Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_a929a68fdcc8941e03529d78a1cc6cf3f25b77c_7522e4b5_23eff165-36a5-4645-8c01-cb7ba7a3f3de\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_a929a68fdcc8941e03529d78a1cc6cf3f25b77c_7522e4b5_5b94a649-f500-4645-ab5b-c9c186f9ad7e\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_af7af5355f072479d1c74226c58ec7d7d507bd_7522e4b5_958bd4e3-d0f3-4338-9871-56c7d6ec4be1\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_af7af5355f072479d1c74226c58ec7d7d507bd_7522e4b5_eefdfc72-540b-4461-a3e5-5b8e32e594bc\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER102B.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER104B.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2F1C.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:29:17 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2FA9.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2FF8.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFBC.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:29:09 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFD4E.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:29:04 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFDAB.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:29:04 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFE87.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFEA6.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFEC7.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFED6.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\1.dll"
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\1.dll,TMethodImplementationIntercept
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\1.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\1.dll,__dbk_fcall_wrapper
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\1.dll,dbkFCallWrapperAddr
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\1.dll",TMethodImplementationIntercept
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\1.dll",__dbk_fcall_wrapper
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\1.dll",dbkFCallWrapperAddr
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\1.dll",y4c1l01066ejk5s6
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\1.dll",#1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2008 -s 696
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3512 -s 704
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6664 -s 704
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7216 -s 696
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.movable-type.co.uk/scripts/xxtea.pdfS
|
unknown
|
||
|
http://www.schneier.com/paper-twofish-paper.pdfS
|
unknown
|
||
|
http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
|
unknown
|
||
|
http://tools.ietf.org/html/rfc1321
|
unknown
|
||
|
http://csrc.nist.gov/publications/drafts/fips180-4/Draft-FIPS180-4_Feb2011.pdfU
|
unknown
|
||
|
http://www.schneier.com/paper-blowfish-fse.htmlS
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://www.componentace.com
|
unknown
|
||
|
http://csrc.nist.gov/publications/drafts/800-67-rev1/SP-800-67-rev1-2_July-2011.pdfS
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
http://tools.ietf.org/html/rfc4648S
|
unknown
|
||
|
http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdfS
|
unknown
|
||
|
http://www.itl.nist.gov/fipspubs/fip180-1.htm
|
unknown
|
||
|
http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdfS
|
unknown
|
||
|
http://www.ietf.org/rfc/rfc3447.txtS
|
unknown
|
There are 5 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProgramId
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
FileId
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LongPathHash
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Name
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
OriginalFileName
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Publisher
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Version
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinFileVersion
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinaryType
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductName
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductVersion
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LinkDate
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinProductVersion
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Size
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Language
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
IsOsComponent
|
||
|
\REGISTRY\A\{e50867f7-6ee4-ca24-4154-b816fc00df42}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Usn
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
D64000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
BB8000
|
heap
|
page read and write
|
||
|
4F59000
|
unkown
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
67E0000
|
heap
|
page read and write
|
||
|
549B000
|
unkown
|
page read and write
|
||
|
4F60000
|
unkown
|
page read and write
|
||
|
2C3F000
|
stack
|
page read and write
|
||
|
4FEB000
|
unkown
|
page read and write
|
||
|
4B44000
|
unkown
|
page execute read
|
||
|
2DC0000
|
direct allocation
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
5E94000
|
direct allocation
|
page read and write
|
||
|
608F000
|
direct allocation
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
6064000
|
direct allocation
|
page read and write
|
||
|
6087000
|
direct allocation
|
page read and write
|
||
|
5050000
|
unkown
|
page write copy
|
||
|
4FB0000
|
unkown
|
page write copy
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
4AE3000
|
unkown
|
page execute read
|
||
|
4110000
|
heap
|
page read and write
|
||
|
5ED8000
|
direct allocation
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
4F6C000
|
unkown
|
page write copy
|
||
|
64B0000
|
heap
|
page read and write
|
||
|
247E000
|
stack
|
page read and write
|
||
|
664F000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
5040000
|
unkown
|
page write copy
|
||
|
4AE9000
|
unkown
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
41D0000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
4AF0000
|
unkown
|
page read and write
|
||
|
4F7E000
|
unkown
|
page write copy
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
5008000
|
unkown
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
43CE000
|
unkown
|
page write copy
|
||
|
4B40000
|
unkown
|
page write copy
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
43FE000
|
unkown
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
6080000
|
direct allocation
|
page read and write
|
||
|
4401000
|
direct allocation
|
page read and write
|
||
|
630E000
|
stack
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
5E80000
|
heap
|
page read and write
|
||
|
BBD000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
6638000
|
direct allocation
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
5EE6000
|
direct allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4408000
|
direct allocation
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
6614000
|
direct allocation
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
65E7000
|
direct allocation
|
page read and write
|
||
|
283C000
|
stack
|
page read and write
|
||
|
60A4000
|
direct allocation
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
6910000
|
heap
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
6430000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
5003000
|
unkown
|
page write copy
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
5ACF000
|
direct allocation
|
page read and write
|
||
|
667B000
|
direct allocation
|
page read and write
|
||
|
60B4000
|
direct allocation
|
page read and write
|
||
|
2BCF000
|
stack
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
5EF1000
|
heap
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
5EC8000
|
direct allocation
|
page read and write
|
||
|
60D1000
|
direct allocation
|
page read and write
|
||
|
5EF1000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
605B000
|
direct allocation
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
43D6000
|
direct allocation
|
page read and write
|
||
|
5AA2000
|
direct allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
5DCA000
|
unkown
|
page readonly
|
||
|
5AC8000
|
direct allocation
|
page read and write
|
||
|
670C000
|
direct allocation
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
65CB000
|
direct allocation
|
page read and write
|
||
|
4B12000
|
unkown
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
5AFA000
|
direct allocation
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
5CC2000
|
heap
|
page read and write
|
||
|
BAB000
|
heap
|
page read and write
|
||
|
60EF000
|
direct allocation
|
page read and write
|
||
|
60FD000
|
direct allocation
|
page read and write
|
||
|
43BE000
|
unkown
|
page read and write
|
||
|
5ADD000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
5FEB000
|
direct allocation
|
page read and write
|
||
|
60CA000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
4AFE000
|
unkown
|
page read and write
|
||
|
6673000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
257A000
|
heap
|
page read and write
|
||
|
660D000
|
direct allocation
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
63B0000
|
heap
|
page read and write
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
5E9D000
|
direct allocation
|
page read and write
|
||
|
4AF3000
|
unkown
|
page write copy
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
669F000
|
direct allocation
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
60E8000
|
direct allocation
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
60C2000
|
direct allocation
|
page read and write
|
||
|
5AB1000
|
direct allocation
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
60AD000
|
direct allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
5A94000
|
direct allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
60BC000
|
direct allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
623A000
|
unkown
|
page readonly
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
41D2000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2D5C000
|
stack
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
438D000
|
direct allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
B3C000
|
stack
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
4AF4000
|
unkown
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
6098000
|
direct allocation
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
10B000
|
stack
|
page read and write
|
||
|
607A000
|
direct allocation
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
66FF000
|
direct allocation
|
page read and write
|
||
|
4AEA000
|
unkown
|
page write copy
|
||
|
2ABE000
|
stack
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
5E8D000
|
direct allocation
|
page read and write
|
||
|
43B4000
|
unkown
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
6697000
|
direct allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
6440000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
5AAA000
|
direct allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
5025000
|
unkown
|
page execute read
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
4F5A000
|
unkown
|
page write copy
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
65D2000
|
direct allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
439B000
|
direct allocation
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
4F64000
|
unkown
|
page read and write
|
||
|
66A4000
|
direct allocation
|
page read and write
|
||
|
2E60000
|
direct allocation
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
4FF0000
|
unkown
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
5E62000
|
direct allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
5CB0000
|
heap
|
page read and write
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
2D8B000
|
stack
|
page read and write
|
||
|
433B000
|
direct allocation
|
page read and write
|
||
|
5FA0000
|
trusted library allocation
|
page read and write
|
||
|
43B0000
|
unkown
|
page read and write
|
||
|
669D000
|
direct allocation
|
page read and write
|
||
|
4A90000
|
unkown
|
page readonly
|
||
|
6022000
|
direct allocation
|
page read and write
|
||
|
14C000
|
stack
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
4FFB000
|
unkown
|
page read and write
|
||
|
665B000
|
direct allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
609D000
|
direct allocation
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page read and write
|
||
|
600B000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
A3B000
|
stack
|
page read and write
|
||
|
4AFC000
|
unkown
|
page write copy
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
313A000
|
heap
|
page read and write
|
||
|
43F3000
|
direct allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
66AD000
|
direct allocation
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
66E8000
|
direct allocation
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
60D1000
|
direct allocation
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
6110000
|
direct allocation
|
page execute and read and write
|
||
|
5004000
|
unkown
|
page read and write
|
||
|
4FFA000
|
unkown
|
page write copy
|
||
|
4394000
|
direct allocation
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
4A91000
|
unkown
|
page execute read
|
||
|
5A8D000
|
direct allocation
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
5EA4000
|
direct allocation
|
page read and write
|
||
|
66EF000
|
direct allocation
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
6648000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
665D000
|
direct allocation
|
page read and write
|
||
|
4F83000
|
unkown
|
page readonly
|
||
|
4D5B000
|
unkown
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
5E82000
|
heap
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
4AEB000
|
unkown
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
5EC1000
|
direct allocation
|
page read and write
|
||
|
5B01000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
25FB000
|
stack
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
666C000
|
direct allocation
|
page read and write
|
||
|
66C4000
|
direct allocation
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
2EB2000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2A3B000
|
stack
|
page read and write
|
||
|
437D000
|
direct allocation
|
page read and write
|
||
|
6723000
|
direct allocation
|
page read and write
|
||
|
4170000
|
heap
|
page read and write
|
||
|
6656000
|
direct allocation
|
page read and write
|
||
|
549C000
|
unkown
|
page execute read
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2540000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
66F8000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
634F000
|
stack
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
6682000
|
direct allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
5E60000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
4B3E000
|
unkown
|
page read and write
|
||
|
43BC000
|
unkown
|
page write copy
|
||
|
253E000
|
stack
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
4400000
|
unkown
|
page write copy
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
590C000
|
unkown
|
page execute read
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page read and write
|
||
|
6054000
|
direct allocation
|
page read and write
|
||
|
5F03000
|
direct allocation
|
page read and write
|
||
|
65C0000
|
direct allocation
|
page execute and read and write
|
||
|
BAF000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
2DCC000
|
stack
|
page read and write
|
||
|
4620000
|
unkown
|
page readonly
|
||
|
6687000
|
direct allocation
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
69C0000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
43E4000
|
direct allocation
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
6017000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
5EF0000
|
heap
|
page read and write
|
||
|
4FF4000
|
unkown
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
65FD000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
66B4000
|
direct allocation
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
43EC000
|
direct allocation
|
page read and write
|
||
|
672A000
|
direct allocation
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
500E000
|
unkown
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
66DA000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
4F53000
|
unkown
|
page execute read
|
||
|
34F0000
|
heap
|
page read and write
|
||
|
59AC000
|
unkown
|
page execute read
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
43AF000
|
unkown
|
page write copy
|
||
|
4621000
|
unkown
|
page execute read
|
||
|
568A000
|
unkown
|
page readonly
|
||
|
308F000
|
stack
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
65F0000
|
heap
|
page read and write
|
||
|
43BB000
|
unkown
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
661B000
|
direct allocation
|
page read and write
|
||
|
4FB4000
|
unkown
|
page execute read
|
||
|
4FEA000
|
unkown
|
page write copy
|
||
|
3230000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
66D1000
|
direct allocation
|
page read and write
|
||
|
66AD000
|
direct allocation
|
page read and write
|
||
|
5A6F000
|
direct allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
64C0000
|
trusted library allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
6664000
|
direct allocation
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
41C0000
|
heap
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
2591000
|
heap
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
6672000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
6770000
|
remote allocation
|
page read and write
|
||
|
43AB000
|
unkown
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
671C000
|
direct allocation
|
page read and write
|
||
|
6622000
|
direct allocation
|
page read and write
|
||
|
65E0000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
5EBA000
|
direct allocation
|
page read and write
|
||
|
599B000
|
unkown
|
page read and write
|
||
|
66C2000
|
direct allocation
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
4B21000
|
unkown
|
page execute read
|
||
|
5E60000
|
heap
|
page read and write
|
||
|
43B8000
|
direct allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
4FE3000
|
unkown
|
page execute read
|
||
|
D64000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
6713000
|
direct allocation
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
4F5F000
|
unkown
|
page write copy
|
||
|
6361000
|
heap
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
4F7D000
|
unkown
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
6104000
|
direct allocation
|
page read and write
|
||
|
278C000
|
stack
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
66FD000
|
direct allocation
|
page read and write
|
||
|
43D5000
|
unkown
|
page execute read
|
||
|
32F0000
|
direct allocation
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2560000
|
direct allocation
|
page execute and read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
6072000
|
direct allocation
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
65E0000
|
direct allocation
|
page read and write
|
||
|
4F5B000
|
unkown
|
page read and write
|
||
|
5CC0000
|
heap
|
page read and write
|
||
|
4F63000
|
unkown
|
page write copy
|
||
|
6688000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4FF3000
|
unkown
|
page execute read
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
2C4A000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
34EE000
|
stack
|
page read and write
|
||
|
5F0A000
|
direct allocation
|
page read and write
|
||
|
666B000
|
direct allocation
|
page read and write
|
||
|
6704000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
65EF000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
43AA000
|
direct allocation
|
page read and write
|
||
|
666B000
|
direct allocation
|
page read and write
|
||
|
5A9B000
|
direct allocation
|
page read and write
|
||
|
501E000
|
unkown
|
page write copy
|
||
|
4AEF000
|
unkown
|
page write copy
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
5A52000
|
direct allocation
|
page read and write
|
||
|
5AEC000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
4A4E000
|
stack
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
4B41000
|
unkown
|
page read and write
|
||
|
434B000
|
direct allocation
|
page read and write
|
||
|
322A000
|
heap
|
page read and write
|
||
|
5DD0000
|
heap
|
page read and write
|
||
|
5A4B000
|
direct allocation
|
page read and write
|
||
|
59AB000
|
unkown
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
5AD6000
|
direct allocation
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
2AFF000
|
stack
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
504E000
|
unkown
|
page read and write
|
||
|
4B08000
|
unkown
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
4FEF000
|
unkown
|
page write copy
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
5E5B000
|
direct allocation
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
274B000
|
stack
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
2EAF000
|
stack
|
page read and write
|
||
|
6128000
|
direct allocation
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
2C4F000
|
stack
|
page read and write
|
||
|
2A50000
|
direct allocation
|
page execute and read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
4F6A000
|
unkown
|
page write copy
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
5A60000
|
direct allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
5EED000
|
direct allocation
|
page read and write
|
||
|
4404000
|
unkown
|
page execute read
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
66D8000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
60D8000
|
direct allocation
|
page read and write
|
||
|
6010000
|
direct allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
5000000
|
unkown
|
page read and write
|
||
|
2D1B000
|
stack
|
page read and write
|
||
|
60AD000
|
direct allocation
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
6680000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
4F6E000
|
unkown
|
page read and write
|
||
|
4FF9000
|
unkown
|
page read and write
|
||
|
5D00000
|
heap
|
page read and write
|
||
|
43A2000
|
direct allocation
|
page read and write
|
||
|
43D2000
|
unkown
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
671A000
|
direct allocation
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
43C8000
|
unkown
|
page read and write
|
||
|
5FFB000
|
direct allocation
|
page read and write
|
||
|
330A000
|
heap
|
page read and write
|
||
|
599C000
|
unkown
|
page execute read
|
||
|
5054000
|
unkown
|
page execute read
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
62DA000
|
unkown
|
page readonly
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
5018000
|
unkown
|
page read and write
|
||
|
6072000
|
direct allocation
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
43B3000
|
unkown
|
page write copy
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
606B000
|
direct allocation
|
page read and write
|
||
|
4B15000
|
unkown
|
page execute read
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
670D000
|
direct allocation
|
page read and write
|
||
|
5AE4000
|
direct allocation
|
page read and write
|
||
|
4B31000
|
unkown
|
page execute read
|
||
|
4360000
|
direct allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2D90000
|
direct allocation
|
page execute and read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
43CD000
|
unkown
|
page read and write
|
||
|
5B08000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
503E000
|
unkown
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
5044000
|
unkown
|
page execute read
|
||
|
60F6000
|
direct allocation
|
page read and write
|
||
|
4B0D000
|
unkown
|
page read and write
|
||
|
28EC000
|
stack
|
page read and write
|
||
|
6090000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
66E1000
|
direct allocation
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
66F6000
|
direct allocation
|
page read and write
|
||
|
62CA000
|
unkown
|
page readonly
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
5E77000
|
direct allocation
|
page read and write
|
||
|
6714000
|
direct allocation
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
4AFB000
|
unkown
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
6738000
|
direct allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
66B4000
|
direct allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
43D3000
|
unkown
|
page readonly
|
||
|
5AF3000
|
direct allocation
|
page read and write
|
||
|
605D000
|
direct allocation
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
4367000
|
direct allocation
|
page read and write
|
||
|
5E4B000
|
direct allocation
|
page read and write
|
||
|
501D000
|
unkown
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
6706000
|
direct allocation
|
page read and write
|
||
|
4FAE000
|
unkown
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
5A67000
|
direct allocation
|
page read and write
|
||
|
5A3B000
|
direct allocation
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
6360000
|
heap
|
page read and write
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
4F82000
|
unkown
|
page read and write
|
||
|
5051000
|
unkown
|
page read and write
|
||
|
2A7C000
|
stack
|
page read and write
|
||
|
5022000
|
unkown
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
500A000
|
unkown
|
page write copy
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
66BB000
|
direct allocation
|
page read and write
|
||
|
604D000
|
direct allocation
|
page read and write
|
||
|
43BA000
|
unkown
|
page write copy
|
||
|
575F000
|
stack
|
page read and write
|
||
|
667A000
|
direct allocation
|
page read and write
|
||
|
121F000
|
unkown
|
page write copy
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
43B1000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
500D000
|
unkown
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
4F85000
|
unkown
|
page execute read
|
||
|
3134000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
6081000
|
direct allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
4F6B000
|
unkown
|
page read and write
|
||
|
6121000
|
direct allocation
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
43A9000
|
unkown
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
4B30000
|
unkown
|
page readonly
|
||
|
66CB000
|
direct allocation
|
page read and write
|
||
|
4FF3000
|
unkown
|
page write copy
|
||
|
5FA0000
|
trusted library allocation
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
40B0000
|
trusted library allocation
|
page read and write
|
||
|
5CC1000
|
heap
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
5EB2000
|
direct allocation
|
page read and write
|
||
|
57F0000
|
heap
|
page read and write
|
||
|
3120000
|
direct allocation
|
page execute and read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
3EE1000
|
unkown
|
page execute read
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
5041000
|
unkown
|
page read and write
|
||
|
62F0000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
6120000
|
heap
|
page read and write
|
||
|
310F000
|
stack
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
60C3000
|
direct allocation
|
page read and write
|
||
|
6731000
|
direct allocation
|
page read and write
|
||
|
43A3000
|
unkown
|
page execute read
|
||
|
6002000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
66E8000
|
direct allocation
|
page read and write
|
||
|
28AB000
|
stack
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
4B0E000
|
unkown
|
page write copy
|
||
|
43FA000
|
direct allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
601B000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
662A000
|
direct allocation
|
page read and write
|
||
|
6604000
|
direct allocation
|
page read and write
|
||
|
65BB000
|
direct allocation
|
page read and write
|
||
|
6140000
|
heap
|
page read and write
|
||
|
610C000
|
direct allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
6037000
|
direct allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
4FFB000
|
unkown
|
page read and write
|
||
|
2D7D000
|
stack
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
4401000
|
unkown
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
5A7D000
|
direct allocation
|
page read and write
|
||
|
500E000
|
unkown
|
page write copy
|
||
|
6631000
|
direct allocation
|
page read and write
|
||
|
5015000
|
unkown
|
page execute read
|
||
|
63AF000
|
stack
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2E3B000
|
stack
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
4FFE000
|
unkown
|
page read and write
|
||
|
6681000
|
direct allocation
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
4D5C000
|
unkown
|
page execute read
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
6088000
|
direct allocation
|
page read and write
|
||
|
5013000
|
unkown
|
page readonly
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
43DD000
|
direct allocation
|
page read and write
|
||
|
590B000
|
unkown
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
6728000
|
direct allocation
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
4A8F000
|
stack
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
5F18000
|
direct allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
500C000
|
unkown
|
page write copy
|
||
|
60A6000
|
direct allocation
|
page read and write
|
||
|
6380000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
43CF000
|
direct allocation
|
page read and write
|
||
|
6540000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
5023000
|
unkown
|
page readonly
|
||
|
3134000
|
heap
|
page read and write
|
||
|
609F000
|
direct allocation
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
668F000
|
direct allocation
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
24B0000
|
heap
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
3EE0000
|
unkown
|
page readonly
|
||
|
500B000
|
unkown
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
4FFC000
|
unkown
|
page write copy
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
5E70000
|
direct allocation
|
page read and write
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
66BD000
|
direct allocation
|
page read and write
|
||
|
4FFA000
|
unkown
|
page write copy
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
4B20000
|
unkown
|
page readonly
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
606B000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
5F11000
|
direct allocation
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
5EF4000
|
direct allocation
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
43C8000
|
direct allocation
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
2BF5000
|
heap
|
page read and write
|
||
|
4F78000
|
unkown
|
page read and write
|
||
|
5EDF000
|
direct allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
4352000
|
direct allocation
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
43AA000
|
unkown
|
page write copy
|
||
|
60CA000
|
direct allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
5801000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
5A84000
|
direct allocation
|
page read and write
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
4FE9000
|
unkown
|
page read and write
|
||
|
4FB1000
|
unkown
|
page read and write
|
||
|
5EFC000
|
direct allocation
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
66D2000
|
direct allocation
|
page read and write
|
||
|
611A000
|
direct allocation
|
page read and write
|
||
|
5012000
|
unkown
|
page read and write
|
||
|
60D8000
|
direct allocation
|
page read and write
|
||
|
60BB000
|
direct allocation
|
page read and write
|
||
|
4B13000
|
unkown
|
page readonly
|
||
|
4AFA000
|
unkown
|
page write copy
|
||
|
5E81000
|
heap
|
page read and write
|
||
|
5AB8000
|
direct allocation
|
page read and write
|
||
|
6441000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
6721000
|
direct allocation
|
page read and write
|
||
|
6030000
|
direct allocation
|
page read and write
|
||
|
60B4000
|
direct allocation
|
page read and write
|
||
|
66CA000
|
direct allocation
|
page read and write
|
||
|
30C4000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
24FF000
|
stack
|
page read and write
|
||
|
4FFF000
|
unkown
|
page write copy
|
||
|
2B1A000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
5EAB000
|
direct allocation
|
page read and write
|
||
|
6113000
|
direct allocation
|
page read and write
|
||
|
5EE0000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
There are 878 hidden memdumps, click here to show them.