Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
puTBVYGxNA.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Windows\SysWOW64\Aafpfi32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Aakiahhf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Acabel32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Acflplcn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Acjekk32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ahbdhbbe.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Aheanb32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ahnkmc32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Akdfgp32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Akmbah32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Amnpoged.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Balfnn32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bapbmg32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bcfegi32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bcoofjkc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Bkfjpm32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Blefjp32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cdoonp32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cfpqocja.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Chhgjp32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Cjjpjb32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ckklbjkl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dblhbnio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Windows\SysWOW64\Dfbmdbho.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dfggpb32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Djepfp32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dkbbbi32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dkdohi32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dkmigjhi.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dljmco32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dobhng32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Dokbmhoo.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Eafkpm32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ebcapbfh.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ecggedif.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ejhlkp32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ejoblo32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ekqdmopm.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Elnbng32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Eojaon32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Epgaifdb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Faocenna.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Gdandi32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Gnbckd32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Goiahmld.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hangmbgd.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hbdjjlja.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Hhchjh32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Idehkflp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Idfghqdo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Ifckbmfk.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jbhdqi32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jffcjk32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jhegaapi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Jlogbg32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kafafkfn.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kdiaom32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kipcln32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Kohghl32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Libmid32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mcighdph.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mfkcin32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Minhdh32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Mpckbo32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nlhhbhgi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Nmajap32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Noabbddh.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Oeppbb32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pabjpfjl.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pbjldmnk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Peflki32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Phgemdlb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Piokfhim.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pjpnlq32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pojgioig.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Pojgioig.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Qclijmlh.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Qiinlgab.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Qlencbbi.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
There are 70 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\puTBVYGxNA.exe
|
"C:\Users\user\Desktop\puTBVYGxNA.exe"
|
|
|
|
C:\Windows\SysWOW64\Pojgioig.exe
|
C:\Windows\system32\Pojgioig.exe
|
|
|
|
C:\Windows\SysWOW64\Piokfhim.exe
|
C:\Windows\system32\Piokfhim.exe
|
|
|
|
C:\Windows\SysWOW64\Peflki32.exe
|
C:\Windows\system32\Peflki32.exe
|
|
|
|
C:\Windows\SysWOW64\Pbjldmnk.exe
|
C:\Windows\system32\Pbjldmnk.exe
|
|
|
|
C:\Windows\SysWOW64\Phgemdlb.exe
|
C:\Windows\system32\Phgemdlb.exe
|
|
|
|
C:\Windows\SysWOW64\Qclijmlh.exe
|
C:\Windows\system32\Qclijmlh.exe
|
|
|
|
C:\Windows\SysWOW64\Qlencbbi.exe
|
C:\Windows\system32\Qlencbbi.exe
|
|
|
|
C:\Windows\SysWOW64\Qiinlgab.exe
|
C:\Windows\system32\Qiinlgab.exe
|
|
|
|
C:\Windows\SysWOW64\Acabel32.exe
|
C:\Windows\system32\Acabel32.exe
|
|
|
|
C:\Windows\SysWOW64\Ahnkmc32.exe
|
C:\Windows\system32\Ahnkmc32.exe
|
|
|
|
C:\Windows\SysWOW64\Aafpfi32.exe
|
C:\Windows\system32\Aafpfi32.exe
|
|
|
|
C:\Windows\SysWOW64\Acflplcn.exe
|
C:\Windows\system32\Acflplcn.exe
|
|
|
|
C:\Windows\SysWOW64\Ahbdhbbe.exe
|
C:\Windows\system32\Ahbdhbbe.exe
|
|
|
|
C:\Windows\SysWOW64\Aakiahhf.exe
|
C:\Windows\system32\Aakiahhf.exe
|
|
|
|
C:\Windows\SysWOW64\Aheanb32.exe
|
C:\Windows\system32\Aheanb32.exe
|
|
|
|
C:\Windows\SysWOW64\Acjekk32.exe
|
C:\Windows\system32\Acjekk32.exe
|
|
|
|
C:\Windows\SysWOW64\Bkfjpm32.exe
|
C:\Windows\system32\Bkfjpm32.exe
|
|
|
|
C:\Windows\SysWOW64\Bapbmg32.exe
|
C:\Windows\system32\Bapbmg32.exe
|
|
|
|
C:\Windows\SysWOW64\Blefjp32.exe
|
C:\Windows\system32\Blefjp32.exe
|
|
|
|
C:\Windows\SysWOW64\Bcoofjkc.exe
|
C:\Windows\system32\Bcoofjkc.exe
|
|
|
|
C:\Windows\SysWOW64\Bcfegi32.exe
|
C:\Windows\system32\Bcfegi32.exe
|
|
|
|
C:\Windows\SysWOW64\Chhgjp32.exe
|
C:\Windows\system32\Chhgjp32.exe
|
|
|
|
C:\Windows\SysWOW64\Cjjpjb32.exe
|
C:\Windows\system32\Cjjpjb32.exe
|
|
|
|
C:\Windows\SysWOW64\Ckklbjkl.exe
|
C:\Windows\system32\Ckklbjkl.exe
|
|
|
|
C:\Windows\SysWOW64\Cfpqocja.exe
|
C:\Windows\system32\Cfpqocja.exe
|
|
|
|
C:\Windows\SysWOW64\Dkmigjhi.exe
|
C:\Windows\system32\Dkmigjhi.exe
|
|
|
|
C:\Windows\SysWOW64\Dfbmdbho.exe
|
C:\Windows\system32\Dfbmdbho.exe
|
|
|
|
C:\Windows\SysWOW64\Dokbmhoo.exe
|
C:\Windows\system32\Dokbmhoo.exe
|
|
|
|
C:\Windows\SysWOW64\Dkbbbi32.exe
|
C:\Windows\system32\Dkbbbi32.exe
|
|
|
|
C:\Windows\SysWOW64\Dfggpb32.exe
|
C:\Windows\system32\Dfggpb32.exe
|
|
|
|
C:\Windows\SysWOW64\Dkdohi32.exe
|
C:\Windows\system32\Dkdohi32.exe
|
|
|
|
C:\Windows\SysWOW64\Djepfp32.exe
|
C:\Windows\system32\Djepfp32.exe
|
|
|
|
C:\Windows\SysWOW64\Dobhng32.exe
|
C:\Windows\system32\Dobhng32.exe
|
|
|
|
C:\Windows\SysWOW64\Ejhlkp32.exe
|
C:\Windows\system32\Ejhlkp32.exe
|
|
|
|
C:\Windows\SysWOW64\Ebcapbfh.exe
|
C:\Windows\system32\Ebcapbfh.exe
|
|
|
|
C:\Windows\SysWOW64\Epgaifdb.exe
|
C:\Windows\system32\Epgaifdb.exe
|
|
|
|
C:\Windows\SysWOW64\Elnbng32.exe
|
C:\Windows\system32\Elnbng32.exe
|
|
|
|
C:\Windows\SysWOW64\Ejoblo32.exe
|
C:\Windows\system32\Ejoblo32.exe
|
|
There are 29 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
|
unknown
|
||
|
http://oracle.com/contracts.
|
unknown
|
||
|
http://viruslist.com/ppslog.php
|
unknown
|
||
|
http://viruslist.com/wcmd.txt
|
unknown
|
||
|
http://oracle.com/contracts
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
|
Web Event Logger
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\InProcServer32
|
NULL
|
There are 31 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
4C6000
|
heap
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
48E000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
7E6000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
64A000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
530000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
68A000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
435000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
737000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
71A000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
51A000
|
heap
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page write copy
|
||
|
48E000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
56A000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
77E000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
64E000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
55E000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
536000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
566000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
4C6000
|
heap
|
page read and write
|
||
|
75A000
|
heap
|
page read and write
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
55E000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
66E000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
530000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute read
|
||
|
990000
|
heap
|
page read and write
|
||
|
98F000
|
stack
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
48E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
70A000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
640000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
5F7000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
58E000
|
heap
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
73F000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
59E000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6BF000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
48E000
|
stack
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
51E000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
63A000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
666000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
19D000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
596000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
433000
|
unkown
|
page readonly
|
||
|
577000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
82E000
|
stack
|
page read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
620000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
560000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
686000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
48E000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
5FE000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
660000
|
heap
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
686000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
4DE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
89E000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
48E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
4F7000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
55E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
431000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
435000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
950000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page write copy
|
||
|
9AF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
64E000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
19D000
|
stack
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
49E000
|
stack
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
707000
|
heap
|
page read and write
|
||
|
5FA000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
727000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
616000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
498000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
7FA000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
56E000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
59E000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
707000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
57E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
720000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
55E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
497000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
57E000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
A10000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
71E000
|
heap
|
page read and write
|
||
|
7AE000
|
heap
|
page read and write
|
||
|
727000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
5FE000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page write copy
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
587000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
77E000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page write copy
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
940000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
746000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
630000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
776000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
59E000
|
stack
|
page read and write
|
||
|
646000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
72E000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
59E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
617000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
A80000
|
heap
|
page read and write
|
||
|
736000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
590000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
707000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
55E000
|
stack
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
92F000
|
stack
|
page read and write
|
||
|
20FF000
|
stack
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
4DE000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
437000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
4DE000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
82E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
58A000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
450000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
72A000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
6CF000
|
stack
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
727000
|
heap
|
page read and write
|
||
|
54A000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
20DF000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
77E000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
536000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page write copy
|
||
|
64A000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
54E000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute read
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
4C6000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
4DA000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
B20000
|
heap
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
9C000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
960000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
435000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
588000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
62E000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
95F000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
540000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
75E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
630000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
5FA000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
6DF000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
99F000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
437000
|
unkown
|
page readonly
|
||
|
9BF000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
6BF000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
81F000
|
stack
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6CE000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
55F000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
8EF000
|
stack
|
page read and write
|
||
|
7AA000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
47A000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
55E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
72E000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page write copy
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
55E000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
707000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
56E000
|
stack
|
page read and write
|
||
|
6CF000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
4F7000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
6CE000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
59E000
|
stack
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
431000
|
unkown
|
page write copy
|
||
|
64E000
|
heap
|
page read and write
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
47E000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
A10000
|
heap
|
page read and write
|
||
|
95F000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
68E000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
710000
|
heap
|
page read and write
|
||
|
51E000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
510000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
19D000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
6EF000
|
stack
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
566000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
686000
|
heap
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
587000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
56E000
|
heap
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
48E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
433000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
576000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
207F000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
83E000
|
stack
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
435000
|
unkown
|
page write copy
|
||
|
57E000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
56E000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
746000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
433000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
77E000
|
stack
|
page read and write
|
||
|
668000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
55E000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
700000
|
heap
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
57E000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
432000
|
unkown
|
page execute read
|
||
|
437000
|
unkown
|
page readonly
|
||
|
55E000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
20EF000
|
stack
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
69F000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
550000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
437000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
686000
|
heap
|
page read and write
|
||
|
69F000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
6CF000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
5F7000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
520000
|
heap
|
page read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
596000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page execute read
|
||
|
588000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page write copy
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
432000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
6AE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page write copy
|
||
|
435000
|
unkown
|
page write copy
|
||
|
440000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
B10000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
B50000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
99F000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
435000
|
unkown
|
page write copy
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
5F7000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
577000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
66A000
|
heap
|
page read and write
|
||
|
8EF000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page write copy
|
||
|
433000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
56A000
|
heap
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
55E000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page execute read
|
||
|
435000
|
unkown
|
page write copy
|
||
|
82E000
|
stack
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
437000
|
unkown
|
page readonly
|
||
|
657000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page write copy
|
There are 1166 hidden memdumps, click here to show them.