Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
8ObkdHP9Hq.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\num[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000332001\84d280a9e8.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000336001\num.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000349001\9d7da53f74.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Windows\Tasks\skotes.job
|
data
|
dropped
|
||
|
Chrome Cache Entry: 155
|
ASCII text, with very long lines (395)
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
ASCII text, with very long lines (755)
|
downloaded
|
||
|
Chrome Cache Entry: 157
|
ASCII text, with very long lines (1694)
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
ASCII text, with very long lines (683)
|
downloaded
|
||
|
Chrome Cache Entry: 159
|
Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
ASCII text, with very long lines (2907)
|
downloaded
|
||
|
Chrome Cache Entry: 161
|
ASCII text, with very long lines (5693)
|
downloaded
|
||
|
Chrome Cache Entry: 162
|
HTML document, ASCII text, with very long lines (681)
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
ASCII text, with very long lines (533)
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
ASCII text, with very long lines (570)
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
ASCII text, with very long lines (522)
|
downloaded
|
||
|
Chrome Cache Entry: 167
|
ASCII text, with very long lines (553)
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
ASCII text, with very long lines (468)
|
downloaded
|
There are 14 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\8ObkdHP9Hq.exe
|
"C:\Users\user\Desktop\8ObkdHP9Hq.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
|
"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
|
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000332001\84d280a9e8.exe
|
"C:\Users\user\AppData\Local\Temp\1000332001\84d280a9e8.exe"
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM chrome.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM msedge.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM firefox.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM opera.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM brave.exe /T
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd"
--start-fullscreen --no-first-run --disable-session-crashed-bubble --disable-infobars
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2384 --field-trial-handle=2240,i,13949646483110312368,15407111442915167702,262144
/prefetch:8
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000336001\num.exe
|
"C:\Users\user\AppData\Local\Temp\1000336001\num.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000349001\9d7da53f74.exe
|
"C:\Users\user\AppData\Local\Temp\1000349001\9d7da53f74.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=5648 --field-trial-handle=2240,i,13949646483110312368,15407111442915167702,262144
/prefetch:8
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService
--lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 --field-trial-handle=2240,i,13949646483110312368,15407111442915167702,262144
/prefetch:8
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000332001\84d280a9e8.exe
|
"C:\Users\user\AppData\Local\Temp\1000332001\84d280a9e8.exe"
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM chrome.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM msedge.exe /T
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=5800 --field-trial-handle=2240,i,13949646483110312368,15407111442915167702,262144
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM firefox.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM opera.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM brave.exe /T
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd"
--start-fullscreen --no-first-run --disable-session-crashed-bubble --disable-infobars
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=1152 --field-trial-handle=2040,i,8769351574913738686,7511269282204500585,262144
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM chrome.exe /T
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=4484 --field-trial-handle=2240,i,13949646483110312368,15407111442915167702,262144
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM msedge.exe /T
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000336001\num.exe
|
"C:\Users\user\AppData\Local\Temp\1000336001\num.exe"
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM firefox.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM opera.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM brave.exe /T
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd"
--start-fullscreen --no-first-run --disable-session-crashed-bubble --disable-infobars
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1992,i,7048868189645442855,15603037541109083957,262144
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM chrome.exe /T
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=2904 --field-trial-handle=2240,i,13949646483110312368,15407111442915167702,262144
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM msedge.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM firefox.exe /T
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000349001\9d7da53f74.exe
|
"C:\Users\user\AppData\Local\Temp\1000349001\9d7da53f74.exe"
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM opera.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM brave.exe /T
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd"
--start-fullscreen --no-first-run --disable-session-crashed-bubble --disable-infobars
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1152,i,15500864807837732652,8979653825790183584,262144
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM chrome.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM msedge.exe /T
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=4516 --field-trial-handle=2240,i,13949646483110312368,15407111442915167702,262144
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM firefox.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM opera.exe /T
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM brave.exe /T
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000332001\84d280a9e8.exe
|
"C:\Users\user\AppData\Local\Temp\1000332001\84d280a9e8.exe"
|
|
|
|
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /F /IM chrome.exe /T
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 66 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://185.215.113.37/LaJo
|
unknown
|
|
|
|
http://185.215.113.37
|
unknown
|
|
|
|
http://185.215.113.43/Zu7JuNko/index.php
|
185.215.113.43
|
|
|
|
https://steamcommunity.com/profiles/765611997243319001l
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.phpKQ
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.phpu
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.phpw
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.phpJXi
|
unknown
|
|
|
|
https://steamcommunity.com/profiles/76561199724331900u
|
unknown
|
|
|
|
https://steamcommunity.com/profiles/76561199724331900
|
104.102.49.254
|
|
|
|
http://185.215.113.37/ws
|
unknown
|
|
|
|
https://steamcommunity.com/profiles/76561199724331900/inventory/
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.phpzX
|
unknown
|
|
|
|
http://185.215.113.37/
|
185.215.113.37
|
|
|
|
https://player.vimeo.com
|
unknown
|
||
|
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65E
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1&
|
unknown
|
||
|
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f
|
unknown
|
||
|
https://bathdoomgaz.store:443/api
|
unknown
|
||
|
https://steamcommunity.com/?subsection=broadcasts
|
unknown
|
||
|
http://185.215.113.103/luma/random.exe
|
unknown
|
||
|
http://185.215.113.103/test/num.exe
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/ski
|
unknown
|
||
|
https://sergei-esenin.com/
|
unknown
|
||
|
https://play.google.com/work/enroll?identifier=
|
unknown
|
||
|
https://policies.google.com/terms/service-specific
|
unknown
|
||
|
https://g.co/recover
|
unknown
|
||
|
https://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://support.google.com/websearch/answer/4358949?hl=ko&ref_topic=3285072
|
unknown
|
||
|
https://www.gstatic.cn/recaptcha/
|
unknown
|
||
|
http://185.215.113.43/Zu7JuNko/index.phpncoded
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6
|
unknown
|
||
|
https://eaglepawnoy.store:443/apif
|
unknown
|
||
|
http://185.215.113.43/Zu7JuNko/index.phpy1mb3JtLXVybGVuY29kZWQ=.Verb
|
unknown
|
||
|
http://185.215.113.43/Zu7JuNko/index.php0349001
|
unknown
|
||
|
https://policies.google.com/technologies/cookies
|
unknown
|
||
|
http://www.valvesoftware.com/legal.htm
|
unknown
|
||
|
https://policies.google.com/terms
|
unknown
|
||
|
https://www.youtube.com
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG&
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=engli
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
|
unknown
|
||
|
https://www.google.
|
unknown
|
||
|
https://www.youtube.com/t/terms?chromeless=1&hl=
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&
|
unknown
|
||
|
http://185.215.113.43/Zu7JuNko/index.php$AC
|
unknown
|
||
|
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
|
unknown
|
||
|
https://policies.google.com/terms/location
|
unknown
|
||
|
http://185.215.113.43/ViewSizePreferences.SourceAumid2=
|
unknown
|
||
|
http://185.215.113.43/Zu7JuNko/index.phpcoded
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL
|
unknown
|
||
|
https://s.ytimg.com;
|
unknown
|
||
|
https://steam.tv/
|
unknown
|
||
|
https://licendfilteo.site:443/api
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english
|
unknown
|
||
|
https://steamcommunity.com/p
|
unknown
|
||
|
https://youtube.com/t/terms?gl=
|
unknown
|
||
|
https://www.google.com/intl/
|
unknown
|
||
|
http://microsoft.co
|
unknown
|
||
|
https://apis.google.com/js/api.js
|
unknown
|
||
|
http://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://steamcommunity.com:443/profiles/76561199724331900
|
unknown
|
||
|
https://store.steampowered.com/points/shop/
|
unknown
|
||
|
http://185.215.113.43/15.113.43/ows
|
unknown
|
||
|
https://sketchfab.com
|
unknown
|
||
|
https://lv.queniujq.cn
|
unknown
|
||
|
https://login.steampowere#
|
unknown
|
||
|
https://www.youtube.com/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=Ev2sBLgkgyWJ&a
|
unknown
|
||
|
https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
|
unknown
|
||
|
https://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0
|
unknown
|
||
|
https://sergei-esenin.com:443/api
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
http://185.215.113.43/ones
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am
|
unknown
|
||
|
http://185.215.113.43/Zu7JuNko/index.php9001
|
unknown
|
||
|
http://185.215.113.43/a
|
unknown
|
||
|
https://www.google.com/recaptcha/
|
unknown
|
||
|
https://checkout.steampowered.com/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english
|
unknown
|
||
|
https://policies.google.com/privacy
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png
|
unknown
|
||
|
https://avatars.akamai.steamstatic
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC
|
unknown
|
||
|
https://store.steampowered.com/;
|
unknown
|
||
|
https://store.steampowered.com/about/
|
unknown
|
||
|
https://steamcommunity.com/my/wishlist/
|
unknown
|
||
|
https://play.google/intl/
|
unknown
|
||
|
https://families.google.com/intl/
|
unknown
|
||
|
https://sergei-esenin.com/apiO8
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english
|
unknown
|
||
|
https://steamcommunity.com/0
|
unknown
|
||
|
https://policies.google.com/technologies/location-data
|
unknown
|
||
|
https://help.steampowered.com/en/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sergei-esenin.com
|
104.21.53.8
|
|
|
|
licendfilteo.site
|
unknown
|
|
|
|
clearancek.site
|
unknown
|
|
|
|
youtube-ui.l.google.com
|
142.250.181.238
|
||
|
steamcommunity.com
|
104.102.49.254
|
||
|
www3.l.google.com
|
142.250.184.238
|
||
|
play.google.com
|
172.217.16.206
|
||
|
www.google.com
|
142.250.184.228
|
||
|
youtube.com
|
142.250.185.142
|
||
|
bathdoomgaz.store
|
unknown
|
||
|
spirittunek.store
|
unknown
|
||
|
studennotediw.store
|
unknown
|
||
|
mobbipenju.store
|
unknown
|
||
|
eaglepawnoy.store
|
unknown
|
||
|
accounts.youtube.com
|
unknown
|
||
|
www.youtube.com
|
unknown
|
||
|
dissapoiznw.store
|
unknown
|
There are 7 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.215.113.43
|
unknown
|
Portugal
|
|
|
|
104.21.53.8
|
sergei-esenin.com
|
United States
|
|
|
|
185.215.113.37
|
unknown
|
Portugal
|
|
|
|
192.168.2.4
|
unknown
|
unknown
|
|
|
|
172.217.16.206
|
play.google.com
|
United States
|
||
|
142.250.181.238
|
youtube-ui.l.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.142
|
youtube.com
|
United States
|
||
|
104.102.49.254
|
steamcommunity.com
|
United States
|
||
|
142.250.184.238
|
www3.l.google.com
|
United States
|
||
|
142.250.184.228
|
www.google.com
|
United States
|
||
|
185.215.113.103
|
unknown
|
Portugal
|
There are 2 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
84d280a9e8.exe
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
num.exe
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
9d7da53f74.exe
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
DA1000
|
unkown
|
page execute and read and write
|
|
|
|
587000
|
heap
|
page read and write
|
|
|
|
DE8000
|
heap
|
page read and write
|
|
|
|
1088000
|
heap
|
page read and write
|
|
|
|
4FC0000
|
direct allocation
|
page read and write
|
|
|
|
B81000
|
unkown
|
page execute and write copy
|
|
|
|
DA1000
|
unkown
|
page execute and read and write
|
|
|
|
E8E000
|
heap
|
page read and write
|
|
|
|
10A8000
|
heap
|
page read and write
|
|
|
|
B81000
|
unkown
|
page execute and write copy
|
|
|
|
4C40000
|
direct allocation
|
page read and write
|
|
|
|
51E0000
|
direct allocation
|
page read and write
|
|
|
|
881000
|
unkown
|
page execute and read and write
|
|
|
|
B81000
|
unkown
|
page execute and write copy
|
|
|
|
B81000
|
unkown
|
page execute and write copy
|
|
|
|
47D0000
|
heap
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
AF3000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
10B9000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
1745000
|
heap
|
page read and write
|
||
|
68A0000
|
heap
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page write copy
|
||
|
CF5000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
B81000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
142C000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
391F000
|
stack
|
page read and write
|
||
|
5170000
|
direct allocation
|
page execute and read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
30FF000
|
stack
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
direct allocation
|
page execute and read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
37DF000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
55FD000
|
stack
|
page read and write
|
||
|
346C000
|
stack
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
109D000
|
unkown
|
page execute and read and write
|
||
|
176F000
|
heap
|
page read and write
|
||
|
3F9E000
|
stack
|
page read and write
|
||
|
3DBE000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
2E1B000
|
stack
|
page read and write
|
||
|
1A9ED000
|
stack
|
page read and write
|
||
|
85DE000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
E09000
|
unkown
|
page write copy
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
3E6E000
|
stack
|
page read and write
|
||
|
147A000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
4BEF000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
176F000
|
heap
|
page read and write
|
||
|
43FE000
|
stack
|
page read and write
|
||
|
17DC000
|
heap
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
3AF1000
|
heap
|
page read and write
|
||
|
5ACE000
|
stack
|
page read and write
|
||
|
5740000
|
direct allocation
|
page execute and read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
3B3E000
|
stack
|
page read and write
|
||
|
392F000
|
stack
|
page read and write
|
||
|
422E000
|
stack
|
page read and write
|
||
|
38BE000
|
stack
|
page read and write
|
||
|
3DFE000
|
stack
|
page read and write
|
||
|
1AB9E000
|
stack
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
453E000
|
stack
|
page read and write
|
||
|
106F000
|
unkown
|
page execute and read and write
|
||
|
9DB000
|
stack
|
page read and write
|
||
|
53F0000
|
direct allocation
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
45AF000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
3BEE000
|
stack
|
page read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
50FF000
|
stack
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
6515000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
51E0000
|
direct allocation
|
page read and write
|
||
|
4D51000
|
heap
|
page read and write
|
||
|
1209000
|
unkown
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
1A55F000
|
stack
|
page read and write
|
||
|
146D000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
109D000
|
unkown
|
page execute and read and write
|
||
|
443E000
|
stack
|
page read and write
|
||
|
689F000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
35AE000
|
stack
|
page read and write
|
||
|
BBC000
|
unkown
|
page readonly
|
||
|
82B000
|
stack
|
page read and write
|
||
|
520D000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
1AF8E000
|
stack
|
page read and write
|
||
|
45DE000
|
stack
|
page read and write
|
||
|
BEC000
|
unkown
|
page read and write
|
||
|
377F000
|
stack
|
page read and write
|
||
|
1250000
|
unkown
|
page execute and write copy
|
||
|
10FA000
|
stack
|
page read and write
|
||
|
BBC000
|
unkown
|
page readonly
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
880000
|
unkown
|
page readonly
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
1235000
|
unkown
|
page execute and read and write
|
||
|
5B80000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
3E2F000
|
stack
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
1D6E000
|
stack
|
page read and write
|
||
|
3911000
|
heap
|
page read and write
|
||
|
1787000
|
heap
|
page read and write
|
||
|
BE2000
|
unkown
|
page readonly
|
||
|
3641000
|
heap
|
page read and write
|
||
|
3A5F000
|
stack
|
page read and write
|
||
|
381E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
4D7F000
|
stack
|
page read and write
|
||
|
4FFE000
|
stack
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
84DE000
|
stack
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
1A85F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
3A5F000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
C3D000
|
unkown
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
5751000
|
trusted library allocation
|
page read and write
|
||
|
146E000
|
heap
|
page read and write
|
||
|
13F5000
|
heap
|
page read and write
|
||
|
124C000
|
unkown
|
page execute and read and write
|
||
|
39FF000
|
stack
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
C93000
|
heap
|
page read and write
|
||
|
7DC000
|
stack
|
page read and write
|
||
|
459F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
39FE000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
417F000
|
stack
|
page read and write
|
||
|
5360000
|
direct allocation
|
page execute and read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
B4F000
|
unkown
|
page execute and read and write
|
||
|
38FE000
|
stack
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
4D51000
|
heap
|
page read and write
|
||
|
6510000
|
heap
|
page read and write
|
||
|
17CB000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page execute and read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
BEC000
|
unkown
|
page read and write
|
||
|
10A5000
|
unkown
|
page execute and read and write
|
||
|
5241000
|
direct allocation
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
13E1000
|
unkown
|
page execute and read and write
|
||
|
5D4E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
3EFE000
|
stack
|
page read and write
|
||
|
495F000
|
stack
|
page read and write
|
||
|
56CF000
|
stack
|
page read and write
|
||
|
124E000
|
unkown
|
page execute and read and write
|
||
|
3AF1000
|
heap
|
page read and write
|
||
|
5400000
|
direct allocation
|
page execute and read and write
|
||
|
177C000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
1775000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1ADDE000
|
stack
|
page read and write
|
||
|
530D000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
359E000
|
stack
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
50EE000
|
stack
|
page read and write
|
||
|
41DF000
|
stack
|
page read and write
|
||
|
5590000
|
direct allocation
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
36EE000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
5730000
|
direct allocation
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
13E2000
|
unkown
|
page execute and write copy
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
F50000
|
unkown
|
page readonly
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4C1E000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
E1A000
|
heap
|
page read and write
|
||
|
CAF000
|
heap
|
page read and write
|
||
|
50C0000
|
direct allocation
|
page execute and read and write
|
||
|
2BFF000
|
stack
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
3F3E000
|
stack
|
page read and write
|
||
|
CFA000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
8873000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
3DBF000
|
stack
|
page read and write
|
||
|
5100000
|
direct allocation
|
page execute and read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
37BE000
|
stack
|
page read and write
|
||
|
54CD000
|
stack
|
page read and write
|
||
|
367E000
|
stack
|
page read and write
|
||
|
50D0000
|
direct allocation
|
page execute and read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
10C4000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
FCF000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
C10000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
1B22E000
|
stack
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
15AF000
|
stack
|
page read and write
|
||
|
3E5E000
|
stack
|
page read and write
|
||
|
482F000
|
stack
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1A65F000
|
stack
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
496F000
|
stack
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
1AA5E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
4DA0000
|
direct allocation
|
page execute and read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
CF8000
|
heap
|
page read and write
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
1ACDE000
|
stack
|
page read and write
|
||
|
3BAF000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
534E000
|
stack
|
page read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
50D0000
|
direct allocation
|
page execute and read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
5110000
|
direct allocation
|
page execute and read and write
|
||
|
467E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
BAB000
|
unkown
|
page write copy
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
43FF000
|
stack
|
page read and write
|
||
|
5710000
|
direct allocation
|
page execute and read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
EC000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
CE4000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
4DB0000
|
direct allocation
|
page execute and read and write
|
||
|
1B08D000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
36B4000
|
heap
|
page read and write
|
||
|
124E000
|
unkown
|
page execute and read and write
|
||
|
41EF000
|
stack
|
page read and write
|
||
|
4D51000
|
heap
|
page read and write
|
||
|
CAF000
|
heap
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1A75F000
|
stack
|
page read and write
|
||
|
C3A000
|
heap
|
page read and write
|
||
|
3B9F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B50000
|
heap
|
page read and write
|
||
|
3BDE000
|
stack
|
page read and write
|
||
|
3AF1000
|
heap
|
page read and write
|
||
|
50A0000
|
direct allocation
|
page execute and read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
391F000
|
stack
|
page read and write
|
||
|
B94000
|
unkown
|
page execute and write copy
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
453F000
|
stack
|
page read and write
|
||
|
AFD000
|
stack
|
page read and write
|
||
|
881000
|
unkown
|
page execute and write copy
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
55CE000
|
stack
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
31A7000
|
heap
|
page read and write
|
||
|
449E000
|
stack
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
BAB000
|
unkown
|
page write copy
|
||
|
5101000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
472D000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
10A3000
|
heap
|
page read and write
|
||
|
F91000
|
unkown
|
page execute and read and write
|
||
|
4AEE000
|
stack
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
50AF000
|
stack
|
page read and write
|
||
|
AC7000
|
heap
|
page read and write
|
||
|
13E1000
|
unkown
|
page execute and read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
445E000
|
stack
|
page read and write
|
||
|
547F000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
373F000
|
stack
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
585F000
|
stack
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
5370000
|
direct allocation
|
page execute and read and write
|
||
|
50D0000
|
direct allocation
|
page execute and read and write
|
||
|
B93000
|
unkown
|
page execute and write copy
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
4F50000
|
direct allocation
|
page read and write
|
||
|
839C000
|
stack
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
481F000
|
stack
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
880000
|
unkown
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
359E000
|
stack
|
page read and write
|
||
|
570C000
|
stack
|
page read and write
|
||
|
ED6000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
5110000
|
direct allocation
|
page execute and read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
5180000
|
direct allocation
|
page execute and read and write
|
||
|
584D000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
3A3E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
445F000
|
stack
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
3F5F000
|
stack
|
page read and write
|
||
|
35F0000
|
trusted library allocation
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
FDF000
|
stack
|
page read and write
|
||
|
5350000
|
direct allocation
|
page execute and read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
37EF000
|
stack
|
page read and write
|
||
|
BE2000
|
unkown
|
page readonly
|
||
|
8E2000
|
unkown
|
page execute and read and write
|
||
|
6ECE000
|
heap
|
page read and write
|
||
|
17DC000
|
heap
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
B9E000
|
unkown
|
page readonly
|
||
|
5580000
|
remote allocation
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
56E0000
|
direct allocation
|
page execute and read and write
|
||
|
5710000
|
direct allocation
|
page execute and read and write
|
||
|
ABC000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4C40000
|
direct allocation
|
page read and write
|
||
|
3FFF000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
3C7E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
3C3F000
|
stack
|
page read and write
|
||
|
1AC9F000
|
stack
|
page read and write
|
||
|
5590000
|
direct allocation
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
4D2F000
|
stack
|
page read and write
|
||
|
FB0000
|
unkown
|
page execute and read and write
|
||
|
5330000
|
direct allocation
|
page execute and read and write
|
||
|
381E000
|
stack
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
431F000
|
stack
|
page read and write
|
||
|
4B51000
|
heap
|
page read and write
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
A7B000
|
heap
|
page read and write
|
||
|
BE2000
|
unkown
|
page readonly
|
||
|
4F50000
|
direct allocation
|
page read and write
|
||
|
45DE000
|
stack
|
page read and write
|
||
|
C3E000
|
heap
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
DA0000
|
unkown
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
661F000
|
stack
|
page read and write
|
||
|
142F000
|
heap
|
page read and write
|
||
|
3B9F000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
124D000
|
unkown
|
page execute and write copy
|
||
|
16FD000
|
stack
|
page read and write
|
||
|
BEC000
|
unkown
|
page write copy
|
||
|
AF5000
|
stack
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
1401000
|
heap
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
849C000
|
stack
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
3C7F000
|
stack
|
page read and write
|
||
|
BEC000
|
unkown
|
page read and write
|
||
|
41DF000
|
stack
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
1434000
|
heap
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
C6B000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
42BF000
|
stack
|
page read and write
|
||
|
3E5E000
|
stack
|
page read and write
|
||
|
884C000
|
stack
|
page read and write
|
||
|
3FAE000
|
stack
|
page read and write
|
||
|
40DE000
|
stack
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
EEA000
|
heap
|
page read and write
|
||
|
140E000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
1772000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
5710000
|
direct allocation
|
page execute and read and write
|
||
|
A39000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
150F000
|
stack
|
page read and write
|
||
|
2E50000
|
direct allocation
|
page execute and read and write
|
||
|
17C7000
|
heap
|
page read and write
|
||
|
CE4000
|
heap
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
3D7F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
3CDF000
|
stack
|
page read and write
|
||
|
6BA000
|
stack
|
page read and write
|
||
|
1472000
|
heap
|
page read and write
|
||
|
2E60000
|
direct allocation
|
page execute and read and write
|
||
|
495F000
|
stack
|
page read and write
|
||
|
BBC000
|
unkown
|
page readonly
|
||
|
499E000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
4AA0000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
5580000
|
remote allocation
|
page read and write
|
||
|
3F9E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1AB3E000
|
stack
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
147D000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
4D1F000
|
stack
|
page read and write
|
||
|
13BA000
|
heap
|
page read and write
|
||
|
6EC0000
|
heap
|
page read and write
|
||
|
1E5000
|
stack
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
B3D000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4C7C000
|
stack
|
page read and write
|
||
|
5110000
|
direct allocation
|
page execute and read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
8260000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
369F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1130000
|
unkown
|
page execute and read and write
|
||
|
BE2000
|
unkown
|
page readonly
|
||
|
BF4000
|
unkown
|
page readonly
|
||
|
50EF000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
BBC000
|
unkown
|
page readonly
|
||
|
5220000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
E09000
|
unkown
|
page write copy
|
||
|
138E000
|
stack
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
1B0CD000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
387F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
10DA000
|
heap
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
5EBF000
|
stack
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
124C000
|
unkown
|
page execute and write copy
|
||
|
5101000
|
heap
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
363F000
|
stack
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
50E0000
|
direct allocation
|
page execute and read and write
|
||
|
3D1E000
|
stack
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
36AF000
|
stack
|
page read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
DDC000
|
unkown
|
page readonly
|
||
|
D84000
|
heap
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
463F000
|
stack
|
page read and write
|
||
|
BF4000
|
unkown
|
page readonly
|
||
|
E02000
|
unkown
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
BE2000
|
unkown
|
page readonly
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
499E000
|
stack
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
4F6B000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
10D3000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
4B3F000
|
stack
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
3A6F000
|
stack
|
page read and write
|
||
|
36B0000
|
heap
|
page read and write
|
||
|
34FF000
|
stack
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
1477000
|
heap
|
page read and write
|
||
|
5021000
|
direct allocation
|
page read and write
|
||
|
558F000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
3AF1000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
40DE000
|
stack
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
874C000
|
stack
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
BBC000
|
unkown
|
page readonly
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
4DC000
|
stack
|
page read and write
|
||
|
173D000
|
heap
|
page read and write
|
||
|
1130000
|
unkown
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
E03000
|
heap
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
1467000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
431F000
|
stack
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
42FE000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
123E000
|
unkown
|
page execute and read and write
|
||
|
5100000
|
direct allocation
|
page execute and read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
5118000
|
trusted library allocation
|
page read and write
|
||
|
1284000
|
heap
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
3B3F000
|
stack
|
page read and write
|
||
|
DA0000
|
unkown
|
page readonly
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
C31000
|
unkown
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
459F000
|
stack
|
page read and write
|
||
|
5360000
|
direct allocation
|
page execute and read and write
|
||
|
C3D000
|
unkown
|
page read and write
|
||
|
5150000
|
direct allocation
|
page execute and read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
49FF000
|
stack
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
5140000
|
direct allocation
|
page execute and read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
BE2000
|
unkown
|
page readonly
|
||
|
432F000
|
stack
|
page read and write
|
||
|
485E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
C93000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
55CE000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page execute and read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
2E4F000
|
stack
|
page read and write
|
||
|
CE4000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
2DD7000
|
heap
|
page read and write
|
||
|
5700000
|
direct allocation
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
1491000
|
heap
|
page read and write
|
||
|
35F0000
|
trusted library allocation
|
page read and write
|
||
|
403E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4BDF000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
477F000
|
stack
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
40AF000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
5360000
|
direct allocation
|
page execute and read and write
|
||
|
A77000
|
heap
|
page read and write
|
||
|
10B4000
|
unkown
|
page execute and write copy
|
||
|
1700000
|
heap
|
page read and write
|
||
|
39BF000
|
stack
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
C5E000
|
stack
|
page read and write
|
||
|
A3C000
|
stack
|
page read and write
|
||
|
10B2000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
C73000
|
heap
|
page read and write
|
||
|
586D000
|
stack
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
1DC0000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
46EF000
|
stack
|
page read and write
|
||
|
3F5F000
|
stack
|
page read and write
|
||
|
E09000
|
unkown
|
page write copy
|
||
|
403F000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
10A5000
|
unkown
|
page execute and read and write
|
||
|
46DF000
|
stack
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
5710000
|
direct allocation
|
page execute and read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
46DF000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
D2E000
|
unkown
|
page execute and read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
19DF000
|
stack
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
56F0000
|
direct allocation
|
page execute and read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
413F000
|
stack
|
page read and write
|
||
|
BF4000
|
unkown
|
page readonly
|
||
|
CAF000
|
heap
|
page read and write
|
||
|
1235000
|
unkown
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
BF4000
|
unkown
|
page readonly
|
||
|
196E000
|
stack
|
page read and write
|
||
|
5130000
|
direct allocation
|
page execute and read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page execute and read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page read and write
|
||
|
50B0000
|
direct allocation
|
page execute and read and write
|
||
|
DCA000
|
unkown
|
page read and write
|
||
|
6516000
|
heap
|
page read and write
|
||
|
44AE000
|
stack
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
17CF000
|
heap
|
page read and write
|
||
|
4CA1000
|
direct allocation
|
page read and write
|
||
|
BF0000
|
unkown
|
page write copy
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
D03000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
377E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
342F000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
D30000
|
unkown
|
page execute and write copy
|
||
|
341F000
|
stack
|
page read and write
|
||
|
1B1CC000
|
stack
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
13E2000
|
unkown
|
page execute and write copy
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
3CBE000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
5120000
|
direct allocation
|
page execute and read and write
|
||
|
8874000
|
heap
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
3BDE000
|
stack
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
17BA000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
177B000
|
heap
|
page read and write
|
||
|
508F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
C31000
|
unkown
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
35C4000
|
heap
|
page read and write
|
||
|
3911000
|
heap
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
10B3000
|
unkown
|
page execute and read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
43BF000
|
stack
|
page read and write
|
||
|
51A0000
|
direct allocation
|
page execute and read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
1AB5F000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
10B3000
|
unkown
|
page execute and write copy
|
||
|
1476000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
F51000
|
unkown
|
page execute and write copy
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
382E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
DA0000
|
unkown
|
page readonly
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
5710000
|
direct allocation
|
page execute and read and write
|
||
|
DA0000
|
unkown
|
page read and write
|
||
|
485E000
|
stack
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
8E9000
|
unkown
|
page write copy
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
FB0000
|
unkown
|
page execute and read and write
|
||
|
3CDF000
|
stack
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
5110000
|
direct allocation
|
page execute and read and write
|
||
|
421E000
|
stack
|
page read and write
|
||
|
47D6000
|
heap
|
page read and write
|
||
|
50D0000
|
direct allocation
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
BEC000
|
unkown
|
page write copy
|
||
|
CF8000
|
heap
|
page read and write
|
||
|
36DE000
|
stack
|
page read and write
|
||
|
446F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
13A0000
|
direct allocation
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1250000
|
unkown
|
page execute and write copy
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4C3C000
|
stack
|
page read and write
|
||
|
170B000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
409F000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
4FAF000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
1AF3F000
|
stack
|
page read and write
|
||
|
5110000
|
direct allocation
|
page execute and read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
175A000
|
heap
|
page read and write
|
||
|
FEB000
|
stack
|
page read and write
|
||
|
C73000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
675F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
C62000
|
unkown
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
51E0000
|
direct allocation
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
106F000
|
unkown
|
page execute and read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
59CE000
|
stack
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
5360000
|
direct allocation
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1439000
|
heap
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
5C0F000
|
stack
|
page read and write
|
||
|
BAB000
|
unkown
|
page write copy
|
||
|
471E000
|
stack
|
page read and write
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
C6F000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4A9F000
|
stack
|
page read and write
|
||
|
47D4000
|
heap
|
page read and write
|
||
|
48BF000
|
stack
|
page read and write
|
||
|
1AAED000
|
stack
|
page read and write
|
||
|
8EB000
|
unkown
|
page execute and read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
A71000
|
unkown
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
124C000
|
unkown
|
page execute and write copy
|
||
|
140F000
|
heap
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
33BF000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
8E9000
|
unkown
|
page write copy
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
5224000
|
heap
|
page read and write
|
||
|
4A9F000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
36DE000
|
stack
|
page read and write
|
||
|
4F3E000
|
stack
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
1209000
|
unkown
|
page execute and read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
407E000
|
stack
|
page read and write
|
||
|
3E1F000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
6EC1000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
4AC1000
|
heap
|
page read and write
|
||
|
356F000
|
stack
|
page read and write
|
||
|
5360000
|
direct allocation
|
page execute and read and write
|
||
|
17CF000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
DCA000
|
unkown
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
395E000
|
stack
|
page read and write
|
||
|
369F000
|
stack
|
page read and write
|
||
|
337F000
|
stack
|
page read and write
|
||
|
35F0000
|
trusted library allocation
|
page read and write
|
||
|
531F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
35F0000
|
trusted library allocation
|
page read and write
|
||
|
BF4000
|
unkown
|
page readonly
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
E0B000
|
unkown
|
page execute and read and write
|
||
|
1796000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page write copy
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
175A000
|
heap
|
page read and write
|
||
|
4D51000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
2F17000
|
heap
|
page read and write
|
||
|
457E000
|
stack
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
481F000
|
stack
|
page read and write
|
||
|
DDC000
|
unkown
|
page readonly
|
||
|
5360000
|
direct allocation
|
page execute and read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
427F000
|
stack
|
page read and write
|
||
|
53A0000
|
direct allocation
|
page execute and read and write
|
||
|
1787000
|
heap
|
page read and write
|
||
|
10B3000
|
unkown
|
page execute and read and write
|
||
|
650E000
|
stack
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
17C8000
|
heap
|
page read and write
|
||
|
49AE000
|
stack
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
5111000
|
heap
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
B7D000
|
unkown
|
page execute and read and write
|
||
|
1775000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
BF4000
|
unkown
|
page readonly
|
||
|
D84000
|
heap
|
page read and write
|
||
|
124C000
|
unkown
|
page execute and read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
5DD000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
38BF000
|
stack
|
page read and write
|
||
|
1A99E000
|
stack
|
page read and write
|
||
|
FCF000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
BBC000
|
unkown
|
page readonly
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
B93000
|
unkown
|
page execute and read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
449E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
5160000
|
direct allocation
|
page execute and read and write
|
||
|
152E000
|
heap
|
page read and write
|
||
|
396E000
|
stack
|
page read and write
|
||
|
3EFE000
|
stack
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
FEB000
|
stack
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
F51000
|
unkown
|
page execute and read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
1A89D000
|
stack
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4C40000
|
direct allocation
|
page read and write
|
||
|
DA1000
|
unkown
|
page execute and write copy
|
||
|
17BA000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
123E000
|
unkown
|
page execute and read and write
|
||
|
BEC000
|
unkown
|
page write copy
|
||
|
D84000
|
heap
|
page read and write
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
5340000
|
direct allocation
|
page execute and read and write
|
||
|
10B4000
|
unkown
|
page execute and write copy
|
||
|
409F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4AC0000
|
heap
|
page read and write
|
||
|
F51000
|
unkown
|
page execute and read and write
|
||
|
6ED0000
|
heap
|
page read and write
|
||
|
50DD000
|
stack
|
page read and write
|
||
|
50D0000
|
direct allocation
|
page execute and read and write
|
||
|
417E000
|
stack
|
page read and write
|
||
|
4D51000
|
heap
|
page read and write
|
||
|
353E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
1A11F000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
47C0000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
C7C000
|
stack
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
C6B000
|
heap
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
175F000
|
stack
|
page read and write
|
||
|
3AFF000
|
stack
|
page read and write
|
||
|
5580000
|
remote allocation
|
page read and write
|
||
|
B9E000
|
unkown
|
page readonly
|
||
|
39A000
|
stack
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
55A0000
|
remote allocation
|
page read and write
|
||
|
51B0000
|
direct allocation
|
page execute and read and write
|
||
|
3E1F000
|
stack
|
page read and write
|
||
|
F50000
|
unkown
|
page read and write
|
||
|
55A0000
|
remote allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
C20000
|
direct allocation
|
page read and write
|
||
|
4AAF000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
5110000
|
direct allocation
|
page execute and read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
3EBF000
|
stack
|
page read and write
|
||
|
46BE000
|
stack
|
page read and write
|
||
|
1B32E000
|
stack
|
page read and write
|
||
|
560D000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
B9E000
|
unkown
|
page readonly
|
||
|
5720000
|
direct allocation
|
page execute and read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
E09000
|
unkown
|
page write copy
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
BAB000
|
unkown
|
page write copy
|
||
|
D84000
|
heap
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
1796000
|
heap
|
page read and write
|
||
|
6ED0000
|
heap
|
page read and write
|
||
|
2EBB000
|
stack
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
176B000
|
heap
|
page read and write
|
||
|
5DBE000
|
stack
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
13BE000
|
heap
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
436E000
|
stack
|
page read and write
|
||
|
DA1000
|
unkown
|
page execute and write copy
|
||
|
50D0000
|
direct allocation
|
page execute and read and write
|
||
|
5190000
|
direct allocation
|
page execute and read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
172F000
|
heap
|
page read and write
|
||
|
40EE000
|
stack
|
page read and write
|
||
|
1737000
|
heap
|
page read and write
|
||
|
D80000
|
direct allocation
|
page read and write
|
||
|
4E6F000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
3D2E000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
532F000
|
stack
|
page read and write
|
||
|
1AC3F000
|
stack
|
page read and write
|
||
|
10B3000
|
unkown
|
page execute and write copy
|
||
|
D7D000
|
stack
|
page read and write
|
||
|
537E000
|
stack
|
page read and write
|
||
|
C66000
|
heap
|
page read and write
|
||
|
3CEF000
|
stack
|
page read and write
|
||
|
3AAE000
|
stack
|
page read and write
|
||
|
1772000
|
heap
|
page read and write
|
||
|
5590000
|
direct allocation
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
5710000
|
direct allocation
|
page execute and read and write
|
||
|
3D1E000
|
stack
|
page read and write
|
||
|
19CF000
|
stack
|
page read and write
|
||
|
544F000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
C6F000
|
heap
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
F50000
|
unkown
|
page read and write
|
||
|
44FF000
|
stack
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
3B7E000
|
stack
|
page read and write
|
||
|
41BE000
|
stack
|
page read and write
|
||
|
13A0000
|
direct allocation
|
page read and write
|
||
|
4F50000
|
direct allocation
|
page read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
E13000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1B50000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
2E77000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1230000
|
direct allocation
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1AE3E000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
467F000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4D51000
|
heap
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
5C4D000
|
stack
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
F50000
|
unkown
|
page readonly
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
598D000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
B9E000
|
unkown
|
page readonly
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
B38000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
17BA000
|
heap
|
page read and write
|
||
|
486E000
|
stack
|
page read and write
|
||
|
51EF000
|
stack
|
page read and write
|
||
|
AF7000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
DDC000
|
unkown
|
page readonly
|
||
|
3641000
|
heap
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
3AF1000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
471E000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
F91000
|
unkown
|
page execute and read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
47BF000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
CA6000
|
heap
|
page read and write
|
||
|
3910000
|
heap
|
page read and write
|
||
|
124D000
|
unkown
|
page execute and write copy
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
8850000
|
heap
|
page read and write
|
||
|
B85000
|
unkown
|
page execute and read and write
|
||
|
DDC000
|
unkown
|
page readonly
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
C62000
|
unkown
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
3F6F000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
37DF000
|
stack
|
page read and write
|
||
|
1D70000
|
heap
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
147B000
|
heap
|
page read and write
|
||
|
363E000
|
stack
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
1433000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
1745000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
576D000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
E0B000
|
unkown
|
page execute and read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
1477000
|
heap
|
page read and write
|
||
|
176B000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
140E000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
3AF0000
|
heap
|
page read and write
|
||
|
E02000
|
unkown
|
page execute and read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
152A000
|
heap
|
page read and write
|
||
|
55A0000
|
remote allocation
|
page read and write
|
||
|
421E000
|
stack
|
page read and write
|
||
|
395E000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
F51000
|
unkown
|
page execute and write copy
|
||
|
1475000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
There are 1351 hidden memdumps, click here to show them.