Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
qqig1mHX8U.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\Public\Libraries\Lrtuqtwk
|
data
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Lrtuqtwk.PIF
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\kwtqutrL.cmd
|
DOS batch file, Unicode text, UTF-8 text, with very long lines (324), with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\Public\Libraries\kwtqutrL.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Lrtuqtwk.url
|
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Lrtuqtwk.PIF">), ASCII text, with CRLF line
terminators
|
dropped
|
|
|
|
C:\Users\Public\Libraries\PNO
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\alpha.pif
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\Public\xpha.pif
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\qqig1mHX8U.exe
|
"C:\Users\user\Desktop\qqig1mHX8U.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Libraries\kwtqutrL.cmd" "
|
|
|
|
C:\Windows\SysWOW64\esentutl.exe
|
C:\\Windows\\System32\\esentutl /y C:\\Windows\\System32\\cmd.exe /d C:\\Users\\Public\\alpha.pif /o
|
|
|
|
C:\Windows\SysWOW64\esentutl.exe
|
C:\\Windows\\System32\\esentutl /y C:\\Windows\\System32\\ping.exe /d C:\\Users\\Public\\xpha.pif /o
|
|
|
|
C:\Windows\SysWOW64\esentutl.exe
|
C:\\Windows\\System32\\esentutl.exe /y C:\Users\user\Desktop\qqig1mHX8U.exe /d C:\\Users\\Public\\Libraries\\Lrtuqtwk.PIF
/o
|
|
|
|
C:\Users\Public\alpha.pif
|
C:\\Users\\Public\\alpha.pif /c mkdir "\\?\C:\Windows "
|
|
|
|
C:\Users\Public\Libraries\kwtqutrL.pif
|
C:\Users\Public\Libraries\kwtqutrL.pif
|
|
|
|
C:\Users\Public\alpha.pif
|
C:\\Users\\Public\\alpha.pif /c mkdir "\\?\C:\Windows \SysWOW64"
|
|
|
|
C:\Users\Public\alpha.pif
|
C:\\Users\\Public\\alpha.pif /c C:\\Users\\Public\\xpha.pif 127.0.0.1 -n 10
|
|
|
|
C:\Users\Public\xpha.pif
|
C:\\Users\\Public\\xpha.pif 127.0.0.1 -n 10
|
|
|
|
C:\Users\Public\alpha.pif
|
C:\\Users\\Public\\alpha.pif /c del "C:\Users\Public\xpha.pif"
|
|
|
|
C:\Users\Public\alpha.pif
|
C:\\Users\\Public\\alpha.pif /c rmdir "C:\Windows \SysWOW64
|
|
|
|
C:\Users\Public\alpha.pif
|
C:\\Users\\Public\\alpha.pif /c rmdir "C:\Windows \"
|
|
|
|
C:\Users\Public\Libraries\Lrtuqtwk.PIF
|
"C:\Users\Public\Libraries\Lrtuqtwk.PIF"
|
|
|
|
C:\Users\Public\Libraries\kwtqutrL.pif
|
C:\Users\Public\Libraries\kwtqutrL.pif
|
|
|
|
C:\Users\Public\Libraries\Lrtuqtwk.PIF
|
"C:\Users\Public\Libraries\Lrtuqtwk.PIF"
|
|
|
|
C:\Users\Public\Libraries\kwtqutrL.pif
|
C:\Users\Public\Libraries\kwtqutrL.pif
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
87.120.125.217
|
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0
|
unknown
|
||
|
https://bitbucket.org/
|
unknown
|
||
|
https://bitbucket.org/masterservicwes/mastermanservices/downloads/145_Lrtuqtwkqjp
|
185.166.143.50
|
||
|
https://bbuseruploads.s3.amazonaws.com:443/03fa479d-619a-4b32-874d-a4ddf918e902/downloads/d7dc9789-9
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://web-security-reports.services.atlassian.com/csp-report/bb-website
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/;
|
unknown
|
||
|
https://bbuseruploads.s3.amazonaws.com/03fa479d-619a-4b32-874d-a4ddf918e902/downloads/d7dc9789-914b-
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
https://bitbucket.org/masterservicwes/ma
|
unknown
|
||
|
https://github.com/syohex/java-simple-mine-sweeperC:
|
unknown
|
||
|
http://www.pmail.com
|
unknown
|
||
|
https://bbuseruploads.s3.amazonaws.com/
|
unknown
|
||
|
https://dz8aopenkvv6s.cloudfront.net
|
unknown
|
||
|
http://ocsp.sectigo.com0C
|
unknown
|
||
|
https://github.com/syohex/java-simple-mine-sweeper
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s3-w.us-east-1.amazonaws.com
|
16.182.101.153
|
||
|
bitbucket.org
|
185.166.143.50
|
||
|
bbuseruploads.s3.amazonaws.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
87.120.125.217
|
unknown
|
Bulgaria
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
16.182.101.153
|
s3-w.us-east-1.amazonaws.com
|
United States
|
||
|
185.166.143.50
|
bitbucket.org
|
Germany
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Lrtuqtwk
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
|
MaxConnectionsPer1_0Server
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
|
MaxConnectionsPerServer
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\ActiveMovie\devenum
|
Version
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7EF44000
|
direct allocation
|
page read and write
|
|
|
|
7EDF0000
|
direct allocation
|
page read and write
|
|
|
|
21EDF000
|
direct allocation
|
page read and write
|
|
|
|
21165000
|
heap
|
page read and write
|
|
|
|
41A000
|
unkown
|
page execute and read and write
|
|
|
|
21165000
|
heap
|
page read and write
|
|
|
|
21155000
|
heap
|
page read and write
|
|
|
|
554000
|
unkown
|
page execute and read and write
|
|
|
|
21151000
|
heap
|
page read and write
|
|
|
|
554000
|
remote allocation
|
page execute and read and write
|
|
|
|
554000
|
unkown
|
page execute and read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
554000
|
unkown
|
page execute and read and write
|
|
|
|
21167000
|
heap
|
page read and write
|
|
|
|
20C20000
|
direct allocation
|
page read and write
|
|
|
|
41A000
|
unkown
|
page execute and read and write
|
|
|
|
21F6A000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
554000
|
remote allocation
|
page execute and read and write
|
|
|
|
521000
|
unkown
|
page execute read
|
||
|
20E7D000
|
direct allocation
|
page read and write
|
||
|
780000
|
unkown
|
page execute and read and write
|
||
|
2ACD000
|
stack
|
page read and write
|
||
|
7FA50000
|
direct allocation
|
page read and write
|
||
|
21680000
|
trusted library allocation
|
page read and write
|
||
|
4ED000
|
unkown
|
page execute and read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
20E06000
|
direct allocation
|
page read and write
|
||
|
4C7B000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
2282000
|
direct allocation
|
page read and write
|
||
|
7FC01000
|
direct allocation
|
page read and write
|
||
|
19F000
|
stack
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
2E15000
|
direct allocation
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2C2E000
|
stack
|
page read and write
|
||
|
47DD000
|
stack
|
page read and write
|
||
|
2115A000
|
heap
|
page read and write
|
||
|
21161000
|
heap
|
page read and write
|
||
|
20E0D000
|
direct allocation
|
page read and write
|
||
|
232A0000
|
heap
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
295F000
|
stack
|
page read and write
|
||
|
2CFD000
|
stack
|
page read and write
|
||
|
2200F000
|
heap
|
page read and write
|
||
|
A10000
|
unkown
|
page execute and read and write
|
||
|
20DF8000
|
direct allocation
|
page read and write
|
||
|
2854000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
4C0F000
|
stack
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
2117E000
|
stack
|
page read and write
|
||
|
29CE000
|
unkown
|
page read and write
|
||
|
2F9A4000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
268E000
|
stack
|
page read and write
|
||
|
543D000
|
heap
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
212FE000
|
stack
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
5BF000
|
stack
|
page read and write
|
||
|
543B000
|
heap
|
page read and write
|
||
|
54E000
|
unkown
|
page write copy
|
||
|
7FB50000
|
direct allocation
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
55E000
|
stack
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
217F0000
|
remote allocation
|
page read and write
|
||
|
5424000
|
heap
|
page read and write
|
||
|
211AF000
|
stack
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
5C00000
|
trusted library allocation
|
page read and write
|
||
|
4EA000
|
unkown
|
page read and write
|
||
|
7FCF0000
|
direct allocation
|
page read and write
|
||
|
47FC000
|
heap
|
page read and write
|
||
|
5435000
|
heap
|
page read and write
|
||
|
2D9F0000
|
heap
|
page read and write
|
||
|
2DA4E000
|
stack
|
page read and write
|
||
|
20E14000
|
direct allocation
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
A10000
|
unkown
|
page execute and read and write
|
||
|
54E000
|
unkown
|
page write copy
|
||
|
20FAE000
|
stack
|
page execute and read and write
|
||
|
541A000
|
heap
|
page read and write
|
||
|
9BF000
|
stack
|
page read and write
|
||
|
2F32000
|
heap
|
page read and write
|
||
|
2D7A000
|
heap
|
page read and write
|
||
|
7FB50000
|
direct allocation
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
2A3E000
|
heap
|
page read and write
|
||
|
2DB74000
|
heap
|
page read and write
|
||
|
22F50000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
2B87000
|
heap
|
page read and write
|
||
|
2EA1000
|
direct allocation
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
521000
|
unkown
|
page execute read
|
||
|
710000
|
remote allocation
|
page execute and read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
54E000
|
unkown
|
page write copy
|
||
|
50DF000
|
stack
|
page read and write
|
||
|
47F5000
|
heap
|
page read and write
|
||
|
416000
|
unkown
|
page readonly
|
||
|
F20000
|
remote allocation
|
page execute and read and write
|
||
|
66F000
|
heap
|
page read and write
|
||
|
21C5B000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
7FBA0000
|
direct allocation
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
543D000
|
heap
|
page read and write
|
||
|
7EF50000
|
direct allocation
|
page read and write
|
||
|
7FBA0000
|
direct allocation
|
page read and write
|
||
|
2F9A5000
|
heap
|
page read and write
|
||
|
43D000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2FDD000
|
stack
|
page read and write
|
||
|
2852000
|
heap
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
21BC1000
|
heap
|
page read and write
|
||
|
2EF5000
|
heap
|
page read and write
|
||
|
20E8C000
|
direct allocation
|
page read and write
|
||
|
2D82000
|
heap
|
page read and write
|
||
|
2FEA000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page execute and read and write
|
||
|
2DAF3000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2DEF000
|
stack
|
page read and write
|
||
|
282F000
|
stack
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
20E2A000
|
direct allocation
|
page read and write
|
||
|
2169F000
|
trusted library allocation
|
page read and write
|
||
|
7FC40000
|
direct allocation
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
2F21000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page execute and read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
E90000
|
unkown
|
page execute and read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
21161000
|
heap
|
page read and write
|
||
|
2DB20000
|
heap
|
page read and write
|
||
|
23D2000
|
direct allocation
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
5861000
|
direct allocation
|
page read and write
|
||
|
47E5000
|
heap
|
page read and write
|
||
|
2F996000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
2100F000
|
stack
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
4C7B000
|
heap
|
page read and write
|
||
|
2D7C000
|
heap
|
page read and write
|
||
|
23CC000
|
direct allocation
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
2DD3F000
|
stack
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
2142E000
|
stack
|
page read and write
|
||
|
EDF000
|
unkown
|
page execute and read and write
|
||
|
4FCF000
|
stack
|
page read and write
|
||
|
2E43000
|
direct allocation
|
page read and write
|
||
|
2340000
|
direct allocation
|
page read and write
|
||
|
2F32000
|
heap
|
page read and write
|
||
|
4EA000
|
unkown
|
page read and write
|
||
|
4C48000
|
heap
|
page read and write
|
||
|
3780000
|
heap
|
page read and write
|
||
|
E4F000
|
unkown
|
page execute and read and write
|
||
|
4CB000
|
stack
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
840000
|
unkown
|
page execute and read and write
|
||
|
459000
|
unkown
|
page write copy
|
||
|
2F21000
|
heap
|
page read and write
|
||
|
240C000
|
direct allocation
|
page read and write
|
||
|
21C52000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
7F3E0000
|
direct allocation
|
page read and write
|
||
|
7F320000
|
direct allocation
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
28ED000
|
heap
|
page read and write
|
||
|
2EF5000
|
heap
|
page read and write
|
||
|
4C76000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
4C9000
|
stack
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
20DC3000
|
direct allocation
|
page read and write
|
||
|
552000
|
remote allocation
|
page execute and read and write
|
||
|
2AFD000
|
stack
|
page read and write
|
||
|
21F22000
|
direct allocation
|
page read and write
|
||
|
4ED000
|
unkown
|
page execute and read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
21161000
|
heap
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
2A2F000
|
stack
|
page read and write
|
||
|
2127F000
|
stack
|
page read and write
|
||
|
21193000
|
heap
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
4C5C000
|
heap
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
5435000
|
heap
|
page read and write
|
||
|
23E8000
|
direct allocation
|
page read and write
|
||
|
217F0000
|
remote allocation
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
21690000
|
trusted library allocation
|
page read and write
|
||
|
2F9A4000
|
heap
|
page read and write
|
||
|
20D2D000
|
direct allocation
|
page read and write
|
||
|
299E000
|
stack
|
page read and write
|
||
|
22DE000
|
stack
|
page read and write
|
||
|
27AD000
|
stack
|
page read and write
|
||
|
7F2B0000
|
direct allocation
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
3347000
|
heap
|
page read and write
|
||
|
20D26000
|
direct allocation
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
20E31000
|
direct allocation
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
20FAF000
|
stack
|
page read and write
|
||
|
603000
|
heap
|
page read and write
|
||
|
7D0000
|
remote allocation
|
page execute and read and write
|
||
|
2DAF0000
|
heap
|
page read and write
|
||
|
20E60000
|
direct allocation
|
page read and write
|
||
|
20D58000
|
direct allocation
|
page read and write
|
||
|
278E000
|
heap
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
211AC000
|
heap
|
page read and write
|
||
|
4C00000
|
direct allocation
|
page read and write
|
||
|
229E000
|
stack
|
page read and write
|
||
|
21161000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
4C77000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
9B0000
|
remote allocation
|
page execute and read and write
|
||
|
2114F000
|
stack
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
2D84000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
2115A000
|
heap
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
20D00000
|
direct allocation
|
page read and write
|
||
|
22B4000
|
direct allocation
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
2A46000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
4F3000
|
unkown
|
page readonly
|
||
|
21120000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
47DA000
|
heap
|
page read and write
|
||
|
2B8C000
|
heap
|
page read and write
|
||
|
2156E000
|
stack
|
page read and write
|
||
|
2DB74000
|
heap
|
page read and write
|
||
|
23E0000
|
direct allocation
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
7FA2F000
|
direct allocation
|
page read and write
|
||
|
21C2E000
|
heap
|
page read and write
|
||
|
21152000
|
heap
|
page read and write
|
||
|
7F0000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2EF5000
|
heap
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
479F000
|
stack
|
page read and write
|
||
|
21BFD000
|
heap
|
page read and write
|
||
|
2F97000
|
direct allocation
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
2428000
|
direct allocation
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
3730000
|
heap
|
page read and write
|
||
|
47E5000
|
heap
|
page read and write
|
||
|
20F0E000
|
stack
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
4A80000
|
heap
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
552000
|
remote allocation
|
page execute and read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
FD1000
|
remote allocation
|
page execute and read and write
|
||
|
571000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
2E47000
|
direct allocation
|
page execute and read and write
|
||
|
416000
|
unkown
|
page readonly
|
||
|
2153E000
|
stack
|
page read and write
|
||
|
EDF000
|
remote allocation
|
page execute and read and write
|
||
|
2AE2000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
A7C000
|
stack
|
page read and write
|
||
|
2A1E000
|
heap
|
page read and write
|
||
|
21C23000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
21670000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
7F9C0000
|
direct allocation
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
7FBBE000
|
direct allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
5AF000
|
heap
|
page read and write
|
||
|
20DEB000
|
direct allocation
|
page read and write
|
||
|
552000
|
unkown
|
page read and write
|
||
|
2F22000
|
heap
|
page read and write
|
||
|
2DB47000
|
heap
|
page read and write
|
||
|
2DAE0000
|
heap
|
page read and write
|
||
|
7F930000
|
direct allocation
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
7EF9A000
|
direct allocation
|
page read and write
|
||
|
20DB0000
|
direct allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
7F0000
|
unkown
|
page execute and read and write
|
||
|
2F10000
|
direct allocation
|
page readonly
|
||
|
3210000
|
heap
|
page read and write
|
||
|
4C76000
|
heap
|
page read and write
|
||
|
7FB60000
|
direct allocation
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
21680000
|
heap
|
page read and write
|
||
|
22000000
|
trusted library allocation
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
7FB9F000
|
direct allocation
|
page read and write
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
2D5C000
|
heap
|
page read and write
|
||
|
2F14000
|
heap
|
page read and write
|
||
|
2DB5F000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
20F3E000
|
stack
|
page execute and read and write
|
||
|
E00000
|
remote allocation
|
page execute and read and write
|
||
|
541C000
|
heap
|
page read and write
|
||
|
560000
|
unkown
|
page execute and read and write
|
||
|
7F0000
|
remote allocation
|
page execute and read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
D41000
|
unkown
|
page execute read
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
2F23000
|
direct allocation
|
page read and write
|
||
|
57B0000
|
direct allocation
|
page read and write
|
||
|
22AD000
|
direct allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
47C0000
|
heap
|
page read and write
|
||
|
7EFA0000
|
direct allocation
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
20FAA000
|
stack
|
page read and write
|
||
|
D44000
|
unkown
|
page write copy
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
7FC5F000
|
direct allocation
|
page read and write
|
||
|
543B000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
A76000
|
heap
|
page read and write
|
||
|
54E000
|
unkown
|
page read and write
|
||
|
5425000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
D44000
|
unkown
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
2166F000
|
stack
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
47F5000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
20E76000
|
direct allocation
|
page read and write
|
||
|
2DB44000
|
heap
|
page read and write
|
||
|
710000
|
unkown
|
page execute and read and write
|
||
|
2E3A000
|
heap
|
page read and write
|
||
|
220FC000
|
heap
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
22D60000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
283A000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
7FC10000
|
direct allocation
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
21A60000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
23A0000
|
direct allocation
|
page read and write
|
||
|
585000
|
heap
|
page read and write
|
||
|
2113F000
|
stack
|
page read and write
|
||
|
22D20000
|
heap
|
page read and write
|
||
|
2CE2000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
54E000
|
unkown
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
5C9000
|
heap
|
page read and write
|
||
|
2112E000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2D4D000
|
stack
|
page read and write
|
||
|
560000
|
remote allocation
|
page execute and read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
5424000
|
heap
|
page read and write
|
||
|
217BE000
|
stack
|
page read and write
|
||
|
4EDB000
|
stack
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
23E1000
|
direct allocation
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
210AF000
|
stack
|
page read and write
|
||
|
7F370000
|
direct allocation
|
page read and write
|
||
|
2DEE000
|
direct allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
2F98C000
|
heap
|
page read and write
|
||
|
3790000
|
heap
|
page read and write
|
||
|
2FB59000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
54E000
|
unkown
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
4E50000
|
heap
|
page read and write
|
||
|
4ED000
|
unkown
|
page execute and read and write
|
||
|
21100000
|
heap
|
page read and write
|
||
|
99F000
|
stack
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
7F540000
|
direct allocation
|
page read and write
|
||
|
A23000
|
heap
|
page read and write
|
||
|
2112A000
|
heap
|
page read and write
|
||
|
20D70000
|
direct allocation
|
page read and write
|
||
|
21CC0000
|
heap
|
page read and write
|
||
|
543B000
|
heap
|
page read and write
|
||
|
21C4E000
|
heap
|
page read and write
|
||
|
543D000
|
heap
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
21BFC000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
7EE70000
|
direct allocation
|
page read and write
|
||
|
2D5A000
|
heap
|
page read and write
|
||
|
2DB4D000
|
heap
|
page read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
E4F000
|
unkown
|
page execute and read and write
|
||
|
7F230000
|
direct allocation
|
page read and write
|
||
|
54E000
|
unkown
|
page write copy
|
||
|
7EF30000
|
direct allocation
|
page read and write
|
||
|
2EEB000
|
heap
|
page read and write
|
||
|
54E000
|
unkown
|
page write copy
|
||
|
20D7F000
|
direct allocation
|
page read and write
|
||
|
E4F000
|
remote allocation
|
page execute and read and write
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
907000
|
remote allocation
|
page execute and read and write
|
||
|
2115A000
|
heap
|
page read and write
|
||
|
53E000
|
heap
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
2F99E000
|
heap
|
page read and write
|
||
|
20DC7000
|
direct allocation
|
page read and write
|
||
|
2DE3F000
|
stack
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
2404000
|
direct allocation
|
page read and write
|
||
|
7F020000
|
direct allocation
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
7D8000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page execute and read and write
|
||
|
2116D000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
23D3000
|
direct allocation
|
page read and write
|
||
|
4AF0000
|
heap
|
page read and write
|
||
|
2F3B000
|
direct allocation
|
page execute and read and write
|
||
|
2F99E000
|
heap
|
page read and write
|
||
|
543D000
|
heap
|
page read and write
|
||
|
4ED9000
|
stack
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
4EE000
|
unkown
|
page write copy
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
22CA000
|
direct allocation
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
20F3F000
|
stack
|
page read and write
|
||
|
20EA8000
|
direct allocation
|
page read and write
|
||
|
20E9F000
|
stack
|
page read and write
|
||
|
21085000
|
heap
|
page read and write
|
||
|
7F320000
|
direct allocation
|
page read and write
|
||
|
219CE000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
4A3A000
|
stack
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
961000
|
remote allocation
|
page execute and read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
7F4E0000
|
direct allocation
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
47C9000
|
heap
|
page read and write
|
||
|
E90000
|
remote allocation
|
page execute and read and write
|
||
|
23FD000
|
direct allocation
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page write copy
|
||
|
2EF5000
|
heap
|
page read and write
|
||
|
7D0000
|
unkown
|
page execute and read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
7FB60000
|
direct allocation
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
520000
|
unkown
|
page readonly
|
||
|
601000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2F640000
|
heap
|
page read and write
|
||
|
4EE000
|
unkown
|
page read and write
|
||
|
537F000
|
stack
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
53A000
|
heap
|
page read and write
|
||
|
22D8000
|
direct allocation
|
page read and write
|
||
|
2142E000
|
stack
|
page read and write
|
||
|
2290000
|
direct allocation
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
21080000
|
heap
|
page read and write
|
||
|
7F2C0000
|
direct allocation
|
page read and write
|
||
|
7FB60000
|
direct allocation
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
21F46000
|
direct allocation
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
22BC000
|
direct allocation
|
page read and write
|
||
|
313C0000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
7FBEF000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
54E000
|
unkown
|
page read and write
|
||
|
2F770000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
840000
|
unkown
|
page execute and read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page execute and read and write
|
||
|
961000
|
unkown
|
page execute and read and write
|
||
|
54E000
|
unkown
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
2DB75000
|
heap
|
page read and write
|
||
|
2167F000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
2EDD000
|
stack
|
page read and write
|
||
|
840000
|
remote allocation
|
page execute and read and write
|
||
|
21161000
|
heap
|
page read and write
|
||
|
213DF000
|
stack
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
2168F000
|
trusted library allocation
|
page read and write
|
||
|
54E000
|
unkown
|
page write copy
|
||
|
2193F000
|
stack
|
page read and write
|
||
|
20E68000
|
direct allocation
|
page read and write
|
||
|
267D000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
4930000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
22C3000
|
direct allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
2F27000
|
direct allocation
|
page execute and read and write
|
||
|
9B0000
|
unkown
|
page execute and read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
21BC9000
|
heap
|
page read and write
|
||
|
7F540000
|
direct allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
710000
|
unkown
|
page execute and read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
47F5000
|
heap
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
20E9E000
|
stack
|
page execute and read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
4C5A000
|
heap
|
page read and write
|
||
|
FD1000
|
unkown
|
page execute and read and write
|
||
|
2A42000
|
heap
|
page read and write
|
||
|
2DB47000
|
heap
|
page read and write
|
||
|
2987000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
543D000
|
heap
|
page read and write
|
||
|
2DA05000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
2F9A4000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
2413000
|
direct allocation
|
page read and write
|
||
|
2156E000
|
stack
|
page read and write
|
||
|
255E000
|
stack
|
page read and write
|
||
|
8B0000
|
unkown
|
page execute and read and write
|
||
|
21193000
|
heap
|
page read and write
|
||
|
60A000
|
heap
|
page read and write
|
||
|
2EF5000
|
direct allocation
|
page read and write
|
||
|
23DF000
|
stack
|
page read and write
|
||
|
7FBB9000
|
direct allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
7FCAF000
|
direct allocation
|
page read and write
|
||
|
217F0000
|
remote allocation
|
page read and write
|
||
|
840000
|
remote allocation
|
page execute and read and write
|
||
|
22F10000
|
heap
|
page read and write
|
||
|
60E000
|
heap
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
780000
|
remote allocation
|
page execute and read and write
|
||
|
5435000
|
heap
|
page read and write
|
||
|
20E23000
|
direct allocation
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
20D4A000
|
direct allocation
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
2A6B000
|
heap
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
2D83000
|
heap
|
page read and write
|
||
|
7F1C0000
|
direct allocation
|
page read and write
|
||
|
D41000
|
unkown
|
page execute read
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
7EFA0000
|
direct allocation
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
5408000
|
heap
|
page read and write
|
||
|
21161000
|
heap
|
page read and write
|
||
|
346000
|
heap
|
page read and write
|
||
|
216BE000
|
stack
|
page read and write
|
||
|
2166D000
|
stack
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
20D68000
|
direct allocation
|
page read and write
|
||
|
63F000
|
stack
|
page read and write
|
||
|
338A000
|
heap
|
page read and write
|
||
|
2F31000
|
heap
|
page read and write
|
||
|
2F97B000
|
heap
|
page read and write
|
||
|
2DB74000
|
heap
|
page read and write
|
||
|
21BFD000
|
heap
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
3CE000
|
stack
|
page read and write
|
||
|
2A2B000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page execute and read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
290D000
|
stack
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
2128F000
|
stack
|
page read and write
|
||
|
21BC5000
|
heap
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
308E000
|
direct allocation
|
page execute and read and write
|
||
|
212AF000
|
stack
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
22F53000
|
heap
|
page read and write
|
||
|
2DB66000
|
heap
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
47DA000
|
heap
|
page read and write
|
||
|
7EEE0000
|
direct allocation
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
416000
|
unkown
|
page readonly
|
||
|
2A4B000
|
heap
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
21161000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
459000
|
unkown
|
page read and write
|
||
|
FD1000
|
unkown
|
page execute and read and write
|
||
|
7F370000
|
direct allocation
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
9B0000
|
unkown
|
page execute and read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
23BD000
|
direct allocation
|
page read and write
|
||
|
4C7B000
|
heap
|
page read and write
|
||
|
20E9A000
|
direct allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
48D000
|
stack
|
page read and write
|
||
|
840000
|
unkown
|
page execute and read and write
|
||
|
2ECF000
|
unkown
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
10D000
|
stack
|
page read and write
|
||
|
2593000
|
heap
|
page read and write
|
||
|
7FC60000
|
direct allocation
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
2EF5000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page write copy
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2103F000
|
stack
|
page read and write
|
||
|
54E000
|
unkown
|
page read and write
|
||
|
2F977000
|
heap
|
page read and write
|
||
|
241A000
|
direct allocation
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
2157E000
|
stack
|
page read and write
|
||
|
2864000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
A10000
|
remote allocation
|
page execute and read and write
|
||
|
961000
|
unkown
|
page execute and read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
21161000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page write copy
|
||
|
2DA8E000
|
stack
|
page read and write
|
||
|
23F3000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
2DA00000
|
heap
|
page read and write
|
||
|
7F320000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
213FF000
|
stack
|
page read and write
|
||
|
8B0000
|
remote allocation
|
page execute and read and write
|
||
|
30D000
|
stack
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
2143E000
|
stack
|
page read and write
|
||
|
2104E000
|
stack
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
2EF5000
|
heap
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
1BE000
|
stack
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
4EC000
|
unkown
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
2F11000
|
direct allocation
|
page execute read
|
||
|
600000
|
heap
|
page read and write
|
||
|
225C000
|
stack
|
page read and write
|
||
|
20DB3000
|
direct allocation
|
page read and write
|
||
|
2118E000
|
stack
|
page read and write
|
||
|
20D9C000
|
stack
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
212EE000
|
stack
|
page read and write
|
||
|
2A53000
|
heap
|
page read and write
|
||
|
2DB40000
|
heap
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
656000
|
heap
|
page read and write
|
||
|
20E84000
|
direct allocation
|
page read and write
|
||
|
21161000
|
heap
|
page read and write
|
||
|
4ACE000
|
stack
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
4C7B000
|
heap
|
page read and write
|
||
|
7EF30000
|
direct allocation
|
page read and write
|
||
|
2F22000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
2F21000
|
heap
|
page read and write
|
||
|
20EA1000
|
direct allocation
|
page read and write
|
||
|
2DB5C000
|
heap
|
page read and write
|
||
|
4EC000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
331E000
|
stack
|
page read and write
|
||
|
20E6F000
|
direct allocation
|
page read and write
|
||
|
212DE000
|
stack
|
page read and write
|
||
|
2DB74000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
2117C000
|
heap
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
4EA000
|
unkown
|
page read and write
|
||
|
21C7C000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
47FC000
|
heap
|
page read and write
|
||
|
2C62000
|
heap
|
page read and write
|
||
|
21C56000
|
heap
|
page read and write
|
||
|
4C5C000
|
heap
|
page read and write
|
||
|
2115A000
|
heap
|
page read and write
|
||
|
50E0000
|
direct allocation
|
page read and write
|
||
|
4C76000
|
heap
|
page read and write
|
||
|
7F540000
|
direct allocation
|
page read and write
|
||
|
2F21000
|
heap
|
page read and write
|
||
|
2183E000
|
stack
|
page read and write
|
||
|
286A000
|
heap
|
page read and write
|
||
|
7FD50000
|
direct allocation
|
page read and write
|
||
|
20E93000
|
direct allocation
|
page read and write
|
||
|
D46000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
47FC000
|
heap
|
page read and write
|
||
|
2F99E000
|
heap
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
2F99E000
|
heap
|
page read and write
|
||
|
2CD000
|
stack
|
page read and write
|
||
|
EDF000
|
unkown
|
page execute and read and write
|
||
|
2DC1000
|
direct allocation
|
page execute read
|
||
|
459000
|
unkown
|
page read and write
|
||
|
541C000
|
heap
|
page read and write
|
||
|
543B000
|
heap
|
page read and write
|
||
|
308B000
|
direct allocation
|
page execute and read and write
|
||
|
4E9D000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
2F974000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
5B0000
|
remote allocation
|
page execute and read and write
|
||
|
47FC000
|
heap
|
page read and write
|
||
|
21BC0000
|
heap
|
page read and write
|
||
|
2421000
|
direct allocation
|
page read and write
|
||
|
2ECE000
|
direct allocation
|
page read and write
|
||
|
543B000
|
heap
|
page read and write
|
||
|
2F99E000
|
heap
|
page read and write
|
||
|
2EF5000
|
heap
|
page read and write
|
||
|
2784000
|
heap
|
page read and write
|
||
|
23E0000
|
direct allocation
|
page execute and read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
2115A000
|
heap
|
page read and write
|
||
|
4C5A000
|
heap
|
page read and write
|
||
|
20D43000
|
direct allocation
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page execute and read and write
|
||
|
5435000
|
heap
|
page read and write
|
||
|
8B0000
|
unkown
|
page execute and read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
21010000
|
heap
|
page read and write
|
||
|
521000
|
unkown
|
page execute read
|
||
|
21161000
|
heap
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
4B2000
|
unkown
|
page write copy
|
||
|
E90000
|
unkown
|
page execute and read and write
|
||
|
7F240000
|
direct allocation
|
page read and write
|
||
|
20F3A000
|
stack
|
page read and write
|
||
|
2D7E000
|
heap
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
7F36F000
|
direct allocation
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
276A000
|
heap
|
page read and write
|
||
|
907000
|
unkown
|
page execute and read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
301B000
|
direct allocation
|
page execute and read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
D46000
|
unkown
|
page readonly
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
20D51000
|
direct allocation
|
page read and write
|
||
|
23C4000
|
direct allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
907000
|
unkown
|
page execute and read and write
|
||
|
2CA7000
|
heap
|
page read and write
|
||
|
2F3E000
|
direct allocation
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
2830000
|
heap
|
page read and write
|
||
|
2854000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
22D1000
|
direct allocation
|
page read and write
|
||
|
7F3E0000
|
direct allocation
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
2200F000
|
trusted library allocation
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
20E9A000
|
stack
|
page read and write
|
||
|
2F21000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page execute and read and write
|
||
|
23DA000
|
direct allocation
|
page read and write
|
||
|
7F491000
|
direct allocation
|
page read and write
|
||
|
21A7E000
|
heap
|
page read and write
|
||
|
2152E000
|
stack
|
page read and write
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
7F300000
|
direct allocation
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
2116D000
|
heap
|
page read and write
|
||
|
213EF000
|
stack
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
61E000
|
stack
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
20D34000
|
direct allocation
|
page read and write
|
||
|
2DB77000
|
heap
|
page read and write
|
||
|
47E5000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
21A73000
|
heap
|
page read and write
|
||
|
20E38000
|
direct allocation
|
page read and write
|
||
|
2152D000
|
stack
|
page read and write
|
||
|
2A4F000
|
heap
|
page read and write
|
||
|
541A000
|
heap
|
page read and write
|
||
|
251E000
|
stack
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
56A000
|
unkown
|
page readonly
|
||
|
3240000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
4EE000
|
unkown
|
page read and write
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
2DB6E000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page execute and read and write
|
||
|
86E000
|
stack
|
page read and write
|
There are 904 hidden memdumps, click here to show them.