Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ekte.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\sqlite3.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp47BA.tmp
|
XML 1.0 document, ASCII text
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\sqlite-dll-win32-x86-3180000[1].zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2ls1flhm.rsh.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6jkxvjx.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6z95F416
|
SQLite 3.x database, last written using SQLite version 3032001, page size 2048, file counter 3, database pages 20, cookie
0x15, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\amd1qawb.4es.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\jkhdv24w.zfs.psm1
|
Unknown
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nfqy1dns.11s.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nlw0ae4g.0aj.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\snv2upmf.srm.ps1
|
Unknown
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\spbxmlzn.23j.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\sqlite3.def
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp1A06.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ximjg3qh.2ny.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\zjplj4.zip
|
HTML document, ASCII text
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ekte.exe
|
"C:\Users\user\Desktop\ekte.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\ekte.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\eFDiSxeTfjUqTk" /XML "C:\Users\user\AppData\Local\Temp\tmp47BA.tmp"
|
|
|
|
C:\Users\user\Desktop\ekte.exe
|
"C:\Users\user\Desktop\ekte.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe
|
C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe"
|
|
|
|
C:\Program Files (x86)\MRHRLVjrcMJazhpubNnYGXyfuCIwnJCyDGTMAAlqhcuDHJPaYzen\BuhvZTwGQCD.exe
|
"C:\Program Files (x86)\MRHRLVjrcMJazhpubNnYGXyfuCIwnJCyDGTMAAlqhcuDHJPaYzen\BuhvZTwGQCD.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\eFDiSxeTfjUqTk" /XML "C:\Users\user\AppData\Local\Temp\tmp1A06.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe
|
"C:\Users\user\AppData\Roaming\eFDiSxeTfjUqTk.exe"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
"C:\Windows\SysWOW64\findstr.exe"
|
|
|
|
C:\Program Files (x86)\MRHRLVjrcMJazhpubNnYGXyfuCIwnJCyDGTMAAlqhcuDHJPaYzen\BuhvZTwGQCD.exe
|
"C:\Program Files (x86)\MRHRLVjrcMJazhpubNnYGXyfuCIwnJCyDGTMAAlqhcuDHJPaYzen\BuhvZTwGQCD.exe"
|
|
|
|
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
|
"C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\taskeng.exe
|
taskeng.exe {F5042694-6DBB-4431-8D77-CD30DFD414D8} S-1-5-21-966771315-3019405637-367336477-1006:user-PC\user:Interactive:[1]
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.wdgb23.top/v5ff/?o0I8bJWh=6KtkYrJQJQPjnaYYjYn2UYf3+tCUC2UyI0IqyotYPNah/j4zRWdFJ7rRvhmSGGewLKOTJjNwEsTAi0VkpGXovzF7okvrkNx58uXZpArpUgDeiKoUGkOd+5nnUTXs&IzCDX=JREpwHC8S
|
206.119.82.148
|
|
|
|
http://www.rockbull.pro/0804/?o0I8bJWh=7cQ5BE5RBCqgXF7xrBGoHohDXivjQLfe2KgDJ9LuiE6tpBU04a3sAbwq5Q7Yjj3JjwmtcjT9zhxyx84N9Ed0ZJTtf47MgLeYfgSXfectTV2gRR6PHDayMxuKrOIC&IzCDX=JREpwHC8S
|
185.174.173.22
|
|
|
|
http://www.guldeu.xyz/qd68/
|
162.0.238.246
|
|
|
|
http://www.childlesscatlady.today/0l08/
|
15.197.148.33
|
|
|
|
http://www.deikamalaharris.info/7qh8/?o0I8bJWh=30gz3aeCGXts4Q76IE+H941JnGeso7u8ST9k2gxA0wQlWv8qAc7eS7l6bdvqrf9uLD1EZ4RKxD3BFAyB/gyNnMcHzfUP1SI6JZ3kLHzdYP32mYCFOTVusz8SPvQZ&IzCDX=JREpwHC8S
|
3.33.130.190
|
|
|
|
http://www.guldeu.xyz/qd68/?o0I8bJWh=CMk3jWV7n2ud16JbSoz++xJaAy6tYmolV54GWsIImY9wr32Fxex2EERnMtANYc4DvCE1goWK72es3TtLYGEc3O5acPz147mgbIRl7hCPTM53qHiPKqWo/3UkWZwG&IzCDX=JREpwHC8S
|
162.0.238.246
|
|
|
|
http://www.childlesscatlady.today/0l08/?o0I8bJWh=WYzw3m0wqer1rwFfiUwXr6rnqmqwc587r0oEUdRC5DK7wXWam3jpYKn/a30V+PURl6w9nm91Zal+YxrVMngOiDDKZET7LCtjetsFGO1YqrEJE528b4AnIbgsZ84h&IzCDX=JREpwHC8S
|
15.197.148.33
|
|
|
|
http://www.rockbull.pro/0804/
|
185.174.173.22
|
|
|
|
http://www.asiapartnars.online/rmem/
|
15.197.148.33
|
|
|
|
http://www.wdgb23.top/v5ff/
|
206.119.82.148
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://www.sqlite.org/2021/sqlite-dll-win32-x86-3340000.zip
|
45.33.6.223
|
||
|
http://www.childlesscatlady.today
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
https://www.google.com/favicon.ico
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
http://rockbull.pro/0804/?o0I8bJWh=7cQ5BE5RBCqgXF7xrBGoHohDXivjQLfe2KgDJ9LuiE6tpBU04a3sAbwq5Q7Yjj3Jj
|
unknown
|
||
|
http://www.sqlite.org/2017/sqlite-dll-win32-x86-3180000.zip
|
45.33.6.223
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
There are 23 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
rockbull.pro
|
185.174.173.22
|
|
|
|
wdgb23.top
|
206.119.82.148
|
|
|
|
www.martaschrimpf.info
|
208.91.197.27
|
|
|
|
www.guldeu.xyz
|
162.0.238.246
|
|
|
|
deikamalaharris.info
|
3.33.130.190
|
|
|
|
childlesscatlady.today
|
15.197.148.33
|
|
|
|
asiapartnars.online
|
15.197.148.33
|
|
|
|
www.timetime.store
|
unknown
|
|
|
|
www.childlesscatlady.today
|
unknown
|
|
|
|
www.rockbull.pro
|
unknown
|
|
|
|
www.asiapartnars.online
|
unknown
|
|
|
|
www.wdgb23.top
|
unknown
|
|
|
|
www.deikamalaharris.info
|
unknown
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
www.sqlite.org
|
45.33.6.223
|
There are 5 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.0.238.246
|
www.guldeu.xyz
|
Canada
|
|
|
|
15.197.148.33
|
childlesscatlady.today
|
United States
|
|
|
|
185.174.173.22
|
rockbull.pro
|
Ukraine
|
|
|
|
3.33.130.190
|
deikamalaharris.info
|
United States
|
|
|
|
206.119.82.148
|
wdgb23.top
|
United States
|
|
|
|
45.33.6.223
|
www.sqlite.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\GDIPlus
|
FontCachePath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Handshake\{F5042694-6DBB-4431-8D77-CD30DFD414D8}
|
data
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
|
Implementing
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2980000
|
unkown
|
page execute and read and write
|
|
|
|
E0000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
210000
|
system
|
page execute and read and write
|
|
|
|
1D0000
|
system
|
page execute and read and write
|
|
|
|
80000
|
system
|
page execute and read and write
|
|
|
|
600000
|
system
|
page execute and read and write
|
|
|
|
220000
|
trusted library allocation
|
page read and write
|
|
|
|
1490000
|
unclassified section
|
page execute and read and write
|
|
|
|
27A000
|
trusted library allocation
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
377000
|
heap
|
page read and write
|
||
|
6C4A000
|
heap
|
page read and write
|
||
|
7DE3000
|
heap
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
34FF000
|
trusted library allocation
|
page read and write
|
||
|
6B3B000
|
heap
|
page read and write
|
||
|
53F000
|
unkown
|
page read and write
|
||
|
154000
|
trusted library allocation
|
page read and write
|
||
|
2112000
|
heap
|
page read and write
|
||
|
64C000
|
system
|
page execute and read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
1BB000
|
stack
|
page read and write
|
||
|
53BE000
|
stack
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
59EF000
|
stack
|
page read and write
|
||
|
61E0000
|
heap
|
page read and write
|
||
|
3A4000
|
heap
|
page read and write
|
||
|
5C4E000
|
stack
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
6FAE000
|
heap
|
page read and write
|
||
|
7317000
|
heap
|
page read and write
|
||
|
5C1F000
|
stack
|
page read and write
|
||
|
13D2000
|
unkown
|
page execute read
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
51A000
|
unkown
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
5A12000
|
heap
|
page read and write
|
||
|
5E34000
|
heap
|
page read and write
|
||
|
949E000
|
stack
|
page read and write
|
||
|
2210000
|
direct allocation
|
page execute and read and write
|
||
|
5AB1000
|
heap
|
page read and write
|
||
|
6B30000
|
heap
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
736B000
|
heap
|
page read and write
|
||
|
61E01000
|
unkown
|
page execute read
|
||
|
6E6A000
|
heap
|
page read and write
|
||
|
61E9D000
|
unkown
|
page read and write
|
||
|
4A5E000
|
stack
|
page read and write
|
||
|
61E00000
|
unkown
|
page readonly
|
||
|
6EEF000
|
heap
|
page read and write
|
||
|
378000
|
stack
|
page read and write
|
||
|
8F0000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1D54000
|
heap
|
page read and write
|
||
|
6E77000
|
heap
|
page read and write
|
||
|
6F05000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
37D000
|
stack
|
page read and write
|
||
|
C11000
|
direct allocation
|
page execute and read and write
|
||
|
6CB0000
|
heap
|
page read and write
|
||
|
6E23000
|
heap
|
page read and write
|
||
|
7359000
|
heap
|
page read and write
|
||
|
45D7000
|
unkown
|
page execute and read and write
|
||
|
543000
|
unkown
|
page read and write
|
||
|
1FA0000
|
heap
|
page read and write
|
||
|
5B3F000
|
stack
|
page read and write
|
||
|
97FE000
|
stack
|
page read and write
|
||
|
2164000
|
heap
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
B67E000
|
stack
|
page read and write
|
||
|
6D8C000
|
heap
|
page read and write
|
||
|
5F80000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
6EB4000
|
heap
|
page read and write
|
||
|
61EA4000
|
unkown
|
page readonly
|
||
|
7730000
|
heap
|
page read and write
|
||
|
C90000
|
direct allocation
|
page execute and read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
6E31000
|
heap
|
page read and write
|
||
|
440000
|
trusted library allocation
|
page read and write
|
||
|
6D34000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
731A000
|
heap
|
page read and write
|
||
|
72B4000
|
heap
|
page read and write
|
||
|
897E000
|
stack
|
page read and write
|
||
|
18B000
|
trusted library allocation
|
page execute and read and write
|
||
|
344A000
|
unkown
|
page read and write
|
||
|
539000
|
unkown
|
page read and write
|
||
|
3AB000
|
stack
|
page read and write
|
||
|
61E8E000
|
unkown
|
page readonly
|
||
|
599C000
|
heap
|
page read and write
|
||
|
5A3F000
|
stack
|
page read and write
|
||
|
5D38000
|
heap
|
page read and write
|
||
|
7DC6000
|
heap
|
page read and write
|
||
|
94DE000
|
stack
|
page read and write
|
||
|
578C000
|
stack
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
5726000
|
heap
|
page read and write
|
||
|
12C0000
|
system
|
page read and write
|
||
|
61AF000
|
stack
|
page read and write
|
||
|
699F000
|
heap
|
page read and write
|
||
|
5854000
|
heap
|
page read and write
|
||
|
6F69000
|
heap
|
page read and write
|
||
|
3BD7000
|
unkown
|
page execute and read and write
|
||
|
490000
|
trusted library section
|
page read and write
|
||
|
1D50000
|
heap
|
page read and write
|
||
|
376E000
|
unkown
|
page read and write
|
||
|
7274000
|
heap
|
page read and write
|
||
|
5F3E000
|
stack
|
page read and write
|
||
|
6ACE000
|
heap
|
page read and write
|
||
|
C32000
|
direct allocation
|
page execute and read and write
|
||
|
660000
|
trusted library allocation
|
page read and write
|
||
|
7745000
|
heap
|
page read and write
|
||
|
56E2000
|
heap
|
page read and write
|
||
|
4A64000
|
heap
|
page read and write
|
||
|
B5F000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
595F000
|
stack
|
page read and write
|
||
|
59C5000
|
heap
|
page read and write
|
||
|
453000
|
heap
|
page read and write
|
||
|
5AA9000
|
heap
|
page read and write
|
||
|
531000
|
unkown
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
211E000
|
stack
|
page read and write
|
||
|
5E4A000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
7781000
|
heap
|
page read and write
|
||
|
7068000
|
heap
|
page read and write
|
||
|
1DB000
|
stack
|
page read and write
|
||
|
308000
|
stack
|
page read and write
|
||
|
6B9E000
|
heap
|
page read and write
|
||
|
32E000
|
unkown
|
page read and write
|
||
|
61EA3000
|
unkown
|
page write copy
|
||
|
519000
|
unkown
|
page read and write
|
||
|
61EA0000
|
unkown
|
page read and write
|
||
|
77EF000
|
heap
|
page read and write
|
||
|
534E000
|
stack
|
page read and write
|
||
|
27C2000
|
unclassified section
|
page read and write
|
||
|
327000
|
heap
|
page read and write
|
||
|
9C4E000
|
stack
|
page read and write | page guard
|
||
|
62F000
|
unkown
|
page read and write
|
||
|
7265000
|
heap
|
page read and write
|
||
|
735B000
|
heap
|
page read and write
|
||
|
437D000
|
stack
|
page read and write
|
||
|
30E7000
|
unclassified section
|
page execute and read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
5AE2000
|
heap
|
page read and write
|
||
|
6D2F000
|
stack
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
5B40000
|
trusted library allocation
|
page read and write
|
||
|
47E000
|
stack
|
page read and write
|
||
|
471000
|
heap
|
page read and write
|
||
|
6E6D000
|
heap
|
page read and write
|
||
|
6E39000
|
heap
|
page read and write
|
||
|
5A6E000
|
heap
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
20F4000
|
heap
|
page read and write
|
||
|
58EF000
|
stack
|
page read and write
|
||
|
104000
|
heap
|
page read and write
|
||
|
56D6000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
6B4F000
|
heap
|
page read and write
|
||
|
7322000
|
heap
|
page read and write
|
||
|
7098000
|
heap
|
page read and write
|
||
|
DB7000
|
direct allocation
|
page execute and read and write
|
||
|
52AA000
|
heap
|
page read and write
|
||
|
76F4000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
488E000
|
stack
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
771A000
|
heap
|
page read and write
|
||
|
3AB000
|
heap
|
page read and write
|
||
|
6C25000
|
heap
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
3D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FDC000
|
heap
|
page read and write
|
||
|
48F4000
|
heap
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
3EE000
|
unkown
|
page readonly
|
||
|
2182000
|
heap
|
page read and write
|
||
|
6AE2000
|
heap
|
page read and write
|
||
|
5AF000
|
stack
|
page read and write
|
||
|
1F24000
|
heap
|
page read and write
|
||
|
6E61000
|
heap
|
page read and write
|
||
|
61E8C000
|
unkown
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
471000
|
heap
|
page read and write
|
||
|
2220000
|
direct allocation
|
page execute and read and write
|
||
|
53A000
|
unkown
|
page read and write
|
||
|
34C000
|
stack
|
page read and write
|
||
|
534000
|
unkown
|
page read and write
|
||
|
6F5A000
|
heap
|
page read and write
|
||
|
5E80000
|
heap
|
page read and write
|
||
|
2014000
|
heap
|
page read and write
|
||
|
238A000
|
trusted library allocation
|
page read and write
|
||
|
6EA8000
|
heap
|
page read and write
|
||
|
2DC4000
|
unclassified section
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
51C000
|
unkown
|
page read and write
|
||
|
130000
|
direct allocation
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
16B000
|
stack
|
page read and write
|
||
|
270000
|
trusted library allocation
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
21B000
|
stack
|
page read and write
|
||
|
180000
|
trusted library allocation
|
page read and write
|
||
|
56FD000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page execute and read and write
|
||
|
6EAE000
|
heap
|
page read and write
|
||
|
6BF5000
|
heap
|
page read and write
|
||
|
F0D000
|
stack
|
page read and write
|
||
|
1C0000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
2227000
|
direct allocation
|
page execute and read and write
|
||
|
20DD000
|
stack
|
page read and write
|
||
|
20D000
|
stack
|
page read and write
|
||
|
290000
|
heap
|
page read and write
|
||
|
690000
|
trusted library allocation
|
page read and write
|
||
|
5F5F000
|
stack
|
page read and write
|
||
|
5D34000
|
heap
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
6EC7000
|
heap
|
page read and write
|
||
|
12FF000
|
stack
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
B62000
|
direct allocation
|
page execute and read and write
|
||
|
7A8000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
5D2F000
|
stack
|
page read and write
|
||
|
7018000
|
heap
|
page read and write
|
||
|
6EF2000
|
heap
|
page read and write
|
||
|
1CFB000
|
heap
|
page read and write
|
||
|
1CAF000
|
stack
|
page read and write
|
||
|
6D46000
|
heap
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
2702000
|
unclassified section
|
page read and write
|
||
|
104000
|
heap
|
page read and write
|
||
|
557D000
|
unkown
|
page read and write
|
||
|
2BAC000
|
unkown
|
page read and write
|
||
|
538E000
|
stack
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
6EBE000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
2410000
|
direct allocation
|
page execute and read and write
|
||
|
1F1A000
|
heap
|
page read and write
|
||
|
16D000
|
trusted library allocation
|
page execute and read and write
|
||
|
220000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
6B12000
|
heap
|
page read and write
|
||
|
23B0000
|
direct allocation
|
page execute and read and write
|
||
|
6C1C000
|
heap
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
672000
|
system
|
page execute and read and write
|
||
|
1F90000
|
heap
|
page read and write
|
||
|
BA000
|
stack
|
page read and write
|
||
|
7376000
|
heap
|
page read and write
|
||
|
564D000
|
heap
|
page read and write
|
||
|
6EC5000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
3587000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
56B4000
|
heap
|
page read and write
|
||
|
70DE000
|
heap
|
page read and write
|
||
|
5ACF000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page read and write
|
||
|
5F6F000
|
stack
|
page read and write
|
||
|
69AE000
|
heap
|
page read and write
|
||
|
53F000
|
unkown
|
page read and write
|
||
|
1482000
|
unkown
|
page readonly
|
||
|
23BE000
|
trusted library allocation
|
page read and write
|
||
|
12C000
|
stack
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
28D2000
|
unkown
|
page read and write
|
||
|
3F7000
|
unkown
|
page readonly
|
||
|
6FF000
|
heap
|
page read and write
|
||
|
72A0000
|
heap
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
571D000
|
heap
|
page read and write
|
||
|
240000
|
trusted library allocation
|
page execute and read and write
|
||
|
394000
|
heap
|
page read and write
|
||
|
35E000
|
heap
|
page read and write
|
||
|
725E000
|
heap
|
page read and write
|
||
|
3E1000
|
unkown
|
page execute read
|
||
|
A80000
|
unkown
|
page readonly
|
||
|
433000
|
heap
|
page read and write
|
||
|
7495000
|
heap
|
page read and write
|
||
|
2130000
|
direct allocation
|
page execute and read and write
|
||
|
512000
|
unkown
|
page read and write
|
||
|
6D6F000
|
heap
|
page read and write
|
||
|
7646000
|
heap
|
page read and write
|
||
|
760000
|
unkown
|
page readonly
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
7363000
|
heap
|
page read and write
|
||
|
3E0000
|
unkown
|
page readonly
|
||
|
72F7000
|
heap
|
page read and write
|
||
|
531000
|
unkown
|
page read and write
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
7027000
|
heap
|
page read and write
|
||
|
23A1000
|
direct allocation
|
page execute and read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
150C000
|
system
|
page read and write
|
||
|
53D0000
|
heap
|
page read and write
|
||
|
56B7000
|
heap
|
page read and write
|
||
|
72F000
|
heap
|
page read and write
|
||
|
725B000
|
heap
|
page read and write
|
||
|
5DDF000
|
stack
|
page read and write
|
||
|
3AE7000
|
unclassified section
|
page execute and read and write
|
||
|
B00000
|
direct allocation
|
page execute and read and write
|
||
|
6D3F000
|
heap
|
page read and write
|
||
|
5F95000
|
heap
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
2290000
|
direct allocation
|
page execute and read and write
|
||
|
C14000
|
direct allocation
|
page execute and read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
38B2000
|
trusted library allocation
|
page read and write
|
||
|
B66000
|
direct allocation
|
page execute and read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
572C000
|
heap
|
page read and write
|
||
|
3E0000
|
unkown
|
page readonly
|
||
|
2014000
|
heap
|
page read and write
|
||
|
172000
|
trusted library allocation
|
page read and write
|
||
|
DB4000
|
direct allocation
|
page execute and read and write
|
||
|
1F3E000
|
unkown
|
page read and write
|
||
|
6A80000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
1ED000
|
stack
|
page read and write
|
||
|
558000
|
trusted library allocation
|
page read and write
|
||
|
3E1000
|
unkown
|
page execute read
|
||
|
370000
|
heap
|
page read and write
|
||
|
1D8B000
|
heap
|
page read and write
|
||
|
6D4C000
|
heap
|
page read and write
|
||
|
2F56000
|
unclassified section
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
1232000
|
system
|
page read and write
|
||
|
4DFF000
|
stack
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
4912000
|
heap
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
1F24000
|
heap
|
page read and write
|
||
|
167000
|
stack
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
21B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C7F000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
AA0000
|
direct allocation
|
page execute and read and write
|
||
|
2331000
|
trusted library allocation
|
page read and write
|
||
|
29EC000
|
unkown
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page read and write
|
||
|
FC000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
6250000
|
heap
|
page read and write
|
||
|
5F89000
|
heap
|
page read and write
|
||
|
6EC0000
|
heap
|
page read and write
|
||
|
580E000
|
heap
|
page read and write
|
||
|
7770000
|
heap
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
33F000
|
unkown
|
page read and write
|
||
|
44E7000
|
unclassified section
|
page execute and read and write
|
||
|
35E000
|
unkown
|
page read and write
|
||
|
45F000
|
heap
|
page read and write
|
||
|
23D0000
|
trusted library allocation
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
heap
|
page read and write
|
||
|
205E000
|
stack
|
page read and write
|
||
|
153000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E9000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
5711000
|
heap
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
51F000
|
unkown
|
page read and write
|
||
|
7139000
|
heap
|
page read and write
|
||
|
5AD5000
|
heap
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
215000
|
trusted library allocation
|
page execute and read and write
|
||
|
188000
|
heap
|
page read and write
|
||
|
72E0000
|
heap
|
page read and write
|
||
|
6E7E000
|
heap
|
page read and write
|
||
|
22A0000
|
direct allocation
|
page execute and read and write
|
||
|
52AE000
|
heap
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
282F000
|
stack
|
page read and write
|
||
|
150000
|
trusted library allocation
|
page read and write
|
||
|
B88E000
|
stack
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
3F5000
|
unkown
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
7361000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
433000
|
heap
|
page read and write
|
||
|
B22E000
|
stack
|
page read and write
|
||
|
5717000
|
heap
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
6E37000
|
heap
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
1EB000
|
stack
|
page read and write
|
||
|
5A2E000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
5F98000
|
heap
|
page read and write
|
||
|
217000
|
trusted library allocation
|
page execute and read and write
|
||
|
5019000
|
trusted library allocation
|
page read and write
|
||
|
AFF0000
|
heap
|
page read and write
|
||
|
5A4D000
|
heap
|
page read and write
|
||
|
37D000
|
stack
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
5B50000
|
trusted library allocation
|
page read and write
|
||
|
212000
|
trusted library allocation
|
page read and write
|
||
|
6A1E000
|
heap
|
page read and write
|
||
|
453000
|
heap
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
3EE000
|
unkown
|
page readonly
|
||
|
5D2D000
|
stack
|
page read and write
|
||
|
1F20000
|
heap
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
5B60000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
7325000
|
heap
|
page read and write
|
||
|
541000
|
unkown
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
270000
|
trusted library allocation
|
page read and write
|
||
|
7338000
|
heap
|
page read and write
|
||
|
654000
|
system
|
page execute and read and write
|
||
|
6FA0000
|
heap
|
page read and write
|
||
|
35DC000
|
unkown
|
page read and write
|
||
|
312000
|
system
|
page execute and read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
52BD000
|
heap
|
page read and write
|
||
|
4980000
|
heap
|
page execute and read and write
|
||
|
2080000
|
heap
|
page read and write
|
||
|
6930000
|
heap
|
page read and write
|
||
|
471000
|
heap
|
page read and write
|
||
|
3E0000
|
unkown
|
page readonly
|
||
|
281C000
|
unclassified section
|
page read and write
|
||
|
B20000
|
direct allocation
|
page execute and read and write
|
||
|
3891000
|
trusted library allocation
|
page read and write
|
||
|
614000
|
heap
|
page read and write
|
||
|
2DD000
|
stack
|
page read and write
|
||
|
4F5F000
|
stack
|
page read and write
|
||
|
5F8E000
|
heap
|
page read and write
|
||
|
9A8E000
|
stack
|
page read and write
|
||
|
3470000
|
trusted library allocation
|
page read and write
|
||
|
3A4000
|
heap
|
page read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
6DA7000
|
heap
|
page read and write
|
||
|
1CC0000
|
heap
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
569C000
|
heap
|
page read and write
|
||
|
457000
|
heap
|
page read and write
|
||
|
B30000
|
direct allocation
|
page execute and read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
3E1000
|
unkown
|
page execute read
|
||
|
15D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
6F12000
|
heap
|
page read and write
|
||
|
2420000
|
direct allocation
|
page execute and read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
4B6000
|
heap
|
page read and write
|
||
|
23D2000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
8C6000
|
heap
|
page read and write
|
||
|
538000
|
unkown
|
page read and write
|
||
|
2F94000
|
unkown
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
2120000
|
direct allocation
|
page execute and read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
520E000
|
stack
|
page read and write
|
||
|
6140000
|
heap
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
140000
|
trusted library allocation
|
page read and write
|
||
|
6ECC000
|
heap
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
1BB000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
297000
|
system
|
page execute and read and write
|
||
|
23A4000
|
direct allocation
|
page execute and read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
2992000
|
unkown
|
page read and write
|
||
|
6D4000
|
heap
|
page read and write
|
||
|
13D2000
|
unkown
|
page execute read
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
F0000
|
unkown
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write | page guard
|
||
|
463000
|
heap
|
page read and write
|
||
|
220E000
|
stack
|
page read and write
|
||
|
5D30000
|
heap
|
page read and write
|
||
|
527E000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
26E7000
|
unclassified section
|
page execute and read and write
|
||
|
3E1000
|
unkown
|
page execute read
|
||
|
5859000
|
heap
|
page read and write
|
||
|
463000
|
heap
|
page read and write
|
||
|
5F70000
|
heap
|
page read and write
|
||
|
6C83000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
160000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
6F30000
|
heap
|
page read and write
|
||
|
49C0000
|
heap
|
page read and write
|
||
|
4A0E000
|
stack
|
page read and write
|
||
|
31D7000
|
unkown
|
page execute and read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
23AA000
|
trusted library allocation
|
page read and write
|
||
|
5698000
|
heap
|
page read and write
|
||
|
A80000
|
unkown
|
page readonly
|
||
|
5C4E000
|
stack
|
page read and write
|
||
|
6B8A000
|
heap
|
page read and write
|
||
|
59FB000
|
heap
|
page read and write
|
||
|
AFEE000
|
stack
|
page read and write
|
||
|
664000
|
system
|
page execute and read and write
|
||
|
360F000
|
trusted library allocation
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
153000
|
trusted library allocation
|
page execute and read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
519F000
|
stack
|
page read and write
|
||
|
5835000
|
heap
|
page read and write
|
||
|
6A92000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
A94000
|
direct allocation
|
page execute and read and write
|
||
|
3F7000
|
unkown
|
page readonly
|
||
|
1F2B000
|
heap
|
page read and write
|
||
|
72B6000
|
heap
|
page read and write
|
||
|
9A0000
|
direct allocation
|
page execute and read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
2BAC000
|
unkown
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
80000
|
direct allocation
|
page read and write
|
||
|
172000
|
trusted library allocation
|
page read and write
|
||
|
154000
|
trusted library allocation
|
page read and write
|
||
|
56D9000
|
heap
|
page read and write
|
||
|
48DE000
|
stack
|
page read and write
|
||
|
3BA000
|
heap
|
page read and write
|
||
|
12C000
|
stack
|
page read and write
|
||
|
359E000
|
unclassified section
|
page read and write
|
||
|
1F28000
|
heap
|
page read and write
|
||
|
5BBE000
|
stack
|
page read and write
|
||
|
38A1000
|
trusted library allocation
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
250000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
direct allocation
|
page execute and read and write
|
||
|
6DA0000
|
heap
|
page read and write
|
||
|
224F000
|
stack
|
page read and write
|
||
|
6C28000
|
heap
|
page read and write
|
||
|
6CBA000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
6BF8000
|
heap
|
page read and write
|
||
|
244F000
|
stack
|
page read and write
|
||
|
3697000
|
trusted library allocation
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
3F5000
|
unkown
|
page read and write
|
||
|
70AC000
|
heap
|
page read and write
|
||
|
6E1E000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
177000
|
trusted library allocation
|
page execute and read and write
|
||
|
72EB000
|
heap
|
page read and write
|
||
|
51E000
|
unkown
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
514000
|
unkown
|
page read and write
|
||
|
6E66000
|
heap
|
page read and write
|
||
|
6E80000
|
heap
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
52C2000
|
heap
|
page read and write
|
||
|
694B000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
6E1A000
|
heap
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F1D000
|
heap
|
page read and write
|
||
|
531000
|
unkown
|
page read and write
|
||
|
5A30000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page read and write
|
||
|
3F7000
|
unkown
|
page readonly
|
||
|
1F2B000
|
heap
|
page read and write
|
||
|
7272000
|
heap
|
page read and write
|
||
|
3BA000
|
heap
|
page read and write
|
||
|
6B7000
|
heap
|
page read and write
|
||
|
F21000
|
unkown
|
page execute read
|
||
|
5688000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
B40000
|
direct allocation
|
page execute and read and write
|
||
|
A97000
|
direct allocation
|
page execute and read and write
|
||
|
A80000
|
direct allocation
|
page execute and read and write
|
||
|
680000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
7253000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
5E38000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
17A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5829000
|
heap
|
page read and write
|
||
|
291B000
|
trusted library allocation
|
page read and write
|
||
|
B52000
|
direct allocation
|
page execute and read and write
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
67B0000
|
trusted library section
|
page read and write
|
||
|
74D5000
|
heap
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
6CE4000
|
heap
|
page read and write
|
||
|
185000
|
trusted library allocation
|
page execute and read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
22B0000
|
direct allocation
|
page execute and read and write
|
||
|
7171000
|
heap
|
page read and write
|
||
|
A48000
|
trusted library allocation
|
page read and write
|
||
|
7DD1000
|
heap
|
page read and write
|
||
|
2891000
|
trusted library allocation
|
page read and write
|
||
|
9C4F000
|
stack
|
page read and write
|
||
|
6BD9000
|
heap
|
page read and write
|
||
|
6C85000
|
heap
|
page read and write
|
||
|
DB1000
|
direct allocation
|
page execute and read and write
|
||
|
48F0000
|
heap
|
page read and write
|
||
|
1CE7000
|
unclassified section
|
page execute and read and write
|
||
|
28D2000
|
unkown
|
page read and write
|
||
|
C34000
|
direct allocation
|
page execute and read and write
|
||
|
29DC000
|
unclassified section
|
page read and write
|
||
|
B35F000
|
stack
|
page read and write
|
||
|
5BAF000
|
stack
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
63F0000
|
heap
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
7D3C000
|
heap
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
6CE0000
|
heap
|
page read and write
|
||
|
7DCB000
|
heap
|
page read and write
|
||
|
57C0000
|
heap
|
page execute and read and write
|
||
|
210000
|
trusted library allocation
|
page read and write
|
||
|
8D7000
|
heap
|
page read and write
|
||
|
69EE000
|
heap
|
page read and write
|
||
|
4F9F000
|
stack
|
page read and write
|
||
|
6EF9000
|
heap
|
page read and write
|
||
|
9800000
|
heap
|
page read and write
|
||
|
740C000
|
heap
|
page read and write
|
||
|
6130000
|
heap
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
556E000
|
stack
|
page read and write
|
||
|
6BEE000
|
stack
|
page read and write
|
||
|
340C000
|
unclassified section
|
page read and write
|
||
|
3165000
|
unkown
|
page execute and read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
4FD7000
|
unkown
|
page execute and read and write
|
||
|
6CBD000
|
heap
|
page read and write
|
||
|
6EAC000
|
heap
|
page read and write
|
||
|
7737000
|
heap
|
page read and write
|
||
|
3B8000
|
heap
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
5F89000
|
heap
|
page read and write
|
||
|
6C54000
|
heap
|
page read and write
|
||
|
CC0000
|
direct allocation
|
page execute and read and write
|
||
|
7055000
|
heap
|
page read and write
|
||
|
122000
|
heap
|
page read and write
|
||
|
2032000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
7B0E000
|
heap
|
page read and write
|
||
|
12F2000
|
system
|
page read and write
|
||
|
732D000
|
heap
|
page read and write
|
||
|
23AF000
|
trusted library allocation
|
page read and write
|
||
|
182000
|
trusted library allocation
|
page read and write
|
||
|
59F4000
|
heap
|
page read and write
|
||
|
5712000
|
heap
|
page read and write
|
||
|
2094000
|
heap
|
page read and write
|
||
|
55ED000
|
stack
|
page read and write
|
||
|
5F9A000
|
heap
|
page read and write
|
||
|
496E000
|
stack
|
page read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
933E000
|
stack
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
3341000
|
trusted library allocation
|
page read and write
|
||
|
6C2E000
|
stack
|
page read and write
|
||
|
3F7000
|
unkown
|
page readonly
|
||
|
449D000
|
stack
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
5E30000
|
heap
|
page read and write
|
||
|
1F9D000
|
stack
|
page read and write
|
||
|
544F000
|
stack
|
page read and write
|
||
|
5F40000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
884E000
|
stack
|
page read and write
|
||
|
72A8000
|
heap
|
page read and write
|
||
|
B9C000
|
direct allocation
|
page execute and read and write
|
||
|
7BDA000
|
heap
|
page read and write
|
||
|
1F20000
|
heap
|
page read and write
|
||
|
5580000
|
unkown
|
page read and write
|
||
|
72D8000
|
heap
|
page read and write
|
||
|
4E1D000
|
heap
|
page read and write
|
||
|
221F000
|
stack
|
page read and write
|
||
|
49F000
|
heap
|
page read and write
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
6E26000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page execute and read and write
|
||
|
39E000
|
heap
|
page read and write
|
||
|
E70000
|
unkown
|
page readonly
|
||
|
877E000
|
stack
|
page read and write
|
||
|
51B000
|
unkown
|
page read and write
|
||
|
2230000
|
direct allocation
|
page execute and read and write
|
||
|
5E3F000
|
heap
|
page read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
1F28000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
6F0F000
|
heap
|
page read and write
|
||
|
342A000
|
trusted library allocation
|
page read and write
|
||
|
20C000
|
unkown
|
page read and write
|
||
|
150000
|
trusted library allocation
|
page read and write
|
||
|
72B000
|
heap
|
page read and write
|
||
|
2097000
|
heap
|
page read and write
|
||
|
439000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
3EE000
|
unkown
|
page readonly
|
||
|
1E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
6C57000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page read and write
|
||
|
500C000
|
stack
|
page read and write
|
||
|
187000
|
trusted library allocation
|
page execute and read and write
|
||
|
72E3000
|
heap
|
page read and write
|
||
|
6D99000
|
heap
|
page read and write
|
||
|
6C21000
|
heap
|
page read and write
|
||
|
2032000
|
heap
|
page read and write
|
||
|
6140000
|
heap
|
page read and write
|
||
|
23A7000
|
direct allocation
|
page execute and read and write
|
||
|
471000
|
heap
|
page read and write
|
||
|
760000
|
unkown
|
page readonly
|
||
|
A90000
|
direct allocation
|
page execute and read and write
|
||
|
1ED000
|
stack
|
page read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
967E000
|
stack
|
page read and write
|
||
|
2960000
|
unkown
|
page read and write
|
||
|
6E85000
|
heap
|
page read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
1B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BDC000
|
heap
|
page read and write
|
||
|
6DA2000
|
heap
|
page read and write
|
||
|
20A0000
|
heap
|
page read and write
|
||
|
8B4000
|
heap
|
page read and write
|
||
|
670000
|
system
|
page execute and read and write
|
||
|
34B5000
|
trusted library allocation
|
page read and write
|
||
|
1D6000
|
heap
|
page read and write
|
||
|
33E4000
|
trusted library allocation
|
page read and write
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
6D8E000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
C17000
|
direct allocation
|
page execute and read and write
|
||
|
9B0000
|
trusted library allocation
|
page read and write
|
||
|
15B000
|
stack
|
page read and write
|
||
|
42F000
|
heap
|
page read and write
|
||
|
7EF30000
|
trusted library allocation
|
page execute and read and write
|
||
|
177000
|
trusted library allocation
|
page execute and read and write
|
||
|
757000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
990000
|
direct allocation
|
page execute and read and write
|
||
|
537000
|
unkown
|
page read and write
|
||
|
2160000
|
heap
|
page read and write
|
||
|
7224000
|
heap
|
page read and write
|
||
|
1CC000
|
stack
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
6E3E000
|
heap
|
page read and write
|
||
|
2A3000
|
heap
|
page read and write
|
||
|
230000
|
heap
|
page read and write
|
||
|
6AD0000
|
heap
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
6EB1000
|
heap
|
page read and write
|
||
|
92DE000
|
stack
|
page read and write
|
||
|
290A000
|
trusted library allocation
|
page read and write
|
||
|
72B000
|
heap
|
page read and write
|
||
|
531000
|
unkown
|
page read and write
|
||
|
4CAE000
|
stack
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write | page guard
|
||
|
731D000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
6A01000
|
heap
|
page read and write
|
||
|
3F5000
|
unkown
|
page read and write
|
||
|
3B5000
|
heap
|
page read and write
|
||
|
42D000
|
remote allocation
|
page execute and read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
584B000
|
heap
|
page read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
49D000
|
heap
|
page read and write
|
||
|
5A87000
|
heap
|
page read and write
|
||
|
56F6000
|
heap
|
page read and write
|
||
|
5F80000
|
heap
|
page read and write
|
||
|
6CB6000
|
heap
|
page read and write
|
||
|
327A000
|
unclassified section
|
page read and write
|
||
|
387000
|
heap
|
page read and write
|
||
|
270000
|
trusted library allocation
|
page read and write
|
||
|
71CB000
|
heap
|
page read and write
|
||
|
599D000
|
stack
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
37F000
|
unkown
|
page read and write
|
||
|
74FA000
|
heap
|
page read and write
|
||
|
4D9D000
|
heap
|
page read and write
|
||
|
53C000
|
unkown
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
6C31000
|
heap
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
70F2000
|
heap
|
page read and write
|
||
|
953F000
|
stack
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
18F4000
|
system
|
page read and write
|
||
|
5806000
|
heap
|
page read and write
|
||
|
1C75000
|
unclassified section
|
page execute and read and write
|
||
|
56D3000
|
heap
|
page read and write
|
||
|
2091000
|
heap
|
page read and write
|
||
|
208D000
|
stack
|
page read and write
|
||
|
DDF000
|
stack
|
page read and write
|
||
|
2390000
|
direct allocation
|
page execute and read and write
|
||
|
729E000
|
heap
|
page read and write
|
||
|
6F0B000
|
heap
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
42E000
|
heap
|
page read and write
|
||
|
1ECF000
|
stack
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
6E3B000
|
heap
|
page read and write
|
||
|
270000
|
trusted library allocation
|
page read and write
|
||
|
1E40000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
122000
|
heap
|
page read and write
|
||
|
619F000
|
stack
|
page read and write
|
||
|
6C7D000
|
heap
|
page read and write
|
||
|
61E9E000
|
unkown
|
page readonly
|
||
|
5650000
|
heap
|
page read and write
|
||
|
3C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
5AA6000
|
heap
|
page read and write
|
||
|
BA0F000
|
stack
|
page read and write
|
||
|
90000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
unkown
|
page readonly
|
||
|
6FEB000
|
heap
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
4A82000
|
heap
|
page read and write
|
||
|
559D000
|
unkown
|
page read and write
|
||
|
6EA6000
|
heap
|
page read and write
|
||
|
9DD000
|
stack
|
page read and write
|
||
|
7459000
|
heap
|
page read and write
|
||
|
3AB000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
69B3000
|
heap
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
7DE7000
|
heap
|
page read and write
|
||
|
6987000
|
heap
|
page read and write
|
||
|
A00000
|
trusted library allocation
|
page read and write
|
||
|
B5B000
|
direct allocation
|
page execute and read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
68FE000
|
stack
|
page read and write
|
||
|
1CC5000
|
heap
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
56E6000
|
heap
|
page read and write
|
||
|
5D5E000
|
stack
|
page read and write
|
||
|
3126000
|
unkown
|
page read and write
|
||
|
17A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B49E000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
387000
|
heap
|
page read and write
|
||
|
23C4000
|
trusted library allocation
|
page read and write
|
||
|
3EE000
|
unkown
|
page readonly
|
||
|
59D7000
|
unkown
|
page execute and read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
6BFA000
|
heap
|
page read and write
|
||
|
6A7E000
|
heap
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
5804000
|
heap
|
page read and write
|
||
|
E0000
|
trusted library allocation
|
page read and write
|
||
|
433000
|
heap
|
page read and write
|
||
|
463000
|
heap
|
page read and write
|
||
|
3E0000
|
unkown
|
page readonly
|
||
|
7295000
|
heap
|
page read and write
|
||
|
2224000
|
direct allocation
|
page execute and read and write
|
||
|
15D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
6C1A000
|
heap
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
6EF7000
|
heap
|
page read and write
|
||
|
59D000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
2790000
|
unclassified section
|
page read and write
|
||
|
6C7000
|
system
|
page execute and read and write
|
||
|
5F89000
|
heap
|
page read and write
|
||
|
3F5000
|
unkown
|
page read and write
|
||
|
480000
|
trusted library allocation
|
page read and write
|
||
|
DB000
|
stack
|
page read and write
|
||
|
5013000
|
trusted library allocation
|
page read and write
|
||
|
97C000
|
stack
|
page read and write
|
There are 908 hidden memdumps, click here to show them.