Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
grace.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\nasal\beeish.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\beeish.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\aWUFv.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\extrorsal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\aWUFv\aWUFv.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
modified
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\grace.exe
|
"C:\Users\user\Desktop\grace.exe"
|
|
|
|
C:\Users\user\AppData\Local\nasal\beeish.exe
|
"C:\Users\user\Desktop\grace.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\grace.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\beeish.vbs"
|
|
|
|
C:\Users\user\AppData\Local\nasal\beeish.exe
|
"C:\Users\user\AppData\Local\nasal\beeish.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\nasal\beeish.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\aWUFv\aWUFv.exe
|
"C:\Users\user\AppData\Roaming\aWUFv\aWUFv.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\aWUFv\aWUFv.exe
|
"C:\Users\user\AppData\Roaming\aWUFv\aWUFv.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
https://api.ipify.org
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://techniqueqatar.com
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://ip-api.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
techniqueqatar.com
|
208.91.198.176
|
|
|
|
ip-api.com
|
208.95.112.1
|
|
|
|
api.ipify.org
|
104.26.13.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.91.198.176
|
techniqueqatar.com
|
United States
|
|
|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
104.26.13.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
aWUFv
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2FD0000
|
direct allocation
|
page read and write
|
|
|
|
30DB000
|
trusted library allocation
|
page read and write
|
|
|
|
3094000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
system
|
page execute and read and write
|
|
|
|
2F86000
|
trusted library allocation
|
page read and write
|
|
|
|
3700000
|
direct allocation
|
page read and write
|
|
|
|
30E3000
|
trusted library allocation
|
page read and write
|
|
|
|
2F7E000
|
trusted library allocation
|
page read and write
|
|
|
|
2F54000
|
trusted library allocation
|
page read and write
|
|
|
|
47FD000
|
direct allocation
|
page read and write
|
||
|
3DB2000
|
heap
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page read and write
|
||
|
6371000
|
heap
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
3F01000
|
heap
|
page read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
69EE000
|
stack
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
2F7C000
|
trusted library allocation
|
page read and write
|
||
|
3DC0000
|
heap
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
2FAC000
|
stack
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
552E000
|
trusted library allocation
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
10A4000
|
trusted library allocation
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6A9F000
|
stack
|
page read and write
|
||
|
3BCF000
|
stack
|
page read and write
|
||
|
10C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4290000
|
direct allocation
|
page read and write
|
||
|
6AF5000
|
trusted library allocation
|
page read and write
|
||
|
107D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F8F000
|
trusted library allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
45A0000
|
direct allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
10D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
1546000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DD3000
|
heap
|
page read and write
|
||
|
7F78EFA000
|
stack
|
page read and write
|
||
|
F04000
|
trusted library allocation
|
page read and write
|
||
|
47FD000
|
direct allocation
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
F1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7000000
|
heap
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
direct allocation
|
page read and write
|
||
|
6AD0000
|
heap
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
307D000
|
trusted library allocation
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
6F7E000
|
stack
|
page read and write
|
||
|
3DE8000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
heap
|
page execute and read and write
|
||
|
9CC000
|
stack
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
473E000
|
direct allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
429E000
|
heap
|
page read and write
|
||
|
4290000
|
direct allocation
|
page read and write
|
||
|
6350000
|
heap
|
page read and write
|
||
|
10CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3E68000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3F11000
|
heap
|
page read and write
|
||
|
3E39000
|
heap
|
page read and write
|
||
|
7F797FF000
|
stack
|
page read and write
|
||
|
3F55000
|
heap
|
page read and write
|
||
|
46C9000
|
direct allocation
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
180E3448000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F4E000
|
heap
|
page read and write
|
||
|
A8A000
|
unkown
|
page readonly
|
||
|
559F000
|
stack
|
page read and write
|
||
|
3031000
|
trusted library allocation
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
376E000
|
stack
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
43CE000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
3166000
|
trusted library allocation
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
4653000
|
direct allocation
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
3F05000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
DCA000
|
stack
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
45A0000
|
direct allocation
|
page read and write
|
||
|
3FC4000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
46C9000
|
direct allocation
|
page read and write
|
||
|
46CD000
|
direct allocation
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
2FFB000
|
trusted library allocation
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
11D3000
|
heap
|
page read and write
|
||
|
3F48000
|
heap
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
18C0000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
3197000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
2F41000
|
trusted library allocation
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
551E000
|
trusted library allocation
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
37CE000
|
stack
|
page read and write
|
||
|
5531000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
473E000
|
direct allocation
|
page read and write
|
||
|
4010000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
4300000
|
direct allocation
|
page read and write
|
||
|
30D7000
|
trusted library allocation
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
3D59000
|
heap
|
page read and write
|
||
|
6CCE000
|
stack
|
page read and write
|
||
|
180E3467000
|
heap
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
6AF8000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
3E91000
|
heap
|
page read and write
|
||
|
A80000
|
unkown
|
page readonly
|
||
|
678E000
|
stack
|
page read and write
|
||
|
473E000
|
direct allocation
|
page read and write
|
||
|
6A07000
|
trusted library allocation
|
page read and write
|
||
|
3D7B000
|
heap
|
page read and write
|
||
|
3009000
|
trusted library allocation
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
370F000
|
heap
|
page read and write
|
||
|
1501000
|
trusted library allocation
|
page read and write
|
||
|
11D6000
|
heap
|
page read and write
|
||
|
F3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
123F000
|
stack
|
page read and write
|
||
|
3F95000
|
heap
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
4028000
|
heap
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
3DCC000
|
heap
|
page read and write
|
||
|
14EE000
|
trusted library allocation
|
page read and write
|
||
|
486E000
|
direct allocation
|
page read and write
|
||
|
3FFF000
|
heap
|
page read and write
|
||
|
180E3452000
|
heap
|
page read and write
|
||
|
584D000
|
stack
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
180E373E000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
10B7000
|
heap
|
page read and write
|
||
|
43B3000
|
direct allocation
|
page read and write
|
||
|
1386000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
3168000
|
trusted library allocation
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
10BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D66000
|
heap
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
120000
|
heap
|
page read and write
|
||
|
3FEE000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
3DF3000
|
heap
|
page read and write
|
||
|
17E000
|
stack
|
page read and write
|
||
|
6355000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
1297000
|
trusted library allocation
|
page execute and read and write
|
||
|
553D000
|
trusted library allocation
|
page read and write
|
||
|
43B3000
|
direct allocation
|
page read and write
|
||
|
3E7D000
|
heap
|
page read and write
|
||
|
3FD0000
|
heap
|
page read and write
|
||
|
6A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
47FD000
|
direct allocation
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
43B3000
|
direct allocation
|
page read and write
|
||
|
58BB000
|
stack
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
F0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C00000
|
heap
|
page read and write
|
||
|
55C9000
|
trusted library allocation
|
page read and write
|
||
|
46CD000
|
direct allocation
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
6AF0000
|
trusted library allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
1074000
|
trusted library allocation
|
page read and write
|
||
|
3F56000
|
trusted library allocation
|
page read and write
|
||
|
55CC000
|
stack
|
page read and write
|
||
|
3DD5000
|
heap
|
page read and write
|
||
|
3084000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3DB6000
|
heap
|
page read and write
|
||
|
1336000
|
heap
|
page read and write
|
||
|
8B4000
|
stack
|
page read and write
|
||
|
7F5F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15AF000
|
stack
|
page read and write
|
||
|
6296000
|
heap
|
page read and write
|
||
|
180E3735000
|
heap
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
3FC4000
|
heap
|
page read and write
|
||
|
3DF3000
|
heap
|
page read and write
|
||
|
3FED000
|
heap
|
page read and write
|
||
|
10AB000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
E0000
|
heap
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
6C60000
|
trusted library allocation
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
551B000
|
trusted library allocation
|
page read and write
|
||
|
3B75000
|
heap
|
page read and write
|
||
|
180E3730000
|
heap
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
3E91000
|
heap
|
page read and write
|
||
|
301D000
|
trusted library allocation
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
A82000
|
unkown
|
page readonly
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
6375000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
134D000
|
heap
|
page read and write
|
||
|
2F26000
|
trusted library allocation
|
page read and write
|
||
|
F03000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
47F9000
|
direct allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
B37000
|
heap
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
696F000
|
stack
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
45A0000
|
direct allocation
|
page read and write
|
||
|
6CD0000
|
trusted library allocation
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
3DD5000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3B8F000
|
stack
|
page read and write
|
||
|
3FC4000
|
heap
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
3F8C000
|
heap
|
page read and write
|
||
|
3F2F000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
2FD0000
|
heap
|
page execute and read and write
|
||
|
B1C000
|
stack
|
page read and write
|
||
|
30D9000
|
trusted library allocation
|
page read and write
|
||
|
6276000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
116E000
|
stack
|
page read and write
|
||
|
10D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
43B8000
|
heap
|
page read and write
|
||
|
3ED1000
|
heap
|
page read and write
|
||
|
1212000
|
heap
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
1537000
|
heap
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
129B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F7F000
|
trusted library allocation
|
page read and write
|
||
|
3DE1000
|
heap
|
page read and write
|
||
|
2DEC000
|
stack
|
page read and write
|
||
|
45A0000
|
direct allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
3F01000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
3FEE000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
3185000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
153A000
|
heap
|
page read and write
|
||
|
180E33D0000
|
heap
|
page read and write
|
||
|
1063000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
3195000
|
trusted library allocation
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
139F000
|
stack
|
page read and write
|
||
|
5536000
|
trusted library allocation
|
page read and write
|
||
|
46C9000
|
direct allocation
|
page read and write
|
||
|
3ED1000
|
heap
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
3FCC000
|
heap
|
page execute and read and write
|
||
|
180E34A4000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
7270000
|
heap
|
page read and write
|
||
|
1273000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
4290000
|
direct allocation
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
303C000
|
trusted library allocation
|
page read and write
|
||
|
40BE000
|
trusted library allocation
|
page read and write
|
||
|
7F78FFE000
|
stack
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
B59000
|
stack
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
6BDD000
|
stack
|
page read and write
|
||
|
2F3D000
|
trusted library allocation
|
page read and write
|
||
|
6D0F000
|
stack
|
page read and write
|
||
|
1557000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F88000
|
heap
|
page read and write
|
||
|
3FAD000
|
heap
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
2EF1000
|
trusted library allocation
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
180E3400000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4059000
|
trusted library allocation
|
page read and write
|
||
|
3FAD000
|
heap
|
page read and write
|
||
|
7F793FF000
|
stack
|
page read and write
|
||
|
6CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F7F000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
3FC4000
|
heap
|
page read and write
|
||
|
3D76000
|
heap
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
3E5D000
|
heap
|
page read and write
|
||
|
47F9000
|
direct allocation
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
1383000
|
heap
|
page read and write
|
||
|
47F9000
|
direct allocation
|
page read and write
|
||
|
5038000
|
trusted library allocation
|
page read and write
|
||
|
10AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
100D000
|
stack
|
page read and write
|
||
|
F48000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
14F2000
|
trusted library allocation
|
page read and write
|
||
|
682E000
|
stack
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
46CD000
|
direct allocation
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
3FEE000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
180E3670000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3D61000
|
heap
|
page read and write
|
||
|
125F000
|
heap
|
page read and write
|
||
|
A5E000
|
stack
|
page read and write
|
||
|
56B0000
|
heap
|
page execute and read and write
|
||
|
486E000
|
direct allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
317B000
|
trusted library allocation
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
3F87000
|
heap
|
page execute and read and write
|
||
|
4290000
|
direct allocation
|
page read and write
|
||
|
5FDF000
|
stack
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
3FD0000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
3DED000
|
heap
|
page read and write
|
||
|
1513000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E02000
|
heap
|
page read and write
|
||
|
6C70000
|
trusted library allocation
|
page read and write
|
||
|
43B3000
|
direct allocation
|
page read and write
|
||
|
43B3000
|
direct allocation
|
page read and write
|
||
|
3F3F000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
46CD000
|
direct allocation
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
46C9000
|
direct allocation
|
page read and write
|
||
|
3D64000
|
heap
|
page read and write
|
||
|
47F9000
|
direct allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F6F000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
F14000
|
trusted library allocation
|
page read and write
|
||
|
12DB000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
6353000
|
heap
|
page read and write
|
||
|
1557000
|
heap
|
page read and write
|
||
|
3F00000
|
heap
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
6D40000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
12FF000
|
stack
|
page read and write
|
||
|
3F4E000
|
heap
|
page read and write
|
||
|
13A4000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
3F7F000
|
heap
|
page read and write
|
||
|
3EF1000
|
trusted library allocation
|
page read and write
|
||
|
3D00000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
570E000
|
stack
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
61DC000
|
stack
|
page read and write
|
||
|
4438000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
4031000
|
trusted library allocation
|
page read and write
|
||
|
3F01000
|
heap
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
3DD1000
|
heap
|
page read and write
|
||
|
3024000
|
heap
|
page read and write
|
||
|
43B3000
|
direct allocation
|
page read and write
|
||
|
2FB0000
|
direct allocation
|
page read and write
|
||
|
5522000
|
trusted library allocation
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
150D000
|
trusted library allocation
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
47F9000
|
direct allocation
|
page read and write
|
||
|
56CF000
|
stack
|
page read and write
|
||
|
4394000
|
direct allocation
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3028000
|
trusted library allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
12B8000
|
heap
|
page read and write
|
||
|
6A0E000
|
stack
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
47FD000
|
direct allocation
|
page read and write
|
||
|
2FB5000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F47000
|
heap
|
page execute and read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
heap
|
page execute and read and write
|
||
|
3E13000
|
heap
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
69FD000
|
trusted library allocation
|
page read and write
|
||
|
14FE000
|
trusted library allocation
|
page read and write
|
||
|
3DA5000
|
heap
|
page read and write
|
||
|
3FCD000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
3066000
|
trusted library allocation
|
page read and write
|
||
|
3F45000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
60DE000
|
stack
|
page read and write
|
||
|
5B7D000
|
stack
|
page read and write
|
||
|
3DDE000
|
heap
|
page read and write
|
||
|
2EDC000
|
stack
|
page read and write
|
||
|
10DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
3C90000
|
heap
|
page read and write
|
||
|
6B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
4346000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
42D1000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
46CD000
|
direct allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
6B30000
|
trusted library allocation
|
page read and write
|
||
|
3DBE000
|
heap
|
page read and write
|
||
|
3018000
|
trusted library allocation
|
page read and write
|
||
|
180E3440000
|
heap
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
47FD000
|
direct allocation
|
page read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
4290000
|
direct allocation
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
3E1F000
|
heap
|
page read and write
|
||
|
6AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
473E000
|
direct allocation
|
page read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
44BA000
|
heap
|
page read and write
|
||
|
3F4C000
|
heap
|
page read and write
|
||
|
7F790FE000
|
stack
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
486E000
|
direct allocation
|
page read and write
|
||
|
626D000
|
heap
|
page read and write
|
||
|
3081000
|
trusted library allocation
|
page read and write
|
||
|
1392000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
3E41000
|
heap
|
page read and write
|
||
|
4308000
|
heap
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
8B4000
|
stack
|
page read and write
|
||
|
18A0000
|
direct allocation
|
page read and write
|
||
|
6358000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
67ED000
|
stack
|
page read and write
|
||
|
2E20000
|
heap
|
page execute and read and write
|
||
|
3D80000
|
heap
|
page read and write
|
||
|
54AF000
|
stack
|
page read and write
|
||
|
6C6D000
|
trusted library allocation
|
page read and write
|
||
|
45A0000
|
direct allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
16FE000
|
stack
|
page read and write
|
||
|
3FEE000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
2FD7000
|
heap
|
page read and write
|
||
|
2E41000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
1075000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
3E87000
|
heap
|
page read and write
|
||
|
1064000
|
trusted library allocation
|
page read and write
|
||
|
B0A000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
5359000
|
trusted library allocation
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
6DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
7F792FF000
|
stack
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
655E000
|
stack
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
2FDA000
|
trusted library allocation
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
5542000
|
trusted library allocation
|
page read and write
|
||
|
10A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E90000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
F76000
|
heap
|
page read and write
|
||
|
6DB0000
|
heap
|
page read and write
|
||
|
46CD000
|
direct allocation
|
page read and write
|
||
|
10C2000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
direct allocation
|
page read and write
|
||
|
486E000
|
direct allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
7F795FD000
|
stack
|
page read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
3BD0000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
3B6F000
|
stack
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F796FE000
|
stack
|
page read and write
|
||
|
1555000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F98000
|
trusted library allocation
|
page read and write
|
||
|
12E8000
|
heap
|
page read and write
|
||
|
4653000
|
direct allocation
|
page read and write
|
||
|
63FF000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
F69000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page execute and read and write
|
||
|
558C000
|
stack
|
page read and write
|
||
|
6B00000
|
trusted library allocation
|
page read and write
|
||
|
3FED000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
2F6F000
|
stack
|
page read and write
|
||
|
2E25000
|
heap
|
page read and write
|
||
|
8EE000
|
heap
|
page read and write
|
||
|
46C9000
|
direct allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
1088000
|
heap
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
473E000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
45A0000
|
direct allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
8B4000
|
stack
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
154A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
30ED000
|
trusted library allocation
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
916000
|
heap
|
page read and write
|
||
|
3D8D000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
36FE000
|
stack
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
47F9000
|
direct allocation
|
page read and write
|
||
|
46C9000
|
direct allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
167F000
|
stack
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3E51000
|
trusted library allocation
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
3ED0000
|
heap
|
page read and write
|
||
|
52A0000
|
heap
|
page execute and read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
4653000
|
direct allocation
|
page read and write
|
||
|
2EE0000
|
heap
|
page execute and read and write
|
||
|
3D9B000
|
heap
|
page read and write
|
||
|
1552000
|
trusted library allocation
|
page read and write
|
||
|
486E000
|
direct allocation
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
130000
|
heap
|
page read and write
|
||
|
3F2F000
|
heap
|
page read and write
|
||
|
1542000
|
trusted library allocation
|
page read and write
|
||
|
6C72000
|
trusted library allocation
|
page read and write
|
||
|
151D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E5000
|
heap
|
page read and write
|
||
|
4096000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
14EB000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page execute and read and write
|
||
|
A55000
|
heap
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
6D68000
|
trusted library allocation
|
page read and write
|
||
|
F37000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
3ED1000
|
heap
|
page read and write
|
||
|
68CE000
|
stack
|
page read and write
|
||
|
3176000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
B34000
|
heap
|
page read and write
|
||
|
3E48000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4653000
|
direct allocation
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
3DF1000
|
heap
|
page read and write
|
||
|
6288000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
3DB9000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3F19000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
1890000
|
heap
|
page read and write
|
||
|
2F2F000
|
trusted library allocation
|
page read and write
|
||
|
3137000
|
trusted library allocation
|
page read and write
|
||
|
312A000
|
trusted library allocation
|
page read and write
|
||
|
545F000
|
stack
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
3CD0000
|
heap
|
page read and write
|
||
|
486E000
|
direct allocation
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
404F000
|
trusted library allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
3DA1000
|
heap
|
page read and write
|
||
|
2E51000
|
trusted library allocation
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
7F9C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3FC5000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
6DA0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
55E4000
|
heap
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
4290000
|
direct allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
14DC000
|
stack
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page read and write
|
||
|
3FD0000
|
heap
|
page read and write
|
||
|
5374000
|
heap
|
page read and write
|
||
|
3F46000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
2FF4000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
3F95000
|
heap
|
page read and write
|
||
|
9E4000
|
heap
|
page read and write
|
||
|
152D000
|
trusted library allocation
|
page execute and read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
2EEF000
|
heap
|
page read and write
|
||
|
318C000
|
trusted library allocation
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
180E33E0000
|
heap
|
page read and write
|
||
|
3D72000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
155B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
2F7A000
|
trusted library allocation
|
page read and write
|
||
|
6C78000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page execute and read and write
|
||
|
10A4000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
4010000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
51EE000
|
stack
|
page read and write
|
||
|
6C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
1506000
|
trusted library allocation
|
page read and write
|
||
|
F64000
|
heap
|
page read and write
|
||
|
12E6000
|
heap
|
page read and write
|
||
|
3DF1000
|
heap
|
page read and write
|
||
|
8EA000
|
heap
|
page read and write
|
||
|
3B90000
|
heap
|
page read and write
|
||
|
61E0000
|
heap
|
page read and write
|
||
|
6A5D000
|
stack
|
page read and write
|
||
|
EFA000
|
stack
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
3E14000
|
heap
|
page read and write
|
||
|
11A8000
|
heap
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
135000
|
heap
|
page read and write
|
||
|
3E44000
|
heap
|
page read and write
|
||
|
2C4C000
|
stack
|
page read and write
|
||
|
2E08000
|
trusted library allocation
|
page read and write
|
||
|
300B000
|
trusted library allocation
|
page read and write
|
||
|
1514000
|
trusted library allocation
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
30F5000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
921000
|
heap
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
473E000
|
direct allocation
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3DA8000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
3F68000
|
heap
|
page read and write
|
||
|
3F06000
|
heap
|
page read and write
|
||
|
2E35000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
132F000
|
heap
|
page read and write
|
||
|
3F3F000
|
heap
|
page read and write
|
||
|
2FCD000
|
trusted library allocation
|
page read and write
|
||
|
47FD000
|
direct allocation
|
page read and write
|
||
|
3FE2000
|
heap
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3159000
|
trusted library allocation
|
page read and write
|
||
|
3E39000
|
heap
|
page read and write
|
||
|
3FFF000
|
heap
|
page read and write
|
||
|
3FA8000
|
heap
|
page read and write
|
||
|
7F799FB000
|
stack
|
page read and write
|
||
|
3E6D000
|
heap
|
page read and write
|
||
|
3F6F000
|
heap
|
page read and write
|
||
|
180E3477000
|
heap
|
page read and write
|
||
|
7F798FE000
|
stack
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
3E91000
|
heap
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
1BE000
|
stack
|
page read and write
|
There are 878 hidden memdumps, click here to show them.