Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Enquiry 230424.bat
|
Unicode text, UTF-8 text, with very long lines (1320), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Rwksdoeb
|
data
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Rwksdoeb.PIF
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\easinvoker.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\netutils.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\sppsvc.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Rwksdoeb.url
|
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Rwksdoeb.PIF">), ASCII text, with CRLF line
terminators
|
dropped
|
|
|
|
C:\Users\Public\Libraries\KDECO.bat
|
DOS batch file, ASCII text, with very long lines (468), with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\RwksdoebO.bat
|
Unicode text, UTF-16, little-endian text, with very long lines (15012), with no line terminators
|
dropped
|
||
|
C:\Users\Public\alpha.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
modified
|
||
|
C:\Users\Public\kn.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
modified
|
||
|
C:\Users\Public\sppsvc.rtf
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\Enquiry 230424.bat" "
|
|
|
|
C:\Windows\System32\extrac32.exe
|
C:\\Windows\\System32\\extrac32.exe /C /Y C:\\Windows\\System32\\cmd.exe C:\\Users\\Public\\alpha.exe
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c extrac32.exe /C /Y C:\\Windows\\System32\\certutil.exe C:\\Users\\Public\\kn.exe
|
|
|
|
C:\Windows\System32\extrac32.exe
|
extrac32.exe /C /Y C:\\Windows\\System32\\certutil.exe C:\\Users\\Public\\kn.exe
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c C:\\Users\\Public\\kn -decodehex -F "C:\Users\user\Desktop\Enquiry 230424.bat" "C:\\Users\\Public\\sppsvc.rtf"
9
|
|
|
|
C:\Users\Public\kn.exe
|
C:\\Users\\Public\\kn -decodehex -F "C:\Users\user\Desktop\Enquiry 230424.bat" "C:\\Users\\Public\\sppsvc.rtf" 9
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c C:\\Users\\Public\\kn -decodehex -F "C:\\Users\\Public\\sppsvc.rtf" "C:\\Users\\Public\\Libraries\\sppsvc.pif"
12
|
|
|
|
C:\Users\Public\kn.exe
|
C:\\Users\\Public\\kn -decodehex -F "C:\\Users\\Public\\sppsvc.rtf" "C:\\Users\\Public\\Libraries\\sppsvc.pif" 12
|
|
|
|
C:\Users\Public\Libraries\sppsvc.pif
|
C:\Users\Public\Libraries\sppsvc.pif
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c del "C:\Users\Public\sppsvc.rtf" / A / F / Q / S
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c del "C:\Users\Public\kn.exe" / A / F / Q / S
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Libraries\RwksdoebO.bat" "
|
|
|
|
C:\Windows\SysWOW64\extrac32.exe
|
C:\\Windows\\System32\\extrac32.exe /C /Y C:\Users\Public\Libraries\sppsvc.pif C:\\Users\\Public\\Libraries\\Rwksdoeb.PIF
|
|
|
|
C:\Users\Public\Libraries\Rwksdoeb.PIF
|
"C:\Users\Public\Libraries\Rwksdoeb.PIF"
|
|
|
|
C:\Users\Public\Libraries\Rwksdoeb.PIF
|
"C:\Users\Public\Libraries\Rwksdoeb.PIF"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://geoplugin.net/json.gp
|
unknown
|
|
|
|
http://geoplugin.net/json.gp/C
|
unknown
|
|
|
|
127.0.0.1
|
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0
|
unknown
|
||
|
https://%ws/%ws_%ws_%ws/service.svc/%wsADPolicyProviderSCEP
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/authorize
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/token
|
unknown
|
||
|
https://2007.filemail.com:443/api/file/get?filekey=s0KQZZ20oEdeVIFeHLcUr1cebhH4324o6l6m_6VdXu7F9BC40
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/authorizeJoinStatusStorage::SetDefaultDiscoveryMetadatah
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://2007.filemail.com/
|
unknown
|
||
|
https://2007.filemail.com/api/file/get?filekey=s0KQZZ20oEdeVIFeHLcUr1cebhH4324o6l6m_6VdXu7F9BC40m659
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/DeviceEnrollmentWebService.svc
|
unknown
|
||
|
https://2007.filemail.com/api/fi
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
http://www.pmail.com
|
unknown
|
||
|
https://%ws/%ws_%ws_%ws/service.svc/%ws
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/device/
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/key/
|
unknown
|
||
|
https://2007.filemail.com/api/file/get?filekey=s0KQZZ20oEdeVIFeHLcUr1cebhH4324o6l6m_6VdXu7F9BC40m659-sZAcG9IQRhtA&pk_vid=4c552cad835b0021171374114500ca33
|
50.7.84.74
|
||
|
http://ocsp.sectigo.com0C
|
unknown
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
officerem.duckdns.org
|
23.95.235.29
|
|
|
|
ip.2007.filemail.com
|
50.7.84.74
|
||
|
2007.filemail.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.95.235.29
|
officerem.duckdns.org
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
50.7.84.74
|
ip.2007.filemail.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Rwksdoeb
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.1!7
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.2!7
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.3!7
|
Name
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-I8N3XG
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-I8N3XG
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-I8N3XG
|
time
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
708000
|
heap
|
page read and write
|
|
|
|
14550000
|
direct allocation
|
page execute and read and write
|
|
|
|
2871000
|
direct allocation
|
page execute read
|
|
|
|
22F5000
|
direct allocation
|
page read and write
|
|
|
|
28F1000
|
direct allocation
|
page execute read
|
|
|
|
7FBF0000
|
direct allocation
|
page read and write
|
|
|
|
1517F000
|
stack
|
page read and write
|
|
|
|
2881000
|
direct allocation
|
page execute read
|
|
|
|
711000
|
heap
|
page read and write
|
|
|
|
674000
|
heap
|
page read and write
|
|
|
|
7E810000
|
direct allocation
|
page read and write
|
|
|
|
6C2000
|
heap
|
page read and write
|
|
|
|
F98F51C000
|
stack
|
page read and write
|
||
|
7E7E0000
|
direct allocation
|
page read and write
|
||
|
570000
|
unkown
|
page read and write
|
||
|
7FF7C25B0000
|
unkown
|
page readonly
|
||
|
7FF7C25B0000
|
unkown
|
page readonly
|
||
|
97000
|
stack
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
7FF7C272A000
|
unkown
|
page write copy
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
2091352B000
|
heap
|
page read and write
|
||
|
20913508000
|
heap
|
page read and write
|
||
|
7FF75D28F000
|
unkown
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
25FE000
|
stack
|
page read and write
|
||
|
13C18000
|
direct allocation
|
page read and write
|
||
|
7EFE0000
|
direct allocation
|
page read and write
|
||
|
13C5A000
|
direct allocation
|
page read and write
|
||
|
2091352B000
|
heap
|
page read and write
|
||
|
7FF75D28F000
|
unkown
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
7E8A0000
|
direct allocation
|
page read and write
|
||
|
20913340000
|
heap
|
page read and write
|
||
|
24DD00E5000
|
heap
|
page read and write
|
||
|
149BE000
|
stack
|
page read and write
|
||
|
7F110000
|
direct allocation
|
page read and write
|
||
|
13CD1000
|
direct allocation
|
page read and write
|
||
|
2843ACF0000
|
heap
|
page read and write
|
||
|
7EEEF000
|
direct allocation
|
page read and write
|
||
|
1413F000
|
stack
|
page read and write
|
||
|
7FF75D285000
|
unkown
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
7FCB0000
|
direct allocation
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
14B0E000
|
stack
|
page read and write
|
||
|
2924147B000
|
heap
|
page read and write
|
||
|
13DDA000
|
stack
|
page read and write
|
||
|
7FF75D294000
|
unkown
|
page read and write
|
||
|
2533000
|
heap
|
page read and write
|
||
|
7E870000
|
direct allocation
|
page read and write
|
||
|
11A7D410000
|
heap
|
page read and write
|
||
|
7FF75D28F000
|
unkown
|
page read and write
|
||
|
14A39000
|
heap
|
page read and write
|
||
|
20913507000
|
heap
|
page read and write
|
||
|
AC603FF000
|
stack
|
page read and write
|
||
|
142CF000
|
stack
|
page read and write
|
||
|
A7F000
|
stack
|
page read and write
|
||
|
561658C000
|
stack
|
page read and write
|
||
|
142BF000
|
stack
|
page read and write
|
||
|
AC604FF000
|
stack
|
page read and write
|
||
|
153F0000
|
direct allocation
|
page execute and read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
628000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
142BF000
|
stack
|
page read and write
|
||
|
7FC40000
|
direct allocation
|
page read and write
|
||
|
13B69000
|
direct allocation
|
page read and write
|
||
|
7FF75D29C000
|
unkown
|
page write copy
|
||
|
7E930000
|
direct allocation
|
page read and write
|
||
|
7FF75D29C000
|
unkown
|
page write copy
|
||
|
253B3138000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
7FF75D28F000
|
unkown
|
page read and write
|
||
|
253C000
|
stack
|
page read and write
|
||
|
13D6A000
|
stack
|
page read and write
|
||
|
7FF75D29D000
|
unkown
|
page readonly
|
||
|
24DD0163000
|
heap
|
page read and write
|
||
|
7F0B0000
|
direct allocation
|
page read and write
|
||
|
7EEF0000
|
direct allocation
|
page read and write
|
||
|
2B877710000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
2091350C000
|
heap
|
page read and write
|
||
|
DBBD9FF000
|
stack
|
page read and write
|
||
|
7EE70000
|
direct allocation
|
page read and write
|
||
|
209134FA000
|
heap
|
page read and write
|
||
|
6DA000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
23C8000
|
direct allocation
|
page read and write
|
||
|
7FC10000
|
direct allocation
|
page read and write
|
||
|
7F130000
|
direct allocation
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
705000
|
heap
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
11A7D430000
|
heap
|
page read and write
|
||
|
43E000
|
stack
|
page read and write
|
||
|
2329000
|
direct allocation
|
page read and write
|
||
|
13EFE000
|
stack
|
page read and write
|
||
|
2326AA00000
|
heap
|
page read and write
|
||
|
7FF7C2748000
|
unkown
|
page readonly
|
||
|
2751000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
29241446000
|
heap
|
page read and write
|
||
|
7EDA0000
|
direct allocation
|
page read and write
|
||
|
253B3157000
|
heap
|
page read and write
|
||
|
146DF000
|
stack
|
page read and write
|
||
|
13CD8000
|
direct allocation
|
page read and write
|
||
|
29242F13000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
14775000
|
heap
|
page read and write
|
||
|
136D4FF000
|
stack
|
page read and write
|
||
|
15230000
|
heap
|
page read and write
|
||
|
2759000
|
heap
|
page read and write
|
||
|
2680000
|
heap
|
page read and write
|
||
|
7FF7C2734000
|
unkown
|
page write copy
|
||
|
236C000
|
direct allocation
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
7FF7C26CE000
|
unkown
|
page readonly
|
||
|
7FF75D29C000
|
unkown
|
page write copy
|
||
|
2091352B000
|
heap
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
7FF7C273D000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
136D5FF000
|
stack
|
page read and write
|
||
|
2326AC40000
|
heap
|
page read and write
|
||
|
4480000
|
trusted library allocation
|
page read and write
|
||
|
2B8773A7000
|
heap
|
page read and write
|
||
|
1430E000
|
stack
|
page read and write
|
||
|
2371000
|
direct allocation
|
page read and write
|
||
|
11A7D2B0000
|
heap
|
page read and write
|
||
|
253B2F60000
|
heap
|
page read and write
|
||
|
7FF7C2748000
|
unkown
|
page readonly
|
||
|
24DD0166000
|
heap
|
page read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
2368000
|
direct allocation
|
page read and write
|
||
|
2924145C000
|
heap
|
page read and write
|
||
|
11A7D3B0000
|
heap
|
page read and write
|
||
|
153F4000
|
direct allocation
|
page execute and read and write
|
||
|
7EFAF000
|
direct allocation
|
page read and write
|
||
|
1850A1A0000
|
heap
|
page read and write
|
||
|
7EFDF000
|
direct allocation
|
page read and write
|
||
|
7FF75D27D000
|
unkown
|
page read and write
|
||
|
13C43000
|
direct allocation
|
page read and write
|
||
|
253B3060000
|
heap
|
page read and write
|
||
|
20913528000
|
heap
|
page read and write
|
||
|
D53F6FF000
|
stack
|
page read and write
|
||
|
2380000
|
direct allocation
|
page read and write
|
||
|
2326AC45000
|
heap
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
259E000
|
stack
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
2747000
|
heap
|
page read and write
|
||
|
2379000
|
direct allocation
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
253B3110000
|
heap
|
page read and write
|
||
|
7FF7C273D000
|
unkown
|
page readonly
|
||
|
2530000
|
heap
|
page read and write
|
||
|
18509F60000
|
heap
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
7FF75D289000
|
unkown
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
7EDB0000
|
direct allocation
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
2091352B000
|
heap
|
page read and write
|
||
|
14A40000
|
heap
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
14B4C000
|
stack
|
page read and write
|
||
|
29241477000
|
heap
|
page read and write
|
||
|
13CA6000
|
direct allocation
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
7F10F000
|
direct allocation
|
page read and write
|
||
|
253B313D000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
141BE000
|
stack
|
page read and write
|
||
|
63C5A7E000
|
stack
|
page read and write
|
||
|
DBBD8FB000
|
stack
|
page read and write
|
||
|
2924179C000
|
heap
|
page read and write
|
||
|
14A000
|
stack
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
27AD000
|
stack
|
page read and write
|
||
|
230F000
|
direct allocation
|
page read and write
|
||
|
29241457000
|
heap
|
page read and write
|
||
|
7FB10000
|
direct allocation
|
page read and write
|
||
|
1415F000
|
stack
|
page read and write
|
||
|
2E8F000
|
unkown
|
page read and write
|
||
|
7F0B0000
|
direct allocation
|
page read and write
|
||
|
7EB20000
|
direct allocation
|
page read and write
|
||
|
2354000
|
direct allocation
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
1543B000
|
direct allocation
|
page execute and read and write
|
||
|
2326A9B0000
|
heap
|
page read and write
|
||
|
209134F6000
|
heap
|
page read and write
|
||
|
7E810000
|
direct allocation
|
page read and write
|
||
|
2091352B000
|
heap
|
page read and write
|
||
|
7FB80000
|
direct allocation
|
page read and write
|
||
|
20914F80000
|
heap
|
page read and write
|
||
|
BA03C7E000
|
stack
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
25A3000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
13C44000
|
direct allocation
|
page read and write
|
||
|
2764000
|
heap
|
page read and write
|
||
|
7FF75D27D000
|
unkown
|
page read and write
|
||
|
2CCC000
|
heap
|
page read and write
|
||
|
7FF7C26CE000
|
unkown
|
page readonly
|
||
|
28BC000
|
direct allocation
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
7FF7C2746000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
7F10F000
|
direct allocation
|
page read and write
|
||
|
24DD00F0000
|
heap
|
page read and write
|
||
|
236A000
|
direct allocation
|
page read and write
|
||
|
7FF75D289000
|
unkown
|
page read and write
|
||
|
29241472000
|
heap
|
page read and write
|
||
|
1850A080000
|
heap
|
page read and write
|
||
|
7EAE0000
|
direct allocation
|
page read and write
|
||
|
13C4A000
|
direct allocation
|
page read and write
|
||
|
153FB000
|
direct allocation
|
page execute and read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
7EFE0000
|
direct allocation
|
page read and write
|
||
|
153D1000
|
direct allocation
|
page execute and read and write
|
||
|
15437000
|
direct allocation
|
page execute and read and write
|
||
|
7FF7C272A000
|
unkown
|
page write copy
|
||
|
2388000
|
direct allocation
|
page read and write
|
||
|
149C1000
|
heap
|
page read and write
|
||
|
239D000
|
direct allocation
|
page read and write
|
||
|
2924147B000
|
heap
|
page read and write
|
||
|
2326A9A0000
|
heap
|
page read and write
|
||
|
28E0000
|
direct allocation
|
page read and write
|
||
|
7FB70000
|
direct allocation
|
page read and write
|
||
|
13C58000
|
direct allocation
|
page read and write
|
||
|
2924143E000
|
heap
|
page read and write
|
||
|
7E5B0000
|
direct allocation
|
page read and write
|
||
|
64B000
|
heap
|
page read and write
|
||
|
7FF7C25B1000
|
unkown
|
page execute read
|
||
|
1430E000
|
stack
|
page read and write
|
||
|
2843ADD0000
|
heap
|
page read and write
|
||
|
2B8773A4000
|
heap
|
page read and write
|
||
|
7FF7C26CE000
|
unkown
|
page readonly
|
||
|
2759000
|
heap
|
page read and write
|
||
|
7FF75D29D000
|
unkown
|
page readonly
|
||
|
7FF75D27D000
|
unkown
|
page write copy
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
460000
|
heap
|
page read and write
|
||
|
D53F39C000
|
stack
|
page read and write
|
||
|
AC602FC000
|
stack
|
page read and write
|
||
|
2843AE49000
|
heap
|
page read and write
|
||
|
13C61000
|
direct allocation
|
page read and write
|
||
|
1477A000
|
heap
|
page read and write
|
||
|
209153D0000
|
trusted library allocation
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
7FF75D27D000
|
unkown
|
page write copy
|
||
|
C10000
|
direct allocation
|
page execute and read and write
|
||
|
1440E000
|
stack
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
13CC3000
|
direct allocation
|
page read and write
|
||
|
1440E000
|
stack
|
page read and write
|
||
|
2D24F000
|
stack
|
page read and write
|
||
|
28AC000
|
direct allocation
|
page read and write
|
||
|
63C5AFF000
|
stack
|
page read and write
|
||
|
2843AF80000
|
heap
|
page read and write
|
||
|
24DD00C0000
|
heap
|
page read and write
|
||
|
2B877715000
|
heap
|
page read and write
|
||
|
29241430000
|
heap
|
page read and write
|
||
|
13DBE000
|
stack
|
page read and write
|
||
|
209134C0000
|
heap
|
page read and write
|
||
|
7FF7C272A000
|
unkown
|
page write copy
|
||
|
14590000
|
remote allocation
|
page read and write
|
||
|
2924144A000
|
heap
|
page read and write
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
14A41000
|
heap
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
253B3040000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
65A000
|
heap
|
page read and write
|
||
|
13C19000
|
direct allocation
|
page read and write
|
||
|
7E888000
|
direct allocation
|
page read and write
|
||
|
14AC0000
|
heap
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
7FF75D281000
|
unkown
|
page read and write
|
||
|
2363000
|
direct allocation
|
page read and write
|
||
|
7FF75D29D000
|
unkown
|
page readonly
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
11A7D530000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
29241478000
|
heap
|
page read and write
|
||
|
2326CA20000
|
heap
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
13CCA000
|
direct allocation
|
page read and write
|
||
|
BA03D7E000
|
stack
|
page read and write
|
||
|
13EDF000
|
stack
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
2D34F000
|
stack
|
page read and write
|
||
|
2843AE40000
|
heap
|
page read and write
|
||
|
2C3E000
|
unkown
|
page read and write
|
||
|
13C21000
|
direct allocation
|
page read and write
|
||
|
7FF7C25B1000
|
unkown
|
page execute read
|
||
|
13EBF000
|
stack
|
page read and write
|
||
|
F98F59E000
|
stack
|
page read and write
|
||
|
7FF75D281000
|
unkown
|
page read and write
|
||
|
13CAD000
|
direct allocation
|
page read and write
|
||
|
11A7D390000
|
heap
|
page read and write
|
||
|
1850A060000
|
heap
|
page read and write
|
||
|
209134FA000
|
heap
|
page read and write
|
||
|
7FF75D29D000
|
unkown
|
page readonly
|
||
|
1C5000
|
heap
|
page read and write
|
||
|
7EF10000
|
direct allocation
|
page read and write
|
||
|
14590000
|
remote allocation
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
2433000
|
heap
|
page read and write
|
||
|
18509E50000
|
heap
|
page read and write
|
||
|
BA039FC000
|
stack
|
page read and write
|
||
|
11A7D43B000
|
heap
|
page read and write
|
||
|
1454F000
|
stack
|
page read and write
|
||
|
7FF75D27D000
|
unkown
|
page write copy
|
||
|
23AC000
|
direct allocation
|
page read and write
|
||
|
14C16000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
224F000
|
stack
|
page read and write
|
||
|
7FF7C25B0000
|
unkown
|
page readonly
|
||
|
2326AA08000
|
heap
|
page read and write
|
||
|
2326CE94000
|
heap
|
page read and write
|
||
|
63C570E000
|
stack
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
7FF75D29C000
|
unkown
|
page write copy
|
||
|
13F1E000
|
stack
|
page read and write
|
||
|
11A7D452000
|
heap
|
page read and write
|
||
|
DBBD97F000
|
stack
|
page read and write
|
||
|
2378000
|
direct allocation
|
page read and write
|
||
|
2091350C000
|
heap
|
page read and write
|
||
|
274E000
|
heap
|
page read and write
|
||
|
18509E5A000
|
heap
|
page read and write
|
||
|
2843AE00000
|
heap
|
page read and write
|
||
|
18509E73000
|
heap
|
page read and write
|
||
|
20915BD0000
|
heap
|
page read and write
|
||
|
24DD0140000
|
heap
|
page read and write
|
||
|
2747000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
7FF75D29C000
|
unkown
|
page write copy
|
||
|
56E000
|
unkown
|
page read and write
|
||
|
242C000
|
stack
|
page read and write
|
||
|
29243B60000
|
heap
|
page read and write
|
||
|
56168FF000
|
stack
|
page read and write
|
||
|
97F000
|
stack
|
page read and write
|
||
|
7FF75D281000
|
unkown
|
page read and write
|
||
|
20913420000
|
heap
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
145C4000
|
direct allocation
|
page execute and read and write
|
||
|
22B5000
|
direct allocation
|
page read and write
|
||
|
7E6C0000
|
direct allocation
|
page read and write
|
||
|
F91AFF000
|
stack
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
7FF7C2738000
|
unkown
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
7FF75D27D000
|
unkown
|
page read and write
|
||
|
141CE000
|
stack
|
page read and write
|
||
|
2CBC000
|
heap
|
page read and write
|
||
|
149C9000
|
heap
|
page read and write
|
||
|
7FF7C25B1000
|
unkown
|
page execute read
|
||
|
13C34000
|
direct allocation
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
7EB40000
|
direct allocation
|
page read and write
|
||
|
24DD014B000
|
heap
|
page read and write
|
||
|
7FF7C2748000
|
unkown
|
page readonly
|
||
|
251C000
|
stack
|
page read and write
|
||
|
2326C8A0000
|
heap
|
page read and write
|
||
|
7F250000
|
direct allocation
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
14A00000
|
heap
|
page read and write
|
||
|
1401F000
|
stack
|
page read and write
|
||
|
7FF75D27D000
|
unkown
|
page read and write
|
||
|
7FF7C2733000
|
unkown
|
page read and write
|
||
|
209137C5000
|
heap
|
page read and write
|
||
|
28D0000
|
direct allocation
|
page read and write
|
||
|
13C26000
|
direct allocation
|
page read and write
|
||
|
7FC10000
|
direct allocation
|
page read and write
|
||
|
2924147B000
|
heap
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
7EA50000
|
direct allocation
|
page read and write
|
||
|
14BCE000
|
stack
|
page read and write
|
||
|
7F15F000
|
direct allocation
|
page read and write
|
||
|
7FD30000
|
direct allocation
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
149DD000
|
heap
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
7EAD2000
|
direct allocation
|
page read and write
|
||
|
145DE000
|
stack
|
page read and write
|
||
|
149CE000
|
heap
|
page read and write
|
||
|
209134E0000
|
heap
|
page read and write
|
||
|
13B83000
|
direct allocation
|
page read and write
|
||
|
2326A9E0000
|
heap
|
page read and write
|
||
|
7FF7C2745000
|
unkown
|
page write copy
|
||
|
2330000
|
direct allocation
|
page read and write
|
||
|
15439000
|
direct allocation
|
page execute and read and write
|
||
|
2372000
|
direct allocation
|
page read and write
|
||
|
13D5A000
|
stack
|
page read and write
|
||
|
2843CFD3000
|
heap
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
29241473000
|
heap
|
page read and write
|
||
|
7E4E0000
|
direct allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7E99F000
|
direct allocation
|
page read and write
|
||
|
2326CA3A000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
1405E000
|
stack
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
289B000
|
direct allocation
|
page read and write
|
||
|
459000
|
unkown
|
page write copy
|
||
|
572000
|
unkown
|
page write copy
|
||
|
29241400000
|
heap
|
page read and write
|
||
|
231F000
|
direct allocation
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
7EE80000
|
direct allocation
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
7FF7C273D000
|
unkown
|
page readonly
|
||
|
13CB4000
|
direct allocation
|
page read and write
|
||
|
7FB70000
|
direct allocation
|
page read and write
|
||
|
7E90F000
|
direct allocation
|
page read and write
|
||
|
1444E000
|
stack
|
page read and write
|
||
|
1850A1A5000
|
heap
|
page read and write
|
||
|
13BE3000
|
direct allocation
|
page read and write
|
||
|
7E8C0000
|
direct allocation
|
page read and write
|
||
|
7EB40000
|
direct allocation
|
page read and write
|
||
|
7FB5F000
|
direct allocation
|
page read and write
|
||
|
7E680000
|
direct allocation
|
page read and write
|
||
|
7FF75D28F000
|
unkown
|
page read and write
|
||
|
23BA000
|
direct allocation
|
page read and write
|
||
|
136D13C000
|
stack
|
page read and write
|
||
|
2B87738B000
|
heap
|
page read and write
|
||
|
7FDA7000
|
direct allocation
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
661000
|
heap
|
page read and write
|
||
|
23C1000
|
direct allocation
|
page read and write
|
||
|
2091352B000
|
heap
|
page read and write
|
||
|
148BE000
|
stack
|
page read and write
|
||
|
56E000
|
unkown
|
page read and write
|
||
|
13C68000
|
direct allocation
|
page read and write
|
||
|
7FF7C272A000
|
unkown
|
page write copy
|
||
|
14D17000
|
direct allocation
|
page read and write
|
||
|
149C5000
|
heap
|
page read and write
|
||
|
7FF75D294000
|
unkown
|
page read and write
|
||
|
2759000
|
heap
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
28F0000
|
direct allocation
|
page readonly
|
||
|
63E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
577000
|
unkown
|
page readonly
|
||
|
1454F000
|
stack
|
page read and write
|
||
|
2B877380000
|
heap
|
page read and write
|
||
|
7FF75D29D000
|
unkown
|
page readonly
|
||
|
2339000
|
direct allocation
|
page read and write
|
||
|
D53F7FF000
|
stack
|
page read and write
|
||
|
2C9C000
|
heap
|
page read and write
|
||
|
145C8000
|
direct allocation
|
page execute and read and write
|
||
|
65F000
|
heap
|
page read and write
|
||
|
7F17F000
|
direct allocation
|
page read and write
|
||
|
29241477000
|
heap
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
234D000
|
direct allocation
|
page read and write
|
||
|
13C4C000
|
direct allocation
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
15441000
|
direct allocation
|
page execute and read and write
|
||
|
7FF7C2746000
|
unkown
|
page readonly
|
||
|
24DD0240000
|
heap
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
7E750000
|
direct allocation
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
292413E0000
|
heap
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
2763000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
29241477000
|
heap
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
23B3000
|
direct allocation
|
page read and write
|
||
|
2924145C000
|
heap
|
page read and write
|
||
|
2380000
|
direct allocation
|
page execute and read and write
|
||
|
237A000
|
direct allocation
|
page read and write
|
||
|
209134F6000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
2B877320000
|
heap
|
page read and write
|
||
|
20914F83000
|
heap
|
page read and write
|
||
|
24DCFFE0000
|
heap
|
page read and write
|
||
|
2B877550000
|
heap
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
DBBDC7E000
|
stack
|
page read and write
|
||
|
1403E000
|
stack
|
page read and write
|
||
|
2843AFD0000
|
heap
|
page read and write
|
||
|
11A7D415000
|
heap
|
page read and write
|
||
|
13C51000
|
direct allocation
|
page read and write
|
||
|
11A7D457000
|
heap
|
page read and write
|
||
|
253B3130000
|
heap
|
page read and write
|
||
|
7E918000
|
direct allocation
|
page read and write
|
||
|
F919FF000
|
stack
|
page read and write
|
||
|
7F0C0000
|
direct allocation
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
7FF75D281000
|
unkown
|
page read and write
|
||
|
7EF50000
|
direct allocation
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
7EB40000
|
direct allocation
|
page read and write
|
||
|
1508C000
|
heap
|
page read and write
|
||
|
22A5000
|
direct allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
13C0A000
|
direct allocation
|
page read and write
|
||
|
15444000
|
direct allocation
|
page execute and read and write
|
||
|
7F970000
|
direct allocation
|
page read and write
|
||
|
7FF75D27D000
|
unkown
|
page write copy
|
||
|
2322000
|
direct allocation
|
page read and write
|
||
|
209137C0000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
2318000
|
direct allocation
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
2091352D000
|
heap
|
page read and write
|
||
|
7FF7C2748000
|
unkown
|
page readonly
|
||
|
2843CC9D000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
29243360000
|
trusted library allocation
|
page read and write
|
||
|
7FF75D241000
|
unkown
|
page execute read
|
||
|
7FF7C2734000
|
unkown
|
page write copy
|
||
|
7FF75D27D000
|
unkown
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
7FC3F000
|
direct allocation
|
page read and write
|
||
|
209134FA000
|
heap
|
page read and write
|
||
|
13C03000
|
direct allocation
|
page read and write
|
||
|
7FF7C273D000
|
unkown
|
page readonly
|
||
|
56E000
|
unkown
|
page read and write
|
||
|
7F970000
|
direct allocation
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
7F0B0000
|
direct allocation
|
page read and write
|
||
|
253B3230000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page read and write
|
||
|
7FC00000
|
direct allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
8EF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
7FC00000
|
direct allocation
|
page read and write
|
||
|
14C86000
|
heap
|
page read and write
|
||
|
26EB000
|
heap
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
13C53000
|
direct allocation
|
page read and write
|
||
|
14AB1000
|
heap
|
page read and write
|
||
|
2D44F000
|
stack
|
page read and write
|
||
|
145C4000
|
direct allocation
|
page execute and read and write
|
||
|
28AB000
|
direct allocation
|
page read and write
|
||
|
149C0000
|
heap
|
page read and write
|
||
|
F918FB000
|
stack
|
page read and write
|
||
|
13C28000
|
direct allocation
|
page read and write
|
||
|
BA03CFE000
|
stack
|
page read and write
|
||
|
29242EF0000
|
heap
|
page read and write
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
145C1000
|
direct allocation
|
page execute and read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
14766000
|
heap
|
page read and write
|
||
|
253B3115000
|
heap
|
page read and write
|
||
|
209134E8000
|
heap
|
page read and write
|
||
|
13C3D000
|
direct allocation
|
page read and write
|
||
|
7EA2F000
|
direct allocation
|
page read and write
|
||
|
1430E000
|
stack
|
page read and write
|
||
|
1440E000
|
stack
|
page read and write
|
||
|
26E7000
|
heap
|
page read and write
|
||
|
235C000
|
direct allocation
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
292413D0000
|
heap
|
page read and write
|
||
|
209134F3000
|
heap
|
page read and write
|
||
|
2364000
|
direct allocation
|
page read and write
|
||
|
29241438000
|
heap
|
page read and write
|
||
|
2B877300000
|
heap
|
page read and write
|
||
|
253B3154000
|
heap
|
page read and write
|
||
|
F98F87E000
|
stack
|
page read and write
|
||
|
1850A040000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
7FF7C2745000
|
unkown
|
page write copy
|
||
|
990000
|
direct allocation
|
page execute and read and write
|
||
|
7FF7C25B0000
|
unkown
|
page readonly
|
||
|
2AFD000
|
stack
|
page read and write
|
||
|
29242F10000
|
heap
|
page read and write
|
||
|
7FF7C2733000
|
unkown
|
page read and write
|
||
|
23A4000
|
direct allocation
|
page read and write
|
||
|
7F970000
|
direct allocation
|
page read and write
|
||
|
29241446000
|
heap
|
page read and write
|
||
|
7FF75D299000
|
unkown
|
page readonly
|
||
|
2843CC80000
|
heap
|
page read and write
|
||
|
7E9C0000
|
direct allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
2738000
|
heap
|
page read and write
|
||
|
7FF7C26CE000
|
unkown
|
page readonly
|
||
|
2373000
|
direct allocation
|
page read and write
|
||
|
7FF7C2738000
|
unkown
|
page read and write
|
||
|
2340000
|
direct allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
153FF000
|
direct allocation
|
page execute and read and write
|
||
|
13B30000
|
direct allocation
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
29241790000
|
heap
|
page read and write
|
||
|
2332000
|
direct allocation
|
page read and write
|
||
|
18509E77000
|
heap
|
page read and write
|
||
|
7FF75D240000
|
unkown
|
page readonly
|
||
|
13FFF000
|
stack
|
page read and write
|
||
|
57E000
|
unkown
|
page readonly
|
||
|
2843AFD5000
|
heap
|
page read and write
|
||
|
63C578D000
|
stack
|
page read and write
|
||
|
24DD00E0000
|
heap
|
page read and write
|
||
|
2924144A000
|
heap
|
page read and write
|
||
|
2328000
|
direct allocation
|
page read and write
|
||
|
291B000
|
direct allocation
|
page read and write
|
||
|
20913440000
|
heap
|
page read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
7FF75D27D000
|
unkown
|
page write copy
|
||
|
7FF75D281000
|
unkown
|
page read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
2684000
|
heap
|
page read and write
|
||
|
14E4F000
|
heap
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
570000
|
unkown
|
page read and write
|
||
|
7ECD0000
|
direct allocation
|
page read and write
|
||
|
63C568B000
|
stack
|
page read and write
|
||
|
14590000
|
remote allocation
|
page read and write
|
||
|
7E900000
|
direct allocation
|
page read and write
|
||
|
2924144A000
|
heap
|
page read and write
|
||
|
7F10F000
|
direct allocation
|
page read and write
|
||
|
63A000
|
heap
|
page read and write
|
||
|
235D000
|
direct allocation
|
page read and write
|
||
|
2B8772F0000
|
heap
|
page read and write
|
||
|
7FF75D272000
|
unkown
|
page readonly
|
||
|
14B8C000
|
stack
|
page read and write
|
||
|
7FF7C25B1000
|
unkown
|
page execute read
|
||
|
149C1000
|
heap
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
141BE000
|
stack
|
page read and write
|
||
|
2381000
|
direct allocation
|
page read and write
|
||
|
7F180000
|
direct allocation
|
page read and write
|
||
|
13C2D000
|
direct allocation
|
page read and write
|
||
|
13C36000
|
direct allocation
|
page read and write
|
||
|
29241795000
|
heap
|
page read and write
|
||
|
56169FF000
|
stack
|
page read and write
|
||
|
209137CC000
|
heap
|
page read and write
|
||
|
1444E000
|
stack
|
page read and write
|
There are 648 hidden memdumps, click here to show them.