Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_53e1308958a019487894c36c9c40509d90c1f14e_7522e4b5_b757a58f-6c36-49f5-a16f-63f452ac5681\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_53e1308958a019487894c36c9c40509d90c1f14e_7522e4b5_be529bbd-7f5d-4324-97d9-3e45dca62056\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_831687f7f7938eade7f77ba4ef88496c08766ae_7522e4b5_55440433-290a-4c4a-ba07-bb7dc2e976b8\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_831687f7f7938eade7f77ba4ef88496c08766ae_7522e4b5_72529658-55d3-476e-830d-f70c28ef646f\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_831687f7f7938eade7f77ba4ef88496c08766ae_7522e4b5_ad73f3d2-a52d-4cb4-8262-3cdedee6766d\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2A2E.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:30:13 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2DB9.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2E57.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER774F.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:31:38 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER781C.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER783C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8975.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:30:37 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8C25.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8D6E.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA005.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:31:48 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA1BC.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA1DC.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE541.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 3 01:31:01 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE6E8.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE756.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\2.dll"
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\2.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\2.dll,TMethodImplementationIntercept
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\2.dll,__dbk_fcall_wrapper
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\2.dll,dbkFCallWrapperAddr
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\2.dll",TMethodImplementationIntercept
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\2.dll",__dbk_fcall_wrapper
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\2.dll",dbkFCallWrapperAddr
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\2.dll",el60p89r7qlkly4p9bfqh7
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\2.dll",#1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7744 -s 700
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8092 -s 696
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8020 -s 696
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7736 -s 704
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8076 -s 696
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.borland.com/namespaces/Types-IWSDLPublish
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
|
unknown
|
||
|
http://tools.ietf.org/html/rfc1321
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://www.borland.com/rootpart.xml
|
unknown
|
||
|
http://www.schneier.com/paper-blowfish-fse.htmlS
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://csrc.nist.gov/publications/drafts/800-67-rev1/SP-800-67-rev1-2_July-2011.pdfS
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
http://tools.ietf.org/html/rfc4648S
|
unknown
|
||
|
http://www.borland.com/namespaces/Types-IAppServerSOAPq
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/soap12/SV
|
unknown
|
||
|
http://www.itl.nist.gov/fipspubs/fip180-1.htm
|
unknown
|
||
|
http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdfS
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/soap/
|
unknown
|
||
|
http://www.borland.com/namespaces/TypesA
|
unknown
|
||
|
http://www.borland.com/namespaces/Types-IAppServerSOAP
|
unknown
|
||
|
http://www.movable-type.co.uk/scripts/xxtea.pdfS
|
unknown
|
||
|
http://www.borland.com/namespaces/Types
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/http
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/soap/#
|
unknown
|
||
|
http://www.schneier.com/paper-twofish-paper.pdfS
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/http/
|
unknown
|
||
|
http://tempuri.org/U
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://csrc.nist.gov/publications/drafts/fips180-4/Draft-FIPS180-4_Feb2011.pdfU
|
unknown
|
||
|
http://www.componentace.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/mime/
|
unknown
|
||
|
http://www.borland.com/namespaces/Types-IAppServerSOAPU
|
unknown
|
||
|
http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdfS
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesa
|
unknown
|
||
|
http://www.ietf.org/rfc/rfc3447.txtS
|
unknown
|
There are 24 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProgramId
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
FileId
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LongPathHash
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Name
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
OriginalFileName
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Publisher
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Version
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinFileVersion
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinaryType
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductName
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductVersion
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LinkDate
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinProductVersion
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Size
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Language
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
IsOsComponent
|
||
|
\REGISTRY\A\{ef55a1ca-4cae-347c-3790-1e9f684c9128}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C00B8FA4A2E4
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 16 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
48AC000
|
unkown
|
page write copy
|
||
|
60F2000
|
direct allocation
|
page read and write
|
||
|
6288000
|
direct allocation
|
page read and write
|
||
|
5D06000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
4D4F000
|
unkown
|
page read and write
|
||
|
4771000
|
unkown
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
633A000
|
direct allocation
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
2F8B000
|
stack
|
page read and write
|
||
|
6996000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
69C1000
|
direct allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
6143000
|
direct allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
64DE000
|
stack
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
6927000
|
direct allocation
|
page read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6962000
|
direct allocation
|
page read and write
|
||
|
60D4000
|
direct allocation
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4904000
|
unkown
|
page execute read
|
||
|
3310000
|
heap
|
page read and write
|
||
|
5D2B000
|
direct allocation
|
page read and write
|
||
|
62AD000
|
direct allocation
|
page read and write
|
||
|
5D1D000
|
direct allocation
|
page read and write
|
||
|
60F000
|
stack
|
page read and write
|
||
|
4390000
|
unkown
|
page readonly
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
629F000
|
direct allocation
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
5D60000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5D84000
|
direct allocation
|
page read and write
|
||
|
6246000
|
direct allocation
|
page read and write
|
||
|
5157000
|
unkown
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
623F000
|
direct allocation
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
472A000
|
unkown
|
page write copy
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
651F000
|
stack
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
5191000
|
unkown
|
page read and write
|
||
|
625D000
|
direct allocation
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
5CE2000
|
direct allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
5D7C000
|
direct allocation
|
page read and write
|
||
|
31B000
|
stack
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
67C6000
|
direct allocation
|
page read and write
|
||
|
5EDE000
|
stack
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
6710000
|
heap
|
page read and write
|
||
|
6858000
|
direct allocation
|
page read and write
|
||
|
6108000
|
direct allocation
|
page read and write
|
||
|
5AAB000
|
direct allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
B00000
|
direct allocation
|
page execute and read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
5190000
|
unkown
|
page write copy
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
67F2000
|
direct allocation
|
page read and write
|
||
|
679B000
|
direct allocation
|
page read and write
|
||
|
5679000
|
unkown
|
page execute read
|
||
|
60C6000
|
direct allocation
|
page read and write
|
||
|
4830000
|
unkown
|
page readonly
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
5FB2000
|
heap
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
696A000
|
direct allocation
|
page read and write
|
||
|
5228000
|
unkown
|
page read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
5FC7000
|
unkown
|
page readonly
|
||
|
6978000
|
direct allocation
|
page read and write
|
||
|
5AE0000
|
direct allocation
|
page execute and read and write
|
||
|
6282000
|
direct allocation
|
page read and write
|
||
|
514B000
|
unkown
|
page read and write
|
||
|
2F0B000
|
stack
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4CFE000
|
unkown
|
page write copy
|
||
|
6843000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
3DC0000
|
direct allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
683C000
|
direct allocation
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
621B000
|
direct allocation
|
page read and write
|
||
|
5D6F000
|
direct allocation
|
page read and write
|
||
|
4729000
|
unkown
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
B60000
|
direct allocation
|
page execute and read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
4CFC000
|
unkown
|
page write copy
|
||
|
5AB2000
|
direct allocation
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
5138000
|
unkown
|
page write copy
|
||
|
960000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
4BB000
|
stack
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
5F1F000
|
stack
|
page read and write
|
||
|
6954000
|
direct allocation
|
page read and write
|
||
|
5D98000
|
direct allocation
|
page read and write
|
||
|
3D20000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
3EE000
|
stack
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
3E44000
|
direct allocation
|
page read and write
|
||
|
67BF000
|
direct allocation
|
page read and write
|
||
|
5F77000
|
unkown
|
page readonly
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
3DDD000
|
direct allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
6590000
|
heap
|
page read and write
|
||
|
6BA0000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
4D59000
|
unkown
|
page read and write
|
||
|
5149000
|
unkown
|
page read and write
|
||
|
6281000
|
direct allocation
|
page read and write
|
||
|
62F8000
|
direct allocation
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
6780000
|
heap
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
48CD000
|
unkown
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
627B000
|
direct allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
75B000
|
heap
|
page read and write
|
||
|
6333000
|
direct allocation
|
page read and write
|
||
|
4D23000
|
unkown
|
page readonly
|
||
|
4742000
|
unkown
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
4D07000
|
unkown
|
page write copy
|
||
|
5E08000
|
direct allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
4D51000
|
unkown
|
page read and write
|
||
|
4DA1000
|
unkown
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
931000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
5141000
|
unkown
|
page write copy
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
4D4C000
|
unkown
|
page write copy
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
5D91000
|
direct allocation
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
3DA2000
|
direct allocation
|
page read and write
|
||
|
6092000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
3390000
|
direct allocation
|
page execute and read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
5997000
|
unkown
|
page readonly
|
||
|
5D14000
|
direct allocation
|
page read and write
|
||
|
48A8000
|
unkown
|
page write copy
|
||
|
62C4000
|
direct allocation
|
page read and write
|
||
|
97B000
|
stack
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
48BA000
|
unkown
|
page write copy
|
||
|
90B000
|
stack
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
47E0000
|
unkown
|
page readonly
|
||
|
353A000
|
heap
|
page read and write
|
||
|
60BF000
|
direct allocation
|
page read and write
|
||
|
5E01000
|
direct allocation
|
page read and write
|
||
|
631D000
|
direct allocation
|
page read and write
|
||
|
5139000
|
unkown
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
62AF000
|
direct allocation
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
515D000
|
unkown
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4D6D000
|
unkown
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
60B0000
|
direct allocation
|
page read and write
|
||
|
4D22000
|
unkown
|
page read and write
|
||
|
3DB2000
|
direct allocation
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
471E000
|
unkown
|
page write copy
|
||
|
6620000
|
trusted library allocation
|
page read and write
|
||
|
6134000
|
direct allocation
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
47E1000
|
unkown
|
page execute read
|
||
|
669F000
|
stack
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
612D000
|
direct allocation
|
page read and write
|
||
|
6936000
|
direct allocation
|
page read and write
|
||
|
6341000
|
direct allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6988000
|
direct allocation
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
5099000
|
unkown
|
page execute read
|
||
|
518E000
|
unkown
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
67EB000
|
direct allocation
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
4717000
|
unkown
|
page read and write
|
||
|
6126000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5AB8000
|
unkown
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
4D40000
|
unkown
|
page execute read
|
||
|
3C00000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
62A6000
|
direct allocation
|
page read and write
|
||
|
695B000
|
direct allocation
|
page read and write
|
||
|
630F000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5147000
|
unkown
|
page write copy
|
||
|
76D000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
628B000
|
direct allocation
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
62CA000
|
direct allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
4D0B000
|
unkown
|
page read and write
|
||
|
5D32000
|
direct allocation
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
513E000
|
unkown
|
page write copy
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
3DFB000
|
direct allocation
|
page read and write
|
||
|
513D000
|
unkown
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
690B000
|
direct allocation
|
page read and write
|
||
|
6190000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
5098000
|
unkown
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
4CF8000
|
unkown
|
page write copy
|
||
|
5D7D000
|
direct allocation
|
page read and write
|
||
|
60CD000
|
direct allocation
|
page read and write
|
||
|
48B9000
|
unkown
|
page read and write
|
||
|
62EA000
|
direct allocation
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
6118000
|
direct allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
5CCB000
|
direct allocation
|
page read and write
|
||
|
3C20000
|
heap
|
page read and write
|
||
|
682D000
|
direct allocation
|
page read and write
|
||
|
9BC000
|
stack
|
page read and write
|
||
|
5CF7000
|
direct allocation
|
page read and write
|
||
|
62A7000
|
direct allocation
|
page read and write
|
||
|
5D5F000
|
direct allocation
|
page read and write
|
||
|
5FA0000
|
heap
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
6971000
|
direct allocation
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
4743000
|
unkown
|
page readonly
|
||
|
34FF000
|
stack
|
page read and write
|
||
|
7BB000
|
stack
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
5D74000
|
direct allocation
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
67D4000
|
direct allocation
|
page read and write
|
||
|
5DEC000
|
direct allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
4D51000
|
unkown
|
page write copy
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
5B40000
|
heap
|
page read and write
|
||
|
3D9B000
|
direct allocation
|
page read and write
|
||
|
62DB000
|
direct allocation
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
620B000
|
direct allocation
|
page read and write
|
||
|
5CFF000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5D52000
|
direct allocation
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4D17000
|
unkown
|
page read and write
|
||
|
684A000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
4D72000
|
unkown
|
page read and write
|
||
|
3DC7000
|
direct allocation
|
page read and write
|
||
|
471D000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6826000
|
direct allocation
|
page read and write
|
||
|
5F30000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4722000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
4D47000
|
unkown
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
4CFF000
|
unkown
|
page read and write
|
||
|
CA1000
|
heap
|
page read and write
|
||
|
6792000
|
direct allocation
|
page read and write
|
||
|
62CD000
|
direct allocation
|
page read and write
|
||
|
6520000
|
heap
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
5DFA000
|
direct allocation
|
page read and write
|
||
|
692F000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5DA2000
|
direct allocation
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
624D000
|
direct allocation
|
page read and write
|
||
|
5D48000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
3E0A000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
5D41000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
626B000
|
direct allocation
|
page read and write
|
||
|
6230000
|
direct allocation
|
page read and write
|
||
|
513C000
|
unkown
|
page write copy
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
2EE0000
|
direct allocation
|
page execute and read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
5137000
|
unkown
|
page read and write
|
||
|
4C21000
|
unkown
|
page execute read
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
5CF0000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
632C000
|
direct allocation
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
5AC0000
|
trusted library allocation
|
page read and write
|
||
|
609B000
|
direct allocation
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
2FCC000
|
stack
|
page read and write
|
||
|
4CF0000
|
unkown
|
page execute read
|
||
|
6070000
|
heap
|
page read and write
|
||
|
3E53000
|
direct allocation
|
page read and write
|
||
|
4D9E000
|
unkown
|
page read and write
|
||
|
4719000
|
unkown
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
48B2000
|
unkown
|
page read and write
|
||
|
5D8A000
|
direct allocation
|
page read and write
|
||
|
5D9B000
|
direct allocation
|
page read and write
|
||
|
5B27000
|
unkown
|
page readonly
|
||
|
67A2000
|
direct allocation
|
page read and write
|
||
|
5B60000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
5E10000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
4901000
|
unkown
|
page read and write
|
||
|
6790000
|
heap
|
page read and write
|
||
|
3E4C000
|
direct allocation
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
63E0000
|
heap
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
48AD000
|
unkown
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
6237000
|
direct allocation
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
698F000
|
direct allocation
|
page read and write
|
||
|
48B1000
|
unkown
|
page write copy
|
||
|
4D5B000
|
unkown
|
page read and write
|
||
|
513F000
|
unkown
|
page read and write
|
||
|
4D6E000
|
unkown
|
page write copy
|
||
|
67B0000
|
direct allocation
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
63B7000
|
unkown
|
page readonly
|
||
|
67DD000
|
direct allocation
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
4391000
|
unkown
|
page execute read
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
94C000
|
stack
|
page read and write
|
||
|
613C000
|
direct allocation
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
5ABF000
|
stack
|
page read and write
|
||
|
5F20000
|
trusted library allocation
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
4CFD000
|
unkown
|
page read and write
|
||
|
514A000
|
unkown
|
page write copy
|
||
|
910000
|
heap
|
page read and write
|
||
|
5D66000
|
direct allocation
|
page read and write
|
||
|
68FB000
|
direct allocation
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
62B4000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
62BD000
|
direct allocation
|
page read and write
|
||
|
515E000
|
unkown
|
page write copy
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5DDD000
|
direct allocation
|
page read and write
|
||
|
48BB000
|
unkown
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
6298000
|
direct allocation
|
page read and write
|
||
|
5AB9000
|
unkown
|
page execute read
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
60FA000
|
direct allocation
|
page read and write
|
||
|
471F000
|
unkown
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
69B3000
|
direct allocation
|
page read and write
|
||
|
CCF000
|
stack
|
page read and write
|
||
|
AAF000
|
stack
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
6222000
|
direct allocation
|
page read and write
|
||
|
678B000
|
direct allocation
|
page read and write
|
||
|
62F1000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
D5F000
|
stack
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
3E11000
|
direct allocation
|
page read and write
|
||
|
4D54000
|
unkown
|
page execute read
|
||
|
5D6D000
|
direct allocation
|
page read and write
|
||
|
C8A000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
5D94000
|
direct allocation
|
page read and write
|
||
|
3470000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
62B6000
|
direct allocation
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
6264000
|
direct allocation
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
6902000
|
direct allocation
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
DCF000
|
stack
|
page read and write
|
||
|
4D02000
|
unkown
|
page read and write
|
||
|
48D5000
|
unkown
|
page execute read
|
||
|
4DA4000
|
unkown
|
page execute read
|
||
|
62D4000
|
direct allocation
|
page read and write
|
||
|
3E68000
|
direct allocation
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
2F4C000
|
stack
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
3E36000
|
direct allocation
|
page read and write
|
||
|
6212000
|
direct allocation
|
page read and write
|
||
|
5CDB000
|
direct allocation
|
page read and write
|
||
|
4D1E000
|
unkown
|
page write copy
|
||
|
4D73000
|
unkown
|
page readonly
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4737000
|
unkown
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
1CC000
|
stack
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
6834000
|
direct allocation
|
page read and write
|
||
|
627A000
|
direct allocation
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
5D42000
|
direct allocation
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
67B7000
|
direct allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
3E3D000
|
direct allocation
|
page read and write
|
||
|
5D83000
|
direct allocation
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
2E7F000
|
stack
|
page read and write
|
||
|
3DF4000
|
direct allocation
|
page read and write
|
||
|
67FA000
|
direct allocation
|
page read and write
|
||
|
4D1D000
|
unkown
|
page read and write
|
||
|
6316000
|
direct allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
3DD6000
|
direct allocation
|
page read and write
|
||
|
6CC000
|
stack
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
473E000
|
unkown
|
page write copy
|
||
|
D04000
|
heap
|
page read and write
|
||
|
6851000
|
direct allocation
|
page read and write
|
||
|
6200000
|
heap
|
page read and write
|
||
|
3DCF000
|
direct allocation
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
3C10000
|
heap
|
page read and write
|
||
|
5D3B000
|
direct allocation
|
page read and write
|
||
|
5163000
|
unkown
|
page readonly
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
5DB8000
|
direct allocation
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
2F4A000
|
heap
|
page read and write
|
||
|
4D49000
|
unkown
|
page read and write
|
||
|
5D8D000
|
direct allocation
|
page read and write
|
||
|
5194000
|
unkown
|
page execute read
|
||
|
6292000
|
direct allocation
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
4721000
|
unkown
|
page write copy
|
||
|
4200000
|
unkown
|
page readonly
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
68F000
|
stack
|
page read and write
|
||
|
5F50000
|
direct allocation
|
page execute and read and write
|
||
|
69A4000
|
direct allocation
|
page read and write
|
||
|
6101000
|
direct allocation
|
page read and write
|
||
|
5DAA000
|
direct allocation
|
page read and write
|
||
|
4D48000
|
unkown
|
page write copy
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
4831000
|
unkown
|
page execute read
|
||
|
611F000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
5DD6000
|
direct allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
3D30000
|
trusted library allocation
|
page read and write
|
||
|
4727000
|
unkown
|
page write copy
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
326A000
|
heap
|
page read and write
|
||
|
4D09000
|
unkown
|
page read and write
|
||
|
62A0000
|
direct allocation
|
page read and write
|
||
|
5B50000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
4D67000
|
unkown
|
page read and write
|
||
|
4770000
|
unkown
|
page write copy
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6912000
|
direct allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
3E18000
|
direct allocation
|
page read and write
|
||
|
4D25000
|
unkown
|
page execute read
|
||
|
4CF9000
|
unkown
|
page read and write
|
||
|
48C7000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
67E4000
|
direct allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
67CD000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
62C3000
|
direct allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
6151000
|
direct allocation
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
48B7000
|
unkown
|
page write copy
|
||
|
6324000
|
direct allocation
|
page read and write
|
||
|
2F9A000
|
heap
|
page read and write
|
||
|
699D000
|
direct allocation
|
page read and write
|
||
|
4D50000
|
unkown
|
page write copy
|
||
|
5D3A000
|
direct allocation
|
page read and write
|
||
|
5ABB000
|
direct allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
60B7000
|
direct allocation
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
48A7000
|
unkown
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
5678000
|
unkown
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
693D000
|
direct allocation
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
48AE000
|
unkown
|
page write copy
|
||
|
3E5A000
|
direct allocation
|
page read and write
|
||
|
3E02000
|
direct allocation
|
page read and write
|
||
|
6808000
|
direct allocation
|
page read and write
|
||
|
6272000
|
direct allocation
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
7FC000
|
stack
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
4CF7000
|
unkown
|
page read and write
|
||
|
48A9000
|
unkown
|
page read and write
|
||
|
614A000
|
direct allocation
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
3E28000
|
direct allocation
|
page read and write
|
||
|
5DCF000
|
direct allocation
|
page read and write
|
||
|
4745000
|
unkown
|
page execute read
|
||
|
6AF0000
|
heap
|
page read and write
|
||
|
5AC0000
|
heap
|
page read and write
|
||
|
471C000
|
unkown
|
page write copy
|
||
|
608B000
|
direct allocation
|
page read and write
|
||
|
6920000
|
direct allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
56C8000
|
unkown
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
3E2F000
|
direct allocation
|
page read and write
|
||
|
681F000
|
direct allocation
|
page read and write
|
||
|
4BD0000
|
direct allocation
|
page execute and read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
5CD2000
|
direct allocation
|
page read and write
|
||
|
4D57000
|
unkown
|
page write copy
|
||
|
60E4000
|
direct allocation
|
page read and write
|
||
|
4201000
|
unkown
|
page execute read
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
48FE000
|
unkown
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
62D8000
|
direct allocation
|
page read and write
|
||
|
62E2000
|
direct allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4718000
|
unkown
|
page write copy
|
||
|
6158000
|
direct allocation
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
5DF3000
|
direct allocation
|
page read and write
|
||
|
48CE000
|
unkown
|
page write copy
|
||
|
5162000
|
unkown
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
69BA000
|
direct allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
3DAB000
|
direct allocation
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5A7E000
|
stack
|
page read and write
|
||
|
5DB1000
|
direct allocation
|
page read and write
|
||
|
5130000
|
unkown
|
page execute read
|
||
|
4710000
|
unkown
|
page execute read
|
||
|
5DE4000
|
direct allocation
|
page read and write
|
||
|
3E61000
|
direct allocation
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
60DD000
|
direct allocation
|
page read and write
|
||
|
BD0000
|
direct allocation
|
page execute and read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4D4E000
|
unkown
|
page read and write
|
||
|
62BC000
|
direct allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
4D01000
|
unkown
|
page write copy
|
||
|
D04000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
4D52000
|
unkown
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
56C9000
|
unkown
|
page execute read
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
6792000
|
heap
|
page read and write
|
||
|
3C22000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
5FB0000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
6490000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
4D4E000
|
unkown
|
page write copy
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
62D1000
|
direct allocation
|
page read and write
|
||
|
B1F000
|
stack
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
6801000
|
direct allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
5229000
|
unkown
|
page execute read
|
||
|
5D67000
|
direct allocation
|
page read and write
|
||
|
5142000
|
unkown
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
48D2000
|
unkown
|
page read and write
|
||
|
69C8000
|
direct allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
5F50000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
68B000
|
stack
|
page read and write
|
||
|
60A2000
|
direct allocation
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
3DED000
|
direct allocation
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
48D3000
|
unkown
|
page readonly
|
||
|
6308000
|
direct allocation
|
page read and write
|
||
|
48A0000
|
unkown
|
page execute read
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
4D75000
|
unkown
|
page execute read
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5DC8000
|
direct allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
476E000
|
unkown
|
page read and write
|
||
|
5D0D000
|
direct allocation
|
page read and write
|
||
|
4D4D000
|
unkown
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
6254000
|
direct allocation
|
page read and write
|
||
|
5D24000
|
direct allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
6370000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
4900000
|
unkown
|
page write copy
|
||
|
6791000
|
heap
|
page read and write
|
||
|
5D4B000
|
direct allocation
|
page read and write
|
||
|
473D000
|
unkown
|
page read and write
|
||
|
6348000
|
direct allocation
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
5D76000
|
direct allocation
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
4C20000
|
unkown
|
page readonly
|
||
|
69AC000
|
direct allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
6D0000
|
direct allocation
|
page execute and read and write
|
||
|
48AF000
|
unkown
|
page read and write
|
||
|
18B000
|
stack
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
6521000
|
heap
|
page read and write
|
||
|
60EB000
|
direct allocation
|
page read and write
|
||
|
BC4000
|
heap
|
page read and write
|
||
|
4D0A000
|
unkown
|
page write copy
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
472B000
|
unkown
|
page read and write
|
||
|
6791000
|
heap
|
page read and write
|
||
|
5D58000
|
direct allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
4D5A000
|
unkown
|
page write copy
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
5FB1000
|
heap
|
page read and write
|
||
|
3C21000
|
heap
|
page read and write
|
||
|
6071000
|
heap
|
page read and write
|
||
|
D8E000
|
stack
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
6818000
|
direct allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
4BE000
|
stack
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
6944000
|
direct allocation
|
page read and write
|
||
|
694D000
|
direct allocation
|
page read and write
|
||
|
DBF000
|
stack
|
page read and write
|
||
|
5165000
|
unkown
|
page execute read
|
||
|
6791000
|
heap
|
page read and write
|
||
|
66C0000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
4DA0000
|
unkown
|
page write copy
|
||
|
4774000
|
unkown
|
page execute read
|
||
|
384000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
There are 910 hidden memdumps, click here to show them.