031000
|
unkown
|
page execute read
|
||
|
7FFDA3FD0000
|
unkown
|
page readonly
|
||
|
25E7C8B4000
|
heap
|
page read and write
|
||
|
18B9449C000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
7FFDA46D5000
|
unkown
|
page readonly
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
EB35CFE000
|
stack
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
25E7EA78000
|
heap
|
page read and write
|
||
|
7FF643AB1000
|
unkown
|
page execute read
|
||
|
7FFD840F3000
|
unkown
|
page write copy
|
||
|
7FF7ADC11000
|
unkown
|
page execute read
|
||
|
B6522FE000
|
stack
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFDA46F2000
|
unkown
|
page readonly
|
||
|
1E4F5470000
|
heap
|
page read and write
|
||
|
7FFD83D19000
|
unkown
|
page readonly
|
||
|
7FFDA5B90000
|
unkown
|
page readonly
|
||
|
18B94472000
|
heap
|
page read and write
|
||
|
3A785AE000
|
stack
|
page read and write
|
||
|
1E4F6A80000
|
direct allocation
|
page read and write
|
||
|
25E7E8FF000
|
heap
|
page read and write
|
||
|
18B96C40000
|
direct allocation
|
page read and write
|
||
|
1E4F3B44000
|
heap
|
page read and write
|
||
|
1E4F5D34000
|
heap
|
page read and write
|
||
|
7FF643ADA000
|
unkown
|
page readonly
|
||
|
1E4F6510000
|
direct allocation
|
page read and write
|
||
|
18B9449C000
|
heap
|
page read and write
|
||
|
18B9444B000
|
heap
|
page read and write
|
||
|
18B962D0000
|
direct allocation
|
page read and write
|
||
|
2892CD49000
|
heap
|
page read and write
|
||
|
2F613BE000
|
stack
|
page read and write
|
||
|
844B7BF000
|
stack
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
18B966B0000
|
direct allocation
|
page read and write
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FFDA5BAE000
|
unkown
|
page readonly
|
||
|
2892CC60000
|
heap
|
page read and write
|
||
|
25E7AF23000
|
heap
|
page read and write
|
||
|
18B94467000
|
heap
|
page read and write
|
||
|
18B95E05000
|
heap
|
page read and write
|
||
|
25E7AE98000
|
heap
|
page read and write
|
||
|
7FFD831D0000
|
unkown
|
page execute read
|
||
|
25E7EABB000
|
heap
|
page read and write
|
||
|
1E4F5A90000
|
direct allocation
|
page read and write
|
||
|
7FFDA57F1000
|
unkown
|
page execute read
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
1E4F5F80000
|
heap
|
page read and write
|
||
|
25E7E636000
|
heap
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
25E7EDD4000
|
heap
|
page read and write
|
||
|
2892CD89000
|
heap
|
page read and write
|
||
|
25E7EDD3000
|
heap
|
page read and write
|
||
|
18B96A50000
|
direct allocation
|
page read and write
|
||
|
25E7CEA2000
|
heap
|
page read and write
|
||
|
7FFD83141000
|
unkown
|
page execute read
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
258FED8A000
|
heap
|
page read and write
|
||
|
25E7E478000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
1E4F3BA3000
|
heap
|
page read and write
|
||
|
14CAE190000
|
heap
|
page read and write
|
||
|
25E7AF18000
|
heap
|
page read and write
|
||
|
7FFDA4DA1000
|
unkown
|
page execute read
|
||
|
14CAFB20000
|
heap
|
page read and write
|
||
|
1E4F3B45000
|
heap
|
page read and write
|
||
|
25E7ED4E000
|
heap
|
page read and write
|
||
|
7FFDA55D4000
|
unkown
|
page readonly
|
||
|
7FFDA3880000
|
unkown
|
page readonly
|
||
|
25E7CE83000
|
heap
|
page read and write
|
||
|
23962F65000
|
heap
|
page read and write
|
||
|
2892CD2E000
|
heap
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
7FFD93360000
|
unkown
|
page readonly
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
14CAE216000
|
heap
|
page read and write
|
||
|
25E7B0D0000
|
heap
|
page read and write
|
||
|
18B96EE6000
|
heap
|
page read and write
|
||
|
258FED88000
|
heap
|
page read and write
|
||
|
2892EA30000
|
heap
|
page read and write
|
||
|
7FFDA55A0000
|
unkown
|
page readonly
|
||
|
18B965CD000
|
heap
|
page read and write
|
||
|
7FFDA5496000
|
unkown
|
page readonly
|
||
|
25E7EB80000
|
heap
|
page read and write
|
||
|
2892CF70000
|
heap
|
page read and write
|
||
|
EB355FE000
|
stack
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
1E4F5D50000
|
direct allocation
|
page read and write
|
||
|
18B96FCD000
|
heap
|
page read and write
|
||
|
25E7AEC9000
|
heap
|
page read and write
|
||
|
25E7EA36000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
18B94448000
|
heap
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
25E7E5F4000
|
heap
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
1E4F6C40000
|
direct allocation
|
page read and write
|
||
|
25E7E8CE000
|
heap
|
page read and write
|
||
|
15670810000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
25E7CE64000
|
heap
|
page read and write
|
||
|
2892CD36000
|
heap
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
18B967C1000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
1E4F5570000
|
direct allocation
|
page read and write
|
||
|
7FF7ADC11000
|
unkown
|
page execute read
|
||
|
25E7EDDA000
|
heap
|
page read and write
|
||
|
7FFDA3BF7000
|
unkown
|
page readonly
|
||
|
18B965B6000
|
heap
|
page read and write
|
||
|
2892EA2A000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
18B964D0000
|
heap
|
page read and write
|
||
|
7FFD8386A000
|
unkown
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
25E7AE8B000
|
heap
|
page read and write
|
||
|
1E4F5C51000
|
heap
|
page read and write
|
||
|
25E7CE00000
|
remote allocation
|
page read and write
|
||
|
7FFDAC145000
|
unkown
|
page readonly
|
||
|
18B94451000
|
heap
|
page read and write
|
||
|
25E7CEA7000
|
heap
|
page read and write
|
||
|
18B97130000
|
heap
|
page read and write
|
||
|
1E4F3B41000
|
heap
|
page read and write
|
||
|
25E7AF40000
|
heap
|
page read and write
|
||
|
7FFDA4636000
|
unkown
|
page readonly
|
||
|
1E4F3B88000
|
heap
|
page read and write
|
||
|
18B96610000
|
direct allocation
|
page read and write
|
||
|
AAE63EC000
|
stack
|
page read and write
|
||
|
7FFDA5547000
|
unkown
|
page readonly
|
||
|
7FFDAC144000
|
unkown
|
page read and write
|
||
|
18B966F0000
|
direct allocation
|
page read and write
|
||
|
25E7E8E8000
|
heap
|
page read and write
|
||
|
2892CD3F000
|
heap
|
page read and write
|
||
|
18B94448000
|
heap
|
page read and write
|
||
|
7FF643ADA000
|
unkown
|
page readonly
|
||
|
14CAE218000
|
heap
|
page read and write
|
||
|
18B9449B000
|
heap
|
page read and write
|
||
|
25E7DC10000
|
heap
|
page read and write
|
||
|
18B94495000
|
heap
|
page read and write
|
||
|
18B95CA0000
|
heap
|
page read and write
|
||
|
1E4F3B94000
|
heap
|
page read and write
|
||
|
25E7CEA2000
|
heap
|
page read and write
|
||
|
1E4F3B27000
|
heap
|
page read and write
|
||
|
18B964DD000
|
heap
|
page read and write
|
||
|
18B97074000
|
heap
|
page read and write
|
||
|
1E4F6D20000
|
direct allocation
|
page read and write
|
||
|
7FFD83479000
|
unkown
|
page readonly
|
||
|
15670805000
|
heap
|
page read and write
|
||
|
7FFDA38B0000
|
unkown
|
page readonly
|
||
|
14CAE1F0000
|
heap
|
page read and write
|
||
|
25E7E971000
|
heap
|
page read and write
|
||
|
1E4F5E80000
|
direct allocation
|
page read and write
|
||
|
2892EA21000
|
heap
|
page read and write
|
||
|
7FF643AED000
|
unkown
|
page read and write
|
||
|
7FF7ADC5E000
|
unkown
|
page readonly
|
||
|
7FFDAC122000
|
unkown
|
page readonly
|
||
|
1567055C000
|
heap
|
page read and write
|
||
|
14CAE216000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
258FED88000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
18B96B60000
|
direct allocation
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
1E4F6956000
|
heap
|
page read and write
|
||
|
AAE6BAF000
|
stack
|
page read and write
|
||
|
25E7EDD2000
|
heap
|
page read and write
|
||
|
25E7EDE3000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
1E4F6825000
|
heap
|
page read and write
|
||
|
1E4F3B38000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
18B973F0000
|
direct allocation
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
1E4F3B44000
|
heap
|
page read and write
|
||
|
2892CD21000
|
heap
|
page read and write
|
||
|
18B94464000
|
heap
|
page read and write
|
||
|
7FFDA5826000
|
unkown
|
page readonly
|
||
|
2892CD5C000
|
heap
|
page read and write
|
||
|
7FFDAC130000
|
unkown
|
page readonly
|
||
|
7FFDA3BFF000
|
unkown
|
page readonly
|
||
|
2892CD57000
|
heap
|
page read and write
|
||
|
1E4F3AB0000
|
heap
|
page read and write
|
||
|
1E4F6B40000
|
direct allocation
|
page read and write
|
||
|
1E4F6DE0000
|
direct allocation
|
page read and write
|
||
|
25E7EDEC000
|
heap
|
page read and write
|
||
|
7FFDA4330000
|
unkown
|
page readonly
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
7FFD83409000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
1E4F3B38000
|
heap
|
page read and write
|
||
|
1E4F6160000
|
direct allocation
|
page read and write
|
||
|
1E4F3B88000
|
heap
|
page read and write
|
||
|
1E4F6C00000
|
direct allocation
|
page read and write
|
||
|
7FFD830DB000
|
unkown
|
page readonly
|
||
|
25E7C8BA000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
25E7E8DF000
|
heap
|
page read and write
|
||
|
25E7AF46000
|
heap
|
page read and write
|
||
|
258FED8B000
|
heap
|
page read and write
|
||
|
7FF7ADC3A000
|
unkown
|
page readonly
|
||
|
2892CD32000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
25E7EA37000
|
heap
|
page read and write
|
||
|
7FF643AED000
|
unkown
|
page read and write
|
||
|
2892EA26000
|
heap
|
page read and write
|
||
|
25E7AF56000
|
heap
|
page read and write
|
||
|
1E4F5C66000
|
heap
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FFDA5473000
|
unkown
|
page read and write
|
||
|
25E7DAF0000
|
heap
|
page read and write
|
||
|
7FFDA3974000
|
unkown
|
page readonly
|
||
|
25E7E780000
|
heap
|
page read and write
|
||
|
7FFD838C1000
|
unkown
|
page execute read
|
||
|
7FFD9340B000
|
unkown
|
page readonly
|
||
|
EB353FE000
|
stack
|
page read and write
|
||
|
25E7CE16000
|
heap
|
page read and write
|
||
|
18B96F6C000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
25E7CA40000
|
heap
|
page read and write
|
||
|
1E4F6A80000
|
direct allocation
|
page read and write
|
||
|
25E7AF52000
|
heap
|
page read and write
|
||
|
25E7ED90000
|
heap
|
page read and write
|
||
|
18B9446F000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7C8DA000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
2892CD5C000
|
heap
|
page read and write
|
||
|
7FFD831CA000
|
unkown
|
page execute read
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
14CAE1FF000
|
heap
|
page read and write
|
||
|
1E4F3AC0000
|
heap
|
page read and write
|
||
|
18B9444B000
|
heap
|
page read and write
|
||
|
258FED93000
|
heap
|
page read and write
|
||
|
25E7E6FC000
|
heap
|
page read and write
|
||
|
7FFDA3FD1000
|
unkown
|
page execute read
|
||
|
EB35BFB000
|
stack
|
page read and write
|
||
|
63D5BFF000
|
stack
|
page read and write
|
||
|
7FFDA5531000
|
unkown
|
page execute read
|
||
|
1E4F5DD0000
|
direct allocation
|
page read and write
|
||
|
7FF643AB0000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
258FED8A000
|
heap
|
page read and write
|
||
|
1E4F5C50000
|
heap
|
page read and write
|
||
|
25E7C8B1000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFD83CCE000
|
unkown
|
page readonly
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
18B94464000
|
heap
|
page read and write
|
||
|
25E7DC11000
|
heap
|
page read and write
|
||
|
7FFDAC10D000
|
unkown
|
page readonly
|
||
|
7FFD83CF5000
|
unkown
|
page read and write
|
||
|
2892EA20000
|
heap
|
page read and write
|
||
|
1E4F6DE0000
|
direct allocation
|
page read and write
|
||
|
25E7ECCB000
|
heap
|
page read and write
|
||
|
18B96D80000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFD84137000
|
unkown
|
page readonly
|
||
|
7FF7ADC3A000
|
unkown
|
page readonly
|
||
|
7FFDA55F3000
|
unkown
|
page readonly
|
||
|
18B94467000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
1E4F3B5B000
|
heap
|
page read and write
|
||
|
25E7C8D8000
|
heap
|
page read and write
|
||
|
14CAE222000
|
heap
|
page read and write
|
||
|
25E7E9B2000
|
heap
|
page read and write
|
||
|
25E7E73E000
|
heap
|
page read and write
|
||
|
25E7EBC3000
|
heap
|
page read and write
|
||
|
7FFDAC109000
|
unkown
|
page read and write
|
||
|
18B96CC0000
|
direct allocation
|
page read and write
|
||
|
7FFDA54C4000
|
unkown
|
page read and write
|
||
|
7FFD83C83000
|
unkown
|
page readonly
|
||
|
2892CD49000
|
heap
|
page read and write
|
||
|
258FED85000
|
heap
|
page read and write
|
||
|
2892CCD9000
|
heap
|
page read and write
|
||
|
7FFDA5BA1000
|
unkown
|
page execute read
|
||
|
18B943EE000
|
heap
|
page read and write
|
||
|
7FFDA4633000
|
unkown
|
page readonly
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
25E7CE38000
|
heap
|
page read and write
|
||
|
18B9449B000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
1E4F3B5C000
|
heap
|
page read and write
|
||
|
12F9CFF000
|
stack
|
page read and write
|
||
|
25E7E478000
|
heap
|
page read and write
|
||
|
2892CD2F000
|
heap
|
page read and write
|
||
|
25E7EDED000
|
heap
|
page read and write
|
||
|
25E7AE60000
|
heap
|
page read and write
|
||
|
7FF7ADC5C000
|
unkown
|
page read and write
|
||
|
7FFDA5594000
|
unkown
|
page readonly
|
||
|
7FFD83D30000
|
unkown
|
page readonly
|
||
|
18B94495000
|
heap
|
page read and write
|
||
|
25E7E954000
|
heap
|
page read and write
|
||
|
844B1D6000
|
stack
|
page read and write
|
||
|
7FFDA3EB9000
|
unkown
|
page read and write
|
||
|
7FFDA581D000
|
unkown
|
page readonly
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
25E7C8D3000
|
heap
|
page read and write
|
||
|
7FFDA4339000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
25E7E919000
|
heap
|
page read and write
|
||
|
7FFD838C0000
|
unkown
|
page readonly
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
2892CDB1000
|
heap
|
page read and write
|
||
|
25E7C8C0000
|
heap
|
page read and write
|
||
|
25E7E8FF000
|
heap
|
page read and write
|
||
|
2892CD89000
|
heap
|
page read and write
|
||
|
25E7ED9D000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
7FFDA5BA0000
|
unkown
|
page readonly
|
||
|
25E7AF2B000
|
heap
|
page read and write
|
||
|
1E4F3BB1000
|
heap
|
page read and write
|
||
|
25E7EB80000
|
heap
|
page read and write
|
||
|
18B9444B000
|
heap
|
page read and write
|
||
|
25E7E846000
|
heap
|
page read and write
|
||
|
25E7C8D8000
|
heap
|
page read and write
|
||
|
25E7E478000
|
heap
|
page read and write
|
||
|
7FFD932B1000
|
unkown
|
page execute read
|
||
|
14CAE222000
|
heap
|
page read and write
|
||
|
1E4F3B41000
|
heap
|
page read and write
|
||
|
25E7CE80000
|
heap
|
page read and write
|
||
|
7FFD83A45000
|
unkown
|
page execute read
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
1E4F6B80000
|
direct allocation
|
page read and write
|
||
|
18B94467000
|
heap
|
page read and write
|
||
|
1E4F6DA0000
|
direct allocation
|
page read and write
|
||
|
844B1EC000
|
stack
|
page read and write
|
||
|
25E7EDF0000
|
heap
|
page read and write
|
||
|
258FED8A000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
1E4F5F6A000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
7FFD83387000
|
unkown
|
page readonly
|
||
|
25E7E942000
|
heap
|
page read and write
|
||
|
1E4F62A0000
|
direct allocation
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
25E7AEBE000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
1E4F6C90000
|
direct allocation
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFD831DD000
|
unkown
|
page execute read
|
||
|
7FFDA3850000
|
unkown
|
page readonly
|
||
|
25E7EC46000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE160000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
1E4F3B33000
|
heap
|
page read and write
|
||
|
18B94437000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
1E4F54B0000
|
direct allocation
|
page read and write
|
||
|
25E7ED90000
|
heap
|
page read and write
|
||
|
25E7C8D8000
|
heap
|
page read and write
|
||
|
3A77DE3000
|
stack
|
page read and write
|
||
|
7FFDA46DA000
|
unkown
|
page readonly
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFDAC140000
|
unkown
|
page readonly
|
||
|
1E4F6C40000
|
direct allocation
|
page read and write
|
||
|
25E7C8C3000
|
heap
|
page read and write
|
||
|
18B944A8000
|
heap
|
page read and write
|
||
|
1E4F3B88000
|
heap
|
page read and write
|
||
|
25E7EDE0000
|
heap
|
page read and write
|
||
|
25E7CE87000
|
heap
|
page read and write
|
||
|
25E7E437000
|
heap
|
page read and write
|
||
|
25E7E8CE000
|
heap
|
page read and write
|
||
|
25E7B0DA000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
2892EA2A000
|
heap
|
page read and write
|
||
|
7FF7ADC4D000
|
unkown
|
page read and write
|
||
|
7FFD93465000
|
unkown
|
page readonly
|
||
|
7FFDA546E000
|
unkown
|
page readonly
|
||
|
25E7AF40000
|
heap
|
page read and write
|
||
|
25E7E436000
|
heap
|
page read and write
|
||
|
18B943D8000
|
heap
|
page read and write
|
||
|
18B973B0000
|
direct allocation
|
page read and write
|
||
|
25E7AE97000
|
heap
|
page read and write
|
||
|
3A77DEC000
|
stack
|
page read and write
|
||
|
7FFD93407000
|
unkown
|
page readonly
|
||
|
14CAE222000
|
heap
|
page read and write
|
||
|
25E7AEC5000
|
heap
|
page read and write
|
||
|
7FFD839BF000
|
unkown
|
page read and write
|
||
|
7FFD8370C000
|
unkown
|
page readonly
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
25E7E947000
|
heap
|
page read and write
|
||
|
7FFDA5800000
|
unkown
|
page readonly
|
||
|
7FFD8314D000
|
unkown
|
page execute read
|
||
|
18B944AF000
|
heap
|
page read and write
|
||
|
2892CC80000
|
heap
|
page read and write
|
||
|
18B96490000
|
direct allocation
|
page read and write
|
||
|
25E7C8C0000
|
heap
|
page read and write
|
||
|
258FED6F000
|
heap
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
B6524FE000
|
stack
|
page read and write
|
||
|
18B97550000
|
direct allocation
|
page read and write
|
||
|
18B969D0000
|
direct allocation
|
page read and write
|
||
|
7FFD83135000
|
unkown
|
page readonly
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
25E7E370000
|
heap
|
page read and write
|
||
|
25E7E954000
|
heap
|
page read and write
|
||
|
1E4F55C5000
|
heap
|
page read and write
|
||
|
25E7ED0C000
|
heap
|
page read and write
|
||
|
18B972B0000
|
direct allocation
|
page read and write
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
1E4F668C000
|
heap
|
page read and write
|
||
|
25E7E9F4000
|
heap
|
page read and write
|
||
|
7FFD83A7D000
|
unkown
|
page execute read
|
||
|
25E7E846000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
258FED00000
|
heap
|
page read and write
|
||
|
7FFDA5B91000
|
unkown
|
page execute read
|
||
|
7FF7ADC10000
|
unkown
|
page readonly
|
||
|
18B96610000
|
direct allocation
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
1E4F6260000
|
direct allocation
|
page read and write
|
||
|
1E4F3B33000
|
heap
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
7FFDAC131000
|
unkown
|
page execute read
|
||
|
258FF3E0000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
18B97200000
|
direct allocation
|
page read and write
|
||
|
18B9445C000
|
heap
|
page read and write
|
||
|
B6529FE000
|
stack
|
page read and write
|
||
|
1E4F6C40000
|
direct allocation
|
page read and write
|
||
|
7FFD839E0000
|
unkown
|
page readonly
|
||
|
1E4F3B45000
|
heap
|
page read and write
|
||
|
7FFD83A70000
|
unkown
|
page execute read
|
||
|
1E4F55C0000
|
heap
|
page read and write
|
||
|
1E4F3B45000
|
heap
|
page read and write
|
||
|
7FFD839E1000
|
unkown
|
page execute read
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FF643AFE000
|
unkown
|
page readonly
|
||
|
25E7AEB9000
|
heap
|
page read and write
|
||
|
25E7EB3E000
|
heap
|
page read and write
|
||
|
25E7CE37000
|
heap
|
page read and write
|
||
|
7FFD83D1D000
|
unkown
|
page readonly
|
||
|
25E7E7C2000
|
heap
|
page read and write
|
||
|
EB352FE000
|
stack
|
page read and write
|
||
|
25E7EBC2000
|
heap
|
page read and write
|
||
|
18B97180000
|
direct allocation
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
18B96798000
|
heap
|
page read and write
|
||
|
7FFDA3FD2000
|
unkown
|
page readonly
|
||
|
7FFD8386F000
|
unkown
|
page read and write
|
||
|
25E7EE24000
|
heap
|
page read and write
|
||
|
1E4F3B38000
|
heap
|
page read and write
|
||
|
25E7EDDB000
|
heap
|
page read and write
|
||
|
25E7E95D000
|
heap
|
page read and write
|
||
|
7FFD8371E000
|
unkown
|
page readonly
|
||
|
7FFDA5BB3000
|
unkown
|
page read and write
|
||
|
7FFDA38A3000
|
unkown
|
page read and write
|
||
|
1E4F5C51000
|
heap
|
page read and write
|
||
|
7FFDA55A6000
|
unkown
|
page readonly
|
||
|
7FFDA5561000
|
unkown
|
page execute read
|
||
|
2892EA23000
|
heap
|
page read and write
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
7FFDA55D3000
|
unkown
|
page read and write
|
||
|
7FFDA46D1000
|
unkown
|
page execute read
|
||
|
25E7EE23000
|
heap
|
page read and write
|
||
|
1E4F3B41000
|
heap
|
page read and write
|
||
|
18B965C9000
|
heap
|
page read and write
|
||
|
1E4F3B81000
|
heap
|
page read and write
|
||
|
25E7C8B0000
|
heap
|
page read and write
|
||
|
7FFDA386A000
|
unkown
|
page read and write
|
||
|
7FFDAC069000
|
unkown
|
page readonly
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
25E7E3B2000
|
heap
|
page read and write
|
||
|
1ABC06EC000
|
heap
|
page read and write
|
||
|
1E4F6330000
|
direct allocation
|
page read and write
|
||
|
1E4F3C90000
|
heap
|
page readonly
|
||
|
7FFDA4343000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFD83FAC000
|
unkown
|
page readonly
|
||
|
7FFD83CA9000
|
unkown
|
page readonly
|
||
|
258FED7E000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
7FFD830E0000
|
unkown
|
page readonly
|
||
|
25E7DC02000
|
heap
|
page read and write
|
||
|
25E7EDF3000
|
heap
|
page read and write
|
||
|
2892CD89000
|
heap
|
page read and write
|
||
|
1E4F6450000
|
direct allocation
|
page read and write
|
||
|
7FFD83139000
|
unkown
|
page read and write
|
||
|
25E7E8CA000
|
heap
|
page read and write
|
||
|
25E7E8E9000
|
heap
|
page read and write
|
||
|
7FFDA4341000
|
unkown
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
2F6179F000
|
stack
|
page read and write
|
||
|
7FFD83491000
|
unkown
|
page execute read
|
||
|
1E4F69D0000
|
direct allocation
|
page read and write
|
||
|
7FFD8308C000
|
unkown
|
page readonly
|
||
|
25E7E8FF000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7EC88000
|
heap
|
page read and write
|
||
|
7FFDA5522000
|
unkown
|
page readonly
|
||
|
1E4F3B38000
|
heap
|
page read and write
|
||
|
25E7EB3F000
|
heap
|
page read and write
|
||
|
7FFDA553A000
|
unkown
|
page readonly
|
||
|
1E4F5DD0000
|
direct allocation
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
1E4F3B99000
|
heap
|
page read and write
|
||
|
25E7DC06000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
844BD8F000
|
stack
|
page read and write
|
||
|
25E7D9EF000
|
heap
|
page read and write
|
||
|
25E7E9F4000
|
heap
|
page read and write
|
||
|
18B96610000
|
direct allocation
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
25E7E8E5000
|
heap
|
page read and write
|
||
|
25E7E6BA000
|
heap
|
page read and write
|
||
|
2892CD28000
|
heap
|
page read and write
|
||
|
7FFDA46D9000
|
unkown
|
page read and write
|
||
|
7FFD93324000
|
unkown
|
page readonly
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
EB358FE000
|
stack
|
page read and write
|
||
|
18B970E8000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
258FED93000
|
heap
|
page read and write
|
||
|
25E7E480000
|
heap
|
page read and write
|
||
|
1E4F3B27000
|
heap
|
page read and write
|
||
|
7FFD8313B000
|
unkown
|
page readonly
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFDA55A3000
|
unkown
|
page readonly
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
7FFDA55F1000
|
unkown
|
page read and write
|
||
|
25E7CEA2000
|
heap
|
page read and write
|
||
|
7FFD84024000
|
unkown
|
page readonly
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
7FFDAC102000
|
unkown
|
page readonly
|
||
|
14CAE222000
|
heap
|
page read and write
|
||
|
7FFDA4635000
|
unkown
|
page read and write
|
||
|
25E7E6BA000
|
heap
|
page read and write
|
||
|
7FFDA4DA6000
|
unkown
|
page readonly
|
||
|
18B94451000
|
heap
|
page read and write
|
||
|
25E7E888000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FFD831B9000
|
unkown
|
page execute read
|
||
|
7FFDA57F0000
|
unkown
|
page readonly
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
7FFDA5460000
|
unkown
|
page readonly
|
||
|
7FF7ADC4D000
|
unkown
|
page write copy
|
||
|
7FFD83C52000
|
unkown
|
page readonly
|
||
|
B6525FE000
|
stack
|
page read and write
|
||
|
1E4F6691000
|
heap
|
page read and write
|
||
|
7FFD9334C000
|
unkown
|
page readonly
|
||
|
18B96610000
|
direct allocation
|
page read and write
|
||
|
1E4F3B0F000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7ED9D000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
1E4F6590000
|
heap
|
page read and write
|
||
|
1E4F3BA5000
|
heap
|
page read and write
|
||
|
1ABC07E0000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
7FF7ADC3A000
|
unkown
|
page readonly
|
||
|
7FFDA4DA3000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7D03C000
|
heap
|
page read and write
|
||
|
1E4F68C4000
|
heap
|
page read and write
|
||
|
844BB9E000
|
stack
|
page read and write
|
||
|
7FFD83C25000
|
unkown
|
page execute read
|
||
|
18B97430000
|
direct allocation
|
page read and write
|
||
|
1E4F3B88000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
18B9444A000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
18B9446F000
|
heap
|
page read and write
|
||
|
7FFDA4DA0000
|
unkown
|
page readonly
|
||
|
18B94495000
|
heap
|
page read and write
|
||
|
25E7E942000
|
heap
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
1E4F3B88000
|
heap
|
page read and write
|
||
|
25E7EC88000
|
heap
|
page read and write
|
||
|
7FFDA35C4000
|
unkown
|
page readonly
|
||
|
B6528FE000
|
stack
|
page read and write
|
||
|
25E7EDE5000
|
heap
|
page read and write
|
||
|
1E4F5EC0000
|
direct allocation
|
page read and write
|
||
|
18B96D00000
|
direct allocation
|
page read and write
|
||
|
18B94451000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
25E7AEAE000
|
heap
|
page read and write
|
||
|
25E7E8E4000
|
heap
|
page read and write
|
||
|
7FFDA3881000
|
unkown
|
page execute read
|
||
|
14CAE218000
|
heap
|
page read and write
|
||
|
7FFD8342E000
|
unkown
|
page readonly
|
||
|
7FFDA5520000
|
unkown
|
page readonly
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
7FFDAC060000
|
unkown
|
page readonly
|
||
|
7FFDA554C000
|
unkown
|
page read and write
|
||
|
25E7C8B6000
|
heap
|
page read and write
|
||
|
7FFD932B0000
|
unkown
|
page readonly
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
2892CCFF000
|
heap
|
page read and write
|
||
|
25E7AD60000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFDA3EB5000
|
unkown
|
page readonly
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
7FFD93410000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFD8345D000
|
unkown
|
page readonly
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
1E4F3B41000
|
heap
|
page read and write
|
||
|
18B96928000
|
heap
|
page read and write
|
||
|
25E7E9B3000
|
heap
|
page read and write
|
||
|
18B97370000
|
direct allocation
|
page read and write
|
||
|
18B95D60000
|
direct allocation
|
page read and write
|
||
|
18B94464000
|
heap
|
page read and write
|
||
|
25E7AEB8000
|
heap
|
page read and write
|
||
|
18B944C9000
|
heap
|
page read and write
|
||
|
1E4F6919000
|
heap
|
page read and write
|
||
|
7FFDA38A4000
|
unkown
|
page readonly
|
||
|
25E7AF18000
|
heap
|
page read and write
|
||
|
25E7EDE3000
|
heap
|
page read and write
|
||
|
18B94448000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
18B96990000
|
direct allocation
|
page read and write
|
||
|
7FF643AB1000
|
unkown
|
page execute read
|
||
|
1E4F6220000
|
direct allocation
|
page read and write
|
||
|
7FF643AFC000
|
unkown
|
page read and write
|
||
|
25E7EABA000
|
heap
|
page read and write
|
||
|
7FFD83030000
|
unkown
|
page readonly
|
||
|
1E4F6E70000
|
direct allocation
|
page read and write
|
||
|
7FFD83CFB000
|
unkown
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
18B96F8B000
|
heap
|
page read and write
|
||
|
1E4F3CA0000
|
heap
|
page read and write
|
||
|
1E4F3B38000
|
heap
|
page read and write
|
||
|
7FFD93322000
|
unkown
|
page execute read
|
||
|
2892CD49000
|
heap
|
page read and write
|
||
|
258FED68000
|
heap
|
page read and write
|
||
|
7FFDA5491000
|
unkown
|
page execute read
|
||
|
25E7EC04000
|
heap
|
page read and write
|
||
|
18B94495000
|
heap
|
page read and write
|
||
|
25E7ED92000
|
heap
|
page read and write
|
||
|
7FFDA55BD000
|
unkown
|
page readonly
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
1E4F5A50000
|
direct allocation
|
page read and write
|
||
|
7FFD83FBE000
|
unkown
|
page readonly
|
||
|
1E4F3BA2000
|
heap
|
page read and write
|
||
|
1E4F3B3A000
|
heap
|
page read and write
|
||
|
14CAE218000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
18B94448000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
2892CD40000
|
heap
|
page read and write
|
||
|
2892CD57000
|
heap
|
page read and write
|
||
|
1E4F5D40000
|
heap
|
page read and write
|
||
|
25E7C8BA000
|
heap
|
page read and write
|
||
|
25E7C8B3000
|
heap
|
page read and write
|
||
|
1E4F613C000
|
heap
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
18B96610000
|
direct allocation
|
page read and write
|
||
|
1E4F3B41000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
25E7E95A000
|
heap
|
page read and write
|
||
|
23962D30000
|
heap
|
page read and write
|
||
|
7FF7ADC5E000
|
unkown
|
page readonly
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
25E7E5F5000
|
heap
|
page read and write
|
||
|
18B96D40000
|
direct allocation
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
14CAE070000
|
heap
|
page read and write
|
||
|
7FFD83784000
|
unkown
|
page readonly
|
||
|
25E7AEBF000
|
heap
|
page read and write
|
||
|
7FFDA389E000
|
unkown
|
page write copy
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
25E7CA44000
|
heap
|
page read and write
|
||
|
7FFDA3BFC000
|
unkown
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
18B95CE0000
|
direct allocation
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
7FFD83853000
|
unkown
|
page write copy
|
||
|
7FFDA4631000
|
unkown
|
page execute read
|
||
|
15670530000
|
heap
|
page read and write
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
2892CF7A000
|
heap
|
page read and write
|
||
|
18B94451000
|
heap
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
2F6198F000
|
stack
|
page read and write
|
||
|
1E4F3B27000
|
heap
|
page read and write
|
||
|
1E4F3B38000
|
heap
|
page read and write
|
||
|
7FFDA3EBA000
|
unkown
|
page readonly
|
||
|
1E4F6013000
|
heap
|
page read and write
|
||
|
2892CB80000
|
heap
|
page read and write
|
||
|
25E7E73E000
|
heap
|
page read and write
|
||
|
7FFDA3C11000
|
unkown
|
page execute read
|
||
|
1E4F3B8E000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
25E7AE9F000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
18B9446F000
|
heap
|
page read and write
|
||
|
1E4F6C00000
|
direct allocation
|
page read and write
|
||
|
14CAE218000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE218000
|
heap
|
page read and write
|
||
|
1E4F5C10000
|
direct allocation
|
page read and write
|
||
|
25E7EDEC000
|
heap
|
page read and write
|
||
|
14CAE21C000
|
heap
|
page read and write
|
||
|
1E4F62E0000
|
direct allocation
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
25E7E4BA000
|
heap
|
page read and write
|
||
|
7FFDA388D000
|
unkown
|
page readonly
|
||
|
1E4F5E20000
|
direct allocation
|
page read and write
|
||
|
1E4F6AC0000
|
direct allocation
|
page read and write
|
||
|
79E9AFB000
|
stack
|
page read and write
|
||
|
1ABC0800000
|
heap
|
page read and write
|
||
|
1E4F5DD0000
|
direct allocation
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7E8CA000
|
heap
|
page read and write
|
||
|
7FFDA54C7000
|
unkown
|
page readonly
|
||
|
25E01260000
|
trusted library allocation
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
1E4F3B8E000
|
heap
|
page read and write
|
||
|
7FFD831A5000
|
unkown
|
page execute read
|
||
|
1E4F6550000
|
direct allocation
|
page read and write
|
||
|
14CAE222000
|
heap
|
page read and write
|
||
|
25E7E90D000
|
heap
|
page read and write
|
||
|
18B94451000
|
heap
|
page read and write
|
||
|
25E7CE00000
|
remote allocation
|
page read and write
|
||
|
1E4F3B41000
|
heap
|
page read and write
|
||
|
25E7E955000
|
heap
|
page read and write
|
||
|
7FFDA5B96000
|
unkown
|
page readonly
|
||
|
18B969D0000
|
direct allocation
|
page read and write
|
||
|
7FFD83C27000
|
unkown
|
page readonly
|
||
|
25E7CE9E000
|
heap
|
page read and write
|
||
|
7FFDA5539000
|
unkown
|
page read and write
|
||
|
25E7E8DF000
|
heap
|
page read and write
|
||
|
18B95DA0000
|
direct allocation
|
page read and write
|
||
|
2892CD57000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE1F8000
|
heap
|
page read and write
|
||
|
18B96B10000
|
direct allocation
|
page read and write
|
||
|
7FFDA57F9000
|
unkown
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
7FFD933BC000
|
unkown
|
page readonly
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FF7ADC3A000
|
unkown
|
page readonly
|
||
|
1E4F5D50000
|
direct allocation
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
25E7EE22000
|
heap
|
page read and write
|
||
|
25E7AEB8000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
2892CD49000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
18B96450000
|
direct allocation
|
page read and write
|
||
|
1E4F54F0000
|
direct allocation
|
page read and write
|
||
|
7FFDA4DA5000
|
unkown
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
14CAE216000
|
heap
|
page read and write
|
||
|
18B94464000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
7FFDA3C2D000
|
unkown
|
page readonly
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
7FFDA3C35000
|
unkown
|
page read and write
|
||
|
1E4F3B38000
|
heap
|
page read and write
|
||
|
7FFD839C2000
|
unkown
|
page readonly
|
||
|
25E7AEB1000
|
heap
|
page read and write
|
||
|
63D572C000
|
stack
|
page read and write
|
||
|
7FFDA5B93000
|
unkown
|
page readonly
|
||
|
3A77DEA000
|
stack
|
page read and write
|
||
|
7FFD83691000
|
unkown
|
page readonly
|
||
|
1E4F5F91000
|
heap
|
page read and write
|
||
|
7FFD83036000
|
unkown
|
page readonly
|
||
|
25E7EDD4000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
25E7E8E4000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
1E4F3B94000
|
heap
|
page read and write
|
||
|
23962D20000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
25E7C8D8000
|
heap
|
page read and write
|
||
|
1E4F61A0000
|
direct allocation
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FFDA46E1000
|
unkown
|
page execute read
|
||
|
25E7C8DA000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
18B96BF0000
|
direct allocation
|
page read and write
|
||
|
25E7E805000
|
heap
|
page read and write
|
||
|
25E7EAFC000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
25E7E93E000
|
heap
|
page read and write
|
||
|
18B942E0000
|
heap
|
page read and write
|
||
|
7FFDA5474000
|
unkown
|
page readonly
|
||
|
25E7EC04000
|
heap
|
page read and write
|
||
|
7FFDA3BF1000
|
unkown
|
page execute read
|
||
|
1E4F5F00000
|
direct allocation
|
page read and write
|
||
|
25E7AECB000
|
heap
|
page read and write
|
||
|
EB35AFB000
|
stack
|
page read and write
|
||
|
1E4F3B88000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
23962F20000
|
heap
|
page read and write
|
||
|
7FF643ADA000
|
unkown
|
page readonly
|
||
|
7FFD839ED000
|
unkown
|
page execute read
|
||
|
25E7CE98000
|
heap
|
page read and write
|
||
|
25E7E8E8000
|
heap
|
page read and write
|
||
|
25E7ED0C000
|
heap
|
page read and write
|
||
|
79E9BFF000
|
unkown
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
25E7EDEB000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
18B944C9000
|
heap
|
page read and write
|
||
|
25E7E8FF000
|
heap
|
page read and write
|
||
|
7FFDA46D0000
|
unkown
|
page readonly
|
||
|
2892CD5C000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
2892CD36000
|
heap
|
page read and write
|
||
|
7FFDA35F2000
|
unkown
|
page readonly
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
18B94462000
|
heap
|
page read and write
|
||
|
7FFD8345B000
|
unkown
|
page read and write
|
||
|
18B944BE000
|
heap
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFDA5535000
|
unkown
|
page readonly
|
||
|
7FF7ADC4D000
|
unkown
|
page write copy
|
||
|
18B96AD0000
|
direct allocation
|
page read and write
|
||
|
7FFDA54B1000
|
unkown
|
page execute read
|
||
|
7FFDA5590000
|
unkown
|
page readonly
|
||
|
258FED60000
|
heap
|
page read and write
|
||
|
7FFDA5540000
|
unkown
|
page readonly
|
||
|
1E4F6DE0000
|
direct allocation
|
page read and write
|
||
|
14CAE218000
|
heap
|
page read and write
|
||
|
12F9AFC000
|
stack
|
page read and write
|
||
|
7FFDA5801000
|
unkown
|
page execute read
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
15670510000
|
heap
|
page read and write
|
||
|
18B94467000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7CEA7000
|
heap
|
page read and write
|
||
|
25E7E804000
|
heap
|
page read and write
|
||
|
7FFDA57F5000
|
unkown
|
page readonly
|
||
|
2892CD57000
|
heap
|
page read and write
|
||
|
18B97610000
|
direct allocation
|
page read and write
|
||
|
23962F60000
|
heap
|
page read and write
|
||
|
18B944B1000
|
heap
|
page read and write
|
||
|
1E4F3B5C000
|
heap
|
page read and write
|
||
|
1E4F3B3A000
|
heap
|
page read and write
|
||
|
18B97500000
|
direct allocation
|
page read and write
|
||
|
1E4F6093000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
18B944D0000
|
heap
|
page read and write
|
||
|
258FED8A000
|
heap
|
page read and write
|
||
|
18B96C80000
|
direct allocation
|
page read and write
|
||
|
18B97240000
|
direct allocation
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
1E4F6952000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
7FFD8410A000
|
unkown
|
page read and write
|
||
|
1E4F3B56000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
25E7CEA7000
|
heap
|
page read and write
|
||
|
25E7E6FD000
|
heap
|
page read and write
|
||
|
25E7C8B5000
|
heap
|
page read and write
|
||
|
25E7E5B2000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
1E4F67DB000
|
heap
|
page read and write
|
||
|
1E4F5DD0000
|
direct allocation
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FF7ADC10000
|
unkown
|
page readonly
|
||
|
18B9446F000
|
heap
|
page read and write
|
||
|
18B94437000
|
heap
|
page read and write
|
||
|
25E7ECCA000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FFD83F31000
|
unkown
|
page readonly
|
||
|
258FED8F000
|
heap
|
page read and write
|
||
|
18B94451000
|
heap
|
page read and write
|
||
|
7FFDA3864000
|
unkown
|
page readonly
|
||
|
18B96575000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
18B9446F000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
25E7AE91000
|
heap
|
page read and write
|
||
|
25E7AF52000
|
heap
|
page read and write
|
||
|
1E4F5FF7000
|
heap
|
page read and write
|
||
|
7FF643AFE000
|
unkown
|
page readonly
|
||
|
25E7E942000
|
heap
|
page read and write
|
||
|
25E7C8B3000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7EC88000
|
heap
|
page read and write
|
||
|
18B9446A000
|
heap
|
page read and write
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
7FF643AFE000
|
unkown
|
page readonly
|
||
|
7FFDA3C10000
|
unkown
|
page readonly
|
||
|
1E4F5CF9000
|
heap
|
page read and write
|
||
|
7FFDA389D000
|
unkown
|
page read and write
|
||
|
25E7E930000
|
heap
|
page read and write
|
||
|
18B94437000
|
heap
|
page read and write
|
||
|
25E7AF18000
|
heap
|
page read and write
|
||
|
7FFD830D7000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7AEBB000
|
heap
|
page read and write
|
||
|
25E7E9F4000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
258FED90000
|
heap
|
page read and write
|
||
|
25E7AE90000
|
heap
|
page read and write
|
||
|
7FFDA54B0000
|
unkown
|
page readonly
|
||
|
7FFDA5541000
|
unkown
|
page execute read
|
||
|
15670800000
|
heap
|
page read and write
|
||
|
14CAE222000
|
heap
|
page read and write
|
||
|
7FFD833E3000
|
unkown
|
page readonly
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
7FFDAC0F1000
|
unkown
|
page execute read
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
18B975D0000
|
direct allocation
|
page read and write
|
||
|
25E7CEA7000
|
heap
|
page read and write
|
||
|
1E4F61A0000
|
direct allocation
|
page read and write
|
||
|
18B9444A000
|
heap
|
page read and write
|
||
|
7FF643AFE000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
18B94462000
|
heap
|
page read and write
|
||
|
18B95D20000
|
direct allocation
|
page read and write
|
||
|
1E4F5CDB000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
18B96A10000
|
direct allocation
|
page read and write
|
||
|
7FFDA55E1000
|
unkown
|
page execute read
|
||
|
7FFD83455000
|
unkown
|
page read and write
|
||
|
18B94462000
|
heap
|
page read and write
|
||
|
25E7E889000
|
heap
|
page read and write
|
||
|
7FFD93361000
|
unkown
|
page execute read
|
||
|
14CAE220000
|
heap
|
page read and write
|
||
|
7FFD8410F000
|
unkown
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
7FFD93366000
|
unkown
|
page readonly
|
||
|
25E7E8FF000
|
heap
|
page read and write
|
||
|
7FFDA38B1000
|
unkown
|
page execute read
|
||
|
1E4F6013000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
7FF7ADC4D000
|
unkown
|
page read and write
|
||
|
258FECC0000
|
heap
|
page readonly
|
||
|
7FFDA3C36000
|
unkown
|
page readonly
|
||
|
1E4F5FD5000
|
heap
|
page read and write
|
||
|
25E7B0DB000
|
heap
|
page read and write
|
||
|
7FF643AED000
|
unkown
|
page write copy
|
||
|
14CAE224000
|
heap
|
page read and write
|
||
|
18B94495000
|
heap
|
page read and write
|
||
|
7FFDA55A1000
|
unkown
|
page execute read
|
||
|
1E4F5DD0000
|
direct allocation
|
page read and write
|
||
|
1E4F6DEE000
|
heap
|
page read and write
|
||
|
25E7E948000
|
heap
|
page read and write
|
||
|
25E7E942000
|
heap
|
page read and write
|
||
|
1E4F3B45000
|
heap
|
page read and write
|
||
|
7FFD9346B000
|
unkown
|
page readonly
|
||
|
1E4F5CF0000
|
heap
|
page read and write
|
||
|
7FFDAC120000
|
unkown
|
page readonly
|
||
|
18B944A8000
|
heap
|
page read and write
|
||
|
25E7C8BA000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFDA55CE000
|
unkown
|
page write copy
|
||
|
25E7E678000
|
heap
|
page read and write
|
||
|
14CAE218000
|
heap
|
page read and write
|
||
|
18B974C0000
|
direct allocation
|
page read and write
|
||
|
1E4F6E30000
|
direct allocation
|
page read and write
|
||
|
2892CD00000
|
heap
|
page read and write
|
||
|
7FF7ADC50000
|
unkown
|
page read and write
|
||
|
1E4F3AE0000
|
heap
|
page read and write
|
||
|
2892CF7B000
|
heap
|
page read and write
|
||
|
1E4F5530000
|
direct allocation
|
page read and write
|
||
|
25E7B0D5000
|
heap
|
page read and write
|
||
|
14CAE216000
|
heap
|
page read and write
|
||
|
1ABC05D0000
|
heap
|
page read and write
|
||
|
EB359FC000
|
stack
|
page read and write
|
||
|
18B967B0000
|
heap
|
page read and write
|
||
|
18B94495000
|
heap
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
25E7EE14000
|
heap
|
page read and write
|
||
|
7FFDA5574000
|
unkown
|
page readonly
|
||
|
63D5AFF000
|
unkown
|
page read and write
|
||
|
2892CD8B000
|
heap
|
page read and write
|
||
|
18B97590000
|
direct allocation
|
page read and write
|
||
|
18B94437000
|
heap
|
page read and write
|
||
|
25E7EC47000
|
heap
|
page read and write
|
||
|
7FFD84000000
|
unkown
|
page readonly
|
||
|
7FFD833B2000
|
unkown
|
page readonly
|
||
|
25E7EA78000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
12F9BFF000
|
unkown
|
page read and write
|
||
|
1E4F5D90000
|
direct allocation
|
page read and write
|
||
|
1E4F6370000
|
direct allocation
|
page read and write
|
||
|
25E7AE9C000
|
heap
|
page read and write
|
||
|
1E4F6BC0000
|
direct allocation
|
page read and write
|
||
|
7FFDA554F000
|
unkown
|
page readonly
|
||
|
7FFD83984000
|
unkown
|
page readonly
|
||
|
1E4F5F60000
|
heap
|
page read and write
|
||
|
7FF643AB0000
|
unkown
|
page readonly
|
||
|
B6527FE000
|
stack
|
page read and write
|
||
|
7FFD83490000
|
unkown
|
page readonly
|
||
|
1E4F3B27000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FFD83A59000
|
unkown
|
page execute read
|
||
|
1E4F61E0000
|
direct allocation
|
page read and write
|
||
|
7FFDA55CD000
|
unkown
|
page read and write
|
||
|
7FFD83897000
|
unkown
|
page readonly
|
||
|
25E7AEBB000
|
heap
|
page read and write
|
||
|
18B944B1000
|
heap
|
page read and write
|
||
|
18B97127000
|
heap
|
page read and write
|
||
|
14CAE21C000
|
heap
|
page read and write
|
||
|
1ABC06E0000
|
heap
|
page read and write
|
||
|
7FFDA3551000
|
unkown
|
page execute read
|
||
|
25E7E570000
|
heap
|
page read and write
|
||
|
1E4F3B45000
|
heap
|
page read and write
|
||
|
25E7C8D3000
|
heap
|
page read and write
|
||
|
7FFDA3EB1000
|
unkown
|
page execute read
|
||
|
1E4F686C000
|
heap
|
page read and write
|
||
|
25E7EDED000
|
heap
|
page read and write
|
||
|
18B97471000
|
direct allocation
|
page read and write
|
||
|
1ABC06C0000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
1E4F3BA3000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
7FF7ADC5E000
|
unkown
|
page readonly
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
7FF7ADC5E000
|
unkown
|
page readonly
|
||
|
25E7B0D8000
|
heap
|
page read and write
|
||
|
18B968D2000
|
heap
|
page read and write
|
||
|
258FED92000
|
heap
|
page read and write
|
||
|
7FFDA35F9000
|
unkown
|
page readonly
|
||
|
7FFDA5461000
|
unkown
|
page execute read
|
||
|
1ABC06B5000
|
heap
|
page read and write
|
||
|
2F60DD7000
|
stack
|
page read and write
|
||
|
25E7CEA2000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7AF1B000
|
heap
|
page read and write
|
||
|
25E7EB80000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
25E7AF18000
|
heap
|
page read and write
|
||
|
18B965B0000
|
heap
|
page read and write
|
||
|
18B96410000
|
direct allocation
|
page read and write
|
||
|
7FFDA46F9000
|
unkown
|
page read and write
|
||
|
25E7EE17000
|
heap
|
page read and write
|
||
|
14CAE216000
|
heap
|
page read and write
|
||
|
25E7CE8F000
|
heap
|
page read and write
|
||
|
25E7AF47000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
25E7E4FC000
|
heap
|
page read and write
|
||
|
25E7E8E5000
|
heap
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
25E7DC20000
|
heap
|
page read and write
|
||
|
25E7C8D1000
|
heap
|
page read and write
|
||
|
7FFD83760000
|
unkown
|
page readonly
|
||
|
18B97430000
|
direct allocation
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
25E7AE91000
|
heap
|
page read and write
|
||
|
2892CD89000
|
heap
|
page read and write
|
||
|
1E4F5BD0000
|
direct allocation
|
page read and write
|
||
|
7FF643AFC000
|
unkown
|
page read and write
|
||
|
1E4F6B00000
|
direct allocation
|
page read and write
|
||
|
14CAE20E000
|
heap
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
2892EA2A000
|
heap
|
page read and write
|
||
|
25E7AEC4000
|
heap
|
page read and write
|
||
|
1E4F6CD0000
|
direct allocation
|
page read and write
|
||
|
25E7DC1E000
|
heap
|
page read and write
|
||
|
7FFDA46FD000
|
unkown
|
page readonly
|
||
|
25E7AEBB000
|
heap
|
page read and write
|
||
|
1E4F6490000
|
direct allocation
|
page read and write
|
||
|
25E7ED90000
|
heap
|
page read and write
|
||
|
18B97470000
|
direct allocation
|
page read and write
|
||
|
258FED83000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
7FFDAC0F0000
|
unkown
|
page readonly
|
||
|
2892CD36000
|
heap
|
page read and write
|
||
|
1E4F3B41000
|
heap
|
page read and write
|
||
|
25E7AF18000
|
heap
|
page read and write
|
||
|
7FFDA35C2000
|
unkown
|
page execute read
|
||
|
2892CF75000
|
heap
|
page read and write
|
||
|
25E7AEBF000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
25E7E8FC000
|
heap
|
page read and write
|
||
|
25E7CE7A000
|
heap
|
page read and write
|
||
|
2892CD8A000
|
heap
|
page read and write
|
||
|
25E7E636000
|
heap
|
page read and write
|
||
|
7FF7ADC10000
|
unkown
|
page readonly
|
||
|
1E4F3AC9000
|
heap
|
page read and write
|
||
|
25E7EAFC000
|
heap
|
page read and write
|
||
|
258FED91000
|
heap
|
page read and write
|
||
|
2892E6C0000
|
heap
|
page read and write
|
||
|
7FF7ADC10000
|
unkown
|
page readonly
|
||
|
25E7CE10000
|
heap
|
page read and write
|
||
|
7FFD8347D000
|
unkown
|
page readonly
|
||
|
18B94437000
|
heap
|
page read and write
|
||
|
1E4F5D50000
|
direct allocation
|
page read and write
|
||
|
25E7EC04000
|
heap
|
page read and write
|
||
|
7FFDA55B0000
|
unkown
|
page readonly
|
||
|
1E4F6D60000
|
direct allocation
|
page read and write
|
||
|
2892CD28000
|
heap
|
page read and write
|
||
|
7FFD840CB000
|
unkown
|
page read and write
|
||
|
B6520FA000
|
stack
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
25E7E484000
|
heap
|
page read and write
|
||
|
25E7E8FC000
|
heap
|
page read and write
|
||
|
14CAE219000
|
heap
|
page read and write
|
||
|
1E4F3B38000
|
heap
|
page read and write
|
||
|
25E7DC20000
|
heap
|
page read and write
|
||
|
25E7AF60000
|
heap
|
page read and write
|
||
|
7FFDA5591000
|
unkown
|
page execute read
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
258FED86000
|
heap
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
1E4F63C0000
|
direct allocation
|
page read and write
|
||
|
7FFD83D31000
|
unkown
|
page execute read
|
||
|
7FFDA557E000
|
unkown
|
page readonly
|
||
|
1E4F3B5C000
|
heap
|
page read and write
|
||
|
25E7AE40000
|
heap
|
page read and write
|
||
|
25E7E8E5000
|
heap
|
page read and write
|
||
|
1E4F5D46000
|
heap
|
page read and write
|
||
|
14CAE221000
|
heap
|
page read and write
|
||
|
18B94464000
|
heap
|
page read and write
|
||
|
25E7E571000
|
heap
|
page read and write
|
||
|
25E7AEA2000
|
heap
|
page read and write
|
||
|
7FF643AED000
|
unkown
|
page write copy
|
||
|
25E7AF2B000
|
heap
|
page read and write
|
||
|
14CAE225000
|
heap
|
page read and write
|
||
|
7FFD8382B000
|
unkown
|
page read and write
|
||
|
14CAE213000
|
heap
|
page read and write
|
||
|
25E7EE22000
|
heap
|
page read and write
|
||
|
25E7CE8D000
|
heap
|
page read and write
|
||
|
7FF643ADA000
|
unkown
|
page readonly
|
||
|
14CAE215000
|
heap
|
page read and write
|
||
|
18B965D0000
|
direct allocation
|
page read and write
|
||
|
7FFDA3FD4000
|
unkown
|
page readonly
|
||
|
258FECD0000
|
heap
|
page read and write
|
||
|
7FFDA55E0000
|
unkown
|
page readonly
|
||
|
14CAE222000
|
heap
|
page read and write
|
||
|
7FFD93359000
|
unkown
|
page readonly
|
||
|
258FED93000
|
heap
|
page read and write
|
||
|
18B94470000
|
heap
|
page read and write
|
||
|
25E7E8CB000
|
heap
|
page read and write
|
||
|
25E7E7C2000
|
heap
|
page read and write
|
||
|
25E7EDBF000
|
heap
|
page read and write
|
||
|
7FFDA35EC000
|
unkown
|
page readonly
|
||
|
7FFDAC147000
|
unkown
|
page readonly
|
||
|
18B97660000
|
direct allocation
|
page read and write
|
||
|
1E4F64D0000
|
direct allocation
|
page read and write
|
||
|
25E7E846000
|
heap
|
page read and write
|
||
|
18B943C0000
|
heap
|
page readonly
|
||
|
18B96DAC000
|
heap
|
page read and write
|
||
|
18B972F0000
|
direct allocation
|
page read and write
|
||
|
1E4F5C76000
|
heap
|
page read and write
|
||
|
18B94467000
|
heap
|
page read and write
|
||
|
258FECB0000
|
heap
|
page read and write
|
||
|
18B94495000
|
heap
|
page read and write
|
||
|
7FFDA35E7000
|
unkown
|
page read and write
|
||
|
18B96BA0000
|
direct allocation
|
page read and write
|
||
|
1E4F6DA0000
|
direct allocation
|
page read and write
|
||
|
1E4F6720000
|
heap
|
page read and write
|
||
|
1E4F6A10000
|
direct allocation
|
page read and write
|
||
|
7FF7ADC11000
|
unkown
|
page execute read
|
||
|
18B944A1000
|
heap
|
page read and write
|
||
|
18B97430000
|
direct allocation
|
page read and write
|
||
|
79E9CFF000
|
stack
|
page read and write
|
||
|
25E7CE7E000
|
heap
|
page read and write
|
||
|
7FFDA5530000
|
unkown
|
page readonly
|
||
|
23962F70000
|
heap
|
page read and write
|
||
|
1E4F3B99000
|
heap
|
page read and write
|
||
|
7FFD83A6A000
|
unkown
|
page execute read
|
||
|
1E4F6410000
|
direct allocation
|
page read and write
|
||
|
7FFDA55A5000
|
unkown
|
page read and write
|
||
|
7FFDA46E0000
|
unkown
|
page readonly
|
There are 1372 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://estudosadulto.educacao.ws/deolane.mp4
|