Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
mpclient.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_20f9428fc69f80b8fcc03e3341cbf863e0bcfdc7_7522e4b5_52103b4a-3fcb-4747-9090-aad0eb711ac4\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_20f9428fc69f80b8fcc03e3341cbf863e0bcfdc7_7522e4b5_ab4840ec-f641-4ca3-ac94-4c3332b26cf8\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_9c8c3888a72df77b28b6ce79de7796e2729c18e5_7522e4b5_aae2bca9-da81-47d2-81db-5aabcf737fdc\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1F93.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Feb 21 20:30:55 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER20BD.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER211C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER48A7.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Feb 21 20:31:06 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4B95.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Feb 21 20:31:07 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4DD8.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4DF7.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4E18.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4E47.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\mpclient.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\mpclient.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\mpclient.dll,MpAddDynamicSignatureFile
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",#1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 1720 -s 696
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\mpclient.dll,MpAllocMemory
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\mpclient.dll,MpCleanOpen
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpAddDynamicSignatureFile
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpAllocMemory
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpCleanOpen
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",dbkFCallWrapperAddr
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",__dbk_fcall_wrapper
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",TMethodImplementationIntercept
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpWDEnable
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpUtilsExportFunctions
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpUpdateTSModeEx
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpUpdateStartEx
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpUpdateStart
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpUpdatePlatform
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7784 -s 688
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpUnblockSignatures
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpUnblockPlatform
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpUnblockEngine
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7820 -s 688
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpThreatOpen
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpThreatEnumerate
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpSetTPState
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\mpclient.dll",MpServiceLogMessage
|
There are 19 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProgramId
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
FileId
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LongPathHash
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Name
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
OriginalFileName
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Publisher
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Version
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinFileVersion
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinaryType
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductName
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductVersion
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LinkDate
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinProductVersion
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Size
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Language
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
IsOsComponent
|
||
|
\REGISTRY\A\{99f2de37-044d-a92f-9f08-c398f9044a68}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C00C055FFF0D
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C00C055FFF0D
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
There are 17 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4E68000
|
direct allocation
|
page read and write
|
||
|
6A7000
|
unkown
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
455A000
|
direct allocation
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
4B64000
|
direct allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
4C78000
|
direct allocation
|
page read and write
|
||
|
D6F000
|
stack
|
page read and write
|
||
|
45D0000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
4C8A000
|
direct allocation
|
page read and write
|
||
|
4B04000
|
direct allocation
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
48D4000
|
direct allocation
|
page read and write
|
||
|
4BFC000
|
direct allocation
|
page read and write
|
||
|
4AE8000
|
direct allocation
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
4511000
|
direct allocation
|
page read and write
|
||
|
4CDA000
|
direct allocation
|
page read and write
|
||
|
6B6000
|
unkown
|
page read and write
|
||
|
4AAD000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4A04000
|
direct allocation
|
page read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
502A000
|
direct allocation
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
488B000
|
direct allocation
|
page read and write
|
||
|
4918000
|
direct allocation
|
page read and write
|
||
|
4A60000
|
direct allocation
|
page execute and read and write
|
||
|
A61000
|
direct allocation
|
page read and write
|
||
|
4C68000
|
direct allocation
|
page read and write
|
||
|
490A000
|
direct allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
D0B000
|
stack
|
page read and write
|
||
|
2DD1000
|
direct allocation
|
page read and write
|
||
|
4A64000
|
direct allocation
|
page read and write
|
||
|
D90000
|
direct allocation
|
page execute and read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
4E4C000
|
direct allocation
|
page read and write
|
||
|
334E000
|
stack
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
4944000
|
direct allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
492F000
|
direct allocation
|
page read and write
|
||
|
4CE8000
|
direct allocation
|
page read and write
|
||
|
3710000
|
heap
|
page read and write
|
||
|
48F8000
|
direct allocation
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
DE0000
|
direct allocation
|
page execute and read and write
|
||
|
6B2000
|
unkown
|
page write copy
|
||
|
450A000
|
direct allocation
|
page read and write
|
||
|
3FB000
|
stack
|
page read and write
|
||
|
DFA000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
4B14000
|
direct allocation
|
page read and write
|
||
|
6BF000
|
unkown
|
page write copy
|
||
|
4868000
|
direct allocation
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
4900000
|
heap
|
page read and write
|
||
|
4CCC000
|
direct allocation
|
page read and write
|
||
|
489A000
|
direct allocation
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
5014000
|
direct allocation
|
page read and write
|
||
|
A28000
|
direct allocation
|
page read and write
|
||
|
493D000
|
direct allocation
|
page read and write
|
||
|
4914000
|
direct allocation
|
page read and write
|
||
|
4ED0000
|
direct allocation
|
page execute and read and write
|
||
|
4C18000
|
direct allocation
|
page read and write
|
||
|
47ED000
|
direct allocation
|
page read and write
|
||
|
4BC1000
|
direct allocation
|
page read and write
|
||
|
6C1000
|
unkown
|
page read and write
|
||
|
4528000
|
direct allocation
|
page read and write
|
||
|
486A000
|
direct allocation
|
page read and write
|
||
|
4B31000
|
direct allocation
|
page read and write
|
||
|
4884000
|
direct allocation
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
4B73000
|
direct allocation
|
page read and write
|
||
|
6A7000
|
unkown
|
page read and write
|
||
|
590000
|
direct allocation
|
page execute and read and write
|
||
|
EBC000
|
stack
|
page read and write
|
||
|
4821000
|
direct allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
F46000
|
direct allocation
|
page read and write
|
||
|
494C000
|
direct allocation
|
page read and write
|
||
|
481A000
|
direct allocation
|
page read and write
|
||
|
A2F000
|
direct allocation
|
page read and write
|
||
|
4CD3000
|
direct allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
4AAD000
|
direct allocation
|
page read and write
|
||
|
B6B000
|
stack
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
4C98000
|
direct allocation
|
page read and write
|
||
|
8D0000
|
direct allocation
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
4968000
|
direct allocation
|
page read and write
|
||
|
489A000
|
direct allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
4B0D000
|
direct allocation
|
page read and write
|
||
|
DC000
|
stack
|
page read and write
|
||
|
4A54000
|
direct allocation
|
page read and write
|
||
|
4AFD000
|
direct allocation
|
page read and write
|
||
|
4A9F000
|
direct allocation
|
page read and write
|
||
|
4A6B000
|
direct allocation
|
page read and write
|
||
|
44FB000
|
direct allocation
|
page read and write
|
||
|
13B1000
|
unkown
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
4CCB000
|
direct allocation
|
page read and write
|
||
|
4A5C000
|
direct allocation
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
4CC4000
|
direct allocation
|
page read and write
|
||
|
4ABC000
|
direct allocation
|
page read and write
|
||
|
495F000
|
stack
|
page read and write
|
||
|
4A4D000
|
direct allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
4AC3000
|
direct allocation
|
page read and write
|
||
|
48C6000
|
direct allocation
|
page read and write
|
||
|
54C000
|
stack
|
page read and write
|
||
|
6A8000
|
unkown
|
page write copy
|
||
|
97F000
|
stack
|
page read and write
|
||
|
483F000
|
direct allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
490D000
|
direct allocation
|
page read and write
|
||
|
4610000
|
heap
|
page read and write
|
||
|
4821000
|
direct allocation
|
page read and write
|
||
|
7CC000
|
stack
|
page read and write
|
||
|
F04000
|
direct allocation
|
page read and write
|
||
|
B2B000
|
stack
|
page read and write
|
||
|
306A000
|
heap
|
page read and write
|
||
|
4930000
|
heap
|
page read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
484D000
|
direct allocation
|
page read and write
|
||
|
4C03000
|
direct allocation
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
2DBC000
|
direct allocation
|
page read and write
|
||
|
48FB000
|
direct allocation
|
page read and write
|
||
|
4CE1000
|
direct allocation
|
page read and write
|
||
|
9BA000
|
heap
|
page read and write
|
||
|
4910000
|
heap
|
page read and write
|
||
|
6A9000
|
unkown
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
50F000
|
stack
|
page read and write
|
||
|
485A000
|
direct allocation
|
page read and write
|
||
|
6B2000
|
unkown
|
page write copy
|
||
|
4CFF000
|
direct allocation
|
page read and write
|
||
|
F71000
|
direct allocation
|
page read and write
|
||
|
4536000
|
direct allocation
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
4E58000
|
direct allocation
|
page read and write
|
||
|
7AC000
|
stack
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
33B0000
|
direct allocation
|
page execute and read and write
|
||
|
C7C000
|
stack
|
page read and write
|
||
|
4568000
|
direct allocation
|
page read and write
|
||
|
34CF000
|
stack
|
page read and write
|
||
|
4B8D000
|
direct allocation
|
page read and write
|
||
|
F21000
|
direct allocation
|
page read and write
|
||
|
4B7A000
|
direct allocation
|
page read and write
|
||
|
2D6B000
|
direct allocation
|
page read and write
|
||
|
48EA000
|
direct allocation
|
page read and write
|
||
|
49F0000
|
heap
|
page read and write
|
||
|
452F000
|
direct allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
4FE1000
|
direct allocation
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
6AE000
|
unkown
|
page read and write
|
||
|
14B000
|
stack
|
page read and write
|
||
|
50B000
|
stack
|
page read and write
|
||
|
48E1000
|
direct allocation
|
page read and write
|
||
|
484B000
|
direct allocation
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
139D000
|
unkown
|
page write copy
|
||
|
48E8000
|
direct allocation
|
page read and write
|
||
|
6B1000
|
unkown
|
page read and write
|
||
|
4854000
|
direct allocation
|
page read and write
|
||
|
488B000
|
direct allocation
|
page read and write
|
||
|
10F0000
|
unkown
|
page readonly
|
||
|
4553000
|
direct allocation
|
page read and write
|
||
|
D6F000
|
stack
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
4D0D000
|
direct allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
4BC8000
|
direct allocation
|
page read and write
|
||
|
4CA8000
|
direct allocation
|
page read and write
|
||
|
D4C000
|
stack
|
page read and write
|
||
|
6B6000
|
unkown
|
page read and write
|
||
|
4E3B000
|
direct allocation
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
59C000
|
stack
|
page read and write
|
||
|
4938000
|
direct allocation
|
page read and write
|
||
|
48BF000
|
direct allocation
|
page read and write
|
||
|
8CC000
|
stack
|
page read and write
|
||
|
4A81000
|
direct allocation
|
page read and write
|
||
|
48F1000
|
direct allocation
|
page read and write
|
||
|
F2F000
|
stack
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
4838000
|
direct allocation
|
page read and write
|
||
|
F4C000
|
stack
|
page read and write
|
||
|
F1A000
|
direct allocation
|
page read and write
|
||
|
4804000
|
direct allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
48A1000
|
direct allocation
|
page read and write
|
||
|
6A7000
|
unkown
|
page read and write
|
||
|
4878000
|
direct allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
30AB000
|
stack
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
A53000
|
direct allocation
|
page read and write
|
||
|
4B81000
|
direct allocation
|
page read and write
|
||
|
4A3F000
|
direct allocation
|
page read and write
|
||
|
9DD000
|
direct allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
87E000
|
stack
|
page read and write
|
||
|
4D06000
|
direct allocation
|
page read and write
|
||
|
4B1C000
|
direct allocation
|
page read and write
|
||
|
483F000
|
direct allocation
|
page read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
4A71000
|
direct allocation
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
1399000
|
unkown
|
page read and write
|
||
|
6A8000
|
unkown
|
page write copy
|
||
|
4CAF000
|
direct allocation
|
page read and write
|
||
|
44F4000
|
direct allocation
|
page read and write
|
||
|
6A9000
|
unkown
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
6B2000
|
unkown
|
page write copy
|
||
|
4871000
|
direct allocation
|
page read and write
|
||
|
F0B000
|
stack
|
page read and write
|
||
|
4A6A000
|
direct allocation
|
page read and write
|
||
|
481A000
|
direct allocation
|
page read and write
|
||
|
FF0000
|
direct allocation
|
page execute and read and write
|
||
|
316D000
|
stack
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
310A000
|
heap
|
page read and write
|
||
|
4518000
|
direct allocation
|
page read and write
|
||
|
48CB000
|
direct allocation
|
page read and write
|
||
|
4928000
|
direct allocation
|
page read and write
|
||
|
48B8000
|
direct allocation
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
4C2D000
|
direct allocation
|
page read and write
|
||
|
D70000
|
direct allocation
|
page execute and read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
48E3000
|
direct allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
4A98000
|
direct allocation
|
page read and write
|
||
|
6C2000
|
unkown
|
page readonly
|
||
|
3180000
|
heap
|
page read and write
|
||
|
48F4000
|
direct allocation
|
page read and write
|
||
|
B6C000
|
stack
|
page read and write
|
||
|
6AC000
|
unkown
|
page write copy
|
||
|
B0C000
|
stack
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
5038000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
B60000
|
direct allocation
|
page execute and read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
4B31000
|
direct allocation
|
page read and write
|
||
|
BFA000
|
heap
|
page read and write
|
||
|
4A0B000
|
direct allocation
|
page read and write
|
||
|
4C61000
|
direct allocation
|
page read and write
|
||
|
6B6000
|
unkown
|
page read and write
|
||
|
FF0000
|
direct allocation
|
page execute and read and write
|
||
|
4828000
|
direct allocation
|
page read and write
|
||
|
6C2000
|
unkown
|
page readonly
|
||
|
6AE000
|
unkown
|
page read and write
|
||
|
4A38000
|
direct allocation
|
page read and write
|
||
|
4838000
|
direct allocation
|
page read and write
|
||
|
34DA000
|
heap
|
page read and write
|
||
|
4871000
|
direct allocation
|
page read and write
|
||
|
48F1000
|
direct allocation
|
page read and write
|
||
|
4FC4000
|
direct allocation
|
page read and write
|
||
|
4BD8000
|
direct allocation
|
page read and write
|
||
|
D4C000
|
stack
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
4AB4000
|
direct allocation
|
page read and write
|
||
|
9FB000
|
direct allocation
|
page read and write
|
||
|
13A2000
|
unkown
|
page write copy
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
A4C000
|
direct allocation
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
6B0000
|
unkown
|
page write copy
|
||
|
48DA000
|
direct allocation
|
page read and write
|
||
|
49D0000
|
heap
|
page read and write
|
||
|
4E28000
|
direct allocation
|
page read and write
|
||
|
4C74000
|
direct allocation
|
page read and write
|
||
|
4CF8000
|
direct allocation
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
4B6C000
|
direct allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
4B2A000
|
direct allocation
|
page read and write
|
||
|
4B48000
|
direct allocation
|
page read and write
|
||
|
338F000
|
stack
|
page read and write
|
||
|
4E0A000
|
direct allocation
|
page read and write
|
||
|
4B70000
|
heap
|
page read and write
|
||
|
2EC000
|
stack
|
page read and write
|
||
|
4E18000
|
direct allocation
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
4BE6000
|
direct allocation
|
page read and write
|
||
|
6A8000
|
unkown
|
page write copy
|
||
|
730000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
348E000
|
stack
|
page read and write
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
4C94000
|
direct allocation
|
page read and write
|
||
|
4FDA000
|
direct allocation
|
page read and write
|
||
|
D7B000
|
stack
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
47ED000
|
direct allocation
|
page read and write
|
||
|
6B1000
|
unkown
|
page read and write
|
||
|
6CB000
|
stack
|
page read and write
|
||
|
2AB000
|
stack
|
page read and write
|
||
|
4C11000
|
direct allocation
|
page read and write
|
||
|
4A78000
|
direct allocation
|
page read and write
|
||
|
4C7B000
|
direct allocation
|
page read and write
|
||
|
4B1B000
|
direct allocation
|
page read and write
|
||
|
DBA000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
48C4000
|
direct allocation
|
page read and write
|
||
|
A18000
|
direct allocation
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
4720000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
48DD000
|
direct allocation
|
page read and write
|
||
|
4A7A000
|
direct allocation
|
page read and write
|
||
|
48AD000
|
direct allocation
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
482D000
|
direct allocation
|
page read and write
|
||
|
4CB8000
|
direct allocation
|
page read and write
|
||
|
4B2A000
|
direct allocation
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
483F000
|
direct allocation
|
page read and write
|
||
|
4FFF000
|
direct allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
4E5A000
|
direct allocation
|
page read and write
|
||
|
486A000
|
direct allocation
|
page read and write
|
||
|
6AC000
|
unkown
|
page write copy
|
||
|
A50000
|
heap
|
page read and write
|
||
|
4B30000
|
heap
|
page read and write
|
||
|
10F1000
|
unkown
|
page execute read
|
||
|
484D000
|
direct allocation
|
page read and write
|
||
|
48BF000
|
direct allocation
|
page read and write
|
||
|
4C91000
|
direct allocation
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
4FE8000
|
direct allocation
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
48C6000
|
direct allocation
|
page read and write
|
||
|
4D31000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
6B0000
|
unkown
|
page write copy
|
||
|
477F000
|
stack
|
page read and write
|
||
|
4E6F000
|
direct allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
4D23000
|
direct allocation
|
page read and write
|
||
|
4E76000
|
direct allocation
|
page read and write
|
||
|
454C000
|
direct allocation
|
page read and write
|
||
|
2DCA000
|
direct allocation
|
page read and write
|
||
|
A36000
|
direct allocation
|
page read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
A11000
|
direct allocation
|
page read and write
|
||
|
4E11000
|
direct allocation
|
page read and write
|
||
|
A68000
|
direct allocation
|
page read and write
|
||
|
4ACA000
|
direct allocation
|
page read and write
|
||
|
6B0000
|
unkown
|
page write copy
|
||
|
4AA6000
|
direct allocation
|
page read and write
|
||
|
F3F000
|
direct allocation
|
page read and write
|
||
|
2D4D000
|
direct allocation
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
48A8000
|
direct allocation
|
page read and write
|
||
|
4A46000
|
direct allocation
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
4E36000
|
direct allocation
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
4B5D000
|
direct allocation
|
page read and write
|
||
|
484D000
|
direct allocation
|
page read and write
|
||
|
4BED000
|
direct allocation
|
page read and write
|
||
|
4906000
|
direct allocation
|
page read and write
|
||
|
4C8D000
|
direct allocation
|
page read and write
|
||
|
F28000
|
direct allocation
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
4863000
|
direct allocation
|
page read and write
|
||
|
3440000
|
direct allocation
|
page execute and read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
4A21000
|
direct allocation
|
page read and write
|
||
|
30EC000
|
stack
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
5006000
|
direct allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
4D38000
|
direct allocation
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
4846000
|
direct allocation
|
page read and write
|
||
|
352A000
|
heap
|
page read and write
|
||
|
55B000
|
stack
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
44DD000
|
direct allocation
|
page read and write
|
||
|
D0B000
|
stack
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
482E000
|
stack
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
4C8A000
|
direct allocation
|
page read and write
|
||
|
315A000
|
heap
|
page read and write
|
||
|
A5A000
|
direct allocation
|
page read and write
|
||
|
4821000
|
direct allocation
|
page read and write
|
||
|
4871000
|
direct allocation
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
4931000
|
direct allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
9BF000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
4C44000
|
direct allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
4CE8000
|
direct allocation
|
page read and write
|
||
|
FE0000
|
direct allocation
|
page execute and read and write
|
||
|
4544000
|
direct allocation
|
page read and write
|
||
|
4A4D000
|
direct allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
4E4A000
|
direct allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
F54000
|
direct allocation
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
BCF000
|
stack
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
481A000
|
direct allocation
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
F5C000
|
direct allocation
|
page read and write
|
||
|
4CC4000
|
direct allocation
|
page read and write
|
||
|
4C98000
|
direct allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
F9F000
|
stack
|
page read and write
|
||
|
5023000
|
direct allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
760000
|
direct allocation
|
page execute and read and write
|
||
|
90B000
|
stack
|
page read and write
|
||
|
2D88000
|
direct allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
2D64000
|
direct allocation
|
page read and write
|
||
|
6B1000
|
unkown
|
page read and write
|
||
|
2D9F000
|
direct allocation
|
page read and write
|
||
|
501C000
|
direct allocation
|
page read and write
|
||
|
4B38000
|
direct allocation
|
page read and write
|
||
|
4804000
|
direct allocation
|
page read and write
|
||
|
305C000
|
stack
|
page read and write
|
||
|
4ACB000
|
direct allocation
|
page read and write
|
||
|
4911000
|
direct allocation
|
page read and write
|
||
|
4E34000
|
direct allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
D4F000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
4C30000
|
heap
|
page read and write
|
||
|
56D000
|
stack
|
page read and write
|
||
|
76B000
|
stack
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
EFF000
|
heap
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
32AE000
|
stack
|
page read and write
|
||
|
F4D000
|
direct allocation
|
page read and write
|
||
|
4AE1000
|
direct allocation
|
page read and write
|
||
|
4846000
|
direct allocation
|
page read and write
|
||
|
F3B000
|
stack
|
page read and write
|
||
|
1397000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3150000
|
heap
|
page read and write
|
||
|
480B000
|
direct allocation
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
4CAA000
|
direct allocation
|
page read and write
|
||
|
E3F000
|
stack
|
page read and write
|
||
|
4863000
|
direct allocation
|
page read and write
|
||
|
F6A000
|
direct allocation
|
page read and write
|
||
|
480B000
|
direct allocation
|
page read and write
|
||
|
4863000
|
direct allocation
|
page read and write
|
||
|
4561000
|
direct allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
4A1A000
|
direct allocation
|
page read and write
|
||
|
4AC4000
|
direct allocation
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
4E61000
|
direct allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
13AF000
|
unkown
|
page write copy
|
||
|
486D000
|
direct allocation
|
page read and write
|
||
|
47ED000
|
direct allocation
|
page read and write
|
||
|
486D000
|
direct allocation
|
page read and write
|
||
|
4828000
|
direct allocation
|
page read and write
|
||
|
6C2000
|
unkown
|
page readonly
|
||
|
FEE000
|
stack
|
page read and write
|
||
|
6C4000
|
unkown
|
page readonly
|
||
|
4CAF000
|
direct allocation
|
page read and write
|
||
|
4CE1000
|
direct allocation
|
page read and write
|
||
|
4B88000
|
direct allocation
|
page read and write
|
||
|
4B4F000
|
direct allocation
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
6BF000
|
unkown
|
page write copy
|
||
|
4DFB000
|
direct allocation
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
C3B000
|
stack
|
page read and write
|
||
|
4BF4000
|
direct allocation
|
page read and write
|
||
|
2D54000
|
direct allocation
|
page read and write
|
||
|
DBC000
|
stack
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
48E3000
|
direct allocation
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
4B06000
|
direct allocation
|
page read and write
|
||
|
4E2F000
|
direct allocation
|
page read and write
|
||
|
F0B000
|
direct allocation
|
page read and write
|
||
|
4878000
|
direct allocation
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
4CDA000
|
direct allocation
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
4D2A000
|
direct allocation
|
page read and write
|
||
|
3240000
|
direct allocation
|
page execute and read and write
|
||
|
1398000
|
unkown
|
page write copy
|
||
|
4DDD000
|
direct allocation
|
page read and write
|
||
|
48B8000
|
direct allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
F7C000
|
stack
|
page read and write
|
||
|
49ED000
|
direct allocation
|
page read and write
|
||
|
32A0000
|
direct allocation
|
page execute and read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
6A0000
|
direct allocation
|
page execute and read and write
|
||
|
C7C000
|
stack
|
page read and write
|
||
|
4C20000
|
direct allocation
|
page execute and read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
343A000
|
heap
|
page read and write
|
||
|
4E51000
|
direct allocation
|
page read and write
|
||
|
4C9C000
|
direct allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
48EA000
|
direct allocation
|
page read and write
|
||
|
F38000
|
direct allocation
|
page read and write
|
||
|
4FF8000
|
direct allocation
|
page read and write
|
||
|
4DF4000
|
direct allocation
|
page read and write
|
||
|
331A000
|
heap
|
page read and write
|
||
|
4CE8000
|
direct allocation
|
page read and write
|
||
|
94C000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
1DE000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
E7B000
|
stack
|
page read and write
|
||
|
48DC000
|
direct allocation
|
page read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
BAC000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page execute and read and write
|
||
|
2D7A000
|
direct allocation
|
page read and write
|
||
|
93C000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
4CCC000
|
direct allocation
|
page read and write
|
||
|
13B2000
|
unkown
|
page readonly
|
||
|
4E3D000
|
direct allocation
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
6C1000
|
unkown
|
page read and write
|
||
|
4CB6000
|
direct allocation
|
page read and write
|
||
|
4936000
|
direct allocation
|
page read and write
|
||
|
E8F000
|
stack
|
page read and write
|
||
|
4C91000
|
direct allocation
|
page read and write
|
||
|
4BA4000
|
direct allocation
|
page read and write
|
||
|
63C000
|
stack
|
page read and write
|
||
|
4BAB000
|
direct allocation
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
4ADA000
|
direct allocation
|
page read and write
|
||
|
320D000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
4C5D000
|
direct allocation
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
47FF000
|
stack
|
page read and write
|
||
|
A0A000
|
direct allocation
|
page read and write
|
||
|
4AF0000
|
heap
|
page read and write
|
||
|
495A000
|
direct allocation
|
page read and write
|
||
|
4C86000
|
direct allocation
|
page read and write
|
||
|
4C5A000
|
direct allocation
|
page read and write
|
||
|
990000
|
direct allocation
|
page execute and read and write
|
||
|
2DD8000
|
direct allocation
|
page read and write
|
||
|
4AB4000
|
direct allocation
|
page read and write
|
||
|
48A8000
|
direct allocation
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
48F8000
|
direct allocation
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
2D81000
|
direct allocation
|
page read and write
|
||
|
4CA3000
|
direct allocation
|
page read and write
|
||
|
4C7F000
|
direct allocation
|
page read and write
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
4961000
|
direct allocation
|
page read and write
|
||
|
491C000
|
direct allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
4A28000
|
direct allocation
|
page read and write
|
||
|
4854000
|
direct allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
4CD3000
|
direct allocation
|
page read and write
|
||
|
6C4000
|
unkown
|
page readonly
|
||
|
A10000
|
heap
|
page read and write
|
||
|
FEE000
|
stack
|
page read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
6C4000
|
unkown
|
page readonly
|
||
|
4AFF000
|
direct allocation
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
A44000
|
direct allocation
|
page read and write
|
||
|
4AD1000
|
direct allocation
|
page read and write
|
||
|
4878000
|
direct allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
485C000
|
direct allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2DC3000
|
direct allocation
|
page read and write
|
||
|
2D98000
|
direct allocation
|
page read and write
|
||
|
6BB000
|
unkown
|
page read and write
|
||
|
4CAD000
|
direct allocation
|
page read and write
|
||
|
4CBD000
|
direct allocation
|
page read and write
|
||
|
4C5D000
|
direct allocation
|
page read and write
|
||
|
4B56000
|
direct allocation
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
48CD000
|
direct allocation
|
page read and write
|
||
|
48F8000
|
direct allocation
|
page read and write
|
||
|
4844000
|
direct allocation
|
page read and write
|
||
|
4CE1000
|
direct allocation
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
4D14000
|
direct allocation
|
page read and write
|
||
|
4BBA000
|
direct allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
2DA6000
|
direct allocation
|
page read and write
|
||
|
321A000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
A3D000
|
direct allocation
|
page read and write
|
||
|
C3B000
|
stack
|
page read and write
|
||
|
4CA8000
|
direct allocation
|
page read and write
|
||
|
F63000
|
direct allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
4923000
|
direct allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
75F000
|
stack
|
page read and write
|
||
|
4CBD000
|
direct allocation
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
4E1D000
|
direct allocation
|
page read and write
|
||
|
4E68000
|
direct allocation
|
page read and write
|
||
|
4CB6000
|
direct allocation
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
4861000
|
direct allocation
|
page read and write
|
||
|
4A63000
|
direct allocation
|
page read and write
|
||
|
4FCB000
|
direct allocation
|
page read and write
|
||
|
4A88000
|
direct allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
950000
|
direct allocation
|
page execute and read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
32AF000
|
stack
|
page read and write
|
||
|
48F0000
|
heap
|
page read and write
|
||
|
485C000
|
direct allocation
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4846000
|
direct allocation
|
page read and write
|
||
|
4B14000
|
direct allocation
|
page read and write
|
||
|
139E000
|
unkown
|
page read and write
|
||
|
4CC4000
|
direct allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
486A000
|
direct allocation
|
page read and write
|
||
|
4B90000
|
heap
|
page read and write
|
||
|
3320000
|
direct allocation
|
page execute and read and write
|
||
|
4CB1000
|
direct allocation
|
page read and write
|
||
|
13A4000
|
unkown
|
page read and write
|
||
|
6BB000
|
unkown
|
page read and write
|
||
|
4C74000
|
direct allocation
|
page read and write
|
||
|
2DB4000
|
direct allocation
|
page read and write
|
||
|
6BF000
|
unkown
|
page write copy
|
||
|
6AE000
|
unkown
|
page read and write
|
||
|
2DAD000
|
direct allocation
|
page read and write
|
||
|
9F4000
|
direct allocation
|
page read and write
|
||
|
48A1000
|
direct allocation
|
page read and write
|
||
|
48D4000
|
direct allocation
|
page read and write
|
||
|
4AD8000
|
direct allocation
|
page read and write
|
||
|
331A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
3DE000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
4CDA000
|
direct allocation
|
page read and write
|
||
|
48DC000
|
direct allocation
|
page read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
58F000
|
stack
|
page read and write
|
||
|
4E53000
|
direct allocation
|
page read and write
|
||
|
4854000
|
direct allocation
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
DDB000
|
stack
|
page read and write
|
||
|
5031000
|
direct allocation
|
page read and write
|
||
|
48CD000
|
direct allocation
|
page read and write
|
||
|
4804000
|
direct allocation
|
page read and write
|
||
|
4B23000
|
direct allocation
|
page read and write
|
||
|
32B0000
|
direct allocation
|
page execute and read and write
|
||
|
48FF000
|
direct allocation
|
page read and write
|
||
|
500D000
|
direct allocation
|
page read and write
|
||
|
4838000
|
direct allocation
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
13AB000
|
unkown
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
4953000
|
direct allocation
|
page read and write
|
||
|
4B38000
|
direct allocation
|
page read and write
|
||
|
4C7B000
|
direct allocation
|
page read and write
|
||
|
6C1000
|
unkown
|
page read and write
|
||
|
88B000
|
stack
|
page read and write
|
||
|
4C4B000
|
direct allocation
|
page read and write
|
||
|
336A000
|
heap
|
page read and write
|
||
|
6AC000
|
unkown
|
page write copy
|
||
|
485C000
|
direct allocation
|
page read and write
|
||
|
4D1C000
|
direct allocation
|
page read and write
|
||
|
4884000
|
direct allocation
|
page read and write
|
||
|
6BB000
|
unkown
|
page read and write
|
||
|
4E7D000
|
direct allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
ACB000
|
stack
|
page read and write
|
||
|
6A9000
|
unkown
|
page read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
4E44000
|
direct allocation
|
page read and write
|
||
|
EAA000
|
heap
|
page read and write
|
||
|
4AF8000
|
direct allocation
|
page read and write
|
||
|
453D000
|
direct allocation
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
492A000
|
direct allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
4BDF000
|
direct allocation
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
3080000
|
direct allocation
|
page execute and read and write
|
||
|
EFB000
|
heap
|
page read and write
|
||
|
F78000
|
direct allocation
|
page read and write
|
||
|
480B000
|
direct allocation
|
page read and write
|
||
|
13B4000
|
unkown
|
page readonly
|
||
|
4C0A000
|
direct allocation
|
page read and write
|
||
|
4B94000
|
direct allocation
|
page read and write
|
||
|
4828000
|
direct allocation
|
page read and write
|
There are 785 hidden memdumps, click here to show them.