Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Heuristic.HEUR.AGEN.1319028.18822.21071.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Program Files (x86)\PairVPN\PairVPN.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
 |
|
|
C:\Program Files (x86)\PairVPN\is-2PSH3.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\PairVPN\is-7A3OK.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\PairVPN\is-A2FHO.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\PairVPN\is-GAJBA.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\PairVPN\pveth\is-UADM2.tmp
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\PairVPN\pveth\pveth.sys (copy)
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\PairVPN\pvextra.exe (copy)
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\PairVPN\unins000.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\is-83J31.tmp\SecuriteInfo.com.Heuristic.HEUR.AGEN.1319028.18822.21071.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\{c8205cf6-48e0-7848-82c9-7c315d28ffc2}\SET39E7.tmp
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\{c8205cf6-48e0-7848-82c9-7c315d28ffc2}\pveth.sys (copy)
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\DriverStore\Temp\{52c0b4ce-4a56-b642-98c5-a3179f85b29e}\SET3B7E.tmp
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\DriverStore\Temp\{52c0b4ce-4a56-b642-98c5-a3179f85b29e}\pveth.sys (copy)
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\PairVPN\pveth\is-4G4HM.tmp
|
Windows setup INFormation
|
dropped
|
||
|
C:\Program Files (x86)\PairVPN\pveth\is-5S3BL.tmp
|
data
|
dropped
|
||
|
C:\Program Files (x86)\PairVPN\pveth\pveth.cat (copy)
|
data
|
dropped
|
||
|
C:\Program Files (x86)\PairVPN\pveth\pveth.inf (copy)
|
Windows setup INFormation
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-J5BNJ.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{c8205cf6-48e0-7848-82c9-7c315d28ffc2}\SET39C6.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{c8205cf6-48e0-7848-82c9-7c315d28ffc2}\SET39D7.tmp
|
Windows setup INFormation
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{c8205cf6-48e0-7848-82c9-7c315d28ffc2}\pveth.cat (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{c8205cf6-48e0-7848-82c9-7c315d28ffc2}\pveth.inf (copy)
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\INF\oem4.inf
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\INF\setupapi.dev.log
|
Generic INItialization configuration [BeginLog]
|
dropped
|
||
|
C:\Windows\Logs\NetSetup\service.0.etl
|
data
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{52c0b4ce-4a56-b642-98c5-a3179f85b29e}\SET3B5C.tmp
|
data
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{52c0b4ce-4a56-b642-98c5-a3179f85b29e}\SET3B6D.tmp
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{52c0b4ce-4a56-b642-98c5-a3179f85b29e}\pveth.cat (copy)
|
data
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{52c0b4ce-4a56-b642-98c5-a3179f85b29e}\pveth.inf (copy)
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\System32\catroot2\dberr.txt
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 23 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\is-83J31.tmp\SecuriteInfo.com.Heuristic.HEUR.AGEN.1319028.18822.21071.tmp
|
"C:\Users\user\AppData\Local\Temp\is-83J31.tmp\SecuriteInfo.com.Heuristic.HEUR.AGEN.1319028.18822.21071.tmp" /SL5="$20404,1488690,832512,C:\Users\user\Desktop\SecuriteInfo.com.Heuristic.HEUR.AGEN.1319028.18822.21071.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s NetSetupSvc
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
"netsh.exe" advfirewall firewall add rule name="PairVPN" dir=in action=allow program="C:\Program Files (x86)\PairVPN\PairVPN.exe"
enable=yes
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Heuristic.HEUR.AGEN.1319028.18822.21071.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Heuristic.HEUR.AGEN.1319028.18822.21071.exe"
|
||
|
C:\Program Files (x86)\PairVPN\pvextra.exe
|
"C:\Program Files (x86)\PairVPN\pvextra.exe" /d
|
||
|
C:\Windows\System32\drvinst.exe
|
DrvInst.exe "4" "0" "C:\Users\user\AppData\Local\Temp\{c8205cf6-48e0-7848-82c9-7c315d28ffc2}\pveth.inf" "9" "4ec797a8f" "0000000000000100"
"WinSta0\Default" "0000000000000170" "208" "c:\program files (x86)\pairvpn\pveth"
|
||
|
C:\Windows\System32\drvinst.exe
|
DrvInst.exe "2" "211" "ROOT\PVETH\0000" "C:\Windows\INF\oem4.inf" "oem4.inf:1f6a2eb20729039e:pveth.ndi:1.8.3.0:pveth," "4ec797a8f"
"0000000000000100"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.google.com/maps/search/?api=1&query=%f%%2C%fcli_txt_clockInvalid
|
unknown
|
||
|
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
https://pairv.net/dev/install.php?err=t%d
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
|
unknown
|
||
|
https://www.remobjects.com/ps
|
unknown
|
||
|
https://pairvpn.com
|
unknown
|
||
|
https://www.innosetup.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/devprof
|
unknown
|
||
|
https://pairv.net/dev/install.php?err=t11037Provider
|
unknown
|
||
|
https://pairv.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/04/discovery/Probe
|
unknown
|
||
|
https://www.google.com/maps/search/?api=1&query=%f%%2C%f
|
unknown
|
||
|
https://www.pairvpn.com
|
unknown
|
||
|
https://pairv.net/dev/install.php?err=t%d/uPairVPN_cls/twintrust.dllCryptCATAdminAcquireContext2
|
unknown
|
||
|
https://www.pairvpn.com.https://www.pairvpn.com.https://www.pairvpn.com
|
unknown
|
||
|
https://www.pairvpn.comQ6O
|
unknown
|
||
|
https://pairv.net/dev/install.php?err=t11037
|
45.33.111.235
|
||
|
https://pairv.net/dev/install.php?err=t11037:
|
unknown
|
||
|
https://pairv.net/dev/install.php?err=t11037z
|
unknown
|
||
|
https://pairvpn.com%s/%ssvr_btn_offsession_pending_review_numsession_pending_review_msgInvalid
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/09/transfer/Get
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/04/discovery
|
unknown
|
There are 12 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pairv.net
|
45.33.111.235
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.33.111.235
|
pairv.net
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SetupapiLogStatus
|
setupapi.dev.log
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Device Installer\CurrentStatus
|
StartTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Device Installer\CurrentStatus
|
Progress
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Device Installer\CurrentStatus
|
Progress
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pveth
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pveth
|
TextModeFlags
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\pveth
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\pveth
|
TypesSupported
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/pveth.sys
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Descriptors\pveth
|
Configuration
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Descriptors\pveth
|
Manufacturer
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Descriptors\pveth
|
Description
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi
|
Service
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi
|
ConfigScope
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Driver
|
BusNumber
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Driver\Ndi
|
Service
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Driver\Ndi\Interfaces
|
UpperRange
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Driver\Ndi\Interfaces
|
LowerRange
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Driver
|
*IfType
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Driver
|
*MediaType
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Driver
|
*PhysicalMediaType
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Driver
|
Characteristics
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi\Services\pveth
|
TextModeFlags
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Configurations\pveth.ndi
|
ConfigFlags
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Strings
|
pveth.devicedesc
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\pveth.inf_amd64_4d971e32342dbc12\Strings
|
moco
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/pveth.sys
|
Class
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/pveth.sys
|
Source
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010
|
IfTypePreStart
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010
|
NetworkInterfaceInstallTimestamp
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\0032
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\000a
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\000c
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\000e
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\0020
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f200-5923-47c0-9a68-d0bafb577901}\0006
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\0034
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f1-5923-47c0-9a68-d0bafb577901}\0002
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f1-5923-47c0-9a68-d0bafb577901}\0004
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1ef-5923-47c0-9a68-d0bafb577901}\0014
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\0004
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\0010
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\00b4
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
IfType
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
MediaType
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
PhysicalMediaType
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
IfAlias
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
NetLuidIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
Characteristics
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Connection
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010\Linkage
|
RootDevice
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010\Linkage
|
Export
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\0012
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\0104
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
IfDescr
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f200-5923-47c0-9a68-d0bafb577901}\0028
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010
|
InstallTimeStamp
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{00b266d3-09a4-4668-b50c-ad74c9987f7a}
|
EnableDHCP
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{00b266d3-09a4-4668-b50c-ad74c9987f7a}
|
EnableDHCP
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{00b266d3-09a4-4668-b50c-ad74c9987f7a}
|
Domain
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{00b266d3-09a4-4668-b50c-ad74c9987f7a}
|
NameServer
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Adapters\{00b266d3-09a4-4668-b50c-ad74c9987f7a}
|
LLInterface
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Adapters\{00b266d3-09a4-4668-b50c-ad74c9987f7a}
|
IpConfig
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces\Tcpip_{00b266d3-09a4-4668-b50c-ad74c9987f7a}
|
NameServerList
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces\Tcpip_{00b266d3-09a4-4668-b50c-ad74c9987f7a}
|
NetbiosOptions
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\BindPaths\{00275BE9-4DE1-24E1-DA5C-8CC72DD5DFE9}\Properties\{a111f1f2-5923-47c0-9a68-d0bafb577901}\0050
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Connection
|
PnPInstanceId
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010
|
DeviceInstanceID
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010
|
ComponentId
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Properties\{a111f1f4-5923-47c0-9a68-d0bafb577901}\012c
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010
|
NetCfgInstanceId
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010
|
NetLuidIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
ProtocolList
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkSetup2\Interfaces\{00B266D3-09A4-4668-B50C-AD74C9987F7A}\Kernel
|
FilterList
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010\Linkage
|
UpperBind
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010\Linkage
|
FilterList
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\PVETH\0000\Device Parameters
|
InstanceIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
Intel(R) 82574L Gigabit Network Connection
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
Microsoft Kernel Debug Network Adapter
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
PairVPN Network Adapter
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
WAN Miniport (IKEv2)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
WAN Miniport (IP)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
WAN Miniport (IPv6)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
WAN Miniport (L2TP)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
WAN Miniport (Network Monitor)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
WAN Miniport (PPPOE)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
WAN Miniport (PPTP)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions
|
WAN Miniport (SSTP)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Linkage
|
Export
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Linkage
|
Bind
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Linkage
|
Route
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Linkage
|
Export
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Linkage
|
Bind
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Linkage
|
Route
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Linkage
|
Export
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Linkage
|
Bind
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Linkage
|
Route
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasPppoe\Linkage
|
Export
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasPppoe\Linkage
|
Bind
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasPppoe\Linkage
|
Route
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS\Linkage
|
Export
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS\Linkage
|
Bind
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS\Linkage
|
Route
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanServer\Linkage
|
Export
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanServer\Linkage
|
Bind
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanServer\Linkage
|
Route
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanWorkstation\Linkage
|
Export
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanWorkstation\Linkage
|
Bind
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanWorkstation\Linkage
|
Route
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS\Parameters
|
MaxLana
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS\Linkage
|
LanaMap
|
There are 106 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
171C9002000
|
trusted library allocation
|
page read and write
|
||
|
2473000
|
direct allocation
|
page read and write
|
||
|
4C4000
|
unkown
|
page readonly
|
||
|
2967A4E5000
|
heap
|
page read and write
|
||
|
24ED000
|
direct allocation
|
page read and write
|
||
|
2967A4A6000
|
heap
|
page read and write
|
||
|
25B6000
|
direct allocation
|
page read and write
|
||
|
4B7000
|
unkown
|
page write copy
|
||
|
2967A4CB000
|
heap
|
page read and write
|
||
|
171C8967000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
7FF6B056B000
|
unkown
|
page write copy
|
||
|
2556000
|
direct allocation
|
page read and write
|
||
|
2011748F000
|
heap
|
page read and write
|
||
|
201174A7000
|
heap
|
page read and write
|
||
|
3A70000
|
heap
|
page read and write
|
||
|
2438000
|
direct allocation
|
page read and write
|
||
|
24B752CB000
|
heap
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
2967A4D5000
|
heap
|
page read and write
|
||
|
171C893C000
|
heap
|
page read and write
|
||
|
25E1000
|
direct allocation
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
2011748F000
|
heap
|
page read and write
|
||
|
773000
|
heap
|
page read and write
|
||
|
67646FE000
|
stack
|
page read and write
|
||
|
171C8921000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
250A000
|
direct allocation
|
page read and write
|
||
|
24B7523C000
|
heap
|
page read and write
|
||
|
6D6000
|
unkown
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
201174A7000
|
heap
|
page read and write
|
||
|
A4C21FE000
|
stack
|
page read and write
|
||
|
20117410000
|
heap
|
page read and write
|
||
|
20117413000
|
heap
|
page read and write
|
||
|
2011749C000
|
heap
|
page read and write
|
||
|
171C8967000
|
heap
|
page read and write
|
||
|
20117463000
|
heap
|
page read and write
|
||
|
24B75224000
|
heap
|
page read and write
|
||
|
C1BC7F000
|
stack
|
page read and write
|
||
|
24B752BD000
|
heap
|
page read and write
|
||
|
24D6000
|
direct allocation
|
page read and write
|
||
|
2582000
|
direct allocation
|
page read and write
|
||
|
2750000
|
direct allocation
|
page read and write
|
||
|
171C8919000
|
heap
|
page read and write
|
||
|
21A7D5F0000
|
heap
|
page read and write
|
||
|
24B75230000
|
heap
|
page read and write
|
||
|
377A000
|
direct allocation
|
page read and write
|
||
|
20117480000
|
heap
|
page read and write
|
||
|
2967A4A1000
|
heap
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
24B752C7000
|
heap
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
171C893E000
|
heap
|
page read and write
|
||
|
24B0000
|
direct allocation
|
page read and write
|
||
|
3BCBC7F000
|
stack
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
24B7528B000
|
heap
|
page read and write
|
||
|
24B75350000
|
heap
|
page read and write
|
||
|
20117428000
|
heap
|
page read and write
|
||
|
A4C26FF000
|
stack
|
page read and write
|
||
|
2967A4C9000
|
heap
|
page read and write
|
||
|
2967A4AE000
|
heap
|
page read and write
|
||
|
2011742B000
|
heap
|
page read and write
|
||
|
2011742B000
|
heap
|
page read and write
|
||
|
2423000
|
direct allocation
|
page read and write
|
||
|
20117499000
|
heap
|
page read and write
|
||
|
20117438000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
2011748F000
|
heap
|
page read and write
|
||
|
244E000
|
direct allocation
|
page read and write
|
||
|
2564000
|
direct allocation
|
page read and write
|
||
|
2967A4AD000
|
heap
|
page read and write
|
||
|
7FF6B056B000
|
unkown
|
page read and write
|
||
|
171C8942000
|
heap
|
page read and write
|
||
|
24B7522B000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
24B75242000
|
heap
|
page read and write
|
||
|
7DD000
|
heap
|
page read and write
|
||
|
24B751D0000
|
heap
|
page read and write
|
||
|
7FF6B0551000
|
unkown
|
page execute read
|
||
|
20117413000
|
heap
|
page read and write
|
||
|
2447000
|
direct allocation
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
24B75275000
|
heap
|
page read and write
|
||
|
21A7D629000
|
unkown
|
page read and write
|
||
|
20117411000
|
heap
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
24B7523C000
|
heap
|
page read and write
|
||
|
171C8935000
|
heap
|
page read and write
|
||
|
2967A4C2000
|
heap
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
744000
|
heap
|
page read and write
|
||
|
20117432000
|
heap
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
20117413000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
2967A4D1000
|
heap
|
page read and write
|
||
|
24B75295000
|
heap
|
page read and write
|
||
|
242A000
|
direct allocation
|
page read and write
|
||
|
201173F9000
|
heap
|
page read and write
|
||
|
2967A4D5000
|
heap
|
page read and write
|
||
|
2508000
|
direct allocation
|
page read and write
|
||
|
2967A49B000
|
heap
|
page read and write
|
||
|
20117428000
|
heap
|
page read and write
|
||
|
676410D000
|
stack
|
page read and write
|
||
|
24B7527F000
|
heap
|
page read and write
|
||
|
24B7521B000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
24F3000
|
direct allocation
|
page read and write
|
||
|
4C6000
|
unkown
|
page readonly
|
||
|
171C8920000
|
heap
|
page read and write
|
||
|
C1BEFE000
|
stack
|
page read and write
|
||
|
20117483000
|
heap
|
page read and write
|
||
|
2967A4DA000
|
heap
|
page read and write
|
||
|
171C86F0000
|
heap
|
page read and write
|
||
|
20117411000
|
heap
|
page read and write
|
||
|
2967A4CE000
|
heap
|
page read and write
|
||
|
2503000
|
direct allocation
|
page read and write
|
||
|
C1B96B000
|
stack
|
page read and write
|
||
|
24B751E8000
|
heap
|
page read and write
|
||
|
2011749C000
|
heap
|
page read and write
|
||
|
24B75259000
|
heap
|
page read and write
|
||
|
24B752BF000
|
heap
|
page read and write
|
||
|
20117491000
|
heap
|
page read and write
|
||
|
6764FFE000
|
unkown
|
page readonly
|
||
|
21A7D602000
|
unkown
|
page read and write
|
||
|
2967A4DA000
|
heap
|
page read and write
|
||
|
20117491000
|
heap
|
page read and write
|
||
|
6764CFC000
|
stack
|
page read and write
|
||
|
2967A670000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
245C000
|
direct allocation
|
page read and write
|
||
|
2967A4BE000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
2539000
|
direct allocation
|
page read and write
|
||
|
24B7523C000
|
heap
|
page read and write
|
||
|
2011748F000
|
heap
|
page read and write
|
||
|
37BD000
|
direct allocation
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
2967A590000
|
heap
|
page read and write
|
||
|
246C000
|
direct allocation
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
171C8957000
|
heap
|
page read and write
|
||
|
7FB40000
|
direct allocation
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
171C892C000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
A4C28FF000
|
stack
|
page read and write
|
||
|
4B7000
|
unkown
|
page read and write
|
||
|
24B75050000
|
heap
|
page read and write
|
||
|
2011747C000
|
heap
|
page read and write
|
||
|
2011748F000
|
heap
|
page read and write
|
||
|
21A7D715000
|
trusted library allocation
|
page read and write
|
||
|
171C8965000
|
heap
|
page read and write
|
||
|
FD0D3EF000
|
stack
|
page read and write
|
||
|
2011742B000
|
heap
|
page read and write
|
||
|
254C000
|
direct allocation
|
page read and write
|
||
|
24B75295000
|
heap
|
page read and write
|
||
|
20117491000
|
heap
|
page read and write
|
||
|
171C8837000
|
heap
|
page read and write
|
||
|
2011741B000
|
heap
|
page read and write
|
||
|
26E0000
|
direct allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
201173F9000
|
heap
|
page read and write
|
||
|
20117491000
|
heap
|
page read and write
|
||
|
24B75257000
|
heap
|
page read and write
|
||
|
20117414000
|
heap
|
page read and write
|
||
|
24B75160000
|
heap
|
page read and write
|
||
|
FD0D77E000
|
stack
|
page read and write
|
||
|
7FF6B056D000
|
unkown
|
page readonly
|
||
|
24B7523C000
|
heap
|
page read and write
|
||
|
2967A4D5000
|
heap
|
page read and write
|
||
|
2011740B000
|
heap
|
page read and write
|
||
|
20117404000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
258A000
|
direct allocation
|
page read and write
|
||
|
24B75275000
|
heap
|
page read and write
|
||
|
171C8900000
|
heap
|
page read and write
|
||
|
A4C24FE000
|
stack
|
page read and write
|
||
|
20117499000
|
heap
|
page read and write
|
||
|
2967A4B3000
|
heap
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
24B75244000
|
heap
|
page read and write
|
||
|
3970000
|
heap
|
page read and write
|
||
|
20117410000
|
heap
|
page read and write
|
||
|
3754000
|
direct allocation
|
page read and write
|
||
|
171C8962000
|
heap
|
page read and write
|
||
|
171C891E000
|
heap
|
page read and write
|
||
|
24EC000
|
direct allocation
|
page read and write
|
||
|
21A7D702000
|
trusted library allocation
|
page read and write
|
||
|
20117483000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
78D000
|
heap
|
page read and write
|
||
|
2967A4C2000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
201173FA000
|
heap
|
page read and write
|
||
|
2011741B000
|
heap
|
page read and write
|
||
|
201174A7000
|
heap
|
page read and write
|
||
|
3C6F000
|
stack
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
37AD000
|
direct allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
20117410000
|
heap
|
page read and write
|
||
|
171C890F000
|
heap
|
page read and write
|
||
|
171C8915000
|
heap
|
page read and write
|
||
|
171C883C000
|
heap
|
page read and write
|
||
|
2011740B000
|
heap
|
page read and write
|
||
|
2967A4E5000
|
heap
|
page read and write
|
||
|
6DE000
|
unkown
|
page readonly
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
2501000
|
direct allocation
|
page read and write
|
||
|
24B752BD000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
3784000
|
direct allocation
|
page read and write
|
||
|
2967A4C7000
|
heap
|
page read and write
|
||
|
171C883F000
|
heap
|
page read and write
|
||
|
171C8946000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
772000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
3BCB9DE000
|
stack
|
page read and write
|
||
|
A4C2BFD000
|
stack
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
171C891C000
|
heap
|
page read and write
|
||
|
4C2000
|
unkown
|
page write copy
|
||
|
20117415000
|
heap
|
page read and write
|
||
|
2967A501000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
171C8938000
|
heap
|
page read and write
|
||
|
20117414000
|
heap
|
page read and write
|
||
|
6764EFE000
|
stack
|
page read and write
|
||
|
3620000
|
unkown
|
page read and write
|
||
|
171C893D000
|
heap
|
page read and write
|
||
|
20117499000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
A4C22FE000
|
stack
|
page read and write
|
||
|
25C4000
|
direct allocation
|
page read and write
|
||
|
A4C25FE000
|
stack
|
page read and write
|
||
|
24C8000
|
direct allocation
|
page read and write
|
||
|
20117415000
|
heap
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
2967A4C2000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
C1C0F9000
|
stack
|
page read and write
|
||
|
201174A7000
|
heap
|
page read and write
|
||
|
24B75293000
|
heap
|
page read and write
|
||
|
25CC000
|
direct allocation
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
2750000
|
direct allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
3BCBCFE000
|
stack
|
page read and write
|
||
|
20117438000
|
heap
|
page read and write
|
||
|
54D0000
|
direct allocation
|
page read and write
|
||
|
257B000
|
direct allocation
|
page read and write
|
||
|
24B75244000
|
heap
|
page read and write
|
||
|
2967A4AA000
|
heap
|
page read and write
|
||
|
247B000
|
direct allocation
|
page read and write
|
||
|
201173EF000
|
heap
|
page read and write
|
||
|
24B75257000
|
heap
|
page read and write
|
||
|
171C8823000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
24B752AD000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
171C8927000
|
heap
|
page read and write
|
||
|
2967A4D8000
|
heap
|
page read and write
|
||
|
201176F0000
|
heap
|
page read and write
|
||
|
742000
|
heap
|
page read and write
|
||
|
2011742B000
|
heap
|
page read and write
|
||
|
24B75293000
|
heap
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
2967A6D0000
|
heap
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
20117419000
|
heap
|
page read and write
|
||
|
6764BFE000
|
unkown
|
page readonly
|
||
|
2011749C000
|
heap
|
page read and write
|
||
|
24B1000
|
direct allocation
|
page read and write
|
||
|
52E000
|
stack
|
page read and write
|
||
|
2011746A000
|
heap
|
page read and write
|
||
|
20117438000
|
heap
|
page read and write
|
||
|
20117411000
|
heap
|
page read and write
|
||
|
171C8959000
|
heap
|
page read and write
|
||
|
3745000
|
direct allocation
|
page read and write
|
||
|
396F000
|
stack
|
page read and write
|
||
|
C1BFFE000
|
unkown
|
page readonly
|
||
|
7FF6B0550000
|
unkown
|
page readonly
|
||
|
3490000
|
direct allocation
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
24B75217000
|
heap
|
page read and write
|
||
|
2011740B000
|
heap
|
page read and write
|
||
|
2518000
|
direct allocation
|
page read and write
|
||
|
24B8000
|
direct allocation
|
page read and write
|
||
|
34A6000
|
direct allocation
|
page read and write
|
||
|
24B752AD000
|
heap
|
page read and write
|
||
|
20117428000
|
heap
|
page read and write
|
||
|
201173E0000
|
heap
|
page read and write
|
||
|
2967A4D8000
|
heap
|
page read and write
|
||
|
2464000
|
direct allocation
|
page read and write
|
||
|
201173F1000
|
heap
|
page read and write
|
||
|
24B752AD000
|
heap
|
page read and write
|
||
|
2967A4DF000
|
heap
|
page read and write
|
||
|
20117437000
|
heap
|
page read and write
|
||
|
7DD000
|
heap
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
171C8913000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
24BC000
|
direct allocation
|
page read and write
|
||
|
20117432000
|
heap
|
page read and write
|
||
|
20117463000
|
heap
|
page read and write
|
||
|
24B7522B000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
24B75232000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
171C8917000
|
heap
|
page read and write
|
||
|
20117491000
|
heap
|
page read and write
|
||
|
2489000
|
direct allocation
|
page read and write
|
||
|
24F4000
|
direct allocation
|
page read and write
|
||
|
24B75293000
|
heap
|
page read and write
|
||
|
240D000
|
direct allocation
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
24B76F70000
|
remote allocation
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
2967A6D5000
|
heap
|
page read and write
|
||
|
2967A4A6000
|
heap
|
page read and write
|
||
|
2011749C000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
20117480000
|
heap
|
page read and write
|
||
|
C1BD7E000
|
stack
|
page read and write
|
||
|
3BCB8D4000
|
stack
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
7FE35000
|
direct allocation
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
24B752BD000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
24B76E7D000
|
heap
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
171C8951000
|
heap
|
page read and write
|
||
|
2713000
|
heap
|
page read and write
|
||
|
21A7D60E000
|
unkown
|
page read and write
|
||
|
171C890A000
|
heap
|
page read and write
|
||
|
20117432000
|
heap
|
page read and write
|
||
|
24B76E55000
|
heap
|
page read and write
|
||
|
6764DFE000
|
unkown
|
page readonly
|
||
|
24B75242000
|
heap
|
page read and write
|
||
|
24B76E40000
|
heap
|
page read and write
|
||
|
201173F5000
|
heap
|
page read and write
|
||
|
2011749C000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
2011746A000
|
heap
|
page read and write
|
||
|
24B75217000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
20117423000
|
heap
|
page read and write
|
||
|
2011748F000
|
heap
|
page read and write
|
||
|
201173D0000
|
heap
|
page read and write
|
||
|
171C8937000
|
heap
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
2967A4C9000
|
heap
|
page read and write
|
||
|
24B751DC000
|
heap
|
page read and write
|
||
|
2967A4CA000
|
heap
|
page read and write
|
||
|
2967A4EB000
|
heap
|
page read and write
|
||
|
20117428000
|
heap
|
page read and write
|
||
|
3D6F000
|
stack
|
page read and write
|
||
|
171C8952000
|
heap
|
page read and write
|
||
|
2967A4E5000
|
heap
|
page read and write
|
||
|
2967A4CB000
|
heap
|
page read and write
|
||
|
171C8961000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
20117489000
|
heap
|
page read and write
|
||
|
24B75223000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
171C893B000
|
heap
|
page read and write
|
||
|
171C891A000
|
heap
|
page read and write
|
||
|
24B751FD000
|
heap
|
page read and write
|
||
|
24B76F70000
|
remote allocation
|
page read and write
|
||
|
24FC000
|
direct allocation
|
page read and write
|
||
|
20117405000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
2967A4C2000
|
heap
|
page read and write
|
||
|
ADF000
|
stack
|
page read and write
|
||
|
2414000
|
direct allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
20117431000
|
heap
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
A4C2AFE000
|
stack
|
page read and write
|
||
|
7FF6B056D000
|
unkown
|
page readonly
|
||
|
A4C27FE000
|
stack
|
page read and write
|
||
|
2011740B000
|
heap
|
page read and write
|
||
|
24CF000
|
direct allocation
|
page read and write
|
||
|
2967A4C8000
|
heap
|
page read and write
|
||
|
24B75242000
|
heap
|
page read and write
|
||
|
20117413000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
2967A500000
|
heap
|
page read and write
|
||
|
6D9000
|
unkown
|
page write copy
|
||
|
21A7DB02000
|
heap
|
page read and write
|
||
|
2967A4DA000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
21A7D8D0000
|
trusted library allocation
|
page read and write
|
||
|
24B75257000
|
heap
|
page read and write
|
||
|
201173EF000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
3971000
|
heap
|
page read and write
|
||
|
171C890D000
|
heap
|
page read and write
|
||
|
24B75293000
|
heap
|
page read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
2511000
|
direct allocation
|
page read and write
|
||
|
7DD000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
171C8967000
|
heap
|
page read and write
|
||
|
171C882B000
|
heap
|
page read and write
|
||
|
A4C20F4000
|
stack
|
page read and write
|
||
|
171C8922000
|
heap
|
page read and write
|
||
|
24B75275000
|
heap
|
page read and write
|
||
|
6764AFD000
|
stack
|
page read and write
|
||
|
356E000
|
stack
|
page read and write
|
||
|
2011749C000
|
heap
|
page read and write
|
||
|
20117413000
|
heap
|
page read and write
|
||
|
24B75223000
|
heap
|
page read and write
|
||
|
171C8925000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
2967A500000
|
heap
|
page read and write
|
||
|
2540000
|
direct allocation
|
page read and write
|
||
|
2967A4DA000
|
heap
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
2011747C000
|
heap
|
page read and write
|
||
|
25BD000
|
direct allocation
|
page read and write
|
||
|
3A71000
|
heap
|
page read and write
|
||
|
3490000
|
direct allocation
|
page read and write
|
||
|
2011747E000
|
heap
|
page read and write
|
||
|
74F000
|
heap
|
page read and write
|
||
|
24B76E68000
|
heap
|
page read and write
|
||
|
201175B0000
|
heap
|
page read and write
|
||
|
171C891D000
|
heap
|
page read and write
|
||
|
39AA000
|
heap
|
page read and write
|
||
|
20117411000
|
heap
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
2011741B000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
171C895E000
|
heap
|
page read and write
|
||
|
703000
|
unkown
|
page readonly
|
||
|
A4C23FF000
|
stack
|
page read and write
|
||
|
24B752BD000
|
heap
|
page read and write
|
||
|
24B75259000
|
heap
|
page read and write
|
||
|
2967A4DA000
|
heap
|
page read and write
|
||
|
6C7000
|
unkown
|
page write copy
|
||
|
24E4000
|
direct allocation
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
7FF6B0561000
|
unkown
|
page readonly
|
||
|
25AF000
|
direct allocation
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
2967A4CE000
|
heap
|
page read and write
|
||
|
20117413000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
20117483000
|
heap
|
page read and write
|
||
|
171C8902000
|
heap
|
page read and write
|
||
|
21A7D5D0000
|
heap
|
page read and write
|
||
|
2431000
|
direct allocation
|
page read and write
|
||
|
24AA000
|
direct allocation
|
page read and write
|
||
|
20117437000
|
heap
|
page read and write
|
||
|
6CE000
|
unkown
|
page read and write
|
||
|
171C87D0000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
2967A4B8000
|
heap
|
page read and write
|
||
|
2011746A000
|
heap
|
page read and write
|
||
|
24B75242000
|
heap
|
page read and write
|
||
|
749000
|
heap
|
page read and write
|
||
|
20117419000
|
heap
|
page read and write
|
||
|
171C8958000
|
heap
|
page read and write
|
||
|
3BCB95F000
|
stack
|
page read and write
|
||
|
171C8918000
|
heap
|
page read and write
|
||
|
2011742B000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
25D3000
|
direct allocation
|
page read and write
|
||
|
2532000
|
direct allocation
|
page read and write
|
||
|
201173FA000
|
heap
|
page read and write
|
||
|
171C8914000
|
heap
|
page read and write
|
||
|
24B76E78000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
171C893F000
|
heap
|
page read and write
|
||
|
171C8953000
|
heap
|
page read and write
|
||
|
24B75130000
|
heap
|
page read and write
|
||
|
C1BCFE000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
FD0D6FF000
|
stack
|
page read and write
|
||
|
37B9000
|
direct allocation
|
page read and write
|
||
|
201173F9000
|
heap
|
page read and write
|
||
|
77B000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
2011741B000
|
heap
|
page read and write
|
||
|
67647FE000
|
unkown
|
page readonly
|
||
|
2967A4A3000
|
heap
|
page read and write
|
||
|
37C7000
|
direct allocation
|
page read and write
|
||
|
788000
|
heap
|
page read and write
|
||
|
25A8000
|
direct allocation
|
page read and write
|
||
|
20117491000
|
heap
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
3480000
|
direct allocation
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
20117438000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
171C8813000
|
heap
|
page read and write
|
||
|
2440000
|
direct allocation
|
page read and write
|
||
|
171C8930000
|
heap
|
page read and write
|
||
|
241C000
|
direct allocation
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
171C8800000
|
heap
|
page read and write
|
||
|
24B7522B000
|
heap
|
page read and write
|
||
|
20117481000
|
heap
|
page read and write
|
||
|
201173EB000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
24B752AD000
|
heap
|
page read and write
|
||
|
D09000
|
heap
|
page read and write
|
||
|
254F000
|
direct allocation
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
25DA000
|
direct allocation
|
page read and write
|
||
|
3480000
|
direct allocation
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
7DD000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
20117482000
|
heap
|
page read and write
|
||
|
782000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
24B8000
|
direct allocation
|
page read and write
|
||
|
4B9000
|
unkown
|
page read and write
|
||
|
2967A4DF000
|
heap
|
page read and write
|
||
|
2967A4EB000
|
heap
|
page read and write
|
||
|
24B751FF000
|
heap
|
page read and write
|
||
|
2967A4D8000
|
heap
|
page read and write
|
||
|
2967A690000
|
heap
|
page read and write
|
||
|
34C2000
|
direct allocation
|
page read and write
|
||
|
171C8940000
|
heap
|
page read and write
|
||
|
171C891B000
|
heap
|
page read and write
|
||
|
201176F5000
|
heap
|
page read and write
|
||
|
24B7520C000
|
heap
|
page read and write
|
||
|
171C8978000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
2011741B000
|
heap
|
page read and write
|
||
|
201174A7000
|
heap
|
page read and write
|
||
|
2967A4D1000
|
heap
|
page read and write
|
||
|
24B752C4000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
20117438000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
24A1000
|
direct allocation
|
page read and write
|
||
|
379D000
|
direct allocation
|
page read and write
|
||
|
21A7D62B000
|
heap
|
page read and write
|
||
|
24B75295000
|
heap
|
page read and write
|
||
|
67648FE000
|
stack
|
page read and write
|
||
|
171C8909000
|
heap
|
page read and write
|
||
|
171C893A000
|
heap
|
page read and write
|
||
|
171C8965000
|
heap
|
page read and write
|
||
|
171C8923000
|
heap
|
page read and write
|
||
|
3794000
|
direct allocation
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
24D0000
|
direct allocation
|
page read and write
|
||
|
24B75257000
|
heap
|
page read and write
|
||
|
20117483000
|
heap
|
page read and write
|
||
|
2967A4D1000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
20117446000
|
heap
|
page read and write
|
||
|
21A7DA02000
|
heap
|
page read and write
|
||
|
24B75259000
|
heap
|
page read and write
|
||
|
7FF6B0551000
|
unkown
|
page execute read
|
||
|
2011740B000
|
heap
|
page read and write
|
||
|
FD0D36F000
|
stack
|
page read and write
|
||
|
171C8943000
|
heap
|
page read and write
|
||
|
2848000
|
direct allocation
|
page read and write
|
||
|
24E6000
|
direct allocation
|
page read and write
|
||
|
6D1000
|
unkown
|
page read and write
|
||
|
21A7D62E000
|
heap
|
page read and write
|
||
|
24B75288000
|
heap
|
page read and write
|
||
|
171C8E60000
|
trusted library allocation
|
page read and write
|
||
|
20117419000
|
heap
|
page read and write
|
||
|
2967A4C2000
|
heap
|
page read and write
|
||
|
20117413000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
24B751D9000
|
heap
|
page read and write
|
||
|
24B75355000
|
heap
|
page read and write
|
||
|
24B75275000
|
heap
|
page read and write
|
||
|
24B75244000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
2967A4DF000
|
heap
|
page read and write
|
||
|
20117423000
|
heap
|
page read and write
|
||
|
20117428000
|
heap
|
page read and write
|
||
|
24B7522C000
|
heap
|
page read and write
|
||
|
201174A7000
|
heap
|
page read and write
|
||
|
39AD000
|
heap
|
page read and write
|
||
|
201173F3000
|
heap
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
67649FE000
|
unkown
|
page readonly
|
||
|
24B75295000
|
heap
|
page read and write
|
||
|
201174AB000
|
heap
|
page read and write
|
||
|
171C8802000
|
heap
|
page read and write
|
||
|
20117499000
|
heap
|
page read and write
|
||
|
6E0000
|
unkown
|
page readonly
|
||
|
2967A4AD000
|
heap
|
page read and write
|
||
|
20117483000
|
heap
|
page read and write
|
||
|
20117431000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
20117413000
|
heap
|
page read and write
|
||
|
349E000
|
direct allocation
|
page read and write
|
||
|
255D000
|
direct allocation
|
page read and write
|
||
|
2967A4DA000
|
heap
|
page read and write
|
||
|
6C7000
|
unkown
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
20117404000
|
heap
|
page read and write
|
||
|
2967A4BE000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
20117431000
|
heap
|
page read and write
|
||
|
2011741B000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
171C8965000
|
heap
|
page read and write
|
||
|
171C895A000
|
heap
|
page read and write
|
||
|
7FF6B0561000
|
unkown
|
page readonly
|
||
|
24B75244000
|
heap
|
page read and write
|
||
|
2967A4AC000
|
heap
|
page read and write
|
||
|
34B0000
|
direct allocation
|
page read and write
|
||
|
171C8975000
|
heap
|
page read and write
|
||
|
24FA000
|
direct allocation
|
page read and write
|
||
|
A4C29FB000
|
stack
|
page read and write
|
||
|
25E8000
|
direct allocation
|
page read and write
|
||
|
24B75259000
|
heap
|
page read and write
|
||
|
39AA000
|
heap
|
page read and write
|
||
|
171C86D0000
|
heap
|
page read and write
|
||
|
24B7527F000
|
heap
|
page read and write
|
||
|
3630000
|
direct allocation
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
2967A490000
|
heap
|
page read and write
|
||
|
24B75259000
|
heap
|
page read and write
|
||
|
171C895C000
|
heap
|
page read and write
|
||
|
2455000
|
direct allocation
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
20117411000
|
heap
|
page read and write
|
||
|
37D8000
|
direct allocation
|
page read and write
|
||
|
24DD000
|
direct allocation
|
page read and write
|
||
|
20117438000
|
heap
|
page read and write
|
||
|
20117499000
|
heap
|
page read and write
|
||
|
20117428000
|
heap
|
page read and write
|
||
|
2967A4EB000
|
heap
|
page read and write
|
||
|
2011740B000
|
heap
|
page read and write
|
||
|
24B75257000
|
heap
|
page read and write
|
||
|
782000
|
heap
|
page read and write
|
||
|
21A7D613000
|
unkown
|
page read and write
|
||
|
2574000
|
direct allocation
|
page read and write
|
||
|
24B76F70000
|
remote allocation
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21A7D610000
|
unkown
|
page read and write
|
||
|
24B751FC000
|
heap
|
page read and write
|
||
|
2967A4A8000
|
heap
|
page read and write
|
||
|
20117425000
|
heap
|
page read and write
|
||
|
171C891F000
|
heap
|
page read and write
|
||
|
24DF000
|
direct allocation
|
page read and write
|
||
|
93000
|
stack
|
page read and write
|
||
|
20117463000
|
heap
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
20117411000
|
heap
|
page read and write
|
||
|
20117420000
|
heap
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
21A7D600000
|
unkown
|
page read and write
|
||
|
201174A7000
|
heap
|
page read and write
|
||
|
3771000
|
direct allocation
|
page read and write
|
||
|
20117428000
|
heap
|
page read and write
|
||
|
2967A4DF000
|
heap
|
page read and write
|
||
|
2967A4DF000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
2482000
|
direct allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
171C8916000
|
heap
|
page read and write
|
||
|
24B76E41000
|
heap
|
page read and write
|
||
|
20117499000
|
heap
|
page read and write
|
||
|
20117499000
|
heap
|
page read and write
|
||
|
2011748F000
|
heap
|
page read and write
|
||
|
20117432000
|
heap
|
page read and write
|
||
|
171C883A000
|
heap
|
page read and write
|
||
|
23EE000
|
direct allocation
|
page read and write
|
||
|
24B75208000
|
heap
|
page read and write
|
||
|
20117437000
|
heap
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
21A7D700000
|
trusted library allocation
|
page read and write
|
||
|
171C8924000
|
heap
|
page read and write
|
||
|
171C8960000
|
heap
|
page read and write
|
||
|
2011749C000
|
heap
|
page read and write
|
||
|
20117434000
|
heap
|
page read and write
|
||
|
2967A4DF000
|
heap
|
page read and write
|
||
|
2011742C000
|
heap
|
page read and write
|
||
|
24B752C2000
|
heap
|
page read and write
|
||
|
6C9000
|
unkown
|
page read and write
|
||
|
C1C1FE000
|
unkown
|
page readonly
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
FD0D2ED000
|
stack
|
page read and write
|
||
|
201175D0000
|
heap
|
page read and write
|
||
|
24B75244000
|
heap
|
page read and write
|
||
|
24B75275000
|
heap
|
page read and write
|
||
|
20117423000
|
heap
|
page read and write
|
||
|
7FF6B0550000
|
unkown
|
page readonly
|
There are 708 hidden memdumps, click here to show them.