Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
88Oj06xDol.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\58Ob04x3bvi6kXoEQuoxoDl.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\a_iqRIngCQdFvZnFgfEPZYy.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\cXsJJz24BctXuTWSoaCRfcx.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
modified
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_88Oj06xDol.exe_8c652c6bf4f576cb53c130ed41a1342023a616e_600acf9b_cdbf886b-f8df-4239-9d0f-c51d83973d46\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MPGPH131.exe_39f79f656ba7b5749cc2d2daccddfd81bb143d9_4b9d2f76_06a8dfc0-b7a3-420f-97b9-3c4419296cb7\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MPGPH131.exe_39f79f656ba7b5749cc2d2daccddfd81bb143d9_4b9d2f76_9300aad4-982c-4bec-9de4-1a5a34051d74\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RageMP131.exe_47aff8dd516fc132caf5fe52450538cac6e85_ed1c83af_5b12d2d0-80b3-4d29-857e-0277371cc052\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1366.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Mar 29 06:21:11 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1395.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Mar 29 06:21:11 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1423.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1491.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER14AF.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER156C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER22B8.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Mar 29 06:21:15 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2375.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER23A4.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER628.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Mar 29 06:21:08 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER703.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER733.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeLKIngULKOaJZ\Cookies\Chrome_Default.txt
|
ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeLKIngULKOaJZ\information.txt
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeLKIngULKOaJZ\passwords.txt
|
Unicode text, UTF-8 text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeUr4piTzMx9fx\Cookies\Chrome_Default.txt
|
ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeUr4piTzMx9fx\information.txt
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobeUr4piTzMx9fx\passwords.txt
|
Unicode text, UTF-8 text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobemnK17iansp_p\Cookies\Chrome_Default.txt
|
ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobemnK17iansp_p\information.txt
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adobemnK17iansp_p\passwords.txt
|
Unicode text, UTF-8 text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\02zdBXl47cvzcookies.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\1YG4CXpV7Tc7Login Data For Account
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\3b6N2Xdh3CYwplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\BgmfM48BIGTyHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\D87fZN3R3jFeplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\DqFc2zfDky3PLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\JEwMdn1pGjRZHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\JcdjvMsXYBfEWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\RrH4IDSP30NgWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\bp0GXTWImdbRHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\ceNbD9cLiTGSWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\dG03QTd5iBxQLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\gugQbi9O3xzDWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\iULyzYk4KZRtCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\jv83i_3S9U5gCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\o3oeW7VH9sMzHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\qL6y_Rgj5O8JWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiLKIngULKOaJZ\y2Fqq7YsODHjWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\02zdBXl47cvzcookies.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\2kHBDxAhhi3KWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\3JwlaSNqFTXzHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\3b6N2Xdh3CYwplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\6VR768BwGZLWLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\6pMl7yWS7oPBCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\AwZupu1FWQXYHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\B_vahqgwyr8GWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\CSZ5vMWomTYkLogin Data For Account
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\D87fZN3R3jFeplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\W_rG5uz29mKBWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\Z3DWPGs2hzDeHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\fVjSsCiB_nEnWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\iHUkxIgCDKKqWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\jHjtq2UStz72Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\lxk6__g04pxKLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\mzmcPqdcaRXeWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidiUr4piTzMx9fx\tQueFdhj3ddGHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\02zdBXl47cvzcookies.sqlite
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\3b6N2Xdh3CYwplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\3lix2Df1Onq_History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\3qNuz288nQzDWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\4NIV8HTRo8J0Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\6OJnmNBDXxGvLogin Data For Account
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\BPPb8A_Hh3BCLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\C9hXHt2QU6VXWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\D87fZN3R3jFeplaces.sqlite
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\G7sd8eXtwLWYCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\JjvwJuaaOZGcCookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\LZMWYJx5yLBAWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\UtrCnSrAahDiHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\cbJp2scr8QUeHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\eRGwV_IcS_seWeb Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\l6xghxzbqyRrLogin Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\qi5ONmYaQtZdHistory
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\heidimnK17iansp_p\shNnyxJJzgS4Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\rage131MP.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 79 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\88Oj06xDol.exe
|
"C:\Users\user\Desktop\88Oj06xDol.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 1816 -s 1816
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4448 -s 1848
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2584 -s 1768
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2792 -s 1608
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://193.233.132.167/cost/lenin.exe
|
unknown
|
|
|
|
http://193.233.132.216:57893/hera/amadka.exeom
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://t.me/RiseProSUPPORTv
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://t.me/risepro_botuo
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.436
|
unknown
|
||
|
https://t.me/RiseProSUPPORTm
|
unknown
|
||
|
https://db-ip.com/zRp
|
unknown
|
||
|
https://ipinfo.io/=89
|
unknown
|
||
|
https://ipinfo.io/T)
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43m
|
unknown
|
||
|
https://ipinfo.io:443/widget/demo/102.165.48.43H
|
unknown
|
||
|
https://db-ip.com/
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://t.me/risepro_botxeka
|
unknown
|
||
|
https://ipinfo.io:443/widget/demo/102.165.48.430
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.438
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exemj
|
unknown
|
||
|
https://db-ip.com:443/demo/home.php?s=102.165.48.43
|
unknown
|
||
|
https://t.me/risepro_botU
|
unknown
|
||
|
https://t.me/riseprou
|
unknown
|
||
|
http://193.233.132.167/cost/go.exe
|
unknown
|
||
|
https://ipinfo.io/p
|
unknown
|
||
|
http://32.167/t.exe
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://193.233.132.167/cost/go.exeUser
|
unknown
|
||
|
https://t.me/risepro_botxeka.exeF
|
unknown
|
||
|
https://ipinfo.io:443/widget/demo/102.165.48.43
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exeBuil
|
unknown
|
||
|
http://193.233.132.167/cost/go.exe8.43
|
unknown
|
||
|
http://193.233.132.216:57893/hera/amadka.exe
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.43$
|
unknown
|
||
|
https://t.me/RiseProSUPPORT;
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43cn
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.43m
|
unknown
|
||
|
https://t.me/RiseProSUPPORT7
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.43
|
104.26.5.15
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exeild:
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exedka.
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43/
|
unknown
|
||
|
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://t.me/RiseProSUPPORT
|
unknown
|
||
|
https://t.me/RiseProSUPPORT$
|
unknown
|
||
|
https://db-ip.com/demo/home.php?s=102.165.48.43x
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://ipinfo.io/Mozilla/5.0
|
unknown
|
||
|
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
|
unknown
|
||
|
https://ipinfo.io/C
|
unknown
|
||
|
https://ipinfo.io:443/widget/demo/102.165.48.43x
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exebans
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://t.me/risepro_bot
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exet.liv
|
unknown
|
||
|
https://t.me/RiseProSUPPORTON??
|
unknown
|
||
|
http://193.233.132.216:57893/hera/amadka.
|
unknown
|
||
|
http://193.233.132.167/mine/amert.exe
|
unknown
|
||
|
https://ipinfo.io/
|
unknown
|
||
|
https://www.maxmind.com/en/locate-my-ip-address
|
unknown
|
||
|
https://db-ip.com:443/demo/home.php?s=102.165.48.43P
|
unknown
|
||
|
https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
|
unknown
|
||
|
https://t.59M
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.43
|
34.117.186.192
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
http://193.233.132.167/cost/go.exe)
|
unknown
|
||
|
https://support.mozilla.org
|
unknown
|
||
|
http://193.233.132.167/cost/lenin.exeu
|
unknown
|
||
|
https://ipinfo.io/widget/demo/102.165.48.439
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://t.me/risepro_botu
|
unknown
|
||
|
https://t.me/risepro_botamadka.y
|
unknown
|
There are 64 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ipinfo.io
|
34.117.186.192
|
||
|
db-ip.com
|
104.26.5.15
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.233.132.74
|
unknown
|
Russian Federation
|
|
|
|
34.117.186.192
|
ipinfo.io
|
United States
|
||
|
104.26.5.15
|
db-ip.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RageMP131
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
ProgramId
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
FileId
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
LongPathHash
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
Name
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
OriginalFileName
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
Publisher
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
Version
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
BinFileVersion
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
BinaryType
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
ProductName
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
ProductVersion
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
LinkDate
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
BinProductVersion
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
Size
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
Language
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\88oj06xdol.exe|45a29349260d070a
|
Usn
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
ProgramId
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
FileId
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
LongPathHash
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Name
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
OriginalFileName
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Publisher
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Version
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
BinFileVersion
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
BinaryType
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
ProductName
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
ProductVersion
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
LinkDate
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
BinProductVersion
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Size
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Language
|
||
|
\REGISTRY\A\{97179028-6d62-b52f-5098-d3f8c9b6a7fd}\Root\InventoryApplicationFile\mpgph131.exe|9aac11c6f9321563
|
Usn
|
There are 29 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
CB1000
|
heap
|
page read and write
|
|
|
|
D46000
|
heap
|
page read and write
|
|
|
|
CB1000
|
heap
|
page read and write
|
|
|
|
3A98000
|
heap
|
page read and write
|
|
|
|
BEE000
|
heap
|
page read and write
|
|
|
|
CB1000
|
heap
|
page read and write
|
|
|
|
D47000
|
heap
|
page read and write
|
|
|
|
D6F000
|
heap
|
page read and write
|
|
|
|
E7E000
|
heap
|
page read and write
|
|
|
|
E7E000
|
heap
|
page read and write
|
|
|
|
D6F000
|
heap
|
page read and write
|
|
|
|
EB9000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
3A32000
|
heap
|
page read and write
|
||
|
39B4000
|
heap
|
page read and write
|
||
|
3AAD000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3AD5000
|
heap
|
page read and write
|
||
|
3A9F000
|
heap
|
page read and write
|
||
|
3A93000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3AC2000
|
heap
|
page read and write
|
||
|
3AC8000
|
heap
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
3AA5000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
39AD000
|
heap
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
39CA000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
39B4000
|
heap
|
page read and write
|
||
|
3867000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
3A96000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
2C00000
|
remote allocation
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
3B4D000
|
heap
|
page read and write
|
||
|
37AA000
|
heap
|
page read and write
|
||
|
3A95000
|
heap
|
page read and write
|
||
|
3B29000
|
heap
|
page read and write
|
||
|
3AA7000
|
heap
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
3990000
|
heap
|
page read and write
|
||
|
3A2D000
|
heap
|
page read and write
|
||
|
3B2B000
|
heap
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
3B22000
|
heap
|
page read and write
|
||
|
3A4C000
|
heap
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
3704000
|
heap
|
page read and write
|
||
|
39D8000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
39A2000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
39BF000
|
heap
|
page read and write
|
||
|
EBD000
|
heap
|
page read and write
|
||
|
39BF000
|
heap
|
page read and write
|
||
|
3AAC000
|
heap
|
page read and write
|
||
|
3A31000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
3AA7000
|
heap
|
page read and write
|
||
|
3C9D000
|
heap
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
3A90000
|
heap
|
page read and write
|
||
|
39B4000
|
heap
|
page read and write
|
||
|
DA6000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2A0A000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
3AA5000
|
heap
|
page read and write
|
||
|
D82000
|
heap
|
page read and write
|
||
|
3A98000
|
heap
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
3DE0000
|
heap
|
page read and write
|
||
|
3ADC000
|
heap
|
page read and write
|
||
|
3AC2000
|
heap
|
page read and write
|
||
|
39D5000
|
heap
|
page read and write
|
||
|
39BC000
|
heap
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
2B40000
|
remote allocation
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
3B51000
|
heap
|
page read and write
|
||
|
2A65000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
39AA000
|
heap
|
page read and write
|
||
|
39E2000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
D63000
|
heap
|
page read and write
|
||
|
3AAA000
|
heap
|
page read and write
|
||
|
3AAE000
|
heap
|
page read and write
|
||
|
3AAC000
|
heap
|
page read and write
|
||
|
39CD000
|
heap
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
312F000
|
stack
|
page read and write
|
||
|
39B2000
|
heap
|
page read and write
|
||
|
3A30000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
2FEF000
|
stack
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
3ADB000
|
heap
|
page read and write
|
||
|
39B0000
|
heap
|
page read and write
|
||
|
2DDD000
|
stack
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
C1C000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
331E000
|
unkown
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3A39000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
28C0000
|
direct allocation
|
page execute and read and write
|
||
|
39CB000
|
heap
|
page read and write
|
||
|
3B45000
|
heap
|
page read and write
|
||
|
3A95000
|
heap
|
page read and write
|
||
|
3AD1000
|
heap
|
page read and write
|
||
|
E8D000
|
heap
|
page read and write
|
||
|
B6E000
|
unkown
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
370A000
|
heap
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
39B8000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
3ABA000
|
heap
|
page read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
3AA4000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
37BE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3B2D000
|
heap
|
page read and write
|
||
|
3AA2000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
3ABA000
|
heap
|
page read and write
|
||
|
2766000
|
heap
|
page execute and read and write
|
||
|
3B42000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
3C96000
|
heap
|
page read and write
|
||
|
3B2B000
|
heap
|
page read and write
|
||
|
D8E000
|
heap
|
page read and write
|
||
|
3A93000
|
heap
|
page read and write
|
||
|
3B31000
|
heap
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
370C000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
39D7000
|
heap
|
page read and write
|
||
|
3B59000
|
heap
|
page read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
3705000
|
heap
|
page read and write
|
||
|
3ABA000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
37AD000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
3705000
|
heap
|
page read and write
|
||
|
3A1D000
|
heap
|
page read and write
|
||
|
3AA7000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
3AC3000
|
heap
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39D4000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
39F0000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
F6F000
|
stack
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3996000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
E2D000
|
heap
|
page read and write
|
||
|
D44000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
3AAD000
|
heap
|
page read and write
|
||
|
3C94000
|
heap
|
page read and write
|
||
|
3A27000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
3990000
|
heap
|
page read and write
|
||
|
3AC0000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
39C7000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
CDA000
|
heap
|
page read and write
|
||
|
3A1E000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
2EBD000
|
stack
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3B23000
|
heap
|
page read and write
|
||
|
3B22000
|
heap
|
page read and write
|
||
|
C39000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3B2D000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
2E1D000
|
stack
|
page read and write
|
||
|
3AC6000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
2D6D000
|
stack
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
C12000
|
heap
|
page read and write
|
||
|
D81000
|
heap
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
39E4000
|
heap
|
page read and write
|
||
|
3AA8000
|
heap
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
D9E000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
3BC3000
|
heap
|
page read and write
|
||
|
3B2B000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3B9C000
|
heap
|
page read and write
|
||
|
DC7000
|
heap
|
page read and write
|
||
|
3A9D000
|
heap
|
page read and write
|
||
|
39E5000
|
heap
|
page read and write
|
||
|
3C97000
|
heap
|
page read and write
|
||
|
B6E000
|
unkown
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
39B8000
|
heap
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
3869000
|
heap
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
3AAD000
|
heap
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
39E6000
|
heap
|
page read and write
|
||
|
3ADA000
|
heap
|
page read and write
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
39C1000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
28B0000
|
direct allocation
|
page execute and read and write
|
||
|
39C1000
|
heap
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
39D9000
|
heap
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
39C5000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
39D7000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
32BC000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
39C4000
|
heap
|
page read and write
|
||
|
3A18000
|
heap
|
page read and write
|
||
|
3ACF000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
3C91000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
39B1000
|
heap
|
page read and write
|
||
|
3B20000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
3AA9000
|
heap
|
page read and write
|
||
|
39B0000
|
heap
|
page read and write
|
||
|
37A1000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
3998000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
DE2000
|
heap
|
page read and write
|
||
|
2A7D000
|
heap
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
2EDD000
|
stack
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
D53000
|
heap
|
page read and write
|
||
|
39B0000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
3B63000
|
heap
|
page read and write
|
||
|
D6C000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
2C00000
|
remote allocation
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
311F000
|
stack
|
page read and write
|
||
|
3A0E000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
39C4000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39AB000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
42E0000
|
heap
|
page read and write
|
||
|
39AB000
|
heap
|
page read and write
|
||
|
3B0E000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
3A0D000
|
heap
|
page read and write
|
||
|
3A31000
|
heap
|
page read and write
|
||
|
41C000
|
unkown
|
page write copy
|
||
|
D9E000
|
heap
|
page read and write
|
||
|
39AA000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
39CF000
|
heap
|
page read and write
|
||
|
37A5000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
3AB1000
|
heap
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
417000
|
unkown
|
page write copy
|
||
|
386B000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3707000
|
heap
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
3AAB000
|
heap
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
39DB000
|
heap
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
2A00000
|
direct allocation
|
page read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
3B22000
|
heap
|
page read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
39E1000
|
heap
|
page read and write
|
||
|
3C9D000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
3B29000
|
heap
|
page read and write
|
||
|
39BF000
|
heap
|
page read and write
|
||
|
DAC000
|
heap
|
page read and write
|
||
|
32A8000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
3B2F000
|
heap
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
39E6000
|
heap
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
39E4000
|
heap
|
page read and write
|
||
|
37AF000
|
heap
|
page read and write
|
||
|
2EBF000
|
stack
|
page read and write
|
||
|
39B8000
|
heap
|
page read and write
|
||
|
35BE000
|
stack
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
39B9000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
39D7000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
39CB000
|
heap
|
page read and write
|
||
|
3703000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
37A1000
|
heap
|
page read and write
|
||
|
3B3D000
|
heap
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
E91000
|
heap
|
page read and write
|
||
|
3700000
|
trusted library allocation
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
3A54000
|
heap
|
page read and write
|
||
|
3B2D000
|
heap
|
page read and write
|
||
|
41C000
|
unkown
|
page write copy
|
||
|
385E000
|
heap
|
page read and write
|
||
|
2D9F000
|
unkown
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
2820000
|
remote allocation
|
page read and write
|
||
|
3AB6000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
39C6000
|
heap
|
page read and write
|
||
|
DEC000
|
heap
|
page read and write
|
||
|
294F000
|
stack
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
105F000
|
stack
|
page read and write
|
||
|
3ACC000
|
heap
|
page read and write
|
||
|
385F000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
3AB2000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
3B20000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
39E6000
|
heap
|
page read and write
|
||
|
417000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
D57000
|
heap
|
page read and write
|
||
|
2A90000
|
direct allocation
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39A9000
|
heap
|
page read and write
|
||
|
39DA000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
remote allocation
|
page read and write
|
||
|
3A95000
|
heap
|
page read and write
|
||
|
3A30000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
3B28000
|
heap
|
page read and write
|
||
|
39C1000
|
heap
|
page read and write
|
||
|
2A63000
|
heap
|
page read and write
|
||
|
3B59000
|
heap
|
page read and write
|
||
|
C9E000
|
heap
|
page read and write
|
||
|
39CC000
|
heap
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
B6E000
|
unkown
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
CA9000
|
heap
|
page read and write
|
||
|
3AAF000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
3A54000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
39AB000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
39C4000
|
heap
|
page read and write
|
||
|
3A93000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3856000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
3B34000
|
heap
|
page read and write
|
||
|
DA3000
|
heap
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
3780000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3A11000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
39B6000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
D78000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
3B36000
|
heap
|
page read and write
|
||
|
3A9F000
|
heap
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
BFE000
|
heap
|
page read and write
|
||
|
3B29000
|
heap
|
page read and write
|
||
|
39CD000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
37AE000
|
heap
|
page read and write
|
||
|
36FF000
|
stack
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3854000
|
heap
|
page read and write
|
||
|
2803000
|
heap
|
page execute and read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
C2E000
|
stack
|
page read and write
|
||
|
39B1000
|
heap
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39D5000
|
heap
|
page read and write
|
||
|
386C000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
3A94000
|
heap
|
page read and write
|
||
|
3B1D000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
3B31000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
39DC000
|
heap
|
page read and write
|
||
|
2820000
|
remote allocation
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
CA1000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39AB000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
3AA6000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
3ACD000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
3AA7000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
3A05000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
417000
|
unkown
|
page write copy
|
||
|
39CD000
|
heap
|
page read and write
|
||
|
3860000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3700000
|
trusted library allocation
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
39BA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
DB1000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
3A90000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
3AA7000
|
heap
|
page read and write
|
||
|
39C4000
|
heap
|
page read and write
|
||
|
3990000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
3B28000
|
heap
|
page read and write
|
||
|
E1B000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3B52000
|
heap
|
page read and write
|
||
|
3B51000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
37A2000
|
heap
|
page read and write
|
||
|
3AC0000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
39CA000
|
heap
|
page read and write
|
||
|
3B51000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
3B59000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
3AA7000
|
heap
|
page read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
3A4C000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
39DB000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
37AD000
|
heap
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
3AA9000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
2AC8000
|
heap
|
page read and write
|
||
|
3AE5000
|
heap
|
page read and write
|
||
|
37AD000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
D17000
|
heap
|
page read and write
|
||
|
323D000
|
stack
|
page read and write
|
||
|
39B1000
|
heap
|
page read and write
|
||
|
39CD000
|
heap
|
page read and write
|
||
|
3B1D000
|
heap
|
page read and write
|
||
|
39CB000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3868000
|
heap
|
page read and write
|
||
|
39A0000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
39E1000
|
heap
|
page read and write
|
||
|
EBD000
|
heap
|
page read and write
|
||
|
3A27000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
370E000
|
heap
|
page read and write
|
||
|
3B34000
|
heap
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
3B80000
|
heap
|
page read and write
|
||
|
39CA000
|
heap
|
page read and write
|
||
|
359D000
|
stack
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
39C7000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
3A11000
|
heap
|
page read and write
|
||
|
3AA9000
|
heap
|
page read and write
|
||
|
3C9B000
|
heap
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
3A39000
|
heap
|
page read and write
|
||
|
3ABC000
|
heap
|
page read and write
|
||
|
3A30000
|
heap
|
page read and write
|
||
|
3AA3000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
39C8000
|
heap
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
3997000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
3A09000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3B34000
|
heap
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
3A31000
|
heap
|
page read and write
|
||
|
344B000
|
heap
|
page read and write
|
||
|
3AE0000
|
heap
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
3AC8000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
3AAD000
|
heap
|
page read and write
|
||
|
3A48000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
E64000
|
heap
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
3DD0000
|
trusted library allocation
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
3ABC000
|
heap
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
39DA000
|
heap
|
page read and write
|
||
|
3A3A000
|
heap
|
page read and write
|
||
|
39DB000
|
heap
|
page read and write
|
||
|
3AAC000
|
heap
|
page read and write
|
||
|
37AE000
|
heap
|
page read and write
|
||
|
39AD000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
2B2C000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
39D7000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
3AAC000
|
heap
|
page read and write
|
||
|
39D5000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
39B4000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
3C97000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
CA3000
|
heap
|
page read and write
|
||
|
3A99000
|
heap
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
CE9000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
37A9000
|
heap
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
CB2000
|
heap
|
page read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
39B9000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
3AA4000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
37A1000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
C9A000
|
heap
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
3A38000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
3709000
|
heap
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
3A90000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
3C94000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
3B8E000
|
heap
|
page read and write
|
||
|
2A7F000
|
heap
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
39AE000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
3AAF000
|
heap
|
page read and write
|
||
|
41C000
|
unkown
|
page write copy
|
||
|
198000
|
stack
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
3998000
|
heap
|
page read and write
|
||
|
37A4000
|
heap
|
page read and write
|
||
|
DF1000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
CA7000
|
heap
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
39DB000
|
heap
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
39B0000
|
heap
|
page read and write
|
||
|
343F000
|
unkown
|
page read and write
|
||
|
B8A000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
3AB5000
|
heap
|
page read and write
|
||
|
2D7D000
|
stack
|
page read and write
|
||
|
3AC2000
|
heap
|
page read and write
|
||
|
3ACD000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
39C6000
|
heap
|
page read and write
|
||
|
3B3A000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
3AE8000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
3C9C000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
3AAD000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3B28000
|
heap
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
3A41000
|
heap
|
page read and write
|
||
|
42E0000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
F5F000
|
stack
|
page read and write
|
||
|
E23000
|
heap
|
page read and write
|
||
|
37B0000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
3A9F000
|
heap
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
18B000
|
stack
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
39DD000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
CA9000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3AA9000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
C29000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
3A33000
|
heap
|
page read and write
|
||
|
3C9E000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
2B40000
|
remote allocation
|
page read and write
|
||
|
3A33000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
C3A000
|
heap
|
page read and write
|
||
|
3AAA000
|
heap
|
page read and write
|
||
|
3997000
|
heap
|
page read and write
|
||
|
39DB000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
37A7000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
42E1000
|
heap
|
page read and write
|
||
|
3C96000
|
heap
|
page read and write
|
||
|
3A41000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
41C000
|
unkown
|
page write copy
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
3A1D000
|
heap
|
page read and write
|
||
|
3ADB000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
E26000
|
heap
|
page read and write
|
||
|
C05000
|
heap
|
page read and write
|
||
|
3ABC000
|
heap
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
CB7000
|
heap
|
page read and write
|
||
|
3B3A000
|
heap
|
page read and write
|
||
|
39B9000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39CB000
|
heap
|
page read and write
|
||
|
3AAD000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
3AB5000
|
heap
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
CB1000
|
heap
|
page read and write
|
||
|
42E1000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
direct allocation
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
386E000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
39C3000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
D78000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
102F000
|
stack
|
page read and write
|
||
|
311F000
|
stack
|
page read and write
|
||
|
3865000
|
heap
|
page read and write
|
||
|
CB7000
|
heap
|
page read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
37B7000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
3AA3000
|
heap
|
page read and write
|
||
|
39C9000
|
heap
|
page read and write
|
||
|
B4D000
|
stack
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3ABF000
|
heap
|
page read and write
|
||
|
C31000
|
heap
|
page read and write
|
||
|
386A000
|
heap
|
page read and write
|
||
|
3A3D000
|
heap
|
page read and write
|
||
|
3C91000
|
heap
|
page read and write
|
||
|
3AA2000
|
heap
|
page read and write
|
||
|
3B35000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
2820000
|
remote allocation
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
3B9C000
|
heap
|
page read and write
|
||
|
39F0000
|
heap
|
page read and write
|
||
|
3B67000
|
heap
|
page read and write
|
||
|
327A000
|
stack
|
page read and write
|
||
|
D72000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
3AA5000
|
heap
|
page read and write
|
||
|
36FE000
|
stack
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
2BC0000
|
remote allocation
|
page read and write
|
||
|
26B3000
|
heap
|
page execute and read and write
|
||
|
3874000
|
heap
|
page read and write
|
||
|
3B1D000
|
heap
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
3A98000
|
heap
|
page read and write
|
||
|
3ACB000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
CCA000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
36FE000
|
stack
|
page read and write
|
||
|
39C7000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
3997000
|
heap
|
page read and write
|
||
|
2890000
|
remote allocation
|
page read and write
|
||
|
3DE1000
|
heap
|
page read and write
|
||
|
39D5000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
42E1000
|
heap
|
page read and write
|
||
|
3ADC000
|
heap
|
page read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
198000
|
stack
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
3705000
|
heap
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
3AD5000
|
heap
|
page read and write
|
||
|
3ADC000
|
heap
|
page read and write
|
||
|
39BA000
|
heap
|
page read and write
|
||
|
39C4000
|
heap
|
page read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
3ABA000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
3ABB000
|
heap
|
page read and write
|
||
|
2950000
|
direct allocation
|
page execute and read and write
|
||
|
2D7E000
|
stack
|
page read and write
|
||
|
CAA000
|
heap
|
page read and write
|
||
|
3AC0000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39D5000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
CB9000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
3B4D000
|
heap
|
page read and write
|
||
|
36FF000
|
stack
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2A01000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
3B2D000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
39C7000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
BE7000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3AA9000
|
heap
|
page read and write
|
||
|
3B2D000
|
heap
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
39C7000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
39CC000
|
heap
|
page read and write
|
||
|
39BF000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
3853000
|
heap
|
page read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
3A2D000
|
heap
|
page read and write
|
||
|
2A00000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
39B1000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
39AD000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
3AAD000
|
heap
|
page read and write
|
||
|
3996000
|
heap
|
page read and write
|
||
|
3A2F000
|
heap
|
page read and write
|
||
|
39C4000
|
heap
|
page read and write
|
||
|
3A3A000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
D0E000
|
unkown
|
page read and write
|
||
|
39E6000
|
heap
|
page read and write
|
||
|
3B20000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
3A1D000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
39B1000
|
heap
|
page read and write
|
||
|
3B28000
|
heap
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
3AC0000
|
heap
|
page read and write
|
||
|
39C5000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
2B2A000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
3863000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
BEA000
|
heap
|
page read and write
|
||
|
3A93000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
39F0000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
3ABB000
|
heap
|
page read and write
|
||
|
3AAB000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
3B2D000
|
heap
|
page read and write
|
||
|
3A51000
|
heap
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
3AA5000
|
heap
|
page read and write
|
||
|
3B63000
|
heap
|
page read and write
|
||
|
3C9A000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
EBE000
|
heap
|
page read and write
|
||
|
CCB000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
3A33000
|
heap
|
page read and write
|
||
|
39E6000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3AE8000
|
heap
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
BFA000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
B6E000
|
unkown
|
page read and write
|
||
|
3B2B000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
3C93000
|
heap
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
3B3E000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
3C94000
|
heap
|
page read and write
|
||
|
3ABB000
|
heap
|
page read and write
|
||
|
D15000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
39C3000
|
heap
|
page read and write
|
||
|
39DC000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
41C000
|
unkown
|
page write copy
|
||
|
303E000
|
stack
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
417000
|
unkown
|
page write copy
|
||
|
37A5000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
39A0000
|
heap
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
39AB000
|
heap
|
page read and write
|
||
|
386B000
|
heap
|
page read and write
|
||
|
3ADB000
|
heap
|
page read and write
|
||
|
3B51000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
3A2F000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
2920000
|
direct allocation
|
page execute and read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
36FF000
|
stack
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
39B1000
|
heap
|
page read and write
|
||
|
2920000
|
direct allocation
|
page execute and read and write
|
||
|
370D000
|
heap
|
page read and write
|
||
|
3B2D000
|
heap
|
page read and write
|
||
|
F2F000
|
stack
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
3707000
|
heap
|
page read and write
|
||
|
3A93000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
2716000
|
heap
|
page execute and read and write
|
||
|
3C9D000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
37A8000
|
heap
|
page read and write
|
||
|
370A000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
2A60000
|
direct allocation
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
39BF000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
3B39000
|
heap
|
page read and write
|
||
|
39CB000
|
heap
|
page read and write
|
||
|
39AE000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
39C2000
|
heap
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
3858000
|
heap
|
page read and write
|
||
|
DEA000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
2AB3000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
3A32000
|
heap
|
page read and write
|
||
|
39BE000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
3B67000
|
heap
|
page read and write
|
||
|
3A99000
|
heap
|
page read and write
|
||
|
C2B000
|
heap
|
page read and write
|
||
|
39D4000
|
heap
|
page read and write
|
||
|
3A93000
|
heap
|
page read and write
|
||
|
D92000
|
heap
|
page read and write
|
||
|
39E6000
|
heap
|
page read and write
|
||
|
2890000
|
remote allocation
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
39CC000
|
heap
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
39BD000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3A54000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
3AA5000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
B6E000
|
unkown
|
page read and write
|
||
|
3AA6000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
3A33000
|
heap
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
2B40000
|
remote allocation
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
3A9B000
|
heap
|
page read and write
|
||
|
C29000
|
heap
|
page read and write
|
||
|
39B4000
|
heap
|
page read and write
|
||
|
D8E000
|
heap
|
page read and write
|
||
|
3A0B000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
198000
|
stack
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
370E000
|
heap
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
39DD000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
301F000
|
stack
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
EB1000
|
heap
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
3C98000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
3AAD000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
417000
|
unkown
|
page write copy
|
||
|
3A9F000
|
heap
|
page read and write
|
||
|
3996000
|
heap
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
3ABE000
|
heap
|
page read and write
|
||
|
39DD000
|
heap
|
page read and write
|
||
|
39E3000
|
heap
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
39D7000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
3AA8000
|
heap
|
page read and write
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
3A48000
|
heap
|
page read and write
|
||
|
3AA1000
|
heap
|
page read and write
|
||
|
D57000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
3AE8000
|
heap
|
page read and write
|
||
|
3AE5000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
3A4C000
|
heap
|
page read and write
|
||
|
39C7000
|
heap
|
page read and write
|
||
|
3AA4000
|
heap
|
page read and write
|
||
|
3ABA000
|
heap
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
3876000
|
heap
|
page read and write
|
||
|
3B2C000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
3A95000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
EBE000
|
heap
|
page read and write
|
||
|
3B24000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
3AA8000
|
heap
|
page read and write
|
||
|
3A48000
|
heap
|
page read and write
|
||
|
3A93000
|
heap
|
page read and write
|
||
|
39B0000
|
heap
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
39BF000
|
heap
|
page read and write
|
||
|
3A2F000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
3705000
|
heap
|
page read and write
|
||
|
3C92000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
3AA0000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
39D8000
|
heap
|
page read and write
|
||
|
2BC0000
|
remote allocation
|
page read and write
|
||
|
3AD5000
|
heap
|
page read and write
|
||
|
2890000
|
remote allocation
|
page read and write
|
||
|
3A27000
|
heap
|
page read and write
|
||
|
2BC0000
|
remote allocation
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
2A1B000
|
heap
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
18B000
|
stack
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
C33000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
2A99000
|
heap
|
page read and write
|
||
|
3AB6000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
3AA0000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
D8D000
|
heap
|
page read and write
|
||
|
18B000
|
stack
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
3868000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
2EAD000
|
stack
|
page read and write
|
||
|
C92000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
3B29000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
3B4D000
|
heap
|
page read and write
|
||
|
370B000
|
heap
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
39EF000
|
heap
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
3ADB000
|
heap
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
3ACD000
|
heap
|
page read and write
|
||
|
3AB3000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
3ABC000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
F0F000
|
stack
|
page read and write
|
||
|
39DC000
|
heap
|
page read and write
|
||
|
3C9E000
|
heap
|
page read and write
|
||
|
39AE000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
3C90000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
27D3000
|
heap
|
page execute and read and write
|
||
|
E17000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
3A95000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
3AA5000
|
heap
|
page read and write
|
||
|
CB2000
|
heap
|
page read and write
|
||
|
2C00000
|
remote allocation
|
page read and write
|
||
|
3ACD000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3A92000
|
heap
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39B4000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
3702000
|
heap
|
page read and write
|
||
|
E21000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
39B1000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
39B3000
|
heap
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
B70000
|
unkown
|
page readonly
|
||
|
386A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
3AE0000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
E9D000
|
heap
|
page read and write
|
||
|
3A3A000
|
heap
|
page read and write
|
||
|
39BB000
|
heap
|
page read and write
|
||
|
3A91000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
39BF000
|
heap
|
page read and write
|
There are 1422 hidden memdumps, click here to show them.