Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BM-FM_NR.24040718PDF.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\02507G0
|
SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 7, database pages 59, cookie
0x52, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nspCEF8.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\skebladenes\Filantroper.ove
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\skebladenes\Skoleophold\Hjrners133.txt
|
ASCII text, with very long lines (346), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\skebladenes\Skoleophold\Paleoatavistic.Rok179
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\skebladenes\Skoleophold\princelings.bar
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\skebladenes\Trophaeum.Uno
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\BM-FM_NR.24040718PDF.exe
|
"C:\Users\user\Desktop\BM-FM_NR.24040718PDF.exe"
|
|
|
|
C:\Users\user\Desktop\BM-FM_NR.24040718PDF.exe
|
"C:\Users\user\Desktop\BM-FM_NR.24040718PDF.exe"
|
|
|
|
C:\Program Files (x86)\UEoBkmdrdVTeIzMRbVVhquLLMYSPODYnRngAjVnDHe\asoFfnDVnWYESbbZcbazpTYkAQVO.exe
|
"C:\Program Files (x86)\UEoBkmdrdVTeIzMRbVVhquLLMYSPODYnRngAjVnDHe\asoFfnDVnWYESbbZcbazpTYkAQVO.exe"
|
|
|
|
C:\Windows\SysWOW64\write.exe
|
"C:\Windows\SysWOW64\write.exe"
|
|
|
|
C:\Program Files (x86)\UEoBkmdrdVTeIzMRbVVhquLLMYSPODYnRngAjVnDHe\asoFfnDVnWYESbbZcbazpTYkAQVO.exe
|
"C:\Program Files (x86)\UEoBkmdrdVTeIzMRbVVhquLLMYSPODYnRngAjVnDHe\asoFfnDVnWYESbbZcbazpTYkAQVO.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.nurenose.com/8cgp/
|
91.195.240.19
|
||
|
http://www.387mfyr.sbs/8cgp/?Xh9lX=27hjRPCyRlHKx+9Yvp9X/66HqVrlT4yXNX1Fx10RnhcFdFyjtbgqtspXt/m7h19M1tNaQu/ADV6ErOuMACLC0xl2a7R1sTqGKQn1UwmaLCfsUIitr9DM5TM=&ad64=U4M8cbh8kd
|
137.220.252.40
|
||
|
http://www.ogunlewefamily.org.ng/8cgp/
|
67.225.140.26
|
||
|
http://www.whjzff.com/8cgp/
|
173.232.100.113
|
||
|
http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
|
unknown
|
||
|
https://absorbante-calitate.ro/calitateX/lUMnxNJflRDqoVSbz65.bin
|
37.251.143.215
|
||
|
http://www.concretedailypress.net/8cgp/
|
91.195.240.19
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.noispisok.com/8cgp/
|
84.32.84.32
|
||
|
http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
|
unknown
|
||
|
http://www.gopher.ftp://ftp.
|
unknown
|
||
|
https://absorbante-calitate.ro/0H
|
unknown
|
||
|
http://www.kansaiwoody.com/8cgp/
|
118.27.122.214
|
||
|
http://www.concretedailypress.net/8cgp/?Xh9lX=fnwN1v/cGsL5Viy/xGPo7bu3BFyPSCGRcDxJWuOrmZaTk6+QfBJJ6K85NdT8x6wg+kdjGkUCY343uxqa5Yt4yEVQtg3mZjTzeLq2Z0Ov3khzfcaVVj80n48=&ad64=U4M8cbh8kd
|
91.195.240.19
|
||
|
https://absorbante-calitate.ro/calitateX/lUMnxNJflRDqoVSbz65.binCredscroabsorbante-calitate.ro/calit
|
unknown
|
||
|
http://www.kader42.top/8cgp/
|
108.186.8.155
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
||
|
https://absorbante-calitate.ro/
|
unknown
|
||
|
http://www.quovadis.bm0
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
||
|
http://www.a-two-spa-salon.com/8cgp/
|
157.7.107.63
|
||
|
http://www.techfun.info/8cgp/
|
203.161.49.193
|
||
|
http://www.lm2ue.us/8cgp/
|
91.195.240.123
|
||
|
http://www.387mfyr.sbs/8cgp/
|
137.220.252.40
|
||
|
http://www.donantedeovulos.space/8cgp/
|
64.190.62.22
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.nurenose.com
|
unknown
|
|
|
|
www.weave.game
|
unknown
|
|
|
|
www.lfsig.autos
|
unknown
|
|
|
|
www.berryandbird.co.uk
|
unknown
|
|
|
|
www.fashionagencylab.com
|
unknown
|
|
|
|
www.mxgovonline.com
|
unknown
|
|
|
|
www.concretedailypress.net
|
unknown
|
|
|
|
www.muslimsmat.com
|
unknown
|
|
|
|
www.ogunlewefamily.org.ng
|
unknown
|
|
|
|
www.badai77resmi.net
|
unknown
|
|
|
|
www.noispisok.com
|
unknown
|
|
|
|
noispisok.com
|
84.32.84.32
|
||
|
www.a-two-spa-salon.com
|
157.7.107.63
|
||
|
parkingpage.namecheap.com
|
91.195.240.19
|
||
|
www.kader42.top
|
108.186.8.155
|
||
|
www.lm2ue.us
|
91.195.240.123
|
||
|
www.387mfyr.sbs
|
137.220.252.40
|
||
|
berryandbird.co.uk
|
76.223.105.230
|
||
|
www.arilyfarlico.ru
|
51.77.215.151
|
||
|
www.techfun.info
|
203.161.49.193
|
||
|
ogunlewefamily.org.ng
|
67.225.140.26
|
||
|
badai77resmi.net
|
159.100.14.108
|
||
|
www.donantedeovulos.space
|
64.190.62.22
|
||
|
absorbante-calitate.ro
|
37.251.143.215
|
||
|
www.kansaiwoody.com
|
118.27.122.214
|
||
|
www.whjzff.com
|
173.232.100.113
|
There are 16 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
157.7.107.63
|
www.a-two-spa-salon.com
|
Japan
|
||
|
67.225.140.26
|
ogunlewefamily.org.ng
|
United States
|
||
|
137.220.252.40
|
www.387mfyr.sbs
|
Singapore
|
||
|
51.77.215.151
|
www.arilyfarlico.ru
|
France
|
||
|
173.232.100.113
|
www.whjzff.com
|
United States
|
||
|
84.32.84.32
|
noispisok.com
|
Lithuania
|
||
|
64.190.62.22
|
www.donantedeovulos.space
|
United States
|
||
|
91.195.240.123
|
www.lm2ue.us
|
Germany
|
||
|
91.195.240.19
|
parkingpage.namecheap.com
|
Germany
|
||
|
37.251.143.215
|
absorbante-calitate.ro
|
Romania
|
||
|
203.161.49.193
|
www.techfun.info
|
Malaysia
|
||
|
108.186.8.155
|
www.kader42.top
|
United States
|
||
|
118.27.122.214
|
www.kansaiwoody.com
|
Japan
|
There are 3 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\dramaticle\Uninstall\euphemisation\klukkede
|
flottede
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\splidagtigst\Uninstall\ordain\bistades
|
stedede
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Cinematic
|
Calss
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Cinematic
|
Calss
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Cinematic
|
Calss
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Cinematic
|
Calss
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Cinematic
|
Calss
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Cinematic
|
Calss
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3120000
|
unkown
|
page execute and read and write
|
|
|
|
36E00000
|
unclassified section
|
page execute and read and write
|
|
|
|
2FC0000
|
system
|
page execute and read and write
|
|
|
|
690000
|
system
|
page execute and read and write
|
|
|
|
36790000
|
unclassified section
|
page execute and read and write
|
|
|
|
4FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
7965000
|
direct allocation
|
page execute and read and write
|
|
|
|
4FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
2420000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
32ED000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page read and write
|
||
|
2522000
|
unkown
|
page read and write
|
||
|
4F5E000
|
heap
|
page read and write
|
||
|
6969000
|
heap
|
page read and write
|
||
|
673E000
|
stack
|
page read and write
|
||
|
6921000
|
heap
|
page read and write
|
||
|
2784000
|
unkown
|
page read and write
|
||
|
365BE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8544000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
D90000
|
unkown
|
page readonly
|
||
|
6550000
|
unclassified section
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
202000
|
unkown
|
page read and write
|
||
|
4765000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
704000
|
system
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
3218000
|
heap
|
page read and write
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
42B000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
1E9D3208000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6D2A000
|
unclassified section
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
838000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
D90000
|
unkown
|
page readonly
|
||
|
3350000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
3DFC000
|
unkown
|
page read and write
|
||
|
32DE000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
1963FFE000
|
stack
|
page read and write
|
||
|
36510000
|
remote allocation
|
page read and write
|
||
|
6A06000
|
unclassified section
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
36880000
|
heap
|
page read and write
|
||
|
3647E000
|
stack
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
481000
|
unkown
|
page readonly
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
CB7000
|
unkown
|
page readonly
|
||
|
322C000
|
heap
|
page read and write
|
||
|
6968000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
364BE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3272000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
34EE000
|
stack
|
page read and write
|
||
|
6905000
|
heap
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
550000
|
heap
|
page read and write
|
||
|
4DAA000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2462000
|
unkown
|
page read and write
|
||
|
36510000
|
remote allocation
|
page read and write
|
||
|
1E9D321C000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2370000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
328C000
|
heap
|
page read and write
|
||
|
6905000
|
heap
|
page read and write
|
||
|
5180000
|
unclassified section
|
page readonly
|
||
|
57FC000
|
unclassified section
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6A30000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2A60000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
5D65000
|
remote allocation
|
page execute and read and write
|
||
|
6A50000
|
direct allocation
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
36A34000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6565000
|
direct allocation
|
page execute and read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
63BE000
|
unclassified section
|
page read and write
|
||
|
3236000
|
heap
|
page read and write
|
||
|
8600000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
2A50000
|
direct allocation
|
page read and write
|
||
|
137E000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
69E0000
|
direct allocation
|
page read and write
|
||
|
6A00000
|
direct allocation
|
page read and write
|
||
|
6EB000
|
system
|
page execute and read and write
|
||
|
820000
|
unkown
|
page read and write
|
||
|
A30000
|
unkown
|
page read and write
|
||
|
CA1000
|
unkown
|
page execute read
|
||
|
2A30000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
32B6000
|
heap
|
page read and write
|
||
|
19627FC000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
69DF000
|
stack
|
page read and write
|
||
|
68FA000
|
heap
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
713000
|
system
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
50AF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3C6A000
|
unkown
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
6ACE000
|
stack
|
page read and write
|
||
|
322B000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
510D000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
D5A000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
53C000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
36AB0000
|
direct allocation
|
page execute and read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
2480000
|
heap
|
page read and write
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
856E000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
5365000
|
remote allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3664C000
|
stack
|
page read and write
|
||
|
545C000
|
direct allocation
|
page execute and read and write
|
||
|
608000
|
heap
|
page read and write
|
||
|
363AF000
|
stack
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
857C000
|
heap
|
page read and write
|
||
|
855D000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
11528000
|
system
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2A80000
|
direct allocation
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8365000
|
direct allocation
|
page execute and read and write
|
||
|
5460000
|
direct allocation
|
page execute and read and write
|
||
|
4E3B000
|
heap
|
page read and write
|
||
|
36790000
|
direct allocation
|
page read and write
|
||
|
2E90000
|
unkown
|
page read and write
|
||
|
5B65000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2E80000
|
unkown
|
page readonly
|
||
|
CB7000
|
unkown
|
page readonly
|
||
|
4965000
|
remote allocation
|
page execute and read and write
|
||
|
22F5000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3A74000
|
unkown
|
page execute and read and write
|
||
|
1E9D14E0000
|
system
|
page execute and read and write
|
||
|
1E9D3200000
|
trusted library allocation
|
page read and write
|
||
|
2B65000
|
remote allocation
|
page execute and read and write
|
||
|
2518000
|
unkown
|
page read and write
|
||
|
2A90000
|
direct allocation
|
page read and write
|
||
|
3636E000
|
stack
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
67BE000
|
stack
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
6890000
|
direct allocation
|
page read and write
|
||
|
8586000
|
heap
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
1962FFD000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
6F4000
|
system
|
page execute and read and write
|
||
|
328C000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
651000
|
unkown
|
page readonly
|
||
|
8501000
|
heap
|
page read and write
|
||
|
C80000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
651000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
8C5E000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
22EE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
1E9D1662000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
19637FE000
|
stack
|
page read and write
|
||
|
686000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6B0F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8510000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
64C000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
81B0000
|
trusted library allocation
|
page read and write
|
||
|
846E000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8549000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
3110000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
CAE000
|
unkown
|
page readonly
|
||
|
CB5000
|
unkown
|
page read and write
|
||
|
66F0000
|
heap
|
page read and write
|
||
|
316C000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8500000
|
heap
|
page read and write
|
||
|
376E7000
|
unclassified section
|
page execute and read and write
|
||
|
851A000
|
heap
|
page read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1E9D3020000
|
trusted library allocation
|
page read and write
|
||
|
6B98000
|
unclassified section
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
DA0000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1E9D1656000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
677E000
|
stack
|
page read and write
|
||
|
622C000
|
unclassified section
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
6B20000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
2370000
|
unkown
|
page readonly
|
||
|
6921000
|
heap
|
page read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
2784000
|
unkown
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8566000
|
heap
|
page read and write
|
||
|
32CC000
|
heap
|
page read and write
|
||
|
23FF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
852F000
|
heap
|
page read and write
|
||
|
3282000
|
heap
|
page read and write
|
||
|
5190000
|
direct allocation
|
page execute and read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
50E000
|
stack
|
page read and write
|
||
|
4FE4000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
632000
|
heap
|
page read and write
|
||
|
2CB6000
|
unkown
|
page read and write
|
||
|
DE1000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
32BB000
|
heap
|
page read and write
|
||
|
636000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4660000
|
direct allocation
|
page execute and read and write
|
||
|
32B9000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
7372000
|
unclassified section
|
page read and write
|
||
|
11472000
|
system
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
66F5000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
327C000
|
heap
|
page read and write
|
||
|
5D76000
|
unclassified section
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2B24000
|
unkown
|
page read and write
|
||
|
837000
|
heap
|
page read and write
|
||
|
6A20000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1150000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
3272000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
55D8000
|
unclassified section
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6920000
|
heap
|
page read and write
|
||
|
36790000
|
direct allocation
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3565000
|
remote allocation
|
page execute and read and write
|
||
|
3267000
|
heap
|
page read and write
|
||
|
3285000
|
heap
|
page read and write
|
||
|
273C000
|
unkown
|
page read and write
|
||
|
1E9D1666000
|
heap
|
page read and write
|
||
|
7D0000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6905000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
68E7000
|
heap
|
page read and write
|
||
|
32A9000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page read and write
|
||
|
3624E000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2AB0000
|
direct allocation
|
page read and write
|
||
|
853F000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6911000
|
heap
|
page read and write
|
||
|
CE0000
|
unkown
|
page readonly
|
||
|
1E9D1630000
|
heap
|
page read and write
|
||
|
2F50000
|
unkown
|
page readonly
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8D65000
|
direct allocation
|
page execute and read and write
|
||
|
481000
|
unkown
|
page readonly
|
||
|
8573000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2324000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
DA0000
|
unkown
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
1E9D33B4000
|
trusted library allocation
|
page read and write
|
||
|
3AD8000
|
unkown
|
page read and write
|
||
|
1E9D1740000
|
heap
|
page read and write
|
||
|
84E0000
|
unclassified section
|
page readonly
|
||
|
36907000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
4474000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
3630D000
|
stack
|
page read and write
|
||
|
32FC000
|
heap
|
page read and write
|
||
|
CA1000
|
unkown
|
page execute read
|
||
|
CB5000
|
unkown
|
page read and write
|
||
|
1E9D3100000
|
trusted library allocation
|
page read and write
|
||
|
36510000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
322B000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
69F0000
|
direct allocation
|
page read and write
|
||
|
1E9D1669000
|
heap
|
page read and write
|
||
|
38154000
|
unclassified section
|
page execute and read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
135A000
|
heap
|
page read and write
|
||
|
2270000
|
unkown
|
page read and write
|
||
|
1E9D1870000
|
heap
|
page read and write
|
||
|
2F50000
|
unkown
|
page readonly
|
||
|
19647FF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
135E000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
36750000
|
direct allocation
|
page read and write
|
||
|
8513000
|
heap
|
page read and write
|
||
|
E60000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
570000
|
unkown
|
page readonly
|
||
|
30000
|
heap
|
page read and write
|
||
|
55E2000
|
unclassified section
|
page read and write
|
||
|
4D62000
|
heap
|
page read and write
|
||
|
CA1000
|
unkown
|
page execute read
|
||
|
6918000
|
heap
|
page read and write
|
||
|
1E9D1646000
|
heap
|
page read and write
|
||
|
1A60000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3946000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2A20000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
36750000
|
direct allocation
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
365FF000
|
stack
|
page read and write
|
||
|
3A07000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page read and write
|
||
|
11794000
|
system
|
page read and write
|
||
|
2F88000
|
stack
|
page read and write
|
||
|
CAE000
|
unkown
|
page readonly
|
||
|
42B2000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2270000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
441000
|
unkown
|
page readonly
|
||
|
84F0000
|
trusted library allocation
|
page read and write
|
||
|
3299000
|
heap
|
page read and write
|
||
|
1150000
|
unkown
|
page readonly
|
||
|
16D0000
|
unkown
|
page readonly
|
||
|
570000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3282000
|
heap
|
page read and write
|
||
|
C80000
|
unkown
|
page readonly
|
||
|
5844000
|
unclassified section
|
page read and write
|
||
|
1765000
|
remote allocation
|
page execute and read and write
|
||
|
481000
|
unkown
|
page readonly
|
||
|
3622000
|
unkown
|
page read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
2E80000
|
unkown
|
page readonly
|
||
|
8515000
|
heap
|
page read and write
|
||
|
1E9D1470000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
6A10000
|
direct allocation
|
page read and write
|
||
|
CA1000
|
unkown
|
page execute read
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6918000
|
heap
|
page read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
2E90000
|
unkown
|
page read and write
|
||
|
1174C000
|
system
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
67FF000
|
stack
|
page read and write
|
||
|
9DC000
|
unkown
|
page read and write
|
||
|
3224000
|
heap
|
page read and write
|
||
|
649000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
36D80000
|
direct allocation
|
page execute and read and write
|
||
|
68A0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
CB7000
|
unkown
|
page readonly
|
||
|
6F65000
|
direct allocation
|
page execute and read and write
|
||
|
3114000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page read and write
|
||
|
36A30000
|
heap
|
page read and write
|
||
|
CAE000
|
unkown
|
page readonly
|
||
|
52BD000
|
direct allocation
|
page execute and read and write
|
||
|
3299000
|
heap
|
page read and write
|
||
|
767000
|
system
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3F65000
|
remote allocation
|
page execute and read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
36BDD000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1E9D1555000
|
system
|
page execute and read and write
|
||
|
8506000
|
heap
|
page read and write
|
||
|
3628F000
|
stack
|
page read and write
|
||
|
850F000
|
heap
|
page read and write
|
||
|
5BE4000
|
unclassified section
|
page read and write
|
||
|
53C000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
68ED000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
135A000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
68CE000
|
heap
|
page read and write
|
||
|
CE0000
|
unkown
|
page readonly
|
||
|
CB5000
|
unkown
|
page read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
8501000
|
heap
|
page read and write
|
||
|
3278000
|
heap
|
page read and write
|
||
|
36790000
|
direct allocation
|
page read and write
|
||
|
D5A000
|
stack
|
page read and write
|
||
|
704E000
|
unclassified section
|
page read and write
|
||
|
52B9000
|
direct allocation
|
page execute and read and write
|
||
|
6963000
|
heap
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
32FE000
|
unkown
|
page read and write
|
||
|
34F0000
|
heap
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E74000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6E9000
|
system
|
page execute and read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
6963000
|
heap
|
page read and write
|
||
|
24C0000
|
direct allocation
|
page read and write
|
||
|
DE1000
|
unkown
|
page readonly
|
||
|
84AE000
|
stack
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3675D000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
850A000
|
heap
|
page read and write
|
||
|
6800000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
363EE000
|
stack
|
page read and write
|
||
|
36BD9000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8890000
|
heap
|
page read and write
|
||
|
3285000
|
heap
|
page read and write
|
||
|
691E000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
5165000
|
direct allocation
|
page execute and read and write
|
||
|
441000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
32C3000
|
heap
|
page read and write
|
||
|
5522000
|
unclassified section
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
11B34000
|
system
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
710000
|
system
|
page execute and read and write
|
||
|
8524000
|
heap
|
page read and write
|
||
|
16D0000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6969000
|
heap
|
page read and write
|
||
|
36510000
|
remote allocation
|
page read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
CB5000
|
unkown
|
page read and write
|
||
|
68FA000
|
heap
|
page read and write
|
||
|
37754000
|
unclassified section
|
page execute and read and write
|
||
|
1140000
|
unkown
|
page readonly
|
||
|
1140000
|
unkown
|
page readonly
|
||
|
6A40000
|
direct allocation
|
page read and write
|
||
|
32FC000
|
stack
|
page read and write
|
||
|
11532000
|
system
|
page read and write
|
||
|
3642F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
36D7C000
|
direct allocation
|
page execute and read and write
|
||
|
6911000
|
heap
|
page read and write
|
||
|
66E2000
|
unclassified section
|
page read and write
|
||
|
8538000
|
heap
|
page read and write
|
||
|
84FC000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6911000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
3674C000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6EBC000
|
unclassified section
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
563C000
|
unclassified section
|
page read and write
|
||
|
E61000
|
unkown
|
page readonly
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
2360000
|
heap
|
page read and write
|
||
|
3490000
|
unkown
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
4C6C000
|
unkown
|
page read and write
|
||
|
1A60000
|
unkown
|
page readonly
|
||
|
861000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2A10000
|
direct allocation
|
page read and write
|
||
|
32EF000
|
heap
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1E9D33AE000
|
trusted library allocation
|
page read and write
|
||
|
33FC000
|
stack
|
page read and write
|
||
|
362CD000
|
stack
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
3114000
|
heap
|
page read and write
|
||
|
2A70000
|
direct allocation
|
page read and write
|
||
|
1E9D3202000
|
trusted library allocation
|
page read and write
|
||
|
1E9D1639000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3273000
|
heap
|
page read and write
|
||
|
64E000
|
heap
|
page read and write
|
||
|
2462000
|
unkown
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
691E000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
8C9F000
|
stack
|
page read and write
|
||
|
2424000
|
heap
|
page read and write
|
||
|
273C000
|
unkown
|
page read and write
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
3354000
|
heap
|
page read and write
|
||
|
8578000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
1E9D320E000
|
trusted library allocation
|
page read and write
|
||
|
1E9D33A4000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
135E000
|
heap
|
page read and write
|
||
|
1E9D3300000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
257C000
|
unkown
|
page read and write
|
||
|
2F4B000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6880000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
68A8000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1E9D3219000
|
trusted library allocation
|
page read and write
|
||
|
CAE000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1E9D17B0000
|
heap
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
441000
|
unkown
|
page readonly
|
||
|
8501000
|
heap
|
page read and write
|
||
|
820000
|
unkown
|
page read and write
|
||
|
CB7000
|
unkown
|
page readonly
|
||
|
5111000
|
heap
|
page read and write
|
||
|
1E9D3020000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2AA0000
|
direct allocation
|
page read and write
|
||
|
2324000
|
heap
|
page read and write
|
||
|
2165000
|
remote allocation
|
page execute and read and write
|
||
|
3F8E000
|
unkown
|
page read and write
|
||
|
2A40000
|
direct allocation
|
page read and write
|
There are 688 hidden memdumps, click here to show them.