Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_853114de62a4e1cf17966ddd92c16b36bf0ef6e_7522e4b5_58497566-3882-4f42-9937-3f91c1b0d4d8\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_853114de62a4e1cf17966ddd92c16b36bf0ef6e_7522e4b5_6c860b4d-56f5-4c02-b8a3-6757c7408b82\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_853114de62a4e1cf17966ddd92c16b36bf0ef6e_7522e4b5_cba14e28-d20c-49f0-aa3f-bae0a9b81ffe\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_a2b09c2763cd7fb1312522d0a7907333f2baa9c_7522e4b5_2cbd404b-e504-4568-ba5d-530059af66f9\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_a2b09c2763cd7fb1312522d0a7907333f2baa9c_7522e4b5_ed752832-c477-448c-84cf-abb2231ffdcb\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2C3C.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:30:09 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2D08.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2D86.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5213.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:30:19 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5437.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5486.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5C4B.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 02:36:05 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5D26.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 02:36:05 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5D75.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5DB4.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E5F.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5EED.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA76D.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 02:36:24 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA7FB.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA82B.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\4.dll"
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\4.dll,TMethodImplementationIntercept
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\4.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\4.dll,__dbk_fcall_wrapper
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\4.dll,dbkFCallWrapperAddr
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\4.dll",TMethodImplementationIntercept
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\4.dll",__dbk_fcall_wrapper
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\4.dll",dbkFCallWrapperAddr
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\4.dll",liydq47sc2u82rq6r
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\4.dll",#1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7012 -s 708
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6592 -s 696
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8160 -s 696
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8144 -s 696
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6696 -s 696
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.borland.com/namespaces/Types-IWSDLPublish
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
|
unknown
|
||
|
http://tools.ietf.org/html/rfc1321
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://www.borland.com/rootpart.xml
|
unknown
|
||
|
http://www.schneier.com/paper-blowfish-fse.htmlS
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://csrc.nist.gov/publications/drafts/800-67-rev1/SP-800-67-rev1-2_July-2011.pdfS
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
http://tools.ietf.org/html/rfc4648S
|
unknown
|
||
|
http://www.borland.com/namespaces/Types-IAppServerSOAPq
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/soap12/SV
|
unknown
|
||
|
http://www.itl.nist.gov/fipspubs/fip180-1.htm
|
unknown
|
||
|
http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdfS
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/soap/
|
unknown
|
||
|
http://www.borland.com/namespaces/TypesA
|
unknown
|
||
|
http://www.borland.com/namespaces/Types-IAppServerSOAP
|
unknown
|
||
|
http://www.movable-type.co.uk/scripts/xxtea.pdfS
|
unknown
|
||
|
http://www.borland.com/namespaces/Types
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/http
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/soap/#
|
unknown
|
||
|
http://www.schneier.com/paper-twofish-paper.pdfS
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/http/
|
unknown
|
||
|
http://tempuri.org/U
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://csrc.nist.gov/publications/drafts/fips180-4/Draft-FIPS180-4_Feb2011.pdfU
|
unknown
|
||
|
http://www.componentace.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/mime/
|
unknown
|
||
|
http://www.borland.com/namespaces/Types-IAppServerSOAPU
|
unknown
|
||
|
http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdfS
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesa
|
unknown
|
||
|
http://www.ietf.org/rfc/rfc3447.txtS
|
unknown
|
There are 24 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProgramId
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
FileId
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LongPathHash
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Name
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
OriginalFileName
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Publisher
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Version
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinFileVersion
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinaryType
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductName
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductVersion
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LinkDate
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinProductVersion
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Size
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Language
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
IsOsComponent
|
||
|
\REGISTRY\A\{8560606c-d6d8-96d7-92db-d4f397af31e7}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
00184010EC4F3ADA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
00184010EC4F3ADA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
00184010EC4F3ADA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6300000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
693A000
|
direct allocation
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
4A5A000
|
unkown
|
page write copy
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
68E2000
|
direct allocation
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
4DA1000
|
unkown
|
page write copy
|
||
|
F50000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
6952000
|
direct allocation
|
page read and write
|
||
|
4DB7000
|
unkown
|
page read and write
|
||
|
5F0F000
|
unkown
|
page readonly
|
||
|
52F5000
|
unkown
|
page execute read
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
33BF000
|
stack
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
643A000
|
direct allocation
|
page read and write
|
||
|
6994000
|
direct allocation
|
page read and write
|
||
|
4A6D000
|
unkown
|
page read and write
|
||
|
5D3D000
|
direct allocation
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3AA4000
|
direct allocation
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
4A59000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5D18000
|
direct allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
6777000
|
direct allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
3AF4000
|
direct allocation
|
page read and write
|
||
|
63F1000
|
direct allocation
|
page read and write
|
||
|
4D90000
|
unkown
|
page execute read
|
||
|
3334000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
4C73000
|
unkown
|
page readonly
|
||
|
51D8000
|
unkown
|
page write copy
|
||
|
3424000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
687B000
|
direct allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
6770000
|
heap
|
page read and write
|
||
|
69AA000
|
direct allocation
|
page read and write
|
||
|
5EEF000
|
stack
|
page read and write
|
||
|
2FE0000
|
direct allocation
|
page execute and read and write
|
||
|
697F000
|
direct allocation
|
page read and write
|
||
|
4A4E000
|
unkown
|
page write copy
|
||
|
61FC000
|
direct allocation
|
page read and write
|
||
|
691F000
|
direct allocation
|
page read and write
|
||
|
5CDD000
|
direct allocation
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
52C9000
|
unkown
|
page read and write
|
||
|
6162000
|
direct allocation
|
page read and write
|
||
|
4A49000
|
unkown
|
page read and write
|
||
|
4A5B000
|
unkown
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
5CF4000
|
direct allocation
|
page read and write
|
||
|
52E000
|
stack
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
678D000
|
direct allocation
|
page read and write
|
||
|
6978000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
6794000
|
direct allocation
|
page read and write
|
||
|
6094000
|
direct allocation
|
page read and write
|
||
|
6600000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
6084000
|
direct allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
6882000
|
direct allocation
|
page read and write
|
||
|
67C1000
|
direct allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
5D36000
|
direct allocation
|
page read and write
|
||
|
6108000
|
direct allocation
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
4C4C000
|
unkown
|
page write copy
|
||
|
C94000
|
heap
|
page read and write
|
||
|
5E60000
|
heap
|
page read and write
|
||
|
6211000
|
direct allocation
|
page read and write
|
||
|
4C4E000
|
unkown
|
page write copy
|
||
|
67A4000
|
direct allocation
|
page read and write
|
||
|
ACC000
|
stack
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
6441000
|
direct allocation
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
68C4000
|
direct allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
6760000
|
heap
|
page read and write
|
||
|
6076000
|
direct allocation
|
page read and write
|
||
|
5D0A000
|
direct allocation
|
page read and write
|
||
|
6424000
|
direct allocation
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
4DBD000
|
unkown
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
6917000
|
direct allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
680A000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
4CA4000
|
unkown
|
page execute read
|
||
|
C50000
|
heap
|
page read and write
|
||
|
60E4000
|
direct allocation
|
page read and write
|
||
|
6294000
|
direct allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
51F7000
|
unkown
|
page read and write
|
||
|
66BF000
|
stack
|
page read and write
|
||
|
68CD000
|
direct allocation
|
page read and write
|
||
|
694B000
|
direct allocation
|
page read and write
|
||
|
6277000
|
direct allocation
|
page read and write
|
||
|
93C000
|
stack
|
page read and write
|
||
|
60A2000
|
direct allocation
|
page read and write
|
||
|
69E0000
|
heap
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
4A48000
|
unkown
|
page write copy
|
||
|
4DA2000
|
unkown
|
page read and write
|
||
|
66E0000
|
trusted library allocation
|
page read and write
|
||
|
67E0000
|
heap
|
page read and write
|
||
|
E7F000
|
stack
|
page read and write
|
||
|
5D61000
|
direct allocation
|
page read and write
|
||
|
4731000
|
unkown
|
page execute read
|
||
|
51E9000
|
unkown
|
page read and write
|
||
|
60D6000
|
direct allocation
|
page read and write
|
||
|
6286000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
51D0000
|
unkown
|
page execute read
|
||
|
B30000
|
heap
|
page read and write
|
||
|
4A4D000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
4DC5000
|
unkown
|
page execute read
|
||
|
6110000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
609B000
|
direct allocation
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
4C6D000
|
unkown
|
page read and write
|
||
|
607D000
|
direct allocation
|
page read and write
|
||
|
55EC000
|
unkown
|
page read and write
|
||
|
6961000
|
direct allocation
|
page read and write
|
||
|
3ADF000
|
direct allocation
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page execute and read and write
|
||
|
990000
|
direct allocation
|
page execute and read and write
|
||
|
67C8000
|
direct allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
4C59000
|
unkown
|
page read and write
|
||
|
69B1000
|
direct allocation
|
page read and write
|
||
|
6944000
|
direct allocation
|
page read and write
|
||
|
35CF000
|
stack
|
page read and write
|
||
|
61C1000
|
direct allocation
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
63F8000
|
direct allocation
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
4D99000
|
unkown
|
page read and write
|
||
|
6186000
|
direct allocation
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
4D9C000
|
unkown
|
page write copy
|
||
|
61C8000
|
direct allocation
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
5D2F000
|
direct allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
51FE000
|
unkown
|
page write copy
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
4C4F000
|
unkown
|
page read and write
|
||
|
6770000
|
direct allocation
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
5ED0000
|
heap
|
page read and write
|
||
|
52DB000
|
unkown
|
page read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
6416000
|
direct allocation
|
page read and write
|
||
|
5C30000
|
trusted library allocation
|
page read and write
|
||
|
C8F000
|
stack
|
page read and write
|
||
|
4D9D000
|
unkown
|
page read and write
|
||
|
3AED000
|
direct allocation
|
page read and write
|
||
|
51E7000
|
unkown
|
page write copy
|
||
|
5EC0000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
6218000
|
direct allocation
|
page read and write
|
||
|
3A5B000
|
direct allocation
|
page read and write
|
||
|
624B000
|
direct allocation
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
6892000
|
direct allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
61A4000
|
direct allocation
|
page read and write
|
||
|
52D1000
|
unkown
|
page write copy
|
||
|
4DA9000
|
unkown
|
page read and write
|
||
|
642C000
|
direct allocation
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
5CFB000
|
direct allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
69B8000
|
direct allocation
|
page read and write
|
||
|
4A4C000
|
unkown
|
page write copy
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
3AB2000
|
direct allocation
|
page read and write
|
||
|
5CAB000
|
direct allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
67D8000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
625B000
|
direct allocation
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
619D000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
327B000
|
stack
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
4D9F000
|
unkown
|
page read and write
|
||
|
51DC000
|
unkown
|
page write copy
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6177000
|
direct allocation
|
page read and write
|
||
|
5230000
|
unkown
|
page write copy
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
4AA1000
|
unkown
|
page read and write
|
||
|
68EA000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
950000
|
trusted library allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6067000
|
direct allocation
|
page read and write
|
||
|
4D98000
|
unkown
|
page write copy
|
||
|
6781000
|
heap
|
page read and write
|
||
|
4C6E000
|
unkown
|
page write copy
|
||
|
52F3000
|
unkown
|
page readonly
|
||
|
5202000
|
unkown
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
67FC000
|
direct allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
70B000
|
stack
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
4A72000
|
unkown
|
page read and write
|
||
|
6782000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
3D3F000
|
stack
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
6924000
|
direct allocation
|
page read and write
|
||
|
4C4D000
|
unkown
|
page read and write
|
||
|
67ED000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
52C8000
|
unkown
|
page write copy
|
||
|
4C40000
|
unkown
|
page execute read
|
||
|
360E000
|
stack
|
page read and write
|
||
|
52D9000
|
unkown
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
4531000
|
unkown
|
page execute read
|
||
|
5D44000
|
direct allocation
|
page read and write
|
||
|
638B000
|
direct allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
6170000
|
direct allocation
|
page read and write
|
||
|
6408000
|
direct allocation
|
page read and write
|
||
|
6803000
|
direct allocation
|
page read and write
|
||
|
68FB000
|
direct allocation
|
page read and write
|
||
|
68D4000
|
direct allocation
|
page read and write
|
||
|
52CC000
|
unkown
|
page write copy
|
||
|
4A6E000
|
unkown
|
page write copy
|
||
|
C94000
|
heap
|
page read and write
|
||
|
61AB000
|
direct allocation
|
page read and write
|
||
|
2FD0000
|
direct allocation
|
page execute and read and write
|
||
|
52CF000
|
unkown
|
page read and write
|
||
|
4A51000
|
unkown
|
page write copy
|
||
|
6262000
|
direct allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
47CE000
|
stack
|
page read and write
|
||
|
4DF0000
|
unkown
|
page write copy
|
||
|
B10000
|
heap
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
6934000
|
direct allocation
|
page read and write
|
||
|
AB000
|
stack
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
4DF4000
|
unkown
|
page execute read
|
||
|
3334000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
6270000
|
direct allocation
|
page read and write
|
||
|
606F000
|
direct allocation
|
page read and write
|
||
|
6152000
|
direct allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
60CF000
|
direct allocation
|
page read and write
|
||
|
61E0000
|
trusted library allocation
|
page read and write
|
||
|
C3B000
|
stack
|
page read and write
|
||
|
66D0000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
5CC7000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
5321000
|
unkown
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
3B11000
|
direct allocation
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
5D28000
|
direct allocation
|
page read and write
|
||
|
C7C000
|
stack
|
page read and write
|
||
|
3B0A000
|
direct allocation
|
page read and write
|
||
|
52F2000
|
unkown
|
page read and write
|
||
|
4DA7000
|
unkown
|
page write copy
|
||
|
4DAB000
|
unkown
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3AE6000
|
direct allocation
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
41CF000
|
stack
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
695A000
|
direct allocation
|
page read and write
|
||
|
6382000
|
direct allocation
|
page read and write
|
||
|
67F4000
|
direct allocation
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
5C9B000
|
direct allocation
|
page read and write
|
||
|
4881000
|
unkown
|
page execute read
|
||
|
608D000
|
direct allocation
|
page read and write
|
||
|
32AC000
|
stack
|
page read and write
|
||
|
3A52000
|
direct allocation
|
page read and write
|
||
|
61F4000
|
direct allocation
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
693D000
|
direct allocation
|
page read and write
|
||
|
4DC2000
|
unkown
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
51DE000
|
unkown
|
page write copy
|
||
|
5234000
|
unkown
|
page execute read
|
||
|
692C000
|
direct allocation
|
page read and write
|
||
|
4C52000
|
unkown
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
627F000
|
direct allocation
|
page read and write
|
||
|
6300000
|
heap
|
page read and write
|
||
|
6203000
|
direct allocation
|
page read and write
|
||
|
460000
|
direct allocation
|
page execute and read and write
|
||
|
63B6000
|
direct allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
4530000
|
unkown
|
page readonly
|
||
|
3424000
|
heap
|
page read and write
|
||
|
5CA2000
|
direct allocation
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
52C0000
|
unkown
|
page execute read
|
||
|
60FA000
|
direct allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
67E6000
|
direct allocation
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
60AA000
|
direct allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
51D7000
|
unkown
|
page read and write
|
||
|
6101000
|
direct allocation
|
page read and write
|
||
|
4DB1000
|
unkown
|
page execute read
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
61E6000
|
direct allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
63E0000
|
heap
|
page read and write
|
||
|
63A7000
|
direct allocation
|
page read and write
|
||
|
61D0000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
5FC0000
|
heap
|
page read and write
|
||
|
3AD8000
|
direct allocation
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
3A86000
|
direct allocation
|
page read and write
|
||
|
67B2000
|
direct allocation
|
page read and write
|
||
|
55ED000
|
unkown
|
page execute read
|
||
|
3424000
|
heap
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
52C7000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
5CC0000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
61A0000
|
heap
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
F50000
|
direct allocation
|
page execute and read and write
|
||
|
4C51000
|
unkown
|
page write copy
|
||
|
342A000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
6910000
|
direct allocation
|
page read and write
|
||
|
6933000
|
direct allocation
|
page read and write
|
||
|
53EC000
|
unkown
|
page read and write
|
||
|
52D7000
|
unkown
|
page write copy
|
||
|
F1F000
|
stack
|
page read and write
|
||
|
3A8D000
|
direct allocation
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
61D8000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
4CC1000
|
unkown
|
page execute read
|
||
|
3334000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
6433000
|
direct allocation
|
page read and write
|
||
|
667E000
|
stack
|
page read and write
|
||
|
ED0000
|
direct allocation
|
page execute and read and write
|
||
|
B1A000
|
heap
|
page read and write
|
||
|
637B000
|
direct allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
61BA000
|
direct allocation
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
5CCF000
|
direct allocation
|
page read and write
|
||
|
691D000
|
direct allocation
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
5D11000
|
direct allocation
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
67D0000
|
heap
|
page read and write
|
||
|
5205000
|
unkown
|
page execute read
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3A7F000
|
direct allocation
|
page read and write
|
||
|
4A52000
|
unkown
|
page read and write
|
||
|
4CA0000
|
unkown
|
page write copy
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
675B000
|
direct allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
68A7000
|
direct allocation
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
6902000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
326B000
|
stack
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
60A0000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
63CD000
|
direct allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
679D000
|
direct allocation
|
page read and write
|
||
|
4A73000
|
unkown
|
page readonly
|
||
|
61ED000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
51DF000
|
unkown
|
page read and write
|
||
|
4DEE000
|
unkown
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
33C0000
|
trusted library allocation
|
page read and write
|
||
|
4730000
|
unkown
|
page readonly
|
||
|
6551000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
6BF000
|
heap
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
67C0000
|
trusted library allocation
|
page read and write
|
||
|
5EF0000
|
heap
|
page read and write
|
||
|
67DF000
|
direct allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
5D5A000
|
direct allocation
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
63A0000
|
direct allocation
|
page read and write
|
||
|
618D000
|
direct allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
68A0000
|
direct allocation
|
page read and write
|
||
|
4C72000
|
unkown
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
68EB000
|
direct allocation
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
620A000
|
direct allocation
|
page read and write
|
||
|
4AA4000
|
unkown
|
page execute read
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
C60000
|
direct allocation
|
page execute and read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
2FCF000
|
stack
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
617F000
|
direct allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
573D000
|
unkown
|
page execute read
|
||
|
574000
|
heap
|
page read and write
|
||
|
5CD6000
|
direct allocation
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
6060000
|
direct allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
692D000
|
direct allocation
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
3ABA000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
53ED000
|
unkown
|
page execute read
|
||
|
68E000
|
stack
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
4C67000
|
unkown
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
5CED000
|
direct allocation
|
page read and write
|
||
|
5D02000
|
direct allocation
|
page read and write
|
||
|
4C57000
|
unkown
|
page write copy
|
||
|
6551000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
4DAA000
|
unkown
|
page write copy
|
||
|
5231000
|
unkown
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
6926000
|
direct allocation
|
page read and write
|
||
|
60DD000
|
direct allocation
|
page read and write
|
||
|
4D97000
|
unkown
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
6042000
|
direct allocation
|
page read and write
|
||
|
51DD000
|
unkown
|
page read and write
|
||
|
4CC0000
|
unkown
|
page readonly
|
||
|
4A47000
|
unkown
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
D0A000
|
heap
|
page read and write
|
||
|
3AAB000
|
direct allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
F1F000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
60EC000
|
direct allocation
|
page read and write
|
||
|
4DBE000
|
unkown
|
page write copy
|
||
|
831000
|
heap
|
page read and write
|
||
|
52CD000
|
unkown
|
page read and write
|
||
|
4C49000
|
unkown
|
page read and write
|
||
|
5D0F000
|
unkown
|
page readonly
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
338A000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
52DA000
|
unkown
|
page write copy
|
||
|
629D000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
4C47000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
67AB000
|
direct allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
74C000
|
stack
|
page read and write
|
||
|
4AA0000
|
unkown
|
page write copy
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
6818000
|
direct allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
6916000
|
direct allocation
|
page read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
604B000
|
direct allocation
|
page read and write
|
||
|
640F000
|
direct allocation
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
430000
|
trusted library allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
4C5B000
|
unkown
|
page read and write
|
||
|
67BA000
|
direct allocation
|
page read and write
|
||
|
3A9D000
|
direct allocation
|
page read and write
|
||
|
4C9E000
|
unkown
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
6194000
|
direct allocation
|
page read and write
|
||
|
5324000
|
unkown
|
page execute read
|
||
|
3310000
|
heap
|
page read and write
|
||
|
6BB000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
4A40000
|
unkown
|
page execute read
|
||
|
4A4F000
|
unkown
|
page read and write
|
||
|
69C000
|
stack
|
page read and write
|
||
|
3A4B000
|
direct allocation
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
60A2000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
51FD000
|
unkown
|
page read and write
|
||
|
2FCF000
|
stack
|
page read and write
|
||
|
6811000
|
direct allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
522E000
|
unkown
|
page read and write
|
||
|
66C0000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
51E1000
|
unkown
|
page write copy
|
||
|
60D0000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
6986000
|
direct allocation
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
615B000
|
direct allocation
|
page read and write
|
||
|
69A3000
|
direct allocation
|
page read and write
|
||
|
628D000
|
direct allocation
|
page read and write
|
||
|
68B6000
|
direct allocation
|
page read and write
|
||
|
61B2000
|
direct allocation
|
page read and write
|
||
|
3B18000
|
direct allocation
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
E3B000
|
stack
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
68BD000
|
direct allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
51E2000
|
unkown
|
page read and write
|
||
|
6780000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
6786000
|
direct allocation
|
page read and write
|
||
|
3AC8000
|
direct allocation
|
page read and write
|
||
|
DE2000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6800000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
63DB000
|
direct allocation
|
page read and write
|
||
|
63D0000
|
heap
|
page read and write
|
||
|
330F000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
68F2000
|
direct allocation
|
page read and write
|
||
|
4DF1000
|
unkown
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
51EB000
|
unkown
|
page read and write
|
||
|
5B7C000
|
unkown
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
A8B000
|
stack
|
page read and write
|
||
|
641D000
|
direct allocation
|
page read and write
|
||
|
614B000
|
direct allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
5C6C000
|
unkown
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
60B1000
|
direct allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
68F1000
|
direct allocation
|
page read and write
|
||
|
3B03000
|
direct allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
5203000
|
unkown
|
page readonly
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
52EE000
|
unkown
|
page write copy
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page read and write
|
||
|
677F000
|
direct allocation
|
page read and write
|
||
|
698D000
|
direct allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
52ED000
|
unkown
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
4D9E000
|
unkown
|
page write copy
|
||
|
3344000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
3D80000
|
heap
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
6950000
|
direct allocation
|
page execute and read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
65B000
|
stack
|
page read and write
|
||
|
668F000
|
stack
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
6252000
|
direct allocation
|
page read and write
|
||
|
688B000
|
direct allocation
|
page read and write
|
||
|
4A75000
|
unkown
|
page execute read
|
||
|
52CE000
|
unkown
|
page write copy
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
5D68000
|
direct allocation
|
page read and write
|
||
|
699C000
|
direct allocation
|
page read and write
|
||
|
317A000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
63AF000
|
direct allocation
|
page read and write
|
||
|
5320000
|
unkown
|
page write copy
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
4C75000
|
unkown
|
page execute read
|
||
|
6908000
|
direct allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
6550000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
4CA1000
|
unkown
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
68F8000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
63BD000
|
direct allocation
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
1AC000
|
stack
|
page read and write
|
||
|
68DB000
|
direct allocation
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
32BC000
|
stack
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
4A57000
|
unkown
|
page write copy
|
||
|
4DC3000
|
unkown
|
page readonly
|
||
|
649F000
|
unkown
|
page readonly
|
||
|
573C000
|
unkown
|
page read and write
|
||
|
66C0000
|
heap
|
page read and write
|
||
|
63EA000
|
direct allocation
|
page read and write
|
||
|
4DB0000
|
unkown
|
page readonly
|
||
|
6781000
|
heap
|
page read and write
|
||
|
3A77000
|
direct allocation
|
page read and write
|
||
|
4A67000
|
unkown
|
page read and write
|
||
|
61E0000
|
trusted library allocation
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
6941000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
52E7000
|
unkown
|
page read and write
|
||
|
CEF000
|
stack
|
page read and write
|
||
|
4A9E000
|
unkown
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
63D4000
|
direct allocation
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
605F000
|
unkown
|
page readonly
|
||
|
6752000
|
direct allocation
|
page read and write
|
||
|
34EF000
|
stack
|
page read and write
|
||
|
51EA000
|
unkown
|
page write copy
|
||
|
351A000
|
heap
|
page read and write
|
||
|
60C8000
|
direct allocation
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
63E2000
|
direct allocation
|
page read and write
|
||
|
52D2000
|
unkown
|
page read and write
|
||
|
4880000
|
unkown
|
page readonly
|
||
|
658F000
|
unkown
|
page readonly
|
||
|
3424000
|
heap
|
page read and write
|
||
|
3A70000
|
direct allocation
|
page read and write
|
||
|
6781000
|
heap
|
page read and write
|
||
|
60B8000
|
direct allocation
|
page read and write
|
||
|
68AF000
|
direct allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
674B000
|
direct allocation
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
4C5A000
|
unkown
|
page write copy
|
||
|
60F3000
|
direct allocation
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
51D9000
|
unkown
|
page read and write
|
||
|
6A20000
|
heap
|
page read and write
|
||
|
531E000
|
unkown
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
63C4000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5B7D000
|
unkown
|
page execute read
|
||
|
61DF000
|
direct allocation
|
page read and write
|
||
|
6111000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
5C6D000
|
unkown
|
page execute read
|
||
|
3424000
|
heap
|
page read and write
|
||
|
690F000
|
direct allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
60A1000
|
heap
|
page read and write
|
||
|
480F000
|
stack
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
5D4C000
|
direct allocation
|
page read and write
|
||
|
6948000
|
direct allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
5D53000
|
direct allocation
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
6448000
|
direct allocation
|
page read and write
|
||
|
4C48000
|
unkown
|
page write copy
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
3AFC000
|
direct allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
66C1000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
6968000
|
direct allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
3AC1000
|
direct allocation
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
603B000
|
direct allocation
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
There are 901 hidden memdumps, click here to show them.