Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
jUlAlD6KHz.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\VKmo9cHGC7A78S8pIPnaIQM.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\ZC9N6dBzS5ZEt9m1PmZDOPh.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\lj9CfpGnnFdMRw3dXDPtKQ6.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\onJm2E6cdj2U7BbKnzc2Vlq.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\q54ck9WjU916t0raHCeE5cn.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
modified
|
|
|
|
C:\Windows\System32\GroupPolicy\GPT.INI
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MPGPH131.exe_bad933f1aa2e3c73144ad98e72f143d4714c1cc_52206fbe_72e21a19-20bb-408a-a8ff-76ab43e08d38\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MPGPH131.exe_bad933f1aa2e3c73144ad98e72f143d4714c1cc_52206fbe_efa4bbb6-396e-4a98-80f5-fae6e996ea76\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RageMP131.exe_a830bba6823a875cf386378431eaf8cfd5e734b_1e9dd41b_6c24db22-e0be-4ca4-b70f-efe7757bc4c2\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RageMP131.exe_a830bba6823a875cf386378431eaf8cfd5e734b_1e9dd41b_79889955-1a47-4717-8583-b21015b6e2e7\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_jUlAlD6KHz.exe_d53664efc34d47f87f9dc37bed84ef4ccfadcbea_9881b80f_c5625a1f-d959-4692-bb37-3baea7294f5d\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1600.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER162F.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3C43.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Mar 28 20:49:31 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3D2F.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3D4F.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4701.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Mar 28 20:49:33 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER481C.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER483C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4C8.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Mar 28 20:49:17 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER593.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Mar 28 20:49:17 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER640.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER680.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6CD.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER72C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDB2.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Mar 28 20:49:19 2024, 0x1205a4 type
|
dropped
|
||
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobe4u3PTYpFoae8\Cookies\Chrome_Default.txt
|
ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobe4u3PTYpFoae8\information.txt
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobe4u3PTYpFoae8\passwords.txt
|
Unicode text, UTF-8 text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeMmbmgxZ09AYO\Cookies\Chrome_Default.txt
|
ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeMmbmgxZ09AYO\information.txt
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeMmbmgxZ09AYO\passwords.txt
|
Unicode text, UTF-8 text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeeh7qkfi3FIF_\Cookies\Chrome_Default.txt
|
ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeeh7qkfi3FIF_\information.txt
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeeh7qkfi3FIF_\passwords.txt
|
Unicode text, UTF-8 text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobejf0rU8GsOA8H\Cookies\Chrome_Default.txt
|
ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobejf0rU8GsOA8H\information.txt
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobejf0rU8GsOA8H\passwords.txt
|
Unicode text, UTF-8 text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobesP7Gsngn4GEq\Cookies\Chrome_Default.txt
|
ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobesP7Gsngn4GEq\information.txt
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobesP7Gsngn4GEq\passwords.txt
|
Unicode text, UTF-8 text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\02zdBXl47cvzcookies.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\0I1nOMxQEU3fWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\1m5pOEzQEACaWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\3b6N2Xdh3CYwplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\7HhkzNE5WaQhLogin Data For Account
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\88YVj1dsTfQbHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\D87fZN3R3jFeplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\FOvFs9CLTiuXWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\Izomk0T_qmYWLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\OeyY47E9KUTgWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\V1j47P52TLmkCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\b0ailY8QibZVHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\c5g7z2jIxWq1Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\fYGMsjKbelOUHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\hgVGsEfQ9x09Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\ihJ_ik9qeGzrCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\oJlLV2RLrNQ3History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidi4u3PTYpFoae8\vh1x4eS3r8bXWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\02zdBXl47cvzcookies.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\0Z4t08FJyct9History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\0yksjCsmxcB6Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\3b6N2Xdh3CYwplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\9HwqlAJLgkt0Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\D87fZN3R3jFeplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\EH9L22uw0OXNWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\Hsa9dWP5JuyKHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\J10fZ3pDqIs0Login Data For Account
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\QR6D2WTBSsMnWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\TgbdyHK8pe1NWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\ULOoq3U7VD2OWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\VxKjJB6X6MXdWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\bHXrMd07cAFvCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\bz6S8lCUNxeHHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\cLqUZahzyafULogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\oxWGFGLEOb7kLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiMmbmgxZ09AYO\upC9DKhfEaqAHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\02zdBXl47cvzcookies.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\1sOKapTVAUJzHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\3b6N2Xdh3CYwplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\90tY1n5LAioiCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\D87fZN3R3jFeplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\GOzI6DaHt_e4Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\MusJyEihJF98Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\SazE2VI1JGF9Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\V3w4LVfl7VJSWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\aTcgJcTY1REKWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\bwRYcSfm4lBWCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\c8PPw7DqqM4YWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\ghTh9oDq2WjGLogin Data For Account
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\lA5cEXm8d3NMHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\nZ6EIIQmvOS8History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\pPuNFXPePxsyLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\tiRa1p3qn1fRLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidieh7qkfi3FIF_\zGsEAkG4xPBPHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\02zdBXl47cvzcookies.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\3b6N2Xdh3CYwplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\7JkKTTmh_jjVHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\A0SmTJNBjqflCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\D87fZN3R3jFeplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\IqRoKxcmjNqfHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\JUY8wXDJl57DHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\M4JdHvSCi4zAWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\QDUEIK8ip5yOWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\Seou4tH3dF8YCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\UVzneY97LLMqLogin Data For Account
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\X2n6swCXJ031Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\fpoCRozfv6JGLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\n28bw5yXqz7oHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\pg0_gG3aX3rHWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\qpr6XN5mg9uLWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\sJ8RZK7B7JamLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidijf0rU8GsOA8H\zr1v42qVAUMDWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\02zdBXl47cvzcookies.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\3b6N2Xdh3CYwplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\7Xmi9UUhaSI6Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\Aq1fJEYPacGkHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\D87fZN3R3jFeplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\DfTWXkt7bFHWWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\E75_WsHyrfU7History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\Jb5a_iygLCb1Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\L38Flzesp71fWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\LEsaLohVaJvuWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\NqBpbmu1dmFxHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\Qp9cmaUwQuZsWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\StKoooDFzgBNCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\Z2OEYMzZJJXsWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\dBpQJp7JjV8jHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\myprrumyZ5rYLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\uIronNuyFcXpLogin Data For Account
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidisP7Gsngn4GEq\yfihlkFrbVaRLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\rage131MP.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SysWOW64\GroupPolicy\gpt.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\GroupPolicy\Machine\Registry.pol
|
RAGE Package Format (RPF),
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 130 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\jUlAlD6KHz.exe
|
"C:\Users\user\Desktop\jUlAlD6KHz.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7996 -s 1928
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3964 -s 1244
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5440 -s 1840
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7516 -s 2016
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7480 -s 2044
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://193.233.132.167/cost/lenin.exe
|
unknown
|
|
|
|
http://193.233.132.216:57893/hera/amadka.exeom
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43b
|
unknown
|
||
|
https://t.me/RiseProSUPPORTu
|
unknown
|
||
|
https://t.me/risepro_botM
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://193.233.132.167/cost/go.exeLitecoinH8
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43g
|
unknown
|
||
|
https://t.k
|
unknown
|
||
|
https://db-ip.com/
|
unknown
|
||
|
https://ipinfo.io/C:
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exeger
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://t.me/risepro_botW
|
unknown
|
||
|
http://193.233.132.167/cost/go.exenfinitecoin
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.437
|
unknown
|
||
|
https://t.me/risepro_botSS$
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exe.ll
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exe)
|
unknown
|
||
|
https://db-ip.com:443/demo/home.php?s=102.165.48.43
|
unknown
|
||
|
http://193.233.132.167/cost/go.exeunt.live.com
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exeP
|
unknown
|
||
|
http://193.233.132.167/cost/go.exe
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exeS
|
unknown
|
||
|
https://t.me/RiseProSUPPORTW
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exeorynet
|
unknown
|
||
|
https://t.me/RiseProSUPPORTM
|
unknown
|
||
|
https://t.me/RiseProSUPPORTII$=
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://t.me/risepro_botcu
|
unknown
|
||
|
https://t.me/RiseProSUPPORTUR
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43r
|
unknown
|
||
|
https://t.me/RiseProSUPPORTDEFAULT
|
unknown
|
||
|
https://ipinfo.io/l
|
unknown
|
||
|
https://ipinfo.io:443/widget/demo/102.165.48.43
|
unknown
|
||
|
https://t.me/risepro_botrisepro
|
unknown
|
||
|
http://193.233.132.167/cost/go.exeamadka.
|
unknown
|
||
|
http://193.233.132.216:57893/hera/amadka.exeP-B;
|
unknown
|
||
|
http://193.233.132.216:57893/hera/amadka.exe
|
unknown
|
||
|
https://support.mozilla.org/products/firefoxgro.allizom.troppus.S3DiLP_FhcLK
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exeUser
|
unknown
|
||
|
https://db-ip.com/F
|
unknown
|
||
|
https://t.me/risepro_botSS
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.43
|
104.26.5.15
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://t.me/RiseProSUPPORTQd
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exenal
|
unknown
|
||
|
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://t.me/RiseProSUPPORT
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exei
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://ipinfo.io/Mozilla/5.0
|
unknown
|
||
|
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exem
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://t.me/risepro_bot
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exe~
|
unknown
|
||
|
http://193.233.132.216:57893/hera/amadka.exe43
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43B
|
unknown
|
||
|
https://t.me/risepro_botlater
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exe
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exet
|
unknown
|
||
|
http://193.233.132.216:57893/hera/amadka.exeomW
|
unknown
|
||
|
https://ipinfo.io/
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43G
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.43S
|
unknown
|
||
|
https://www.maxmind.com/en/locate-my-ip-address
|
unknown
|
||
|
https://db-ip.com:443/demo/home.php?s=102.165.48.43Q
|
unknown
|
||
|
https://db-ip.com:443/demo/home.php?s=102.165.48.43P
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43N
|
unknown
|
||
|
https://t.me/RiseProSUPPORTQQT
|
unknown
|
||
|
http://193.233.132.216:57893/hera/amadka.exeta
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43
|
34.117.186.192
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
http://193.233.132.167/cost/go.exe)
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exeka.exeomr
|
unknown
|
||
|
https://support.mozilla.org
|
unknown
|
||
|
https://ipinfo.io/-
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://t.me/risepro_botu
|
unknown
|
||
|
http://193.233.132.216:57893/hera/amadka.exe43A
|
unknown
|
||
|
https://t.me/risepro_botp
|
unknown
|
There are 75 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ipinfo.io
|
34.117.186.192
|
||
|
db-ip.com
|
104.26.5.15
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.233.132.74
|
unknown
|
Russian Federation
|
|
|
|
34.117.186.192
|
ipinfo.io
|
United States
|
||
|
104.26.5.15
|
db-ip.com
|
United States
|
||
|
172.67.75.166
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions
|
Exclusions_Extensions
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions\Extensions
|
exe
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableAntiSpyware
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableRoutinelyTakingAction
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableBehaviorMonitoring
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableOnAccessProtection
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableScanOnRealtimeEnable
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRealtimeMonitoring
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableIOAVProtection
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{0C52D293-93AF-4DB3-8012-32E2FB2DAC51}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRawWriteNotification
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableAntiSpyware
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableRoutinelyTakingAction
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions
|
Exclusions_Extensions
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions\Extensions
|
exe
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableBehaviorMonitoring
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableOnAccessProtection
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableScanOnRealtimeEnable
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRealtimeMonitoring
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableIOAVProtection
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{796A6376-0454-455F-AACF-D926BD4DD768}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRawWriteNotification
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableAntiSpyware
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableRoutinelyTakingAction
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions
|
Exclusions_Extensions
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions\Extensions
|
exe
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableBehaviorMonitoring
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableOnAccessProtection
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableScanOnRealtimeEnable
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRealtimeMonitoring
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableIOAVProtection
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{642526A1-CA57-422E-8196-D9D6C17E634B}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRawWriteNotification
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RageMP131
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
ProgramId
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
FileId
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
LongPathHash
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
Name
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
OriginalFileName
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
Publisher
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
Version
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
BinFileVersion
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
BinaryType
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
ProductName
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
ProductVersion
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
LinkDate
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
BinProductVersion
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
Size
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
Language
|
||
|
\REGISTRY\A\{84f4576a-cb0f-7468-4893-79ef526fea92}\Root\InventoryApplicationFile\julald6khz.exe|b673d07e7765b66c
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
ProgramId
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
FileId
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
LongPathHash
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Name
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
OriginalFileName
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Publisher
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Version
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
BinFileVersion
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
BinaryType
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
ProductName
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
ProductVersion
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
LinkDate
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
BinProductVersion
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Size
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Language
|
||
|
\REGISTRY\A\{a6cafb5a-db5f-edb4-0125-f2dfa52c4f35}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C00C6D8FE690
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
There are 64 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1145000
|
heap
|
page read and write
|
|
|
|
165E000
|
heap
|
page read and write
|
|
|
|
1543000
|
heap
|
page read and write
|
|
|
|
5D3F000
|
heap
|
page read and write
|
|
|
|
EE5000
|
heap
|
page read and write
|
|
|
|
6210000
|
heap
|
page read and write
|
|
|
|
1145000
|
heap
|
page read and write
|
|
|
|
14ED000
|
heap
|
page read and write
|
|
|
|
E1D000
|
heap
|
page read and write
|
|
|
|
148E000
|
heap
|
page read and write
|
|
|
|
6246000
|
heap
|
page read and write
|
|
|
|
A8B000
|
heap
|
page read and write
|
|
|
|
108A000
|
heap
|
page read and write
|
|
|
|
1424000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
638F000
|
heap
|
page read and write
|
||
|
6267000
|
heap
|
page read and write
|
||
|
D41000
|
unkown
|
page execute and write copy
|
||
|
14DB000
|
heap
|
page read and write
|
||
|
439F000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
627B000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4AEF000
|
stack
|
page read and write
|
||
|
5E1D000
|
heap
|
page read and write
|
||
|
5D54000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
626E000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
14D5000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
6387000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
D41000
|
unkown
|
page execute and read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
639E000
|
heap
|
page read and write
|
||
|
63AC000
|
heap
|
page read and write
|
||
|
5DF1000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
371E000
|
stack
|
page read and write
|
||
|
5D4D000
|
heap
|
page read and write
|
||
|
5D6B000
|
heap
|
page read and write
|
||
|
4FC0000
|
direct allocation
|
page execute and read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
636E000
|
heap
|
page read and write
|
||
|
16A1000
|
heap
|
page read and write
|
||
|
10FB000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
D41000
|
unkown
|
page execute and write copy
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
5E0D000
|
heap
|
page read and write
|
||
|
2C57000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D1D000
|
heap
|
page read and write
|
||
|
5DAB000
|
heap
|
page read and write
|
||
|
62A6000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
D41000
|
unkown
|
page execute and write copy
|
||
|
624F000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
5D55000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
148A000
|
heap
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
831000
|
unkown
|
page execute and read and write
|
||
|
49C0000
|
heap
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
63BD000
|
heap
|
page read and write
|
||
|
5360000
|
direct allocation
|
page execute and read and write
|
||
|
5D00000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
629A000
|
heap
|
page read and write
|
||
|
5D9E000
|
heap
|
page read and write
|
||
|
4E9B000
|
stack
|
page read and write
|
||
|
D42000
|
unkown
|
page execute and write copy
|
||
|
638E000
|
heap
|
page read and write
|
||
|
3D6E000
|
stack
|
page read and write
|
||
|
15B7000
|
heap
|
page read and write
|
||
|
5D4F000
|
heap
|
page read and write
|
||
|
4F00000
|
direct allocation
|
page execute and read and write
|
||
|
4EC0000
|
direct allocation
|
page execute and read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
40EF000
|
stack
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
5D28000
|
heap
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
6265000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
93B000
|
stack
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
5D8F000
|
heap
|
page read and write
|
||
|
5C3F000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
386E000
|
stack
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
6392000
|
heap
|
page read and write
|
||
|
5DDD000
|
heap
|
page read and write
|
||
|
638E000
|
heap
|
page read and write
|
||
|
3ADE000
|
stack
|
page read and write
|
||
|
5D5E000
|
heap
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
A81000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
13DE000
|
stack
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
309F000
|
stack
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
429E000
|
stack
|
page read and write
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
440000
|
unkown
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
43DE000
|
stack
|
page read and write
|
||
|
832000
|
unkown
|
page execute and write copy
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
629E000
|
heap
|
page read and write
|
||
|
5DE4000
|
heap
|
page read and write
|
||
|
5D6B000
|
heap
|
page read and write
|
||
|
63E7000
|
heap
|
page read and write
|
||
|
5DFD000
|
heap
|
page read and write
|
||
|
3E9E000
|
stack
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D58000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page execute and read and write
|
||
|
5DD9000
|
heap
|
page read and write
|
||
|
4F40000
|
direct allocation
|
page execute and read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
436F000
|
stack
|
page read and write
|
||
|
5D1E000
|
heap
|
page read and write
|
||
|
63AD000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
1163000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5440000
|
direct allocation
|
page execute and read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
9D3000
|
heap
|
page read and write
|
||
|
5490000
|
direct allocation
|
page execute and read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
5D51000
|
heap
|
page read and write
|
||
|
5DFD000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
5DED000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
CFB000
|
stack
|
page read and write
|
||
|
5D51000
|
heap
|
page read and write
|
||
|
5DD1000
|
heap
|
page read and write
|
||
|
5DE0000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
6272000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
5D67000
|
heap
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
41CE000
|
stack
|
page read and write
|
||
|
5D2C000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
2F5F000
|
stack
|
page read and write
|
||
|
5230000
|
direct allocation
|
page read and write
|
||
|
5D4B000
|
heap
|
page read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
638C000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
50C0000
|
direct allocation
|
page execute and read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
2F9C000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
5D6E000
|
heap
|
page read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
5D5D000
|
heap
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
6383000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
623A000
|
heap
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
5420000
|
direct allocation
|
page execute and read and write
|
||
|
63D9000
|
heap
|
page read and write
|
||
|
3D1F000
|
stack
|
page read and write
|
||
|
6245000
|
heap
|
page read and write
|
||
|
331F000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5880000
|
remote allocation
|
page read and write
|
||
|
E6E000
|
unkown
|
page execute and read and write
|
||
|
5DD9000
|
heap
|
page read and write
|
||
|
4F70000
|
direct allocation
|
page execute and read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
E6E000
|
unkown
|
page execute and read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
321E000
|
stack
|
page read and write
|
||
|
4EE0000
|
direct allocation
|
page execute and read and write
|
||
|
6270000
|
heap
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
4F30000
|
direct allocation
|
page execute and read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
5D76000
|
heap
|
page read and write
|
||
|
5BFE000
|
stack
|
page read and write
|
||
|
F02000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
10E3000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
6249000
|
heap
|
page read and write
|
||
|
345F000
|
stack
|
page read and write
|
||
|
5D77000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5D57000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
A7E000
|
unkown
|
page execute and read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
6246000
|
heap
|
page read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
5D72000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page read and write
|
||
|
5D4F000
|
heap
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
5D54000
|
heap
|
page read and write
|
||
|
54B0000
|
direct allocation
|
page execute and read and write
|
||
|
5840000
|
remote allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
6265000
|
heap
|
page read and write
|
||
|
56C6000
|
heap
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
4DA0000
|
direct allocation
|
page read and write
|
||
|
5D4D000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
624D000
|
heap
|
page read and write
|
||
|
4C5F000
|
stack
|
page read and write
|
||
|
5D67000
|
heap
|
page read and write
|
||
|
D33000
|
unkown
|
page execute and read and write
|
||
|
5D58000
|
heap
|
page read and write
|
||
|
4B1F000
|
stack
|
page read and write
|
||
|
3E5F000
|
stack
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
5E29000
|
heap
|
page read and write
|
||
|
4F90000
|
direct allocation
|
page execute and read and write
|
||
|
5880000
|
remote allocation
|
page read and write
|
||
|
3A0F000
|
stack
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
5D52000
|
heap
|
page read and write
|
||
|
54B0000
|
direct allocation
|
page execute and read and write
|
||
|
623A000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
5D7E000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
2F70000
|
direct allocation
|
page read and write
|
||
|
624B000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
45DF000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D4B000
|
heap
|
page read and write
|
||
|
2BFF000
|
stack
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page read and write
|
||
|
56CF000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DEB000
|
heap
|
page read and write
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
5D9E000
|
heap
|
page read and write
|
||
|
479E000
|
stack
|
page read and write
|
||
|
4FD0000
|
direct allocation
|
page execute and read and write
|
||
|
35DE000
|
stack
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
172C000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
3E9E000
|
stack
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
5DF2000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
63A5000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
535D000
|
stack
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
5DCA000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
5050000
|
direct allocation
|
page execute and read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
5D07000
|
heap
|
page read and write
|
||
|
1734000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
626B000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
56EF000
|
stack
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
359F000
|
stack
|
page read and write
|
||
|
62A5000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
5DE3000
|
heap
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
30DF000
|
stack
|
page read and write
|
||
|
5D55000
|
heap
|
page read and write
|
||
|
10F6000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
1576000
|
heap
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
5D55000
|
heap
|
page read and write
|
||
|
5D66000
|
heap
|
page read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
639C000
|
heap
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
D40000
|
unkown
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page execute and read and write
|
||
|
5D6A000
|
heap
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
5D7C000
|
heap
|
page read and write
|
||
|
1735000
|
heap
|
page read and write
|
||
|
63A9000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
3F9F000
|
stack
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
63A8000
|
heap
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
remote allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
63B6000
|
heap
|
page read and write
|
||
|
5000000
|
direct allocation
|
page execute and read and write
|
||
|
5D77000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5DA8000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
63C2000
|
heap
|
page read and write
|
||
|
5DF7000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
421F000
|
stack
|
page read and write
|
||
|
9D6000
|
unkown
|
page execute and read and write
|
||
|
451E000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page read and write
|
||
|
5D5B000
|
heap
|
page read and write
|
||
|
639B000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
3BDF000
|
stack
|
page read and write
|
||
|
5380000
|
direct allocation
|
page execute and read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
9DB000
|
stack
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5460000
|
direct allocation
|
page execute and read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
5D1B000
|
heap
|
page read and write
|
||
|
371E000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
332F000
|
stack
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
63AD000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
6387000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
639B000
|
heap
|
page read and write
|
||
|
439E000
|
stack
|
page read and write
|
||
|
5D55000
|
heap
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
E73000
|
unkown
|
page write copy
|
||
|
623B000
|
heap
|
page read and write
|
||
|
629A000
|
heap
|
page read and write
|
||
|
5DCA000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
5D73000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5D5D000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
63BC000
|
heap
|
page read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
173F000
|
heap
|
page read and write
|
||
|
574D000
|
stack
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
5790000
|
heap
|
page read and write
|
||
|
623E000
|
heap
|
page read and write
|
||
|
6249000
|
heap
|
page read and write
|
||
|
624F000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
6399000
|
heap
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
4FAF000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
951000
|
unkown
|
page execute and write copy
|
||
|
1165000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
5D1C000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
6281000
|
heap
|
page read and write
|
||
|
3F0F000
|
stack
|
page read and write
|
||
|
4F80000
|
direct allocation
|
page execute and read and write
|
||
|
5010000
|
direct allocation
|
page execute and read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
950000
|
unkown
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
10D2000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
6256000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
610E000
|
stack
|
page read and write
|
||
|
4F60000
|
direct allocation
|
page execute and read and write
|
||
|
595E000
|
stack
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
5D44000
|
heap
|
page read and write
|
||
|
5D8A000
|
heap
|
page read and write
|
||
|
359F000
|
stack
|
page read and write
|
||
|
5B9F000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
2E5F000
|
stack
|
page read and write
|
||
|
396F000
|
stack
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
27FF000
|
unkown
|
page read and write
|
||
|
BDD000
|
stack
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5DCA000
|
heap
|
page read and write
|
||
|
3D5E000
|
stack
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
6253000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
63AC000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
5D1B000
|
heap
|
page read and write
|
||
|
381F000
|
stack
|
page read and write
|
||
|
638F000
|
heap
|
page read and write
|
||
|
5D25000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
117C000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
5FDE000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
390E000
|
stack
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
5DCC000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
47CF000
|
stack
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page read and write
|
||
|
577000
|
unkown
|
page execute and read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
157D000
|
heap
|
page read and write
|
||
|
2F70000
|
direct allocation
|
page read and write
|
||
|
1151000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
111A000
|
unkown
|
page execute and read and write
|
||
|
468F000
|
stack
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
EE6000
|
unkown
|
page execute and read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
6382000
|
heap
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
63BD000
|
heap
|
page read and write
|
||
|
5440000
|
direct allocation
|
page execute and read and write
|
||
|
3E5F000
|
stack
|
page read and write
|
||
|
5460000
|
direct allocation
|
page execute and read and write
|
||
|
5D4A000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
5D5E000
|
heap
|
page read and write
|
||
|
4FB0000
|
direct allocation
|
page execute and read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4D9F000
|
stack
|
page read and write
|
||
|
173F000
|
heap
|
page read and write
|
||
|
2F5F000
|
stack
|
page read and write
|
||
|
3ADF000
|
stack
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
4F00000
|
direct allocation
|
page execute and read and write
|
||
|
54CD000
|
heap
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
2F97000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5030000
|
direct allocation
|
page execute and read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
5D11000
|
heap
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
157A000
|
heap
|
page read and write
|
||
|
5D4C000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D5F000
|
heap
|
page read and write
|
||
|
1543000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
5840000
|
remote allocation
|
page read and write
|
||
|
639D000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
4910000
|
heap
|
page read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
63D1000
|
heap
|
page read and write
|
||
|
63B6000
|
heap
|
page read and write
|
||
|
49DF000
|
stack
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
368E000
|
stack
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
174B000
|
heap
|
page read and write
|
||
|
624C000
|
heap
|
page read and write
|
||
|
10BC000
|
heap
|
page read and write
|
||
|
59BD000
|
stack
|
page read and write
|
||
|
5DCF000
|
heap
|
page read and write
|
||
|
490F000
|
stack
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
411E000
|
stack
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5A9D000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
639C000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
B54000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
4860000
|
heap
|
page read and write
|
||
|
5380000
|
direct allocation
|
page execute and read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
2C0C000
|
stack
|
page read and write
|
||
|
5D4D000
|
heap
|
page read and write
|
||
|
831000
|
unkown
|
page execute and write copy
|
||
|
7DD000
|
unkown
|
page execute and read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
950000
|
unkown
|
page readonly
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5210000
|
remote allocation
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
4FA0000
|
direct allocation
|
page execute and read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
direct allocation
|
page execute and read and write
|
||
|
B0B000
|
stack
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
435F000
|
stack
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D56000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
44AF000
|
stack
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
4D3C000
|
stack
|
page read and write
|
||
|
16BE000
|
heap
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
335E000
|
stack
|
page read and write
|
||
|
5D41000
|
heap
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
5DC4000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
5D66000
|
heap
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
3C1E000
|
stack
|
page read and write
|
||
|
583D000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
4B2E000
|
stack
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
5DE6000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
3DCF000
|
stack
|
page read and write
|
||
|
624C000
|
heap
|
page read and write
|
||
|
5220000
|
direct allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
63AA000
|
heap
|
page read and write
|
||
|
38CF000
|
stack
|
page read and write
|
||
|
454F000
|
stack
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
36DF000
|
stack
|
page read and write
|
||
|
6277000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5DD9000
|
heap
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
CED000
|
stack
|
page read and write
|
||
|
A83000
|
unkown
|
page write copy
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
4F50000
|
direct allocation
|
page execute and read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
1738000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
5DF9000
|
heap
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
331F000
|
stack
|
page read and write
|
||
|
63AF000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
5D1A000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
14C8000
|
heap
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
5DFD000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5220000
|
direct allocation
|
page read and write
|
||
|
627A000
|
heap
|
page read and write
|
||
|
4EA0000
|
direct allocation
|
page execute and read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
6240000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
5D9A000
|
heap
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
36EF000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
6256000
|
heap
|
page read and write
|
||
|
5E2D000
|
stack
|
page read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
5E29000
|
heap
|
page read and write
|
||
|
411E000
|
stack
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
26BE000
|
unkown
|
page read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
E91000
|
heap
|
page read and write
|
||
|
F06000
|
heap
|
page read and write
|
||
|
441000
|
unkown
|
page execute and write copy
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
831000
|
unkown
|
page execute and read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
1123000
|
unkown
|
page execute and read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
5E29000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
623A000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
638C000
|
heap
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
6256000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
1123000
|
unkown
|
page execute and read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
5D84000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
6245000
|
heap
|
page read and write
|
||
|
F7B000
|
stack
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
485F000
|
stack
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
5D1C000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
5DF0000
|
heap
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
4F10000
|
direct allocation
|
page execute and read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
823000
|
unkown
|
page execute and read and write
|
||
|
311B000
|
stack
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
475E000
|
stack
|
page read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5D52000
|
heap
|
page read and write
|
||
|
441000
|
unkown
|
page execute and read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5D9A000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
163C000
|
stack
|
page read and write
|
||
|
5D56000
|
heap
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
5D52000
|
heap
|
page read and write
|
||
|
5FD0000
|
trusted library allocation
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5D58000
|
heap
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
165A000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
5D1B000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
157C000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
A82000
|
heap
|
page read and write
|
||
|
624C000
|
heap
|
page read and write
|
||
|
6387000
|
heap
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
5D6C000
|
heap
|
page read and write
|
||
|
45DF000
|
stack
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
4FF0000
|
direct allocation
|
page execute and read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
157C000
|
heap
|
page read and write
|
||
|
5410000
|
direct allocation
|
page execute and read and write
|
||
|
624B000
|
heap
|
page read and write
|
||
|
582F000
|
stack
|
page read and write
|
||
|
157C000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
6252000
|
heap
|
page read and write
|
||
|
5D64000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
3C8F000
|
stack
|
page read and write
|
||
|
63A9000
|
heap
|
page read and write
|
||
|
9D6000
|
unkown
|
page execute and read and write
|
||
|
63B3000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
3D5F000
|
stack
|
page read and write
|
||
|
623E000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
6271000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
58FF000
|
stack
|
page read and write
|
||
|
6285000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
461F000
|
stack
|
page read and write
|
||
|
D40000
|
unkown
|
page read and write
|
||
|
637A000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
489E000
|
stack
|
page read and write
|
||
|
A83000
|
unkown
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
63AE000
|
heap
|
page read and write
|
||
|
5D01000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
5D9B000
|
heap
|
page read and write
|
||
|
639A000
|
heap
|
page read and write
|
||
|
5D5B000
|
heap
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
16A9000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
5D52000
|
heap
|
page read and write
|
||
|
5D3A000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
55BD000
|
stack
|
page read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
5480000
|
direct allocation
|
page execute and read and write
|
||
|
5D1C000
|
heap
|
page read and write
|
||
|
5DDC000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
5DC4000
|
heap
|
page read and write
|
||
|
6226000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5910000
|
remote allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
1734000
|
heap
|
page read and write
|
||
|
345F000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D5D000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
63BC000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
2A9F000
|
unkown
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
461E000
|
stack
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
5220000
|
direct allocation
|
page read and write
|
||
|
5D63000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5B9E000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
2A5E000
|
unkown
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
5D6B000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
5DCF000
|
heap
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
5D84000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
14CC000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D42000
|
heap
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
63E2000
|
heap
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
53A0000
|
direct allocation
|
page execute and read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
4F8D000
|
direct allocation
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
EFB000
|
stack
|
page read and write
|
||
|
63C8000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5D7F000
|
heap
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
4D6F000
|
stack
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5D4C000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
6277000
|
heap
|
page read and write
|
||
|
63E2000
|
heap
|
page read and write
|
||
|
1132000
|
unkown
|
page execute and write copy
|
||
|
5060000
|
direct allocation
|
page execute and read and write
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
56CE000
|
stack
|
page read and write
|
||
|
5D47000
|
heap
|
page read and write
|
||
|
364F000
|
stack
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
142E000
|
stack
|
page read and write
|
||
|
63BC000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4E2D000
|
direct allocation
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
50A0000
|
direct allocation
|
page execute and read and write
|
||
|
5D73000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
462E000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
6272000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
E55000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
5DFE000
|
heap
|
page read and write
|
||
|
5D00000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5D1B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D41000
|
heap
|
page read and write
|
||
|
5D54000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
6F7000
|
unkown
|
page execute and read and write
|
||
|
5D8F000
|
heap
|
page read and write
|
||
|
6392000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
382F000
|
stack
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
5080000
|
direct allocation
|
page execute and read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
623E000
|
heap
|
page read and write
|
||
|
440F000
|
stack
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
5D54000
|
heap
|
page read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
6271000
|
heap
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5D8D000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
5DA3000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
2C3B000
|
heap
|
page read and write
|
||
|
53BE000
|
stack
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
503F000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
10C3000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page read and write
|
||
|
57CF000
|
stack
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
3E9F000
|
stack
|
page read and write
|
||
|
5DE0000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
FF7000
|
unkown
|
page execute and read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
832000
|
unkown
|
page execute and write copy
|
||
|
984000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
2B5B000
|
stack
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D4C000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D5A000
|
heap
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
55AD000
|
stack
|
page read and write
|
||
|
3FDE000
|
stack
|
page read and write
|
||
|
E5A000
|
heap
|
page read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
10BC000
|
heap
|
page read and write
|
||
|
5D76000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
E6D000
|
heap
|
page read and write
|
||
|
5D93000
|
heap
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
A8B000
|
heap
|
page read and write
|
||
|
536F000
|
stack
|
page read and write
|
||
|
639D000
|
heap
|
page read and write
|
||
|
449F000
|
stack
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
639B000
|
heap
|
page read and write
|
||
|
63C2000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
5D6A000
|
heap
|
page read and write
|
||
|
951000
|
unkown
|
page execute and read and write
|
||
|
6272000
|
heap
|
page read and write
|
||
|
529F000
|
stack
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
172C000
|
heap
|
page read and write
|
||
|
5D93000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D4F000
|
heap
|
page read and write
|
||
|
471F000
|
stack
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
53A0000
|
direct allocation
|
page execute and read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5CEF000
|
stack
|
page read and write
|
||
|
5D34000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
5D90000
|
heap
|
page read and write
|
||
|
153A000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
626B000
|
heap
|
page read and write
|
||
|
50F0000
|
direct allocation
|
page execute and read and write
|
||
|
385E000
|
stack
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
5D83000
|
heap
|
page read and write
|
||
|
6249000
|
heap
|
page read and write
|
||
|
5D73000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D65000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
A57000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
638C000
|
heap
|
page read and write
|
||
|
5DC4000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
5D74000
|
heap
|
page read and write
|
||
|
54DA000
|
heap
|
page read and write
|
||
|
626E000
|
heap
|
page read and write
|
||
|
E6B000
|
heap
|
page read and write
|
||
|
63C3000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
623B000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
425F000
|
stack
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
623E000
|
heap
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
6F7000
|
unkown
|
page execute and read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
5D5D000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
6251000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
411F000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
5BBF000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
5DAB000
|
heap
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
1568000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
276D000
|
stack
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
81A000
|
unkown
|
page execute and read and write
|
||
|
4CF0000
|
direct allocation
|
page read and write
|
||
|
63B3000
|
heap
|
page read and write
|
||
|
48DE000
|
stack
|
page read and write
|
||
|
5480000
|
direct allocation
|
page execute and read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
627A000
|
heap
|
page read and write
|
||
|
4FC0000
|
direct allocation
|
page execute and read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
C6B000
|
stack
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D97000
|
heap
|
page read and write
|
||
|
1694000
|
heap
|
page read and write
|
||
|
4B5E000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
5D6F000
|
heap
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
4FB0000
|
direct allocation
|
page execute and read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
3F4E000
|
stack
|
page read and write
|
||
|
5D73000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
4F9F000
|
stack
|
page read and write
|
||
|
60DF000
|
stack
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
46CE000
|
stack
|
page read and write
|
||
|
399F000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
48AE000
|
stack
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
63A5000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
441000
|
unkown
|
page execute and write copy
|
||
|
54A0000
|
direct allocation
|
page execute and read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
F01000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
E73000
|
unkown
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
58B0000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5DF5000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
169A000
|
heap
|
page read and write
|
||
|
154B000
|
heap
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
56BD000
|
stack
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5D66000
|
heap
|
page read and write
|
||
|
5DD1000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
5D51000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
568D000
|
stack
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
A7F000
|
heap
|
page read and write
|
||
|
63C2000
|
heap
|
page read and write
|
||
|
174B000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
4870000
|
heap
|
page read and write
|
||
|
472F000
|
stack
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DD3000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
628A000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5400000
|
direct allocation
|
page execute and read and write
|
||
|
6267000
|
heap
|
page read and write
|
||
|
5D58000
|
heap
|
page read and write
|
||
|
37CE000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5840000
|
remote allocation
|
page read and write
|
||
|
6285000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
1738000
|
heap
|
page read and write
|
||
|
638C000
|
heap
|
page read and write
|
||
|
10CB000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
6368000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
389E000
|
stack
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
6249000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
5D6C000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
628B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
63EE000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
401E000
|
stack
|
page read and write
|
||
|
CED000
|
unkown
|
page execute and read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5400000
|
direct allocation
|
page execute and read and write
|
||
|
5010000
|
direct allocation
|
page execute and read and write
|
||
|
5D4C000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
636F000
|
heap
|
page read and write
|
||
|
5370000
|
direct allocation
|
page execute and read and write
|
||
|
627B000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
9BB000
|
heap
|
page read and write
|
||
|
1537000
|
heap
|
page read and write
|
||
|
1543000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
E5C000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
6399000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5360000
|
remote allocation
|
page read and write
|
||
|
6230000
|
heap
|
page read and write
|
||
|
5D8F000
|
heap
|
page read and write
|
||
|
435F000
|
stack
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
5DCC000
|
heap
|
page read and write
|
||
|
5D93000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
174D000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
626E000
|
heap
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
5D5D000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
6387000
|
heap
|
page read and write
|
||
|
3EAE000
|
stack
|
page read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
5ABD000
|
stack
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
5D57000
|
heap
|
page read and write
|
||
|
309F000
|
stack
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
1131000
|
unkown
|
page execute and read and write
|
||
|
54A0000
|
direct allocation
|
page execute and read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
5D64000
|
heap
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
5D76000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5D63000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
623A000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
5D9E000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
5D5A000
|
heap
|
page read and write
|
||
|
5D53000
|
heap
|
page read and write
|
||
|
535D000
|
direct allocation
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D7E000
|
heap
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5DE8000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
C07000
|
unkown
|
page execute and read and write
|
||
|
173C000
|
heap
|
page read and write
|
||
|
5DE4000
|
heap
|
page read and write
|
||
|
439E000
|
stack
|
page read and write
|
||
|
1713000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
624B000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
637D000
|
heap
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
5D6F000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D47000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5D5B000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
E77000
|
unkown
|
page execute and read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
5D18000
|
heap
|
page read and write
|
||
|
3A9F000
|
stack
|
page read and write
|
||
|
5D70000
|
heap
|
page read and write
|
||
|
5C7E000
|
stack
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5D4D000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5DE8000
|
heap
|
page read and write
|
||
|
5DCF000
|
heap
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
639A000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
FF7000
|
unkown
|
page execute and read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
5210000
|
remote allocation
|
page read and write
|
||
|
5D6C000
|
heap
|
page read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
408E000
|
stack
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D5F000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
5D1C000
|
heap
|
page read and write
|
||
|
5D64000
|
heap
|
page read and write
|
||
|
624C000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
1568000
|
heap
|
page read and write
|
||
|
5D2D000
|
stack
|
page read and write
|
||
|
5D65000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
3D9E000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
2AD7000
|
heap
|
page read and write
|
||
|
12D6000
|
unkown
|
page execute and read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
4F70000
|
direct allocation
|
page execute and read and write
|
||
|
5D66000
|
heap
|
page read and write
|
||
|
63A5000
|
heap
|
page read and write
|
||
|
45D000
|
stack
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
63C7000
|
heap
|
page read and write
|
||
|
2C5D000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
14D4000
|
heap
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
5D1B000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
4E70000
|
direct allocation
|
page execute and read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
1738000
|
heap
|
page read and write
|
||
|
5D98000
|
heap
|
page read and write
|
||
|
63B3000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
623A000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
399E000
|
stack
|
page read and write
|
||
|
60C0000
|
trusted library allocation
|
page read and write
|
||
|
49A000
|
stack
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
3BEF000
|
stack
|
page read and write
|
||
|
E57000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
629A000
|
heap
|
page read and write
|
||
|
5D6C000
|
heap
|
page read and write
|
||
|
5D7F000
|
heap
|
page read and write
|
||
|
6246000
|
heap
|
page read and write
|
||
|
5DF0000
|
heap
|
page read and write
|
||
|
5D4F000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
5040000
|
direct allocation
|
page execute and read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
5DEB000
|
heap
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
3EDE000
|
stack
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
395F000
|
stack
|
page read and write
|
||
|
623B000
|
heap
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
3FDE000
|
stack
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
4AC0000
|
trusted library allocation
|
page read and write
|
||
|
5D62000
|
heap
|
page read and write
|
||
|
26CB000
|
heap
|
page read and write
|
||
|
385E000
|
stack
|
page read and write
|
||
|
3FEE000
|
stack
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
63AE000
|
heap
|
page read and write
|
||
|
300F000
|
stack
|
page read and write
|
||
|
63C2000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
14D2000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
458E000
|
stack
|
page read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
5D4D000
|
heap
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
381F000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
421F000
|
stack
|
page read and write
|
||
|
173C000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
4AB0000
|
heap
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
6399000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
5880000
|
remote allocation
|
page read and write
|
||
|
10C1000
|
heap
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
5DCD000
|
heap
|
page read and write
|
||
|
1131000
|
unkown
|
page execute and read and write
|
||
|
6256000
|
heap
|
page read and write
|
||
|
4FF0000
|
direct allocation
|
page execute and read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
6258000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
40DF000
|
stack
|
page read and write
|
||
|
63B3000
|
heap
|
page read and write
|
||
|
5D65000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
5D4F000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
6263000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5D54000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
5D00000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
117A000
|
heap
|
page read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
5E1D000
|
heap
|
page read and write
|
||
|
12FB000
|
stack
|
page read and write
|
||
|
5DE9000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
3E0E000
|
stack
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
direct allocation
|
page execute and read and write
|
||
|
5360000
|
remote allocation
|
page read and write
|
||
|
3B8E000
|
stack
|
page read and write
|
||
|
3CCE000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5DFE000
|
heap
|
page read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
5D90000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
3A9F000
|
stack
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
16A3000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
63BA000
|
heap
|
page read and write
|
||
|
5F7F000
|
stack
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
5DFF000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5CDF000
|
stack
|
page read and write
|
||
|
5D65000
|
heap
|
page read and write
|
||
|
6227000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
10DD000
|
unkown
|
page execute and read and write
|
||
|
5E21000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
1551000
|
heap
|
page read and write
|
||
|
E77000
|
unkown
|
page execute and read and write
|
||
|
4FD0000
|
direct allocation
|
page execute and read and write
|
||
|
1697000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
direct allocation
|
page execute and read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
3B4F000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
6366000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
639B000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
5DF1000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
9D1000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
1485000
|
heap
|
page read and write
|
||
|
5D9B000
|
heap
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
6394000
|
heap
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
350F000
|
stack
|
page read and write
|
||
|
117C000
|
heap
|
page read and write
|
||
|
5D5B000
|
heap
|
page read and write
|
||
|
5D62000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
4C6E000
|
stack
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
1131000
|
unkown
|
page execute and write copy
|
||
|
984000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
157C000
|
heap
|
page read and write
|
||
|
6256000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
E1A000
|
heap
|
page read and write
|
||
|
639A000
|
heap
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
63EF000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
4F2D000
|
stack
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
573000
|
unkown
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
10D8000
|
heap
|
page read and write
|
||
|
5D57000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
624B000
|
heap
|
page read and write
|
||
|
5D7C000
|
heap
|
page read and write
|
||
|
399E000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
174D000
|
heap
|
page read and write
|
||
|
5DAB000
|
heap
|
page read and write
|
||
|
63EF000
|
heap
|
page read and write
|
||
|
5910000
|
remote allocation
|
page read and write
|
||
|
3D2F000
|
stack
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
629E000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
16A7000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
5D9E000
|
heap
|
page read and write
|
||
|
A9C000
|
heap
|
page read and write
|
||
|
623B000
|
heap
|
page read and write
|
||
|
36DF000
|
stack
|
page read and write
|
||
|
371F000
|
stack
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DDD000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
5D4B000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D5B000
|
heap
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
322E000
|
stack
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
63EE000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
475F000
|
stack
|
page read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
573000
|
unkown
|
page write copy
|
||
|
6262000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5D9A000
|
heap
|
page read and write
|
||
|
5D61000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
4DDC000
|
stack
|
page read and write
|
||
|
63A5000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
639B000
|
heap
|
page read and write
|
||
|
3F9F000
|
stack
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
6256000
|
heap
|
page read and write
|
||
|
43AE000
|
stack
|
page read and write
|
||
|
35AF000
|
stack
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
57BF000
|
stack
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
5DFB000
|
heap
|
page read and write
|
||
|
34DE000
|
stack
|
page read and write
|
||
|
6260000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
15FE000
|
stack
|
page read and write
|
||
|
1132000
|
unkown
|
page execute and write copy
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
4E3F000
|
stack
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
63BA000
|
heap
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
5D1B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
627A000
|
heap
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
1551000
|
heap
|
page read and write
|
||
|
2ABC000
|
stack
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5D1B000
|
heap
|
page read and write
|
||
|
40DF000
|
stack
|
page read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
5D5F000
|
heap
|
page read and write
|
||
|
5D22000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
395F000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
5D9E000
|
heap
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
5D76000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
63A5000
|
heap
|
page read and write
|
||
|
5D7F000
|
heap
|
page read and write
|
||
|
E7B000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5DD6000
|
heap
|
page read and write
|
||
|
5360000
|
remote allocation
|
page read and write
|
||
|
5DE3000
|
heap
|
page read and write
|
||
|
5D6A000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
623B000
|
heap
|
page read and write
|
||
|
F01000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
441000
|
unkown
|
page execute and read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
59AF000
|
stack
|
page read and write
|
||
|
A87000
|
unkown
|
page execute and read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5CFF000
|
stack
|
page read and write
|
||
|
5D4B000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
9E4000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
526B000
|
stack
|
page read and write
|
||
|
3E6F000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
5D5A000
|
heap
|
page read and write
|
||
|
5490000
|
direct allocation
|
page execute and read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
573000
|
unkown
|
page read and write
|
||
|
6254000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
5420000
|
direct allocation
|
page execute and read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
6368000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
415E000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
5DF1000
|
heap
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
5DD5000
|
heap
|
page read and write
|
||
|
4A1E000
|
stack
|
page read and write
|
||
|
D2A000
|
unkown
|
page execute and read and write
|
||
|
14F8000
|
heap
|
page read and write
|
||
|
4C2F000
|
stack
|
page read and write
|
||
|
5D76000
|
heap
|
page read and write
|
||
|
A8B000
|
heap
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
5D9A000
|
heap
|
page read and write
|
||
|
154B000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
570D000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
5E1D000
|
heap
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
63A7000
|
heap
|
page read and write
|
||
|
E73000
|
unkown
|
page read and write
|
||
|
624E000
|
stack
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
5D53000
|
heap
|
page read and write
|
||
|
1131000
|
unkown
|
page execute and write copy
|
||
|
52DD000
|
stack
|
page read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
6392000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
A8E000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
624B000
|
heap
|
page read and write
|
||
|
489F000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
83B000
|
stack
|
page read and write
|
||
|
5D9E000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
10DD000
|
unkown
|
page execute and read and write
|
||
|
14DC000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
63B6000
|
heap
|
page read and write
|
||
|
63AC000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
172D000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
3AEE000
|
stack
|
page read and write
|
||
|
426E000
|
stack
|
page read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
5DDC000
|
heap
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
535F000
|
stack
|
page read and write
|
||
|
5D4F000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
5D53000
|
heap
|
page read and write
|
||
|
5D5B000
|
heap
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
5D10000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5DDC000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
361E000
|
stack
|
page read and write
|
||
|
63E2000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5102000
|
heap
|
page read and write
|
||
|
623A000
|
heap
|
page read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
30EF000
|
stack
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
5D65000
|
heap
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page read and write
|
||
|
471F000
|
stack
|
page read and write
|
||
|
599D000
|
stack
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
3ADE000
|
stack
|
page read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
10C4000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
4ED0000
|
direct allocation
|
page execute and read and write
|
||
|
475E000
|
stack
|
page read and write
|
||
|
6285000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
625D000
|
heap
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
4EDF000
|
stack
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
486F000
|
stack
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
167F000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D5B000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
4F50000
|
direct allocation
|
page execute and read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
5D42000
|
heap
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
direct allocation
|
page execute and read and write
|
||
|
39DE000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5A7F000
|
stack
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
6285000
|
heap
|
page read and write
|
||
|
50B0000
|
direct allocation
|
page execute and read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
5D9C000
|
heap
|
page read and write
|
||
|
5D70000
|
heap
|
page read and write
|
||
|
534D000
|
direct allocation
|
page read and write
|
||
|
6387000
|
heap
|
page read and write
|
||
|
6397000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
5D4B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D62000
|
heap
|
page read and write
|
||
|
5DDF000
|
heap
|
page read and write
|
||
|
5070000
|
direct allocation
|
page execute and read and write
|
||
|
A8D000
|
heap
|
page read and write
|
||
|
6239000
|
heap
|
page read and write
|
||
|
6220000
|
heap
|
page read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
321E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
D41000
|
unkown
|
page execute and read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
1576000
|
heap
|
page read and write
|
||
|
465E000
|
stack
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
5BEE000
|
stack
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
35EE000
|
stack
|
page read and write
|
||
|
6360000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
44DF000
|
stack
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
425E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
5D6C000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
461E000
|
stack
|
page read and write
|
||
|
5D41000
|
heap
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
63E6000
|
heap
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
5D49000
|
heap
|
page read and write
|
||
|
E73000
|
unkown
|
page write copy
|
||
|
B54000
|
heap
|
page read and write
|
||
|
6216000
|
heap
|
page read and write
|
||
|
5D7C000
|
heap
|
page read and write
|
||
|
5DA8000
|
heap
|
page read and write
|
||
|
63A8000
|
heap
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
5D14000
|
heap
|
page read and write
|
||
|
422F000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
1561000
|
heap
|
page read and write
|
||
|
5D6C000
|
heap
|
page read and write
|
||
|
62A5000
|
heap
|
page read and write
|
||
|
349F000
|
stack
|
page read and write
|
||
|
6256000
|
heap
|
page read and write
|
||
|
63B1000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
404F000
|
stack
|
page read and write
|
||
|
6245000
|
heap
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page read and write
|
||
|
536D000
|
stack
|
page read and write
|
||
|
3C5E000
|
stack
|
page read and write
|
||
|
4ECD000
|
direct allocation
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
3FDF000
|
stack
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
5D9F000
|
heap
|
page read and write
|
||
|
525C000
|
stack
|
page read and write
|
||
|
5D6A000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
634F000
|
stack
|
page read and write
|
||
|
5DF2000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
63D3000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
625B000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
63A9000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
335E000
|
stack
|
page read and write
|
||
|
5D91000
|
heap
|
page read and write
|
||
|
639B000
|
heap
|
page read and write
|
||
|
577000
|
unkown
|
page execute and read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
4920000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
5470000
|
direct allocation
|
page execute and read and write
|
||
|
56E000
|
unkown
|
page execute and read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
5090000
|
direct allocation
|
page execute and read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
3D1F000
|
stack
|
page read and write
|
||
|
425E000
|
stack
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5D4C000
|
heap
|
page read and write
|
||
|
44DE000
|
stack
|
page read and write
|
||
|
3B1E000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
372E000
|
stack
|
page read and write
|
||
|
485F000
|
stack
|
page read and write
|
||
|
831000
|
unkown
|
page execute and write copy
|
||
|
440000
|
unkown
|
page read and write
|
||
|
628F000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5D54000
|
heap
|
page read and write
|
||
|
5D4B000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
542D000
|
stack
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
1640000
|
direct allocation
|
page read and write
|
||
|
623B000
|
heap
|
page read and write
|
||
|
5D64000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
375E000
|
stack
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5DDE000
|
heap
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
5D79000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
3FAF000
|
stack
|
page read and write
|
||
|
1575000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
111A000
|
unkown
|
page execute and read and write
|
||
|
5DCB000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
F06000
|
heap
|
page read and write
|
||
|
116D000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
A66000
|
heap
|
page read and write
|
||
|
1134000
|
heap
|
page read and write
|
||
|
6273000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
10CB000
|
heap
|
page read and write
|
||
|
385F000
|
stack
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
35DF000
|
stack
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
5D9D000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
5A5F000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
5D3A000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
49AF000
|
stack
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
5D1C000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
4F60000
|
direct allocation
|
page execute and read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
5DFD000
|
heap
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
42CF000
|
stack
|
page read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
5D7F000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
157C000
|
heap
|
page read and write
|
||
|
5D6A000
|
heap
|
page read and write
|
||
|
3A4E000
|
stack
|
page read and write
|
||
|
624E000
|
heap
|
page read and write
|
||
|
63BF000
|
heap
|
page read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
5D9A000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
5D06000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
F06000
|
heap
|
page read and write
|
||
|
5D1B000
|
heap
|
page read and write
|
||
|
624A000
|
heap
|
page read and write
|
||
|
3C2E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
624D000
|
heap
|
page read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
5D4A000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
1531000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
53F0000
|
direct allocation
|
page execute and read and write
|
||
|
184F000
|
stack
|
page read and write
|
||
|
590F000
|
stack
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
A8B000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
12D6000
|
unkown
|
page execute and read and write
|
||
|
A82000
|
heap
|
page read and write
|
||
|
626B000
|
heap
|
page read and write
|
||
|
D41000
|
unkown
|
page execute and read and write
|
||
|
6260000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
444E000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D47000
|
heap
|
page read and write
|
||
|
5E21000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
E6A000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
6249000
|
heap
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
6277000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
6272000
|
heap
|
page read and write
|
||
|
4F10000
|
direct allocation
|
page execute and read and write
|
||
|
5470000
|
direct allocation
|
page execute and read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5DE8000
|
heap
|
page read and write
|
||
|
5D58000
|
heap
|
page read and write
|
||
|
54C0000
|
direct allocation
|
page execute and read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
63C2000
|
heap
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
2B87000
|
heap
|
page read and write
|
||
|
62A6000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
546D000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
6254000
|
heap
|
page read and write
|
||
|
50D0000
|
direct allocation
|
page execute and read and write
|
||
|
623A000
|
heap
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
1735000
|
heap
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
5D49000
|
heap
|
page read and write
|
||
|
62A6000
|
heap
|
page read and write
|
||
|
5A9D000
|
stack
|
page read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
5D35000
|
heap
|
page read and write
|
||
|
63C3000
|
heap
|
page read and write
|
||
|
412E000
|
stack
|
page read and write
|
||
|
6394000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
4EB0000
|
direct allocation
|
page execute and read and write
|
||
|
6256000
|
heap
|
page read and write
|
||
|
F06000
|
heap
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page execute and read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
5DA3000
|
heap
|
page read and write
|
||
|
5E3F000
|
stack
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
50E0000
|
direct allocation
|
page execute and read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
480E000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
27AA000
|
stack
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
5D24000
|
heap
|
page read and write
|
||
|
63AB000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
63BD000
|
heap
|
page read and write
|
||
|
44DE000
|
stack
|
page read and write
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
638A000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page read and write
|
||
|
378F000
|
stack
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
5DC5000
|
heap
|
page read and write
|
||
|
5DB1000
|
heap
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
639A000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
5210000
|
remote allocation
|
page read and write
|
||
|
5DF6000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
573000
|
unkown
|
page write copy
|
||
|
5D97000
|
heap
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
171E000
|
heap
|
page read and write
|
||
|
3BDF000
|
stack
|
page read and write
|
||
|
5D4F000
|
heap
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
3D5E000
|
stack
|
page read and write
|
||
|
5D73000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page read and write
|
||
|
5D73000
|
heap
|
page read and write
|
||
|
5DC4000
|
heap
|
page read and write
|
||
|
5D1A000
|
heap
|
page read and write
|
||
|
45EF000
|
stack
|
page read and write
|
||
|
5DF4000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
5DEA000
|
heap
|
page read and write
|
||
|
173C000
|
heap
|
page read and write
|
||
|
63A4000
|
heap
|
page read and write
|
||
|
5020000
|
direct allocation
|
page execute and read and write
|
||
|
49A0000
|
direct allocation
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
5D6B000
|
heap
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
173A000
|
heap
|
page read and write
|
||
|
1470000
|
direct allocation
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5D57000
|
heap
|
page read and write
|
||
|
2F70000
|
direct allocation
|
page read and write
|
||
|
4F30000
|
direct allocation
|
page execute and read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
4D91000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page execute and read and write
|
||
|
418F000
|
stack
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
5D7B000
|
heap
|
page read and write
|
||
|
5000000
|
direct allocation
|
page execute and read and write
|
||
|
F04000
|
heap
|
page read and write
|
||
|
449F000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
3C1E000
|
stack
|
page read and write
|
||
|
53F0000
|
direct allocation
|
page execute and read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
5220000
|
direct allocation
|
page read and write
|
||
|
5D00000
|
trusted library allocation
|
page read and write
|
||
|
5D6E000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
823000
|
unkown
|
page execute and read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
5D58000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
35DE000
|
stack
|
page read and write
|
||
|
5D5B000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
5DFA000
|
heap
|
page read and write
|
||
|
499F000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
430E000
|
stack
|
page read and write
|
||
|
5DD7000
|
heap
|
page read and write
|
||
|
63EE000
|
heap
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
5D2F000
|
heap
|
page read and write
|
||
|
626D000
|
heap
|
page read and write
|
||
|
3C1F000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
63A9000
|
heap
|
page read and write
|
||
|
D6B000
|
stack
|
page read and write
|
||
|
63A9000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
6272000
|
heap
|
page read and write
|
||
|
5D5E000
|
heap
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
1739000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
81A000
|
unkown
|
page execute and read and write
|
||
|
F06000
|
heap
|
page read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
5D3D000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
5D47000
|
heap
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
4C9E000
|
stack
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
5DEE000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
5D9E000
|
heap
|
page read and write
|
||
|
5DFD000
|
heap
|
page read and write
|
||
|
637B000
|
heap
|
page read and write
|
||
|
62B7000
|
heap
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
There are 2583 hidden memdumps, click here to show them.