Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Program.Unwanted.5510.8307.25058.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\features[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\Opera_GX_114.0.5282.123_Autoupdate_x64[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410252328151\opera_package
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer\opera_installer_20241025232814717.log
|
ASCII text, with very long lines (1849)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer\opera_installer_20241025232816125.log
|
ASCII text, with very long lines (1814)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Opera_installer_2410260328139673260.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Opera_installer_2410260328142573128.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Opera_installer_2410260328151326808.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Opera_installer_241026032815625796.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Opera_installer_241026032815935792.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Setup\OperaGXSetup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat
|
data
|
dropped
|
||
|
\Device\Mailslot\opera_installer\C:\Users\user\AppData\Local\Programs\Opera GX
|
data
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Program.Unwanted.5510.8307.25058.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Program.Unwanted.5510.8307.25058.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Setup\OperaGXSetup.exe
|
"C:\Users\user\AppData\Local\Temp\Setup\OperaGXSetup.exe" -silent --allusers=0
|
||
|
C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe
|
C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe -silent --allusers=0 --server-tracking-blob=NDgxZTU0NzEzZjM5NTJlNzM3MzgwMjAyNDc1ZjEwMjFlMTQ2N2E4ZmI3MWNmNDJkYjA0YmQzZTA5MWEzODdhZTp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNV8zODQ5JnV0bV9pZD1iYjVkMjdkNGRkZGY0ZmQ1OTU2NDQzODc0Y2QxYjUxMyZ1dG1fY29udGVudD0zODQ5X29wZ3g5MCIsInRpbWVzdGFtcCI6IjE3Mjk5MTMyODguOTIxNCIsInVzZXJhZ2VudCI6IkRyaXZlckh1Ykluc3RhbGxlci8zLjQuNSIsInV0bSI6eyJjYW1wYWlnbiI6IlBXTl9VU19QQjVfMzg0OSIsImNvbnRlbnQiOiIzODQ5X29wZ3g5MCIsImlkIjoiYmI1ZDI3ZDRkZGRmNGZkNTk1NjQ0Mzg3NGNkMWI1MTMiLCJtZWRpdW0iOiJwYSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiIxMTg4ZDNmMi1lMzk2LTRhNzctOTRiOC1jZjBkMGFmMzAxMTMifQ==
|
||
|
C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe
|
C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler
"--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera
Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32
--annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.123 --initial-client-data=0x320,0x324,0x328,0x2fc,0x32c,0x69478c5c,0x69478c68,0x69478c74
|
||
|
C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
|
"C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
|
||
|
C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe
|
"C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1
--consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --vought_browser=0
--launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0
--copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data
--initial-pid=3260 --package-dir-prefix="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20241025232815"
--session-guid=b3083e74-a52a-4920-aa0f-d32d81e99406 --server-tracking-blob=NDVlNzNlOGRkOGUxODFlNzY4MWE0NWMyMjc2MmI4MmFiMDFiMjYzMzQ0NWNjM2E1Y2UyMTg2OTA1Y2UzNWNhNDp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNV8zODQ5JnV0bV9pZD1iYjVkMjdkNGRkZGY0ZmQ1OTU2NDQzODc0Y2QxYjUxMyZ1dG1fY29udGVudD0zODQ5X29wZ3g5MCIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjEwIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTcyOTkxMzI4OC45MjE0IiwidXNlcmFnZW50IjoiRHJpdmVySHViSW5zdGFsbGVyLzMuNC41IiwidXRtIjp7ImNhbXBhaWduIjoiUFdOX1VTX1BCNV8zODQ5IiwiY29udGVudCI6IjM4NDlfb3BneDkwIiwiaWQiOiJiYjVkMjdkNGRkZGY0ZmQ1OTU2NDQzODc0Y2QxYjUxMyIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6IjExODhkM2YyLWUzOTYtNGE3Ny05NGI4LWNmMGQwYWYzMDExMyJ9
--silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=FC05000000000000
|
||
|
C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe
|
C:\Users\user\AppData\Local\Temp\7zS4052A199\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler
"--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera
Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32
--annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.123 --initial-client-data=0x340,0x344,0x348,0x308,0x34c,0x68658c5c,0x68658c68,0x68658c74
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://desktop-netinstaller-sub.osp.opera.software/z
|
unknown
|
||
|
http://foo/MainWindow.xamld
|
unknown
|
||
|
https://crashstats-collector-2.opera.com/--initial-client-data=0x340
|
unknown
|
||
|
https://legal.opera.com/terms
|
unknown
|
||
|
https://download5.operacdn.com/ftp/pub/opera_gx/114.0.5282.123/win/Opera_GX_114.0.5282.123_Autoupdat
|
unknown
|
||
|
https://redir.opera.com/www.opera.com/gx/firstrun/?utm_campaign=PWN_US_PB5_3849&utm_content=3849_opg
|
unknown
|
||
|
https://download.opera.com/
|
unknown
|
||
|
https://help.opera.com/latest/
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/5y
|
unknown
|
||
|
https://policies.google.com/terms;
|
unknown
|
||
|
https://download.opera.com/download/get/?partner=www&opsys=Windows&utm_source=netinstaller
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/d
|
unknown
|
||
|
http://localhost:3001api/prefs/?product=$1&version=$2..
|
unknown
|
||
|
https://crashpad.chromium.org/https://crashpad.chromium.org/bug/new
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/SysWOW64
|
unknown
|
||
|
https://crashstats-collector-2.opera.com/https://crashstats-collector-2.opera.com/
|
unknown
|
||
|
http://www.az-partners.net
|
unknown
|
||
|
https://www.savinist.com/77PRQFB/KMZXBTT/d
|
unknown
|
||
|
https://crashstats-collector-2.opera.com/32--url=https://crashstats-collector-2.opera.com/
|
unknown
|
||
|
https://www.opera.com
|
unknown
|
||
|
https://crashstats-collector-2.opera.com/
|
unknown
|
||
|
http://eu.net.opera.comd
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://download5.operacdn.com/ftp/pub/opera_gx/114.0.5282.123/win/Opera_GX_114.0.5282.1
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/v1/binary
|
unknown
|
||
|
https://autoupdate.opera.com/A
|
unknown
|
||
|
https://crashpad.chromium.org/
|
unknown
|
||
|
https://addons.opera.com/en/extensions/details/dify-cashback/
|
unknown
|
||
|
https://www.az-partners.net/s/dPr71
|
unknown
|
||
|
https://autoupdate.opera.com/J
|
unknown
|
||
|
https://download5.operacdn.com/
|
unknown
|
||
|
https://download.opera.com/0
|
unknown
|
||
|
http://www.opera.com0
|
unknown
|
||
|
http://www.az-partners.netd
|
unknown
|
||
|
https://opera.com/privacy
|
unknown
|
||
|
https://www.az-partners.net/s/rXLVPlBfq
|
unknown
|
||
|
https://gamemaker.io)
|
unknown
|
||
|
http://www.savinist.com
|
unknown
|
||
|
https://sourcecode.opera.com
|
unknown
|
||
|
https://autoupdate.geo.opera.com/https://autoupdate.opera.com/me/OperaDesktopGXhttps://crashstats-co
|
unknown
|
||
|
http://foo/bar/mainwindow.baml
|
unknown
|
||
|
http://net.geo.opera.comd
|
unknown
|
||
|
http://eu.net.opera.com
|
unknown
|
||
|
https://www.az-partners.net/s/rXLVPcorlib
|
unknown
|
||
|
http://defaultcontainer/MainWindow.xamld
|
unknown
|
||
|
http://foo/MainWindow.xaml
|
unknown
|
||
|
https://download5.operacdn.com/p
|
unknown
|
||
|
http://net.geo.opera.com
|
unknown
|
||
|
https://gamemaker.io/en/get.
|
unknown
|
||
|
https://www.opera.com/gx/
|
unknown
|
||
|
https://gamemaker.io
|
unknown
|
||
|
https://www.az-partners.net
|
unknown
|
||
|
https://www.az-partners.net/s/rXLVPKO
|
unknown
|
||
|
https://api.config.opr.gg/v0/config?utm_campaign=PWN_US_PB5_3849&utm_medium=pa&utm_source=PWNgames&p
|
unknown
|
||
|
https://help.instagram.com/581066165581870;
|
unknown
|
||
|
https://www.savinist.com/77PRQFB/KMZXBTT/?sub1=opgx90
|
unknown
|
||
|
https://features.opera-api2.com/api/v2/features?country=US&language=en-GB&uuid=701b5ff5-b736-4d66-a0
|
unknown
|
||
|
https://crashstats-collector-2.opera.com/s
|
unknown
|
||
|
https://api.config.opr.gg/v0/config
|
unknown
|
||
|
https://www.az-partners.net/s/rXLVP
|
unknown
|
||
|
https://download.opera.com/download/get/?id=68353&autoupdate=1&ni=1&stream=stable&utm_campaign=PWN_U
|
unknown
|
||
|
https://www.opera.com/privacy
|
unknown
|
||
|
https://crashpad.chromium.org/bug/new
|
unknown
|
||
|
http://www.savinist.comd
|
unknown
|
||
|
https://download.opera.com/download/get/?id=52318&autoupdate=1&ni=10000
|
unknown
|
||
|
https://crashstats-collector-2.opera.com/--annotation=channel=Stable--annotation=plat=Win32--annotat
|
unknown
|
||
|
https://download.opera.com/download/get/?id=52318&autoupdate=1&ni=1
|
unknown
|
||
|
https://gamemaker.io/en/education.
|
unknown
|
||
|
https://legal.opera.com/terms.
|
unknown
|
||
|
http://defaultcontainer/MainWindow.xaml
|
unknown
|
||
|
https://telegram.org/tos/
|
unknown
|
||
|
https://features.opera-api2.com/
|
unknown
|
||
|
https://www.az-partners.net/s/3XgyP
|
unknown
|
||
|
https://download3.operacdn.com/res/servicefiles/partner_content/std-2/1714144780-custom_partner_cont
|
unknown
|
||
|
http://foo/bar/mainwindow.bamld
|
unknown
|
||
|
https://autoupdate.geo.opera.com/v5/netinstaller/gx/Stable/windows/x64
|
unknown
|
||
|
https://www.savinist.com
|
unknown
|
||
|
https://crashstats-collector-2.opera.com/--database=C:
|
unknown
|
||
|
https://download.opera.com/download/get/?id=52318&autoupdate=1&ni=1pera
|
unknown
|
||
|
https://net.geo.opera.com/opera_gx/stable/edition/std-2?utm_source=PWNgames&utm_medium=pa&utm_campai
|
unknown
|
||
|
https://www.savinist.com/77PRQFB/KMZXBTT/
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/v1/binaryT
|
unknown
|
||
|
https://net.geo.opera.com
|
unknown
|
||
|
https://autoupdate.geo.opera.com/
|
unknown
|
||
|
https://autoupdate.opera.com/me/9406d3c57aa7de97f93900760b88b1cc50a7d676ba9d29c865bf5befe72936eabdd7
|
unknown
|
||
|
https://twitter.com/en/tos;
|
unknown
|
||
|
https://crashstats-collector-2.opera.com/--initial-client-data=0x320
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/v1/binaryh
|
unknown
|
||
|
https://redir.opera.com/uninstallsurvey/
|
unknown
|
||
|
https://autoupdate.opera.com/me/
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/
|
unknown
|
||
|
https://features.opera-api2.com/q
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/v1/binaryy
|
unknown
|
||
|
https://api.config.opr.gg/
|
unknown
|
||
|
https://api.config.opr.gg/U
|
unknown
|
||
|
https://legal.opera.com/eula/computers
|
unknown
|
||
|
https://www.whatsapp.com/legal;
|
unknown
|
||
|
https://www.opera.com..
|
unknown
|
||
|
https://api.config.opr.gg/v0/configeditionutm_campaign=%s&utm_medium=%s&utm_source=%s&product=%s&cha
|
unknown
|
||
|
https://desktop-netinstaller-sub.osp.opera.software/1x
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
82.145.216.20
|
unknown
|
United Kingdom
|
||
|
82.145.217.121
|
unknown
|
United Kingdom
|
||
|
188.130.153.32
|
unknown
|
Russian Federation
|
||
|
104.18.24.17
|
unknown
|
United States
|
||
|
185.26.182.111
|
unknown
|
Norway
|
||
|
185.26.182.123
|
unknown
|
Norway
|
||
|
104.18.10.89
|
unknown
|
United States
|
||
|
188.114.96.3
|
unknown
|
European Union
|
||
|
185.26.182.106
|
unknown
|
Norway
|
||
|
82.145.216.23
|
unknown
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Opera Software
|
Last Opera GX Stable Install Path
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
EDC000
|
unkown
|
page readonly
|
||
|
3DFD000
|
stack
|
page read and write
|
||
|
671000
|
unkown
|
page execute read
|
||
|
109D000
|
heap
|
page read and write
|
||
|
4840000
|
remote allocation
|
page read and write
|
||
|
2B738000
|
direct allocation
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
2EBD000
|
trusted library allocation
|
page read and write
|
||
|
105C000
|
heap
|
page read and write
|
||
|
EA0000
|
unkown
|
page readonly
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
7D5000
|
unkown
|
page read and write
|
||
|
56004000
|
direct allocation
|
page read and write
|
||
|
5100000
|
trusted library allocation
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
781000
|
unkown
|
page execute read
|
||
|
2B614000
|
direct allocation
|
page read and write
|
||
|
5BC34000
|
direct allocation
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
4731000
|
heap
|
page read and write
|
||
|
33224000
|
direct allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
B3A000
|
heap
|
page read and write
|
||
|
4C668000
|
direct allocation
|
page read and write
|
||
|
7C8000
|
unkown
|
page readonly
|
||
|
499D000
|
heap
|
page read and write
|
||
|
5600C000
|
direct allocation
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
EF0000
|
unkown
|
page readonly
|
||
|
780000
|
unkown
|
page readonly
|
||
|
693DC000
|
unkown
|
page readonly
|
||
|
444C000
|
stack
|
page read and write
|
||
|
3C248000
|
direct allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
68CA2000
|
unkown
|
page readonly
|
||
|
108A000
|
heap
|
page read and write
|
||
|
2B764000
|
direct allocation
|
page read and write
|
||
|
2DE2000
|
trusted library allocation
|
page read and write
|
||
|
2B668000
|
direct allocation
|
page read and write
|
||
|
5BCD4000
|
direct allocation
|
page read and write
|
||
|
434D000
|
stack
|
page read and write
|
||
|
2EDD000
|
trusted library allocation
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
2B794000
|
direct allocation
|
page read and write
|
||
|
13C000
|
stack
|
page read and write
|
||
|
39A04000
|
direct allocation
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
68C84000
|
unkown
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
2D71000
|
trusted library allocation
|
page read and write
|
||
|
3C20C000
|
direct allocation
|
page read and write
|
||
|
64AF000
|
stack
|
page read and write
|
||
|
148E000
|
stack
|
page read and write
|
||
|
2B760000
|
direct allocation
|
page read and write
|
||
|
32BF000
|
stack
|
page read and write
|
||
|
68891000
|
unkown
|
page execute read
|
||
|
2B601000
|
direct allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
F1B000
|
heap
|
page read and write
|
||
|
5BC54000
|
direct allocation
|
page read and write
|
||
|
5BC14000
|
direct allocation
|
page read and write
|
||
|
2B604000
|
direct allocation
|
page read and write
|
||
|
2B658000
|
direct allocation
|
page read and write
|
||
|
2B6A0000
|
direct allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
2EB9000
|
trusted library allocation
|
page read and write
|
||
|
105A000
|
heap
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
34D7000
|
heap
|
page read and write
|
||
|
5120000
|
heap
|
page execute and read and write
|
||
|
2B784000
|
direct allocation
|
page read and write
|
||
|
F76000
|
heap
|
page read and write
|
||
|
140B000
|
stack
|
page read and write
|
||
|
3329C000
|
direct allocation
|
page read and write
|
||
|
3D81000
|
trusted library allocation
|
page read and write
|
||
|
2B724000
|
direct allocation
|
page read and write
|
||
|
56018000
|
direct allocation
|
page read and write
|
||
|
3C280000
|
direct allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
10BD000
|
heap
|
page read and write
|
||
|
2B4B000
|
stack
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
2C56000
|
heap
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
2B724000
|
direct allocation
|
page read and write
|
||
|
E63000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D4E000
|
stack
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
39A08000
|
direct allocation
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
4840000
|
remote allocation
|
page read and write
|
||
|
2B626000
|
direct allocation
|
page read and write
|
||
|
68658000
|
unkown
|
page read and write
|
||
|
B5C000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
3C204000
|
direct allocation
|
page read and write
|
||
|
2B754000
|
direct allocation
|
page read and write
|
||
|
2B724000
|
direct allocation
|
page read and write
|
||
|
5BCA4000
|
direct allocation
|
page read and write
|
||
|
2B650000
|
direct allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
F3B000
|
heap
|
page read and write
|
||
|
1097000
|
heap
|
page read and write
|
||
|
4C658000
|
direct allocation
|
page read and write
|
||
|
68643000
|
unkown
|
page write copy
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
68039000
|
unkown
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EBF000
|
stack
|
page read and write
|
||
|
EDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BC0C000
|
direct allocation
|
page read and write
|
||
|
33250000
|
direct allocation
|
page read and write
|
||
|
3C270000
|
direct allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
69478000
|
unkown
|
page read and write
|
||
|
2B754000
|
direct allocation
|
page read and write
|
||
|
5BCCC000
|
direct allocation
|
page read and write
|
||
|
F4A000
|
heap
|
page read and write
|
||
|
33240000
|
direct allocation
|
page read and write
|
||
|
64ED000
|
stack
|
page read and write
|
||
|
3B42000
|
heap
|
page read and write
|
||
|
6B8000
|
unkown
|
page readonly
|
||
|
10D4000
|
heap
|
page read and write
|
||
|
2B68C000
|
direct allocation
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
3C228000
|
direct allocation
|
page read and write
|
||
|
4C6B0000
|
direct allocation
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
2CBC000
|
stack
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
68662000
|
unkown
|
page readonly
|
||
|
5BCBC000
|
direct allocation
|
page read and write
|
||
|
33BF000
|
stack
|
page read and write
|
||
|
5BC24000
|
direct allocation
|
page read and write
|
||
|
67C0000
|
heap
|
page read and write
|
||
|
3C2A4000
|
direct allocation
|
page read and write
|
||
|
33228000
|
direct allocation
|
page read and write
|
||
|
5BC04000
|
direct allocation
|
page read and write
|
||
|
7D5000
|
unkown
|
page write copy
|
||
|
3F7E000
|
stack
|
page read and write
|
||
|
10BB000
|
heap
|
page read and write
|
||
|
FFC000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
50A000
|
heap
|
page read and write
|
||
|
76B000
|
stack
|
page read and write
|
||
|
68024000
|
unkown
|
page read and write
|
||
|
2B760000
|
direct allocation
|
page read and write
|
||
|
4C650000
|
direct allocation
|
page read and write
|
||
|
4C6A4000
|
direct allocation
|
page read and write
|
||
|
3C224000
|
direct allocation
|
page read and write
|
||
|
3C7F000
|
stack
|
page read and write
|
||
|
39A0C000
|
direct allocation
|
page read and write
|
||
|
5BD18000
|
direct allocation
|
page read and write
|
||
|
3C264000
|
direct allocation
|
page read and write
|
||
|
56008000
|
direct allocation
|
page read and write
|
||
|
6865D000
|
unkown
|
page read and write
|
||
|
49BE000
|
heap
|
page read and write
|
||
|
5BCD4000
|
direct allocation
|
page read and write
|
||
|
67C31000
|
unkown
|
page execute read
|
||
|
3B2F000
|
stack
|
page read and write
|
||
|
53EC000
|
stack
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
3020000
|
unkown
|
page readonly
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
2B74C000
|
direct allocation
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
629E000
|
stack
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
2B764000
|
direct allocation
|
page read and write
|
||
|
69482000
|
unkown
|
page readonly
|
||
|
97A000
|
stack
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
EE2000
|
trusted library allocation
|
page read and write
|
||
|
2B74C000
|
direct allocation
|
page read and write
|
||
|
362E000
|
stack
|
page read and write
|
||
|
EF0000
|
unkown
|
page readonly
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
2B780000
|
direct allocation
|
page read and write
|
||
|
2B774000
|
direct allocation
|
page read and write
|
||
|
68644000
|
unkown
|
page read and write
|
||
|
4C69C000
|
direct allocation
|
page read and write
|
||
|
2B63C000
|
direct allocation
|
page read and write
|
||
|
2B718000
|
direct allocation
|
page read and write
|
||
|
3B7E000
|
stack
|
page read and write
|
||
|
53A0000
|
heap
|
page execute and read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
68661000
|
unkown
|
page execute read
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2B69C000
|
direct allocation
|
page read and write
|
||
|
ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA1000
|
unkown
|
page execute read
|
||
|
49C6000
|
heap
|
page read and write
|
||
|
5BC98000
|
direct allocation
|
page read and write
|
||
|
CF8000
|
stack
|
page read and write
|
||
|
2B760000
|
direct allocation
|
page read and write
|
||
|
3C2A0000
|
direct allocation
|
page read and write
|
||
|
2F38000
|
trusted library allocation
|
page read and write
|
||
|
2B65C000
|
direct allocation
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
2B774000
|
direct allocation
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
5130000
|
heap
|
page read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
2B700000
|
direct allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
4980000
|
heap
|
page read and write
|
||
|
40CD000
|
stack
|
page read and write
|
||
|
781000
|
unkown
|
page execute read
|
||
|
781000
|
unkown
|
page execute read
|
||
|
7C8000
|
unkown
|
page readonly
|
||
|
7D5000
|
unkown
|
page write copy
|
||
|
499F000
|
heap
|
page read and write
|
||
|
420E000
|
stack
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
2C2C000
|
stack
|
page read and write
|
||
|
1097000
|
heap
|
page read and write
|
||
|
5BCB0000
|
direct allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
3CE6000
|
heap
|
page read and write
|
||
|
68CA1000
|
unkown
|
page execute read
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
67F9C000
|
unkown
|
page readonly
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
5BC50000
|
direct allocation
|
page read and write
|
||
|
68C9E000
|
unkown
|
page execute read
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
3C234000
|
direct allocation
|
page read and write
|
||
|
53A3000
|
heap
|
page execute and read and write
|
||
|
386F000
|
stack
|
page read and write
|
||
|
4740000
|
heap
|
page read and write
|
||
|
4C678000
|
direct allocation
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
66B000
|
stack
|
page read and write
|
||
|
3323C000
|
direct allocation
|
page read and write
|
||
|
4C67C000
|
direct allocation
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
7C8000
|
unkown
|
page readonly
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
5BC80000
|
direct allocation
|
page read and write
|
||
|
46004000
|
direct allocation
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
41CD000
|
stack
|
page read and write
|
||
|
781000
|
unkown
|
page execute read
|
||
|
10A1000
|
heap
|
page read and write
|
||
|
2F57000
|
trusted library allocation
|
page read and write
|
||
|
3C294000
|
direct allocation
|
page read and write
|
||
|
69464000
|
unkown
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
4EA04000
|
direct allocation
|
page read and write
|
||
|
2B760000
|
direct allocation
|
page read and write
|
||
|
2B720000
|
direct allocation
|
page read and write
|
||
|
108D000
|
heap
|
page read and write
|
||
|
7D5000
|
unkown
|
page read and write
|
||
|
33230000
|
direct allocation
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
3D71000
|
trusted library allocation
|
page read and write
|
||
|
1416000
|
heap
|
page read and write
|
||
|
6CA000
|
unkown
|
page readonly
|
||
|
4C66C000
|
direct allocation
|
page read and write
|
||
|
3325C000
|
direct allocation
|
page read and write
|
||
|
2B71C000
|
direct allocation
|
page read and write
|
||
|
276C000
|
heap
|
page read and write
|
||
|
642F000
|
stack
|
page read and write
|
||
|
2C8D000
|
stack
|
page read and write
|
||
|
698C000
|
stack
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
33CD000
|
heap
|
page read and write
|
||
|
2B74C000
|
direct allocation
|
page read and write
|
||
|
68023000
|
unkown
|
page write copy
|
||
|
46008000
|
direct allocation
|
page read and write
|
||
|
5BD20000
|
direct allocation
|
page read and write
|
||
|
69476000
|
unkown
|
page read and write
|
||
|
2B780000
|
direct allocation
|
page read and write
|
||
|
37F0000
|
heap
|
page read and write
|
||
|
41F0000
|
direct allocation
|
page read and write
|
||
|
2B6C0000
|
direct allocation
|
page read and write
|
||
|
5BC60000
|
direct allocation
|
page read and write
|
||
|
332A8000
|
direct allocation
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
10B6000
|
heap
|
page read and write
|
||
|
3328C000
|
direct allocation
|
page read and write
|
||
|
10D9000
|
heap
|
page read and write
|
||
|
3C284000
|
direct allocation
|
page read and write
|
||
|
2B754000
|
direct allocation
|
page read and write
|
||
|
3C254000
|
direct allocation
|
page read and write
|
||
|
E9B000
|
stack
|
page read and write
|
||
|
2EAF000
|
trusted library allocation
|
page read and write
|
||
|
ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
68251000
|
unkown
|
page execute read
|
||
|
2B66C000
|
direct allocation
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
5EB0000
|
heap
|
page read and write
|
||
|
4C640000
|
direct allocation
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
FFB000
|
heap
|
page read and write
|
||
|
3320C000
|
direct allocation
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
3A2E000
|
stack
|
page read and write
|
||
|
105E000
|
heap
|
page read and write
|
||
|
2B720000
|
direct allocation
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
780000
|
unkown
|
page readonly
|
||
|
2B760000
|
direct allocation
|
page read and write
|
||
|
5BD00000
|
direct allocation
|
page read and write
|
||
|
376E000
|
stack
|
page read and write
|
||
|
75F000
|
stack
|
page read and write
|
||
|
EEB000
|
unkown
|
page write copy
|
||
|
487E000
|
stack
|
page read and write
|
||
|
2B764000
|
direct allocation
|
page read and write
|
||
|
2EA1000
|
trusted library allocation
|
page read and write
|
||
|
372F000
|
stack
|
page read and write
|
||
|
26AA000
|
heap
|
page read and write
|
||
|
4C6C4000
|
direct allocation
|
page read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
5EF5000
|
heap
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
671000
|
unkown
|
page execute read
|
||
|
2B6F4000
|
direct allocation
|
page read and write
|
||
|
10D4000
|
heap
|
page read and write
|
||
|
37ED000
|
stack
|
page read and write
|
||
|
10D5000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
2B760000
|
direct allocation
|
page read and write
|
||
|
7C8000
|
unkown
|
page readonly
|
||
|
407F000
|
stack
|
page read and write
|
||
|
5BC98000
|
direct allocation
|
page read and write
|
||
|
4EA08000
|
direct allocation
|
page read and write
|
||
|
2B724000
|
direct allocation
|
page read and write
|
||
|
6B8000
|
unkown
|
page readonly
|
||
|
2EFA000
|
trusted library allocation
|
page read and write
|
||
|
E96000
|
heap
|
page read and write
|
||
|
4750000
|
heap
|
page read and write
|
||
|
68642000
|
unkown
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
109D000
|
heap
|
page read and write
|
||
|
4330000
|
direct allocation
|
page read and write
|
||
|
2B6F4000
|
direct allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2B720000
|
direct allocation
|
page read and write
|
||
|
D32000
|
heap
|
page read and write
|
||
|
B63000
|
heap
|
page read and write
|
||
|
63B000
|
stack
|
page read and write
|
||
|
646E000
|
stack
|
page read and write
|
||
|
14DB000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
73C000
|
stack
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
4C6D0000
|
direct allocation
|
page read and write
|
||
|
2EC1000
|
trusted library allocation
|
page read and write
|
||
|
5EFA000
|
heap
|
page read and write
|
||
|
3EFC000
|
stack
|
page read and write
|
||
|
2B724000
|
direct allocation
|
page read and write
|
||
|
448E000
|
stack
|
page read and write
|
||
|
290B000
|
stack
|
page read and write
|
||
|
E64000
|
trusted library allocation
|
page read and write
|
||
|
5BCCC000
|
direct allocation
|
page read and write
|
||
|
10DC000
|
heap
|
page read and write
|
||
|
14FC000
|
heap
|
page read and write
|
||
|
7D5000
|
unkown
|
page write copy
|
||
|
10D2000
|
heap
|
page read and write
|
||
|
33278000
|
direct allocation
|
page read and write
|
||
|
68250000
|
unkown
|
page readonly
|
||
|
4270000
|
direct allocation
|
page read and write
|
||
|
42F0000
|
direct allocation
|
page read and write
|
||
|
FE6000
|
heap
|
page read and write
|
||
|
33268000
|
direct allocation
|
page read and write
|
||
|
3C250000
|
direct allocation
|
page read and write
|
||
|
624F000
|
stack
|
page read and write
|
||
|
2B6C8000
|
direct allocation
|
page read and write
|
||
|
4C601000
|
direct allocation
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
5BC64000
|
direct allocation
|
page read and write
|
||
|
3C2C0000
|
direct allocation
|
page read and write
|
||
|
5BC94000
|
direct allocation
|
page read and write
|
||
|
497F000
|
stack
|
page read and write
|
||
|
36EC000
|
stack
|
page read and write
|
||
|
10CD000
|
heap
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
2EFC000
|
trusted library allocation
|
page read and write
|
||
|
7D5000
|
unkown
|
page read and write
|
||
|
3C2B8000
|
direct allocation
|
page read and write
|
||
|
EEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B74C000
|
direct allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
26A1000
|
heap
|
page read and write
|
||
|
4C68C000
|
direct allocation
|
page read and write
|
||
|
10A1000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
2B67C000
|
direct allocation
|
page read and write
|
||
|
4C60C000
|
direct allocation
|
page read and write
|
||
|
EE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C2B0000
|
direct allocation
|
page read and write
|
||
|
4170000
|
direct allocation
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
332AC000
|
direct allocation
|
page read and write
|
||
|
5134000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
2B74C000
|
direct allocation
|
page read and write
|
||
|
118C000
|
stack
|
page read and write
|
||
|
104E000
|
heap
|
page read and write
|
||
|
EDC000
|
unkown
|
page readonly
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
2B60C000
|
direct allocation
|
page read and write
|
||
|
62DF000
|
stack
|
page read and write
|
||
|
6803E000
|
unkown
|
page execute read
|
||
|
5BC01000
|
direct allocation
|
page read and write
|
||
|
6947E000
|
unkown
|
page execute read
|
||
|
B53000
|
heap
|
page read and write
|
||
|
2B74C000
|
direct allocation
|
page read and write
|
||
|
35EF000
|
stack
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
2C4D000
|
stack
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
54ED000
|
stack
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
2B6A4000
|
direct allocation
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
2B6C0000
|
direct allocation
|
page read and write
|
||
|
7C8000
|
unkown
|
page readonly
|
||
|
2D60000
|
heap
|
page execute and read and write
|
||
|
F4E000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
66B000
|
stack
|
page read and write
|
||
|
4C6C0000
|
direct allocation
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
2B764000
|
direct allocation
|
page read and write
|
||
|
10DC000
|
heap
|
page read and write
|
||
|
2B780000
|
direct allocation
|
page read and write
|
||
|
7C8000
|
unkown
|
page readonly
|
||
|
30AE000
|
stack
|
page read and write
|
||
|
7D5000
|
unkown
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
67B0000
|
heap
|
page read and write
|
||
|
5BD2C000
|
direct allocation
|
page read and write
|
||
|
3C260000
|
direct allocation
|
page read and write
|
||
|
2E9A000
|
trusted library allocation
|
page read and write
|
||
|
666E000
|
stack
|
page read and write
|
||
|
2B607000
|
direct allocation
|
page read and write
|
||
|
2877000
|
heap
|
page read and write
|
||
|
3C2D0000
|
direct allocation
|
page read and write
|
||
|
2B6C8000
|
direct allocation
|
page read and write
|
||
|
EE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
69463000
|
unkown
|
page write copy
|
||
|
2B70C000
|
direct allocation
|
page read and write
|
||
|
100E000
|
heap
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
68C98000
|
unkown
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
781000
|
unkown
|
page execute read
|
||
|
2B748000
|
direct allocation
|
page read and write
|
||
|
2B754000
|
direct allocation
|
page read and write
|
||
|
34EE000
|
stack
|
page read and write
|
||
|
781000
|
unkown
|
page execute read
|
||
|
68C82000
|
unkown
|
page read and write
|
||
|
688C000
|
stack
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
3326C000
|
direct allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
33201000
|
direct allocation
|
page read and write
|
||
|
4C604000
|
direct allocation
|
page read and write
|
||
|
68041000
|
unkown
|
page execute read
|
||
|
6947D000
|
unkown
|
page read and write
|
||
|
B5A000
|
heap
|
page read and write
|
||
|
2B774000
|
direct allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2AB8000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
7D5000
|
unkown
|
page write copy
|
||
|
5EC7000
|
heap
|
page read and write
|
||
|
2B724000
|
direct allocation
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
F10000
|
heap
|
page read and write
|
||
|
10D8000
|
heap
|
page read and write
|
||
|
6C5000
|
unkown
|
page write copy
|
||
|
F40000
|
heap
|
page read and write
|
||
|
306C000
|
stack
|
page read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
632E000
|
stack
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
1003000
|
heap
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
10D2000
|
heap
|
page read and write
|
||
|
6CA000
|
unkown
|
page readonly
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
68022000
|
unkown
|
page read and write
|
||
|
4C65C000
|
direct allocation
|
page read and write
|
||
|
4840000
|
remote allocation
|
page read and write
|
||
|
68042000
|
unkown
|
page readonly
|
||
|
E6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B760000
|
direct allocation
|
page read and write
|
||
|
68890000
|
unkown
|
page readonly
|
||
|
EA0000
|
unkown
|
page readonly
|
||
|
5BD0C000
|
direct allocation
|
page read and write
|
||
|
33288000
|
direct allocation
|
page read and write
|
||
|
68C83000
|
unkown
|
page write copy
|
||
|
107C000
|
heap
|
page read and write
|
||
|
2B754000
|
direct allocation
|
page read and write
|
||
|
111B000
|
stack
|
page read and write
|
||
|
49FE000
|
heap
|
page read and write
|
||
|
4760000
|
heap
|
page read and write
|
||
|
108A000
|
heap
|
page read and write
|
||
|
7C8000
|
unkown
|
page readonly
|
||
|
EC9000
|
trusted library allocation
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
5BD00000
|
direct allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
5BC70000
|
direct allocation
|
page read and write
|
||
|
5BC26000
|
direct allocation
|
page read and write
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
2B700000
|
direct allocation
|
page read and write
|
||
|
69481000
|
unkown
|
page execute read
|
||
|
4C628000
|
direct allocation
|
page read and write
|
||
|
5B2D000
|
stack
|
page read and write
|
||
|
2B720000
|
direct allocation
|
page read and write
|
||
|
652F000
|
stack
|
page read and write
|
||
|
2FE1000
|
trusted library allocation
|
page read and write
|
||
|
685BC000
|
unkown
|
page readonly
|
||
|
2B724000
|
direct allocation
|
page read and write
|
||
|
3C238000
|
direct allocation
|
page read and write
|
||
|
475C000
|
heap
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
3010000
|
unkown
|
page readonly
|
||
|
1300000
|
heap
|
page read and write
|
||
|
3C214000
|
direct allocation
|
page read and write
|
||
|
5BCC4000
|
direct allocation
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
E77000
|
heap
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
10BD000
|
heap
|
page read and write
|
||
|
68BFC000
|
unkown
|
page readonly
|
||
|
2B71C000
|
direct allocation
|
page read and write
|
||
|
6C5000
|
unkown
|
page read and write
|
||
|
5BC38000
|
direct allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
69071000
|
unkown
|
page execute read
|
||
|
317E000
|
stack
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
EEB000
|
unkown
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
69070000
|
unkown
|
page readonly
|
||
|
123E000
|
stack
|
page read and write
|
||
|
781000
|
unkown
|
page execute read
|
||
|
2B6B0000
|
direct allocation
|
page read and write
|
||
|
2B724000
|
direct allocation
|
page read and write
|
||
|
2F3C000
|
trusted library allocation
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
EA1000
|
unkown
|
page execute read
|
||
|
33258000
|
direct allocation
|
page read and write
|
||
|
2B74C000
|
direct allocation
|
page read and write
|
||
|
2B754000
|
direct allocation
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
7C8000
|
unkown
|
page readonly
|
||
|
76C000
|
stack
|
page read and write
|
||
|
2FDC000
|
trusted library allocation
|
page read and write
|
||
|
2B678000
|
direct allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
49FC000
|
heap
|
page read and write
|
||
|
10CD000
|
heap
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page read and write
|
||
|
33214000
|
direct allocation
|
page read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
4C614000
|
direct allocation
|
page read and write
|
||
|
ED2000
|
trusted library allocation
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
69462000
|
unkown
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
B63000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
2B774000
|
direct allocation
|
page read and write
|
||
|
2B700000
|
direct allocation
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
8E2000
|
unkown
|
page readonly
|
||
|
2B6E0000
|
direct allocation
|
page read and write
|
||
|
10BD000
|
heap
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
10CD000
|
heap
|
page read and write
|
||
|
430D000
|
stack
|
page read and write
|
||
|
5BCC4000
|
direct allocation
|
page read and write
|
||
|
1079000
|
heap
|
page read and write
|
||
|
4C63C000
|
direct allocation
|
page read and write
|
||
|
5EC4000
|
heap
|
page read and write
|
||
|
50F0000
|
heap
|
page read and write
|
||
|
5BC84000
|
direct allocation
|
page read and write
|
||
|
4C630000
|
direct allocation
|
page read and write
|
||
|
2FA7000
|
trusted library allocation
|
page read and write
|
||
|
781000
|
unkown
|
page execute read
|
||
|
5BC48000
|
direct allocation
|
page read and write
|
||
|
2B74C000
|
direct allocation
|
page read and write
|
||
|
67C30000
|
unkown
|
page readonly
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
5BCEC000
|
direct allocation
|
page read and write
|
||
|
4C6A0000
|
direct allocation
|
page read and write
|
||
|
2FBC000
|
trusted library allocation
|
page read and write
|
||
|
2B6C0000
|
direct allocation
|
page read and write
|
||
|
2B760000
|
direct allocation
|
page read and write
|
||
|
5BCA0000
|
direct allocation
|
page read and write
|
||
|
2B6B8000
|
direct allocation
|
page read and write
|
||
|
93C000
|
stack
|
page read and write
|
||
|
4C6B8000
|
direct allocation
|
page read and write
|
||
|
5BD30000
|
direct allocation
|
page read and write
|
||
|
B7B000
|
heap
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
2B630000
|
direct allocation
|
page read and write
|
||
|
10A1000
|
heap
|
page read and write
|
||
|
3C201000
|
direct allocation
|
page read and write
|
||
|
B6C000
|
heap
|
page read and write
|
||
|
6865E000
|
unkown
|
page execute read
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
3C2C4000
|
direct allocation
|
page read and write
|
||
|
144C000
|
stack
|
page read and write
|
||
|
2B718000
|
direct allocation
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
There are 630 hidden memdumps, click here to show them.