Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
xSO7sbN2j6.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\_MEI12682\exe\registers.exe
|
PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0muh7zmj
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\MSVCP140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\Pythonwin\mfc140u.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\Pythonwin\win32ui.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\VCRUNTIME140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\VCRUNTIME140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\_ctypes.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\_elementtree.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\_queue.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\_ssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-console-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-datetime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-debug-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-file-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-file-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-file-l2-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-handle-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-localization-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-memory-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-profile-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-synch-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-synch-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-timezone-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-core-util-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-conio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-convert-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-environment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-locale-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-math-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-process-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-time-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\api-ms-win-crt-utility-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\base_library.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\certifi\cacert.pem
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\charset_normalizer\md.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\charset_normalizer\md__mypyc.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\exe\netconn_properties.exe
|
PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\exe\upx.exe
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\libffi-7.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\libssl-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\psutil\_psutil_windows.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\pyexpat.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\python3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\python38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\pywin32_system32\pythoncom38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\pywin32_system32\pywintypes38.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\ucrtbase.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\win32\_win32sysloader.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\win32\win32api.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\win32\win32net.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\win32\win32security.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\win32\win32trace.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\win32\win32wnet.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\zstandard\_cffi.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\zstandard\backend_c.cp38-win_amd64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp179_cpv3\gen_py\__init__.py
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp179_cpv3\gen_py\dicts.dat
|
data
|
dropped
|
||
|
\Device\ConDrv
|
JSON data
|
dropped
|
There are 74 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\xSO7sbN2j6.exe
|
"C:\Users\user\Desktop\xSO7sbN2j6.exe"
|
|
|
|
C:\Users\user\Desktop\xSO7sbN2j6.exe
|
"C:\Users\user\Desktop\xSO7sbN2j6.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\_MEI12682\exe\registers.exe
|
C:\Users\user\AppData\Local\Temp\_MEI12682\exe/registers.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI12682\exe\netconn_properties.exe
|
C:\Users\user\AppData\Local\Temp\_MEI12682\exe/netconn_properties.exe
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://google.com/
|
unknown
|
||
|
https://mahler:8092/site-updates.py
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/29200
|
unknown
|
||
|
https://github.com/giampaolo/psutil/issues/875.
|
unknown
|
||
|
http://.../back.jpeg
|
unknown
|
||
|
http://www.python.org/
|
unknown
|
||
|
https://github.com/mhammond/pywin32
|
unknown
|
||
|
https://httpbin.org/post
|
unknown
|
||
|
http://193.17.183.14:3000/)
|
unknown
|
||
|
https://github.com/Ousret/charset_normalizer
|
unknown
|
||
|
https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2920
|
unknown
|
||
|
http://www.python.org/download/releases/2.3/mro/.
|
unknown
|
||
|
https://yahoo.com/
|
unknown
|
||
|
https://tools.ietf.org/html/rfc2388#section-4.4
|
unknown
|
||
|
http://www.opensource.org/licenses/mit-license.php
|
unknown
|
||
|
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
https://html.spec.whatwg.org/multipage/
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warnings
|
unknown
|
||
|
http://mail.python.org/pipermail/python-dev/2012-June/120787.html
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2192#issuecomment-821832963
|
unknown
|
||
|
http://www.iana.org/time-zones/repository/tz-link.html
|
unknown
|
||
|
http://goo.gl/zeJZl
|
unknown
|
||
|
https://requests.readthedocs.io
|
unknown
|
||
|
https://upx.github.ioT
|
unknown
|
||
|
http://curl.haxx.se/rfc/cookie_spec.html
|
unknown
|
||
|
http://www.python.org/dev/peps/pep-0205/
|
unknown
|
||
|
https://www.mandiant.com/resources/blog/tracking-malware-import-hashing
|
unknown
|
||
|
http://json.org
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#https-proxy-error-http-proxy
|
unknown
|
||
|
https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
|
unknown
|
||
|
http://python.org/dev/peps/pep-0263/
|
unknown
|
||
|
https://httpbin.org/get
|
unknown
|
||
|
http://193.17.183.14:3000/
|
unknown
|
||
|
https://www.python.org
|
unknown
|
||
|
https://auscitte.github.io/systems%20blog/Exception-Directory-pefile#implementation-details
|
unknown
|
||
|
https://stackoverflow.com/questions/4457745#4457745
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
|
unknown
|
||
|
https://httpbin.org/
|
unknown
|
||
|
http://www.cl.cam.ac.uk/~mgk25/iso-time.html
|
unknown
|
||
|
https://twitter.com/
|
unknown
|
||
|
http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
|
unknown
|
||
|
https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
|
unknown
|
||
|
https://google.com/
|
unknown
|
||
|
http://www.ntcore.com/files/richsign.htm
|
unknown
|
||
|
https://google.com/mail/
|
unknown
|
||
|
http://google.com/mail/
|
unknown
|
||
|
http://wwwsearch.sf.net/):
|
unknown
|
||
|
http://tools.ietf.org/html/rfc6125#section-6.4.3
|
unknown
|
||
|
http://timgolden.me.uk/python/wmi.html
|
unknown
|
||
|
https://www.openssl.org/H
|
unknown
|
||
|
https://docs.python.org/3/library/socket.html#socket.socket.connect_ex
|
unknown
|
||
|
https://google.com/mail
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
|
unknown
|
||
|
https://foss.heptapod.net/pypy/pypy/-/issues/3539
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
|
unknown
|
There are 48 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
210306F2000
|
heap
|
page read and write
|
||
|
21030A90000
|
direct allocation
|
page read and write
|
||
|
7FF8A80EC000
|
unkown
|
page execute and read and write
|
||
|
7FF8B61C1000
|
unkown
|
page execute and read and write
|
||
|
2102E68B000
|
heap
|
page read and write
|
||
|
7FF8B90E0000
|
unkown
|
page readonly
|
||
|
210301C5000
|
heap
|
page read and write
|
||
|
2102DE5F000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
210312D0000
|
direct allocation
|
page read and write
|
||
|
7FF8B617A000
|
unkown
|
page execute and read and write
|
||
|
210300A6000
|
heap
|
page read and write
|
||
|
21030934000
|
heap
|
page read and write
|
||
|
7FF8B8F9B000
|
unkown
|
page execute and write copy
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8B90FA000
|
unkown
|
page execute and read and write
|
||
|
7FF8B8AF1000
|
unkown
|
page execute and read and write
|
||
|
21030A0E000
|
heap
|
page read and write
|
||
|
21031150000
|
direct allocation
|
page read and write
|
||
|
7FF8A89D1000
|
unkown
|
page execute and read and write
|
||
|
21030080000
|
heap
|
page read and write
|
||
|
2103020C000
|
heap
|
page read and write
|
||
|
210306F5000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
7FF8A88E2000
|
unkown
|
page execute and read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
21031110000
|
direct allocation
|
page read and write
|
||
|
21030101000
|
heap
|
page read and write
|
||
|
210300DD000
|
heap
|
page read and write
|
||
|
2102DDE1000
|
heap
|
page read and write
|
||
|
1EB09810000
|
heap
|
page read and write
|
||
|
2102E64D000
|
heap
|
page read and write
|
||
|
7FF8B984A000
|
unkown
|
page execute and write copy
|
||
|
2102DE59000
|
heap
|
page read and write
|
||
|
2102E68C000
|
heap
|
page read and write
|
||
|
2102DE58000
|
heap
|
page read and write
|
||
|
2102DE6B000
|
heap
|
page read and write
|
||
|
7FF8A824D000
|
unkown
|
page execute and read and write
|
||
|
21030111000
|
heap
|
page read and write
|
||
|
210306FB000
|
heap
|
page read and write
|
||
|
210301C9000
|
heap
|
page read and write
|
||
|
21030087000
|
heap
|
page read and write
|
||
|
2102DDDA000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030738000
|
heap
|
page read and write
|
||
|
7FF8B801B000
|
unkown
|
page read and write
|
||
|
1EB09644000
|
heap
|
page read and write
|
||
|
21030490000
|
direct allocation
|
page read and write
|
||
|
7FF8A8900000
|
unkown
|
page readonly
|
||
|
1EB0964B000
|
heap
|
page read and write
|
||
|
2102DEF0000
|
direct allocation
|
page read and write
|
||
|
2103080A000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2103097D000
|
heap
|
page read and write
|
||
|
2103067F000
|
heap
|
page read and write
|
||
|
2102E695000
|
heap
|
page read and write
|
||
|
2103070B000
|
heap
|
page read and write
|
||
|
21031250000
|
direct allocation
|
page read and write
|
||
|
2103082A000
|
heap
|
page read and write
|
||
|
A27000
|
unkown
|
page write copy
|
||
|
21030083000
|
heap
|
page read and write
|
||
|
2102DE5F000
|
heap
|
page read and write
|
||
|
21031850000
|
direct allocation
|
page read and write
|
||
|
2102DDDE000
|
heap
|
page read and write
|
||
|
21031410000
|
direct allocation
|
page read and write
|
||
|
210316D0000
|
direct allocation
|
page read and write
|
||
|
7FF8A813B000
|
unkown
|
page execute and read and write
|
||
|
21030712000
|
heap
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
21030771000
|
heap
|
page read and write
|
||
|
2102E61C000
|
heap
|
page read and write
|
||
|
21030172000
|
heap
|
page read and write
|
||
|
2103071F000
|
heap
|
page read and write
|
||
|
21030111000
|
heap
|
page read and write
|
||
|
7FF8A8090000
|
unkown
|
page readonly
|
||
|
210314D0000
|
direct allocation
|
page read and write
|
||
|
21030803000
|
heap
|
page read and write
|
||
|
210308D8000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
210308FD000
|
heap
|
page read and write
|
||
|
21030702000
|
heap
|
page read and write
|
||
|
21030702000
|
heap
|
page read and write
|
||
|
7FF8B8010000
|
unkown
|
page execute and read and write
|
||
|
B2C000
|
stack
|
page read and write
|
||
|
7FF73D7EE000
|
unkown
|
page readonly
|
||
|
2103008A000
|
heap
|
page read and write
|
||
|
7FF8B8CB0000
|
unkown
|
page readonly
|
||
|
2102DE65000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2103010B000
|
heap
|
page read and write
|
||
|
2103007A000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
7FF8B8112000
|
unkown
|
page readonly
|
||
|
CAA000
|
heap
|
page read and write
|
||
|
21030710000
|
heap
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
21030779000
|
heap
|
page read and write
|
||
|
70B000
|
stack
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0963D000
|
heap
|
page read and write
|
||
|
21030682000
|
heap
|
page read and write
|
||
|
7FF8BFAD1000
|
unkown
|
page readonly
|
||
|
21030779000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2103010B000
|
heap
|
page read and write
|
||
|
2103091D000
|
heap
|
page read and write
|
||
|
210308FD000
|
heap
|
page read and write
|
||
|
21031610000
|
direct allocation
|
page read and write
|
||
|
21031410000
|
direct allocation
|
page read and write
|
||
|
21030208000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030270000
|
direct allocation
|
page read and write
|
||
|
E5C47ED000
|
stack
|
page read and write
|
||
|
210300AC000
|
heap
|
page read and write
|
||
|
1EB0963A000
|
heap
|
page read and write
|
||
|
7FF8A8240000
|
unkown
|
page execute and read and write
|
||
|
7FF73D7A1000
|
unkown
|
page execute read
|
||
|
2103070B000
|
heap
|
page read and write
|
||
|
210309C9000
|
heap
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
7FF8B78A0000
|
unkown
|
page readonly
|
||
|
2102DE25000
|
heap
|
page read and write
|
||
|
2103093C000
|
heap
|
page read and write
|
||
|
21031210000
|
direct allocation
|
page read and write
|
||
|
7FF8B61D4000
|
unkown
|
page execute and read and write
|
||
|
21030761000
|
heap
|
page read and write
|
||
|
76D000
|
stack
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8B8AF8000
|
unkown
|
page execute and write copy
|
||
|
260000
|
unkown
|
page readonly
|
||
|
2102E68D000
|
heap
|
page read and write
|
||
|
2103097D000
|
heap
|
page read and write
|
||
|
7FF8B8F9A000
|
unkown
|
page execute and read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030111000
|
heap
|
page read and write
|
||
|
7FF8BFAC0000
|
unkown
|
page readonly
|
||
|
7FF73D7A0000
|
unkown
|
page readonly
|
||
|
1EB0964B000
|
heap
|
page read and write
|
||
|
2103071F000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
210301C1000
|
heap
|
page read and write
|
||
|
7FF73D7A1000
|
unkown
|
page execute read
|
||
|
2102DDBD000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102DE1B000
|
heap
|
page read and write
|
||
|
21030723000
|
heap
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
210300F3000
|
heap
|
page read and write
|
||
|
7FF8A81BD000
|
unkown
|
page execute and read and write
|
||
|
2102DFF0000
|
direct allocation
|
page read and write
|
||
|
210306FB000
|
heap
|
page read and write
|
||
|
2102DE58000
|
heap
|
page read and write
|
||
|
2102E6DF000
|
heap
|
page read and write
|
||
|
2102E6ED000
|
heap
|
page read and write
|
||
|
2102E6D6000
|
heap
|
page read and write
|
||
|
7FF73D7A0000
|
unkown
|
page readonly
|
||
|
2102E66D000
|
heap
|
page read and write
|
||
|
2103016B000
|
heap
|
page read and write
|
||
|
7FF8B9104000
|
unkown
|
page execute and write copy
|
||
|
7FF8B9849000
|
unkown
|
page execute and read and write
|
||
|
2102E603000
|
heap
|
page read and write
|
||
|
7FF8BFAD5000
|
unkown
|
page read and write
|
||
|
2103081F000
|
heap
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
2102DE61000
|
heap
|
page read and write
|
||
|
7FF73D7EE000
|
unkown
|
page readonly
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
2102DE70000
|
direct allocation
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
21030797000
|
heap
|
page read and write
|
||
|
7FF8B27D5000
|
unkown
|
page read and write
|
||
|
2102FFF0000
|
direct allocation
|
page read and write
|
||
|
21030081000
|
heap
|
page read and write
|
||
|
210302B0000
|
direct allocation
|
page read and write
|
||
|
21030F00000
|
direct allocation
|
page read and write
|
||
|
2102FFB0000
|
direct allocation
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
7FF8B572D000
|
unkown
|
page execute and read and write
|
||
|
210307CF000
|
heap
|
page read and write
|
||
|
2102E603000
|
heap
|
page read and write
|
||
|
1EB09644000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
F9F000
|
stack
|
page read and write
|
||
|
7FF8B8CBC000
|
unkown
|
page read and write
|
||
|
2103094A000
|
heap
|
page read and write
|
||
|
210307B3000
|
heap
|
page read and write
|
||
|
21030771000
|
heap
|
page read and write
|
||
|
210308EA000
|
heap
|
page read and write
|
||
|
21030163000
|
heap
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
21030DC0000
|
direct allocation
|
page read and write
|
||
|
7FF8B8266000
|
unkown
|
page execute and read and write
|
||
|
2102DDE9000
|
heap
|
page read and write
|
||
|
2102DDB4000
|
heap
|
page read and write
|
||
|
7FF8B8021000
|
unkown
|
page execute read
|
||
|
210307ED000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8A8832000
|
unkown
|
page execute and write copy
|
||
|
7FF8A847A000
|
unkown
|
page execute and read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
BAA000
|
heap
|
page read and write
|
||
|
7FF8B6191000
|
unkown
|
page execute and read and write
|
||
|
210301C9000
|
heap
|
page read and write
|
||
|
210301BF000
|
heap
|
page read and write
|
||
|
1EB09600000
|
heap
|
page readonly
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
21030735000
|
heap
|
page read and write
|
||
|
21030490000
|
direct allocation
|
page read and write
|
||
|
2102DE53000
|
heap
|
page read and write
|
||
|
2102DE23000
|
heap
|
page read and write
|
||
|
21030713000
|
heap
|
page read and write
|
||
|
210308B5000
|
heap
|
page read and write
|
||
|
210301FF000
|
heap
|
page read and write
|
||
|
7FF8A8CCC000
|
unkown
|
page execute and read and write
|
||
|
1EB0963D000
|
heap
|
page read and write
|
||
|
2102DE6C000
|
heap
|
page read and write
|
||
|
2103026E000
|
heap
|
page read and write
|
||
|
2102DD70000
|
heap
|
page read and write
|
||
|
2102E671000
|
heap
|
page read and write
|
||
|
210307C7000
|
heap
|
page read and write
|
||
|
21030CA0000
|
direct allocation
|
page read and write
|
||
|
21030269000
|
heap
|
page read and write
|
||
|
210306EE000
|
heap
|
page read and write
|
||
|
7FF8A819F000
|
unkown
|
page execute and write copy
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
7FF8B6170000
|
unkown
|
page readonly
|
||
|
7FF8B78A1000
|
unkown
|
page execute and read and write
|
||
|
210309C9000
|
heap
|
page read and write
|
||
|
7FF8A81B1000
|
unkown
|
page execute and read and write
|
||
|
2102E6CB000
|
heap
|
page read and write
|
||
|
21030172000
|
heap
|
page read and write
|
||
|
7FF8A8834000
|
unkown
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21031090000
|
direct allocation
|
page read and write
|
||
|
7FF8B61BA000
|
unkown
|
page execute and read and write
|
||
|
21030779000
|
heap
|
page read and write
|
||
|
21030687000
|
heap
|
page read and write
|
||
|
7FF8BFAD6000
|
unkown
|
page readonly
|
||
|
21030173000
|
heap
|
page read and write
|
||
|
2102DE66000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21030761000
|
heap
|
page read and write
|
||
|
210306C3000
|
heap
|
page read and write
|
||
|
21030683000
|
heap
|
page read and write
|
||
|
210306B1000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2103010B000
|
heap
|
page read and write
|
||
|
21030A0D000
|
heap
|
page read and write
|
||
|
7FF73D7EC000
|
unkown
|
page read and write
|
||
|
210302B0000
|
direct allocation
|
page read and write
|
||
|
21030E90000
|
direct allocation
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21030807000
|
heap
|
page read and write
|
||
|
21030224000
|
heap
|
page read and write
|
||
|
2102DD84000
|
heap
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
21030330000
|
direct allocation
|
page read and write
|
||
|
A27000
|
unkown
|
page read and write
|
||
|
2102E652000
|
heap
|
page read and write
|
||
|
CAE000
|
heap
|
page read and write
|
||
|
2102E672000
|
heap
|
page read and write
|
||
|
2102DE67000
|
heap
|
page read and write
|
||
|
2102DE67000
|
heap
|
page read and write
|
||
|
2103014A000
|
heap
|
page read and write
|
||
|
1EB0964B000
|
heap
|
page read and write
|
||
|
21031050000
|
direct allocation
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
21030180000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2102DE67000
|
heap
|
page read and write
|
||
|
7FF73D7DD000
|
unkown
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
210300E3000
|
heap
|
page read and write
|
||
|
21030741000
|
heap
|
page read and write
|
||
|
2102DCD0000
|
heap
|
page readonly
|
||
|
7FF8B6176000
|
unkown
|
page execute and read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
21031490000
|
direct allocation
|
page read and write
|
||
|
2102DDF8000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
21030A34000
|
heap
|
page read and write
|
||
|
7FF8B61B6000
|
unkown
|
page execute and read and write
|
||
|
2102FF10000
|
direct allocation
|
page read and write
|
||
|
7FF73D7DD000
|
unkown
|
page read and write
|
||
|
210307E1000
|
heap
|
page read and write
|
||
|
1EB09649000
|
heap
|
page read and write
|
||
|
2102DE65000
|
heap
|
page read and write
|
||
|
2102E620000
|
heap
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
21030253000
|
heap
|
page read and write
|
||
|
26B000
|
unkown
|
page read and write
|
||
|
210307D0000
|
heap
|
page read and write
|
||
|
210300FB000
|
heap
|
page read and write
|
||
|
210306CD000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
21030726000
|
heap
|
page read and write
|
||
|
7FF8A8840000
|
unkown
|
page readonly
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8B78C9000
|
unkown
|
page execute and write copy
|
||
|
210306C7000
|
heap
|
page read and write
|
||
|
2102E5FC000
|
heap
|
page read and write
|
||
|
7FF8A8E07000
|
unkown
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
7FF73D7A0000
|
unkown
|
page readonly
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
2103017E000
|
heap
|
page read and write
|
||
|
21030263000
|
heap
|
page read and write
|
||
|
2102DE51000
|
heap
|
page read and write
|
||
|
2103021F000
|
heap
|
page read and write
|
||
|
21030370000
|
direct allocation
|
page read and write
|
||
|
2102E686000
|
heap
|
page read and write
|
||
|
210307CB000
|
heap
|
page read and write
|
||
|
7FF8B61BC000
|
unkown
|
page execute and write copy
|
||
|
210315D0000
|
direct allocation
|
page read and write
|
||
|
A25000
|
unkown
|
page execute and write copy
|
||
|
21031090000
|
direct allocation
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030087000
|
heap
|
page read and write
|
||
|
2102DE16000
|
heap
|
page read and write
|
||
|
21030901000
|
heap
|
page read and write
|
||
|
210306C9000
|
heap
|
page read and write
|
||
|
7FF8A81A1000
|
unkown
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
2103097C000
|
heap
|
page read and write
|
||
|
7FF8B8250000
|
unkown
|
page readonly
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8B7FF1000
|
unkown
|
page execute and read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
21030211000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
210309A1000
|
heap
|
page read and write
|
||
|
7FF8A8C5E000
|
unkown
|
page execute and read and write
|
||
|
2103024F000
|
heap
|
page read and write
|
||
|
2102E5FF000
|
heap
|
page read and write
|
||
|
21030A35000
|
heap
|
page read and write
|
||
|
21030921000
|
heap
|
page read and write
|
||
|
7FF8B8CB9000
|
unkown
|
page execute and read and write
|
||
|
7FF8A8994000
|
unkown
|
page execute and read and write
|
||
|
7FF8B9F79000
|
unkown
|
page execute and read and write
|
||
|
2102E6ED000
|
heap
|
page read and write
|
||
|
7FF8B8017000
|
unkown
|
page execute and read and write
|
||
|
21030C60000
|
direct allocation
|
page read and write
|
||
|
2102E730000
|
direct allocation
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102DE66000
|
heap
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
2102DDE7000
|
heap
|
page read and write
|
||
|
210308BC000
|
heap
|
page read and write
|
||
|
2102E669000
|
heap
|
page read and write
|
||
|
2102DE6A000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
E5C4DBE000
|
stack
|
page read and write
|
||
|
2102E6DF000
|
heap
|
page read and write
|
||
|
210307B2000
|
heap
|
page read and write
|
||
|
2102E6D6000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
2102DE6C000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
7FF8A8E05000
|
unkown
|
page execute and write copy
|
||
|
7FF8B93C1000
|
unkown
|
page execute and read and write
|
||
|
21030A2F000
|
heap
|
page read and write
|
||
|
7FF8A89B9000
|
unkown
|
page execute and read and write
|
||
|
7FF8A88EC000
|
unkown
|
page execute and read and write
|
||
|
7FF8B61DA000
|
unkown
|
page execute and read and write
|
||
|
21030D30000
|
direct allocation
|
page read and write
|
||
|
2103070B000
|
heap
|
page read and write
|
||
|
265000
|
unkown
|
page execute and read and write
|
||
|
7FF8B7FE8000
|
unkown
|
page execute and read and write
|
||
|
7FF8B9F7E000
|
unkown
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
7FF8A83F6000
|
unkown
|
page execute and read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
2102DBF0000
|
heap
|
page read and write
|
||
|
21030A14000
|
heap
|
page read and write
|
||
|
C2D000
|
stack
|
page read and write
|
||
|
7FF8B61DD000
|
unkown
|
page execute and read and write
|
||
|
7FF8B8261000
|
unkown
|
page execute and read and write
|
||
|
2102DDEC000
|
heap
|
page read and write
|
||
|
2102DDA2000
|
heap
|
page read and write
|
||
|
21030686000
|
heap
|
page read and write
|
||
|
21031590000
|
direct allocation
|
page read and write
|
||
|
2102E6D6000
|
heap
|
page read and write
|
||
|
210306A1000
|
heap
|
page read and write
|
||
|
210300A7000
|
heap
|
page read and write
|
||
|
210307CA000
|
heap
|
page read and write
|
||
|
21030955000
|
heap
|
page read and write
|
||
|
210307DD000
|
heap
|
page read and write
|
||
|
21030934000
|
heap
|
page read and write
|
||
|
2103010B000
|
heap
|
page read and write
|
||
|
21030430000
|
direct allocation
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
21031000000
|
direct allocation
|
page read and write
|
||
|
2102DDEB000
|
heap
|
page read and write
|
||
|
1EB09642000
|
heap
|
page read and write
|
||
|
2102DD30000
|
direct allocation
|
page read and write
|
||
|
21030771000
|
heap
|
page read and write
|
||
|
7FF8B61C0000
|
unkown
|
page readonly
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
21030225000
|
heap
|
page read and write
|
||
|
2103020E000
|
heap
|
page read and write
|
||
|
7FF8A88D7000
|
unkown
|
page execute and read and write
|
||
|
210307EB000
|
heap
|
page read and write
|
||
|
7FF8A8D68000
|
unkown
|
page execute and read and write
|
||
|
210306FB000
|
heap
|
page read and write
|
||
|
21030262000
|
heap
|
page read and write
|
||
|
210306C4000
|
heap
|
page read and write
|
||
|
2102DE26000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030913000
|
heap
|
page read and write
|
||
|
21030111000
|
heap
|
page read and write
|
||
|
210300FD000
|
heap
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
2102DE67000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102DE57000
|
heap
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
7FF8A89BC000
|
unkown
|
page execute and write copy
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030244000
|
heap
|
page read and write
|
||
|
210302F0000
|
direct allocation
|
page read and write
|
||
|
21030241000
|
heap
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
33BBFEA000
|
stack
|
page read and write
|
||
|
21031350000
|
direct allocation
|
page read and write
|
||
|
21030676000
|
heap
|
page read and write
|
||
|
7FF8A8195000
|
unkown
|
page execute and read and write
|
||
|
2103073F000
|
heap
|
page read and write
|
||
|
210300A2000
|
heap
|
page read and write
|
||
|
2102DDED000
|
heap
|
page read and write
|
||
|
21030143000
|
heap
|
page read and write
|
||
|
2102DDF7000
|
heap
|
page read and write
|
||
|
21030266000
|
heap
|
page read and write
|
||
|
2102E6EC000
|
heap
|
page read and write
|
||
|
2102DE25000
|
heap
|
page read and write
|
||
|
7FF8B9F69000
|
unkown
|
page readonly
|
||
|
7FF8A88EF000
|
unkown
|
page execute and write copy
|
||
|
21030238000
|
heap
|
page read and write
|
||
|
21030771000
|
heap
|
page read and write
|
||
|
210307C4000
|
heap
|
page read and write
|
||
|
2103023D000
|
heap
|
page read and write
|
||
|
7FF8A84FE000
|
unkown
|
page read and write
|
||
|
7FF8A8DD7000
|
unkown
|
page execute and read and write
|
||
|
7FF8A89AD000
|
unkown
|
page execute and read and write
|
||
|
A24000
|
unkown
|
page execute and read and write
|
||
|
7FF8A8780000
|
unkown
|
page readonly
|
||
|
2102DDEB000
|
heap
|
page read and write
|
||
|
2103026A000
|
heap
|
page read and write
|
||
|
2102E5F1000
|
heap
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102DE65000
|
heap
|
page read and write
|
||
|
7FF8A8091000
|
unkown
|
page execute and read and write
|
||
|
7FF8B78CB000
|
unkown
|
page read and write
|
||
|
7FF8A89D0000
|
unkown
|
page readonly
|
||
|
2103067E000
|
heap
|
page read and write
|
||
|
7FF73D7A1000
|
unkown
|
page execute read
|
||
|
21030540000
|
direct allocation
|
page read and write
|
||
|
7FF8B7FE9000
|
unkown
|
page execute and write copy
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21031750000
|
direct allocation
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2103016A000
|
heap
|
page read and write
|
||
|
7FF8B8F71000
|
unkown
|
page execute and read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2103071F000
|
heap
|
page read and write
|
||
|
21030CE0000
|
direct allocation
|
page read and write
|
||
|
2102E5FB000
|
heap
|
page read and write
|
||
|
FAE000
|
stack
|
page read and write
|
||
|
2103091D000
|
heap
|
page read and write
|
||
|
210306B1000
|
heap
|
page read and write
|
||
|
2103097D000
|
heap
|
page read and write
|
||
|
1EB09620000
|
heap
|
page read and write
|
||
|
269000
|
unkown
|
page execute and write copy
|
||
|
2102DE1A000
|
heap
|
page read and write
|
||
|
21030580000
|
direct allocation
|
page read and write
|
||
|
2103097D000
|
heap
|
page read and write
|
||
|
2103082D000
|
heap
|
page read and write
|
||
|
2102E654000
|
heap
|
page read and write
|
||
|
210306F2000
|
heap
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
7FF73D7A1000
|
unkown
|
page execute read
|
||
|
2103020D000
|
heap
|
page read and write
|
||
|
21030973000
|
heap
|
page read and write
|
||
|
2103021A000
|
heap
|
page read and write
|
||
|
7FF8B617F000
|
unkown
|
page execute and write copy
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21030684000
|
heap
|
page read and write
|
||
|
E5C47D9000
|
stack
|
page read and write
|
||
|
210307EB000
|
heap
|
page read and write
|
||
|
2102DE67000
|
heap
|
page read and write
|
||
|
7FF8B8263000
|
unkown
|
page execute and read and write
|
||
|
7FF8B8AFA000
|
unkown
|
page read and write
|
||
|
2102DE5F000
|
heap
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
2102DDDA000
|
heap
|
page read and write
|
||
|
21030795000
|
heap
|
page read and write
|
||
|
2102DE06000
|
heap
|
page read and write
|
||
|
7FF8BA4F2000
|
unkown
|
page readonly
|
||
|
7FF8A8DCC000
|
unkown
|
page execute and read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
1EB0963D000
|
heap
|
page read and write
|
||
|
21030811000
|
heap
|
page read and write
|
||
|
7FF8A88F1000
|
unkown
|
page read and write
|
||
|
21030255000
|
heap
|
page read and write
|
||
|
7FF8B61E1000
|
unkown
|
page read and write
|
||
|
2102DE5D000
|
heap
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
7FF8A8901000
|
unkown
|
page execute and read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2103071B000
|
heap
|
page read and write
|
||
|
21030918000
|
heap
|
page read and write
|
||
|
210306CD000
|
heap
|
page read and write
|
||
|
21030926000
|
heap
|
page read and write
|
||
|
21031710000
|
direct allocation
|
page read and write
|
||
|
2102DDCF000
|
heap
|
page read and write
|
||
|
2102DE26000
|
heap
|
page read and write
|
||
|
21031910000
|
direct allocation
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
7FF8B8AF0000
|
unkown
|
page readonly
|
||
|
210308FF000
|
heap
|
page read and write
|
||
|
2102E060000
|
heap
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
2103010B000
|
heap
|
page read and write
|
||
|
7FF8B800D000
|
unkown
|
page execute and read and write
|
||
|
21030702000
|
heap
|
page read and write
|
||
|
A18000
|
unkown
|
page execute and write copy
|
||
|
A00000
|
unkown
|
page readonly
|
||
|
7FF8B617E000
|
unkown
|
page execute and read and write
|
||
|
1EB09634000
|
heap
|
page read and write
|
||
|
2102E6D2000
|
heap
|
page read and write
|
||
|
33BC1DF000
|
stack
|
page read and write
|
||
|
7FF8B9106000
|
unkown
|
page read and write
|
||
|
7FF8B61BE000
|
unkown
|
page read and write
|
||
|
2103026A000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
210305D0000
|
direct allocation
|
page read and write
|
||
|
2103023E000
|
heap
|
page read and write
|
||
|
7FF8A8831000
|
unkown
|
page execute and read and write
|
||
|
2102DDB3000
|
heap
|
page read and write
|
||
|
2102E61C000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2103097D000
|
heap
|
page read and write
|
||
|
2102DDE1000
|
heap
|
page read and write
|
||
|
7FF8BA4F0000
|
unkown
|
page readonly
|
||
|
7FF8B9102000
|
unkown
|
page execute and read and write
|
||
|
2102DDF1000
|
heap
|
page read and write
|
||
|
7FF8B9F61000
|
unkown
|
page execute read
|
||
|
7FF73D7CA000
|
unkown
|
page readonly
|
||
|
21030698000
|
heap
|
page read and write
|
||
|
E5C519E000
|
stack
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
21030650000
|
heap
|
page read and write
|
||
|
7FF8B5737000
|
unkown
|
page execute and read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
7FF8B8F8D000
|
unkown
|
page execute and read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
7FF8A8E00000
|
unkown
|
page execute and read and write
|
||
|
21030734000
|
heap
|
page read and write
|
||
|
2103020E000
|
heap
|
page read and write
|
||
|
21030E10000
|
direct allocation
|
page read and write
|
||
|
21030238000
|
heap
|
page read and write
|
||
|
2102E62E000
|
heap
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102E608000
|
heap
|
page read and write
|
||
|
21030870000
|
heap
|
page read and write
|
||
|
21030197000
|
heap
|
page read and write
|
||
|
1EB09649000
|
heap
|
page read and write
|
||
|
7FF8B8F70000
|
unkown
|
page readonly
|
||
|
210307B1000
|
heap
|
page read and write
|
||
|
2103068B000
|
heap
|
page read and write
|
||
|
21030E90000
|
direct allocation
|
page read and write
|
||
|
7FF8A8822000
|
unkown
|
page execute and read and write
|
||
|
2102DDD6000
|
heap
|
page read and write
|
||
|
2102DE06000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030795000
|
heap
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
7FF8A8841000
|
unkown
|
page execute and read and write
|
||
|
2102DE5C000
|
heap
|
page read and write
|
||
|
1EB0962F000
|
heap
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
E5C4FAE000
|
stack
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
2102DE63000
|
heap
|
page read and write
|
||
|
2102DDA3000
|
heap
|
page read and write
|
||
|
21030738000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
2102E64D000
|
heap
|
page read and write
|
||
|
7FF8A8781000
|
unkown
|
page execute and read and write
|
||
|
21031550000
|
direct allocation
|
page read and write
|
||
|
210307E0000
|
heap
|
page read and write
|
||
|
7FF8A84FC000
|
unkown
|
page execute and write copy
|
||
|
210308EF000
|
heap
|
page read and write
|
||
|
1EB097F0000
|
heap
|
page read and write
|
||
|
21030795000
|
heap
|
page read and write
|
||
|
210308F3000
|
heap
|
page read and write
|
||
|
33BBFDF000
|
stack
|
page read and write
|
||
|
21030DC0000
|
direct allocation
|
page read and write
|
||
|
2103016C000
|
heap
|
page read and write
|
||
|
2103079A000
|
heap
|
page read and write
|
||
|
2102DE24000
|
heap
|
page read and write
|
||
|
7FF73D7EC000
|
unkown
|
page read and write
|
||
|
7FF8B93D8000
|
unkown
|
page execute and read and write
|
||
|
7FF8B8269000
|
unkown
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
210311D0000
|
direct allocation
|
page read and write
|
||
|
7FF8B90E1000
|
unkown
|
page execute and read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
7FF8A8137000
|
unkown
|
page execute and read and write
|
||
|
2103086D000
|
heap
|
page read and write
|
||
|
1EB09634000
|
heap
|
page read and write
|
||
|
210307E6000
|
heap
|
page read and write
|
||
|
2102DE67000
|
heap
|
page read and write
|
||
|
210307D1000
|
heap
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
7FF8B9F7C000
|
unkown
|
page execute and write copy
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21030D80000
|
direct allocation
|
page read and write
|
||
|
210310D0000
|
direct allocation
|
page read and write
|
||
|
268000
|
unkown
|
page execute and read and write
|
||
|
2102DDDE000
|
heap
|
page read and write
|
||
|
2102E6EE000
|
heap
|
page read and write
|
||
|
7FF8B6190000
|
unkown
|
page readonly
|
||
|
2102FF50000
|
direct allocation
|
page read and write
|
||
|
2102DF70000
|
direct allocation
|
page read and write
|
||
|
21031510000
|
direct allocation
|
page read and write
|
||
|
2102DE17000
|
heap
|
page read and write
|
||
|
2103025E000
|
heap
|
page read and write
|
||
|
7FF73D7A0000
|
unkown
|
page readonly
|
||
|
210307D8000
|
heap
|
page read and write
|
||
|
21030674000
|
heap
|
page read and write
|
||
|
2102DE19000
|
heap
|
page read and write
|
||
|
A1F000
|
unkown
|
page execute and read and write
|
||
|
BAE000
|
heap
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
21031450000
|
direct allocation
|
page read and write
|
||
|
2103097D000
|
heap
|
page read and write
|
||
|
2102DE23000
|
heap
|
page read and write
|
||
|
7FF8A8D6B000
|
unkown
|
page execute and read and write
|
||
|
21030813000
|
heap
|
page read and write
|
||
|
2102DE23000
|
heap
|
page read and write
|
||
|
CBA000
|
heap
|
page read and write
|
||
|
21031990000
|
direct allocation
|
page read and write
|
||
|
2102DDE7000
|
heap
|
page read and write
|
||
|
21031710000
|
direct allocation
|
page read and write
|
||
|
7FF8A84F8000
|
unkown
|
page execute and read and write
|
||
|
2103073E000
|
heap
|
page read and write
|
||
|
2103024F000
|
heap
|
page read and write
|
||
|
210307FD000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
7FF8B27D3000
|
unkown
|
page execute and write copy
|
||
|
21031290000
|
direct allocation
|
page read and write
|
||
|
7FF8A84CF000
|
unkown
|
page execute and read and write
|
||
|
1EB095F0000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
210306C4000
|
heap
|
page read and write
|
||
|
21031310000
|
direct allocation
|
page read and write
|
||
|
2103092F000
|
heap
|
page read and write
|
||
|
2102DE57000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030872000
|
heap
|
page read and write
|
||
|
2103025E000
|
heap
|
page read and write
|
||
|
7FF8B573C000
|
unkown
|
page read and write
|
||
|
210307AF000
|
heap
|
page read and write
|
||
|
2103082C000
|
heap
|
page read and write
|
||
|
7FF8A8CA0000
|
unkown
|
page execute and read and write
|
||
|
210309DC000
|
heap
|
page read and write
|
||
|
2102DE4D000
|
heap
|
page read and write
|
||
|
7FF73D7DD000
|
unkown
|
page write copy
|
||
|
21030254000
|
heap
|
page read and write
|
||
|
2102DCE0000
|
heap
|
page read and write
|
||
|
2103079E000
|
heap
|
page read and write
|
||
|
21030267000
|
heap
|
page read and write
|
||
|
7FF8B8CB1000
|
unkown
|
page execute and read and write
|
||
|
21030710000
|
heap
|
page read and write
|
||
|
2102DE26000
|
heap
|
page read and write
|
||
|
21030796000
|
heap
|
page read and write
|
||
|
7FF8B27B0000
|
unkown
|
page readonly
|
||
|
1EB0964B000
|
heap
|
page read and write
|
||
|
21031890000
|
direct allocation
|
page read and write
|
||
|
210306F0000
|
heap
|
page read and write
|
||
|
21030082000
|
heap
|
page read and write
|
||
|
21030FC0000
|
direct allocation
|
page read and write
|
||
|
2102DE17000
|
heap
|
page read and write
|
||
|
21030921000
|
heap
|
page read and write
|
||
|
210318D0000
|
direct allocation
|
page read and write
|
||
|
210306F0000
|
heap
|
page read and write
|
||
|
2103010B000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
21031090000
|
direct allocation
|
page read and write
|
||
|
21030817000
|
heap
|
page read and write
|
||
|
A00000
|
unkown
|
page readonly
|
||
|
290F000
|
stack
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
2102DDD6000
|
heap
|
page read and write
|
||
|
7FF8A8CC4000
|
unkown
|
page execute and read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
21031790000
|
direct allocation
|
page read and write
|
||
|
21030697000
|
heap
|
page read and write
|
||
|
210302B0000
|
direct allocation
|
page read and write
|
||
|
210309C9000
|
heap
|
page read and write
|
||
|
2102DE2C000
|
heap
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
7FF8B6180000
|
unkown
|
page read and write
|
||
|
21030795000
|
heap
|
page read and write
|
||
|
2102DD00000
|
heap
|
page read and write
|
||
|
210306F5000
|
heap
|
page read and write
|
||
|
2103080E000
|
heap
|
page read and write
|
||
|
21030761000
|
heap
|
page read and write
|
||
|
7FF8A819E000
|
unkown
|
page execute and read and write
|
||
|
2102DDF1000
|
heap
|
page read and write
|
||
|
2103071B000
|
heap
|
page read and write
|
||
|
21030084000
|
heap
|
page read and write
|
||
|
2102DDCD000
|
heap
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
7FF8A81B0000
|
unkown
|
page readonly
|
||
|
33BBFE3000
|
stack
|
page read and write
|
||
|
7FF8B7FD1000
|
unkown
|
page execute and read and write
|
||
|
21030030000
|
direct allocation
|
page read and write
|
||
|
7FF8B810F000
|
unkown
|
page read and write
|
||
|
2102DE61000
|
heap
|
page read and write
|
||
|
21030697000
|
heap
|
page read and write
|
||
|
2A4F000
|
stack
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102DE65000
|
heap
|
page read and write
|
||
|
2102DE59000
|
heap
|
page read and write
|
||
|
A01000
|
unkown
|
page execute and read and write
|
||
|
7FF8B984C000
|
unkown
|
page read and write
|
||
|
7FF8B9F7B000
|
unkown
|
page execute and read and write
|
||
|
7FF73D7CA000
|
unkown
|
page readonly
|
||
|
210301C9000
|
heap
|
page read and write
|
||
|
7FF73D7E0000
|
unkown
|
page read and write
|
||
|
7FF8A8423000
|
unkown
|
page execute and read and write
|
||
|
7FF8B9F68000
|
unkown
|
page read and write
|
||
|
210300AE000
|
heap
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
2102DE4D000
|
heap
|
page read and write
|
||
|
21030955000
|
heap
|
page read and write
|
||
|
21030196000
|
heap
|
page read and write
|
||
|
2103021F000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21030F80000
|
direct allocation
|
page read and write
|
||
|
2102DDF8000
|
heap
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
2102E6DF000
|
heap
|
page read and write
|
||
|
21030164000
|
heap
|
page read and write
|
||
|
21030500000
|
direct allocation
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21030F40000
|
direct allocation
|
page read and write
|
||
|
21031190000
|
direct allocation
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8B7FF0000
|
unkown
|
page readonly
|
||
|
210306FB000
|
heap
|
page read and write
|
||
|
21030710000
|
heap
|
page read and write
|
||
|
2103097D000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
261000
|
unkown
|
page execute and read and write
|
||
|
33BBFED000
|
stack
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
2103068A000
|
heap
|
page read and write
|
||
|
2102FFF0000
|
direct allocation
|
page read and write
|
||
|
2102DE58000
|
heap
|
page read and write
|
||
|
21031310000
|
direct allocation
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
2102DDE7000
|
heap
|
page read and write
|
||
|
2102DE6B000
|
heap
|
page read and write
|
||
|
21030248000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8B5710000
|
unkown
|
page readonly
|
||
|
1EB098C0000
|
heap
|
page read and write
|
||
|
21030955000
|
heap
|
page read and write
|
||
|
2103094C000
|
heap
|
page read and write
|
||
|
7FF8B9841000
|
unkown
|
page execute and read and write
|
||
|
210301C2000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102E6DF000
|
heap
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
2102E6DA000
|
heap
|
page read and write
|
||
|
21031650000
|
direct allocation
|
page read and write
|
||
|
7FF8B9840000
|
unkown
|
page readonly
|
||
|
21030725000
|
heap
|
page read and write
|
||
|
21030111000
|
heap
|
page read and write
|
||
|
2102DDF8000
|
heap
|
page read and write
|
||
|
7FF8B9F71000
|
unkown
|
page execute and read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
2103007C000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
7FF8B573A000
|
unkown
|
page execute and write copy
|
||
|
21031090000
|
direct allocation
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
21030198000
|
heap
|
page read and write
|
||
|
7FF8A88B4000
|
unkown
|
page execute and read and write
|
||
|
2102DE1B000
|
heap
|
page read and write
|
||
|
21030251000
|
heap
|
page read and write
|
||
|
2103080F000
|
heap
|
page read and write
|
||
|
21031810000
|
direct allocation
|
page read and write
|
||
|
210307D8000
|
heap
|
page read and write
|
||
|
2102FFF0000
|
direct allocation
|
page read and write
|
||
|
21030675000
|
heap
|
page read and write
|
||
|
21030194000
|
heap
|
page read and write
|
||
|
21031690000
|
direct allocation
|
page read and write
|
||
|
21030610000
|
direct allocation
|
page read and write
|
||
|
7FF8B5711000
|
unkown
|
page execute and read and write
|
||
|
21031090000
|
direct allocation
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
7FF8A88B2000
|
unkown
|
page execute and read and write
|
||
|
7FF8B93DB000
|
unkown
|
page read and write
|
||
|
7FF8A819B000
|
unkown
|
page execute and read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
21030A50000
|
direct allocation
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
210307CD000
|
heap
|
page read and write
|
||
|
21030111000
|
heap
|
page read and write
|
||
|
210307FF000
|
heap
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
21030198000
|
heap
|
page read and write
|
||
|
2102DE16000
|
heap
|
page read and write
|
||
|
210300F2000
|
heap
|
page read and write
|
||
|
2102DE63000
|
heap
|
page read and write
|
||
|
21030803000
|
heap
|
page read and write
|
||
|
2102E5F0000
|
heap
|
page read and write
|
||
|
1EB09628000
|
heap
|
page read and write
|
||
|
21030710000
|
heap
|
page read and write
|
||
|
2102E6DF000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030070000
|
heap
|
page read and write
|
||
|
21030A35000
|
heap
|
page read and write
|
||
|
7FF8B9F65000
|
unkown
|
page readonly
|
||
|
7FF8B80D5000
|
unkown
|
page readonly
|
||
|
21030209000
|
heap
|
page read and write
|
||
|
2102DF30000
|
direct allocation
|
page read and write
|
||
|
21030085000
|
heap
|
page read and write
|
||
|
21030174000
|
heap
|
page read and write
|
||
|
21030248000
|
heap
|
page read and write
|
||
|
2102DE5F000
|
heap
|
page read and write
|
||
|
2103082A000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21030239000
|
heap
|
page read and write
|
||
|
210307EA000
|
heap
|
page read and write
|
||
|
21030182000
|
heap
|
page read and write
|
||
|
7FF8B6171000
|
unkown
|
page execute and read and write
|
||
|
2102E60A000
|
heap
|
page read and write
|
||
|
2103068A000
|
heap
|
page read and write
|
||
|
7FF8A8229000
|
unkown
|
page execute and read and write
|
||
|
2102DE63000
|
heap
|
page read and write
|
||
|
210306F5000
|
heap
|
page read and write
|
||
|
21030817000
|
heap
|
page read and write
|
||
|
7FF8B8267000
|
unkown
|
page execute and write copy
|
||
|
2102E67F000
|
heap
|
page read and write
|
||
|
21030762000
|
heap
|
page read and write
|
||
|
7FF8A84C7000
|
unkown
|
page execute and read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2103072B000
|
heap
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
2103010B000
|
heap
|
page read and write
|
||
|
210301A1000
|
heap
|
page read and write
|
||
|
2103011A000
|
heap
|
page read and write
|
||
|
210317D0000
|
direct allocation
|
page read and write
|
||
|
2102DE0A000
|
heap
|
page read and write
|
||
|
268000
|
unkown
|
page execute and write copy
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
2103067E000
|
heap
|
page read and write
|
||
|
21030651000
|
heap
|
page read and write
|
||
|
7FF8B27CA000
|
unkown
|
page execute and read and write
|
||
|
33BC3CF000
|
stack
|
page read and write
|
||
|
21030761000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
21030085000
|
heap
|
page read and write
|
||
|
2102DE4C000
|
heap
|
page read and write
|
||
|
21030230000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
7FF8B9F60000
|
unkown
|
page readonly
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102E6D7000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8B78BF000
|
unkown
|
page execute and read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102DE08000
|
heap
|
page read and write
|
||
|
210303F0000
|
heap
|
page read and write
|
||
|
7FF8B8AF4000
|
unkown
|
page execute and read and write
|
||
|
210301C9000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
7FF8A83F8000
|
unkown
|
page execute and read and write
|
||
|
7FF8BFAC1000
|
unkown
|
page execute read
|
||
|
2102DDEF000
|
heap
|
page read and write
|
||
|
21030089000
|
heap
|
page read and write
|
||
|
21031950000
|
direct allocation
|
page read and write
|
||
|
21030210000
|
heap
|
page read and write
|
||
|
21030AD3000
|
heap
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
2102DE53000
|
heap
|
page read and write
|
||
|
7FF8B8020000
|
unkown
|
page readonly
|
||
|
2102E5FB000
|
heap
|
page read and write
|
||
|
2102DDE7000
|
heap
|
page read and write
|
||
|
7FF73D7EE000
|
unkown
|
page readonly
|
||
|
E5C49DE000
|
stack
|
page read and write
|
||
|
E5C4BCE000
|
stack
|
page read and write
|
||
|
1EB0963D000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102DFB0000
|
direct allocation
|
page read and write
|
||
|
2103073D000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
21030779000
|
heap
|
page read and write
|
||
|
21030245000
|
heap
|
page read and write
|
||
|
7FF8B93D4000
|
unkown
|
page execute and read and write
|
||
|
7FF8B27B1000
|
unkown
|
page execute and read and write
|
||
|
210306F2000
|
heap
|
page read and write
|
||
|
210301C9000
|
heap
|
page read and write
|
||
|
1EB09649000
|
heap
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
210301A9000
|
heap
|
page read and write
|
||
|
2102E6D6000
|
heap
|
page read and write
|
||
|
210300FB000
|
heap
|
page read and write
|
||
|
2102E5FC000
|
heap
|
page read and write
|
||
|
1EB09634000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
7FF73D7DD000
|
unkown
|
page write copy
|
||
|
21030112000
|
heap
|
page read and write
|
||
|
7FF8B8F9D000
|
unkown
|
page read and write
|
||
|
1EB09649000
|
heap
|
page read and write
|
||
|
21030698000
|
heap
|
page read and write
|
||
|
210300AF000
|
heap
|
page read and write
|
||
|
2102DE57000
|
heap
|
page read and write
|
||
|
7FF8A8215000
|
unkown
|
page execute and read and write
|
||
|
21030808000
|
heap
|
page read and write
|
||
|
7FF8B78C6000
|
unkown
|
page execute and read and write
|
||
|
210309C9000
|
heap
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
21030100000
|
heap
|
page read and write
|
||
|
2103082A000
|
heap
|
page read and write
|
||
|
2102DE63000
|
heap
|
page read and write
|
||
|
21030779000
|
heap
|
page read and write
|
||
|
1EB0963D000
|
heap
|
page read and write
|
||
|
21030098000
|
heap
|
page read and write
|
||
|
21030795000
|
heap
|
page read and write
|
||
|
21030268000
|
heap
|
page read and write
|
||
|
210307E8000
|
heap
|
page read and write
|
||
|
210300C1000
|
heap
|
page read and write
|
||
|
21030229000
|
heap
|
page read and write
|
||
|
7FF8B93C0000
|
unkown
|
page readonly
|
||
|
2102E6F0000
|
direct allocation
|
page read and write
|
||
|
210313D0000
|
direct allocation
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
2102DE26000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102DEB0000
|
direct allocation
|
page read and write
|
||
|
21030111000
|
heap
|
page read and write
|
||
|
2102DE58000
|
heap
|
page read and write
|
||
|
21030256000
|
heap
|
page read and write
|
||
|
7FF8A8DAF000
|
unkown
|
page execute and read and write
|
||
|
210308FD000
|
heap
|
page read and write
|
||
|
210306F5000
|
heap
|
page read and write
|
||
|
7FF8B8019000
|
unkown
|
page execute and write copy
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF8B8251000
|
unkown
|
page execute and read and write
|
||
|
2103070B000
|
heap
|
page read and write
|
||
|
21030771000
|
heap
|
page read and write
|
||
|
2103082F000
|
heap
|
page read and write
|
||
|
2103024E000
|
heap
|
page read and write
|
||
|
21030193000
|
heap
|
page read and write
|
||
|
2103007F000
|
heap
|
page read and write
|
||
|
21030E50000
|
direct allocation
|
page read and write
|
||
|
21030C20000
|
direct allocation
|
page read and write
|
||
|
7FF8B27D2000
|
unkown
|
page execute and read and write
|
||
|
210306F2000
|
heap
|
page read and write
|
||
|
2103024B000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
2102E5F1000
|
heap
|
page read and write
|
||
|
2102DDD6000
|
heap
|
page read and write
|
||
|
21030822000
|
heap
|
page read and write
|
||
|
21030702000
|
heap
|
page read and write
|
||
|
21030A30000
|
heap
|
page read and write
|
||
|
21030819000
|
heap
|
page read and write
|
||
|
7FF8B7FE1000
|
unkown
|
page execute and read and write
|
||
|
7FF8B7FEB000
|
unkown
|
page read and write
|
||
|
21030250000
|
heap
|
page read and write
|
||
|
210309EA000
|
heap
|
page read and write
|
||
|
1EB0964B000
|
heap
|
page read and write
|
||
|
2102DDBD000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102DE16000
|
heap
|
page read and write
|
||
|
2102DDEB000
|
heap
|
page read and write
|
||
|
7FF8A8140000
|
unkown
|
page execute and read and write
|
||
|
2102DDE9000
|
heap
|
page read and write
|
||
|
2102E065000
|
heap
|
page read and write
|
||
|
1EB09641000
|
heap
|
page read and write
|
||
|
2102DE06000
|
heap
|
page read and write
|
||
|
21030171000
|
heap
|
page read and write
|
||
|
26B000
|
unkown
|
page write copy
|
||
|
2102DE5B000
|
heap
|
page read and write
|
||
|
7FF8A8454000
|
unkown
|
page execute and read and write
|
||
|
210307D1000
|
heap
|
page read and write
|
||
|
2103071B000
|
heap
|
page read and write
|
||
|
210300AD000
|
heap
|
page read and write
|
||
|
7FF8B93D9000
|
unkown
|
page execute and write copy
|
||
|
210300A8000
|
heap
|
page read and write
|
||
|
21030684000
|
heap
|
page read and write
|
||
|
210307EA000
|
heap
|
page read and write
|
||
|
210315D0000
|
direct allocation
|
page read and write
|
||
|
210308E9000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102E607000
|
heap
|
page read and write
|
||
|
21031390000
|
direct allocation
|
page read and write
|
||
|
1EB0963A000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102DE12000
|
heap
|
page read and write
|
||
|
7FF8A84EB000
|
unkown
|
page execute and read and write
|
||
|
7FF8B61DF000
|
unkown
|
page execute and write copy
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
2102DE50000
|
heap
|
page read and write
|
||
|
2103079F000
|
heap
|
page read and write
|
||
|
210307CE000
|
heap
|
page read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF73D7EE000
|
unkown
|
page readonly
|
||
|
7FF8A823A000
|
unkown
|
page execute and read and write
|
||
|
2102DDC2000
|
heap
|
page read and write
|
||
|
21030086000
|
heap
|
page read and write
|
||
|
2102E5FF000
|
heap
|
page read and write
|
||
|
1EB0964A000
|
heap
|
page read and write
|
||
|
7FF8B9F70000
|
unkown
|
page readonly
|
||
|
210309DB000
|
heap
|
page read and write
|
||
|
7FF8B61B3000
|
unkown
|
page execute and read and write
|
||
|
7FF8A8998000
|
unkown
|
page execute and read and write
|
||
|
2102DDDA000
|
heap
|
page read and write
|
||
|
2102DDEC000
|
heap
|
page read and write
|
||
|
7FF8B8CBA000
|
unkown
|
page execute and write copy
|
||
|
7FF73D7CA000
|
unkown
|
page readonly
|
||
|
7FF8B7FD0000
|
unkown
|
page readonly
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
7FF73D7CA000
|
unkown
|
page readonly
|
||
|
1EB0963F000
|
heap
|
page read and write
|
||
|
21030694000
|
heap
|
page read and write
|
||
|
7FF8A89BD000
|
unkown
|
page read and write
|
||
|
7FF8B8AF7000
|
unkown
|
page execute and read and write
|
||
|
210307E1000
|
heap
|
page read and write
|
||
|
7FF8B8F95000
|
unkown
|
page execute and read and write
|
||
|
7FF8A8C4C000
|
unkown
|
page execute and read and write
|
||
|
1EB0963C000
|
heap
|
page read and write
|
||
|
2102E61A000
|
heap
|
page read and write
|
There are 1061 hidden memdumps, click here to show them.