Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Trojan.BtcMine.3725.7973.8724.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Drivers\WinRing0x64.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Drivers\process.bat
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\ProgramData\Drivers\winproc.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Drivers\xmrig.exe
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Drivers\1.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Drivers\watch.bat
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Updater.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Mar 28 08:25:31 2024, mtime=Thu Mar 28 08:25:31 2024, atime=Sun Oct 8 01:17:00 2023, length=122,
window=hide
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Trojan.BtcMine.3725.7973.8724.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.BtcMine.3725.7973.8724.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\Drivers\winproc.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\ProgramData\Drivers\watch.bat" "
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\Drivers\1.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\ProgramData\Drivers\process.bat" "
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\ProgramData\Drivers\xmrig.exe
|
xmrig.exe --donate-level 5 -o pool.supportxmr.com:443 -u 49LzTohDTP4MAvjfeeKB7pecfkp8MppQKZu5yjawPHfH2aJFbLhgV459XX9y3qoAmjJvxiewcw2bK2toFoMVEAQSLB878rm
-k --tls -p speed
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\Drivers\winproc.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\ProgramData\Drivers\watch.bat" "
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
|
|
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
||
|
C:\Windows\System32\find.exe
|
find /i "taskmgr.exe"
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
||
|
C:\Windows\System32\find.exe
|
find /i "taskmgr.exe"
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
||
|
C:\Windows\System32\find.exe
|
find /i "taskmgr.exe"
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
||
|
C:\Windows\System32\find.exe
|
find /i "taskmgr.exe"
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
||
|
C:\Windows\System32\find.exe
|
find /i "taskmgr.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
||
|
C:\Windows\System32\find.exe
|
find /i "taskmgr.exe"
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
||
|
C:\Windows\System32\find.exe
|
find /i "taskmgr.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
||
|
C:\Windows\System32\find.exe
|
find /i "taskmgr.exe"
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "IMAGENAME eq xmrig.exe"
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist /NH /FI "imagename eq taskmgr.exe"
|
There are 40 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://xmrig.com/benchmark/%s
|
unknown
|
||
|
https://xmrig.com/wizard
|
unknown
|
||
|
https://xmrig.com/wizard%s
|
unknown
|
||
|
https://xmrig.com/docs/algorithms
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pool-nyc.supportxmr.com
|
104.243.33.118
|
||
|
pool.supportxmr.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.243.33.118
|
pool-nyc.supportxmr.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D3792DD000
|
heap
|
page read and write
|
|
|
|
17F41238000
|
heap
|
page read and write
|
|
|
|
2D3792FF000
|
heap
|
page read and write
|
|
|
|
2D377B10000
|
heap
|
page read and write
|
|
|
|
2D377920000
|
heap
|
page read and write
|
|
|
|
7FF61B43F000
|
unkown
|
page readonly
|
|
|
|
7FF61B930000
|
unkown
|
page write copy
|
|
|
|
2D377929000
|
heap
|
page read and write
|
|
|
|
2D3792D2000
|
heap
|
page read and write
|
|
|
|
17F413C5000
|
heap
|
page read and write
|
|
|
|
17F40C3A000
|
heap
|
page read and write
|
|
|
|
2D377B14000
|
heap
|
page read and write
|
|
|
|
8CE38FC000
|
stack
|
page read and write
|
||
|
8A9937F000
|
stack
|
page read and write
|
||
|
2E6E43B8000
|
heap
|
page read and write
|
||
|
42BEC7E000
|
stack
|
page read and write
|
||
|
1D92B8AD000
|
heap
|
page read and write
|
||
|
22F76B16000
|
unkown
|
page read and write
|
||
|
9BEC11F000
|
stack
|
page read and write
|
||
|
23377C07000
|
heap
|
page read and write
|
||
|
17F3CC56000
|
heap
|
page read and write
|
||
|
2D379325000
|
heap
|
page read and write
|
||
|
1E8281B0000
|
heap
|
page read and write
|
||
|
17F413A4000
|
heap
|
page read and write
|
||
|
16EB51F5000
|
heap
|
page read and write
|
||
|
17F3EAC4000
|
heap
|
page read and write
|
||
|
17F3CC32000
|
heap
|
page read and write
|
||
|
1D92B7E0000
|
heap
|
page read and write
|
||
|
8CE30FE000
|
stack
|
page read and write
|
||
|
17F3CC93000
|
heap
|
page read and write
|
||
|
16EB5205000
|
heap
|
page read and write
|
||
|
1D146458000
|
heap
|
page read and write
|
||
|
17F3CCE5000
|
heap
|
page read and write
|
||
|
1DC313B0000
|
heap
|
page read and write
|
||
|
B8E2CFF000
|
stack
|
page read and write
|
||
|
A3F49FF000
|
stack
|
page read and write
|
||
|
23377BD0000
|
heap
|
page read and write
|
||
|
17F3CCAE000
|
heap
|
page read and write
|
||
|
7ED8FF000
|
stack
|
page read and write
|
||
|
17F41540000
|
heap
|
page read and write
|
||
|
22F76C94000
|
unkown
|
page read and write
|
||
|
2275F88C000
|
heap
|
page read and write
|
||
|
16EB51F6000
|
heap
|
page read and write
|
||
|
F2610FD000
|
stack
|
page read and write
|
||
|
49AC4FF000
|
stack
|
page read and write
|
||
|
17F3ECDA000
|
heap
|
page read and write
|
||
|
2708556E000
|
heap
|
page read and write
|
||
|
503C4FF000
|
stack
|
page read and write
|
||
|
36076F7000
|
stack
|
page read and write
|
||
|
1BE24FBC000
|
heap
|
page read and write
|
||
|
2275F7A0000
|
heap
|
page read and write
|
||
|
1D146457000
|
heap
|
page read and write
|
||
|
1EDEBB60000
|
heap
|
page read and write
|
||
|
17F3CC35000
|
heap
|
page read and write
|
||
|
1DC31427000
|
heap
|
page read and write
|
||
|
1A455FE0000
|
heap
|
page read and write
|
||
|
2D37D4C4000
|
heap
|
page read and write
|
||
|
17F3CCE5000
|
heap
|
page read and write
|
||
|
1A4560CC000
|
heap
|
page read and write
|
||
|
22F768F0000
|
unkown
|
page read and write
|
||
|
2275F8B2000
|
heap
|
page read and write
|
||
|
1A4560AB000
|
heap
|
page read and write
|
||
|
17F4168A000
|
heap
|
page read and write
|
||
|
17F3CCAA000
|
heap
|
page read and write
|
||
|
2275F896000
|
heap
|
page read and write
|
||
|
2314C510000
|
heap
|
page read and write
|
||
|
1D92BAE0000
|
heap
|
page read and write
|
||
|
2314C3D6000
|
heap
|
page read and write
|
||
|
2D377A20000
|
direct allocation
|
page execute read
|
||
|
E7E1BFF000
|
stack
|
page read and write
|
||
|
2275F88C000
|
heap
|
page read and write
|
||
|
17F3CC6B000
|
heap
|
page read and write
|
||
|
1BE24FCB000
|
heap
|
page read and write
|
||
|
2275F8AD000
|
heap
|
page read and write
|
||
|
1EDEBBC7000
|
heap
|
page read and write
|
||
|
7FF71758C000
|
unkown
|
page readonly
|
||
|
8A9947E000
|
stack
|
page read and write
|
||
|
1A4560A6000
|
heap
|
page read and write
|
||
|
BCFB58F000
|
stack
|
page read and write
|
||
|
BEC3EDB000
|
stack
|
page read and write
|
||
|
17F41541000
|
heap
|
page read and write
|
||
|
22F76BEA000
|
unkown
|
page read and write
|
||
|
2D37DEC4000
|
heap
|
page read and write
|
||
|
17F3CE0A000
|
trusted library allocation
|
page read and write
|
||
|
22F76550000
|
unkown
|
page readonly
|
||
|
1CE0E8E5000
|
heap
|
page read and write
|
||
|
16EB53A0000
|
heap
|
page read and write
|
||
|
4BCDF1C000
|
stack
|
page read and write
|
||
|
24419FFA000
|
heap
|
page read and write
|
||
|
1A6C2B77000
|
heap
|
page read and write
|
||
|
1D92B885000
|
heap
|
page read and write
|
||
|
1A456220000
|
heap
|
page read and write
|
||
|
2275F8B0000
|
heap
|
page read and write
|
||
|
1D14644B000
|
heap
|
page read and write
|
||
|
2E6E4330000
|
heap
|
page read and write
|
||
|
17F3CE6E000
|
heap
|
page read and write
|
||
|
2699375B000
|
heap
|
page read and write
|
||
|
1D92B88B000
|
heap
|
page read and write
|
||
|
1BE25170000
|
heap
|
page read and write
|
||
|
2314C3ED000
|
heap
|
page read and write
|
||
|
2489E16D000
|
heap
|
page read and write
|
||
|
7FF61AE40000
|
unkown
|
page readonly
|
||
|
16EB51D8000
|
heap
|
page read and write
|
||
|
7ED9FE000
|
stack
|
page read and write
|
||
|
2314C3C6000
|
heap
|
page read and write
|
||
|
2275F8AE000
|
heap
|
page read and write
|
||
|
B8E2C7B000
|
stack
|
page read and write
|
||
|
8A993FE000
|
stack
|
page read and write
|
||
|
17C52CC0000
|
heap
|
page read and write
|
||
|
1A4560B8000
|
heap
|
page read and write
|
||
|
7FF61B929000
|
unkown
|
page write copy
|
||
|
1CE0E902000
|
heap
|
page read and write
|
||
|
7FF61B936000
|
unkown
|
page readonly
|
||
|
1E827FA5000
|
heap
|
page read and write
|
||
|
247774C0000
|
heap
|
page read and write
|
||
|
2D3810C4000
|
heap
|
page read and write
|
||
|
1EFE4920000
|
heap
|
page read and write
|
||
|
26B5DD6B000
|
heap
|
page read and write
|
||
|
7FF71757B000
|
unkown
|
page write copy
|
||
|
40085FC000
|
unkown
|
page read and write
|
||
|
17C52CF0000
|
heap
|
page read and write
|
||
|
1CE0E910000
|
heap
|
page read and write
|
||
|
17F4043D000
|
heap
|
page read and write
|
||
|
157D6074000
|
heap
|
page read and write
|
||
|
7FF717588000
|
unkown
|
page readonly
|
||
|
22F76FF0000
|
unkown
|
page readonly
|
||
|
1EFE45E7000
|
heap
|
page read and write
|
||
|
2314C3D8000
|
heap
|
page read and write
|
||
|
2D379325000
|
heap
|
page read and write
|
||
|
115B32F000
|
stack
|
page read and write
|
||
|
17F41235000
|
heap
|
page read and write
|
||
|
20281F98000
|
heap
|
page read and write
|
||
|
9659C7F000
|
stack
|
page read and write
|
||
|
1DC3142B000
|
heap
|
page read and write
|
||
|
2D379570000
|
heap
|
page read and write
|
||
|
23377C20000
|
heap
|
page read and write
|
||
|
23377B60000
|
heap
|
page read and write
|
||
|
2314C3D6000
|
heap
|
page read and write
|
||
|
211C5E60000
|
heap
|
page read and write
|
||
|
2D377AC1000
|
direct allocation
|
page execute and read and write
|
||
|
2D379395000
|
heap
|
page read and write
|
||
|
3FA0BFA000
|
stack
|
page read and write
|
||
|
F2611FE000
|
stack
|
page read and write
|
||
|
2275F8AD000
|
heap
|
page read and write
|
||
|
37A357F000
|
stack
|
page read and write
|
||
|
17F3CC8E000
|
heap
|
page read and write
|
||
|
2A2727F000
|
stack
|
page read and write
|
||
|
E0F9FFF000
|
stack
|
page read and write
|
||
|
91E82EC000
|
stack
|
page read and write
|
||
|
1A6C2AA0000
|
heap
|
page read and write
|
||
|
2D37A2C4000
|
heap
|
page read and write
|
||
|
17F3CE60000
|
heap
|
page read and write
|
||
|
22F76BF0000
|
unkown
|
page read and write
|
||
|
26993720000
|
heap
|
page read and write
|
||
|
B8E2EFF000
|
stack
|
page read and write
|
||
|
1FC1E370000
|
heap
|
page read and write
|
||
|
F2613FB000
|
stack
|
page read and write
|
||
|
17F41503000
|
heap
|
page read and write
|
||
|
BEC3FDE000
|
stack
|
page read and write
|
||
|
1A4560CC000
|
heap
|
page read and write
|
||
|
2441A00D000
|
heap
|
page read and write
|
||
|
2275F898000
|
heap
|
page read and write
|
||
|
1A4560CE000
|
heap
|
page read and write
|
||
|
1A6C2AD4000
|
heap
|
page read and write
|
||
|
ECE3D7F000
|
stack
|
page read and write
|
||
|
1D92B886000
|
heap
|
page read and write
|
||
|
17F3CC4A000
|
heap
|
page read and write
|
||
|
27085227000
|
heap
|
page read and write
|
||
|
49AC47F000
|
stack
|
page read and write
|
||
|
16EB51FB000
|
heap
|
page read and write
|
||
|
1D92B8AD000
|
heap
|
page read and write
|
||
|
1CE0E8EB000
|
heap
|
page read and write
|
||
|
220F47F0000
|
heap
|
page read and write
|
||
|
2D37CAC4000
|
heap
|
page read and write
|
||
|
17F3CCAE000
|
heap
|
page read and write
|
||
|
1EDEBA80000
|
heap
|
page read and write
|
||
|
17F3CC00000
|
heap
|
page read and write
|
||
|
27086CC0000
|
heap
|
page read and write
|
||
|
2314C3EE000
|
heap
|
page read and write
|
||
|
26B5DD00000
|
heap
|
page read and write
|
||
|
A3F48FE000
|
stack
|
page read and write
|
||
|
24419FEB000
|
heap
|
page read and write
|
||
|
1A4560B7000
|
heap
|
page read and write
|
||
|
16EB5205000
|
heap
|
page read and write
|
||
|
1E827DE0000
|
heap
|
page read and write
|
||
|
2275F8B3000
|
heap
|
page read and write
|
||
|
16EB51B0000
|
heap
|
page read and write
|
||
|
19E68C00000
|
heap
|
page read and write
|
||
|
D48755F000
|
stack
|
page read and write
|
||
|
18E14610000
|
heap
|
page read and write
|
||
|
26B5DF34000
|
heap
|
page read and write
|
||
|
211C5D67000
|
heap
|
page read and write
|
||
|
17F40430000
|
trusted library allocation
|
page read and write
|
||
|
17F3CC93000
|
heap
|
page read and write
|
||
|
26B5DD66000
|
heap
|
page read and write
|
||
|
2E6E5D64000
|
heap
|
page read and write
|
||
|
9D1BEFE000
|
stack
|
page read and write
|
||
|
22F74CC0000
|
unkown
|
page read and write
|
||
|
2275F6A0000
|
heap
|
page read and write
|
||
|
17F3CCAE000
|
heap
|
page read and write
|
||
|
7EDA7F000
|
stack
|
page read and write
|
||
|
17F3CCBA000
|
heap
|
page read and write
|
||
|
17F3CC5A000
|
heap
|
page read and write
|
||
|
18E14699000
|
heap
|
page read and write
|
||
|
4008266000
|
unkown
|
page read and write
|
||
|
157D5E97000
|
heap
|
page read and write
|
||
|
2275F8AD000
|
heap
|
page read and write
|
||
|
17F4168A000
|
heap
|
page read and write
|
||
|
2489E172000
|
heap
|
page read and write
|
||
|
16EB51D0000
|
heap
|
page read and write
|
||
|
13388F97000
|
heap
|
page read and write
|
||
|
17F3CCBA000
|
heap
|
page read and write
|
||
|
1CE0E8C8000
|
heap
|
page read and write
|
||
|
2275F780000
|
heap
|
page read and write
|
||
|
23377BD8000
|
heap
|
page read and write
|
||
|
1CE0E8F9000
|
heap
|
page read and write
|
||
|
1FD57C90000
|
heap
|
page read and write
|
||
|
1BE24FDF000
|
heap
|
page read and write
|
||
|
1EDEBBDE000
|
heap
|
page read and write
|
||
|
211C60E0000
|
heap
|
page read and write
|
||
|
16EB521C000
|
heap
|
page read and write
|
||
|
9B5C27F000
|
stack
|
page read and write
|
||
|
1EDEBDC0000
|
heap
|
page read and write
|
||
|
1D92BAE4000
|
heap
|
page read and write
|
||
|
348DBEB000
|
stack
|
page read and write
|
||
|
26B5DD8C000
|
heap
|
page read and write
|
||
|
2489E16D000
|
heap
|
page read and write
|
||
|
1BE24FCB000
|
heap
|
page read and write
|
||
|
1D146445000
|
heap
|
page read and write
|
||
|
965999E000
|
stack
|
page read and write
|
||
|
1A6C2B95000
|
heap
|
page read and write
|
||
|
A3F497E000
|
stack
|
page read and write
|
||
|
1BE24FB6000
|
heap
|
page read and write
|
||
|
16EB521C000
|
heap
|
page read and write
|
||
|
1E827FA5000
|
heap
|
page read and write
|
||
|
1D6983D0000
|
heap
|
page read and write
|
||
|
1CE0E840000
|
heap
|
page read and write
|
||
|
220F4A40000
|
heap
|
page read and write
|
||
|
503C47F000
|
stack
|
page read and write
|
||
|
22F76A52000
|
unkown
|
page read and write
|
||
|
7FF61B43B000
|
unkown
|
page write copy
|
||
|
26B5DCE0000
|
heap
|
page read and write
|
||
|
17F3CCE6000
|
heap
|
page read and write
|
||
|
348DEFF000
|
stack
|
page read and write
|
||
|
17F3CC94000
|
heap
|
page read and write
|
||
|
274B8470000
|
heap
|
page read and write
|
||
|
76D95EF000
|
stack
|
page read and write
|
||
|
1E827FA6000
|
heap
|
page read and write
|
||
|
503C5FF000
|
stack
|
page read and write
|
||
|
23377BFB000
|
heap
|
page read and write
|
||
|
1EFE4924000
|
heap
|
page read and write
|
||
|
17C52D3E000
|
heap
|
page read and write
|
||
|
2314C3ED000
|
heap
|
page read and write
|
||
|
2275FB50000
|
heap
|
page read and write
|
||
|
2D377AB0000
|
direct allocation
|
page execute and read and write
|
||
|
1D146380000
|
heap
|
page read and write
|
||
|
26B5DD8C000
|
heap
|
page read and write
|
||
|
42BEBFF000
|
stack
|
page read and write
|
||
|
18E14600000
|
heap
|
page read and write
|
||
|
2275F887000
|
heap
|
page read and write
|
||
|
1FD57C98000
|
heap
|
page read and write
|
||
|
17C52CA0000
|
heap
|
page read and write
|
||
|
62931DF000
|
stack
|
page read and write
|
||
|
17F3ECDD000
|
heap
|
page read and write
|
||
|
2D3793AD000
|
heap
|
page read and write
|
||
|
17F3CCE5000
|
heap
|
page read and write
|
||
|
17F3CC78000
|
heap
|
page read and write
|
||
|
629315F000
|
stack
|
page read and write
|
||
|
3B93E7C000
|
stack
|
page read and write
|
||
|
17C52D25000
|
heap
|
page read and write
|
||
|
1CE0E903000
|
heap
|
page read and write
|
||
|
E0F9F7E000
|
stack
|
page read and write
|
||
|
8CE35FD000
|
stack
|
page read and write
|
||
|
1D698040000
|
heap
|
page read and write
|
||
|
1EFE45D6000
|
heap
|
page read and write
|
||
|
26B5DD8F000
|
heap
|
page read and write
|
||
|
17C52D31000
|
heap
|
page read and write
|
||
|
16EB53C0000
|
heap
|
page read and write
|
||
|
36078FB000
|
stack
|
page read and write
|
||
|
2ABD1870000
|
heap
|
page read and write
|
||
|
2275F899000
|
heap
|
page read and write
|
||
|
9D1BB9F000
|
stack
|
page read and write
|
||
|
E2FF87F000
|
stack
|
page read and write
|
||
|
115B3AF000
|
stack
|
page read and write
|
||
|
2275FB54000
|
heap
|
page read and write
|
||
|
17F413AE000
|
heap
|
page read and write
|
||
|
274B8590000
|
heap
|
page read and write
|
||
|
17F4139F000
|
heap
|
page read and write
|
||
|
22F74EB0000
|
heap
|
page read and write
|
||
|
2D379321000
|
heap
|
page read and write
|
||
|
BEC437E000
|
stack
|
page read and write
|
||
|
E7E1BFB000
|
stack
|
page read and write
|
||
|
E2FF54C000
|
stack
|
page read and write
|
||
|
E0F9EFE000
|
stack
|
page read and write
|
||
|
2489E16E000
|
heap
|
page read and write
|
||
|
17F4129A000
|
heap
|
page read and write
|
||
|
1CE0E912000
|
heap
|
page read and write
|
||
|
1BE24FE0000
|
heap
|
page read and write
|
||
|
211C5F60000
|
heap
|
page read and write
|
||
|
220F4A44000
|
heap
|
page read and write
|
||
|
1D92B896000
|
heap
|
page read and write
|
||
|
17F3CC73000
|
heap
|
page read and write
|
||
|
91E836F000
|
stack
|
page read and write
|
||
|
1D14646D000
|
heap
|
page read and write
|
||
|
17C52D40000
|
heap
|
page read and write
|
||
|
1D92B898000
|
heap
|
page read and write
|
||
|
7FF71758C000
|
unkown
|
page write copy
|
||
|
1A4560CC000
|
heap
|
page read and write
|
||
|
3FA0FFE000
|
stack
|
page read and write
|
||
|
7FF61AE41000
|
unkown
|
page execute read
|
||
|
2D377961000
|
heap
|
page read and write
|
||
|
76D956F000
|
stack
|
page read and write
|
||
|
1A456088000
|
heap
|
page read and write
|
||
|
1BE24FCB000
|
heap
|
page read and write
|
||
|
17F3CC18000
|
heap
|
page read and write
|
||
|
24775B00000
|
heap
|
page read and write
|
||
|
21B729D0000
|
heap
|
page read and write
|
||
|
1E8281B4000
|
heap
|
page read and write
|
||
|
17F41581000
|
heap
|
page read and write
|
||
|
19E68C58000
|
heap
|
page read and write
|
||
|
23377BF5000
|
heap
|
page read and write
|
||
|
7FF717520000
|
unkown
|
page readonly
|
||
|
2D37931D000
|
heap
|
page read and write
|
||
|
1BE24FBC000
|
heap
|
page read and write
|
||
|
7FF61B43E000
|
unkown
|
page write copy
|
||
|
17F413BD000
|
heap
|
page read and write
|
||
|
1CE0E8C0000
|
heap
|
page read and write
|
||
|
17F3CCB7000
|
heap
|
page read and write
|
||
|
21B72980000
|
heap
|
page read and write
|
||
|
E7E0FFF000
|
stack
|
page read and write
|
||
|
1E827F88000
|
heap
|
page read and write
|
||
|
1CE0E915000
|
heap
|
page read and write
|
||
|
22F750C1000
|
unkown
|
page readonly
|
||
|
17F3CC57000
|
heap
|
page read and write
|
||
|
22F74EB4000
|
heap
|
page read and write
|
||
|
17C52D27000
|
heap
|
page read and write
|
||
|
1EFE45FD000
|
heap
|
page read and write
|
||
|
2ABD18A5000
|
heap
|
page read and write
|
||
|
1BE24DD0000
|
heap
|
page read and write
|
||
|
2ABD17A0000
|
heap
|
page read and write
|
||
|
4A486FF000
|
stack
|
page read and write
|
||
|
9D1BE7F000
|
stack
|
page read and write
|
||
|
1DC31420000
|
heap
|
page read and write
|
||
|
1EDEBBBB000
|
heap
|
page read and write
|
||
|
1D14646C000
|
heap
|
page read and write
|
||
|
2441A1D0000
|
heap
|
page read and write
|
||
|
1D92B8AF000
|
heap
|
page read and write
|
||
|
400826E000
|
unkown
|
page read and write
|
||
|
22F76BE4000
|
unkown
|
page read and write
|
||
|
17F414C2000
|
heap
|
page read and write
|
||
|
26B5DD40000
|
heap
|
page read and write
|
||
|
9D1BF7F000
|
stack
|
page read and write
|
||
|
1BE24FC8000
|
heap
|
page read and write
|
||
|
7FF717568000
|
unkown
|
page readonly
|
||
|
17F3CCE5000
|
heap
|
page read and write
|
||
|
2275F8AD000
|
heap
|
page read and write
|
||
|
17F413B6000
|
heap
|
page read and write
|
||
|
17F41582000
|
heap
|
page read and write
|
||
|
1E827EC0000
|
heap
|
page read and write
|
||
|
1FC1E330000
|
heap
|
page read and write
|
||
|
17F41644000
|
heap
|
page read and write
|
||
|
49AC57F000
|
stack
|
page read and write
|
||
|
1EFE45C7000
|
heap
|
page read and write
|
||
|
7FF717582000
|
unkown
|
page read and write
|
||
|
F26074A000
|
stack
|
page read and write
|
||
|
2489E2F0000
|
heap
|
page read and write
|
||
|
1EDEBBBB000
|
heap
|
page read and write
|
||
|
17F40434000
|
heap
|
page read and write
|
||
|
2314C3D9000
|
heap
|
page read and write
|
||
|
E7E09FF000
|
stack
|
page read and write
|
||
|
2D37796E000
|
heap
|
page read and write
|
||
|
42BEA7B000
|
stack
|
page read and write
|
||
|
26807F000
|
stack
|
page read and write
|
||
|
7FF717588000
|
unkown
|
page readonly
|
||
|
16EB5207000
|
heap
|
page read and write
|
||
|
17C52D1B000
|
heap
|
page read and write
|
||
|
E7E11FB000
|
stack
|
page read and write
|
||
|
2441A0D0000
|
heap
|
page read and write
|
||
|
1FC1E380000
|
heap
|
page read and write
|
||
|
3FA18FB000
|
stack
|
page read and write
|
||
|
2D37ACC4000
|
heap
|
page read and write
|
||
|
E7E19FF000
|
stack
|
page read and write
|
||
|
348DF7E000
|
stack
|
page read and write
|
||
|
24419FE5000
|
heap
|
page read and write
|
||
|
3FA11FF000
|
stack
|
page read and write
|
||
|
2D379321000
|
heap
|
page read and write
|
||
|
1BE24F99000
|
heap
|
page read and write
|
||
|
22F76AB4000
|
unkown
|
page read and write
|
||
|
1D14646C000
|
heap
|
page read and write
|
||
|
1D92B896000
|
heap
|
page read and write
|
||
|
BCFB48C000
|
stack
|
page read and write
|
||
|
4BCE27F000
|
stack
|
page read and write
|
||
|
17F3CC63000
|
heap
|
page read and write
|
||
|
18E14650000
|
heap
|
page read and write
|
||
|
1BE24FC6000
|
heap
|
page read and write
|
||
|
1EFE4602000
|
heap
|
page read and write
|
||
|
1EFE45FE000
|
heap
|
page read and write
|
||
|
1FD59550000
|
heap
|
page read and write
|
||
|
62934FE000
|
stack
|
page read and write
|
||
|
1CE0E910000
|
heap
|
page read and write
|
||
|
17F3CDF1000
|
trusted library allocation
|
page read and write
|
||
|
17C52D29000
|
heap
|
page read and write
|
||
|
17F3CC8C000
|
heap
|
page read and write
|
||
|
2314C3ED000
|
heap
|
page read and write
|
||
|
36075FE000
|
stack
|
page read and write
|
||
|
2489E4F0000
|
heap
|
page read and write
|
||
|
2ABD1850000
|
heap
|
page read and write
|
||
|
BEC3F5E000
|
stack
|
page read and write
|
||
|
1EDEBDC4000
|
heap
|
page read and write
|
||
|
1A6C2BAB000
|
heap
|
page read and write
|
||
|
17F41503000
|
heap
|
page read and write
|
||
|
13389090000
|
heap
|
page read and write
|
||
|
E7E1DFF000
|
stack
|
page read and write
|
||
|
270851F6000
|
heap
|
page read and write
|
||
|
36071FD000
|
stack
|
page read and write
|
||
|
17F3CC63000
|
heap
|
page read and write
|
||
|
1D92B810000
|
heap
|
page read and write
|
||
|
1D698070000
|
heap
|
page read and write
|
||
|
1EDEBBDE000
|
heap
|
page read and write
|
||
|
91E83EF000
|
stack
|
page read and write
|
||
|
26B5DF30000
|
heap
|
page read and write
|
||
|
17F3CCE7000
|
heap
|
page read and write
|
||
|
27085170000
|
heap
|
page read and write
|
||
|
17F3CCBA000
|
heap
|
page read and write
|
||
|
3FA13FF000
|
stack
|
page read and write
|
||
|
1E827FB8000
|
heap
|
page read and write
|
||
|
1BE24FDB000
|
heap
|
page read and write
|
||
|
17F3ECD0000
|
trusted library allocation
|
page read and write
|
||
|
6E128FF000
|
stack
|
page read and write
|
||
|
2D379325000
|
heap
|
page read and write
|
||
|
211C5F40000
|
heap
|
page read and write
|
||
|
2275F860000
|
heap
|
page read and write
|
||
|
220F47F7000
|
heap
|
page read and write
|
||
|
2D3806C4000
|
heap
|
page read and write
|
||
|
7FF717521000
|
unkown
|
page execute read
|
||
|
21B72990000
|
heap
|
page read and write
|
||
|
20281E50000
|
heap
|
page read and write
|
||
|
26B5DD48000
|
heap
|
page read and write
|
||
|
17F3CC5A000
|
heap
|
page read and write
|
||
|
1D146471000
|
heap
|
page read and write
|
||
|
62930DB000
|
stack
|
page read and write
|
||
|
22F76CD6000
|
unkown
|
page read and write
|
||
|
1E827FC1000
|
heap
|
page read and write
|
||
|
76D94EC000
|
stack
|
page read and write
|
||
|
1D92B896000
|
heap
|
page read and write
|
||
|
26B5DD92000
|
heap
|
page read and write
|
||
|
1A455EE0000
|
heap
|
page read and write
|
||
|
211C5D6B000
|
heap
|
page read and write
|
||
|
ECE3CFF000
|
stack
|
page read and write
|
||
|
6E1297F000
|
stack
|
page read and write
|
||
|
2D379365000
|
heap
|
page read and write
|
||
|
7ED87B000
|
stack
|
page read and write
|
||
|
1BE25174000
|
heap
|
page read and write
|
||
|
1A6C2B47000
|
heap
|
page read and write
|
||
|
3FA16FE000
|
stack
|
page read and write
|
||
|
17F3CCE4000
|
heap
|
page read and write
|
||
|
211C5D60000
|
heap
|
page read and write
|
||
|
1CE0E904000
|
heap
|
page read and write
|
||
|
23377BF5000
|
heap
|
page read and write
|
||
|
17C52D25000
|
heap
|
page read and write
|
||
|
1E827FAB000
|
heap
|
page read and write
|
||
|
157D5E90000
|
heap
|
page read and write
|
||
|
270851A0000
|
heap
|
page read and write
|
||
|
2441A260000
|
heap
|
page read and write
|
||
|
17F3EBC0000
|
heap
|
page read and write
|
||
|
7FF71757B000
|
unkown
|
page read and write
|
||
|
17F413B2000
|
heap
|
page read and write
|
||
|
26B5DD8D000
|
heap
|
page read and write
|
||
|
1DC31654000
|
heap
|
page read and write
|
||
|
2A26F7F000
|
stack
|
page read and write
|
||
|
1EDEBBB5000
|
heap
|
page read and write
|
||
|
2489E145000
|
heap
|
page read and write
|
||
|
B8E2D7F000
|
stack
|
page read and write
|
||
|
2D379385000
|
heap
|
page read and write
|
||
|
1EDEBBE0000
|
heap
|
page read and write
|
||
|
400826C000
|
unkown
|
page read and write
|
||
|
1D92B8AD000
|
heap
|
page read and write
|
||
|
2314C310000
|
heap
|
page read and write
|
||
|
2275F886000
|
heap
|
page read and write
|
||
|
2D3793A5000
|
heap
|
page read and write
|
||
|
2E6E43B0000
|
heap
|
page read and write
|
||
|
220F4790000
|
heap
|
page read and write
|
||
|
8CE37FE000
|
stack
|
page read and write
|
||
|
1EFE45E9000
|
heap
|
page read and write
|
||
|
1E827FAB000
|
heap
|
page read and write
|
||
|
348DFFF000
|
stack
|
page read and write
|
||
|
13388F90000
|
heap
|
page read and write
|
||
|
2D37FCC4000
|
heap
|
page read and write
|
||
|
26B5DD65000
|
heap
|
page read and write
|
||
|
2D37F2C4000
|
heap
|
page read and write
|
||
|
18E161A0000
|
heap
|
page read and write
|
||
|
2441A00D000
|
heap
|
page read and write
|
||
|
36070F5000
|
stack
|
page read and write
|
||
|
1EDEBBDE000
|
heap
|
page read and write
|
||
|
20283890000
|
heap
|
page read and write
|
||
|
17F3CCAE000
|
heap
|
page read and write
|
||
|
2441A011000
|
heap
|
page read and write
|
||
|
22F74CE1000
|
unkown
|
page readonly
|
||
|
27085560000
|
heap
|
page read and write
|
||
|
27085564000
|
heap
|
page read and write
|
||
|
1EDEBBD3000
|
heap
|
page read and write
|
||
|
1D92B885000
|
heap
|
page read and write
|
||
|
17C52BC0000
|
heap
|
page read and write
|
||
|
2D379321000
|
heap
|
page read and write
|
||
|
17F4137A000
|
heap
|
page read and write
|
||
|
24775B10000
|
heap
|
page read and write
|
||
|
1CE0E908000
|
heap
|
page read and write
|
||
|
2A26EFB000
|
stack
|
page read and write
|
||
|
2314C3C5000
|
heap
|
page read and write
|
||
|
7ED97F000
|
stack
|
page read and write
|
||
|
16EB5205000
|
heap
|
page read and write
|
||
|
24775B30000
|
heap
|
page read and write
|
||
|
26993B04000
|
heap
|
page read and write
|
||
|
1EFE45B7000
|
heap
|
page read and write
|
||
|
3B93F7F000
|
stack
|
page read and write
|
||
|
16EB521C000
|
heap
|
page read and write
|
||
|
17F41336000
|
heap
|
page read and write
|
||
|
E0F9B4B000
|
stack
|
page read and write
|
||
|
1CE0E8E6000
|
heap
|
page read and write
|
||
|
1EFE45DB000
|
heap
|
page read and write
|
||
|
1D146446000
|
heap
|
page read and write
|
||
|
2D3778E0000
|
heap
|
page read and write
|
||
|
13388F9B000
|
heap
|
page read and write
|
||
|
1FD57C70000
|
heap
|
page read and write
|
||
|
17F3CC93000
|
heap
|
page read and write
|
||
|
24419FC8000
|
heap
|
page read and write
|
||
|
23377ED4000
|
heap
|
page read and write
|
||
|
1E827FB7000
|
heap
|
page read and write
|
||
|
17F3CC63000
|
heap
|
page read and write
|
||
|
16EB5590000
|
heap
|
page read and write
|
||
|
E7E05FF000
|
stack
|
page read and write
|
||
|
49AC17F000
|
stack
|
page read and write
|
||
|
49AC1FF000
|
stack
|
page read and write
|
||
|
A34A67E000
|
stack
|
page read and write
|
||
|
17F3CC57000
|
heap
|
page read and write
|
||
|
17C52D1B000
|
heap
|
page read and write
|
||
|
1D146370000
|
heap
|
page read and write
|
||
|
1FC1E3D8000
|
heap
|
page read and write
|
||
|
26B5DD65000
|
heap
|
page read and write
|
||
|
2D37939D000
|
heap
|
page read and write
|
||
|
21B729D8000
|
heap
|
page read and write
|
||
|
1BE24FB6000
|
heap
|
page read and write
|
||
|
17F414C3000
|
heap
|
page read and write
|
||
|
22F74AC0000
|
heap
|
page read and write
|
||
|
24419FE6000
|
heap
|
page read and write
|
||
|
21B72930000
|
heap
|
page read and write
|
||
|
1D92B8AD000
|
heap
|
page read and write
|
||
|
B8E2E7E000
|
stack
|
page read and write
|
||
|
348E07F000
|
stack
|
page read and write
|
||
|
22F764E0000
|
unkown
|
page readonly
|
||
|
37A31CF000
|
stack
|
page read and write
|
||
|
3FA15FD000
|
stack
|
page read and write
|
||
|
2D3798C4000
|
heap
|
page read and write
|
||
|
17F3CCBB000
|
heap
|
page read and write
|
||
|
3FA12FF000
|
stack
|
page read and write
|
||
|
270851C0000
|
heap
|
page read and write
|
||
|
1A6C4510000
|
heap
|
page read and write
|
||
|
2314C3A0000
|
heap
|
page read and write
|
||
|
E0F9E7F000
|
stack
|
page read and write
|
||
|
23377C1E000
|
heap
|
page read and write
|
||
|
A34A3AF000
|
stack
|
page read and write
|
||
|
B8E2DFE000
|
stack
|
page read and write
|
||
|
2D37C0C4000
|
heap
|
page read and write
|
||
|
2314C3F2000
|
heap
|
page read and write
|
||
|
157D5D80000
|
heap
|
page read and write
|
||
|
24419FF9000
|
heap
|
page read and write
|
||
|
7FF717520000
|
unkown
|
page readonly
|
||
|
1CE0E908000
|
heap
|
page read and write
|
||
|
D4874DC000
|
stack
|
page read and write
|
||
|
42BEAFF000
|
stack
|
page read and write
|
||
|
1D146420000
|
heap
|
page read and write
|
||
|
2441A1B0000
|
heap
|
page read and write
|
||
|
503C67E000
|
stack
|
page read and write
|
||
|
26993B00000
|
heap
|
page read and write
|
||
|
3FA17FF000
|
stack
|
page read and write
|
||
|
1D14646C000
|
heap
|
page read and write
|
||
|
9D1BA9B000
|
stack
|
page read and write
|
||
|
24419FC0000
|
heap
|
page read and write
|
||
|
1D92B88B000
|
heap
|
page read and write
|
||
|
1DC31650000
|
heap
|
page read and write
|
||
|
1BE24ED0000
|
heap
|
page read and write
|
||
|
16EB521D000
|
heap
|
page read and write
|
||
|
2ABD1878000
|
heap
|
page read and write
|
||
|
1E827FCD000
|
heap
|
page read and write
|
||
|
157D5E9B000
|
heap
|
page read and write
|
||
|
1BE24FDB000
|
heap
|
page read and write
|
||
|
9659DFE000
|
stack
|
page read and write
|
||
|
1EDEBBD3000
|
heap
|
page read and write
|
||
|
2489E157000
|
heap
|
page read and write
|
||
|
503C57E000
|
stack
|
page read and write
|
||
|
9659CFF000
|
stack
|
page read and write
|
||
|
2ABD1855000
|
heap
|
page read and write
|
||
|
19E68C50000
|
heap
|
page read and write
|
||
|
9B5BF9F000
|
stack
|
page read and write
|
||
|
17F3CC57000
|
heap
|
page read and write
|
||
|
1D6980D7000
|
heap
|
page read and write
|
||
|
1E827FC0000
|
heap
|
page read and write
|
||
|
36077FF000
|
stack
|
page read and write
|
||
|
17F41482000
|
heap
|
page read and write
|
||
|
24419FE5000
|
heap
|
page read and write
|
||
|
1EDEBC90000
|
heap
|
page read and write
|
||
|
1E827FCF000
|
heap
|
page read and write
|
||
|
1E827F80000
|
heap
|
page read and write
|
||
|
D4875DF000
|
stack
|
page read and write
|
||
|
400867E000
|
unkown
|
page readonly
|
||
|
17F3CC8A000
|
heap
|
page read and write
|
||
|
26B5DC00000
|
heap
|
page read and write
|
||
|
E7E15FF000
|
stack
|
page read and write
|
||
|
1EDEBBB6000
|
heap
|
page read and write
|
||
|
4A483DC000
|
stack
|
page read and write
|
||
|
1CE0E902000
|
heap
|
page read and write
|
||
|
1A6C2AE0000
|
heap
|
page read and write
|
||
|
4A4867F000
|
stack
|
page read and write
|
||
|
17F3CB50000
|
heap
|
page read and write
|
||
|
2ABD18D7000
|
heap
|
page read and write
|
||
|
17C52D15000
|
heap
|
page read and write
|
||
|
3B93EFF000
|
stack
|
page read and write
|
||
|
26B5DD6B000
|
heap
|
page read and write
|
||
|
23377C1E000
|
heap
|
page read and write
|
||
|
115B2AC000
|
stack
|
page read and write
|
||
|
2489E110000
|
heap
|
page read and write
|
||
|
1D92B899000
|
heap
|
page read and write
|
||
|
1DC313D0000
|
heap
|
page read and write
|
||
|
1A455FC0000
|
heap
|
page read and write
|
||
|
2A272FE000
|
stack
|
page read and write
|
||
|
400877E000
|
unkown
|
page readonly
|
||
|
17F3CC35000
|
heap
|
page read and write
|
||
|
23377BF6000
|
heap
|
page read and write
|
||
|
17F41603000
|
heap
|
page read and write
|
||
|
1A6C2B18000
|
heap
|
page read and write
|
||
|
2A2737E000
|
stack
|
page read and write
|
||
|
18E14690000
|
heap
|
page read and write
|
||
|
9BEC09C000
|
stack
|
page read and write
|
||
|
3B3327F000
|
stack
|
page read and write
|
||
|
17F3CE40000
|
heap
|
page read and write
|
||
|
1D146795000
|
heap
|
page read and write
|
||
|
17F3CC63000
|
heap
|
page read and write
|
||
|
17F3CC3D000
|
heap
|
page read and write
|
||
|
2489E14B000
|
heap
|
page read and write
|
||
|
17C52D3D000
|
heap
|
page read and write
|
||
|
2314C515000
|
heap
|
page read and write
|
||
|
26993920000
|
heap
|
page read and write
|
||
|
21B72984000
|
heap
|
page read and write
|
||
|
2441A00D000
|
heap
|
page read and write
|
||
|
16EB5220000
|
heap
|
page read and write
|
||
|
1EDEBBDE000
|
heap
|
page read and write
|
||
|
2ABD31F0000
|
heap
|
page read and write
|
||
|
17F415C2000
|
heap
|
page read and write
|
||
|
A34A32F000
|
stack
|
page read and write
|
||
|
1EDEBBC9000
|
heap
|
page read and write
|
||
|
17F3CC5A000
|
heap
|
page read and write
|
||
|
8CE32FE000
|
stack
|
page read and write
|
||
|
17F3CCB7000
|
heap
|
page read and write
|
||
|
2489E159000
|
heap
|
page read and write
|
||
|
17F41505000
|
heap
|
page read and write
|
||
|
1A456080000
|
heap
|
page read and write
|
||
|
1A4560A5000
|
heap
|
page read and write
|
||
|
2314C3ED000
|
heap
|
page read and write
|
||
|
DC4767F000
|
stack
|
page read and write
|
||
|
17C52D1B000
|
heap
|
page read and write
|
||
|
26B5DD8C000
|
heap
|
page read and write
|
||
|
1FD595A0000
|
heap
|
page read and write
|
||
|
22F76B60000
|
unkown
|
page read and write
|
||
|
274B9EF4000
|
heap
|
page read and write
|
||
|
ECE3C7C000
|
stack
|
page read and write
|
||
|
3FA0EFE000
|
stack
|
page read and write
|
||
|
17C52D15000
|
heap
|
page read and write
|
||
|
400808E000
|
stack
|
page read and write
|
||
|
1CE0E908000
|
heap
|
page read and write
|
||
|
267DDF000
|
stack
|
page read and write
|
||
|
1EFE45FD000
|
heap
|
page read and write
|
||
|
1CE0E720000
|
heap
|
page read and write
|
||
|
A3F4A7E000
|
stack
|
page read and write
|
||
|
17F413AA000
|
heap
|
page read and write
|
||
|
17F41604000
|
heap
|
page read and write
|
||
|
A34A2AB000
|
stack
|
page read and write
|
||
|
1CE0E908000
|
heap
|
page read and write
|
||
|
1CE0E8EB000
|
heap
|
page read and write
|
||
|
1EDEBB90000
|
heap
|
page read and write
|
||
|
17F3CC3C000
|
heap
|
page read and write
|
||
|
37A314F000
|
stack
|
page read and write
|
||
|
22F76D1C000
|
unkown
|
page read and write
|
||
|
22F76C52000
|
unkown
|
page read and write
|
||
|
22F76CB4000
|
unkown
|
page read and write
|
||
|
1FC1E375000
|
heap
|
page read and write
|
||
|
1EDEBBDF000
|
heap
|
page read and write
|
||
|
21B72920000
|
heap
|
page read and write
|
||
|
2275F896000
|
heap
|
page read and write
|
||
|
2489E128000
|
heap
|
page read and write
|
||
|
1BE24FDB000
|
heap
|
page read and write
|
||
|
8CE2FFE000
|
stack
|
page read and write
|
||
|
17C52CF8000
|
heap
|
page read and write
|
||
|
F260AFF000
|
stack
|
page read and write
|
||
|
1CE0E910000
|
heap
|
page read and write
|
||
|
17F41503000
|
heap
|
page read and write
|
||
|
17F3CC57000
|
heap
|
page read and write
|
||
|
2D3778C0000
|
heap
|
page read and write
|
||
|
22F76BCA000
|
unkown
|
page read and write
|
||
|
F260BFF000
|
stack
|
page read and write
|
||
|
E7E13FC000
|
stack
|
page read and write
|
||
|
1BE24F90000
|
heap
|
page read and write
|
||
|
17C52D3C000
|
heap
|
page read and write
|
||
|
7FF61B42E000
|
unkown
|
page write copy
|
||
|
23377C22000
|
heap
|
page read and write
|
||
|
1A4560AB000
|
heap
|
page read and write
|
||
|
16EB51FB000
|
heap
|
page read and write
|
||
|
2D3777E0000
|
heap
|
page read and write
|
||
|
2D37931D000
|
heap
|
page read and write
|
||
|
27085180000
|
heap
|
page read and write
|
||
|
16EB5594000
|
heap
|
page read and write
|
||
|
2489E146000
|
heap
|
page read and write
|
||
|
22F76500000
|
unkown
|
page read and write
|
||
|
24777620000
|
heap
|
page read and write
|
||
|
1A4560A5000
|
heap
|
page read and write
|
||
|
17F4168A000
|
heap
|
page read and write
|
||
|
36074FE000
|
stack
|
page read and write
|
||
|
1CE0E910000
|
heap
|
page read and write
|
||
|
1EFE4500000
|
heap
|
page read and write
|
||
|
1D146790000
|
heap
|
page read and write
|
||
|
17F41441000
|
heap
|
page read and write
|
||
|
17F3CCB6000
|
heap
|
page read and write
|
||
|
2D3792ED000
|
heap
|
page read and write
|
||
|
16EB521F000
|
heap
|
page read and write
|
||
|
1E827FCD000
|
heap
|
page read and write
|
||
|
2314C230000
|
heap
|
page read and write
|
||
|
2489E310000
|
heap
|
page read and write
|
||
|
22F769F0000
|
unkown
|
page read and write
|
||
|
503C18B000
|
stack
|
page read and write
|
||
|
274B8550000
|
heap
|
page read and write
|
||
|
17F3CB60000
|
heap
|
page readonly
|
||
|
23377B40000
|
heap
|
page read and write
|
||
|
24775B38000
|
heap
|
page read and write
|
||
|
1D6983D4000
|
heap
|
page read and write
|
||
|
17F3CC39000
|
heap
|
page read and write
|
||
|
3B332FF000
|
stack
|
page read and write
|
||
|
1A4560CC000
|
heap
|
page read and write
|
||
|
23377BFB000
|
heap
|
page read and write
|
||
|
157D5F90000
|
heap
|
page read and write
|
||
|
16EB521C000
|
heap
|
page read and write
|
||
|
1D1463A0000
|
heap
|
page read and write
|
||
|
A34A77F000
|
stack
|
page read and write
|
||
|
17C52FD0000
|
heap
|
page read and write
|
||
|
7FF717568000
|
unkown
|
page readonly
|
||
|
37A30CB000
|
stack
|
page read and write
|
||
|
19E68BE0000
|
heap
|
page read and write
|
||
|
211C60E5000
|
heap
|
page read and write
|
||
|
1EFE45FD000
|
heap
|
page read and write
|
||
|
1D92B8AE000
|
heap
|
page read and write
|
||
|
7EDAFF000
|
stack
|
page read and write
|
||
|
274B85E0000
|
heap
|
page read and write
|
||
|
40086FB000
|
unkown
|
page read and write
|
||
|
1CE0E8FB000
|
heap
|
page read and write
|
||
|
22F74BA0000
|
heap
|
page read and write
|
||
|
22F769DE000
|
unkown
|
page read and write
|
||
|
2489E145000
|
heap
|
page read and write
|
||
|
1EFE45B0000
|
heap
|
page read and write
|
||
|
E2FF5CE000
|
stack
|
page read and write
|
||
|
22F765A0000
|
heap
|
page read and write
|
||
|
DC473AF000
|
stack
|
page read and write
|
||
|
17C52D3C000
|
heap
|
page read and write
|
||
|
1FD57B90000
|
heap
|
page read and write
|
||
|
2489E4F5000
|
heap
|
page read and write
|
||
|
2D37931D000
|
heap
|
page read and write
|
||
|
17F3CCB3000
|
heap
|
page read and write
|
||
|
36072FE000
|
stack
|
page read and write
|
||
|
2D37E8C4000
|
heap
|
page read and write
|
||
|
1BE24EB0000
|
heap
|
page read and write
|
||
|
17C52D3C000
|
heap
|
page read and write
|
||
|
2ABD1780000
|
heap
|
page read and write
|
||
|
1BE24FB7000
|
heap
|
page read and write
|
||
|
19E68C04000
|
heap
|
page read and write
|
||
|
7FF717521000
|
unkown
|
page execute read
|
||
|
9BEC19F000
|
stack
|
page read and write
|
||
|
13388EB0000
|
heap
|
page read and write
|
||
|
23377C1E000
|
heap
|
page read and write
|
||
|
1FD595A4000
|
heap
|
page read and write
|
||
|
16EB51F5000
|
heap
|
page read and write
|
||
|
2D377AD1000
|
direct allocation
|
page execute and read and write
|
||
|
17F3ECC0000
|
heap
|
page read and write
|
||
|
A3F4AFF000
|
stack
|
page read and write
|
||
|
17F3CCE5000
|
heap
|
page read and write
|
||
|
1A4560CD000
|
heap
|
page read and write
|
||
|
2D379310000
|
heap
|
page read and write
|
||
|
13389240000
|
heap
|
page read and write
|
||
|
8CE2EFA000
|
stack
|
page read and write
|
||
|
3B32F8C000
|
stack
|
page read and write
|
||
|
17F3CB90000
|
heap
|
page read and write
|
||
|
629347F000
|
stack
|
page read and write
|
||
|
17F3CC51000
|
heap
|
page read and write
|
||
|
17C52FD4000
|
heap
|
page read and write
|
||
|
220F47A0000
|
heap
|
page read and write
|
||
|
A34A6FF000
|
stack
|
page read and write
|
||
|
1D698050000
|
heap
|
page read and write
|
||
|
17F3CCB7000
|
heap
|
page read and write
|
||
|
2D377A60000
|
direct allocation
|
page execute and read and write
|
||
|
1A6C2AB0000
|
heap
|
page read and write
|
||
|
1A6C2B10000
|
heap
|
page read and write
|
||
|
1E827FCD000
|
heap
|
page read and write
|
||
|
17F3CCAA000
|
heap
|
page read and write
|
||
|
F260FF7000
|
stack
|
page read and write
|
||
|
22F74AB0000
|
unkown
|
page readonly
|
||
|
1D6980D0000
|
heap
|
page read and write
|
||
|
16EB5208000
|
heap
|
page read and write
|
||
|
270851C8000
|
heap
|
page read and write
|
||
|
965991B000
|
stack
|
page read and write
|
||
|
42BECFF000
|
stack
|
page read and write
|
||
|
20283895000
|
heap
|
page read and write
|
||
|
17F3CC73000
|
heap
|
page read and write
|
||
|
E7E0BFE000
|
stack
|
page read and write
|
||
|
19E68AE0000
|
heap
|
page read and write
|
||
|
17F3CCB7000
|
heap
|
page read and write
|
||
|
22F74BA8000
|
heap
|
page read and write
|
||
|
19E68C5B000
|
heap
|
page read and write
|
||
|
9D1BB1F000
|
stack
|
page read and write
|
||
|
23377C23000
|
heap
|
page read and write
|
||
|
2D379365000
|
heap
|
page read and write
|
||
|
22F76D18000
|
unkown
|
page read and write
|
||
|
36070EF000
|
stack
|
page read and write
|
||
|
220F47FB000
|
heap
|
page read and write
|
||
|
E0F9BCF000
|
stack
|
page read and write
|
||
|
2275F886000
|
heap
|
page read and write
|
||
|
20281F70000
|
heap
|
page read and write
|
||
|
22F76530000
|
unkown
|
page readonly
|
||
|
17F41503000
|
heap
|
page read and write
|
||
|
20281F30000
|
heap
|
page read and write
|
||
|
2ABD185E000
|
heap
|
page read and write
|
||
|
157D5E60000
|
heap
|
page read and write
|
||
|
8CE36FE000
|
stack
|
page read and write
|
||
|
220F47C0000
|
heap
|
page read and write
|
||
|
2314C3CB000
|
heap
|
page read and write
|
||
|
1D14646C000
|
heap
|
page read and write
|
||
|
37A34FF000
|
stack
|
page read and write
|
||
|
17F3CC92000
|
heap
|
page read and write
|
||
|
22F74CA0000
|
unkown
|
page read and write
|
||
|
20281F90000
|
heap
|
page read and write
|
||
|
26B5DD76000
|
heap
|
page read and write
|
||
|
1CE0E902000
|
heap
|
page read and write
|
||
|
1EFE45D5000
|
heap
|
page read and write
|
||
|
629357F000
|
stack
|
page read and write
|
||
|
16EB51FB000
|
heap
|
page read and write
|
||
|
23377C08000
|
heap
|
page read and write
|
||
|
17C52D16000
|
heap
|
page read and write
|
||
|
2314C3A8000
|
heap
|
page read and write
|
||
|
2D377AA0000
|
direct allocation
|
page execute and read and write
|
||
|
17F3CB70000
|
heap
|
page read and write
|
||
|
1D6980DB000
|
heap
|
page read and write
|
||
|
1BE24FD9000
|
heap
|
page read and write
|
||
|
26993710000
|
heap
|
page read and write
|
||
|
2A26FFF000
|
stack
|
page read and write
|
||
|
17C52D30000
|
heap
|
page read and write
|
||
|
1BE24FE1000
|
heap
|
page read and write
|
||
|
1EDEBBB5000
|
heap
|
page read and write
|
||
|
E7E17FE000
|
stack
|
page read and write
|
||
|
1EFE45D5000
|
heap
|
page read and write
|
||
|
2489E120000
|
heap
|
page read and write
|
||
|
2D37938D000
|
heap
|
page read and write
|
||
|
133890B0000
|
heap
|
page read and write
|
||
|
1E827FCD000
|
heap
|
page read and write
|
||
|
F2612FF000
|
stack
|
page read and write
|
||
|
17F3CC94000
|
heap
|
page read and write
|
||
|
19E68BC0000
|
heap
|
page read and write
|
||
|
26993750000
|
heap
|
page read and write
|
||
|
2D379365000
|
heap
|
page read and write
|
||
|
DC4732C000
|
stack
|
page read and write
|
||
|
1FC1E3D0000
|
heap
|
page read and write
|
||
|
F260EFE000
|
stack
|
page read and write
|
||
|
1A6C2AD0000
|
heap
|
page read and write
|
||
|
1A6C2ADE000
|
heap
|
page read and write
|
||
|
18E161A4000
|
heap
|
page read and write
|
||
|
BEC427F000
|
stack
|
page read and write
|
||
|
BCFB50F000
|
stack
|
page read and write
|
||
|
17F41481000
|
heap
|
page read and write
|
||
|
2D37B6C4000
|
heap
|
page read and write
|
||
|
2489E16D000
|
heap
|
page read and write
|
||
|
BEC42FE000
|
stack
|
page read and write
|
||
|
2441A265000
|
heap
|
page read and write
|
||
|
348DE7F000
|
stack
|
page read and write
|
||
|
1D92B868000
|
heap
|
page read and write
|
||
|
2441A00D000
|
heap
|
page read and write
|
||
|
13389245000
|
heap
|
page read and write
|
||
|
9B5BF1C000
|
stack
|
page read and write
|
||
|
2314C330000
|
heap
|
page read and write
|
||
|
1E827FCE000
|
heap
|
page read and write
|
||
|
2E6E5D60000
|
heap
|
page read and write
|
||
|
17F3EAC0000
|
heap
|
page read and write
|
||
|
8A992FF000
|
stack
|
page read and write
|
||
|
2E6E4320000
|
heap
|
page read and write
|
||
|
17F3ECD5000
|
heap
|
page read and write
|
||
|
26B5DD78000
|
heap
|
page read and write
|
||
|
A3F487B000
|
stack
|
page read and write
|
||
|
17F41645000
|
heap
|
page read and write
|
||
|
1BE24FDD000
|
heap
|
page read and write
|
||
|
17F41685000
|
heap
|
page read and write
|
||
|
8A9927B000
|
stack
|
page read and write
|
||
|
2314C3C5000
|
heap
|
page read and write
|
||
|
23377C1E000
|
heap
|
page read and write
|
||
|
23377B30000
|
heap
|
page read and write
|
||
|
22F765A3000
|
heap
|
page read and write
|
||
|
2441A00E000
|
heap
|
page read and write
|
||
|
17C52D25000
|
heap
|
page read and write
|
||
|
1EFE44F0000
|
heap
|
page read and write
|
||
|
1EFE45FD000
|
heap
|
page read and write
|
||
|
17F3CCC7000
|
heap
|
page read and write
|
||
|
17F3ECDC000
|
heap
|
page read and write
|
||
|
16EB5205000
|
heap
|
page read and write
|
||
|
8CE33FE000
|
stack
|
page read and write
|
||
|
23377C1F000
|
heap
|
page read and write
|
||
|
24777624000
|
heap
|
page read and write
|
||
|
36076F9000
|
stack
|
page read and write
|
||
|
42BEB7F000
|
stack
|
page read and write
|
||
|
267D5C000
|
stack
|
page read and write
|
||
|
1CE0E830000
|
heap
|
page read and write
|
||
|
17F3CC18000
|
heap
|
page read and write
|
||
|
2275F896000
|
heap
|
page read and write
|
||
|
2489E16D000
|
heap
|
page read and write
|
||
|
27085243000
|
heap
|
page read and write
|
||
|
E7E03FA000
|
stack
|
page read and write
|
||
|
1EFE4520000
|
heap
|
page read and write
|
||
|
274B85E9000
|
heap
|
page read and write
|
||
|
1D146445000
|
heap
|
page read and write
|
||
|
17F3CC5A000
|
heap
|
page read and write
|
||
|
17F41503000
|
heap
|
page read and write
|
||
|
1E827EE0000
|
heap
|
page read and write
|
||
|
17F415C3000
|
heap
|
page read and write
|
||
|
274B85F0000
|
heap
|
page read and write
|
||
|
2ABD16A0000
|
heap
|
page read and write
|
||
|
1CE0E8E5000
|
heap
|
page read and write
|
||
|
49AC0FB000
|
stack
|
page read and write
|
||
|
17F3CCBA000
|
heap
|
page read and write
|
||
|
1BE24FA8000
|
heap
|
page read and write
|
||
|
17C52D25000
|
heap
|
page read and write
|
||
|
F260DFE000
|
stack
|
page read and write
|
||
|
274B9EF0000
|
heap
|
page read and write
|
||
|
1CE0E835000
|
heap
|
page read and write
|
||
|
22F74E90000
|
unkown
|
page read and write
|
||
|
17C52D3C000
|
heap
|
page read and write
|
||
|
7FF71758D000
|
unkown
|
page readonly
|
||
|
37A347F000
|
stack
|
page read and write
|
||
|
2E6E4370000
|
heap
|
page read and write
|
||
|
1D92B7F0000
|
heap
|
page read and write
|
||
|
17F3CE65000
|
heap
|
page read and write
|
||
|
1D146428000
|
heap
|
page read and write
|
||
|
4BCDF9E000
|
stack
|
page read and write
|
||
|
9659D7F000
|
stack
|
page read and write
|
||
|
2D37936D000
|
heap
|
page read and write
|
||
|
26993757000
|
heap
|
page read and write
|
||
|
157D6070000
|
heap
|
page read and write
|
||
|
1EDEBBDE000
|
heap
|
page read and write
|
||
|
1D92B860000
|
heap
|
page read and write
|
||
|
1BE24FDB000
|
heap
|
page read and write
|
||
|
17C52D42000
|
heap
|
page read and write
|
||
|
1EDEBBD2000
|
heap
|
page read and write
|
||
|
17F41567000
|
heap
|
page read and write
|
||
|
1DC312D0000
|
heap
|
page read and write
|
||
|
1CE0E800000
|
heap
|
page read and write
|
||
|
1A456224000
|
heap
|
page read and write
|
||
|
6E1287C000
|
stack
|
page read and write
|
||
|
1FC1E320000
|
heap
|
page read and write
|
||
|
26B5DD8C000
|
heap
|
page read and write
|
||
|
17F41440000
|
heap
|
page read and write
|
||
|
23377ED0000
|
heap
|
page read and write
|
||
|
E7E11FD000
|
stack
|
page read and write
|
||
|
1A4560CC000
|
heap
|
page read and write
|
||
|
8A994FE000
|
stack
|
page read and write
|
||
|
26B5DD91000
|
heap
|
page read and write
|
There are 955 hidden memdumps, click here to show them.