Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
nKHN8rvjmN.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Explore.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\nKHN8rvjmN.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\History\Explore.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Explore.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\StUpdate.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\32cf646479fb52a6cecce80a3bf8d7deWindows Update.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explore.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Documents\Explore.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Explore.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\32cf646479fb52a6cecce80a3bf8d7deWindows Update.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Explore.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Microsoft Corporation.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\app
|
Unicode text, UTF-8 (with BOM) text, with no line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\nKHN8rvjmN.exe
|
"C:\Users\user\Desktop\nKHN8rvjmN.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe" "server.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall delete allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe" "server.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /sc minute /mo 1 /tn StUpdate /tr C:\Users\user\AppData\Local\Temp/StUpdate.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\StUpdate.exe
|
C:\Users\user\AppData\Local\Temp/StUpdate.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\StUpdate.exe
|
C:\Users\user\AppData\Local\Temp/StUpdate.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\32cf646479fb52a6cecce80a3bf8d7deWindows Update.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\32cf646479fb52a6cecce80a3bf8d7deWindows Update.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\32cf646479fb52a6cecce80a3bf8d7deWindows Update.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\32cf646479fb52a6cecce80a3bf8d7deWindows Update.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explore.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explore.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\StUpdate.exe
|
C:\Users\user\AppData\Local\Temp/StUpdate.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\StUpdate.exe
|
C:\Users\user\AppData\Local\Temp/StUpdate.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\StUpdate.exe
|
C:\Users\user\AppData\Local\Temp/StUpdate.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 9 hidden processes, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
5.tcp.eu.ngrok.io
|
3.67.161.133
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
18.158.58.205
|
unknown
|
United States
|
|
|
|
3.64.4.198
|
unknown
|
United States
|
|
|
|
3.127.181.115
|
unknown
|
United States
|
|
|
|
3.67.161.133
|
5.tcp.eu.ngrok.io
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
DisableTaskMgr
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3718000
|
trusted library allocation
|
page read and write
|
|
|
|
A2000
|
unkown
|
page readonly
|
|
|
|
3521000
|
trusted library allocation
|
page read and write
|
|
|
|
F10000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
37C6000
|
heap
|
page read and write
|
||
|
5351000
|
heap
|
page read and write
|
||
|
59CE000
|
stack
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
56FC000
|
stack
|
page read and write
|
||
|
37DA000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
D6E000
|
heap
|
page read and write
|
||
|
EC9000
|
heap
|
page read and write
|
||
|
D44000
|
heap
|
page read and write
|
||
|
9DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
D3F000
|
heap
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
333F000
|
unkown
|
page read and write
|
||
|
D69000
|
heap
|
page read and write
|
||
|
12B8000
|
heap
|
page read and write
|
||
|
10EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
E41000
|
heap
|
page read and write
|
||
|
16EE000
|
stack
|
page read and write
|
||
|
37DB000
|
heap
|
page read and write
|
||
|
645E000
|
stack
|
page read and write
|
||
|
3789000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
1520000
|
heap
|
page execute and read and write
|
||
|
111A000
|
trusted library allocation
|
page execute and read and write
|
||
|
52ED000
|
heap
|
page read and write
|
||
|
1567000
|
heap
|
page read and write
|
||
|
ECB000
|
heap
|
page read and write
|
||
|
635E000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
5FDC000
|
stack
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
52E0000
|
heap
|
page read and write
|
||
|
4244000
|
trusted library allocation
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
14A7000
|
heap
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
D3B000
|
heap
|
page read and write
|
||
|
5359000
|
heap
|
page read and write
|
||
|
167A000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
8E19000
|
heap
|
page read and write
|
||
|
D6E000
|
heap
|
page read and write
|
||
|
AF3000
|
stack
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
E69000
|
heap
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
5C3E000
|
stack
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
5F9E000
|
stack
|
page read and write
|
||
|
1830000
|
heap
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
5ABF000
|
stack
|
page read and write
|
||
|
D11000
|
heap
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
155A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
37E2000
|
heap
|
page read and write
|
||
|
4D0E000
|
stack
|
page read and write
|
||
|
514E000
|
stack
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
794E000
|
heap
|
page read and write
|
||
|
D5F000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
1176000
|
heap
|
page read and write
|
||
|
1147000
|
trusted library allocation
|
page execute and read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
C6C2000
|
trusted library allocation
|
page read and write
|
||
|
1697000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
CDB000
|
stack
|
page read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
8A10000
|
heap
|
page read and write
|
||
|
E41000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
57B0000
|
heap
|
page read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
B20000
|
heap
|
page execute and read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
4CCF000
|
stack
|
page read and write
|
||
|
52EE000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
7910000
|
heap
|
page read and write
|
||
|
DEE000
|
unkown
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
15B8000
|
heap
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
1730000
|
heap
|
page execute and read and write
|
||
|
D5D000
|
heap
|
page read and write
|
||
|
127B000
|
heap
|
page read and write
|
||
|
583F000
|
stack
|
page read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
373A000
|
heap
|
page read and write
|
||
|
52ED000
|
heap
|
page read and write
|
||
|
3471000
|
trusted library allocation
|
page read and write
|
||
|
EB1000
|
heap
|
page read and write
|
||
|
1840000
|
heap
|
page read and write
|
||
|
512F000
|
stack
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
10FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5353000
|
heap
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
83F000
|
heap
|
page read and write
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
37A2000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
1472000
|
trusted library allocation
|
page execute and read and write
|
||
|
5670000
|
trusted library allocation
|
page execute and read and write
|
||
|
791C000
|
heap
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
79B000
|
stack
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
7AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C0000
|
heap
|
page execute and read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
1227000
|
trusted library allocation
|
page execute and read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
14FC000
|
heap
|
page read and write
|
||
|
169A000
|
trusted library allocation
|
page execute and read and write
|
||
|
532F000
|
stack
|
page read and write
|
||
|
5E9D000
|
stack
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
37CF000
|
heap
|
page read and write
|
||
|
E76000
|
heap
|
page read and write
|
||
|
D7A000
|
heap
|
page read and write
|
||
|
3496000
|
trusted library allocation
|
page read and write
|
||
|
118E000
|
heap
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
172C000
|
stack
|
page read and write
|
||
|
47FD000
|
trusted library allocation
|
page read and write
|
||
|
37C7000
|
heap
|
page read and write
|
||
|
5359000
|
heap
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
C2E000
|
unkown
|
page read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
7A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FE000
|
stack
|
page read and write
|
||
|
159C000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
37CD000
|
heap
|
page read and write
|
||
|
382E000
|
heap
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
1112000
|
trusted library allocation
|
page execute and read and write
|
||
|
47CC000
|
trusted library allocation
|
page read and write
|
||
|
46FA000
|
trusted library allocation
|
page read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
378B000
|
heap
|
page read and write
|
||
|
472C000
|
trusted library allocation
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
4962000
|
trusted library allocation
|
page read and write
|
||
|
113A000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
382B000
|
heap
|
page read and write
|
||
|
55FC000
|
stack
|
page read and write
|
||
|
3550000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
11CA000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
18AD000
|
stack
|
page read and write
|
||
|
BCB000
|
stack
|
page read and write
|
||
|
55BB000
|
stack
|
page read and write
|
||
|
1132000
|
trusted library allocation
|
page execute and read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
D73000
|
heap
|
page read and write
|
||
|
E31000
|
heap
|
page read and write
|
||
|
771C000
|
stack
|
page read and write
|
||
|
3744000
|
heap
|
page read and write
|
||
|
792000
|
trusted library allocation
|
page execute and read and write
|
||
|
37C0000
|
heap
|
page read and write
|
||
|
536D000
|
heap
|
page read and write
|
||
|
37DE000
|
heap
|
page read and write
|
||
|
5AEC000
|
heap
|
page read and write
|
||
|
ECC000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
ECC000
|
heap
|
page read and write
|
||
|
780000
|
trusted library allocation
|
page read and write
|
||
|
524E000
|
stack
|
page read and write
|
||
|
3575000
|
heap
|
page read and write
|
||
|
37D8000
|
heap
|
page read and write
|
||
|
37C9000
|
heap
|
page read and write
|
||
|
31BD000
|
trusted library allocation
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
1710000
|
trusted library allocation
|
page read and write
|
||
|
C401000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
15A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4471000
|
trusted library allocation
|
page read and write
|
||
|
7993000
|
heap
|
page read and write
|
||
|
D73000
|
heap
|
page read and write
|
||
|
382D000
|
heap
|
page read and write
|
||
|
1212000
|
trusted library allocation
|
page execute and read and write
|
||
|
484D000
|
stack
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
379D000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
52FA000
|
heap
|
page read and write
|
||
|
37C1000
|
heap
|
page read and write
|
||
|
52ED000
|
heap
|
page read and write
|
||
|
FFA000
|
stack
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
3821000
|
heap
|
page read and write
|
||
|
9CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
560D000
|
stack
|
page read and write
|
||
|
538C000
|
stack
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
F6B000
|
stack
|
page read and write
|
||
|
112A000
|
trusted library allocation
|
page execute and read and write
|
||
|
52ED000
|
heap
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
5351000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
5D7E000
|
stack
|
page read and write
|
||
|
5AC3000
|
heap
|
page read and write
|
||
|
37DE000
|
heap
|
page read and write
|
||
|
EC3000
|
heap
|
page read and write
|
||
|
141F000
|
stack
|
page read and write
|
||
|
D46000
|
heap
|
page read and write
|
||
|
326D000
|
trusted library allocation
|
page read and write
|
||
|
536E000
|
heap
|
page read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
382B000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
5AE2000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
2737000
|
trusted library allocation
|
page read and write
|
||
|
17E0000
|
heap
|
page read and write
|
||
|
320A000
|
heap
|
page read and write
|
||
|
D3D000
|
heap
|
page read and write
|
||
|
C9E0000
|
trusted library allocation
|
page read and write
|
||
|
114B000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE3000
|
heap
|
page read and write
|
||
|
53CC000
|
stack
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
3710000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
B33000
|
stack
|
page read and write
|
||
|
D01000
|
heap
|
page read and write
|
||
|
37DA000
|
heap
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
EBF000
|
heap
|
page read and write
|
||
|
5356000
|
heap
|
page read and write
|
||
|
58D0000
|
trusted library allocation
|
page read and write
|
||
|
3264000
|
trusted library allocation
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
ECB000
|
heap
|
page read and write
|
||
|
4A2E000
|
stack
|
page read and write
|
||
|
DEB000
|
heap
|
page read and write
|
||
|
3570000
|
heap
|
page read and write
|
||
|
DA1000
|
heap
|
page read and write
|
||
|
37C2000
|
heap
|
page read and write
|
||
|
536C000
|
heap
|
page read and write
|
||
|
D36000
|
heap
|
page read and write
|
||
|
37C5000
|
heap
|
page read and write
|
||
|
10EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3730000
|
heap
|
page read and write
|
||
|
3920000
|
heap
|
page read and write
|
||
|
165D000
|
heap
|
page read and write
|
||
|
34CF000
|
stack
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
382E000
|
heap
|
page read and write
|
||
|
148E000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
37C9000
|
heap
|
page read and write
|
||
|
37DC000
|
heap
|
page read and write
|
||
|
A2E0000
|
heap
|
page read and write
|
||
|
D9F000
|
heap
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
378B000
|
heap
|
page read and write
|
||
|
167F000
|
stack
|
page read and write
|
||
|
D72000
|
heap
|
page read and write
|
||
|
3779000
|
heap
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
EBE000
|
heap
|
page read and write
|
||
|
1587000
|
trusted library allocation
|
page execute and read and write
|
||
|
495C000
|
stack
|
page read and write
|
||
|
E34000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
52F9000
|
heap
|
page read and write
|
||
|
37CA000
|
heap
|
page read and write
|
||
|
54BC000
|
stack
|
page read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
55FC000
|
stack
|
page read and write
|
||
|
791A000
|
heap
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
37C7000
|
heap
|
page read and write
|
||
|
182E000
|
stack
|
page read and write
|
||
|
319B000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
C557000
|
trusted library allocation
|
page read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
CE5000
|
heap
|
page read and write
|
||
|
1572000
|
trusted library allocation
|
page execute and read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
4870000
|
trusted library allocation
|
page execute and read and write
|
||
|
367F000
|
unkown
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
379D000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
555E000
|
stack
|
page read and write
|
||
|
37D6000
|
heap
|
page read and write
|
||
|
5C3E000
|
stack
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
390E000
|
stack
|
page read and write
|
||
|
D46000
|
heap
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
499E000
|
stack
|
page read and write
|
||
|
122B000
|
trusted library allocation
|
page execute and read and write
|
||
|
37C7000
|
heap
|
page read and write
|
||
|
3824000
|
heap
|
page read and write
|
||
|
54CE000
|
stack
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
F11000
|
heap
|
page read and write
|
||
|
5AFE000
|
stack
|
page read and write
|
||
|
571C000
|
stack
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
6700000
|
heap
|
page read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
1A80000
|
heap
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
593C000
|
stack
|
page read and write
|
||
|
8C60000
|
heap
|
page read and write
|
||
|
7975000
|
heap
|
page read and write
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
382E000
|
heap
|
page read and write
|
||
|
ECB000
|
heap
|
page read and write
|
||
|
6220000
|
heap
|
page read and write
|
||
|
ECC000
|
heap
|
page read and write
|
||
|
37DF000
|
heap
|
page read and write
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
13580000
|
heap
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
37DE000
|
heap
|
page read and write
|
||
|
D6E000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
DE4000
|
heap
|
page read and write
|
||
|
37A2000
|
heap
|
page read and write
|
||
|
474C000
|
stack
|
page read and write
|
||
|
EEF000
|
unkown
|
page read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
79A8000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
111C000
|
trusted library allocation
|
page execute and read and write
|
||
|
14B000
|
stack
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
D72000
|
heap
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
D5D000
|
heap
|
page read and write
|
||
|
A3E0000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
3711000
|
trusted library allocation
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
7934000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
F40C000
|
heap
|
page read and write
|
||
|
16A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4474000
|
trusted library allocation
|
page read and write
|
||
|
5358000
|
heap
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
2F2A000
|
stack
|
page read and write
|
||
|
EBD000
|
heap
|
page read and write
|
||
|
8CBC000
|
heap
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
655E000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
FBB000
|
stack
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
E69000
|
heap
|
page read and write
|
||
|
52ED000
|
heap
|
page read and write
|
||
|
79A2000
|
heap
|
page read and write
|
||
|
3494000
|
trusted library allocation
|
page read and write
|
||
|
5358000
|
heap
|
page read and write
|
||
|
37C2000
|
heap
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
60DD000
|
stack
|
page read and write
|
||
|
121A000
|
trusted library allocation
|
page execute and read and write
|
||
|
120A000
|
trusted library allocation
|
page execute and read and write
|
||
|
146A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
533C000
|
stack
|
page read and write
|
||
|
2BE0000
|
trusted library allocation
|
page read and write
|
||
|
562F000
|
stack
|
page read and write
|
||
|
4194000
|
trusted library allocation
|
page read and write
|
||
|
158A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D5D000
|
heap
|
page read and write
|
||
|
D49000
|
heap
|
page read and write
|
||
|
378B000
|
heap
|
page read and write
|
||
|
52E2000
|
heap
|
page read and write
|
||
|
4191000
|
trusted library allocation
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page execute and read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
10E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
37D3000
|
heap
|
page read and write
|
||
|
115A000
|
heap
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
106E000
|
unkown
|
page read and write
|
||
|
D7E000
|
heap
|
page read and write
|
||
|
5BFE000
|
stack
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
66E0000
|
unclassified section
|
page read and write
|
||
|
37C6000
|
heap
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
D49000
|
heap
|
page read and write
|
||
|
909D000
|
stack
|
page read and write
|
||
|
37C7000
|
heap
|
page read and write
|
||
|
52E1000
|
heap
|
page read and write
|
||
|
DEA000
|
heap
|
page read and write
|
||
|
C6F6000
|
trusted library allocation
|
page read and write
|
||
|
59BD000
|
stack
|
page read and write
|
||
|
1592000
|
trusted library allocation
|
page execute and read and write
|
||
|
C720000
|
trusted library allocation
|
page read and write
|
||
|
522F000
|
stack
|
page read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
58CB000
|
stack
|
page read and write
|
||
|
105F000
|
stack
|
page read and write
|
||
|
75F000
|
stack
|
page read and write
|
||
|
F17000
|
heap
|
page read and write
|
||
|
377E000
|
heap
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
trusted library allocation
|
page read and write
|
||
|
E73000
|
heap
|
page read and write
|
||
|
554C000
|
stack
|
page read and write
|
||
|
3191000
|
trusted library allocation
|
page read and write
|
||
|
EB4000
|
heap
|
page read and write
|
||
|
7985000
|
heap
|
page read and write
|
||
|
4900000
|
trusted library allocation
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
5354000
|
heap
|
page read and write
|
||
|
C521000
|
trusted library allocation
|
page read and write
|
||
|
23CF000
|
stack
|
page read and write
|
||
|
147C000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC9000
|
heap
|
page read and write
|
||
|
575C000
|
stack
|
page read and write
|
||
|
3768000
|
heap
|
page read and write
|
||
|
9C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
E8D000
|
heap
|
page read and write
|
||
|
E57000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
15BE000
|
heap
|
page read and write
|
||
|
52EE000
|
heap
|
page read and write
|
||
|
D27000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
79A000
|
trusted library allocation
|
page execute and read and write
|
||
|
E76000
|
heap
|
page read and write
|
||
|
2743000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
5AFE000
|
stack
|
page read and write
|
||
|
37CF000
|
heap
|
page read and write
|
||
|
D24000
|
heap
|
page read and write
|
||
|
3926000
|
heap
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
EB1000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
468A000
|
trusted library allocation
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
D7A000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
10DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
D9F000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
349D000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
52C1000
|
heap
|
page read and write
|
||
|
D71000
|
heap
|
page read and write
|
||
|
274A000
|
trusted library allocation
|
page read and write
|
||
|
526F000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
919E000
|
stack
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
F1E000
|
heap
|
page read and write
|
||
|
59BF000
|
stack
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
775B000
|
stack
|
page read and write
|
||
|
377D000
|
heap
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
E77000
|
heap
|
page read and write
|
||
|
382B000
|
heap
|
page read and write
|
||
|
D7C000
|
heap
|
page read and write
|
||
|
C747000
|
trusted library allocation
|
page read and write
|
||
|
8D06000
|
heap
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
13AD000
|
stack
|
page read and write
|
||
|
159A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1477000
|
trusted library allocation
|
page execute and read and write
|
||
|
E54000
|
heap
|
page read and write
|
||
|
2EED000
|
stack
|
page read and write
|
||
|
7BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
B3B000
|
stack
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
D9F000
|
heap
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
5AE1000
|
heap
|
page read and write
|
||
|
5BFE000
|
stack
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
A3B000
|
stack
|
page read and write
|
||
|
52E5000
|
heap
|
page read and write
|
||
|
1552000
|
trusted library allocation
|
page execute and read and write
|
||
|
57CC000
|
stack
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
37CF000
|
heap
|
page read and write
|
||
|
2FDE000
|
unkown
|
page read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
EAE000
|
heap
|
page read and write
|
||
|
564C000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
5AC0000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
13E5000
|
heap
|
page read and write
|
||
|
49C0000
|
heap
|
page read and write
|
||
|
528C000
|
stack
|
page read and write
|
||
|
7E6000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
37C7000
|
heap
|
page read and write
|
||
|
34A0000
|
trusted library allocation
|
page read and write
|
||
|
54CB000
|
stack
|
page read and write
|
||
|
37C0000
|
heap
|
page read and write
|
||
|
37C8000
|
heap
|
page read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
3765000
|
heap
|
page read and write
|
||
|
4A6E000
|
stack
|
page read and write
|
||
|
1A87000
|
heap
|
page read and write
|
||
|
3789000
|
heap
|
page read and write
|
||
|
15A2000
|
trusted library allocation
|
page read and write
|
||
|
52ED000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
8CAF000
|
heap
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page execute and read and write
|
||
|
550C000
|
stack
|
page read and write
|
||
|
52ED000
|
heap
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
3780000
|
heap
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
4A60000
|
heap
|
page read and write
|
||
|
EAE000
|
heap
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
EBD000
|
heap
|
page read and write
|
||
|
37D7000
|
heap
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
58BB000
|
stack
|
page read and write
|
||
|
D7B000
|
heap
|
page read and write
|
||
|
F13000
|
heap
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
17E7000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
5AEC000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
1462000
|
trusted library allocation
|
page execute and read and write
|
||
|
167E000
|
heap
|
page read and write
|
||
|
24FC7000
|
trusted library allocation
|
page read and write
|
||
|
CBE000
|
unkown
|
page read and write
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
52ED000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
D62000
|
heap
|
page read and write
|
||
|
378B000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
7E4000
|
heap
|
page read and write
|
||
|
3778000
|
heap
|
page read and write
|
||
|
F1E000
|
heap
|
page read and write
|
||
|
487E000
|
trusted library allocation
|
page read and write
|
||
|
528D000
|
stack
|
page read and write
|
||
|
7918000
|
heap
|
page read and write
|
||
|
DD6000
|
stack
|
page read and write
|
||
|
4931000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
D73000
|
heap
|
page read and write
|
||
|
36DE000
|
stack
|
page read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
E69000
|
heap
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
14BF000
|
heap
|
page read and write
|
||
|
60D000
|
stack
|
page read and write
|
||
|
37D5000
|
heap
|
page read and write
|
||
|
D5F000
|
heap
|
page read and write
|
||
|
9D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
D7E000
|
heap
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
5A3C000
|
stack
|
page read and write
|
||
|
4BCD000
|
stack
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
EC3000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
541F000
|
stack
|
page read and write
|
||
|
EBD000
|
heap
|
page read and write
|
||
|
4A80000
|
heap
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
F1A000
|
heap
|
page read and write
|
||
|
52E8000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
31B6000
|
trusted library allocation
|
page read and write
|
||
|
EBF000
|
heap
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
FD6000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
378B000
|
heap
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
12F2000
|
heap
|
page read and write
|
||
|
D7C000
|
heap
|
page read and write
|
||
|
59BE000
|
stack
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AEC000
|
heap
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
D7C000
|
heap
|
page read and write
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
3193000
|
stack
|
page read and write
|
||
|
5AE0000
|
heap
|
page read and write
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
D11000
|
heap
|
page read and write
|
||
|
31B4000
|
trusted library allocation
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
E41000
|
heap
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
460A000
|
trusted library allocation
|
page read and write
|
||
|
147A000
|
trusted library allocation
|
page execute and read and write
|
||
|
15AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
ECD000
|
heap
|
page read and write
|
||
|
3778000
|
heap
|
page read and write
|
||
|
18ED000
|
stack
|
page read and write
|
||
|
79B4000
|
heap
|
page read and write
|
||
|
7F420000
|
trusted library allocation
|
page execute and read and write
|
||
|
D11000
|
heap
|
page read and write
|
||
|
61DE000
|
stack
|
page read and write
|
||
|
1370000
|
heap
|
page execute and read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
2BBC000
|
stack
|
page read and write
|
||
|
52F9000
|
heap
|
page read and write
|
||
|
37D7000
|
heap
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
186D000
|
stack
|
page read and write
|
||
|
163B000
|
heap
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
485F000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
4ACB000
|
stack
|
page read and write
|
||
|
EAE000
|
heap
|
page read and write
|
||
|
52E4000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
2711000
|
trusted library allocation
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
7A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3789000
|
heap
|
page read and write
|
||
|
339F000
|
stack
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
51CF000
|
stack
|
page read and write
|
||
|
37D0000
|
heap
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
D69000
|
heap
|
page read and write
|
||
|
D9F000
|
heap
|
page read and write
|
||
|
5AEC000
|
heap
|
page read and write
|
||
|
588F000
|
stack
|
page read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
D5D000
|
heap
|
page read and write
|
||
|
378A000
|
heap
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
ECB000
|
heap
|
page read and write
|
||
|
3786000
|
heap
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
D62000
|
heap
|
page read and write
|
||
|
37CA000
|
heap
|
page read and write
|
||
|
182F000
|
stack
|
page read and write
|
||
|
F4EB000
|
heap
|
page read and write
|
||
|
115E000
|
heap
|
page read and write
|
||
|
3276000
|
heap
|
page read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page execute and read and write
|
||
|
A1E0000
|
heap
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
E6B000
|
heap
|
page read and write
|
||
|
D73000
|
heap
|
page read and write
|
||
|
53CE000
|
stack
|
page read and write
|
||
|
37C3000
|
heap
|
page read and write
|
||
|
5355000
|
heap
|
page read and write
|
||
|
536F000
|
heap
|
page read and write
|
||
|
3266000
|
trusted library allocation
|
page read and write
|
||
|
536B000
|
heap
|
page read and write
|
||
|
24FEA000
|
trusted library allocation
|
page read and write
|
||
|
312F000
|
stack
|
page read and write
|
||
|
463C000
|
trusted library allocation
|
page read and write
|
||
|
1692000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
37D3000
|
heap
|
page read and write
|
||
|
7AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
491C000
|
stack
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
52F9000
|
heap
|
page read and write
|
||
|
D5B000
|
heap
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
168A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
5D7E000
|
stack
|
page read and write
|
||
|
1117000
|
trusted library allocation
|
page execute and read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
536B000
|
heap
|
page read and write
|
||
|
F18000
|
heap
|
page read and write
|
||
|
5ABF000
|
stack
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
ED1000
|
heap
|
page read and write
|
||
|
157A000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
482E000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
37CF000
|
heap
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
4521000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
3774000
|
heap
|
page read and write
|
||
|
8E47000
|
heap
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
EC9000
|
heap
|
page read and write
|
||
|
7914000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
4548000
|
trusted library allocation
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
37C4000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
17AE000
|
stack
|
page read and write
|
||
|
16AB000
|
trusted library allocation
|
page execute and read and write
|
There are 835 hidden memdumps, click here to show them.