Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
cuenta para pago1.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\-49-u729
|
SQLite 3.x database, last written using SQLite version 3041002, page size 2048, file counter 3, database pages 92, cookie
0x3a, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsqE113.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Afsvkningers148\Grundstddene\Hypertragically\Gaudiest.pre
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Laver46\Fjeldklftens38.bio
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Laver46\Paunchful.Tau
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Roadhouses.Sem74
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Spidsgattedes\Pushwainling\Bimbashi\Undervisningsform.bek
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Spidsgattedes\Pushwainling\Bimbashi\floddeltaets.mar
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Spidsgattedes\Pushwainling\Bimbashi\gagers.rec
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Afskrkkelsesvaabnet84\Fodboldenke\biltyven\Spidsgattedes\Pushwainling\Bimbashi\kannevasen.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\cuenta para pago1.exe
|
C:\Users\user\Desktop\cuenta para pago1.exe
|
|
|
|
C:\Users\user\Desktop\cuenta para pago1.exe
|
C:\Users\user\Desktop\cuenta para pago1.exe
|
|
|
|
C:\Program Files (x86)\xWRDBjNurNxAHXPmPUzJfASReCWRqOHlLKYYBZzCUvQGolgpFHtbZtyYBPNPuKZHFpMIT\YRrrNrIQCTKNXVoSiuJzTSdqxJTSo.exe
|
"C:\Program Files (x86)\xWRDBjNurNxAHXPmPUzJfASReCWRqOHlLKYYBZzCUvQGolgpFHtbZtyYBPNPuKZHFpMIT\YRrrNrIQCTKNXVoSiuJzTSdqxJTSo.exe"
|
|
|
|
C:\Windows\SysWOW64\rasautou.exe
|
C:\Windows\SysWOW64\rasautou.exe
|
|
|
|
C:\Program Files (x86)\xWRDBjNurNxAHXPmPUzJfASReCWRqOHlLKYYBZzCUvQGolgpFHtbZtyYBPNPuKZHFpMIT\YRrrNrIQCTKNXVoSiuJzTSdqxJTSo.exe
|
"C:\Program Files (x86)\xWRDBjNurNxAHXPmPUzJfASReCWRqOHlLKYYBZzCUvQGolgpFHtbZtyYBPNPuKZHFpMIT\YRrrNrIQCTKNXVoSiuJzTSdqxJTSo.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
C:\Program Files\Mozilla Firefox\Firefox.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.dreadbed.com/v3ka/
|
198.54.117.242
|
|
|
|
http://www.globalworld-travel.com/v3ka/?c4qx7JIP=FpC4ctUTedBaFzLAmx5OBNlXlmn8zXWsfuWaCxk5g1trlxnFx7v6dtr2+OePcWisPCE1uISKUROI1tM11v9REV8vlVyrWAjZBU/BkE4yHxOZw90SexyJFP0=&K4W=bb2HuFjPIN
|
109.234.166.81
|
|
|
|
http://www.xiefly.shop/v3ka/
|
82.180.172.14
|
|
|
|
http://www.wbyzm5.buzz/v3ka/?c4qx7JIP=5DSEd0ATp85KgzdrFCdxbLJep/S6iKShPg/Ik1pbcxCGQNrpEtjfCeVcF04T3qlunhYKINQJ6NoaGwxZUUZob6VNNlK6Td1e1fYChuA8Yf+ZyRKX9C6Zn4U=&K4W=bb2HuFjPIN
|
172.67.130.3
|
|
|
|
http://www.kmyangjia.com/v3ka/
|
103.146.179.172
|
|
|
|
http://www.kmyangjia.com/v3ka/?c4qx7JIP=TQDhdygg/6k1FrT3duJj1OYD3+fr21m2MLjtTeKUejKDGRun2D/B3i3kqoFCSoO3Pw/E65XWfWwoO6YHx8j54r/FSG1v4bIQ+pjQtA18fUYdL5hShFxGKN0=&K4W=bb2HuFjPIN
|
103.146.179.172
|
|
|
|
http://www.b-r-consulting.ch/v3ka/
|
194.191.24.38
|
|
|
|
http://www.teenpattimasterapp.org/v3ka/?c4qx7JIP=si7FLVHJ8iWuYVaGSkvjNM53tbCy++USJ5em8DLLO2leI9d5bok8bcXzE4IwU2K08OGpdZcld0QPM+bL/KkbuGKMc/2hsM2YOWzLfNROmTcvWRWJJAUk/s4=&K4W=bb2HuFjPIN
|
84.32.84.32
|
|
|
|
http://www.clarycyber.com/v3ka/
|
62.149.128.45
|
|
|
|
http://www.mvmusicfactory.org/v3ka/
|
91.195.240.19
|
|
|
|
http://www.b-r-consulting.ch/v3ka/?c4qx7JIP=bbTJsjbns1egJ9JPkt58MNAjZkRhgchDkV02q5vokHm6S8Qgk9c4A4/rVALt8kpaWPL/RyZRbRAxNoIAik6Ahn7XchDP755TKRWw96XVZ2F1n8YO16SVy/I=&K4W=bb2HuFjPIN
|
194.191.24.38
|
|
|
|
http://www.wbyzm5.buzz/v3ka/
|
172.67.130.3
|
|
|
|
http://www.xiefly.shop/v3ka/?c4qx7JIP=dNjCJvlouN0lJiHjmW6o9laKqXafrGVThPe+fRU03jlQNeIZZXj0HZnF0wYmB7+6kDtWMlD6FZc6rz3hPOSCoZPNCiuZ/LMstJjl/Jmg62t+iuZuHiG5vvg=&K4W=bb2HuFjPIN
|
82.180.172.14
|
|
|
|
http://www.clarycyber.com/v3ka/?c4qx7JIP=J4AzjciiJVojUGFuzrYbXLmTAhGMI5W/z8Zu4GWgm/9FzWPCzEiuTS1rwMX9pE5r2vC14B8Wx1zW9w/trsCTKSg2AEld6ylXwESzvlSrq/FwhsHRtw64/YA=&K4W=bb2HuFjPIN
|
62.149.128.45
|
|
|
|
http://www.stellerechoes.xyz/v3ka/?c4qx7JIP=GFfLE978cTjgJhl6jgUZbEhmCeB5iD6iCpjaC2ljIm715WZCCh3yMSG+VpY2eWrvhd9eQ+mGyZHjkiS2WPxVQ0dW/wG4u7YMAwOv3hEtYSzM6b6AuWOV5s4=&K4W=bb2HuFjPIN
|
198.177.123.106
|
|
|
|
http://www.globalworld-travel.com/v3ka/
|
109.234.166.81
|
|
|
|
http://www.stellerechoes.xyz/v3ka/
|
198.177.123.106
|
|
|
|
http://www.teenpattimasterapp.org/v3ka/
|
84.32.84.32
|
|
|
|
http://www.mvmusicfactory.org/v3ka/?c4qx7JIP=svB+aVl3D/Qs3yYm3uEZx4nnJil+hT1lh9v7sh/m91IvNeiskalMkbjGhLmhKb4ZrcP91hx+1jPTfxZ9U4bWGVnRMNWmuwE3Nqa36DGpX5UBaKLpwaX6qds=&K4W=bb2HuFjPIN
|
91.195.240.19
|
|
|
|
http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
|
unknown
|
||
|
http://www.gopher.ftp://ftp.
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xiefly.shop
|
82.180.172.14
|
|
|
|
www.stellerechoes.xyz
|
198.177.123.106
|
|
|
|
clarycyber.com
|
62.149.128.45
|
|
|
|
www.dreadbed.com
|
198.54.117.242
|
|
|
|
www.b-r-consulting.ch
|
194.191.24.38
|
|
|
|
cname.x172.zbwdj.com
|
103.146.179.172
|
|
|
|
globalworld-travel.com
|
109.234.166.81
|
|
|
|
www.wbyzm5.buzz
|
172.67.130.3
|
|
|
|
teenpattimasterapp.org
|
84.32.84.32
|
|
|
|
www.xiefly.shop
|
unknown
|
|
|
|
www.artcitytheatre.com
|
unknown
|
|
|
|
www.kmyangjia.com
|
unknown
|
|
|
|
www.teenpattimasterapp.org
|
unknown
|
|
|
|
www.p65cq675did.shop
|
unknown
|
|
|
|
www.clarycyber.com
|
unknown
|
|
|
|
www.globalworld-travel.com
|
unknown
|
|
|
|
www.mvmusicfactory.org
|
unknown
|
|
|
|
www.midwestnationalflying.com
|
unknown
|
|
|
|
www.sengogkaffe.info
|
unknown
|
|
|
|
www.mehr-neukunden.online
|
unknown
|
|
|
|
parkingpage.namecheap.com
|
91.195.240.19
|
||
|
drive.usercontent.google.com
|
142.251.41.1
|
||
|
www.t3c1srf.site
|
156.232.32.175
|
||
|
k2-ld.wakak1.shop
|
154.39.248.133
|
||
|
drive.google.com
|
142.250.65.174
|
There are 15 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
194.191.24.38
|
www.b-r-consulting.ch
|
Switzerland
|
|
|
|
84.32.84.32
|
teenpattimasterapp.org
|
Lithuania
|
|
|
|
103.146.179.172
|
cname.x172.zbwdj.com
|
unknown
|
|
|
|
172.67.130.3
|
www.wbyzm5.buzz
|
United States
|
|
|
|
82.180.172.14
|
xiefly.shop
|
Denmark
|
|
|
|
198.177.123.106
|
www.stellerechoes.xyz
|
United States
|
|
|
|
109.234.166.81
|
globalworld-travel.com
|
France
|
|
|
|
198.54.117.242
|
www.dreadbed.com
|
United States
|
|
|
|
62.149.128.45
|
clarycyber.com
|
Italy
|
|
|
|
142.251.41.1
|
drive.usercontent.google.com
|
United States
|
||
|
142.250.65.174
|
drive.google.com
|
United States
|
||
|
156.232.32.175
|
www.t3c1srf.site
|
Seychelles
|
||
|
91.195.240.19
|
parkingpage.namecheap.com
|
Germany
|
||
|
154.39.248.133
|
k2-ld.wakak1.shop
|
United States
|
||
|
154.55.135.138
|
unknown
|
United States
|
There are 5 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Smaajusteringer135\Uninstall\skinnier\etymologicon
|
Skgstubben57
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Calendar\W32
|
Setup
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Explotable58\centralkomitfoen\etageboliger\tattooment
|
Aiguen
|
||
|
HKEY_CURRENT_USER\SOFTWARE\grevinden\arrieregardernes
|
aristarchies
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Frivolities\befingret\pneumonolithiasis\Theloncus81\cirkusbillet\gamlingene\Rastendes
|
dungyard
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\cydonia\Uninstall\kronprinsesse\Toldfogeder\ndstilflde\Prepenetration234\preinterference\dragendes
|
Skogrendes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Mapping
|
txt
|
There are 1 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2DA0000
|
system
|
page execute and read and write
|
|
|
|
1794000
|
remote allocation
|
page execute and read and write
|
|
|
|
34BE0000
|
unclassified section
|
page execute and read and write
|
|
|
|
4E10000
|
trusted library allocation
|
page read and write
|
|
|
|
34570000
|
unclassified section
|
page execute and read and write
|
|
|
|
4F84000
|
direct allocation
|
page execute and read and write
|
|
|
|
4E50000
|
trusted library allocation
|
page read and write
|
|
|
|
15C0000
|
system
|
page execute and read and write
|
|
|
|
26D0000
|
unkown
|
page execute and read and write
|
|
|
|
2584000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
81BB000
|
stack
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
2690000
|
unkown
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
88C0000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
34EC000
|
unkown
|
page read and write
|
||
|
3F94000
|
remote allocation
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
8912000
|
heap
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
10A0000
|
unkown
|
page read and write
|
||
|
30B2000
|
heap
|
page read and write
|
||
|
E0E000
|
unkown
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4688000
|
heap
|
page read and write
|
||
|
45AE000
|
stack
|
page read and write
|
||
|
30C0000
|
unkown
|
page readonly
|
||
|
E0E000
|
unkown
|
page readonly
|
||
|
390000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
826000
|
heap
|
page read and write
|
||
|
46F8000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
3426F000
|
stack
|
page read and write
|
||
|
E17000
|
unkown
|
page readonly
|
||
|
27FF000
|
stack
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
1C91000
|
unkown
|
page readonly
|
||
|
53F3000
|
unclassified section
|
page read and write
|
||
|
30D2000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
311F000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4610000
|
direct allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
318D000
|
stack
|
page read and write
|
||
|
4620000
|
heap
|
page read and write
|
||
|
4600000
|
direct allocation
|
page read and write
|
||
|
454F000
|
stack
|
page read and write
|
||
|
46A1000
|
heap
|
page read and write
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
467000
|
unkown
|
page readonly
|
||
|
3BEC000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
34570000
|
direct allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
8908000
|
heap
|
page read and write
|
||
|
1900000
|
unkown
|
page readonly
|
||
|
342BE000
|
stack
|
page read and write
|
||
|
46A4000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
2899C000
|
system
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
3126000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
890D000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
4910000
|
direct allocation
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
2D2B000
|
stack
|
page read and write
|
||
|
1610000
|
system
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
53E2000
|
unclassified section
|
page read and write
|
||
|
E15000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4688000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3270000
|
direct allocation
|
page read and write
|
||
|
48AF000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3240000
|
direct allocation
|
page read and write
|
||
|
4888000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
2903000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
31A4000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4691000
|
heap
|
page read and write
|
||
|
F8A000
|
stack
|
page read and write
|
||
|
8AD0000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
33F6000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
4688000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
5330000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
9E1000
|
unkown
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
34810000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46F8000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
2A63000
|
unkown
|
page execute and read and write
|
||
|
1300000
|
unkown
|
page read and write
|
||
|
23D0000
|
unkown
|
page readonly
|
||
|
43D2000
|
unkown
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
2909000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
88DD000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
48C0000
|
direct allocation
|
page read and write
|
||
|
4BAC000
|
unkown
|
page read and write
|
||
|
9A0000
|
unkown
|
page read and write
|
||
|
FC0000
|
unkown
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
30C0000
|
unkown
|
page readonly
|
||
|
469A000
|
heap
|
page read and write
|
||
|
3220000
|
direct allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
286D3000
|
system
|
page read and write
|
||
|
88DF000
|
heap
|
page read and write
|
||
|
9A0000
|
unkown
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
31C0000
|
unkown
|
page read and write
|
||
|
2955E000
|
system
|
page read and write
|
||
|
48F0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
A14000
|
heap
|
page read and write
|
||
|
891A000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
486E000
|
stack
|
page read and write
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
56BC000
|
unclassified section
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
34570000
|
direct allocation
|
page read and write
|
||
|
46A4000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
CDCE7FD000
|
stack
|
page read and write
|
||
|
35973000
|
unclassified section
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
E17000
|
unkown
|
page readonly
|
||
|
814000
|
heap
|
page read and write
|
||
|
88D2000
|
heap
|
page read and write
|
||
|
4691000
|
heap
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4703000
|
heap
|
page read and write
|
||
|
30D2000
|
heap
|
page read and write
|
||
|
468E000
|
heap
|
page read and write
|
||
|
34F73000
|
unclassified section
|
page execute and read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
31A4000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4EA5000
|
heap
|
page read and write
|
||
|
424000
|
unkown
|
page read and write
|
||
|
469A000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3212000
|
unkown
|
page read and write
|
||
|
332C000
|
unkown
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
6D84000
|
direct allocation
|
page execute and read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46F8000
|
heap
|
page read and write
|
||
|
46EA000
|
heap
|
page read and write
|
||
|
4CCE000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3407E000
|
stack
|
page read and write
|
||
|
1636000
|
system
|
page execute and read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
468E000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
FC0000
|
unkown
|
page readonly
|
||
|
34570000
|
direct allocation
|
page read and write
|
||
|
4920000
|
direct allocation
|
page read and write
|
||
|
2906000
|
heap
|
page read and write
|
||
|
32A0000
|
direct allocation
|
page read and write
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
3442C000
|
stack
|
page read and write
|
||
|
3A70000
|
heap
|
page read and write
|
||
|
70A0000
|
unclassified section
|
page read and write
|
||
|
5062000
|
unkown
|
page read and write
|
||
|
3453C000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
3058000
|
heap
|
page read and write
|
||
|
46A1000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
34360000
|
remote allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
4A1A000
|
unkown
|
page read and write
|
||
|
30B2000
|
heap
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
465000
|
unkown
|
page read and write
|
||
|
342FF000
|
stack
|
page read and write
|
||
|
468E000
|
heap
|
page read and write
|
||
|
30CE000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3465F000
|
heap
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
E15000
|
unkown
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
1830000
|
stack
|
page read and write
|
||
|
A12000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
FC1000
|
unkown
|
page readonly
|
||
|
1C90000
|
unkown
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4F30000
|
direct allocation
|
page execute and read and write
|
||
|
2909000
|
heap
|
page read and write
|
||
|
9E1000
|
unkown
|
page readonly
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
4564000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
1380000
|
unkown
|
page read and write
|
||
|
30DB000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46A6000
|
heap
|
page read and write
|
||
|
88D8000
|
heap
|
page read and write
|
||
|
14A0000
|
unkown
|
page readonly
|
||
|
161A000
|
system
|
page execute and read and write
|
||
|
306E000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
E0E000
|
unkown
|
page readonly
|
||
|
620000
|
heap
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
2900000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
4D7C000
|
heap
|
page read and write
|
||
|
46FE000
|
heap
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
3FA000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
14F3000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
3480C000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3AEC000
|
stack
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
48D0000
|
direct allocation
|
page read and write
|
||
|
309F000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
312B000
|
heap
|
page read and write
|
||
|
505D000
|
direct allocation
|
page execute and read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
30CA000
|
heap
|
page read and write
|
||
|
28782000
|
system
|
page read and write
|
||
|
7D7000
|
heap
|
page read and write
|
||
|
340BF000
|
stack
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
29F5000
|
unkown
|
page execute and read and write
|
||
|
5059000
|
direct allocation
|
page execute and read and write
|
||
|
3076000
|
heap
|
page read and write
|
||
|
313D000
|
heap
|
page read and write
|
||
|
162A000
|
system
|
page execute and read and write
|
||
|
46A3000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
E17000
|
unkown
|
page readonly
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
4CEE000
|
heap
|
page read and write
|
||
|
889F000
|
heap
|
page read and write
|
||
|
182E000
|
stack
|
page read and write
|
||
|
3FA000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
23B4000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46EA000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
4BD2000
|
heap
|
page read and write
|
||
|
4BCB000
|
heap
|
page read and write
|
||
|
856F000
|
stack
|
page read and write
|
||
|
46FB000
|
heap
|
page read and write
|
||
|
333D000
|
stack
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
30A2000
|
heap
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
8920000
|
heap
|
page read and write
|
||
|
E17000
|
unkown
|
page readonly
|
||
|
88CB000
|
heap
|
page read and write
|
||
|
34360000
|
remote allocation
|
page read and write
|
||
|
20F68730000
|
system
|
page execute and read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
343DF000
|
stack
|
page read and write
|
||
|
8B2E000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
32C0000
|
direct allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
72E000
|
stack
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
31B0000
|
unkown
|
page readonly
|
||
|
34530000
|
direct allocation
|
page read and write
|
||
|
467A000
|
heap
|
page read and write
|
||
|
311C000
|
heap
|
page read and write
|
||
|
6410000
|
unclassified section
|
page read and write
|
||
|
3290000
|
direct allocation
|
page read and write
|
||
|
14A0000
|
unkown
|
page readonly
|
||
|
23D0000
|
unkown
|
page readonly
|
||
|
FD1000
|
unkown
|
page readonly
|
||
|
F8A000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
290B000
|
heap
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
4628000
|
heap
|
page read and write
|
||
|
47F0000
|
heap
|
page read and write
|
||
|
2B94000
|
remote allocation
|
page execute and read and write
|
||
|
2410000
|
unkown
|
page readonly
|
||
|
6734000
|
unclassified section
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
5984000
|
direct allocation
|
page execute and read and write
|
||
|
23F0000
|
unkown
|
page read and write
|
||
|
346E3000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
30DB000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
8926000
|
heap
|
page read and write
|
||
|
2410000
|
unkown
|
page readonly
|
||
|
310A000
|
heap
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
20F688A0000
|
heap
|
page read and write
|
||
|
4E5F000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
8900000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
83B000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
46A1000
|
heap
|
page read and write
|
||
|
2194000
|
remote allocation
|
page execute and read and write
|
||
|
2490000
|
unkown
|
page readonly
|
||
|
6BEA000
|
unclassified section
|
page read and write
|
||
|
46EA000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
1310000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
450E000
|
stack
|
page read and write
|
||
|
46A4000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
88C5000
|
heap
|
page read and write
|
||
|
4564000
|
heap
|
page read and write
|
||
|
40AE000
|
unkown
|
page read and write
|
||
|
FC0000
|
unkown
|
page readonly
|
||
|
290E000
|
heap
|
page read and write
|
||
|
4703000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
466E000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
8903000
|
heap
|
page read and write
|
||
|
5A1F000
|
stack
|
page read and write
|
||
|
3260000
|
direct allocation
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
890E000
|
heap
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
3105000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
1380000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46F8000
|
heap
|
page read and write
|
||
|
2904000
|
heap
|
page read and write
|
||
|
3204000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
14C8000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
34B5C000
|
direct allocation
|
page execute and read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
3123000
|
heap
|
page read and write
|
||
|
467000
|
unkown
|
page readonly
|
||
|
3439E000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
730000
|
unkown
|
page readonly
|
||
|
30AF000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
30DD000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
4ED0000
|
unkown
|
page read and write
|
||
|
4F0C000
|
stack
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
469A000
|
heap
|
page read and write
|
||
|
1900000
|
unkown
|
page readonly
|
||
|
3212000
|
unkown
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
3223000
|
unkown
|
page read and write
|
||
|
467C000
|
heap
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
23E0000
|
unkown
|
page readonly
|
||
|
88A2000
|
heap
|
page read and write
|
||
|
88E5000
|
heap
|
page read and write
|
||
|
4EA9000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46A6000
|
heap
|
page read and write
|
||
|
4703000
|
heap
|
page read and write
|
||
|
48E0000
|
direct allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3422E000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46EA000
|
heap
|
page read and write
|
||
|
34F05000
|
unclassified section
|
page execute and read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
48B0000
|
direct allocation
|
page read and write
|
||
|
65A2000
|
unclassified section
|
page read and write
|
||
|
34890000
|
direct allocation
|
page execute and read and write
|
||
|
231E000
|
stack
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
4D3E000
|
unkown
|
page read and write
|
||
|
3250000
|
direct allocation
|
page read and write
|
||
|
349B9000
|
direct allocation
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
30A4000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
51FC000
|
direct allocation
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
16EC000
|
unkown
|
page read and write
|
||
|
4564000
|
heap
|
page read and write
|
||
|
309C000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
54A2000
|
unclassified section
|
page read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
32FD000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
341BD000
|
stack
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
730000
|
unkown
|
page readonly
|
||
|
88A4000
|
heap
|
page read and write
|
||
|
8908000
|
heap
|
page read and write
|
||
|
34360000
|
remote allocation
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
2580000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3413E000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
88A9000
|
heap
|
page read and write
|
||
|
46F8000
|
heap
|
page read and write
|
||
|
3452D000
|
stack
|
page read and write
|
||
|
3417D000
|
stack
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
891B000
|
heap
|
page read and write
|
||
|
3066000
|
heap
|
page read and write
|
||
|
7F00000
|
trusted library allocation
|
page read and write
|
||
|
88BA000
|
heap
|
page read and write
|
||
|
34B60000
|
direct allocation
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
5200000
|
direct allocation
|
page execute and read and write
|
||
|
46A7000
|
heap
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3230000
|
direct allocation
|
page read and write
|
||
|
46EA000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
803000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
30CA000
|
heap
|
page read and write
|
||
|
46FB000
|
heap
|
page read and write
|
||
|
4950000
|
heap
|
page read and write
|
||
|
286C2000
|
system
|
page read and write
|
||
|
1639000
|
system
|
page execute and read and write
|
||
|
7FF000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
30FD000
|
heap
|
page read and write
|
||
|
A0B000
|
heap
|
page read and write
|
||
|
467000
|
unkown
|
page readonly
|
||
|
826000
|
heap
|
page read and write
|
||
|
6A58000
|
unclassified section
|
page read and write
|
||
|
31B0000
|
unkown
|
page readonly
|
||
|
80F000
|
heap
|
page read and write
|
||
|
4564000
|
heap
|
page read and write
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
4666000
|
heap
|
page read and write
|
||
|
3594000
|
remote allocation
|
page execute and read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
818000
|
heap
|
page read and write
|
||
|
2490000
|
unkown
|
page readonly
|
||
|
31C0000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
17EC000
|
unkown
|
page read and write
|
||
|
3108000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
46EA000
|
heap
|
page read and write
|
||
|
6F0E000
|
unclassified section
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
30A0000
|
unkown
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
23E0000
|
unkown
|
page readonly
|
||
|
57E000
|
stack
|
page read and write
|
||
|
627E000
|
unclassified section
|
page read and write
|
||
|
46A7000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
E15000
|
unkown
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6D7C000
|
unclassified section
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3200000
|
heap
|
page read and write
|
||
|
310F000
|
heap
|
page read and write
|
||
|
31A4000
|
heap
|
page read and write
|
||
|
32D2000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
349BD000
|
direct allocation
|
page execute and read and write
|
||
|
467A000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
30A4000
|
heap
|
page read and write
|
||
|
88F9000
|
heap
|
page read and write
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
306D000
|
heap
|
page read and write
|
||
|
14DF000
|
heap
|
page read and write
|
||
|
22D5000
|
heap
|
page read and write
|
||
|
4900000
|
direct allocation
|
page read and write
|
||
|
4240000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46EA000
|
heap
|
page read and write
|
||
|
7232000
|
unclassified section
|
page read and write
|
||
|
168D000
|
system
|
page execute and read and write
|
||
|
2D6A000
|
stack
|
page read and write
|
||
|
13C6000
|
heap
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
2690000
|
unkown
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
30FB000
|
heap
|
page read and write
|
||
|
86EE000
|
stack
|
page read and write
|
||
|
89A4000
|
heap
|
page read and write
|
||
|
4700000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3200000
|
direct allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
23F0000
|
unkown
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
3068000
|
heap
|
page read and write
|
||
|
872F000
|
stack
|
page read and write
|
||
|
88AD000
|
heap
|
page read and write
|
||
|
54FC000
|
unclassified section
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
32BD000
|
stack
|
page read and write
|
||
|
3204000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
6384000
|
direct allocation
|
page execute and read and write
|
||
|
32B0000
|
direct allocation
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
8916000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
8912000
|
heap
|
page read and write
|
||
|
FD1000
|
unkown
|
page readonly
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
46F8000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4691000
|
heap
|
page read and write
|
||
|
7784000
|
direct allocation
|
page execute and read and write
|
||
|
2584000
|
heap
|
page read and write
|
||
|
30A0000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
88E2000
|
heap
|
page read and write
|
||
|
82C000
|
heap
|
page read and write
|
||
|
469A000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
E0E000
|
unkown
|
page readonly
|
||
|
3066000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
340FE000
|
stack
|
page read and write
|
||
|
3077000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
290A000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
3463000
|
unkown
|
page execute and read and write
|
||
|
14C8000
|
heap
|
page read and write
|
||
|
E15000
|
unkown
|
page read and write
|
||
|
34EC000
|
unkown
|
page read and write
|
||
|
8897000
|
heap
|
page read and write
|
||
|
3077000
|
heap
|
page read and write
|
||
|
34530000
|
direct allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
46F8000
|
heap
|
page read and write
|
||
|
3068000
|
heap
|
page read and write
|
There are 676 hidden memdumps, click here to show them.