Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
wIaKimJFke.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\cred64[1].dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\clip64[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\00c07260dc\explorgu.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\006700e5a2ab05\clip64.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\006700e5a2ab05\cred64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\00c07260dc\explorgu.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\_Files_\AIXACVYBSB.docx
|
ASCII text, with very long lines (1024), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_Files_\AIXACVYBSB.xlsx
|
ASCII text, with very long lines (1024), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_Files_\DTBZGIOOSO.docx
|
ASCII text, with very long lines (1024), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_Files_\KATAXZVCPS.xlsx
|
ASCII text, with very long lines (1024), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_Files_\NHPKIZUUSG.docx
|
ASCII text, with very long lines (1024), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_Files_\VLZDGUKUTZ.xlsx
|
ASCII text, with very long lines (1024), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_Files_\XZXHAVGRAG.docx
|
ASCII text, with very long lines (1024), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_Files_\XZXHAVGRAG.xlsx
|
ASCII text, with very long lines (1024), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3xnwzpq5.2iu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cipsawgy.e15.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_renydpxy.mj4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vmy1tnrq.lsz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Tasks\explorgu.job
|
data
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\wIaKimJFke.exe
|
"C:\Users\user\Desktop\wIaKimJFke.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\00c07260dc\explorgu.exe
|
C:\Users\user\AppData\Local\Temp\00c07260dc\explorgu.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\00c07260dc\explorgu.exe
|
C:\Users\user\AppData\Local\Temp\00c07260dc\explorgu.exe
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\006700e5a2ab05\cred64.dll, Main
|
|
|
|
C:\Windows\System32\rundll32.exe
|
"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\006700e5a2ab05\cred64.dll, Main
|
|
|
|
C:\Windows\System32\netsh.exe
|
netsh wlan show profiles
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\006700e5a2ab05\clip64.dll, Main
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip'
-CompressionLevel Optimal
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://185.215.113.32/yandex/Plugins/clip64.dll
|
185.215.113.32
|
|
|
|
http://185.215.113.32/yandex/index.php
|
185.215.113.32
|
|
|
|
http://185.215.113.32/yandex/Plugins/cred64.dll
|
185.215.113.32
|
|
|
|
http://185.215.113.32/yandex/index.php?wal=1
|
185.215.113.32
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
http://185.215.113.32/yandex/index.php%
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpg
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpa
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://185.215.113.32/yandex/index.php2ab05
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phprsion
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelpX
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpVl
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpK
|
unknown
|
||
|
http://185.215.113.32/yandex/Plugins/clip64.dll1
|
unknown
|
||
|
http://185.215.113.32/yandex/index.php:10
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://185.215.113.32/yandex/Plugins/clip64.dll&
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpWindows
|
unknown
|
||
|
http://185.215.113.32/ws
|
unknown
|
||
|
http://185.215.113.32/yandex/index.php?wal=1tesf
|
unknown
|
||
|
http://185.215.113.32/yandex/index.php?wal=1r
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://185.215.113.32/
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpa2ab05
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpn
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpp
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpa0
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://185.215.113.32/yandex/index.php?wal=1&
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpu
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://185.215.113.32/yandex/Plugins/cred64.dll2
|
unknown
|
||
|
http://185.215.113.32/yandex/index.phpx
|
unknown
|
There are 32 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.215.113.32
|
unknown
|
Portugal
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4CC0000
|
direct allocation
|
page read and write
|
|
|
|
2A1000
|
unkown
|
page execute and read and write
|
|
|
|
6E221000
|
unkown
|
page execute read
|
|
|
|
4E1000
|
unkown
|
page execute and read and write
|
|
|
|
4CC0000
|
direct allocation
|
page read and write
|
|
|
|
2A1000
|
unkown
|
page execute and read and write
|
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
DA4000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
4E70000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page execute and read and write
|
||
|
28334A44000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
6CF000
|
unkown
|
page execute and read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
5A1000
|
unkown
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
546000
|
unkown
|
page read and write
|
||
|
37DF000
|
stack
|
page read and write
|
||
|
5D70000
|
heap
|
page read and write
|
||
|
992000
|
unkown
|
page execute and write copy
|
||
|
6C10000
|
heap
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
200453B0000
|
heap
|
page read and write
|
||
|
626E000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
10D3000
|
heap
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
340F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
2005F480000
|
heap
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
200480F1000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
CA97DFE000
|
stack
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
473E000
|
stack
|
page read and write
|
||
|
4CB0000
|
direct allocation
|
page read and write
|
||
|
28334A0B000
|
heap
|
page read and write
|
||
|
283365B2000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
3B8F000
|
stack
|
page read and write
|
||
|
5A1000
|
unkown
|
page execute and read and write
|
||
|
6E23B000
|
unkown
|
page read and write
|
||
|
35BE000
|
stack
|
page read and write
|
||
|
2004886F000
|
trusted library allocation
|
page read and write
|
||
|
4CB0000
|
direct allocation
|
page read and write
|
||
|
471E000
|
stack
|
page read and write
|
||
|
4F44000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
3BFE000
|
stack
|
page read and write
|
||
|
7DA000
|
unkown
|
page execute and read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
470E000
|
stack
|
page read and write
|
||
|
2005F8B0000
|
trusted library allocation
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
5B1000
|
unkown
|
page execute and write copy
|
||
|
2B4B000
|
stack
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
849C000
|
stack
|
page read and write
|
||
|
546000
|
unkown
|
page write copy
|
||
|
F44000
|
heap
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
548000
|
unkown
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
20057602000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7DF43D6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
36FE000
|
stack
|
page read and write
|
||
|
48F000
|
unkown
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
60EC000
|
stack
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
7FFD9B7C2000
|
trusted library allocation
|
page read and write
|
||
|
2005F453000
|
heap
|
page read and write
|
||
|
3719D7F000
|
stack
|
page read and write
|
||
|
200488E3000
|
trusted library allocation
|
page read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
434E000
|
stack
|
page read and write
|
||
|
3E0F000
|
stack
|
page read and write
|
||
|
3719753000
|
stack
|
page read and write
|
||
|
20048B77000
|
trusted library allocation
|
page read and write
|
||
|
752000
|
unkown
|
page execute and write copy
|
||
|
50B0000
|
heap
|
page read and write
|
||
|
307B000
|
stack
|
page read and write
|
||
|
306000
|
unkown
|
page write copy
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
332A000
|
heap
|
page read and write
|
||
|
C16DEF4000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
98F000
|
unkown
|
page execute and read and write
|
||
|
3FBE000
|
stack
|
page read and write
|
||
|
4920000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
45DE000
|
stack
|
page read and write
|
||
|
29F09000000
|
trusted library allocation
|
page read and write
|
||
|
7F1000
|
unkown
|
page execute and write copy
|
||
|
2005F382000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
200487FF000
|
trusted library allocation
|
page read and write
|
||
|
36BF000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
20048883000
|
trusted library allocation
|
page read and write
|
||
|
2005F6D2000
|
heap
|
page read and write
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
4DCF000
|
stack
|
page read and write
|
||
|
29F08E49000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
306000
|
unkown
|
page write copy
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
28334DA5000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
41DF000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
61ED000
|
stack
|
page read and write
|
||
|
7FFD9B948000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
6C1E000
|
heap
|
page read and write
|
||
|
371A1BE000
|
stack
|
page read and write
|
||
|
1077000
|
heap
|
page read and write
|
||
|
397E000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
371AC8E000
|
stack
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
283366E0000
|
heap
|
page read and write
|
||
|
20048816000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
2005F75D000
|
heap
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
7FFD9B6C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B700000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2004560C000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
301000
|
unkown
|
page execute and read and write
|
||
|
20057331000
|
trusted library allocation
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
CA97CFF000
|
stack
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
2005F69E000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2005F5B0000
|
heap
|
page read and write
|
||
|
7F0000
|
unkown
|
page execute and read and write
|
||
|
480F000
|
stack
|
page read and write
|
||
|
20048859000
|
trusted library allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
283365B0000
|
heap
|
page read and write
|
||
|
20057384000
|
trusted library allocation
|
page read and write
|
||
|
28334A2E000
|
heap
|
page read and write
|
||
|
433F000
|
stack
|
page read and write
|
||
|
4DFF000
|
stack
|
page read and write
|
||
|
2004836C000
|
trusted library allocation
|
page read and write
|
||
|
2E8F000
|
stack
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
391F000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
7FFD9B913000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
28334A2E000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B600000
|
trusted library allocation
|
page read and write
|
||
|
28334DA0000
|
heap
|
page read and write
|
||
|
7FFD9B791000
|
trusted library allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
283365B6000
|
heap
|
page read and write
|
||
|
29F08D50000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page execute and read and write
|
||
|
28334A48000
|
heap
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C16DEFE000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
2A0000
|
unkown
|
page readonly
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
D3A000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
29F09080000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
46DF000
|
stack
|
page read and write
|
||
|
423E000
|
stack
|
page read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
518D000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
308000
|
unkown
|
page execute and read and write
|
||
|
449E000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
2005F771000
|
heap
|
page read and write
|
||
|
6E220000
|
unkown
|
page readonly
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
unkown
|
page execute and write copy
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
4E0000
|
unkown
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
359E000
|
stack
|
page read and write
|
||
|
542F000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
FA9000
|
heap
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page read and write
|
||
|
2005F6EA000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
20048F33000
|
trusted library allocation
|
page read and write
|
||
|
20057604000
|
trusted library allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
29F0A8E0000
|
heap
|
page read and write
|
||
|
2A50000
|
direct allocation
|
page read and write
|
||
|
52FF000
|
stack
|
page read and write
|
||
|
283365A0000
|
heap
|
page read and write
|
||
|
C16E1FF000
|
stack
|
page read and write
|
||
|
110F000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
114D000
|
stack
|
page read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
3F7F000
|
stack
|
page read and write
|
||
|
4FAB000
|
stack
|
page read and write
|
||
|
10A8000
|
heap
|
page read and write
|
||
|
28334A3C000
|
heap
|
page read and write
|
||
|
7FFD9B5E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
40BF000
|
stack
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
4EC0000
|
direct allocation
|
page execute and read and write
|
||
|
20045678000
|
heap
|
page read and write
|
||
|
65EF000
|
stack
|
page read and write
|
||
|
37FF000
|
stack
|
page read and write
|
||
|
4EB0000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
822C000
|
stack
|
page read and write
|
||
|
7FFD9B5FB000
|
trusted library allocation
|
page read and write
|
||
|
81EE000
|
stack
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
74F000
|
unkown
|
page execute and read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
CA97EFB000
|
stack
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
F8E000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
5A4D000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
62A0000
|
heap
|
page read and write
|
||
|
751000
|
unkown
|
page execute and read and write
|
||
|
20045670000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
3215000
|
heap
|
page read and write
|
||
|
2005F74F000
|
heap
|
page read and write
|
||
|
307F000
|
stack
|
page read and write
|
||
|
521F000
|
stack
|
page read and write
|
||
|
336E000
|
heap
|
page read and write
|
||
|
85A0000
|
heap
|
page read and write
|
||
|
200471F3000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
29F09085000
|
heap
|
page read and write
|
||
|
2005F77C000
|
heap
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
3E4E000
|
stack
|
page read and write
|
||
|
20057341000
|
trusted library allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
2005F3BC000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
2BA0000
|
direct allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page execute and write copy
|
||
|
E84000
|
heap
|
page read and write
|
||
|
28334A06000
|
heap
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
29F08E93000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
3CCF000
|
stack
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4EA0000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
29F0AE32000
|
heap
|
page read and write
|
||
|
FB2000
|
heap
|
page read and write
|
||
|
4820000
|
heap
|
page read and write
|
||
|
29F0AE20000
|
heap
|
page read and write
|
||
|
FA9000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2005F744000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B696000
|
trusted library allocation
|
page read and write
|
||
|
20047A65000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
direct allocation
|
page execute and read and write
|
||
|
524E000
|
stack
|
page read and write
|
||
|
2BCD000
|
heap
|
page read and write
|
||
|
2005F7AF000
|
heap
|
page read and write
|
||
|
2004889A000
|
trusted library allocation
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
48F000
|
unkown
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
3D3E000
|
stack
|
page read and write
|
||
|
371AC0E000
|
stack
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
CFD000
|
stack
|
page read and write
|
||
|
63AF000
|
stack
|
page read and write
|
||
|
2004889C000
|
trusted library allocation
|
page read and write
|
||
|
2B9B000
|
stack
|
page read and write
|
||
|
283349C0000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2F4A000
|
heap
|
page read and write
|
||
|
29F08DB8000
|
heap
|
page read and write
|
||
|
7FFD9B9D3000
|
trusted library allocation
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
4CCC000
|
stack
|
page read and write
|
||
|
5A0C000
|
stack
|
page read and write
|
||
|
41CF000
|
stack
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
301000
|
unkown
|
page execute and read and write
|
||
|
2A0000
|
unkown
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
62A5000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
29F09000000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4EA0000
|
direct allocation
|
page execute and read and write
|
||
|
2005F6BB000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B69C000
|
trusted library allocation
|
page execute and read and write
|
||
|
36CE000
|
stack
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9B94C000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
308000
|
unkown
|
page execute and read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
20048B2B000
|
trusted library allocation
|
page read and write
|
||
|
4940000
|
trusted library allocation
|
page read and write
|
||
|
2005F724000
|
heap
|
page read and write
|
||
|
20045490000
|
heap
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
3719DF9000
|
stack
|
page read and write
|
||
|
20047311000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page read and write
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
371A13C000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
7FFD9B79A000
|
trusted library allocation
|
page read and write
|
||
|
CA9807B000
|
stack
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
3A4F000
|
stack
|
page read and write
|
||
|
30BB000
|
stack
|
page read and write
|
||
|
3F4F000
|
stack
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
381E000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
3719CFE000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
200488B0000
|
trusted library allocation
|
page read and write
|
||
|
2005F690000
|
heap
|
page read and write
|
||
|
2A2E000
|
stack
|
page read and write
|
||
|
3D0E000
|
stack
|
page read and write
|
||
|
7FFD9B5ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2005F6C5000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
2A1000
|
unkown
|
page execute and write copy
|
||
|
541000
|
unkown
|
page execute and read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
20046EA5000
|
heap
|
page read and write
|
||
|
125F000
|
stack
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
200454B0000
|
heap
|
page read and write
|
||
|
20048857000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
306000
|
unkown
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
4CFE000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
283365B3000
|
heap
|
page read and write
|
||
|
2005F437000
|
heap
|
page read and write
|
||
|
F8E000
|
heap
|
page read and write
|
||
|
37197DE000
|
unkown
|
page read and write
|
||
|
380E000
|
stack
|
page read and write
|
||
|
2005F7A1000
|
heap
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
298C000
|
stack
|
page read and write
|
||
|
371A03E000
|
stack
|
page read and write
|
||
|
20046EA0000
|
heap
|
page read and write
|
||
|
20048B9A000
|
trusted library allocation
|
page read and write
|
||
|
3719AFE000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
3B9F000
|
stack
|
page read and write
|
||
|
20045530000
|
trusted library allocation
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
20046EAA000
|
heap
|
page read and write
|
||
|
3ABE000
|
stack
|
page read and write
|
||
|
431F000
|
stack
|
page read and write
|
||
|
31BF000
|
stack
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
283349F7000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
20045608000
|
heap
|
page read and write
|
||
|
46FF000
|
stack
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
85B5000
|
heap
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2005F310000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
20045575000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
2004559F000
|
heap
|
page read and write
|
||
|
2A0000
|
unkown
|
page readonly
|
||
|
3719B7E000
|
stack
|
page read and write
|
||
|
4841000
|
heap
|
page read and write
|
||
|
200455C7000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
354F000
|
stack
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
459F000
|
stack
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
29F0A860000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
direct allocation
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
4CFE000
|
stack
|
page read and write
|
||
|
514F000
|
stack
|
page read and write
|
||
|
CA97C77000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
20048E6E000
|
trusted library allocation
|
page read and write
|
||
|
3719BF9000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
7FFD9B63C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A50000
|
direct allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
408F000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
283349B0000
|
heap
|
page read and write
|
||
|
283349F0000
|
heap
|
page read and write
|
||
|
CA97E7F000
|
stack
|
page read and write
|
||
|
357F000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2F0F000
|
stack
|
page read and write
|
||
|
40DE000
|
stack
|
page read and write
|
||
|
56D000
|
unkown
|
page execute and read and write
|
||
|
4840000
|
heap
|
page read and write
|
||
|
7FFD9B934000
|
trusted library allocation
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
51CC000
|
stack
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
64AF000
|
stack
|
page read and write
|
||
|
2004893F000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
2E0F000
|
stack
|
page read and write
|
||
|
20046E50000
|
trusted library allocation
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
64EE000
|
stack
|
page read and write
|
||
|
C16E0FE000
|
stack
|
page read and write
|
||
|
2005F560000
|
heap
|
page execute and read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
3719C7E000
|
stack
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
29F08E72000
|
heap
|
page read and write
|
||
|
3CDF000
|
stack
|
page read and write
|
||
|
3719EB7000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
32CF000
|
stack
|
page read and write
|
||
|
2004882A000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
7FFD9B690000
|
trusted library allocation
|
page read and write
|
||
|
29F0A860000
|
trusted library allocation
|
page read and write
|
||
|
29CC000
|
stack
|
page read and write
|
||
|
28334A42000
|
heap
|
page read and write
|
||
|
45FE000
|
stack
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
29F0A860000
|
trusted library allocation
|
page read and write
|
||
|
395E000
|
stack
|
page read and write
|
||
|
20048BAE000
|
trusted library allocation
|
page read and write
|
||
|
2004886D000
|
trusted library allocation
|
page read and write
|
||
|
20047538000
|
trusted library allocation
|
page read and write
|
||
|
3F9E000
|
stack
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
E2E000
|
heap
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
2005F380000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
20047300000
|
heap
|
page execute and read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
CA97D7D000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
7DF43D6D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
28334A17000
|
heap
|
page read and write
|
||
|
20047D03000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2F3F000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7F0000
|
unkown
|
page execute and write copy
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
20048F37000
|
trusted library allocation
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
447F000
|
stack
|
page read and write
|
||
|
F72000
|
heap
|
page read and write
|
||
|
3A8E000
|
stack
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
20045580000
|
heap
|
page read and write
|
||
|
F9B000
|
heap
|
page read and write
|
||
|
7AD000
|
unkown
|
page execute and read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B939000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
7FFD9B999000
|
trusted library allocation
|
page read and write
|
||
|
622E000
|
stack
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
56D000
|
unkown
|
page execute and read and write
|
||
|
29F08D80000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
28334A48000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
991000
|
unkown
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
20046E90000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
445F000
|
stack
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
3BDE000
|
stack
|
page read and write
|
||
|
444F000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
200455CB000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
20045560000
|
heap
|
page readonly
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
20045550000
|
trusted library allocation
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
752000
|
unkown
|
page execute and write copy
|
||
|
7FFD9B5E2000
|
trusted library allocation
|
page read and write
|
||
|
371A23B000
|
stack
|
page read and write
|
||
|
9EC000
|
stack
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
3A5F000
|
stack
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
751000
|
unkown
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page execute and read and write
|
||
|
F92000
|
heap
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
2005F46B000
|
heap
|
page read and write
|
||
|
283365B8000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
65F0000
|
heap
|
page read and write
|
||
|
4EE0000
|
direct allocation
|
page execute and read and write
|
||
|
369F000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
29F08D60000
|
heap
|
page read and write
|
||
|
40CE000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
420E000
|
stack
|
page read and write
|
||
|
28334A48000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
20048843000
|
trusted library allocation
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4C8C000
|
stack
|
page read and write
|
||
|
C16DEED000
|
stack
|
page read and write
|
||
|
4E1000
|
unkown
|
page execute and write copy
|
||
|
F9B000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
390F000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
74F000
|
unkown
|
page execute and read and write
|
||
|
2005F698000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
393F000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4EB0000
|
direct allocation
|
page execute and read and write
|
||
|
2A0000
|
unkown
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
46CF000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
3E3F000
|
stack
|
page read and write
|
||
|
2A77000
|
heap
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
FA4000
|
heap
|
page read and write
|
||
|
3719E3E000
|
stack
|
page read and write
|
||
|
4910000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4EA0000
|
direct allocation
|
page execute and read and write
|
||
|
368F000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
283365BA000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
3CFF000
|
stack
|
page read and write
|
||
|
4F29000
|
stack
|
page read and write
|
||
|
20047396000
|
trusted library allocation
|
page read and write
|
||
|
283349FA000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
6E234000
|
unkown
|
page readonly
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
3389000
|
heap
|
page read and write
|
||
|
421E000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
3F5F000
|
stack
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
4820000
|
heap
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
371A0BE000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4DFF000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
200455DF000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
28334A17000
|
heap
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
57AE000
|
stack
|
page read and write
|
||
|
80EE000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page execute and write copy
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
5B4D000
|
stack
|
page read and write
|
||
|
CA980FB000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
D3D000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
F17000
|
heap
|
page read and write
|
||
|
3BCE000
|
stack
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
7DF43D6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E70000
|
direct allocation
|
page execute and read and write
|
||
|
41FF000
|
stack
|
page read and write
|
||
|
3E7E000
|
stack
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
F22000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
6E23D000
|
unkown
|
page readonly
|
||
|
832C000
|
stack
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
F30000
|
direct allocation
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
29F0A860000
|
trusted library allocation
|
page read and write
|
||
|
29F09000000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FB0000
|
heap
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
20045570000
|
heap
|
page read and write
|
||
|
29F08E60000
|
heap
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page read and write
|
||
|
409F000
|
stack
|
page read and write
|
||
|
29F09000000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
direct allocation
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
990000
|
unkown
|
page execute and write copy
|
||
|
28334A2E000
|
heap
|
page read and write
|
||
|
4810000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
6C20000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
2A57000
|
heap
|
page read and write
|
||
|
20048813000
|
trusted library allocation
|
page read and write
|
||
|
45BF000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
20048B07000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
430F000
|
stack
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
28334BC0000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
2005F487000
|
heap
|
page execute and read and write
|
||
|
3E5E000
|
stack
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
3719A7E000
|
stack
|
page read and write
|
||
|
59A000
|
unkown
|
page execute and read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
111F000
|
stack
|
page read and write
|
||
|
590D000
|
stack
|
page read and write
|
||
|
37CF000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
7FFD9B8C0000
|
trusted library allocation
|
page read and write
|
||
|
FA4000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
394E000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
20048840000
|
trusted library allocation
|
page read and write
|
||
|
4CB0000
|
direct allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
F86000
|
heap
|
page read and write
|
||
|
4841000
|
heap
|
page read and write
|
||
|
EDA000
|
heap
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
2005760C000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
direct allocation
|
page read and write
|
||
|
504B000
|
stack
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page read and write
|
||
|
CA97FFE000
|
stack
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
EDE000
|
heap
|
page read and write
|
||
|
2BC7000
|
heap
|
page read and write
|
||
|
36DE000
|
stack
|
page read and write
|
||
|
483F000
|
stack
|
page read and write
|
||
|
C16DFFD000
|
unkown
|
page read and write
|
||
|
20048BEB000
|
trusted library allocation
|
page read and write
|
||
|
29F08DB0000
|
heap
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page read and write
|
||
|
481F000
|
stack
|
page read and write
|
||
|
2005F3F9000
|
heap
|
page read and write
|
||
|
437E000
|
stack
|
page read and write
|
||
|
2A1000
|
unkown
|
page execute and write copy
|
||
|
383E000
|
stack
|
page read and write
|
||
|
200455BE000
|
heap
|
page read and write
|
||
|
200575FD000
|
trusted library allocation
|
page read and write
|
||
|
CA97F7D000
|
stack
|
page read and write
|
||
|
4841000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
7FB4000
|
heap
|
page read and write
|
||
|
20057311000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page read and write
|
||
|
44BE000
|
stack
|
page read and write
|
||
|
4E70000
|
direct allocation
|
page execute and read and write
|
||
|
2005F41B000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
2005F753000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
200455CD000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
3719F39000
|
stack
|
page read and write
|
||
|
3BBF000
|
stack
|
page read and write
|
||
|
2005F920000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
59A000
|
unkown
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
448E000
|
stack
|
page read and write
|
||
|
C16E4FF000
|
stack
|
page read and write
|
||
|
C3B000
|
stack
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
29F09000000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
750000
|
unkown
|
page execute and write copy
|
||
|
E84000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute and read and write
|
||
|
1060000
|
direct allocation
|
page read and write
|
||
|
508C000
|
stack
|
page read and write
|
||
|
3719FB7000
|
stack
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
4E0000
|
unkown
|
page readonly
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
3A7F000
|
stack
|
page read and write
|
||
|
306000
|
unkown
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
304F000
|
stack
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
28334A0A000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
200454F0000
|
heap
|
page read and write
|
||
|
5B1000
|
unkown
|
page execute and write copy
|
||
|
F88000
|
heap
|
page read and write
|
||
|
4EC0000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
3F8E000
|
stack
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
3E1F000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
||
|
7FFD9B5E4000
|
trusted library allocation
|
page read and write
|
||
|
2004557E000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
40FE000
|
stack
|
page read and write
|
||
|
859C000
|
stack
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
29F09000000
|
trusted library allocation
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
C3C000
|
stack
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
3D1E000
|
stack
|
page read and write
|
||
|
20048886000
|
trusted library allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
28334A17000
|
heap
|
page read and write
|
||
|
561F000
|
stack
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
4841000
|
heap
|
page read and write
|
There are 978 hidden memdumps, click here to show them.