Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
360total.dll.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Custom_update\Update_27361bf8.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_360_886edd4b87b9ecd618b1e464327a85149d5ee8c2_9cecb875_a6f8bd53-9d4e-49b1-a9c1-44db6d88d736\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_360_f6ce5fb8c554a1c5617cb52ea4bda5a5f52864d1_9cecb875_f4e6ccbc-37d4-4f28-84bd-7203eb51c087\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA484.tmp.dmp
|
Mini DuMP crash report, 14 streams, Fri Apr 26 21:15:07 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA531.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA551.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF9C8.tmp.dmp
|
Mini DuMP crash report, 14 streams, Fri Apr 26 21:15:29 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFA94.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFAC4.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 20:15:15 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 20:15:15 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 20:15:15 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 20:15:15 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 20:15:14 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\360total.dll.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\360total.dll.dll,CreateObject
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\360total.dll.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\AppData\Roaming\Custom_update\Update_27361bf8.dll", #1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\360total.dll.dll,homq
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\360total.dll.dll,RegisterInstallTime
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c ipconfig /all
|
|
|
|
C:\Windows\System32\ipconfig.exe
|
ipconfig /all
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c systeminfo
|
|
|
|
C:\Windows\System32\systeminfo.exe
|
systeminfo
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c nltest /domain_trusts
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c nltest /domain_trusts /all_trusts
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c net view /all /domain
|
|
|
|
C:\Windows\System32\net.exe
|
net view /all /domain
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c net view /all
|
|
|
|
C:\Windows\System32\net.exe
|
net view /all
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c net group "Domain Admins" /domain
|
|
|
|
C:\Windows\System32\net.exe
|
net group "Domain Admins" /domain
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c net config workstation
|
|
|
|
C:\Windows\System32\net.exe
|
net config workstation
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c wmic.exe /node:localhost /namespace:\\root\SecurityCenter2 path AntiVirusProduct Get DisplayName | findstr /V /B /C:displayName
|| echo No Antivirus installed
|
|
|
|
C:\Windows\System32\cmd.exe
|
/c whoami /groups
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\360total.dll.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6200 -s 456
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=1996,i,16797134848863919888,4031310649045437557,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6200 -s 456
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\nltest.exe
|
nltest /domain_trusts
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\nltest.exe
|
nltest /domain_trusts /all_trusts
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\net1.exe
|
C:\Windows\system32\net1 group "Domain Admins" /domain
|
||
|
C:\Windows\System32\wbem\WMIC.exe
|
/Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get * /Format:List
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\net1.exe
|
C:\Windows\system32\net1 config workstation
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WMIC.exe
|
wmic.exe /node:localhost /namespace:\\root\SecurityCenter2 path AntiVirusProduct Get DisplayName
|
||
|
C:\Windows\System32\findstr.exe
|
findstr /V /B /C:displayName
|
||
|
C:\Windows\System32\conhost.exe
|
There are 37 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://startmast.shop/live/
|
|
||
|
https://jarinamaers.shop/files/stkm.bin
|
104.21.46.75
|
|
|
|
https://pewwhranet.com/live/
|
104.21.84.207
|
|
|
|
https://jarinamaers.shop/
|
unknown
|
|
|
|
https://grizmotras.com/live/
|
172.67.219.28
|
|
|
|
https://jarinamaers.shop/live/
|
104.21.46.75
|
|
|
|
https://grizmotras.com/c
|
unknown
|
||
|
https://jarinamaers.shop/ive/dOIDInfo
|
unknown
|
||
|
https://pewwhranet.com/
|
unknown
|
||
|
http://pconf.f.360.cn/safe_update.php
|
unknown
|
||
|
ftp://ftp%2desktop.ini
|
unknown
|
||
|
https://grizmotras.com/live/My
|
unknown
|
||
|
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGOKysLEGIjDP9RPIyWXG6yqz56jt32vlp9eant7g-v2niK8akWf-XW5L6XSYUi8PVE7hkJBYZJgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.250.217.228
|
||
|
https://grizmotras.com/
|
unknown
|
||
|
https://www.google.com/async/newtab_promos
|
142.250.217.228
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://pewwhranet.com/live/)
|
unknown
|
||
|
https://grizmotras.com/live/ras.com/live/
|
unknown
|
||
|
https://grizmotras.com/p
|
unknown
|
||
|
https://grizmotras.com/live/URLS1https://pewwhranet.com/live/
|
unknown
|
||
|
https://pewwhranet.com/live/ll
|
unknown
|
||
|
https://jarinamaers.shop/V%
|
unknown
|
||
|
https://grizmotras.com/x
|
unknown
|
||
|
https://grizmotras.com/live/1-0
|
unknown
|
||
|
https://www.google.com/async/ddljson?async=ntp:2
|
142.250.217.228
|
||
|
http://pscan.f.360.cn/safe_update.php
|
unknown
|
||
|
https://grizmotras.com/live/e
|
unknown
|
||
|
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.217.228
|
||
|
http://dr.f.360.cn/scanlist
|
unknown
|
||
|
https://grizmotras.com/live/d
|
unknown
|
||
|
https://grizmotras.com/live/3
|
unknown
|
||
|
http://pscan.f.360.cn/safe_update.phphttp://pconf.f.360.cn/safe_update.phphttp://sconf.f.360.cn/clie
|
unknown
|
||
|
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRmgZjcGOKysLEGIjCpcmGUPeBLMAxrx6A3m-HmimiV3M4DW_xd1u12h5Ub_NV02_HrDnvzsp-9u9svldcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.250.217.228
|
||
|
https://grizmotras.com/live/o
|
unknown
|
||
|
http://sconf.f.360.cn/client_security_conf
|
unknown
|
||
|
https://pewwhranet.com/l
|
unknown
|
||
|
http://dr.f.360.cn/scan
|
unknown
|
||
|
https://jarinamaers.shop/$
|
unknown
|
||
|
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
142.250.217.228
|
||
|
https://jarinamaers.shop/files/stkm.binZ&XRr
|
unknown
|
||
|
https://grizmotras.com/live/6
|
unknown
|
There are 31 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
jarinamaers.shop
|
104.21.46.75
|
|
|
|
pewwhranet.com
|
104.21.84.207
|
|
|
|
grizmotras.com
|
172.67.219.28
|
|
|
|
www.google.com
|
142.250.217.228
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.46.75
|
jarinamaers.shop
|
United States
|
|
|
|
172.67.219.28
|
grizmotras.com
|
United States
|
|
|
|
104.21.84.207
|
pewwhranet.com
|
United States
|
|
|
|
142.250.217.228
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
OriginalFileName
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
\REGISTRY\A\{54d6a6c9-44b8-de07-578d-768d1f152ecf}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018400E1FADC7D4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
|
@%SystemRoot%\system32\mlang.dll,-4387
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
|
@%SystemRoot%\system32\mlang.dll,-4407
|
There are 16 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
146142F0000
|
direct allocation
|
page read and write
|
|
|
|
1E3B5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E3B5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E3B5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E3B5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
237C16B0000
|
direct allocation
|
page read and write
|
|
|
|
1E3B5130000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E3B56E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E3B5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E3B5130000
|
direct allocation
|
page execute and read and write
|
|
|
|
14614300000
|
direct allocation
|
page execute and read and write
|
|
|
|
1E3B5130000
|
direct allocation
|
page execute and read and write
|
|
|
|
237C16C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
14612A05000
|
heap
|
page read and write
|
||
|
11D369A6000
|
heap
|
page read and write
|
||
|
2056CAF0000
|
heap
|
page read and write
|
||
|
1E3B5626000
|
heap
|
page read and write
|
||
|
25C163A0000
|
heap
|
page read and write
|
||
|
237C16F0000
|
heap
|
page read and write
|
||
|
21A87975000
|
heap
|
page read and write
|
||
|
2BBB6DBA000
|
heap
|
page read and write
|
||
|
2BBB6DB0000
|
heap
|
page read and write
|
||
|
1F5FDD97000
|
heap
|
page read and write
|
||
|
1E3B5649000
|
heap
|
page read and write
|
||
|
21283E4A000
|
heap
|
page read and write
|
||
|
18016C000
|
unkown
|
page readonly
|
||
|
1BC90B40000
|
heap
|
page read and write
|
||
|
2100B6D0000
|
heap
|
page read and write
|
||
|
1F5FDB5A000
|
heap
|
page read and write
|
||
|
1E3B57C0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B58E0000
|
direct allocation
|
page execute and read and write
|
||
|
21283E38000
|
heap
|
page read and write
|
||
|
1ABBC4D4000
|
heap
|
page read and write
|
||
|
1E3B5940000
|
direct allocation
|
page execute and read and write
|
||
|
212840C0000
|
heap
|
page read and write
|
||
|
2100B5F0000
|
heap
|
page read and write
|
||
|
1F5FE33E000
|
heap
|
page read and write
|
||
|
1E3B5780000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FDE90000
|
heap
|
page read and write
|
||
|
1F5FFBCD000
|
heap
|
page read and write
|
||
|
852FE7F000
|
stack
|
page read and write
|
||
|
14612A40000
|
heap
|
page read and write
|
||
|
26E78950000
|
heap
|
page read and write
|
||
|
4E715FF000
|
unkown
|
page read and write
|
||
|
1E3B3739000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
22AEF8F9000
|
heap
|
page read and write
|
||
|
1ABBBFAA000
|
heap
|
page read and write
|
||
|
1E3B57A0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B3753000
|
heap
|
page read and write
|
||
|
1E3B5CA1000
|
heap
|
page read and write
|
||
|
1E3B5609000
|
heap
|
page read and write
|
||
|
1BA5F236000
|
heap
|
page read and write
|
||
|
1ABBC493000
|
heap
|
page read and write
|
||
|
1F5FDB74000
|
heap
|
page read and write
|
||
|
21A875B0000
|
heap
|
page read and write
|
||
|
1F5FDB5A000
|
heap
|
page read and write
|
||
|
1BA5F4C0000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
21283E53000
|
heap
|
page read and write
|
||
|
22AEF9F0000
|
heap
|
page read and write
|
||
|
421777C000
|
stack
|
page read and write
|
||
|
1E3B5790000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBBDA4000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1E3B5626000
|
heap
|
page read and write
|
||
|
852FBDD000
|
stack
|
page read and write
|
||
|
23277035000
|
heap
|
page read and write
|
||
|
237C31E0000
|
direct allocation
|
page execute and read and write
|
||
|
5BE2EFE000
|
stack
|
page read and write
|
||
|
16B00730000
|
heap
|
page read and write
|
||
|
1E3B5643000
|
heap
|
page read and write
|
||
|
237C30B0000
|
heap
|
page read and write
|
||
|
CF4E8FE000
|
stack
|
page read and write
|
||
|
1ABBBDAC000
|
heap
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
25C163A6000
|
heap
|
page read and write
|
||
|
1E3B564A000
|
heap
|
page read and write
|
||
|
1ABBBE90000
|
trusted library allocation
|
page read and write
|
||
|
1E3B5510000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
2B2E0D80000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
1ABBBE90000
|
trusted library allocation
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
21A87680000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
2A648FD0000
|
heap
|
page read and write
|
||
|
237C1540000
|
heap
|
page read and write
|
||
|
2100B6F0000
|
heap
|
page read and write
|
||
|
1ABBC4D9000
|
heap
|
page read and write
|
||
|
21283E4A000
|
heap
|
page read and write
|
||
|
1E3B5609000
|
heap
|
page read and write
|
||
|
883DB7E000
|
stack
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1E3B5639000
|
heap
|
page read and write
|
||
|
1F5FDB09000
|
heap
|
page read and write
|
||
|
21A8765D000
|
heap
|
page read and write
|
||
|
E1E04FF000
|
stack
|
page read and write
|
||
|
1813BAE0000
|
heap
|
page read and write
|
||
|
21A87665000
|
heap
|
page read and write
|
||
|
1ABBC4CC000
|
heap
|
page read and write
|
||
|
1F5FDD9E000
|
heap
|
page read and write
|
||
|
1827FBC5000
|
heap
|
page read and write
|
||
|
2100B6F5000
|
heap
|
page read and write
|
||
|
1E3B3704000
|
heap
|
page read and write
|
||
|
2BBB6CF0000
|
heap
|
page read and write
|
||
|
1E3B5626000
|
heap
|
page read and write
|
||
|
21A87653000
|
heap
|
page read and write
|
||
|
237C3150000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5609000
|
heap
|
page read and write
|
||
|
B75887F000
|
stack
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
1ABBBEB0000
|
heap
|
page read and write
|
||
|
1ABBC497000
|
heap
|
page read and write
|
||
|
1E3B5628000
|
heap
|
page read and write
|
||
|
1ABBC49E000
|
heap
|
page read and write
|
||
|
1ABBC4B1000
|
heap
|
page read and write
|
||
|
1E3B5740000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FDB00000
|
heap
|
page read and write
|
||
|
237C1655000
|
heap
|
page read and write
|
||
|
1E3B5090000
|
trusted library allocation
|
page read and write
|
||
|
1E3B3751000
|
heap
|
page read and write
|
||
|
1E3B36FF000
|
heap
|
page read and write
|
||
|
1E3B5649000
|
heap
|
page read and write
|
||
|
23276DBC000
|
heap
|
page read and write
|
||
|
1ABBC4D6000
|
heap
|
page read and write
|
||
|
237C30C0000
|
trusted library allocation
|
page read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
1E3B5601000
|
heap
|
page read and write
|
||
|
2056C748000
|
heap
|
page read and write
|
||
|
2BBB6DAA000
|
heap
|
page read and write
|
||
|
1ABBC4BB000
|
heap
|
page read and write
|
||
|
1F5FDB18000
|
heap
|
page read and write
|
||
|
1E3B56E0000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FE33E000
|
heap
|
page read and write
|
||
|
1E3B54F0000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FE352000
|
heap
|
page read and write
|
||
|
1E3B55E4000
|
heap
|
page read and write
|
||
|
1ABBC4D4000
|
heap
|
page read and write
|
||
|
1F5FDD9B000
|
heap
|
page read and write
|
||
|
1BC90A60000
|
heap
|
page read and write
|
||
|
241C67B000
|
stack
|
page read and write
|
||
|
1E3B566C000
|
heap
|
page read and write
|
||
|
1F5FDD97000
|
heap
|
page read and write
|
||
|
1ABBC4BB000
|
heap
|
page read and write
|
||
|
E1E02FC000
|
stack
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
1E3B3702000
|
heap
|
page read and write
|
||
|
1F5FDD93000
|
heap
|
page read and write
|
||
|
1F5FDB3B000
|
heap
|
page read and write
|
||
|
1ABBBDA7000
|
heap
|
page read and write
|
||
|
1ABBC4D0000
|
heap
|
page read and write
|
||
|
16E1AFF000
|
unkown
|
page read and write
|
||
|
1F5FDB70000
|
heap
|
page read and write
|
||
|
1ABBBDA7000
|
heap
|
page read and write
|
||
|
1E3B5628000
|
heap
|
page read and write
|
||
|
16A39D40000
|
heap
|
page read and write
|
||
|
1800C6000
|
unkown
|
page write copy
|
||
|
5BE2E7E000
|
stack
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
28CACFF000
|
stack
|
page read and write
|
||
|
1E3B5628000
|
heap
|
page read and write
|
||
|
2BBB6D9E000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
16A39B70000
|
heap
|
page read and write
|
||
|
1E3B5601000
|
heap
|
page read and write
|
||
|
1F5FE354000
|
heap
|
page read and write
|
||
|
212840CB000
|
heap
|
page read and write
|
||
|
1F5FDB70000
|
heap
|
page read and write
|
||
|
E1E03FE000
|
unkown
|
page read and write
|
||
|
2BBB6DB4000
|
heap
|
page read and write
|
||
|
A03CCFC000
|
stack
|
page read and write
|
||
|
1E3B57A0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1F5FE34C000
|
heap
|
page read and write
|
||
|
1E3B3705000
|
heap
|
page read and write
|
||
|
2534A6F3000
|
heap
|
page read and write
|
||
|
1E3B5190000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FFBCE000
|
heap
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
2056C740000
|
heap
|
page read and write
|
||
|
B09F9FE000
|
unkown
|
page read and write
|
||
|
21A87659000
|
heap
|
page read and write
|
||
|
2100B700000
|
heap
|
page read and write
|
||
|
6899FBD000
|
stack
|
page read and write
|
||
|
1F5FDB61000
|
heap
|
page read and write
|
||
|
237C16F8000
|
heap
|
page read and write
|
||
|
1E3B55E0000
|
heap
|
page read and write
|
||
|
23276CA0000
|
heap
|
page read and write
|
||
|
1F5FDB5A000
|
heap
|
page read and write
|
||
|
1E526A20000
|
heap
|
page read and write
|
||
|
1E3B3702000
|
heap
|
page read and write
|
||
|
1E3B55F8000
|
heap
|
page read and write
|
||
|
1F5FDB39000
|
heap
|
page read and write
|
||
|
1F5FE32C000
|
heap
|
page read and write
|
||
|
1E3B36C9000
|
heap
|
page read and write
|
||
|
1ABBC4D1000
|
heap
|
page read and write
|
||
|
21283F30000
|
heap
|
page read and write
|
||
|
1CD48B30000
|
heap
|
page read and write
|
||
|
1E3B5790000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B566B000
|
heap
|
page read and write
|
||
|
1ABBBDA7000
|
heap
|
page read and write
|
||
|
DB6E1FE000
|
stack
|
page read and write
|
||
|
1BC90B60000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
2BBB6D90000
|
heap
|
page read and write
|
||
|
16B00530000
|
heap
|
page read and write
|
||
|
2534A910000
|
heap
|
page read and write
|
||
|
25C165B0000
|
heap
|
page read and write
|
||
|
21283E4E000
|
heap
|
page read and write
|
||
|
28CAAFC000
|
stack
|
page read and write
|
||
|
1F5FE320000
|
heap
|
page read and write
|
||
|
1E3B5609000
|
heap
|
page read and write
|
||
|
16A39F60000
|
heap
|
page read and write
|
||
|
CF4E87F000
|
stack
|
page read and write
|
||
|
1F5FDD90000
|
heap
|
page read and write
|
||
|
F343AFF000
|
stack
|
page read and write
|
||
|
1E3B564C000
|
heap
|
page read and write
|
||
|
23276DD0000
|
heap
|
page read and write
|
||
|
16E176C000
|
stack
|
page read and write
|
||
|
1800C5000
|
unkown
|
page read and write
|
||
|
1F5FDB6A000
|
heap
|
page read and write
|
||
|
2BBB703B000
|
heap
|
page read and write
|
||
|
1F5FDD95000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
1E3B36F6000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
1E3B55E0000
|
heap
|
page read and write
|
||
|
22AEFAD0000
|
heap
|
page read and write
|
||
|
1F5FDB52000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
5BE2BFC000
|
stack
|
page read and write
|
||
|
1E3B3752000
|
heap
|
page read and write
|
||
|
1E3B3752000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1E3B55D0000
|
remote allocation
|
page read and write
|
||
|
2B2E0AB0000
|
heap
|
page read and write
|
||
|
F3439FF000
|
unkown
|
page read and write
|
||
|
23276ED0000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
1E3B5130000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5643000
|
heap
|
page read and write
|
||
|
2BBBA1D0000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
1E3B370B000
|
heap
|
page read and write
|
||
|
1ABBBDA4000
|
heap
|
page read and write
|
||
|
1ABBC4D4000
|
heap
|
page read and write
|
||
|
146144A0000
|
heap
|
page read and write
|
||
|
1E3B5780000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B5970000
|
direct allocation
|
page execute and read and write
|
||
|
CF4E7FE000
|
stack
|
page read and write
|
||
|
B43FA7E000
|
stack
|
page read and write
|
||
|
1E3B373D000
|
heap
|
page read and write
|
||
|
1E3B57C0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5930000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FE32F000
|
heap
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
CF4E6FD000
|
stack
|
page read and write
|
||
|
237C1620000
|
heap
|
page read and write
|
||
|
2BBBA620000
|
trusted library allocation
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
1ABBC4B3000
|
heap
|
page read and write
|
||
|
1ABBC4BB000
|
heap
|
page read and write
|
||
|
852FEFE000
|
stack
|
page read and write
|
||
|
1F5FE328000
|
heap
|
page read and write
|
||
|
241C6FE000
|
stack
|
page read and write
|
||
|
1BC90DC0000
|
heap
|
page read and write
|
||
|
1F5FDB56000
|
heap
|
page read and write
|
||
|
2BBB6CD0000
|
heap
|
page read and write
|
||
|
1F5FDAC0000
|
trusted library allocation
|
page read and write
|
||
|
1E3B5609000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
1E3B57C0000
|
direct allocation
|
page execute and read and write
|
||
|
21A87580000
|
heap
|
page read and write
|
||
|
909A4FF000
|
stack
|
page read and write
|
||
|
2A648FD7000
|
heap
|
page read and write
|
||
|
5F8F37C000
|
stack
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
1827F7F0000
|
heap
|
page read and write
|
||
|
DB6E0FE000
|
stack
|
page read and write
|
||
|
1E3B5885000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FFBC6000
|
heap
|
page read and write
|
||
|
21A8767A000
|
heap
|
page read and write
|
||
|
237C30A0000
|
trusted library allocation
|
page read and write
|
||
|
1F5FDB54000
|
heap
|
page read and write
|
||
|
2AADA2D0000
|
heap
|
page read and write
|
||
|
1F5FDB7A000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1F5FDD94000
|
heap
|
page read and write
|
||
|
2A648DF0000
|
heap
|
page read and write
|
||
|
1F5FDCD0000
|
heap
|
page read and write
|
||
|
1ABBC4CD000
|
heap
|
page read and write
|
||
|
1ABBC4B0000
|
heap
|
page read and write
|
||
|
1E3B5130000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBBDB6000
|
heap
|
page read and write
|
||
|
23276D90000
|
heap
|
page read and write
|
||
|
1827F8F0000
|
heap
|
page read and write
|
||
|
1F5FE338000
|
heap
|
page read and write
|
||
|
21283D40000
|
heap
|
page read and write
|
||
|
21A87654000
|
heap
|
page read and write
|
||
|
25C163C7000
|
heap
|
page read and write
|
||
|
23276DB7000
|
heap
|
page read and write
|
||
|
1E3B5649000
|
heap
|
page read and write
|
||
|
1E3B5637000
|
heap
|
page read and write
|
||
|
1E3B57C0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5609000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
237C30C0000
|
trusted library allocation
|
page read and write
|
||
|
1BC90C60000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
16B00830000
|
heap
|
page read and write
|
||
|
1F5FDD9E000
|
heap
|
page read and write
|
||
|
1E3B5780000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B374D000
|
heap
|
page read and write
|
||
|
1813B810000
|
heap
|
page read and write
|
||
|
1F5FDA70000
|
heap
|
page read and write
|
||
|
1ABBC4BB000
|
heap
|
page read and write
|
||
|
237C172F000
|
heap
|
page read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
1BA5F100000
|
heap
|
page read and write
|
||
|
3ED3B0C000
|
stack
|
page read and write
|
||
|
1BA5F310000
|
heap
|
page read and write
|
||
|
1E3B3702000
|
heap
|
page read and write
|
||
|
883DBFE000
|
stack
|
page read and write
|
||
|
1F5FDB38000
|
heap
|
page read and write
|
||
|
11D36980000
|
heap
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
1E3B5628000
|
heap
|
page read and write
|
||
|
2AADA388000
|
heap
|
page read and write
|
||
|
11D3698B000
|
heap
|
page read and write
|
||
|
800E67E000
|
stack
|
page read and write
|
||
|
21285890000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1ABBC49E000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
21287180000
|
heap
|
page read and write
|
||
|
1E526A99000
|
heap
|
page read and write
|
||
|
909A2FC000
|
stack
|
page read and write
|
||
|
237C3220000
|
direct allocation
|
page execute and read and write
|
||
|
2056C690000
|
heap
|
page read and write
|
||
|
30EB67E000
|
stack
|
page read and write
|
||
|
1ABBC4B4000
|
heap
|
page read and write
|
||
|
1827F8D0000
|
heap
|
page read and write
|
||
|
237C30A0000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FE35A000
|
heap
|
page read and write
|
||
|
1E3B51A0000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FE349000
|
heap
|
page read and write
|
||
|
1E3B5920000
|
trusted library allocation
|
page read and write
|
||
|
21A8768D000
|
heap
|
page read and write
|
||
|
1ABBC49A000
|
heap
|
page read and write
|
||
|
1ABBC4B9000
|
heap
|
page read and write
|
||
|
33E5D5D000
|
stack
|
page read and write
|
||
|
1ABBBDAE000
|
heap
|
page read and write
|
||
|
22AEFB90000
|
heap
|
page read and write
|
||
|
1ABBC4C9000
|
heap
|
page read and write
|
||
|
D7DBCFF000
|
unkown
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
25C16660000
|
heap
|
page read and write
|
||
|
1BA5F21B000
|
heap
|
page read and write
|
||
|
1E3B57C0000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBBD86000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
21A87653000
|
heap
|
page read and write
|
||
|
1E3B5626000
|
heap
|
page read and write
|
||
|
1F5FE33E000
|
heap
|
page read and write
|
||
|
2AADA383000
|
heap
|
page read and write
|
||
|
2BBB6DD0000
|
heap
|
page read and write
|
||
|
11D3698D000
|
heap
|
page read and write
|
||
|
16B00653000
|
heap
|
page read and write
|
||
|
3276C8D000
|
stack
|
page read and write
|
||
|
1F5FDB36000
|
heap
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
1F5FE349000
|
heap
|
page read and write
|
||
|
1E3B55E4000
|
heap
|
page read and write
|
||
|
2534A900000
|
heap
|
page read and write
|
||
|
1E3B5654000
|
heap
|
page read and write
|
||
|
A03CDFF000
|
unkown
|
page read and write
|
||
|
1ABBBDA4000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1E3B5628000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
26E78D45000
|
heap
|
page read and write
|
||
|
4217A7E000
|
stack
|
page read and write
|
||
|
1ABBBDA4000
|
heap
|
page read and write
|
||
|
16B0063D000
|
heap
|
page read and write
|
||
|
25C163C4000
|
heap
|
page read and write
|
||
|
16A39C70000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
2A6491B5000
|
heap
|
page read and write
|
||
|
6899EBB000
|
stack
|
page read and write
|
||
|
146129C0000
|
heap
|
page read and write
|
||
|
1E3B51A0000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FDB68000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
2BBB8920000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
D7DBDFF000
|
stack
|
page read and write
|
||
|
1F5FDD92000
|
heap
|
page read and write
|
||
|
1CD48A2B000
|
heap
|
page read and write
|
||
|
1F5FE32F000
|
heap
|
page read and write
|
||
|
30EB34C000
|
stack
|
page read and write
|
||
|
1E3B5636000
|
heap
|
page read and write
|
||
|
1F5FE335000
|
heap
|
page read and write
|
||
|
3ED3B8E000
|
stack
|
page read and write
|
||
|
25C164B0000
|
heap
|
page read and write
|
||
|
1E3B564A000
|
heap
|
page read and write
|
||
|
21A87970000
|
heap
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
1E3B5990000
|
direct allocation
|
page execute and read and write
|
||
|
2B2E0A30000
|
heap
|
page read and write
|
||
|
146128E0000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
1E3B5C99000
|
heap
|
page read and write
|
||
|
1E3B56E0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1E3B5970000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5780000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
2B2E0A60000
|
heap
|
page read and write
|
||
|
1ABBBD59000
|
heap
|
page read and write
|
||
|
1F5FFBC1000
|
heap
|
page read and write
|
||
|
1F5FE330000
|
heap
|
page read and write
|
||
|
1ABBC4DC000
|
heap
|
page read and write
|
||
|
1E3B5628000
|
heap
|
page read and write
|
||
|
16B00630000
|
heap
|
page read and write
|
||
|
1F5FDE9D000
|
heap
|
page read and write
|
||
|
237C30A0000
|
trusted library allocation
|
page read and write
|
||
|
16A39D50000
|
heap
|
page read and write
|
||
|
1E3B56E0000
|
direct allocation
|
page execute and read and write
|
||
|
241C87F000
|
stack
|
page read and write
|
||
|
1F5FE349000
|
heap
|
page read and write
|
||
|
1827FBC0000
|
heap
|
page read and write
|
||
|
1E3B5601000
|
heap
|
page read and write
|
||
|
1E526A10000
|
heap
|
page read and write
|
||
|
1F5FDB5A000
|
heap
|
page read and write
|
||
|
1ABBBD89000
|
heap
|
page read and write
|
||
|
1F5FDB60000
|
heap
|
page read and write
|
||
|
5F8F7FE000
|
stack
|
page read and write
|
||
|
1E3B56F0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5910000
|
direct allocation
|
page execute and read and write
|
||
|
A03CEFF000
|
stack
|
page read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
1ABBC4C9000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
14612A48000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
1E3B5601000
|
heap
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B55FD000
|
heap
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
241C8FE000
|
stack
|
page read and write
|
||
|
2BBBA1D3000
|
heap
|
page read and write
|
||
|
1ABBC4B7000
|
heap
|
page read and write
|
||
|
26E78A17000
|
heap
|
page read and write
|
||
|
2BBB6D70000
|
heap
|
page read and write
|
||
|
2534A8D0000
|
heap
|
page read and write
|
||
|
14614312000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B55F0000
|
heap
|
page read and write
|
||
|
1E3B375A000
|
heap
|
page read and write
|
||
|
1ABBC495000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1E3B36B0000
|
heap
|
page read and write
|
||
|
1F5FDB5A000
|
heap
|
page read and write
|
||
|
1E3B5920000
|
trusted library allocation
|
page read and write
|
||
|
22AEF900000
|
heap
|
page read and write
|
||
|
1F5FDB63000
|
heap
|
page read and write
|
||
|
3ED3E7F000
|
stack
|
page read and write
|
||
|
1E3B55F0000
|
heap
|
page read and write
|
||
|
2BBB6DBB000
|
heap
|
page read and write
|
||
|
1F5FDB52000
|
heap
|
page read and write
|
||
|
2534A6DB000
|
heap
|
page read and write
|
||
|
1F5FDE9A000
|
heap
|
page read and write
|
||
|
1E3B54F0000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FE337000
|
heap
|
page read and write
|
||
|
1F5FFBC4000
|
heap
|
page read and write
|
||
|
2AADA530000
|
heap
|
page read and write
|
||
|
1ABBBFA0000
|
heap
|
page read and write
|
||
|
1E3B5790000
|
direct allocation
|
page execute and read and write
|
||
|
11D36B70000
|
heap
|
page read and write
|
||
|
1ABBBDB1000
|
heap
|
page read and write
|
||
|
DB6E17E000
|
stack
|
page read and write
|
||
|
21A8767A000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B57C0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5652000
|
heap
|
page read and write
|
||
|
CF4E678000
|
stack
|
page read and write
|
||
|
1E3B5600000
|
heap
|
page read and write
|
||
|
21283E53000
|
heap
|
page read and write
|
||
|
1E3B5510000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
2056CAF5000
|
heap
|
page read and write
|
||
|
1F5FDD9A000
|
heap
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
1E3B5885000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FDB5E000
|
heap
|
page read and write
|
||
|
1E3B5160000
|
direct allocation
|
page execute and read and write
|
||
|
2BBB6DBA000
|
heap
|
page read and write
|
||
|
1E3B5990000
|
direct allocation
|
page execute and read and write
|
||
|
25C163A9000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
4E714FB000
|
stack
|
page read and write
|
||
|
16A39D47000
|
heap
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
23276D9B000
|
heap
|
page read and write
|
||
|
1F5FDB7F000
|
heap
|
page read and write
|
||
|
21A87630000
|
heap
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
2AADA36B000
|
heap
|
page read and write
|
||
|
1E3B373A000
|
heap
|
page read and write
|
||
|
1E3B5650000
|
heap
|
page read and write
|
||
|
1F5FDB6B000
|
heap
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1CD48CE0000
|
heap
|
page read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
1E3B5649000
|
heap
|
page read and write
|
||
|
1ABBBD86000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
1ABBC49A000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
1E3B5930000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBC49B000
|
heap
|
page read and write
|
||
|
23277030000
|
heap
|
page read and write
|
||
|
23276DA6000
|
heap
|
page read and write
|
||
|
1ABBBD50000
|
heap
|
page read and write
|
||
|
1E3B5601000
|
heap
|
page read and write
|
||
|
1F5FDB46000
|
heap
|
page read and write
|
||
|
1F5FDD9A000
|
heap
|
page read and write
|
||
|
1ABBC4A9000
|
heap
|
page read and write
|
||
|
11D369A7000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1BA5F210000
|
heap
|
page read and write
|
||
|
1E3B566A000
|
heap
|
page read and write
|
||
|
B7588FE000
|
stack
|
page read and write
|
||
|
1F5FDE9E000
|
heap
|
page read and write
|
||
|
1CD48A42000
|
heap
|
page read and write
|
||
|
1BC90B82000
|
heap
|
page read and write
|
||
|
1E3B5645000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
2BBB6DB4000
|
heap
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
1F5FDAC0000
|
trusted library allocation
|
page read and write
|
||
|
1ABBC4C9000
|
heap
|
page read and write
|
||
|
B70F8FF000
|
stack
|
page read and write
|
||
|
B70F6FC000
|
stack
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
1E3B3745000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
1F5FDB38000
|
heap
|
page read and write
|
||
|
1F5FE349000
|
heap
|
page read and write
|
||
|
883DAFC000
|
stack
|
page read and write
|
||
|
1E526A90000
|
heap
|
page read and write
|
||
|
237C3230000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBC497000
|
heap
|
page read and write
|
||
|
1ABBC4A7000
|
heap
|
page read and write
|
||
|
1ABBBE50000
|
heap
|
page read and write
|
||
|
14612A00000
|
heap
|
page read and write
|
||
|
1E3B370B000
|
heap
|
page read and write
|
||
|
33E5DDE000
|
stack
|
page read and write
|
||
|
1E3B5190000
|
direct allocation
|
page execute and read and write
|
||
|
2A6491B0000
|
heap
|
page read and write
|
||
|
1E3B55D0000
|
remote allocation
|
page read and write
|
||
|
26E78980000
|
heap
|
page read and write
|
||
|
1813BAE5000
|
heap
|
page read and write
|
||
|
1F5FDB7F000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1ABBC4AF000
|
heap
|
page read and write
|
||
|
1BC90B6D000
|
heap
|
page read and write
|
||
|
237C31A0000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBC4AC000
|
heap
|
page read and write
|
||
|
1BA5F1E0000
|
heap
|
page read and write
|
||
|
21A87590000
|
heap
|
page read and write
|
||
|
11D36C10000
|
heap
|
page read and write
|
||
|
1ABBBD87000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
1F5FE331000
|
heap
|
page read and write
|
||
|
237C3200000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBC4BB000
|
heap
|
page read and write
|
||
|
1E3B5910000
|
direct allocation
|
page execute and read and write
|
||
|
237C1660000
|
heap
|
page read and write
|
||
|
1E3B3705000
|
heap
|
page read and write
|
||
|
1BC90C80000
|
heap
|
page read and write
|
||
|
2AADA36D000
|
heap
|
page read and write
|
||
|
1F5FDD9A000
|
heap
|
page read and write
|
||
|
1ABBC494000
|
heap
|
page read and write
|
||
|
1F5FDB45000
|
heap
|
page read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
2534A6F7000
|
heap
|
page read and write
|
||
|
1813B820000
|
heap
|
page read and write
|
||
|
26E78D40000
|
heap
|
page read and write
|
||
|
237C3170000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B36F9000
|
heap
|
page read and write
|
||
|
1827F987000
|
heap
|
page read and write
|
||
|
1ABBBD63000
|
heap
|
page read and write
|
||
|
1F5FFBCE000
|
heap
|
page read and write
|
||
|
1E3B3703000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
2A648ED0000
|
heap
|
page read and write
|
||
|
1F5FE32C000
|
heap
|
page read and write
|
||
|
21283E53000
|
heap
|
page read and write
|
||
|
1E3B5640000
|
heap
|
page read and write
|
||
|
1F5FDB63000
|
heap
|
page read and write
|
||
|
1F5FE327000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
16E1BFE000
|
stack
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1F5FDB73000
|
heap
|
page read and write
|
||
|
1ABBBDB4000
|
heap
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
146129E0000
|
heap
|
page read and write
|
||
|
1E3B5649000
|
heap
|
page read and write
|
||
|
2056C750000
|
heap
|
page read and write
|
||
|
2BBB6DC5000
|
heap
|
page read and write
|
||
|
25C16590000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
22AEF8F0000
|
heap
|
page read and write
|
||
|
1E526AA8000
|
heap
|
page read and write
|
||
|
28CABFE000
|
unkown
|
page read and write
|
||
|
241C7FF000
|
stack
|
page read and write
|
||
|
16B0063B000
|
heap
|
page read and write
|
||
|
2BBB6DA7000
|
heap
|
page read and write
|
||
|
23276EB0000
|
heap
|
page read and write
|
||
|
2AADA2C0000
|
heap
|
page read and write
|
||
|
21A8765C000
|
heap
|
page read and write
|
||
|
21283E61000
|
heap
|
page read and write
|
||
|
23276E90000
|
heap
|
page read and write
|
||
|
2AADA360000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
1E3B5510000
|
direct allocation
|
page execute and read and write
|
||
|
800E378000
|
stack
|
page read and write
|
||
|
2534A7D0000
|
heap
|
page read and write
|
||
|
2AADA6F0000
|
heap
|
page read and write
|
||
|
DB6E07A000
|
stack
|
page read and write
|
||
|
11D36C00000
|
heap
|
page read and write
|
||
|
1CD48A2D000
|
heap
|
page read and write
|
||
|
1E3B5648000
|
heap
|
page read and write
|
||
|
1E3B5626000
|
heap
|
page read and write
|
||
|
1F5FE33E000
|
heap
|
page read and write
|
||
|
1E3B57B0000
|
direct allocation
|
page execute and read and write
|
||
|
22AEFAF0000
|
heap
|
page read and write
|
||
|
1E3B5667000
|
heap
|
page read and write
|
||
|
1F5FE334000
|
heap
|
page read and write
|
||
|
1813B880000
|
heap
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1BA5F21D000
|
heap
|
page read and write
|
||
|
33E607E000
|
stack
|
page read and write
|
||
|
B75887B000
|
stack
|
page read and write
|
||
|
1E3B57C0000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBBD40000
|
trusted library allocation
|
page read and write
|
||
|
1E3B55E8000
|
heap
|
page read and write
|
||
|
1ABBC4C9000
|
heap
|
page read and write
|
||
|
3276D0F000
|
stack
|
page read and write
|
||
|
800E3FE000
|
stack
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
B75897F000
|
stack
|
page read and write
|
||
|
1E3B5650000
|
heap
|
page read and write
|
||
|
1F5FE333000
|
heap
|
page read and write
|
||
|
1E3B5730000
|
direct allocation
|
page execute and read and write
|
||
|
2BBB6D98000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
1ABBC490000
|
heap
|
page read and write
|
||
|
2056C680000
|
heap
|
page read and write
|
||
|
1E3B57D0000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBC4A0000
|
heap
|
page read and write
|
||
|
1F5FDB38000
|
heap
|
page read and write
|
||
|
1F5FE32E000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
2B2E0ABB000
|
heap
|
page read and write
|
||
|
1F5FE33E000
|
heap
|
page read and write
|
||
|
1800C6000
|
unkown
|
page write copy
|
||
|
1F5FDAC0000
|
trusted library allocation
|
page read and write
|
||
|
30EB3CE000
|
stack
|
page read and write
|
||
|
21A8768A000
|
heap
|
page read and write
|
||
|
237C3180000
|
direct allocation
|
page execute and read and write
|
||
|
11D36960000
|
heap
|
page read and write
|
||
|
1E3B5090000
|
trusted library allocation
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B57E0000
|
direct allocation
|
page execute and read and write
|
||
|
21A8767E000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
180086000
|
unkown
|
page readonly
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
2B2E0AD2000
|
heap
|
page read and write
|
||
|
2BBB7030000
|
heap
|
page read and write
|
||
|
3276D8F000
|
stack
|
page read and write
|
||
|
1ABBC4CF000
|
heap
|
page read and write
|
||
|
21283F50000
|
heap
|
page read and write
|
||
|
1E3B5090000
|
trusted library allocation
|
page read and write
|
||
|
21A87663000
|
heap
|
page read and write
|
||
|
26E78960000
|
heap
|
page read and write
|
||
|
1E3B36F9000
|
heap
|
page read and write
|
||
|
1ABBC4B7000
|
heap
|
page read and write
|
||
|
21A8767A000
|
heap
|
page read and write
|
||
|
1E3B3737000
|
heap
|
page read and write
|
||
|
CF4E77E000
|
stack
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
1E3B5510000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBBE70000
|
heap
|
page read and write
|
||
|
1E3B3757000
|
heap
|
page read and write
|
||
|
21A87655000
|
heap
|
page read and write
|
||
|
6899F3F000
|
stack
|
page read and write
|
||
|
1813B870000
|
heap
|
page read and write
|
||
|
1F5FDB68000
|
heap
|
page read and write
|
||
|
1E3B57D0000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBC4D5000
|
heap
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
1E3B5654000
|
heap
|
page read and write
|
||
|
2100B797000
|
heap
|
page read and write
|
||
|
1F5FDB52000
|
heap
|
page read and write
|
||
|
21287110000
|
heap
|
page read and write
|
||
|
1ABBDE60000
|
heap
|
page read and write
|
||
|
1E3B563C000
|
heap
|
page read and write
|
||
|
2056C6B0000
|
heap
|
page read and write
|
||
|
212875D0000
|
trusted library allocation
|
page read and write
|
||
|
1F5FFBCE000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
1CD48C10000
|
heap
|
page read and write
|
||
|
1E3B5626000
|
heap
|
page read and write
|
||
|
1F5FFBC2000
|
heap
|
page read and write
|
||
|
1E3B5651000
|
heap
|
page read and write
|
||
|
1E3B56F0000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBC49A000
|
heap
|
page read and write
|
||
|
23276DD1000
|
heap
|
page read and write
|
||
|
1E3B5190000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5090000
|
trusted library allocation
|
page read and write
|
||
|
1E3B564A000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
21A8767A000
|
heap
|
page read and write
|
||
|
1CD48CD0000
|
heap
|
page read and write
|
||
|
1F5FFBD4000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
B43F77D000
|
stack
|
page read and write
|
||
|
1F5FDB18000
|
heap
|
page read and write
|
||
|
18016C000
|
unkown
|
page readonly
|
||
|
21A8767A000
|
heap
|
page read and write
|
||
|
1E3B5780000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
1F5FDE95000
|
heap
|
page read and write
|
||
|
800E7FF000
|
stack
|
page read and write
|
||
|
1CD48A20000
|
heap
|
page read and write
|
||
|
26E78A10000
|
heap
|
page read and write
|
||
|
21283E65000
|
heap
|
page read and write
|
||
|
2534A8B0000
|
heap
|
page read and write
|
||
|
21287183000
|
heap
|
page read and write
|
||
|
2B2E0A40000
|
heap
|
page read and write
|
||
|
1E3B5645000
|
heap
|
page read and write
|
||
|
1ABBC492000
|
heap
|
page read and write
|
||
|
1E3B55D0000
|
remote allocation
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1E3B5500000
|
direct allocation
|
page execute and read and write
|
||
|
23276DC0000
|
heap
|
page read and write
|
||
|
21A87638000
|
heap
|
page read and write
|
||
|
2534A6DD000
|
heap
|
page read and write
|
||
|
1E3B5609000
|
heap
|
page read and write
|
||
|
1ABBC4AC000
|
heap
|
page read and write
|
||
|
1E3B5601000
|
heap
|
page read and write
|
||
|
1F5FDB38000
|
heap
|
page read and write
|
||
|
2BBB6DC0000
|
heap
|
page read and write
|
||
|
1F5FE349000
|
heap
|
page read and write
|
||
|
1E3B5C01000
|
heap
|
page read and write
|
||
|
21283E30000
|
heap
|
page read and write
|
||
|
1F5FDB79000
|
heap
|
page read and write
|
||
|
1E3B5609000
|
heap
|
page read and write
|
||
|
1F5FE349000
|
heap
|
page read and write
|
||
|
1F5FDA80000
|
heap
|
page read and write
|
||
|
1E3B5970000
|
direct allocation
|
page execute and read and write
|
||
|
22AEFB95000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
1ABBC4D4000
|
heap
|
page read and write
|
||
|
2534A6D0000
|
heap
|
page read and write
|
||
|
1813B878000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
1F5FFBC3000
|
heap
|
page read and write
|
||
|
909A3FF000
|
unkown
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B5621000
|
heap
|
page read and write
|
||
|
1ABBC4B6000
|
heap
|
page read and write
|
||
|
1813B840000
|
heap
|
page read and write
|
||
|
1E3B374D000
|
heap
|
page read and write
|
||
|
1E3B55E4000
|
heap
|
page read and write
|
||
|
1E3B564A000
|
heap
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
2B2E0ABD000
|
heap
|
page read and write
|
||
|
1F5FFBC0000
|
heap
|
page read and write
|
||
|
1BA5F330000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
1ABBBDAB000
|
heap
|
page read and write
|
||
|
21283E58000
|
heap
|
page read and write
|
||
|
11D36B50000
|
heap
|
page read and write
|
||
|
2A648EF0000
|
heap
|
page read and write
|
||
|
1F5FDB6B000
|
heap
|
page read and write
|
||
|
1E3B564A000
|
heap
|
page read and write
|
||
|
1ABBBFAD000
|
heap
|
page read and write
|
||
|
1F5FDB52000
|
heap
|
page read and write
|
||
|
1ABBC4D4000
|
heap
|
page read and write
|
||
|
1E3B5910000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5649000
|
heap
|
page read and write
|
||
|
B43F7FE000
|
stack
|
page read and write
|
||
|
16B00550000
|
heap
|
page read and write
|
||
|
1ABBBD86000
|
heap
|
page read and write
|
||
|
1E3B5657000
|
heap
|
page read and write
|
||
|
16A39F65000
|
heap
|
page read and write
|
||
|
D7DB9AC000
|
stack
|
page read and write
|
||
|
1E3B3709000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
180086000
|
unkown
|
page readonly
|
||
|
1ABBDD40000
|
heap
|
page read and write
|
||
|
1E3B564F000
|
heap
|
page read and write
|
||
|
B09F8FC000
|
stack
|
page read and write
|
||
|
16B00450000
|
heap
|
page read and write
|
||
|
1ABBC4B4000
|
heap
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
30EB6FE000
|
stack
|
page read and write
|
||
|
1E3B57E0000
|
direct allocation
|
page execute and read and write
|
||
|
1ABBC4BB000
|
heap
|
page read and write
|
||
|
1E3B5C04000
|
heap
|
page read and write
|
||
|
1E3B5637000
|
heap
|
page read and write
|
||
|
1F5FE34A000
|
heap
|
page read and write
|
||
|
16A39C50000
|
heap
|
page read and write
|
||
|
5F8F6FF000
|
unkown
|
page read and write
|
||
|
1827F980000
|
heap
|
page read and write
|
||
|
1F5FDAA0000
|
heap
|
page read and write
|
||
|
2BBB6DD8000
|
heap
|
page read and write
|
||
|
21A87659000
|
heap
|
page read and write
|
||
|
1E3B5626000
|
heap
|
page read and write
|
||
|
1ABBC4C9000
|
heap
|
page read and write
|
||
|
2BBB6CC0000
|
heap
|
page read and write
|
||
|
2BBB7035000
|
heap
|
page read and write
|
||
|
237C1650000
|
heap
|
page read and write
|
||
|
11D369A2000
|
heap
|
page read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
1E3B5600000
|
heap
|
page read and write
|
||
|
1CD48C30000
|
heap
|
page read and write
|
||
|
2BBB6DAA000
|
heap
|
page read and write
|
||
|
1E3B5990000
|
direct allocation
|
page execute and read and write
|
||
|
800E6FF000
|
stack
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
F3438FC000
|
stack
|
page read and write
|
||
|
1E3B565F000
|
heap
|
page read and write
|
||
|
1ABBBC60000
|
heap
|
page read and write
|
||
|
1E3B55E8000
|
heap
|
page read and write
|
||
|
1E3B58E0000
|
direct allocation
|
page execute and read and write
|
||
|
42177FF000
|
stack
|
page read and write
|
||
|
1E3B5653000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
1F5FDB38000
|
heap
|
page read and write
|
||
|
241C77E000
|
stack
|
page read and write
|
||
|
1F5FE338000
|
heap
|
page read and write
|
||
|
1F5FFBD4000
|
heap
|
page read and write
|
||
|
1F5FE352000
|
heap
|
page read and write
|
||
|
1F5FDAC0000
|
trusted library allocation
|
page read and write
|
||
|
2B2E0C80000
|
heap
|
page read and write
|
||
|
1F5FDB5A000
|
heap
|
page read and write
|
||
|
1E3B57C0000
|
direct allocation
|
page execute and read and write
|
||
|
212840C5000
|
heap
|
page read and write
|
||
|
1E3B5910000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FE33E000
|
heap
|
page read and write
|
||
|
1E3B5780000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FDB6C000
|
heap
|
page read and write
|
||
|
B09FAFF000
|
stack
|
page read and write
|
||
|
1ABBBD68000
|
heap
|
page read and write
|
||
|
1BA5F232000
|
heap
|
page read and write
|
||
|
1E3B50B0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5663000
|
heap
|
page read and write
|
||
|
1BC90B6B000
|
heap
|
page read and write
|
||
|
1F5FDB52000
|
heap
|
page read and write
|
||
|
4E716FF000
|
stack
|
page read and write
|
||
|
1E3B5628000
|
heap
|
page read and write
|
||
|
1E3B565B000
|
heap
|
page read and write
|
||
|
B70F7FF000
|
stack
|
page read and write
|
||
|
1ABBBDA7000
|
heap
|
page read and write
|
||
|
2AADA2F0000
|
heap
|
page read and write
|
||
|
1E526A9D000
|
heap
|
page read and write
|
||
|
1E3B5631000
|
heap
|
page read and write
|
||
|
237C31C0000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FDE30000
|
heap
|
page read and write
|
||
|
2BBB6DAE000
|
heap
|
page read and write
|
||
|
1ABBBD40000
|
trusted library allocation
|
page read and write
|
||
|
1ABBC4B9000
|
heap
|
page read and write
|
||
|
1E3B55E4000
|
heap
|
page read and write
|
||
|
1ABBBFA5000
|
heap
|
page read and write
|
||
|
1800C5000
|
unkown
|
page read and write
|
||
|
1E3B57B0000
|
direct allocation
|
page execute and read and write
|
||
|
1E3B5780000
|
direct allocation
|
page execute and read and write
|
||
|
1F5FDB13000
|
heap
|
page read and write
|
||
|
1ABBC4C9000
|
heap
|
page read and write
|
||
|
1E3B563F000
|
heap
|
page read and write
|
||
|
800E77E000
|
stack
|
page read and write
|
||
|
2100B790000
|
heap
|
page read and write
|
||
|
237C3150000
|
direct allocation
|
page execute and read and write
|
||
|
25C16670000
|
heap
|
page read and write
|
||
|
1F5FFBD4000
|
heap
|
page read and write
|
There are 904 hidden memdumps, click here to show them.