Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
wsx.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Software\registry_65f93d51.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\_MEI18922\VCRUNTIME140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\VCRUNTIME140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_asyncio.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_cffi_backend.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_ctypes.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_multiprocessing.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_overlapped.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_queue.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\_ssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-console-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-datetime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-debug-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-fibers-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-file-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-file-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-file-l2-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-handle-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-localization-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-memory-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-profile-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-synch-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-synch-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-timezone-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-core-util-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-conio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-convert-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-environment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-locale-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-math-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-process-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-time-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\api-ms-win-crt-utility-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\base_library.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\bcrypt\_bcrypt.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\certifi\cacert.pem
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\charset_normalizer\md.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\charset_normalizer\md__mypyc.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\INSTALLER
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\LICENSE.APACHE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\LICENSE.BSD
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\LICENSE.PSF
|
Unicode text, UTF-8 text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\METADATA
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\RECORD
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\WHEEL
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography-3.4.8.dist-info\top_level.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\cryptography\hazmat\bindings\_openssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\libffi-7.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\libssl-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\pyexpat.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\python3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\python38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\pywin32_system32\pywintypes38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\ucrtbase.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI18922\win32wnet.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\VCRUNTIME140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\VCRUNTIME140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_asyncio.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_cffi_backend.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_ctypes.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_multiprocessing.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_overlapped.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_queue.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\_ssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-console-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-datetime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-debug-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-fibers-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-file-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-file-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-file-l2-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-handle-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-localization-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-memory-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-profile-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-synch-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-synch-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-timezone-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-core-util-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-conio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-convert-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-environment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-locale-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-math-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-process-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-time-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\api-ms-win-crt-utility-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\base_library.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\bcrypt\_bcrypt.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\certifi\cacert.pem
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\charset_normalizer\md.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\charset_normalizer\md__mypyc.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\INSTALLER
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\LICENSE.APACHE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\LICENSE.BSD
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\LICENSE.PSF
|
Unicode text, UTF-8 text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\METADATA
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\RECORD
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\WHEEL
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography-3.4.8.dist-info\top_level.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\cryptography\hazmat\bindings\_openssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\libffi-7.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\libssl-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\pyexpat.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\python3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\python38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\pywin32_system32\pywintypes38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\ucrtbase.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI60562\win32wnet.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Software\lockfile
|
ASCII text, with no line terminators
|
dropped
|
There are 151 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\wsx.exe
|
"C:\Users\user\Desktop\wsx.exe"
|
|
|
|
C:\Users\user\Desktop\wsx.exe
|
"C:\Users\user\Desktop\wsx.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "schtasks /query /tn "registry_65f93d51.exe""
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /query /tn "registry_65f93d51.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "schtasks /create /tn "registry_65f93d51.exe" /tr "C:\Users\user\AppData\Roaming\Software\registry_65f93d51.exe"
/sc onlogon /rl highest /f"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /create /tn "registry_65f93d51.exe" /tr "C:\Users\user\AppData\Roaming\Software\registry_65f93d51.exe" /sc onlogon
/rl highest /f
|
|
|
|
C:\Users\user\AppData\Roaming\Software\registry_65f93d51.exe
|
C:\Users\user\AppData\Roaming\Software\registry_65f93d51.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Software\registry_65f93d51.exe
|
C:\Users\user\AppData\Roaming\Software\registry_65f93d51.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "schtasks /query /tn "registry_65f93d51.exe""
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /query /tn "registry_65f93d51.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/asweigart/pyperclip/issues/55
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crll__.
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/conta.phprg
|
unknown
|
||
|
https://cloud.google.com/appengine/docs/standard/runtimes
|
unknown
|
||
|
https://github.com/mhammond/pywin32
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/conta.php
|
191.252.83.191
|
||
|
http://docs.python.org/library/unittest.html
|
unknown
|
||
|
https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/salva.php
|
unknown
|
||
|
http://www.python.org/download/releases/2.3/mro/.
|
unknown
|
||
|
https://github.com/pyca/cryptography/actions?query=workflow%3ACI
|
unknown
|
||
|
https://tools.ietf.org/html/rfc2388#section-4.4
|
unknown
|
||
|
https://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://docs.python.org/3/library/subprocess#subprocess.Popen.kill
|
unknown
|
||
|
https://codecov.io/github/pyca/cryptography/coverage.svg?branch=master
|
unknown
|
||
|
http://crl.dhimyotis.com/certignarootca.crl
|
unknown
|
||
|
http://curl.haxx.se/rfc/cookie_spec.html
|
unknown
|
||
|
http://ocsp.accv.es
|
unknown
|
||
|
http://www.python.org/dev/peps/pep-0205/
|
unknown
|
||
|
http://docs.python.org/3/library/subprocess#subprocess.Popen.returncode
|
unknown
|
||
|
https://stackoverflow.com/questions/455434/how-should-i-use-formatmessage-properly-in-c
|
unknown
|
||
|
https://estudosadulto.educacao.ws/contador/contador.php
|
unknown
|
||
|
http://json.org
|
unknown
|
||
|
https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
|
unknown
|
||
|
https://httpbin.org/get
|
unknown
|
||
|
http://httpbin.org/
|
unknown
|
||
|
http://91.92.246.171:5000/replace
|
unknown
|
||
|
https://wwww.certigna.fr/autorites/0m
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
|
unknown
|
||
|
https://codecov.io/github/pyca/cryptography?branch=master
|
unknown
|
||
|
https://httpbin.org/
|
unknown
|
||
|
https://www.apache.org/licenses/
|
unknown
|
||
|
https://wwww.certigna.fr/autorites/
|
unknown
|
||
|
http://www.cl.cam.ac.uk/~mgk25/iso-time.html
|
unknown
|
||
|
http://pontoslivelobb.servicos.ws/conta.phprg)
|
unknown
|
||
|
http://repository.swisssign.com/t
|
unknown
|
||
|
http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
|
unknown
|
||
|
https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
|
unknown
|
||
|
https://cryptography.io/en/latest/installation.html
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl__exit__c
|
unknown
|
||
|
http://wwwsearch.sf.net/):
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
|
unknown
|
||
|
http://www.accv.es/legislacion_c.htm
|
unknown
|
||
|
http://tools.ietf.org/html/rfc6125#section-6.4.3
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl0
|
unknown
|
||
|
http://www.cert.fnmt.es/dpcs/
|
unknown
|
||
|
http://www.accv.es00
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
|
unknown
|
||
|
http://www.phys.uu.nl/~vgent/calendar/isocalendar.htm
|
unknown
|
||
|
https://github.com/pyca/cryptography/issues
|
unknown
|
||
|
https://readthedocs.org/projects/cryptography/badge/?version=latest
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
|
unknown
|
||
|
http://google.com/
|
unknown
|
||
|
https://mahler:8092/site-updates.py
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/stable/v2-migration-guide.html
|
unknown
|
||
|
https://estudosadulto.educacao.ws/contador/contador.php0
|
unknown
|
||
|
http://crl.securetrust.com/SGCA.crl
|
unknown
|
||
|
http://docs.p
|
unknown
|
||
|
http://.../back.jpeg
|
unknown
|
||
|
https://github.com/pyca/cryptography
|
unknown
|
||
|
https://cryptography.io/
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#https-proxy-error-http-proxy
|
unknown
|
||
|
http://www.python.org/
|
unknown
|
||
|
https://httpbin.org/post
|
unknown
|
||
|
https://pyperclip.readthedocs.io/en/latest/index.html#not-implemented-error
|
unknown
|
||
|
https://github.com/Ousret/charset_normalizer
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/497
|
unknown
|
||
|
http://www.firmaprofesional.com/cps0
|
unknown
|
||
|
http://crl.securetrust.com/SGCA.crl0
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl0
|
unknown
|
||
|
http://www.quovadisglobal.com/cpsd
|
unknown
|
||
|
http://yahoo.com/
|
unknown
|
||
|
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
https://w3c.github.io/html/sec-forms.html#multipart-form-data
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
|
unknown
|
||
|
https://docs.microsof
|
unknown
|
||
|
https://mail.python.org/mailman/listinfo/cryptography-dev
|
unknown
|
||
|
https://requests.readthedocs.io
|
unknown
|
||
|
http://repository.swisssign.com/
|
unknown
|
||
|
http://python.org/dev/peps/pep-0263/
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl
|
unknown
|
||
|
http://repository.swisssign.com/Hd
|
unknown
|
||
|
http://repository.swisssign.com/0R
|
unknown
|
||
|
https://www.python.org
|
unknown
|
||
|
http://www.accv.es/legislacion_c.htm0U
|
unknown
|
||
|
http://ocsp.accv.es0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
|
unknown
|
||
|
https://cryptography.io/en/latest/security.html
|
unknown
|
||
|
https://twitter.com/
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warningsPv
|
unknown
|
||
|
http://www.quovadisglobal.com/cps
|
unknown
|
||
|
https://img.shields.io/pypi/v/cryptography.svg
|
unknown
|
||
|
http://google.com/mail/
|
unknown
|
||
|
http://docs.python.org/3/library/subprocess#subprocess.Popen.terminate
|
unknown
|
||
|
https://estudosadulto.educacao.ws/contador/contador.php0wt
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pontoslivelobb.servicos.ws
|
191.252.83.191
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
estudosadulto.educacao.ws
|
94.156.67.32
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
191.252.83.191
|
pontoslivelobb.servicos.ws
|
Brazil
|
||
|
94.156.67.32
|
estudosadulto.educacao.ws
|
Bulgaria
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1D6CD6E0000
|
direct allocation
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1BF40577000
|
heap
|
page read and write
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
7FF8A8080000
|
unkown
|
page readonly
|
||
|
7FF8B90F1000
|
unkown
|
page execute read
|
||
|
7FF7E720D000
|
unkown
|
page read and write
|
||
|
1DEECD10000
|
direct allocation
|
page read and write
|
||
|
7FF8A82F2000
|
unkown
|
page readonly
|
||
|
1BF4058E000
|
heap
|
page read and write
|
||
|
1DEED165000
|
heap
|
page read and write
|
||
|
1D6CF7E0000
|
direct allocation
|
page read and write
|
||
|
1D6CBEAF000
|
heap
|
page read and write
|
||
|
7FF8A8D9E000
|
unkown
|
page readonly
|
||
|
7FF8B78C3000
|
unkown
|
page readonly
|
||
|
1D6CD820000
|
heap
|
page read and write
|
||
|
1A61DAA0000
|
heap
|
page read and write
|
||
|
1D6CBE9C000
|
heap
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
7FF8A736B000
|
unkown
|
page readonly
|
||
|
7FF6BD60E000
|
unkown
|
page readonly
|
||
|
1DEEB051000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1DEEC8A0000
|
heap
|
page read and write
|
||
|
1A61DAC0000
|
heap
|
page read and write
|
||
|
1D6CBE36000
|
heap
|
page read and write
|
||
|
1DEEB051000
|
heap
|
page read and write
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
7FF8B9145000
|
unkown
|
page read and write
|
||
|
7FF8B82E1000
|
unkown
|
page execute read
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CBD80000
|
direct allocation
|
page read and write
|
||
|
1D6CE211000
|
heap
|
page read and write
|
||
|
1AA02368000
|
heap
|
page read and write
|
||
|
1D6CF75A000
|
heap
|
page read and write
|
||
|
1D6CBE36000
|
heap
|
page read and write
|
||
|
1DEED5D0000
|
direct allocation
|
page read and write
|
||
|
1D6CE4A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B9146000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEEB067000
|
heap
|
page read and write
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
1D6CEB00000
|
direct allocation
|
page read and write
|
||
|
1D6CF710000
|
direct allocation
|
page read and write
|
||
|
7FF8A82C7000
|
unkown
|
page readonly
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1D6CBE3F000
|
heap
|
page read and write
|
||
|
7FF8B9141000
|
unkown
|
page execute read
|
||
|
1D6CEB80000
|
direct allocation
|
page read and write
|
||
|
1DEEAFD8000
|
heap
|
page read and write
|
||
|
1DEEE1D0000
|
direct allocation
|
page read and write
|
||
|
1D6CBE38000
|
heap
|
page read and write
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
1DEEB0A5000
|
heap
|
page read and write
|
||
|
7FF6BD5C1000
|
unkown
|
page execute read
|
||
|
7FF8A8323000
|
unkown
|
page readonly
|
||
|
1AA0234E000
|
heap
|
page read and write
|
||
|
1D6CEDB0000
|
direct allocation
|
page read and write
|
||
|
7FF8A7B30000
|
unkown
|
page readonly
|
||
|
7FF8B9100000
|
unkown
|
page readonly
|
||
|
1DEECCD0000
|
direct allocation
|
page read and write
|
||
|
1DEED010000
|
direct allocation
|
page read and write
|
||
|
1D6CBE85000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1DEED690000
|
direct allocation
|
page read and write
|
||
|
7FF8A8AAB000
|
unkown
|
page readonly
|
||
|
1D6CBE3E000
|
heap
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
1DEEE070000
|
direct allocation
|
page read and write
|
||
|
238F7DE000
|
stack
|
page read and write
|
||
|
7FF8BFB20000
|
unkown
|
page readonly
|
||
|
7FF8B90BF000
|
unkown
|
page readonly
|
||
|
7FF8BFB30000
|
unkown
|
page readonly
|
||
|
1D6CBE3E000
|
heap
|
page read and write
|
||
|
1DEED8C0000
|
direct allocation
|
page read and write
|
||
|
1DEEE030000
|
direct allocation
|
page read and write
|
||
|
7FF8BFB34000
|
unkown
|
page read and write
|
||
|
1D6CE9AC000
|
heap
|
page read and write
|
||
|
1D6CEEF0000
|
heap
|
page read and write
|
||
|
1DEEB05E000
|
heap
|
page read and write
|
||
|
7FF8A9399000
|
unkown
|
page readonly
|
||
|
7FF8A7DAC000
|
unkown
|
page readonly
|
||
|
1DEEDD7D000
|
heap
|
page read and write
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
7FF8B780A000
|
unkown
|
page read and write
|
||
|
7FF8A8AA7000
|
unkown
|
page readonly
|
||
|
1D6CE777000
|
heap
|
page read and write
|
||
|
1D6CBE0D000
|
heap
|
page read and write
|
||
|
1DEEDB33000
|
heap
|
page read and write
|
||
|
1D6CBE85000
|
heap
|
page read and write
|
||
|
1DEED190000
|
direct allocation
|
page read and write
|
||
|
7FF8B829E000
|
unkown
|
page readonly
|
||
|
7FF8A92F0000
|
unkown
|
page readonly
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1D6CED70000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEED980000
|
direct allocation
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
7FF8B8F8F000
|
unkown
|
page readonly
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A72C0000
|
unkown
|
page readonly
|
||
|
7FF8B82B0000
|
unkown
|
page readonly
|
||
|
7FF8A8395000
|
unkown
|
page read and write
|
||
|
1D6CE680000
|
direct allocation
|
page read and write
|
||
|
1D6CE450000
|
direct allocation
|
page read and write
|
||
|
CB472FF000
|
unkown
|
page read and write
|
||
|
1D6CBE85000
|
heap
|
page read and write
|
||
|
7FF8BA24E000
|
unkown
|
page readonly
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1D6CBE55000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
238F5EA000
|
stack
|
page read and write
|
||
|
7FF8B9105000
|
unkown
|
page readonly
|
||
|
1DEED3C1000
|
heap
|
page read and write
|
||
|
1D6CECF0000
|
direct allocation
|
page read and write
|
||
|
1D6CDDB8000
|
heap
|
page read and write
|
||
|
1D6CDDB1000
|
heap
|
page read and write
|
||
|
1BF40589000
|
heap
|
page read and write
|
||
|
7FF8A7B17000
|
unkown
|
page read and write
|
||
|
7FF8A7EF3000
|
unkown
|
page write copy
|
||
|
7FF8BA4F6000
|
unkown
|
page readonly
|
||
|
7FF7E71FA000
|
unkown
|
page readonly
|
||
|
7FF8B9180000
|
unkown
|
page readonly
|
||
|
1D6CBE36000
|
heap
|
page read and write
|
||
|
7FF6BD5C1000
|
unkown
|
page execute read
|
||
|
7FF8A7DBE000
|
unkown
|
page readonly
|
||
|
7FF8B919D000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CE208000
|
heap
|
page read and write
|
||
|
7FF8A7A81000
|
unkown
|
page execute read
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEEB0C6000
|
heap
|
page read and write
|
||
|
7FF8A731C000
|
unkown
|
page readonly
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1BF4058A000
|
heap
|
page read and write
|
||
|
7FF8A7F0F000
|
unkown
|
page read and write
|
||
|
1AA0235A000
|
heap
|
page read and write
|
||
|
1BF4058E000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF7E720D000
|
unkown
|
page read and write
|
||
|
1BF4056F000
|
heap
|
page read and write
|
||
|
7FF8B7804000
|
unkown
|
page readonly
|
||
|
7FF8B7820000
|
unkown
|
page readonly
|
||
|
1D6CD720000
|
direct allocation
|
page read and write
|
||
|
1D6CEC30000
|
direct allocation
|
page read and write
|
||
|
7FF8A7F61000
|
unkown
|
page execute read
|
||
|
1D6CE793000
|
heap
|
page read and write
|
||
|
7FF8BA254000
|
unkown
|
page readonly
|
||
|
1AA02367000
|
heap
|
page read and write
|
||
|
7FF8A770D000
|
unkown
|
page readonly
|
||
|
1DEEE210000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
1A61DAEA000
|
heap
|
page read and write
|
||
|
1DEEE1D0000
|
direct allocation
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1BF4058A000
|
heap
|
page read and write
|
||
|
1D6CE6C0000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A73C9000
|
unkown
|
page read and write
|
||
|
7FF6BD5EA000
|
unkown
|
page readonly
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8BA4F9000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CBE36000
|
heap
|
page read and write
|
||
|
1D6CBE86000
|
heap
|
page read and write
|
||
|
1AA0235A000
|
heap
|
page read and write
|
||
|
1D6CE0FA000
|
heap
|
page read and write
|
||
|
1DEEB057000
|
heap
|
page read and write
|
||
|
7FF7E721E000
|
unkown
|
page readonly
|
||
|
1DEECC50000
|
direct allocation
|
page read and write
|
||
|
1DEEB054000
|
heap
|
page read and write
|
||
|
1BF40590000
|
heap
|
page read and write
|
||
|
1DEEB075000
|
heap
|
page read and write
|
||
|
1DEED42A000
|
heap
|
page read and write
|
||
|
1DEED940000
|
direct allocation
|
page read and write
|
||
|
1DEEB099000
|
heap
|
page read and write
|
||
|
1AA022F0000
|
heap
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEEB067000
|
heap
|
page read and write
|
||
|
1DEEAFED000
|
heap
|
page read and write
|
||
|
1C8023C0000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CBE9B000
|
heap
|
page read and write
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
1D6CED30000
|
direct allocation
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1DEED880000
|
direct allocation
|
page read and write
|
||
|
1D6CBE5B000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1BF40593000
|
heap
|
page read and write
|
||
|
1DEED091000
|
heap
|
page read and write
|
||
|
1D6CBEBA000
|
heap
|
page read and write
|
||
|
1D6CEAC0000
|
direct allocation
|
page read and write
|
||
|
1D6CBD10000
|
heap
|
page read and write
|
||
|
7FF8A8A06000
|
unkown
|
page readonly
|
||
|
1D6CE80F000
|
heap
|
page read and write
|
||
|
1AA0235D000
|
heap
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
7FF8B90F6000
|
unkown
|
page readonly
|
||
|
1AA0235A000
|
heap
|
page read and write
|
||
|
1DEEB0B6000
|
heap
|
page read and write
|
||
|
7FF8B9109000
|
unkown
|
page read and write
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
7FF8B780E000
|
unkown
|
page readonly
|
||
|
1AA02355000
|
heap
|
page read and write
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
1DEEDC94000
|
heap
|
page read and write
|
||
|
7FF8B9F69000
|
unkown
|
page readonly
|
||
|
1DEEB067000
|
heap
|
page read and write
|
||
|
7FF8B78B9000
|
unkown
|
page readonly
|
||
|
1A61DD20000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEEB075000
|
heap
|
page read and write
|
||
|
1AA0235A000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1DEEDEF0000
|
direct allocation
|
page read and write
|
||
|
1DEEDC79000
|
heap
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
7FF7E71D1000
|
unkown
|
page execute read
|
||
|
7FF7E71FA000
|
unkown
|
page readonly
|
||
|
1D6CE410000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CBE85000
|
heap
|
page read and write
|
||
|
7FF8A7435000
|
unkown
|
page execute read
|
||
|
7FF8A810A000
|
unkown
|
page execute read
|
||
|
1D6CBE3E000
|
heap
|
page read and write
|
||
|
7FF8B8250000
|
unkown
|
page readonly
|
||
|
1BF4058C000
|
heap
|
page read and write
|
||
|
1D6CDDD5000
|
heap
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
1DEEE210000
|
direct allocation
|
page read and write
|
||
|
7FF8B7843000
|
unkown
|
page read and write
|
||
|
1D6CE2D0000
|
direct allocation
|
page read and write
|
||
|
7FF6BD60E000
|
unkown
|
page readonly
|
||
|
7FF8B8291000
|
unkown
|
page execute read
|
||
|
1D6CBE9C000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CBE3F000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
7FF8B90BC000
|
unkown
|
page read and write
|
||
|
1D6CD6A0000
|
direct allocation
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
7FF8B78C1000
|
unkown
|
page read and write
|
||
|
7FF8A836E000
|
unkown
|
page readonly
|
||
|
1BF40586000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8A9364000
|
unkown
|
page readonly
|
||
|
1DEEB057000
|
heap
|
page read and write
|
||
|
7FF8B8261000
|
unkown
|
page execute read
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1DEEE0C0000
|
direct allocation
|
page read and write
|
||
|
1C802340000
|
heap
|
page read and write
|
||
|
1AA022E0000
|
heap
|
page read and write
|
||
|
7FF8B8799000
|
unkown
|
page read and write
|
||
|
51655AC000
|
stack
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
5164FDE000
|
stack
|
page read and write
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
1AA02368000
|
heap
|
page read and write
|
||
|
1DEEB057000
|
heap
|
page read and write
|
||
|
1D6CEA9D000
|
heap
|
page read and write
|
||
|
1DEEB051000
|
heap
|
page read and write
|
||
|
1D6CDF30000
|
direct allocation
|
page read and write
|
||
|
1D6CE070000
|
direct allocation
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1AA02368000
|
heap
|
page read and write
|
||
|
1DEED250000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8B90F0000
|
unkown
|
page readonly
|
||
|
7FF8A92F1000
|
unkown
|
page execute read
|
||
|
1D6CDF90000
|
direct allocation
|
page read and write
|
||
|
1AA0235A000
|
heap
|
page read and write
|
||
|
1DEEB057000
|
heap
|
page read and write
|
||
|
1DEEB0D0000
|
heap
|
page read and write
|
||
|
1D6CE030000
|
direct allocation
|
page read and write
|
||
|
7FF8A76EB000
|
unkown
|
page read and write
|
||
|
1D6CBE62000
|
heap
|
page read and write
|
||
|
7FF8B8F80000
|
unkown
|
page readonly
|
||
|
7FF8B879A000
|
unkown
|
page readonly
|
||
|
1DEED650000
|
direct allocation
|
page read and write
|
||
|
1DEED190000
|
direct allocation
|
page read and write
|
||
|
1DEED165000
|
heap
|
page read and write
|
||
|
1D6CBE38000
|
heap
|
page read and write
|
||
|
7FF8B782D000
|
unkown
|
page readonly
|
||
|
7FF8B9150000
|
unkown
|
page readonly
|
||
|
1BF40599000
|
heap
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CBE90000
|
heap
|
page read and write
|
||
|
1AA0235A000
|
heap
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
7FF6BD5FD000
|
unkown
|
page read and write
|
||
|
1D6CEDB0000
|
direct allocation
|
page read and write
|
||
|
7FF8B8B05000
|
unkown
|
page readonly
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1D6CBE3B000
|
heap
|
page read and write
|
||
|
1DEED44E000
|
heap
|
page read and write
|
||
|
1BF40560000
|
heap
|
page read and write
|
||
|
1DEEDFF0000
|
direct allocation
|
page read and write
|
||
|
7FF8B8251000
|
unkown
|
page execute read
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1A61DD15000
|
heap
|
page read and write
|
||
|
1AA02355000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1D6CBD40000
|
heap
|
page read and write
|
||
|
1BF4059A000
|
heap
|
page read and write
|
||
|
7FF8A811D000
|
unkown
|
page execute read
|
||
|
1D6CEC30000
|
direct allocation
|
page read and write
|
||
|
1D6CE7F9000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1DEEB099000
|
heap
|
page read and write
|
||
|
1D6CEA61000
|
heap
|
page read and write
|
||
|
1D6CBE33000
|
heap
|
page read and write
|
||
|
1D6CBE85000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF7E71D0000
|
unkown
|
page readonly
|
||
|
1C802310000
|
heap
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
7FF8A8B09000
|
unkown
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEED2F0000
|
direct allocation
|
page read and write
|
||
|
7FF8A80E5000
|
unkown
|
page execute read
|
||
|
1D6CBE5A000
|
heap
|
page read and write
|
||
|
7FF8B78A0000
|
unkown
|
page readonly
|
||
|
51653BF000
|
stack
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
7FF8B8F72000
|
unkown
|
page readonly
|
||
|
7FF8A7370000
|
unkown
|
page readonly
|
||
|
CB473FF000
|
stack
|
page read and write
|
||
|
7FF8A76E5000
|
unkown
|
page read and write
|
||
|
5164DD7000
|
stack
|
page read and write
|
||
|
7FF6BD5FD000
|
unkown
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CEA4B000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CE6DF000
|
heap
|
page read and write
|
||
|
1D6CEC30000
|
direct allocation
|
page read and write
|
||
|
1D6CBE3E000
|
heap
|
page read and write
|
||
|
1D6CE310000
|
direct allocation
|
page read and write
|
||
|
1DEED569000
|
heap
|
page read and write
|
||
|
1D6CE4E0000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CE580000
|
direct allocation
|
page read and write
|
||
|
1BF40590000
|
heap
|
page read and write
|
||
|
1DEEB0B4000
|
heap
|
page read and write
|
||
|
1C8023D0000
|
heap
|
page read and write
|
||
|
7FF8BA521000
|
unkown
|
page execute read
|
||
|
1D6CBE7E000
|
heap
|
page read and write
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
1D6CE0C0000
|
heap
|
page read and write
|
||
|
1DEEB054000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
7FF8B9181000
|
unkown
|
page execute read
|
||
|
1BF404F0000
|
heap
|
page readonly
|
||
|
1DEED9C0000
|
heap
|
page read and write
|
||
|
28FF3530000
|
heap
|
page read and write
|
||
|
1BF4059A000
|
heap
|
page read and write
|
||
|
7FF7E71D0000
|
unkown
|
page readonly
|
||
|
1D6CEE90000
|
direct allocation
|
page read and write
|
||
|
1DEEC900000
|
heap
|
page read and write
|
||
|
1A61DAE0000
|
heap
|
page read and write
|
||
|
1D6CF750000
|
direct allocation
|
page read and write
|
||
|
1DEED710000
|
direct allocation
|
page read and write
|
||
|
7FF8A73D1000
|
unkown
|
page execute read
|
||
|
7FF8BA525000
|
unkown
|
page readonly
|
||
|
7FF8B9F73000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1AA02365000
|
heap
|
page read and write
|
||
|
1DEED090000
|
heap
|
page read and write
|
||
|
7FF8BFB21000
|
unkown
|
page execute read
|
||
|
1D6CBE4B000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
7FF8A9387000
|
unkown
|
page read and write
|
||
|
7FF8BA529000
|
unkown
|
page read and write
|
||
|
7FF8B90E2000
|
unkown
|
page readonly
|
||
|
7FF8A76ED000
|
unkown
|
page readonly
|
||
|
7FF6BD60C000
|
unkown
|
page read and write
|
||
|
1D6CDDB7000
|
heap
|
page read and write
|
||
|
C00BAC000
|
stack
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEEB054000
|
heap
|
page read and write
|
||
|
1D6CE5C0000
|
direct allocation
|
page read and write
|
||
|
46D60FF000
|
unkown
|
page read and write
|
||
|
7FF8BA502000
|
unkown
|
page readonly
|
||
|
1D6CEA1F000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B9169000
|
unkown
|
page readonly
|
||
|
7FF8B8256000
|
unkown
|
page readonly
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1D6CEE00000
|
direct allocation
|
page read and write
|
||
|
7FF8B9140000
|
unkown
|
page readonly
|
||
|
1DEEE210000
|
direct allocation
|
page read and write
|
||
|
7FF8B82CD000
|
unkown
|
page readonly
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A7617000
|
unkown
|
page readonly
|
||
|
7FF8B90D5000
|
unkown
|
page readonly
|
||
|
1DEEDB8C000
|
heap
|
page read and write
|
||
|
1D6CEC30000
|
direct allocation
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
7FF8B82C9000
|
unkown
|
page read and write
|
||
|
C009BF000
|
stack
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1DEEB03E000
|
heap
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1AA02330000
|
heap
|
page read and write
|
||
|
7FF8B90F5000
|
unkown
|
page read and write
|
||
|
1D6CBEAE000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
7FF8B9F71000
|
unkown
|
page read and write
|
||
|
1DEEB057000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A9362000
|
unkown
|
page execute read
|
||
|
1DEEB043000
|
heap
|
page read and write
|
||
|
1BF40590000
|
heap
|
page read and write
|
||
|
7FF8A8E04000
|
unkown
|
page readonly
|
||
|
1D6CED70000
|
direct allocation
|
page read and write
|
||
|
7FF8B9074000
|
unkown
|
page readonly
|
||
|
1DEED6D0000
|
direct allocation
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEED760000
|
direct allocation
|
page read and write
|
||
|
1BF4058A000
|
heap
|
page read and write
|
||
|
1D6CBE5B000
|
heap
|
page read and write
|
||
|
7FF6BD5FD000
|
unkown
|
page write copy
|
||
|
7FF8A8ED3000
|
unkown
|
page write copy
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
1A61DD10000
|
heap
|
page read and write
|
||
|
1BF40500000
|
heap
|
page read and write
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
7FF8B8260000
|
unkown
|
page readonly
|
||
|
1D6CBE8B000
|
heap
|
page read and write
|
||
|
1DEED1D0000
|
direct allocation
|
page read and write
|
||
|
7FF8B8F70000
|
unkown
|
page readonly
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
1DEEDEB0000
|
direct allocation
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
7FF7E71D1000
|
unkown
|
page execute read
|
||
|
1BF4058E000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1AA0235D000
|
heap
|
page read and write
|
||
|
1DEEDAE1000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8A745A000
|
unkown
|
page execute read
|
||
|
7FF8A83BD000
|
unkown
|
page readonly
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A7D31000
|
unkown
|
page readonly
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
7FF8B78A2000
|
unkown
|
page readonly
|
||
|
1D6CEBF0000
|
direct allocation
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1BF40590000
|
heap
|
page read and write
|
||
|
1D6CE9B5000
|
heap
|
page read and write
|
||
|
7FF8B8253000
|
unkown
|
page readonly
|
||
|
1DEEB049000
|
heap
|
page read and write
|
||
|
46D61FE000
|
stack
|
page read and write
|
||
|
1DEED840000
|
direct allocation
|
page read and write
|
||
|
1DEEB0C8000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF6BD60C000
|
unkown
|
page read and write
|
||
|
1DEEDE00000
|
direct allocation
|
page read and write
|
||
|
7FF8A8D8C000
|
unkown
|
page readonly
|
||
|
1AA0235D000
|
heap
|
page read and write
|
||
|
1BF4057F000
|
heap
|
page read and write
|
||
|
7FF8B90D0000
|
unkown
|
page readonly
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1DEEDD72000
|
heap
|
page read and write
|
||
|
7FF8B78B1000
|
unkown
|
page execute read
|
||
|
1DEED0B6000
|
heap
|
page read and write
|
||
|
7FF8B9151000
|
unkown
|
page execute read
|
||
|
28FF36E0000
|
heap
|
page read and write
|
||
|
1D6CD660000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8B8255000
|
unkown
|
page read and write
|
||
|
1DEEB099000
|
heap
|
page read and write
|
||
|
1DEEB049000
|
heap
|
page read and write
|
||
|
7FF8A72C6000
|
unkown
|
page readonly
|
||
|
7FF8A8A01000
|
unkown
|
page execute read
|
||
|
1DEEE260000
|
direct allocation
|
page read and write
|
||
|
7FF6BD5EA000
|
unkown
|
page readonly
|
||
|
7FF8B8835000
|
unkown
|
page read and write
|
||
|
1D6CBE2C000
|
heap
|
page read and write
|
||
|
1D6CEED0000
|
heap
|
page read and write
|
||
|
7FF8B90E1000
|
unkown
|
page execute read
|
||
|
7FF8B90B0000
|
unkown
|
page readonly
|
||
|
1AA0235D000
|
heap
|
page read and write
|
||
|
1DEEC905000
|
heap
|
page read and write
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
7FF8B8C16000
|
unkown
|
page readonly
|
||
|
1D6CBE2B000
|
heap
|
page read and write
|
||
|
1DEEB05D000
|
heap
|
page read and write
|
||
|
7FF8A8EAB000
|
unkown
|
page read and write
|
||
|
7FF8A7449000
|
unkown
|
page execute read
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
1D6CE390000
|
direct allocation
|
page read and write
|
||
|
7FF8BA500000
|
unkown
|
page readonly
|
||
|
7FF8A7B31000
|
unkown
|
page execute read
|
||
|
7FF8B8C11000
|
unkown
|
page execute read
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1D6CBE33000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1DEEB049000
|
heap
|
page read and write
|
||
|
7FF8B90DA000
|
unkown
|
page readonly
|
||
|
1D6CDEAC000
|
heap
|
page read and write
|
||
|
8D447EC000
|
stack
|
page read and write
|
||
|
7FF7E7210000
|
unkown
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
7FF8B907A000
|
unkown
|
page read and write
|
||
|
1D6CBDDE000
|
heap
|
page read and write
|
||
|
1DEED210000
|
direct allocation
|
page read and write
|
||
|
1D6CEC70000
|
direct allocation
|
page read and write
|
||
|
1D6CBE5B000
|
heap
|
page read and write
|
||
|
1DEEB06C000
|
heap
|
page read and write
|
||
|
7FF8B9060000
|
unkown
|
page readonly
|
||
|
7FF6BD5C0000
|
unkown
|
page readonly
|
||
|
1BF4059A000
|
heap
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B912E000
|
unkown
|
page write copy
|
||
|
7FF8B8AF0000
|
unkown
|
page readonly
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1DEEB03C000
|
heap
|
page read and write
|
||
|
7FF8B82E0000
|
unkown
|
page readonly
|
||
|
28FF3510000
|
heap
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
7FF8A7615000
|
unkown
|
page execute read
|
||
|
7FF8B83DF000
|
unkown
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEEE070000
|
direct allocation
|
page read and write
|
||
|
7FF8B90E0000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
28FF351B000
|
heap
|
page read and write
|
||
|
1DEEE210000
|
direct allocation
|
page read and write
|
||
|
A7315FF000
|
unkown
|
page read and write
|
||
|
1D6CDF30000
|
direct allocation
|
page read and write
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
1D6CBD00000
|
heap
|
page readonly
|
||
|
7FF8B8790000
|
unkown
|
page readonly
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1D6CE8C8000
|
heap
|
page read and write
|
||
|
7FF8A7A80000
|
unkown
|
page readonly
|
||
|
1BF40590000
|
heap
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1DEECC90000
|
direct allocation
|
page read and write
|
||
|
7FF8A938C000
|
unkown
|
page readonly
|
||
|
7FF8B9199000
|
unkown
|
page read and write
|
||
|
7FF8B910A000
|
unkown
|
page readonly
|
||
|
7FF8B83E2000
|
unkown
|
page readonly
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1D6CE350000
|
direct allocation
|
page read and write
|
||
|
28FF34D0000
|
heap
|
page read and write
|
||
|
1D6CBDC0000
|
heap
|
page read and write
|
||
|
7FF8B90B1000
|
unkown
|
page execute read
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
7FF8B8836000
|
unkown
|
page readonly
|
||
|
1D6CBE81000
|
heap
|
page read and write
|
||
|
1BF4059A000
|
heap
|
page read and write
|
||
|
1DEEDBBE000
|
heap
|
page read and write
|
||
|
1AA03CC0000
|
heap
|
page read and write
|
||
|
7FF8B912D000
|
unkown
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8B77F0000
|
unkown
|
page readonly
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEEE150000
|
direct allocation
|
page read and write
|
||
|
1AA02368000
|
heap
|
page read and write
|
||
|
7FF8A8AB0000
|
unkown
|
page readonly
|
||
|
7FF8B82A4000
|
unkown
|
page readonly
|
||
|
1BF40599000
|
heap
|
page read and write
|
||
|
1BF40410000
|
heap
|
page read and write
|
||
|
7FF8A82C5000
|
unkown
|
page execute read
|
||
|
1D6CBC20000
|
heap
|
page read and write
|
||
|
1BF40590000
|
heap
|
page read and write
|
||
|
1D6CBE8B000
|
heap
|
page read and write
|
||
|
7FF8B8795000
|
unkown
|
page readonly
|
||
|
1DEED7A0000
|
direct allocation
|
page read and write
|
||
|
7FF6BD5FD000
|
unkown
|
page write copy
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
CB46F7C000
|
stack
|
page read and write
|
||
|
7FF8A7B29000
|
unkown
|
page readonly
|
||
|
7FF8B9F61000
|
unkown
|
page execute read
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
1D6CBE86000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A73D0000
|
unkown
|
page readonly
|
||
|
7FF8A9392000
|
unkown
|
page readonly
|
||
|
7FF8B8C10000
|
unkown
|
page readonly
|
||
|
1DEEB04B000
|
heap
|
page read and write
|
||
|
7FF8A808D000
|
unkown
|
page execute read
|
||
|
1D6CBE55000
|
heap
|
page read and write
|
||
|
1BF40599000
|
heap
|
page read and write
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
1DEEB03E000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF7E721C000
|
unkown
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1AA0235A000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A7AF4000
|
unkown
|
page readonly
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
7FF6BD5EA000
|
unkown
|
page readonly
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1BF4059A000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
7FF6BD5C0000
|
unkown
|
page readonly
|
||
|
7FF8A72C1000
|
unkown
|
page execute read
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEEDF70000
|
direct allocation
|
page read and write
|
||
|
1DEED330000
|
direct allocation
|
page read and write
|
||
|
1D6CBE36000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8A8D11000
|
unkown
|
page readonly
|
||
|
1D6CBE25000
|
heap
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
7FF8B77F1000
|
unkown
|
page execute read
|
||
|
1D6CBE9F000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1D6CBE85000
|
heap
|
page read and write
|
||
|
7FF8A8A5C000
|
unkown
|
page readonly
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B78A4000
|
unkown
|
page readonly
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
1DEEDD4A000
|
heap
|
page read and write
|
||
|
1D6CBE2B000
|
heap
|
page read and write
|
||
|
1DEEB07C000
|
heap
|
page read and write
|
||
|
28FF37E0000
|
heap
|
page read and write
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
1BF40530000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CDF30000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B783E000
|
unkown
|
page write copy
|
||
|
1DEEB041000
|
heap
|
page read and write
|
||
|
7FF8B90D1000
|
unkown
|
page execute read
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1DEEB051000
|
heap
|
page read and write
|
||
|
1DEEDD86000
|
heap
|
page read and write
|
||
|
7FF7E721E000
|
unkown
|
page readonly
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1DEEB0C8000
|
heap
|
page read and write
|
||
|
7FF8B8F87000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CEA82000
|
heap
|
page read and write
|
||
|
7FF8B8830000
|
unkown
|
page readonly
|
||
|
1DEEB043000
|
heap
|
page read and write
|
||
|
1A61DB12000
|
heap
|
page read and write
|
||
|
1DEED900000
|
direct allocation
|
page read and write
|
||
|
1AA02355000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B8B04000
|
unkown
|
page read and write
|
||
|
1D6CE96B000
|
heap
|
page read and write
|
||
|
7FF7E71FA000
|
unkown
|
page readonly
|
||
|
7FF6BD5C0000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B82C2000
|
unkown
|
page readonly
|
||
|
7FF8A7E00000
|
unkown
|
page readonly
|
||
|
7FF7E721E000
|
unkown
|
page readonly
|
||
|
1D6CBE4A000
|
heap
|
page read and write
|
||
|
238F5E3000
|
stack
|
page read and write
|
||
|
1DEED590000
|
direct allocation
|
page read and write
|
||
|
7FF8A8B05000
|
unkown
|
page readonly
|
||
|
1BF4059A000
|
heap
|
page read and write
|
||
|
1C802320000
|
heap
|
page read and write
|
||
|
1D6CE530000
|
direct allocation
|
page read and write
|
||
|
1D6CEA29000
|
heap
|
page read and write
|
||
|
1D6CE640000
|
direct allocation
|
page read and write
|
||
|
1DEEB098000
|
heap
|
page read and write
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
1BF4058A000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1D6CBE55000
|
heap
|
page read and write
|
||
|
7FF6BD60E000
|
unkown
|
page readonly
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
1D6CDEB0000
|
direct allocation
|
page read and write
|
||
|
1DEEE210000
|
direct allocation
|
page read and write
|
||
|
7FF8B78A1000
|
unkown
|
page execute read
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B90B7000
|
unkown
|
page readonly
|
||
|
7FF6BD5C0000
|
unkown
|
page readonly
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
1DEED44E000
|
heap
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1A61DA90000
|
heap
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
7FF8A7642000
|
unkown
|
page readonly
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
1BF40599000
|
heap
|
page read and write
|
||
|
1DEED7F0000
|
direct allocation
|
page read and write
|
||
|
7FF6BD5C1000
|
unkown
|
page execute read
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
7FF8A76BE000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEEB098000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1D6CEC30000
|
direct allocation
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1BF4058A000
|
heap
|
page read and write
|
||
|
1D6CE600000
|
direct allocation
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
7FF8A7699000
|
unkown
|
page readonly
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
A7316FE000
|
stack
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1D6CE103000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEEB0A5000
|
heap
|
page read and write
|
||
|
1DEEB049000
|
heap
|
page read and write
|
||
|
1DEEB054000
|
heap
|
page read and write
|
||
|
7FF8A7367000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
7FF8B8C19000
|
unkown
|
page readonly
|
||
|
1DEEAFD0000
|
heap
|
page read and write
|
||
|
1D6CEB40000
|
direct allocation
|
page read and write
|
||
|
7FF8B9192000
|
unkown
|
page readonly
|
||
|
1DEED2B0000
|
direct allocation
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1DEEDDC0000
|
direct allocation
|
page read and write
|
||
|
1DEEE2A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A8DE0000
|
unkown
|
page readonly
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1DEED091000
|
heap
|
page read and write
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
1AA02366000
|
heap
|
page read and write
|
||
|
1DEEE190000
|
direct allocation
|
page read and write
|
||
|
7FF8A8062000
|
unkown
|
page readonly
|
||
|
1D6CEDB0000
|
direct allocation
|
page read and write
|
||
|
1DEEB051000
|
heap
|
page read and write
|
||
|
1D6CECB0000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CBE5B000
|
heap
|
page read and write
|
||
|
1AA02355000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A7B1C000
|
unkown
|
page readonly
|
||
|
1D6CBE5B000
|
heap
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
7FF8B9176000
|
unkown
|
page readonly
|
||
|
7FF8B9111000
|
unkown
|
page execute read
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
1D6CBE9B000
|
heap
|
page read and write
|
||
|
1AA02358000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
7FF8A8B10000
|
unkown
|
page readonly
|
||
|
1D6CEC30000
|
direct allocation
|
page read and write
|
||
|
1DEEB06C000
|
heap
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1DEECE90000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CD760000
|
direct allocation
|
page read and write
|
||
|
1D6CBE9B000
|
heap
|
page read and write
|
||
|
7FF8B9110000
|
unkown
|
page readonly
|
||
|
1DEEE030000
|
direct allocation
|
page read and write
|
||
|
7FF6BD5C1000
|
unkown
|
page execute read
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEEDFB0000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8B783D000
|
unkown
|
page read and write
|
||
|
1D6CF750000
|
direct allocation
|
page read and write
|
||
|
7FF8B827D000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CBE9B000
|
heap
|
page read and write
|
||
|
1DEED394000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF7E71FA000
|
unkown
|
page readonly
|
||
|
1D6CBE9F000
|
heap
|
page read and write
|
||
|
1D6CBE91000
|
heap
|
page read and write
|
||
|
7FF8A8024000
|
unkown
|
page readonly
|
||
|
7FF8A73DD000
|
unkown
|
page execute read
|
||
|
7FF8B8791000
|
unkown
|
page execute read
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1DEEB04B000
|
heap
|
page read and write
|
||
|
7FF7E71D1000
|
unkown
|
page execute read
|
||
|
1DEEE210000
|
direct allocation
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
7FF8A7673000
|
unkown
|
page readonly
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
7FF8BA4F1000
|
unkown
|
page execute read
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
7FF8B90D9000
|
unkown
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEEDE40000
|
direct allocation
|
page read and write
|
||
|
7FF8BA4F0000
|
unkown
|
page readonly
|
||
|
1AA02300000
|
heap
|
page read and write
|
||
|
1BF4058A000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1BF4058A000
|
heap
|
page read and write
|
||
|
1DEED3B0000
|
heap
|
page read and write
|
||
|
1DEED4CE000
|
heap
|
page read and write
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8B9134000
|
unkown
|
page readonly
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1BF40591000
|
heap
|
page read and write
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
7FF7E71D1000
|
unkown
|
page execute read
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
C003D6000
|
stack
|
page read and write
|
||
|
1D6CD7A0000
|
direct allocation
|
page read and write
|
||
|
1DEEAEE0000
|
heap
|
page read and write
|
||
|
1DEEB098000
|
heap
|
page read and write
|
||
|
1DEED0A5000
|
heap
|
page read and write
|
||
|
7FF8A839B000
|
unkown
|
page read and write
|
||
|
7FF8A7AF2000
|
unkown
|
page execute read
|
||
|
7FF7E720D000
|
unkown
|
page write copy
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
1AA02338000
|
heap
|
page read and write
|
||
|
7FF8B82B1000
|
unkown
|
page execute read
|
||
|
7FF8BA240000
|
unkown
|
page readonly
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
7FF8B8285000
|
unkown
|
page read and write
|
||
|
8D447EA000
|
stack
|
page read and write
|
||
|
1D6CE86A000
|
heap
|
page read and write
|
||
|
1DEED610000
|
direct allocation
|
page read and write
|
||
|
7FF8A8349000
|
unkown
|
page readonly
|
||
|
7FF8A8B11000
|
unkown
|
page execute read
|
||
|
1DEED179000
|
heap
|
page read and write
|
||
|
7FF8B9061000
|
unkown
|
page execute read
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEED401000
|
heap
|
page read and write
|
||
|
7FF8A7F0A000
|
unkown
|
page read and write
|
||
|
A7314FC000
|
stack
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1DEED0DF000
|
heap
|
page read and write
|
||
|
7FF8B82A3000
|
unkown
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1D6CBE5B000
|
heap
|
page read and write
|
||
|
1AA0235D000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CDDB1000
|
heap
|
page read and write
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
1DEEB06C000
|
heap
|
page read and write
|
||
|
7FF6BD600000
|
unkown
|
page read and write
|
||
|
1D6CBE86000
|
heap
|
page read and write
|
||
|
7FF8B9175000
|
unkown
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8B907E000
|
unkown
|
page readonly
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
1D6CBE2B000
|
heap
|
page read and write
|
||
|
1BF4059A000
|
heap
|
page read and write
|
||
|
1DEEB06C000
|
heap
|
page read and write
|
||
|
1DEEDEB0000
|
direct allocation
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEEB054000
|
heap
|
page read and write
|
||
|
1D6CBE86000
|
heap
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1DEEAFC0000
|
heap
|
page readonly
|
||
|
7FF8A8EEF000
|
unkown
|
page read and write
|
||
|
1C802390000
|
heap
|
page read and write
|
||
|
7FF8A7F60000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
1DEED390000
|
heap
|
page read and write
|
||
|
7FF8B9F60000
|
unkown
|
page readonly
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
46D5DFC000
|
stack
|
page read and write
|
||
|
7FF8BA52A000
|
unkown
|
page readonly
|
||
|
7FF8A839D000
|
unkown
|
page readonly
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
1BF4058E000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
C003EC000
|
stack
|
page read and write
|
||
|
1C8023D1000
|
heap
|
page read and write
|
||
|
1DEEB0B4000
|
heap
|
page read and write
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1AA02361000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1BF40590000
|
heap
|
page read and write
|
||
|
7FF8A8B0B000
|
unkown
|
page readonly
|
||
|
7FF8B8F81000
|
unkown
|
page execute read
|
||
|
7FF8B8B07000
|
unkown
|
page readonly
|
||
|
1D6CD825000
|
heap
|
page read and write
|
||
|
1D6CBE65000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1D6CEE40000
|
direct allocation
|
page read and write
|
||
|
1AA02362000
|
heap
|
page read and write
|
||
|
7FF7E721E000
|
unkown
|
page readonly
|
||
|
7FF8B9143000
|
unkown
|
page readonly
|
||
|
7FF8B8279000
|
unkown
|
page readonly
|
||
|
7FF8A8081000
|
unkown
|
page execute read
|
||
|
1D6CDDB0000
|
heap
|
page read and write
|
||
|
7FF7E71D0000
|
unkown
|
page readonly
|
||
|
1D6CBE40000
|
heap
|
page read and write
|
||
|
1D6CBE36000
|
heap
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CBE85000
|
heap
|
page read and write
|
||
|
1BF40568000
|
heap
|
page read and write
|
||
|
1D6CDEF0000
|
direct allocation
|
page read and write
|
||
|
7FF7E71D0000
|
unkown
|
page readonly
|
||
|
1DEEB0B8000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1BF4058B000
|
heap
|
page read and write
|
||
|
1BF41F10000
|
heap
|
page read and write
|
||
|
1BF4058E000
|
heap
|
page read and write
|
||
|
1D6CBE3B000
|
heap
|
page read and write
|
||
|
7FF8B8B00000
|
unkown
|
page readonly
|
||
|
1D6CD7E0000
|
direct allocation
|
page read and write
|
||
|
1C802570000
|
heap
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
7FF8B8831000
|
unkown
|
page execute read
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A80F9000
|
unkown
|
page execute read
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1DEEB099000
|
heap
|
page read and write
|
||
|
7FF8B8AF1000
|
unkown
|
page execute read
|
||
|
7FF8BFB35000
|
unkown
|
page readonly
|
||
|
1D6CEBF0000
|
direct allocation
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CEC30000
|
direct allocation
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
7FF8BA520000
|
unkown
|
page readonly
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
7FF8A7F37000
|
unkown
|
page readonly
|
||
|
7FF8A7B22000
|
unkown
|
page readonly
|
||
|
7FF8A7ECB000
|
unkown
|
page read and write
|
||
|
238F5EC000
|
stack
|
page read and write
|
||
|
7FF8B8833000
|
unkown
|
page readonly
|
||
|
1DEED050000
|
direct allocation
|
page read and write
|
||
|
1DEEB098000
|
heap
|
page read and write
|
||
|
7FF8B7844000
|
unkown
|
page readonly
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
7FF8B78B0000
|
unkown
|
page readonly
|
||
|
7FF6BD5EA000
|
unkown
|
page readonly
|
||
|
8D447E3000
|
stack
|
page read and write
|
||
|
1BF4058A000
|
heap
|
page read and write
|
||
|
1DEEB08B000
|
heap
|
page read and write
|
||
|
1AA02363000
|
heap
|
page read and write
|
||
|
1DEEE210000
|
direct allocation
|
page read and write
|
||
|
7FF8B911D000
|
unkown
|
page readonly
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
7FF8B90E4000
|
unkown
|
page readonly
|
||
|
1D6CBE58000
|
heap
|
page read and write
|
||
|
7FF8A8EEA000
|
unkown
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1DEEDF30000
|
direct allocation
|
page read and write
|
||
|
7FF8B916D000
|
unkown
|
page readonly
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
1BF40590000
|
heap
|
page read and write
|
||
|
1D6CE3D0000
|
direct allocation
|
page read and write
|
||
|
1D6CBEAE000
|
heap
|
page read and write
|
||
|
1D6CBDC8000
|
heap
|
page read and write
|
||
|
7FF8BA241000
|
unkown
|
page execute read
|
||
|
7FF8B83A4000
|
unkown
|
page readonly
|
||
|
7FF8B8F8C000
|
unkown
|
page read and write
|
||
|
7FF8B9101000
|
unkown
|
page execute read
|
||
|
1D6CDFF0000
|
direct allocation
|
page read and write
|
||
|
1D6CF6D0000
|
direct allocation
|
page read and write
|
||
|
1DEECED0000
|
direct allocation
|
page read and write
|
||
|
1D6CBE5A000
|
heap
|
page read and write
|
||
|
28FF37E5000
|
heap
|
page read and write
|
||
|
1C8023A0000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
28FF34C0000
|
heap
|
page read and write
|
||
|
1AA02359000
|
heap
|
page read and write
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
7FF8B8290000
|
unkown
|
page readonly
|
||
|
7FF8A83B9000
|
unkown
|
page readonly
|
||
|
7FF7E720D000
|
unkown
|
page write copy
|
||
|
7FF8B9133000
|
unkown
|
page read and write
|
||
|
1DEEB06C000
|
heap
|
page read and write
|
||
|
1AA02357000
|
heap
|
page read and write
|
||
|
7FF8A73CB000
|
unkown
|
page readonly
|
||
|
7FF8A8110000
|
unkown
|
page execute read
|
||
|
1DEEE260000
|
direct allocation
|
page read and write
|
||
|
1DEED190000
|
direct allocation
|
page read and write
|
||
|
1BF40595000
|
heap
|
page read and write
|
||
|
1D6CE893000
|
heap
|
page read and write
|
||
|
1C8023AB000
|
heap
|
page read and write
|
||
|
7FF8BFB37000
|
unkown
|
page readonly
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1DEEE100000
|
direct allocation
|
page read and write
|
||
|
1A61DB11000
|
heap
|
page read and write
|
||
|
1DEEE070000
|
direct allocation
|
page read and write
|
||
|
7FF6BD60E000
|
unkown
|
page readonly
|
||
|
1DEEB073000
|
heap
|
page read and write
|
||
|
7FF8B8286000
|
unkown
|
page readonly
|
||
|
7FF8BA253000
|
unkown
|
page read and write
|
||
|
28FF34F0000
|
heap
|
page read and write
|
||
|
1AA0235B000
|
heap
|
page read and write
|
||
|
7FF8A805F000
|
unkown
|
page read and write
|
||
|
1AA0235F000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
7FF8A8A00000
|
unkown
|
page readonly
|
||
|
1AA02356000
|
heap
|
page read and write
|
||
|
1D6CBE3F000
|
heap
|
page read and write
|
||
|
1AA02354000
|
heap
|
page read and write
|
||
|
1D6CEC30000
|
direct allocation
|
page read and write
|
||
|
7FF8A7460000
|
unkown
|
page execute read
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
7FF8A7709000
|
unkown
|
page readonly
|
||
|
1D6CDE98000
|
heap
|
page read and write
|
||
|
7FF8B90F3000
|
unkown
|
page readonly
|
||
|
1D6CEA43000
|
heap
|
page read and write
|
||
|
1DEEDAC5000
|
heap
|
page read and write
|
||
|
1BF40588000
|
heap
|
page read and write
|
||
|
1D6CDDB8000
|
heap
|
page read and write
|
||
|
1AA02364000
|
heap
|
page read and write
|
||
|
7FF8A7E24000
|
unkown
|
page readonly
|
||
|
7FF8A73C5000
|
unkown
|
page readonly
|
||
|
7FF7E721C000
|
unkown
|
page read and write
|
||
|
1D6CEEDD000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1AA03CA0000
|
heap
|
page read and write
|
||
|
7FF8A746D000
|
unkown
|
page execute read
|
||
|
1D6CF7E0000
|
direct allocation
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1AA02357000
|
heap
|
page read and write
|
||
|
7FF8B7821000
|
unkown
|
page execute read
|
||
|
5164DEC000
|
stack
|
page read and write
|
||
|
7FF8A8F17000
|
unkown
|
page readonly
|
||
|
1D6CF750000
|
direct allocation
|
page read and write
|
||
|
1C802395000
|
heap
|
page read and write
|
||
|
1BF40594000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
||
|
1BF4058C000
|
heap
|
page read and write
|
||
|
1D6CF7A0000
|
direct allocation
|
page read and write
|
There are 1069 hidden memdumps, click here to show them.