Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
URGENTE_NOTIFICATION.cmd
|
Unicode text, UTF-8 text, with very long lines (1320), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\Public\Libraries\Mywiztwu
|
data
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Mywiztwu.PIF
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\easinvoker.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\netutils.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\sppsvc.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Mywiztwu.url
|
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Mywiztwu.PIF">), ASCII text, with CRLF line
terminators
|
dropped
|
|
|
|
C:\ProgramData\remi\logs.dat
|
data
|
dropped
|
||
|
C:\Users\Public\Libraries\KDECO.bat
|
DOS batch file, ASCII text, with very long lines (468), with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\MywiztwuO.bat
|
Unicode text, UTF-16, little-endian text, with very long lines (15012), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\alpha.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
modified
|
||
|
C:\Users\Public\kn.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
modified
|
||
|
C:\Users\Public\sppsvc.rtf
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\URGENTE_NOTIFICATION.cmd" "
|
|
|
|
C:\Windows\System32\extrac32.exe
|
C:\\Windows\\System32\\extrac32.exe /C /Y C:\\Windows\\System32\\cmd.exe C:\\Users\\Public\\alpha.exe
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c extrac32.exe /C /Y C:\\Windows\\System32\\certutil.exe C:\\Users\\Public\\kn.exe
|
|
|
|
C:\Windows\System32\extrac32.exe
|
extrac32.exe /C /Y C:\\Windows\\System32\\certutil.exe C:\\Users\\Public\\kn.exe
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c C:\\Users\\Public\\kn -decodehex -F "C:\Users\user\Desktop\URGENTE_NOTIFICATION.cmd" "C:\\Users\\Public\\sppsvc.rtf"
9
|
|
|
|
C:\Users\Public\kn.exe
|
C:\\Users\\Public\\kn -decodehex -F "C:\Users\user\Desktop\URGENTE_NOTIFICATION.cmd" "C:\\Users\\Public\\sppsvc.rtf" 9
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c C:\\Users\\Public\\kn -decodehex -F "C:\\Users\\Public\\sppsvc.rtf" "C:\\Users\\Public\\Libraries\\sppsvc.pif"
12
|
|
|
|
C:\Users\Public\kn.exe
|
C:\\Users\\Public\\kn -decodehex -F "C:\\Users\\Public\\sppsvc.rtf" "C:\\Users\\Public\\Libraries\\sppsvc.pif" 12
|
|
|
|
C:\Users\Public\Libraries\sppsvc.pif
|
C:\Users\Public\Libraries\sppsvc.pif
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c del "C:\Users\Public\sppsvc.rtf" / A / F / Q / S
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c del "C:\Users\Public\kn.exe" / A / F / Q / S
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Libraries\MywiztwuO.bat" "
|
|
|
|
C:\Windows\SysWOW64\extrac32.exe
|
C:\\Windows\\System32\\extrac32.exe /C /Y C:\Users\Public\Libraries\sppsvc.pif C:\\Users\\Public\\Libraries\\Mywiztwu.PIF
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" ECHO F"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" ECHO F"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" ECHO F"
|
|
|
|
C:\Users\Public\Libraries\Mywiztwu.PIF
|
"C:\Users\Public\Libraries\Mywiztwu.PIF"
|
|
|
|
C:\Users\Public\Libraries\Mywiztwu.PIF
|
"C:\Users\Public\Libraries\Mywiztwu.PIF"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\xcopy.exe
|
xcopy "easinvoker.exe" "C:\Windows \System32\" /K /D /H /Y
|
||
|
C:\Windows\SysWOW64\xcopy.exe
|
xcopy "Aaa.bat" "C:\Windows \System32\" /K /D /H /Y
|
||
|
C:\Windows\SysWOW64\xcopy.exe
|
xcopy "netutils.dll" "C:\Windows \System32\" /K /D /H /Y
|
There are 13 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
|
|
|
http://geoplugin.net/json.gp/C
|
unknown
|
|
|
|
37.duckdns.org
|
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0
|
unknown
|
||
|
https://%ws/%ws_%ws_%ws/service.svc/%wsADPolicyProviderSCEP
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/authorize
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/token
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://live.com/V
|
unknown
|
||
|
https://public.boxcloud.com/d/1/b1
|
unknown
|
||
|
https://sf0kkw.by.files.1drv.com/y4mJD7T-efm99Mj7M3bDWK61C5J_9E0cWaFQ8_Sv_xuuCr4GLOJRyaqXhymO2SZPGok
|
unknown
|
||
|
https://onedrive.live.com/download?resid=BAF30C9243AC3050%21114&authkey=!ACfGQrCE2jZmaGY
|
13.107.139.11
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#
|
unknown
|
||
|
https://elmauz.box.com/public/static/gqtnnv55lt0beo9fdcpu8fhnomsn4frv
|
74.112.186.144
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/key/
|
unknown
|
||
|
https://elmauz.app.box.com/public/static/gqtnnv55lt0beo9fdcpu8fhnomsn4frv
|
74.112.186.144
|
||
|
http://geoplugin.net/json.gpn.net/json.gp
|
unknown
|
||
|
https://onedrive.live.com/download?resid=BAF30C9243AC3050%21114&authkey=
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/authorizeJoinStatusStorage::SetDefaultDiscoveryMetadatah
|
unknown
|
||
|
http://geoplugin.net/json.gpox.com
|
unknown
|
||
|
https://sf0kkw.by.files.1drv.com/y4mvIQn78bXO0uvUkh3kArWIhM3caELUIcFjkkKi4lmUsvh-b99o_L_XVqpG75xc3fv
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/DeviceEnrollmentWebService.svc
|
unknown
|
||
|
https://elmauz.box.com/shared/static/gqtnnv55lt0beo9fdcpu8fhnomsn4frv
|
74.112.186.144
|
||
|
https://sf0kkw.by.files.1drv.com/
|
unknown
|
||
|
https://sf0kkw.by.files.1drv.com:443/y4mJD7T-efm99Mj7M3bDWK61C5J_9E0cWaFQ8_Sv_xuuCr4GLOJRyaqXhymO2SZ
|
unknown
|
||
|
http://www.pmail.com
|
unknown
|
||
|
https://%ws/%ws_%ws_%ws/service.svc/%ws
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/device/
|
unknown
|
||
|
http://ocsp.sectigo.com0C
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
embargogo237.duckdns.org
|
45.74.19.121
|
|
|
|
dual-spov-0006.spov-msedge.net
|
13.107.139.11
|
||
|
elmauz.box.com
|
74.112.186.144
|
||
|
public.boxcloud.com
|
74.112.186.128
|
||
|
geoplugin.net
|
178.237.33.50
|
||
|
drive.google.com
|
142.250.101.102
|
||
|
drive.usercontent.google.com
|
142.250.101.132
|
||
|
elmauz.app.box.com
|
74.112.186.144
|
||
|
sf0kkw.by.files.1drv.com
|
unknown
|
||
|
onedrive.live.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.74.19.121
|
embargogo237.duckdns.org
|
United States
|
|
|
|
13.107.139.11
|
dual-spov-0006.spov-msedge.net
|
United States
|
||
|
74.112.186.144
|
elmauz.box.com
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
74.112.186.128
|
public.boxcloud.com
|
United States
|
||
|
142.250.101.102
|
drive.google.com
|
United States
|
||
|
142.250.101.132
|
drive.usercontent.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Mywiztwu
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-RFUXJL
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-RFUXJL
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-RFUXJL
|
time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.1!7
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.2!7
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.3!7
|
Name
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FBF0000
|
direct allocation
|
page read and write
|
|
|
|
704000
|
heap
|
page read and write
|
|
|
|
7E810000
|
direct allocation
|
page read and write
|
|
|
|
2831000
|
direct allocation
|
page execute read
|
|
|
|
28B1000
|
direct allocation
|
page execute read
|
|
|
|
23D5000
|
direct allocation
|
page read and write
|
|
|
|
2A51000
|
direct allocation
|
page execute read
|
|
|
|
76E000
|
heap
|
page read and write
|
|
|
|
14550000
|
direct allocation
|
page execute and read and write
|
|
|
|
A50000
|
heap
|
page read and write
|
||
|
14590000
|
remote allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
14434000
|
direct allocation
|
page execute and read and write
|
||
|
24A1000
|
direct allocation
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
7FF683FCD000
|
unkown
|
page readonly
|
||
|
8323AFF000
|
stack
|
page read and write
|
||
|
7DA000
|
heap
|
page read and write
|
||
|
7FB10000
|
direct allocation
|
page read and write
|
||
|
3316F000
|
stack
|
page read and write
|
||
|
14AC3000
|
heap
|
page read and write
|
||
|
2420000
|
direct allocation
|
page read and write
|
||
|
2459000
|
direct allocation
|
page read and write
|
||
|
7EFE0000
|
direct allocation
|
page read and write
|
||
|
7ECD0000
|
direct allocation
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
1E303670000
|
heap
|
page read and write
|
||
|
249A000
|
direct allocation
|
page read and write
|
||
|
13866E67000
|
heap
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
332E000
|
heap
|
page read and write
|
||
|
13C98000
|
direct allocation
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
73D000
|
heap
|
page read and write
|
||
|
2DF2000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
1444E000
|
stack
|
page read and write
|
||
|
36C4000
|
heap
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
169C1880000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
14B33000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
217CCBFA000
|
heap
|
page read and write
|
||
|
25C532C2000
|
heap
|
page read and write
|
||
|
285B000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF6659FA000
|
unkown
|
page write copy
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
169C1925000
|
heap
|
page read and write
|
||
|
3342000
|
heap
|
page read and write
|
||
|
7FF665A15000
|
unkown
|
page write copy
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
141BE000
|
stack
|
page read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
7E5F0000
|
direct allocation
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
7EF50000
|
direct allocation
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page read and write
|
||
|
7E8A0000
|
direct allocation
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
2624000
|
direct allocation
|
page read and write
|
||
|
13DDE000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
14F4F000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
2408000
|
direct allocation
|
page read and write
|
||
|
13D9A000
|
stack
|
page read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
7FF683FCD000
|
unkown
|
page readonly
|
||
|
781000
|
heap
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
7EB40000
|
direct allocation
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
2CAC000
|
stack
|
page read and write
|
||
|
71B000
|
heap
|
page read and write
|
||
|
27938B4A000
|
heap
|
page read and write
|
||
|
141BE000
|
stack
|
page read and write
|
||
|
2E09000
|
heap
|
page read and write
|
||
|
2616000
|
direct allocation
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
1C077D5B000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
1454D000
|
stack
|
page read and write
|
||
|
7F180000
|
direct allocation
|
page read and write
|
||
|
15304000
|
direct allocation
|
page execute and read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
83238FC000
|
stack
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
90110FE000
|
stack
|
page read and write
|
||
|
7FF683FCD000
|
unkown
|
page readonly
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
26DE000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
7EDB0000
|
direct allocation
|
page read and write
|
||
|
56E000
|
unkown
|
page read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
370B000
|
heap
|
page read and write
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
3332000
|
heap
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
7FF683FB5000
|
unkown
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2DAF000
|
unkown
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
7FF683FBF000
|
unkown
|
page read and write
|
||
|
27938B57000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
7FF683FCC000
|
unkown
|
page write copy
|
||
|
2E05000
|
heap
|
page read and write
|
||
|
7E888000
|
direct allocation
|
page read and write
|
||
|
3650000
|
heap
|
page read and write
|
||
|
148A1000
|
heap
|
page read and write
|
||
|
1C077FD0000
|
heap
|
page read and write
|
||
|
14F5E000
|
heap
|
page read and write
|
||
|
55FD9FF000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
150BE000
|
stack
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
152BF000
|
direct allocation
|
page execute and read and write
|
||
|
3336F000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
2448000
|
direct allocation
|
page read and write
|
||
|
C20000
|
direct allocation
|
page execute and read and write
|
||
|
56E000
|
unkown
|
page read and write
|
||
|
7EEEF000
|
direct allocation
|
page read and write
|
||
|
14430000
|
direct allocation
|
page execute and read and write
|
||
|
217CCCF0000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
14481000
|
direct allocation
|
page execute and read and write
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
7E918000
|
direct allocation
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
237C000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
3306F000
|
stack
|
page read and write
|
||
|
2461000
|
direct allocation
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
7FF665A18000
|
unkown
|
page readonly
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
7FF6659FA000
|
unkown
|
page write copy
|
||
|
7EA50000
|
direct allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683FB9000
|
unkown
|
page read and write
|
||
|
5D8877E000
|
stack
|
page read and write
|
||
|
1403F000
|
stack
|
page read and write
|
||
|
232F000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7F10F000
|
direct allocation
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
2793AA60000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
unkown
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
1443F000
|
direct allocation
|
page execute and read and write
|
||
|
2B3D000
|
stack
|
page read and write
|
||
|
7FF66599E000
|
unkown
|
page readonly
|
||
|
138670B0000
|
heap
|
page read and write
|
||
|
2C5C000
|
heap
|
page read and write
|
||
|
7F970000
|
direct allocation
|
page read and write
|
||
|
16F3B467000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
14AC3000
|
heap
|
page read and write
|
||
|
7FF665A0D000
|
unkown
|
page readonly
|
||
|
146DF000
|
stack
|
page read and write
|
||
|
14590000
|
remote allocation
|
page read and write
|
||
|
1C077D88000
|
heap
|
page read and write
|
||
|
27938B5C000
|
heap
|
page read and write
|
||
|
1401F000
|
stack
|
page read and write
|
||
|
7EE80000
|
direct allocation
|
page read and write
|
||
|
1C079973000
|
heap
|
page read and write
|
||
|
7FF66599E000
|
unkown
|
page readonly
|
||
|
2E1E000
|
heap
|
page read and write
|
||
|
1417F000
|
stack
|
page read and write
|
||
|
55FD58B000
|
stack
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
25C532A7000
|
heap
|
page read and write
|
||
|
14D13000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
16F3B440000
|
heap
|
page read and write
|
||
|
2F0C000
|
stack
|
page read and write
|
||
|
7E5B0000
|
direct allocation
|
page read and write
|
||
|
7EEF0000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
13AF5000
|
direct allocation
|
page read and write
|
||
|
1C077D8C000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
25C531B0000
|
heap
|
page read and write
|
||
|
7E90F000
|
direct allocation
|
page read and write
|
||
|
243D000
|
direct allocation
|
page read and write
|
||
|
14918000
|
heap
|
page read and write
|
||
|
14D83000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
1440E000
|
stack
|
page read and write
|
||
|
83239FF000
|
stack
|
page read and write
|
||
|
577000
|
unkown
|
page readonly
|
||
|
750000
|
heap
|
page read and write
|
||
|
27938B78000
|
heap
|
page read and write
|
||
|
7F130000
|
direct allocation
|
page read and write
|
||
|
1483E000
|
heap
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
2493000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page write copy
|
||
|
1415F000
|
stack
|
page read and write
|
||
|
152BB000
|
direct allocation
|
page execute and read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
13C0A000
|
direct allocation
|
page read and write
|
||
|
7E9C0000
|
direct allocation
|
page read and write
|
||
|
27938A50000
|
heap
|
page read and write
|
||
|
7FF665A03000
|
unkown
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
1E30367B000
|
heap
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
169C36E7000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
2E1E000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
C0E5B0C000
|
stack
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
1C077D5B000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF665A03000
|
unkown
|
page read and write
|
||
|
27938970000
|
heap
|
page read and write
|
||
|
1444E000
|
stack
|
page read and write
|
||
|
7EFE0000
|
direct allocation
|
page read and write
|
||
|
2703000
|
heap
|
page read and write
|
||
|
1443B000
|
direct allocation
|
page execute and read and write
|
||
|
7F0B0000
|
direct allocation
|
page read and write
|
||
|
7ECE0000
|
direct allocation
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
2484000
|
direct allocation
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
27938E20000
|
heap
|
page read and write
|
||
|
7E680000
|
direct allocation
|
page read and write
|
||
|
33C8CFE000
|
stack
|
page read and write
|
||
|
2EEC000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
901117F000
|
stack
|
page read and write
|
||
|
27938B78000
|
heap
|
page read and write
|
||
|
1C079970000
|
heap
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
13EDF000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
25C532AE000
|
heap
|
page read and write
|
||
|
152B0000
|
direct allocation
|
page execute and read and write
|
||
|
2793A520000
|
heap
|
page read and write
|
||
|
13BF4000
|
direct allocation
|
page read and write
|
||
|
7FF665880000
|
unkown
|
page readonly
|
||
|
13C18000
|
direct allocation
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
7EE50000
|
direct allocation
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
7EAE0000
|
direct allocation
|
page read and write
|
||
|
B53000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
25C531D0000
|
heap
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
8225BEE000
|
stack
|
page read and write
|
||
|
23FF000
|
direct allocation
|
page read and write
|
||
|
7E930000
|
direct allocation
|
page read and write
|
||
|
1FF51B43000
|
heap
|
page read and write
|
||
|
7F10F000
|
direct allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
2910000
|
direct allocation
|
page read and write
|
||
|
16F3B463000
|
heap
|
page read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
13BC9000
|
direct allocation
|
page read and write
|
||
|
36C0000
|
heap
|
page read and write
|
||
|
2E1E000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
C0E5FFF000
|
stack
|
page read and write
|
||
|
13C83000
|
direct allocation
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
7FD30000
|
direct allocation
|
page read and write
|
||
|
7FF665881000
|
unkown
|
page execute read
|
||
|
13C74000
|
direct allocation
|
page read and write
|
||
|
7FB70000
|
direct allocation
|
page read and write
|
||
|
2460000
|
direct allocation
|
page read and write
|
||
|
1430E000
|
stack
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page read and write
|
||
|
1C077FFC000
|
heap
|
page read and write
|
||
|
2D8D000
|
stack
|
page read and write
|
||
|
7FF683FB1000
|
unkown
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
57E000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
27938E2C000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2342000
|
direct allocation
|
page read and write
|
||
|
1C077D8C000
|
heap
|
page read and write
|
||
|
25C533A0000
|
heap
|
page read and write
|
||
|
13BE6000
|
direct allocation
|
page read and write
|
||
|
2E1F000
|
heap
|
page read and write
|
||
|
1C077F30000
|
heap
|
page read and write
|
||
|
7FF683FB1000
|
unkown
|
page read and write
|
||
|
27938B46000
|
heap
|
page read and write
|
||
|
1FF51B2A000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7FF683FCD000
|
unkown
|
page readonly
|
||
|
8225B6B000
|
stack
|
page read and write
|
||
|
7F110000
|
direct allocation
|
page read and write
|
||
|
7EDC0000
|
direct allocation
|
page read and write
|
||
|
141BE000
|
stack
|
page read and write
|
||
|
14B88000
|
direct allocation
|
page read and write
|
||
|
149A1000
|
heap
|
page read and write
|
||
|
2C58000
|
heap
|
page read and write
|
||
|
2DF1000
|
heap
|
page read and write
|
||
|
7F10F000
|
direct allocation
|
page read and write
|
||
|
256F000
|
direct allocation
|
page read and write
|
||
|
2648000
|
direct allocation
|
page read and write
|
||
|
459000
|
unkown
|
page write copy
|
||
|
1FF51A80000
|
heap
|
page read and write
|
||
|
7EB40000
|
direct allocation
|
page read and write
|
||
|
1FF51AA0000
|
heap
|
page read and write
|
||
|
78B000
|
heap
|
page read and write
|
||
|
25C532A0000
|
heap
|
page read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
2DF2000
|
heap
|
page read and write
|
||
|
55FD8FF000
|
stack
|
page read and write
|
||
|
152FB000
|
direct allocation
|
page execute and read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
142BF000
|
stack
|
page read and write
|
||
|
7FF665880000
|
unkown
|
page readonly
|
||
|
2EE8000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1C077D88000
|
heap
|
page read and write
|
||
|
2C4D000
|
stack
|
page read and write
|
||
|
1C077F50000
|
heap
|
page read and write
|
||
|
13867100000
|
heap
|
page read and write
|
||
|
27938B79000
|
heap
|
page read and write
|
||
|
7FA000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
14824000
|
heap
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page write copy
|
||
|
7EF10000
|
direct allocation
|
page read and write
|
||
|
7FF683FBF000
|
unkown
|
page read and write
|
||
|
7E410000
|
direct allocation
|
page read and write
|
||
|
3342000
|
heap
|
page read and write
|
||
|
13BED000
|
direct allocation
|
page read and write
|
||
|
152F7000
|
direct allocation
|
page execute and read and write
|
||
|
1E303610000
|
heap
|
page read and write
|
||
|
27938AF0000
|
heap
|
page read and write
|
||
|
13D5A000
|
stack
|
page read and write
|
||
|
7EF10000
|
direct allocation
|
page read and write
|
||
|
69A000
|
heap
|
page read and write
|
||
|
217CCAE0000
|
heap
|
page read and write
|
||
|
169C36D0000
|
heap
|
page read and write
|
||
|
1FF51E05000
|
heap
|
page read and write
|
||
|
35CE000
|
stack
|
page read and write
|
||
|
1FF51B46000
|
heap
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2349000
|
direct allocation
|
page read and write
|
||
|
27938A70000
|
heap
|
page read and write
|
||
|
145DE000
|
stack
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
5D887FD000
|
stack
|
page read and write
|
||
|
286C000
|
direct allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
3342000
|
heap
|
page read and write
|
||
|
13C11000
|
direct allocation
|
page read and write
|
||
|
217CCBC0000
|
heap
|
page read and write
|
||
|
2890000
|
direct allocation
|
page read and write
|
||
|
7E830000
|
direct allocation
|
page read and write
|
||
|
7FF6659FA000
|
unkown
|
page write copy
|
||
|
27938B38000
|
heap
|
page read and write
|
||
|
7FF665A18000
|
unkown
|
page readonly
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
152F9000
|
direct allocation
|
page execute and read and write
|
||
|
14484000
|
direct allocation
|
page execute and read and write
|
||
|
14590000
|
remote allocation
|
page read and write
|
||
|
7FF66599E000
|
unkown
|
page readonly
|
||
|
1C077D57000
|
heap
|
page read and write
|
||
|
28D35FF000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
2398000
|
direct allocation
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
7E4E0000
|
direct allocation
|
page read and write
|
||
|
7EA2F000
|
direct allocation
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
13BBB000
|
direct allocation
|
page read and write
|
||
|
13F3E000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7E99F000
|
direct allocation
|
page read and write
|
||
|
1503F000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
16F3B6A5000
|
heap
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page write copy
|
||
|
1E3035F0000
|
heap
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
743000
|
heap
|
page read and write
|
||
|
13B55000
|
direct allocation
|
page read and write
|
||
|
1C07A5C0000
|
heap
|
page read and write
|
||
|
1430E000
|
stack
|
page read and write
|
||
|
2500000
|
heap
|
page read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
2452000
|
direct allocation
|
page read and write
|
||
|
7E8C0000
|
direct allocation
|
page read and write
|
||
|
14C00000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
1E303693000
|
heap
|
page read and write
|
||
|
25C530D0000
|
heap
|
page read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
1FF51B20000
|
heap
|
page read and write
|
||
|
360F000
|
stack
|
page read and write
|
||
|
7FF665A08000
|
unkown
|
page read and write
|
||
|
56E000
|
unkown
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
F80D0FF000
|
stack
|
page read and write
|
||
|
33C8C7D000
|
stack
|
page read and write
|
||
|
245A000
|
direct allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
13868D66000
|
heap
|
page read and write
|
||
|
2DCC000
|
heap
|
page read and write
|
||
|
7FF683FB1000
|
unkown
|
page read and write
|
||
|
1C077D89000
|
heap
|
page read and write
|
||
|
3670000
|
heap
|
page read and write
|
||
|
261D000
|
direct allocation
|
page read and write
|
||
|
7FF665A0D000
|
unkown
|
page readonly
|
||
|
C10000
|
heap
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
14820000
|
heap
|
page read and write
|
||
|
2468000
|
direct allocation
|
page read and write
|
||
|
247D000
|
direct allocation
|
page read and write
|
||
|
7FF665881000
|
unkown
|
page execute read
|
||
|
1C077D8C000
|
heap
|
page read and write
|
||
|
13BBF000
|
direct allocation
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7EFAF000
|
direct allocation
|
page read and write
|
||
|
2CAE000
|
unkown
|
page read and write
|
||
|
8225E7E000
|
stack
|
page read and write
|
||
|
2419000
|
direct allocation
|
page read and write
|
||
|
24A8000
|
direct allocation
|
page read and write
|
||
|
14F4D000
|
heap
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
2412000
|
direct allocation
|
page read and write
|
||
|
28EC000
|
direct allocation
|
page read and write
|
||
|
13C8A000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
2C6D000
|
stack
|
page read and write
|
||
|
14821000
|
heap
|
page read and write
|
||
|
7EB40000
|
direct allocation
|
page read and write
|
||
|
1C077FF0000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page write copy
|
||
|
19C000
|
stack
|
page read and write
|
||
|
145C8000
|
direct allocation
|
page execute and read and write
|
||
|
27938B7C000
|
heap
|
page read and write
|
||
|
14AC7000
|
heap
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
7FF683FCC000
|
unkown
|
page write copy
|
||
|
7FF6659FA000
|
unkown
|
page write copy
|
||
|
7FF683FBF000
|
unkown
|
page read and write
|
||
|
1440B000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
145C4000
|
direct allocation
|
page execute and read and write
|
||
|
16F3B3E0000
|
heap
|
page read and write
|
||
|
3342000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
14914000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
13867105000
|
heap
|
page read and write
|
||
|
14D19000
|
heap
|
page read and write
|
||
|
27938B46000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
13BFC000
|
direct allocation
|
page read and write
|
||
|
7FF665880000
|
unkown
|
page readonly
|
||
|
7FF665A16000
|
unkown
|
page readonly
|
||
|
7FF665A04000
|
unkown
|
page write copy
|
||
|
337F000
|
stack
|
page read and write
|
||
|
9010DFB000
|
stack
|
page read and write
|
||
|
14AC7000
|
heap
|
page read and write
|
||
|
1518F000
|
heap
|
page read and write
|
||
|
7FF665880000
|
unkown
|
page readonly
|
||
|
2A7B000
|
direct allocation
|
page read and write
|
||
|
13C6D000
|
direct allocation
|
page read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
7FC40000
|
direct allocation
|
page read and write
|
||
|
2391000
|
direct allocation
|
page read and write
|
||
|
7FC00000
|
direct allocation
|
page read and write
|
||
|
2350000
|
direct allocation
|
page read and write
|
||
|
C0E5EFE000
|
stack
|
page read and write
|
||
|
1FF519A0000
|
heap
|
page read and write
|
||
|
152B4000
|
direct allocation
|
page execute and read and write
|
||
|
149A0000
|
heap
|
page read and write
|
||
|
7FF683FCC000
|
unkown
|
page write copy
|
||
|
97F000
|
stack
|
page read and write
|
||
|
13866E60000
|
heap
|
page read and write
|
||
|
1E303770000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
217CCE35000
|
heap
|
page read and write
|
||
|
7E7A0000
|
direct allocation
|
page read and write
|
||
|
7FF683FB9000
|
unkown
|
page read and write
|
||
|
7FF665A04000
|
unkown
|
page write copy
|
||
|
70E000
|
heap
|
page read and write
|
||
|
16F3B44B000
|
heap
|
page read and write
|
||
|
7FF66599E000
|
unkown
|
page readonly
|
||
|
2793B260000
|
heap
|
page read and write
|
||
|
14D1D000
|
heap
|
page read and write
|
||
|
7FF665A18000
|
unkown
|
page readonly
|
||
|
1C077D8E000
|
heap
|
page read and write
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
25C53525000
|
heap
|
page read and write
|
||
|
2E05000
|
heap
|
page read and write
|
||
|
7FF683FBF000
|
unkown
|
page read and write
|
||
|
27938B7C000
|
heap
|
page read and write
|
||
|
6CE000
|
heap
|
page read and write
|
||
|
7E900000
|
direct allocation
|
page read and write
|
||
|
7F10F000
|
direct allocation
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
2E05000
|
heap
|
page read and write
|
||
|
16F3B400000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
15291000
|
direct allocation
|
page execute and read and write
|
||
|
25C53520000
|
heap
|
page read and write
|
||
|
7FF683FCC000
|
unkown
|
page write copy
|
||
|
13BC2000
|
direct allocation
|
page read and write
|
||
|
1C077E50000
|
heap
|
page read and write
|
||
|
27938B7C000
|
heap
|
page read and write
|
||
|
7F130000
|
direct allocation
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
1C077D40000
|
heap
|
page read and write
|
||
|
2338000
|
direct allocation
|
page read and write
|
||
|
7EC10000
|
direct allocation
|
page read and write
|
||
|
7FF683FBF000
|
unkown
|
page read and write
|
||
|
27938B30000
|
heap
|
page read and write
|
||
|
142BF000
|
stack
|
page read and write
|
||
|
263A000
|
direct allocation
|
page read and write
|
||
|
142BF000
|
stack
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
3318000
|
heap
|
page read and write
|
||
|
2395000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
570000
|
unkown
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
150F5000
|
heap
|
page read and write
|
||
|
27938B7C000
|
heap
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
7EE40000
|
direct allocation
|
page read and write
|
||
|
14C8C000
|
stack
|
page read and write
|
||
|
14FA1000
|
heap
|
page read and write
|
||
|
7FF665A15000
|
unkown
|
page write copy
|
||
|
F80CEFC000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
1C077FF5000
|
heap
|
page read and write
|
||
|
248C000
|
direct allocation
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
70B000
|
heap
|
page read and write
|
||
|
169C16B7000
|
heap
|
page read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
A7F000
|
stack
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
333E000
|
stack
|
page read and write
|
||
|
2DD4000
|
heap
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
14477000
|
direct allocation
|
page execute and read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
1C077D57000
|
heap
|
page read and write
|
||
|
1E303655000
|
heap
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
22C5000
|
direct allocation
|
page read and write
|
||
|
13BD8000
|
direct allocation
|
page read and write
|
||
|
327C000
|
stack
|
page read and write
|
||
|
6D9000
|
heap
|
page read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
2A9D000
|
stack
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
13C43000
|
direct allocation
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF665A0D000
|
unkown
|
page readonly
|
||
|
2453000
|
direct allocation
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
236D000
|
direct allocation
|
page read and write
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
3239000
|
stack
|
page read and write
|
||
|
13868D50000
|
heap
|
page read and write
|
||
|
13869096000
|
heap
|
page read and write
|
||
|
14911000
|
heap
|
page read and write
|
||
|
1C077D6C000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
169C1920000
|
heap
|
page read and write
|
||
|
7FF665881000
|
unkown
|
page execute read
|
||
|
77D000
|
heap
|
page read and write
|
||
|
780000
|
direct allocation
|
page execute and read and write
|
||
|
13C5C000
|
stack
|
page read and write
|
||
|
14411000
|
direct allocation
|
page execute and read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
13866DF0000
|
heap
|
page read and write
|
||
|
7FC10000
|
direct allocation
|
page read and write
|
||
|
752000
|
heap
|
page read and write
|
||
|
2DD1000
|
heap
|
page read and write
|
||
|
1491E000
|
heap
|
page read and write
|
||
|
7EB20000
|
direct allocation
|
page read and write
|
||
|
15051000
|
heap
|
page read and write
|
||
|
251C000
|
stack
|
page read and write
|
||
|
217CCC13000
|
heap
|
page read and write
|
||
|
2E09000
|
heap
|
page read and write
|
||
|
7FB80000
|
direct allocation
|
page read and write
|
||
|
7FDA7000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
244C000
|
direct allocation
|
page read and write
|
||
|
2641000
|
direct allocation
|
page read and write
|
||
|
901107E000
|
stack
|
page read and write
|
||
|
7FB70000
|
direct allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
217CCE30000
|
heap
|
page read and write
|
||
|
2480000
|
direct allocation
|
page execute and read and write
|
||
|
1C077D88000
|
heap
|
page read and write
|
||
|
7FF665881000
|
unkown
|
page execute read
|
||
|
13DFA000
|
stack
|
page read and write
|
||
|
14ACB000
|
heap
|
page read and write
|
||
|
268C000
|
stack
|
page read and write
|
||
|
13866E00000
|
heap
|
page read and write
|
||
|
149B5000
|
heap
|
page read and write
|
||
|
217CCD10000
|
heap
|
page read and write
|
||
|
27938B5C000
|
heap
|
page read and write
|
||
|
77C000
|
heap
|
page read and write
|
||
|
169C3550000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
1405E000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
1C077D47000
|
heap
|
page read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
14AC9000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
14479000
|
direct allocation
|
page execute and read and write
|
||
|
7F250000
|
direct allocation
|
page read and write
|
||
|
169C1670000
|
heap
|
page read and write
|
||
|
7E710000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683F70000
|
unkown
|
page readonly
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683FB1000
|
unkown
|
page read and write
|
||
|
7EAD2000
|
direct allocation
|
page read and write
|
||
|
1C077D6C000
|
heap
|
page read and write
|
||
|
13C03000
|
direct allocation
|
page read and write
|
||
|
B87000
|
heap
|
page read and write
|
||
|
3707000
|
heap
|
page read and write
|
||
|
13AE7000
|
direct allocation
|
page read and write
|
||
|
7FF683F71000
|
unkown
|
page execute read
|
||
|
2DD1000
|
heap
|
page read and write
|
||
|
169C1660000
|
heap
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
2374000
|
direct allocation
|
page read and write
|
||
|
764000
|
heap
|
page read and write
|
||
|
27938B7C000
|
heap
|
page read and write
|
||
|
14CCC000
|
stack
|
page read and write
|
||
|
5B60000
|
heap
|
page read and write
|
||
|
2793A523000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
13AE0000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page write copy
|
||
|
1FF51C20000
|
heap
|
page read and write
|
||
|
27938E25000
|
heap
|
page read and write
|
||
|
238A000
|
direct allocation
|
page read and write
|
||
|
13C58000
|
direct allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
14E6D000
|
heap
|
page read and write
|
||
|
1C079DC0000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
7FF665A18000
|
unkown
|
page readonly
|
||
|
28D36FF000
|
stack
|
page read and write
|
||
|
7E810000
|
direct allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FB5F000
|
direct allocation
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
1454F000
|
stack
|
page read and write
|
||
|
2E1E000
|
heap
|
page read and write
|
||
|
14C4E000
|
stack
|
page read and write
|
||
|
5D8867C000
|
stack
|
page read and write
|
||
|
8225EFF000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FC10000
|
direct allocation
|
page read and write
|
||
|
1C077D5B000
|
heap
|
page read and write
|
||
|
F80CFFF000
|
stack
|
page read and write
|
||
|
2A50000
|
direct allocation
|
page readonly
|
||
|
1FF51E00000
|
heap
|
page read and write
|
||
|
7F970000
|
direct allocation
|
page read and write
|
||
|
3327000
|
heap
|
page read and write
|
||
|
27938B78000
|
heap
|
page read and write
|
||
|
16F3B300000
|
heap
|
page read and write
|
||
|
27938B4A000
|
heap
|
page read and write
|
||
|
73E000
|
heap
|
page read and write
|
||
|
338C000
|
heap
|
page read and write
|
||
|
33C89DC000
|
stack
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
7FF683FC4000
|
unkown
|
page read and write
|
||
|
1E303510000
|
heap
|
page read and write
|
||
|
7FF683FAD000
|
unkown
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
169C3B46000
|
heap
|
page read and write
|
||
|
5D886FE000
|
stack
|
page read and write
|
||
|
7FF683FC4000
|
unkown
|
page read and write
|
||
|
2383000
|
direct allocation
|
page read and write
|
||
|
13F1E000
|
stack
|
page read and write
|
||
|
7FF683FCC000
|
unkown
|
page write copy
|
||
|
169C16B0000
|
heap
|
page read and write
|
||
|
28D34FC000
|
stack
|
page read and write
|
||
|
13EFF000
|
stack
|
page read and write
|
||
|
27938B4A000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
2563000
|
heap
|
page read and write
|
||
|
13C91000
|
direct allocation
|
page read and write
|
||
|
2E09000
|
heap
|
page read and write
|
||
|
13C66000
|
direct allocation
|
page read and write
|
||
|
7FC00000
|
direct allocation
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
16F3B540000
|
heap
|
page read and write
|
||
|
1C077D50000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
7FF683FC9000
|
unkown
|
page readonly
|
||
|
1407E000
|
stack
|
page read and write
|
||
|
3388000
|
heap
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
2A5D000
|
stack
|
page read and write
|
||
|
7FF665A0D000
|
unkown
|
page readonly
|
||
|
149A6000
|
heap
|
page read and write
|
||
|
15301000
|
direct allocation
|
page execute and read and write
|
||
|
3327000
|
heap
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
1507E000
|
stack
|
page read and write
|
||
|
1C077D67000
|
heap
|
page read and write
|
||
|
2633000
|
direct allocation
|
page read and write
|
||
|
764000
|
heap
|
page read and write
|
||
|
1C077D8C000
|
heap
|
page read and write
|
||
|
7FF683FB1000
|
unkown
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
||
|
13866E30000
|
heap
|
page read and write
|
||
|
7FCB0000
|
direct allocation
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
14C1D000
|
heap
|
page read and write
|
||
|
7FF683FCD000
|
unkown
|
page readonly
|
||
|
2444000
|
direct allocation
|
page read and write
|
||
|
3326F000
|
stack
|
page read and write
|
||
|
217CCBF0000
|
heap
|
page read and write
|
||
|
2DD1000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
572000
|
unkown
|
page write copy
|
||
|
2ECD000
|
stack
|
page read and write
|
||
|
7FF665A08000
|
unkown
|
page read and write
|
||
|
16F3B6A0000
|
heap
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
7F970000
|
direct allocation
|
page read and write
|
||
|
1447B000
|
direct allocation
|
page execute and read and write
|
||
|
28DB000
|
direct allocation
|
page read and write
|
||
|
7F0B0000
|
direct allocation
|
page read and write
|
||
|
7FF665A16000
|
unkown
|
page readonly
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
1E303650000
|
heap
|
page read and write
|
||
|
7FF683FA2000
|
unkown
|
page readonly
|
There are 815 hidden memdumps, click here to show them.