Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Grundforbedre39.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\4KM2yMOK9O
|
SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 7, database pages 59, cookie
0x52, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsoA79F.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Skematisering\Fjeldklftens38.bio
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Skematisering\Jannicks.Lev
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Skematisering\Yppigere.Kon
|
GTA audio index data (SDT)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Subfastigiate\Felaheen\Tilbragte\sydhavn\kannevasen.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Vandforsyningers\Fandens\Gaudiest.pre
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Vandforsyningers\Fandens\Undervisningsform.bek
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Vandforsyningers\Fandens\floddeltaets.mar
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Vandforsyningers\Fandens\gagers.rec
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Grundforbedre39.exe
|
C:\Users\user\Desktop\Grundforbedre39.exe
|
|
|
|
C:\Users\user\Desktop\Grundforbedre39.exe
|
C:\Users\user\Desktop\Grundforbedre39.exe
|
|
|
|
C:\Program Files (x86)\ERtdTuDynHEWlexRohovBzgsqckTyNaQESBJWivIAgzOBz\aBVmlEGlXzPgSgzWbUWNbhsRlSOqo.exe
|
"C:\Program Files (x86)\ERtdTuDynHEWlexRohovBzgsqckTyNaQESBJWivIAgzOBz\aBVmlEGlXzPgSgzWbUWNbhsRlSOqo.exe"
|
|
|
|
C:\Windows\SysWOW64\netiougc.exe
|
C:\Windows\SysWOW64\netiougc.exe
|
|
|
|
C:\Program Files (x86)\ERtdTuDynHEWlexRohovBzgsqckTyNaQESBJWivIAgzOBz\aBVmlEGlXzPgSgzWbUWNbhsRlSOqo.exe
|
"C:\Program Files (x86)\ERtdTuDynHEWlexRohovBzgsqckTyNaQESBJWivIAgzOBz\aBVmlEGlXzPgSgzWbUWNbhsRlSOqo.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
C:\Program Files\Mozilla Firefox\Firefox.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.manupaint.com/m9so/?LFPxWlV=m6UyvjwF3oTc9mpt4zzouUyt4wyp2f6ZfkzWWV4sWvW1x6m/mlP+bPsAbLgCLm9kLblRESTeyUV8keP8D1W8Y1T847xmA9ATcClw/k+cOpuPGr7qZ2xBz7I=&OBLTJ=U4yhXH6x-jhX
|
46.30.215.63
|
|
|
|
http://www.wbyzm5.buzz/m9so/
|
172.67.130.3
|
|
|
|
http://www.wbyzm5.buzz/m9so/?LFPxWlV=m/+4sInKRUCBr4G0qRueLBh/JRgfrGd1CLcm3iGGUHJib9fBZO/vQs/EedckMLPR1G/2qi8YD1/iBxsP0/EJoTSgX51ucE1l7Q2MujCVII/KP9Y5kFBINaU=&OBLTJ=U4yhXH6x-jhX
|
172.67.130.3
|
|
|
|
http://www.teenpattimasterapp.org/m9so/
|
84.32.84.32
|
|
|
|
http://www.plainpathproductions.com/m9so/?LFPxWlV=c3dPWH5xU9RuE2iPYX/YJd5aP2cwjKm8nfGtIgIly07Hn5MDdL5huHRSG1wDYayNCeUJMK+qa7csQOwAA/itbsq5+k4WWz6YXZNbnqhrlmQsoR/1yVl4O5E=&OBLTJ=U4yhXH6x-jhX
|
91.195.240.19
|
|
|
|
http://www.manupaint.com/m9so/
|
46.30.215.63
|
|
|
|
http://www.noonartists.com/m9so/?LFPxWlV=9P8aNyK7O05KJ0jKHbPRuL/6tE36LZhqsdPS0VQWTno4TxKFvlSv59XV3DTl0RUh0Aj2hIyEwvndA3yjgkFupZwaxdFmxRojdXOoN+OGLdCgXGIMDQ+6EgE=&OBLTJ=U4yhXH6x-jhX
|
172.67.158.92
|
|
|
|
http://www.alpinebretech.life/m9so/
|
198.177.123.106
|
|
|
|
http://www.feshi.store/m9so/
|
84.32.84.32
|
|
|
|
http://www.meliorras.com/m9so/?LFPxWlV=hV0gUtH6eivuG6a1gtKJKPXk2w7TZurpdSJvAkXahnCKr3ZNP6l/DgROigVMeqNmcpawXvZwG91uaBFQ9vCDEXt4463W6r+4wKZPe4czMIeO7JeDEKZ34NE=&OBLTJ=U4yhXH6x-jhX
|
84.32.84.32
|
|
|
|
http://www.plainpathproductions.com/m9so/
|
91.195.240.19
|
|
|
|
http://www.feshi.store/m9so/?LFPxWlV=1Qsa/7J+srdsR8Dz/ES5S27r13qOWkq23euP4yB+JqRfE/nsbLJ5FW7PdqHJizPjrTq31E4BOQDA72YgssNaoReb8a5kH4cRUYabd93Dw2rUjSskRvR+x9I=&OBLTJ=U4yhXH6x-jhX
|
84.32.84.32
|
|
|
|
http://www.guiguigohost.com/m9so/
|
195.110.124.133
|
|
|
|
http://www.cyberpsychsecurity.com/m9so/
|
217.70.184.50
|
|
|
|
http://www.alpinebretech.life/m9so/?LFPxWlV=tjvw02avMThAA8QJc7LpbKc0nVcyZYwiX1IZCpHHMcL/Cok/Fa8Xeiv0sI0YHyzKdXCYczJiWU6WICcQRxIhuBT/mPwaKCG7CcvbddJeMhWanndbuRu1+zE=&OBLTJ=U4yhXH6x-jhX
|
198.177.123.106
|
|
|
|
http://www.cyberpsychsecurity.com/m9so/?LFPxWlV=jovxqEZjMvfd7zz2mTvvE1OonaQx4w6Z/02MEDusjhfET0PBGFNNsERdDgiHq90zA+FiNHbHunAjmlnnTBHWzyxLPlfgZ5XyFdT5RHsnhVfKl1JVA017Cgw=&OBLTJ=U4yhXH6x-jhX
|
217.70.184.50
|
|
|
|
http://www.meliorras.com/m9so/
|
84.32.84.32
|
|
|
|
http://www.teenpattimasterapp.org/m9so/?LFPxWlV=Jw+Ed+ZUGSr/+oJmj9kqbUJ4ViEG6A6UoqQX6gR3ieyHczkITEu4GAJNfTznjio58VSbv2GXL5IQ0LBvochodTMqi4TIQu8e5uWV6iD6Y5Xd5nwlY+1LHT8=&OBLTJ=U4yhXH6x-jhX
|
84.32.84.32
|
|
|
|
http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
|
unknown
|
||
|
http://www.gopher.ftp://ftp.
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://drive.google.com/U
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
||
|
http://www.quovadis.bm0
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
feshi.store
|
84.32.84.32
|
|
|
|
www.noonartists.com
|
172.67.158.92
|
|
|
|
guiguigohost.com
|
195.110.124.133
|
|
|
|
www.alpinebretech.life
|
198.177.123.106
|
|
|
|
www.manupaint.com
|
46.30.215.63
|
|
|
|
teenpattimasterapp.org
|
84.32.84.32
|
|
|
|
www.wbyzm5.buzz
|
172.67.130.3
|
|
|
|
meliorras.com
|
84.32.84.32
|
|
|
|
www.tyc8099a.com
|
unknown
|
|
|
|
www.feshi.store
|
unknown
|
|
|
|
www.teenpattimasterapp.org
|
unknown
|
|
|
|
www.cyberpsychsecurity.com
|
unknown
|
|
|
|
www.meliorras.com
|
unknown
|
|
|
|
www.plainpathproductions.com
|
unknown
|
|
|
|
www.spazisostenibili.org
|
unknown
|
|
|
|
www.alwaysgaia.com
|
unknown
|
|
|
|
www.foundationtest.site
|
unknown
|
|
|
|
www.guiguigohost.com
|
unknown
|
|
|
|
www.getworthiness.com
|
unknown
|
|
|
|
webredir.vip.gandi.net
|
217.70.184.50
|
||
|
parkingpage.namecheap.com
|
91.195.240.19
|
||
|
drive.usercontent.google.com
|
142.250.65.161
|
||
|
www.t3c1srf.site
|
156.232.32.175
|
||
|
0dc4ed.qsnode301.com
|
192.151.224.197
|
||
|
drive.google.com
|
142.251.41.14
|
There are 15 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.158.92
|
www.noonartists.com
|
United States
|
|
|
|
195.110.124.133
|
guiguigohost.com
|
Italy
|
|
|
|
198.177.123.106
|
www.alpinebretech.life
|
United States
|
|
|
|
46.30.215.63
|
www.manupaint.com
|
Denmark
|
|
|
|
84.32.84.32
|
feshi.store
|
Lithuania
|
|
|
|
172.67.130.3
|
www.wbyzm5.buzz
|
United States
|
|
|
|
142.251.41.14
|
drive.google.com
|
United States
|
||
|
142.250.65.161
|
drive.usercontent.google.com
|
United States
|
||
|
217.70.184.50
|
webredir.vip.gandi.net
|
France
|
||
|
192.151.224.197
|
0dc4ed.qsnode301.com
|
United States
|
||
|
91.195.240.19
|
parkingpage.namecheap.com
|
Germany
|
||
|
156.232.32.175
|
www.t3c1srf.site
|
Seychelles
|
There are 2 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Smaajusteringer135\Uninstall\skinnier\etymologicon
|
Skgstubben57
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Calendar\W32
|
Setup
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Explotable58\centralkomitfoen\etageboliger\tattooment
|
Aiguen
|
||
|
HKEY_CURRENT_USER\SOFTWARE\grevinden\arrieregardernes
|
aristarchies
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Frivolities\befingret\pneumonolithiasis\Theloncus81\cirkusbillet\gamlingene\Rastendes
|
dungyard
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\cydonia\Uninstall\kronprinsesse\Toldfogeder\ndstilflde\Prepenetration234\preinterference\dragendes
|
Skogrendes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
There are 1 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
E30000
|
system
|
page execute and read and write
|
|
|
|
785E000
|
direct allocation
|
page execute and read and write
|
|
|
|
4A0000
|
system
|
page execute and read and write
|
|
|
|
4CA0000
|
unkown
|
page execute and read and write
|
|
|
|
38030000
|
unclassified section
|
page execute and read and write
|
|
|
|
2B60000
|
trusted library allocation
|
page read and write
|
|
|
|
2B10000
|
trusted library allocation
|
page read and write
|
|
|
|
351C0000
|
unclassified section
|
page execute and read and write
|
|
|
|
7E0000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
29E8000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
7960000
|
heap
|
page read and write
|
||
|
33F0000
|
direct allocation
|
page read and write
|
||
|
29AC000
|
heap
|
page read and write
|
||
|
34D4D000
|
stack
|
page read and write
|
||
|
34FB0000
|
remote allocation
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2B23000
|
unkown
|
page read and write
|
||
|
A51000
|
unkown
|
page execute read
|
||
|
649000
|
unkown
|
page execute read
|
||
|
2841000
|
heap
|
page read and write
|
||
|
294C000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
534E000
|
stack
|
page read and write
|
||
|
2957000
|
heap
|
page read and write
|
||
|
2951000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
21DE000
|
remote allocation
|
page execute and read and write
|
||
|
2099E908000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
F02000
|
system
|
page execute and read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
34840000
|
direct allocation
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2956000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
531F000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7954000
|
heap
|
page read and write
|
||
|
A5E000
|
unkown
|
page readonly
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2099EAB4000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
69D000
|
heap
|
page read and write
|
||
|
5390000
|
heap
|
page read and write
|
||
|
2320000
|
unkown
|
page readonly
|
||
|
A65000
|
unkown
|
page read and write
|
||
|
A5E000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
79CB000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
29BF000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
348B0000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
34860000
|
direct allocation
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
31D4000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page read and write
|
||
|
D38000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
465000
|
unkown
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
79E1000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
34F8000
|
unkown
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
2099EAAE000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
34FEE000
|
stack
|
page read and write
|
||
|
A51000
|
unkown
|
page execute read
|
||
|
467000
|
unkown
|
page readonly
|
||
|
30000
|
heap
|
page read and write
|
||
|
2A38000
|
heap
|
page read and write
|
||
|
2099CC90000
|
system
|
page execute and read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
1D294000
|
system
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
1CC88000
|
system
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
9C4000
|
heap
|
page read and write
|
||
|
525A000
|
heap
|
page read and write
|
||
|
2FE9000
|
direct allocation
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
1CBD2000
|
system
|
page read and write
|
||
|
34880000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
A5E000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2099CF26000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
7C0000
|
trusted library allocation
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
3A80000
|
heap
|
page read and write
|
||
|
2851000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
32D2000
|
unclassified section
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
2099CE90000
|
heap
|
page read and write
|
||
|
EE6000
|
system
|
page execute and read and write
|
||
|
7AA000
|
stack
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1D1000
|
unkown
|
page readonly
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
79D3000
|
heap
|
page read and write
|
||
|
3CD2000
|
unkown
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
79EC000
|
heap
|
page read and write
|
||
|
C10000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2099CF0A000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2956000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
52A3000
|
heap
|
page read and write
|
||
|
5185000
|
heap
|
page read and write
|
||
|
52A3000
|
heap
|
page read and write
|
||
|
7A70000
|
heap
|
page read and write
|
||
|
2957000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3400000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6D4000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
38118000
|
unclassified section
|
page execute and read and write
|
||
|
2BDE000
|
remote allocation
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5062000
|
unclassified section
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
unkown
|
page readonly
|
||
|
525D000
|
heap
|
page read and write
|
||
|
32C8000
|
unclassified section
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2099D100000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
3502F000
|
stack
|
page read and write
|
||
|
35609000
|
direct allocation
|
page execute and read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
295F000
|
heap
|
page read and write
|
||
|
2FED000
|
direct allocation
|
page execute and read and write
|
||
|
B7C000
|
stack
|
page read and write
|
||
|
1D1000
|
unkown
|
page readonly
|
||
|
467000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
354E0000
|
direct allocation
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
368A000
|
unkown
|
page read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
407000
|
unkown
|
page readonly
|
||
|
9C4000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
318C000
|
direct allocation
|
page execute and read and write
|
||
|
2D1B000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
1500000
|
unkown
|
page readonly
|
||
|
43D2000
|
unclassified section
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
EF6000
|
system
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2099E902000
|
trusted library allocation
|
page read and write
|
||
|
298B000
|
heap
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
6E5E000
|
direct allocation
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
34E0E000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
295A000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3F1C000
|
unclassified section
|
page read and write
|
||
|
13A000
|
stack
|
page read and write
|
||
|
52AB000
|
heap
|
page read and write
|
||
|
29A7000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
D62000
|
heap
|
page read and write
|
||
|
A67000
|
unkown
|
page readonly
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3BF8000
|
unclassified section
|
page read and write
|
||
|
35180000
|
direct allocation
|
page read and write
|
||
|
33E0000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
3212000
|
unclassified section
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5248000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
2957000
|
heap
|
page read and write
|
||
|
35180000
|
direct allocation
|
page read and write
|
||
|
2DEC000
|
unkown
|
page read and write
|
||
|
4BAC000
|
unclassified section
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
BBC000
|
unkown
|
page read and write
|
||
|
295D000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
38187000
|
unclassified section
|
page execute and read and write
|
||
|
36C30000
|
unclassified section
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
22FE000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
A67000
|
unkown
|
page readonly
|
||
|
6B4000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
EEE000
|
system
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2099CF32000
|
heap
|
page read and write
|
||
|
7966000
|
heap
|
page read and write
|
||
|
525A000
|
heap
|
page read and write
|
||
|
3420000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2950000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
71A000
|
heap
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
5223000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
51D8000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page read and write
|
||
|
295D000
|
heap
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
4DF7000
|
unkown
|
page execute and read and write
|
||
|
43B000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
79A7000
|
heap
|
page read and write
|
||
|
38D4000
|
unclassified section
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
24A0000
|
unkown
|
page execute and read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
36230000
|
unclassified section
|
page execute and read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3FDE000
|
remote allocation
|
page execute and read and write
|
||
|
7FCE000
|
stack
|
page read and write
|
||
|
2099CC40000
|
system
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7A60000
|
trusted library allocation
|
page read and write
|
||
|
2099E919000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2EC0000
|
direct allocation
|
page execute and read and write
|
||
|
6E0000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
351C0000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
357AC000
|
direct allocation
|
page execute and read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
B7C000
|
stack
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
4ED0000
|
unclassified section
|
page read and write
|
||
|
799C000
|
heap
|
page read and write
|
||
|
5A5E000
|
direct allocation
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
33D0000
|
direct allocation
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
3B7C000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
29E2000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
D0000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
348A0000
|
direct allocation
|
page read and write
|
||
|
2099E90E000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
33A0000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
EDE000
|
system
|
page execute and read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
7993000
|
heap
|
page read and write
|
||
|
332C000
|
unclassified section
|
page read and write
|
||
|
6C30000
|
direct allocation
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
809E000
|
heap
|
page read and write
|
||
|
35DE000
|
remote allocation
|
page execute and read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
6E0000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
381C000
|
unkown
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
F05000
|
system
|
page execute and read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
5251000
|
heap
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
2099CE20000
|
heap
|
page read and write
|
||
|
34F4F000
|
stack
|
page read and write
|
||
|
42A0000
|
unkown
|
page execute and read and write
|
||
|
49DE000
|
remote allocation
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
44AC000
|
unkown
|
page read and write
|
||
|
538F000
|
stack
|
page read and write
|
||
|
295D000
|
heap
|
page read and write
|
||
|
5251000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
4EE0000
|
direct allocation
|
page execute and read and write
|
||
|
295E000
|
heap
|
page read and write
|
||
|
5470000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
294E000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
525D000
|
heap
|
page read and write
|
||
|
C36000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3190000
|
direct allocation
|
page execute and read and write
|
||
|
47D0000
|
unkown
|
page read and write
|
||
|
3560D000
|
direct allocation
|
page execute and read and write
|
||
|
34D0E000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
2BC8000
|
unkown
|
page read and write
|
||
|
2405000
|
heap
|
page read and write
|
||
|
46F6000
|
unclassified section
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
86F000
|
stack
|
page read and write
|
||
|
5F30000
|
trusted library allocation
|
page read and write
|
||
|
2957000
|
heap
|
page read and write
|
||
|
80A4000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
352A9000
|
heap
|
page read and write
|
||
|
34850000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
35460000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
528B000
|
heap
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
2BD2000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
34870000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
528B000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2099CF00000
|
heap
|
page read and write
|
||
|
2EA0000
|
unkown
|
page execute and read and write
|
||
|
2948000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2A1E000
|
heap
|
page read and write
|
||
|
2099EA00000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
1CC92000
|
system
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6B4000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
528B000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page read and write
|
||
|
29B8000
|
heap
|
page read and write
|
||
|
3C7C000
|
stack
|
page read and write
|
||
|
505E000
|
direct allocation
|
page execute and read and write
|
||
|
A51000
|
unkown
|
page execute read
|
||
|
30000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
A67000
|
unkown
|
page readonly
|
||
|
528B000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
5219000
|
heap
|
page read and write
|
||
|
D0000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
79A3000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
800F000
|
stack
|
page read and write
|
||
|
803F000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
57F7000
|
unkown
|
page execute and read and write
|
||
|
351C0000
|
direct allocation
|
page read and write
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7AA000
|
stack
|
page read and write
|
||
|
34E60000
|
heap
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
10DC000
|
unkown
|
page read and write
|
||
|
4962000
|
unkown
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
35830000
|
unclassified section
|
page execute and read and write
|
||
|
2B12000
|
unkown
|
page read and write
|
||
|
7972000
|
heap
|
page read and write
|
||
|
34890000
|
direct allocation
|
page read and write
|
||
|
79E4000
|
heap
|
page read and write
|
||
|
29CB000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7AFE000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
5258000
|
heap
|
page read and write
|
||
|
2A14000
|
heap
|
page read and write
|
||
|
34C8F000
|
stack
|
page read and write
|
||
|
F70000
|
unkown
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
528B000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2953000
|
heap
|
page read and write
|
||
|
2951000
|
heap
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
A51000
|
unkown
|
page execute read
|
||
|
33B0000
|
direct allocation
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2099E720000
|
trusted library allocation
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
79C1000
|
heap
|
page read and write
|
||
|
5229000
|
heap
|
page read and write
|
||
|
EFE000
|
system
|
page execute and read and write
|
||
|
52A3000
|
heap
|
page read and write
|
||
|
34EC000
|
unclassified section
|
page read and write
|
||
|
F59000
|
system
|
page execute and read and write
|
||
|
2953000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
34F0E000
|
stack
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
528B000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
4888000
|
unclassified section
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2A0D000
|
heap
|
page read and write
|
||
|
EDC000
|
system
|
page execute and read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
528B000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
796A000
|
heap
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2099CBD0000
|
heap
|
page read and write
|
||
|
34D8D000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
3390000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3D8A000
|
unclassified section
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
29EE000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
34E4F000
|
stack
|
page read and write
|
||
|
2099E800000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
unkown
|
page readonly
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
79D7000
|
heap
|
page read and write
|
||
|
467000
|
unkown
|
page readonly
|
||
|
2099E91C000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2A41000
|
heap
|
page read and write
|
||
|
6377FFE000
|
stack
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
38A0000
|
unkown
|
page execute and read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
5258000
|
heap
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
2099CF34000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3FF6000
|
unkown
|
page read and write
|
||
|
5258000
|
heap
|
page read and write
|
||
|
34C4E000
|
stack
|
page read and write
|
||
|
2E48000
|
heap
|
page read and write
|
||
|
645E000
|
direct allocation
|
page execute and read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
63787FE000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6B4000
|
heap
|
page read and write
|
||
|
34CCE000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
A65000
|
unkown
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
C20000
|
unkown
|
page read and write
|
||
|
C10000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5251000
|
heap
|
page read and write
|
||
|
2955000
|
heap
|
page read and write
|
||
|
2957000
|
heap
|
page read and write
|
||
|
4188000
|
unkown
|
page read and write
|
||
|
1500000
|
unkown
|
page readonly
|
||
|
2320000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
478000
|
stack
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
5187000
|
heap
|
page read and write
|
||
|
3517D000
|
stack
|
page read and write
|
||
|
37630000
|
unclassified section
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5241000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
294C000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
357B0000
|
direct allocation
|
page execute and read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
63777FD000
|
stack
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
A65000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3545C000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
421000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
A5E000
|
unkown
|
page readonly
|
||
|
825E000
|
direct allocation
|
page execute and read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
6CC000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7A0A000
|
heap
|
page read and write
|
||
|
2C2C000
|
unkown
|
page read and write
|
||
|
35186000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
A65000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6D0000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
79F5000
|
heap
|
page read and write
|
||
|
2A2B000
|
heap
|
page read and write
|
||
|
796F000
|
heap
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
7ABE000
|
stack
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5248000
|
heap
|
page read and write
|
||
|
2958000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2099EAA4000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
4D88000
|
unkown
|
page execute and read and write
|
||
|
2B6B000
|
heap
|
page read and write
|
||
|
2099CF16000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
525D000
|
heap
|
page read and write
|
||
|
5251000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
34FB0000
|
remote allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
294F000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2993000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page read and write
|
||
|
525A000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7F1000
|
unkown
|
page readonly
|
||
|
180000
|
unkown
|
page readonly
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7F1000
|
unkown
|
page readonly
|
||
|
79AD000
|
heap
|
page read and write
|
||
|
2B12000
|
unkown
|
page read and write
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
52AB000
|
heap
|
page read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
17DE000
|
remote allocation
|
page execute and read and write
|
||
|
29B5000
|
heap
|
page read and write
|
||
|
6378FFF000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
2950000
|
unkown
|
page read and write
|
||
|
2DEC000
|
unkown
|
page read and write
|
||
|
284F000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
351C0000
|
direct allocation
|
page read and write
|
||
|
544F000
|
stack
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
5248000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
D38000
|
heap
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
424000
|
unkown
|
page read and write
|
||
|
7B3D000
|
stack
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
3430000
|
direct allocation
|
page read and write
|
||
|
70B000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
96F000
|
unkown
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
6376FFB000
|
stack
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
1CEAC000
|
system
|
page read and write
|
||
|
2C8E000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
528B000
|
heap
|
page read and write
|
||
|
525D000
|
heap
|
page read and write
|
||
|
34FB0000
|
remote allocation
|
page read and write
|
||
|
2A14000
|
heap
|
page read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
A67000
|
unkown
|
page readonly
|
||
|
6D0000
|
unkown
|
page readonly
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3410000
|
direct allocation
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
79F8000
|
heap
|
page read and write
|
||
|
3507C000
|
stack
|
page read and write
|
||
|
C20000
|
unkown
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3223000
|
unclassified section
|
page read and write
|
||
|
295D000
|
heap
|
page read and write
|
||
|
35333000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
23E0000
|
direct allocation
|
page read and write
|
||
|
A00000
|
unkown
|
page read and write
|
||
|
2099E720000
|
trusted library allocation
|
page read and write
|
||
|
2099E900000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
13A000
|
stack
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
294E000
|
heap
|
page read and write
|
||
|
2A20000
|
unkown
|
page readonly
|
There are 829 hidden memdumps, click here to show them.