Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Setup.exe
|
"C:\Users\user\Desktop\Setup.exe"
|
 |
|
|
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
|
"C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4564 -s 1648
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
enlargkiw.sbs
|
|
||
|
allocatinow.sbs
|
|
||
|
drawwyobstacw.sbs
|
|
||
|
mathcucom.sbs
|
|
||
|
https://steamcommunity.com/profiles/76561199724331900
|
104.102.49.254
|
|
|
|
https://vennurviot.sbs/api
|
172.67.140.193
|
|
|
|
https://steamcommunity.com/profiles/76561199724331900/inventory/
|
unknown
|
|
|
|
ehticsprocw.sbs
|
|
||
|
condifendteu.sbs
|
|
||
|
https://resinedyw.sbs/api
|
104.21.77.78
|
|
|
|
https://www.cloudflare.com/learning/access-management/phishing-attack/
|
unknown
|
||
|
https://player.vimeo.com
|
unknown
|
||
|
https://mathcucom.sbs/k
|
unknown
|
||
|
https://mathcucom.sbs/l
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javY
|
unknown
|
||
|
https://community.akamai.steamstatic.com/puN
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1&
|
unknown
|
||
|
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f
|
unknown
|
||
|
https://steamcommunity.com/?subsection=broadcasts
|
unknown
|
||
|
https://resinedyw.sbs/k
|
unknown
|
||
|
https://sergei-esenin.com/
|
unknown
|
||
|
https://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://www.gstatic.cn/recaptcha/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6
|
unknown
|
||
|
http://www.valvesoftware.com/legal.htm
|
unknown
|
||
|
https://www.youtube.com
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG&
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&
|
unknown
|
||
|
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=hgPi
|
unknown
|
||
|
https://s.ytimg.com;
|
unknown
|
||
|
https://store.steamp
|
unknown
|
||
|
https://steam.tv/
|
unknown
|
||
|
https://www.cloudflare.com/learning/access-manag-s
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english
|
unknown
|
||
|
http://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://store.steampowered.com/points/shop/
|
unknown
|
||
|
https://sketchfab.com
|
unknown
|
||
|
https://lv.queniujq.cn
|
unknown
|
||
|
https://www.youtube.com/
|
unknown
|
||
|
https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
|
unknown
|
||
|
https://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://www.cloudflare.com/learning/access-manag
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-landing
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en
|
unknown
|
||
|
https://sergei-esenin.com/r
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0
|
unknown
|
||
|
https://sergei-esenin.com:443/api
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=2Ih2WOq7ErXY&a
|
unknown
|
||
|
https://mathcucom.sbs/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am
|
unknown
|
||
|
https://www.google.com/recaptcha/
|
unknown
|
||
|
https://checkout.steampowered.com/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english
|
unknown
|
||
|
https://sergei-esenin.com/U
|
unknown
|
||
|
https://store.steampo
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png
|
unknown
|
||
|
https://avatars.akamai.steamstatic
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC
|
unknown
|
||
|
https://store.steampowered.com/;
|
unknown
|
||
|
https://store.steampowered.com/about/
|
unknown
|
||
|
https://steamcommunity.com/my/wishlist/
|
unknown
|
||
|
http://html4/loose.dtd
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english
|
unknown
|
||
|
https://help.steampowered.com/en/
|
unknown
|
||
|
https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/
|
unknown
|
||
|
https://sergei-esenin.com/apie
|
unknown
|
||
|
https://steamcommunity.com/market/
|
unknown
|
||
|
https://store.steampowered.com/news/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/
|
unknown
|
||
|
https://sergei-esenin.com/apiS
|
unknown
|
||
|
http://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://allocatinow.sbs/api
|
unknown
|
||
|
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
|
unknown
|
||
|
http://.css
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1
|
unknown
|
||
|
https://recaptcha.net/recaptcha/;
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/promo/stickers.js?v=upl9NJ5D2xkP&l=en
|
unknown
|
||
|
https://steamcommunity.com/discussions/
|
unknown
|
||
|
https://steamcommunity.com/login/home/?goto=profiles%2F765611997
|
unknown
|
||
|
https://store.steampowered.com/stats/
|
unknown
|
||
|
https://medal.tv
|
unknown
|
||
|
https://broadcast.st.dl.eccdnx.com
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
|
unknown
|
||
|
https://store.steampowered.com/steam_refunds/
|
unknown
|
||
|
https://resinedyw.sbs/
|
unknown
|
||
|
https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
|
unknown
|
||
|
https://allocatinow.sbs/pi
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=jGtzAgjYROne&l=e
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xT%
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/im
|
unknown
|
||
|
https://steamcommunity.com/workshop/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
condifendteu.sbs
|
104.21.79.35
|
|
|
|
steamcommunity.com
|
104.102.49.254
|
|
|
|
vennurviot.sbs
|
172.67.140.193
|
|
|
|
drawwyobstacw.sbs
|
188.114.97.3
|
|
|
|
mathcucom.sbs
|
188.114.96.3
|
|
|
|
proclaimykn.buzz
|
188.114.97.3
|
|
|
|
sergei-esenin.com
|
172.67.206.204
|
|
|
|
ehticsprocw.sbs
|
172.67.173.224
|
|
|
|
resinedyw.sbs
|
104.21.77.78
|
|
|
|
enlargkiw.sbs
|
104.21.33.249
|
|
|
|
allocatinow.sbs
|
unknown
|
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
drawwyobstacw.sbs
|
European Union
|
|
|
|
104.21.33.249
|
enlargkiw.sbs
|
United States
|
|
|
|
172.67.173.224
|
ehticsprocw.sbs
|
United States
|
|
|
|
188.114.96.3
|
mathcucom.sbs
|
European Union
|
|
|
|
104.102.49.254
|
steamcommunity.com
|
United States
|
|
|
|
172.67.140.193
|
vennurviot.sbs
|
United States
|
|
|
|
104.21.77.78
|
resinedyw.sbs
|
United States
|
|
|
|
104.21.79.35
|
condifendteu.sbs
|
United States
|
|
|
|
172.67.206.204
|
sergei-esenin.com
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3E18000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3D6B000
|
direct allocation
|
page read and write
|
|
|
|
3DC2000
|
direct allocation
|
page read and write
|
|
|
|
3B66000
|
direct allocation
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
3AA6000
|
direct allocation
|
page read and write
|
||
|
3ADA000
|
direct allocation
|
page read and write
|
||
|
39F4000
|
direct allocation
|
page read and write
|
||
|
3B6E000
|
direct allocation
|
page read and write
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
3A48000
|
direct allocation
|
page read and write
|
||
|
659000
|
heap
|
page read and write
|
||
|
34F0000
|
direct allocation
|
page read and write
|
||
|
38B2000
|
direct allocation
|
page read and write
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
3B6A000
|
direct allocation
|
page read and write
|
||
|
3898000
|
direct allocation
|
page read and write
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
791000
|
unkown
|
page execute read
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
3906000
|
direct allocation
|
page read and write
|
||
|
3B6C000
|
direct allocation
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
1959000
|
unkown
|
page read and write
|
||
|
3B9C000
|
direct allocation
|
page read and write
|
||
|
45FD000
|
stack
|
page read and write
|
||
|
45A000
|
remote allocation
|
page execute and read and write
|
||
|
199B000
|
unkown
|
page read and write
|
||
|
18D1000
|
unkown
|
page write copy
|
||
|
23BFF000
|
stack
|
page read and write
|
||
|
396A000
|
direct allocation
|
page read and write
|
||
|
19A0000
|
unkown
|
page read and write
|
||
|
18DD000
|
unkown
|
page read and write
|
||
|
1B3D000
|
stack
|
page read and write
|
||
|
63F000
|
heap
|
page read and write
|
||
|
3B80000
|
direct allocation
|
page read and write
|
||
|
3B58000
|
direct allocation
|
page read and write
|
||
|
3A70000
|
direct allocation
|
page read and write
|
||
|
3BD0000
|
direct allocation
|
page read and write
|
||
|
3AEE000
|
direct allocation
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
195D000
|
unkown
|
page read and write
|
||
|
3988000
|
direct allocation
|
page read and write
|
||
|
346D000
|
stack
|
page read and write
|
||
|
389C000
|
direct allocation
|
page read and write
|
||
|
3EC2000
|
direct allocation
|
page read and write
|
||
|
3892000
|
direct allocation
|
page read and write
|
||
|
790000
|
unkown
|
page readonly
|
||
|
3BF1000
|
direct allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
3AF8000
|
direct allocation
|
page read and write
|
||
|
3BEE000
|
direct allocation
|
page read and write
|
||
|
27F0000
|
remote allocation
|
page read and write
|
||
|
392C000
|
direct allocation
|
page read and write
|
||
|
3B1E000
|
direct allocation
|
page read and write
|
||
|
1B80000
|
heap
|
page read and write
|
||
|
1A26000
|
unkown
|
page readonly
|
||
|
3A3C000
|
direct allocation
|
page read and write
|
||
|
3A42000
|
direct allocation
|
page read and write
|
||
|
63F000
|
heap
|
page read and write
|
||
|
3942000
|
direct allocation
|
page read and write
|
||
|
3AD4000
|
direct allocation
|
page read and write
|
||
|
3AD0000
|
direct allocation
|
page read and write
|
||
|
44AD000
|
stack
|
page read and write
|
||
|
661000
|
heap
|
page read and write
|
||
|
392E000
|
direct allocation
|
page read and write
|
||
|
3978000
|
direct allocation
|
page read and write
|
||
|
3936000
|
direct allocation
|
page read and write
|
||
|
3BDC000
|
direct allocation
|
page read and write
|
||
|
4E2D000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
3477000
|
direct allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
3904000
|
direct allocation
|
page read and write
|
||
|
748000
|
direct allocation
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
3B8E000
|
direct allocation
|
page read and write
|
||
|
389A000
|
direct allocation
|
page read and write
|
||
|
64E000
|
heap
|
page read and write
|
||
|
3BEA000
|
direct allocation
|
page read and write
|
||
|
517000
|
heap
|
page read and write
|
||
|
1A26000
|
unkown
|
page readonly
|
||
|
3858000
|
direct allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
1AFD000
|
stack
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
3BCC000
|
direct allocation
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
3BB6000
|
direct allocation
|
page read and write
|
||
|
3AF4000
|
direct allocation
|
page read and write
|
||
|
3820000
|
direct allocation
|
page read and write
|
||
|
656000
|
heap
|
page read and write
|
||
|
62C000
|
heap
|
page read and write
|
||
|
54B000
|
stack
|
page read and write
|
||
|
342F000
|
stack
|
page read and write
|
||
|
3B88000
|
direct allocation
|
page read and write
|
||
|
239FF000
|
stack
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
3BE0000
|
direct allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
3B60000
|
direct allocation
|
page read and write
|
||
|
3770000
|
trusted library allocation
|
page read and write
|
||
|
3B7A000
|
direct allocation
|
page read and write
|
||
|
3B38000
|
direct allocation
|
page read and write
|
||
|
3994000
|
direct allocation
|
page read and write
|
||
|
3A56000
|
direct allocation
|
page read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
392A000
|
direct allocation
|
page read and write
|
||
|
3A72000
|
direct allocation
|
page read and write
|
||
|
19B0000
|
unkown
|
page write copy
|
||
|
3830000
|
direct allocation
|
page read and write
|
||
|
3B08000
|
direct allocation
|
page read and write
|
||
|
3B68000
|
direct allocation
|
page read and write
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
3972000
|
direct allocation
|
page read and write
|
||
|
38F7000
|
direct allocation
|
page read and write
|
||
|
34D0000
|
direct allocation
|
page read and write
|
||
|
3918000
|
direct allocation
|
page read and write
|
||
|
1A60000
|
direct allocation
|
page read and write
|
||
|
18D1000
|
unkown
|
page write copy
|
||
|
3AC4000
|
direct allocation
|
page read and write
|
||
|
395A000
|
direct allocation
|
page read and write
|
||
|
39F8000
|
direct allocation
|
page read and write
|
||
|
63C000
|
heap
|
page read and write
|
||
|
3BD8000
|
direct allocation
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
5A8000
|
heap
|
page read and write
|
||
|
500F000
|
stack
|
page read and write
|
||
|
23C00000
|
heap
|
page read and write
|
||
|
3A63000
|
direct allocation
|
page read and write
|
||
|
3B5C000
|
direct allocation
|
page read and write
|
||
|
19B1000
|
unkown
|
page readonly
|
||
|
1040000
|
unkown
|
page readonly
|
||
|
39F0000
|
direct allocation
|
page read and write
|
||
|
39EE000
|
direct allocation
|
page read and write
|
||
|
3BD6000
|
direct allocation
|
page read and write
|
||
|
4CDD000
|
stack
|
page read and write
|
||
|
3882000
|
direct allocation
|
page read and write
|
||
|
46FE000
|
stack
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
3B5E000
|
direct allocation
|
page read and write
|
||
|
515000
|
heap
|
page read and write
|
||
|
790000
|
unkown
|
page readonly
|
||
|
3B70000
|
direct allocation
|
page read and write
|
||
|
3B74000
|
direct allocation
|
page read and write
|
||
|
38B6000
|
direct allocation
|
page read and write
|
||
|
395E000
|
direct allocation
|
page read and write
|
||
|
19B0000
|
unkown
|
page write copy
|
||
|
3CD6000
|
direct allocation
|
page read and write
|
||
|
3866000
|
direct allocation
|
page read and write
|
||
|
3886000
|
direct allocation
|
page read and write
|
||
|
3ADC000
|
direct allocation
|
page read and write
|
||
|
3B78000
|
direct allocation
|
page read and write
|
||
|
3B92000
|
direct allocation
|
page read and write
|
||
|
1B7D000
|
stack
|
page read and write
|
||
|
3B84000
|
direct allocation
|
page read and write
|
||
|
3A6A000
|
direct allocation
|
page read and write
|
||
|
5BC000
|
heap
|
page read and write
|
||
|
3890000
|
direct allocation
|
page read and write
|
||
|
50B000
|
stack
|
page read and write
|
||
|
3B72000
|
direct allocation
|
page read and write
|
||
|
3928000
|
direct allocation
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
37EE000
|
stack
|
page read and write
|
||
|
348F000
|
direct allocation
|
page read and write
|
||
|
23C01000
|
heap
|
page read and write
|
||
|
3992000
|
direct allocation
|
page read and write
|
||
|
3E6E000
|
direct allocation
|
page read and write
|
||
|
23AFF000
|
stack
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
649000
|
heap
|
page read and write
|
||
|
382E000
|
direct allocation
|
page read and write
|
||
|
3BDE000
|
direct allocation
|
page read and write
|
||
|
391E000
|
direct allocation
|
page read and write
|
||
|
27F0000
|
remote allocation
|
page read and write
|
||
|
5FD000
|
heap
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
3730000
|
direct allocation
|
page read and write
|
||
|
18D9000
|
unkown
|
page write copy
|
||
|
710000
|
heap
|
page read and write
|
||
|
5C9000
|
heap
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
397E000
|
direct allocation
|
page read and write
|
||
|
393C000
|
direct allocation
|
page read and write
|
||
|
1BC000
|
stack
|
page read and write
|
||
|
18D3000
|
unkown
|
page read and write
|
||
|
517000
|
heap
|
page read and write
|
||
|
45AD000
|
stack
|
page read and write
|
||
|
387F000
|
direct allocation
|
page read and write
|
||
|
1ABE000
|
stack
|
page read and write
|
||
|
791000
|
unkown
|
page execute read
|
||
|
1972000
|
unkown
|
page write copy
|
||
|
388C000
|
direct allocation
|
page read and write
|
||
|
3AB4000
|
direct allocation
|
page read and write
|
||
|
3986000
|
direct allocation
|
page read and write
|
||
|
3888000
|
direct allocation
|
page read and write
|
||
|
3822000
|
direct allocation
|
page read and write
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
387A000
|
direct allocation
|
page read and write
|
||
|
61A000
|
heap
|
page read and write
|
||
|
195C000
|
unkown
|
page write copy
|
||
|
63B000
|
heap
|
page read and write
|
||
|
644000
|
heap
|
page read and write
|
||
|
18DE000
|
unkown
|
page write copy
|
||
|
393A000
|
direct allocation
|
page read and write
|
||
|
3795000
|
direct allocation
|
page read and write
|
||
|
1A70000
|
direct allocation
|
page read and write
|
||
|
3872000
|
direct allocation
|
page read and write
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
3AF0000
|
direct allocation
|
page read and write
|
||
|
3BE2000
|
direct allocation
|
page read and write
|
||
|
3B50000
|
direct allocation
|
page read and write
|
||
|
791000
|
unkown
|
page execute read
|
||
|
3970000
|
direct allocation
|
page read and write
|
||
|
3800000
|
direct allocation
|
page read and write
|
||
|
62C000
|
heap
|
page read and write
|
||
|
3A38000
|
direct allocation
|
page read and write
|
||
|
4A40000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
3934000
|
direct allocation
|
page read and write
|
||
|
384E000
|
direct allocation
|
page read and write
|
||
|
3AD8000
|
direct allocation
|
page read and write
|
||
|
3812000
|
direct allocation
|
page read and write
|
||
|
3493000
|
direct allocation
|
page read and write
|
||
|
1970000
|
unkown
|
page read and write
|
||
|
3BDA000
|
direct allocation
|
page read and write
|
||
|
3AC2000
|
direct allocation
|
page read and write
|
||
|
3938000
|
direct allocation
|
page read and write
|
||
|
1040000
|
unkown
|
page readonly
|
||
|
3734000
|
direct allocation
|
page read and write
|
||
|
3B76000
|
direct allocation
|
page read and write
|
||
|
27F0000
|
remote allocation
|
page read and write
|
||
|
3A68000
|
direct allocation
|
page read and write
|
||
|
388E000
|
direct allocation
|
page read and write
|
||
|
3896000
|
direct allocation
|
page read and write
|
||
|
3BC0000
|
direct allocation
|
page read and write
|
||
|
388A000
|
direct allocation
|
page read and write
|
||
|
38A0000
|
direct allocation
|
page read and write
|
||
|
3ADE000
|
direct allocation
|
page read and write
|
||
|
3924000
|
direct allocation
|
page read and write
|
||
|
3474000
|
direct allocation
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
4C9F000
|
stack
|
page read and write
|
||
|
3AEA000
|
direct allocation
|
page read and write
|
||
|
1974000
|
unkown
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
3A9C000
|
direct allocation
|
page read and write
|
||
|
740000
|
direct allocation
|
page read and write
|
||
|
3AD2000
|
direct allocation
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
19B1000
|
unkown
|
page readonly
|
||
|
649000
|
heap
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
383F000
|
direct allocation
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
64F000
|
heap
|
page read and write
|
||
|
1983000
|
unkown
|
page read and write
|
||
|
23FEF000
|
stack
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
3470000
|
direct allocation
|
page read and write
|
||
|
238FF000
|
stack
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
3AD6000
|
direct allocation
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
196E000
|
unkown
|
page write copy
|
||
|
3AFC000
|
direct allocation
|
page read and write
|
||
|
3870000
|
direct allocation
|
page read and write
|
There are 262 hidden memdumps, click here to show them.