Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_24bf59364de6565a45e4ab6fe456be896c17dc_7522e4b5_8ef5bd3c-aae5-45e5-bf1a-45bdf04568b8\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_9ab2ce3f1d997de96046bf2aa5a36539f1287a8_7522e4b5_2481e323-089d-4bae-9e5f-85b53fae8eda\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_9ab2ce3f1d997de96046bf2aa5a36539f1287a8_7522e4b5_d590bb09-5721-4ba3-84fd-969f2c03a92f\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9190.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat Apr 27 01:41:51 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER927C.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER929C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB7B6.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat Apr 27 01:42:03 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB7D5.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat Apr 27 01:42:01 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBEDB.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBFF5.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC023.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC053.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\0304PT[1].zip
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 27 00:42:01 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 27 00:42:01 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 27 00:42:01 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 27 00:42:01 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 27 00:42:01 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\vstatic\user
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 81
|
ASCII text, with very long lines (2489)
|
downloaded
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll,A
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll,ABACULEJOTOTALISTRAZIUNTESNAGANNINIANAX
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll,B
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",A
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",ABACULEJOTOTALISTRAZIUNTESNAGANNINIANAX
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",B
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",dbkFCallWrapperAddr
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",__dbk_fcall_wrapper
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",TMethodImplementationIntercept
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",F
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",E
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",C
|
|
|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.20761.26247.dll",#1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5820 -s 660
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2024,i,3889308217611677009,3770011121341668024,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7960 -s 656
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7992 -s 656
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.google.com/async/ddljson?async=ntp:2
|
142.251.40.132
|
||
|
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgSaEMC5GOavsbEGIjBTCKCoHyt3jflTOOLaaKQwQN9wAC8RIkN6Nn-23CM5-IVn5mtMgBWXe03Vj-OuQmkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.40.132
|
||
|
https://cld.pt/dl/download/5a0d8a94-236d-4a83-b1ba-16bf33ac459c/0304PT.zip?user-English
|
unknown
|
||
|
https://cld.pt/
|
unknown
|
||
|
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.40.132
|
||
|
https://www.thawte.com/cps0/
|
unknown
|
||
|
https://cld.pt/dl/download/5a0d8a94-236d-4a83-b1ba-16bf33ac459c/0304PT.zip?user-English%20(United%
|
unknown
|
||
|
https://www.thawte.com/repository0W
|
unknown
|
||
|
https://www.advancedinstaller.com
|
unknown
|
||
|
https://www.google.com/async/newtab_promos
|
142.251.40.132
|
||
|
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
142.251.40.132
|
||
|
https://cld.pt/dl/download/5a0d8a94-236d-4a83-b1ba-16bf33ac459c/0304PT.zip?user-English%20(United%20Kingdom)
|
213.13.26.152
|
||
|
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgSaEMC5GOavsbEGIjCCtofTY96DFmPURZG2hHBVCljAZFN1IzRo7g1v5yxm0sI50HmOz_XOCcbcyzJm_I4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.40.132
|
||
|
https://cld.pt/dl/download/5a0d8a94-236d-4a83-b1ba-16bf33ac459c/0304PT.zip
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cld.pt
|
213.13.26.152
|
||
|
www.google.com
|
142.251.40.132
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.251.40.132
|
www.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
213.13.26.152
|
cld.pt
|
Portugal
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProgramId
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
FileId
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LongPathHash
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Name
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
OriginalFileName
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Publisher
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Version
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinFileVersion
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinaryType
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductName
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
ProductVersion
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
LinkDate
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
BinProductVersion
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Size
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Language
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
IsOsComponent
|
||
|
\REGISTRY\A\{56b5a104-3946-88c8-75f6-a4e64bd8d0b5}\Root\InventoryApplicationFile\rundll32.exe|ccf370e740f0e788
|
Usn
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5C0000
|
heap
|
page read and write
|
||
|
6CBB9000
|
unkown
|
page write copy
|
||
|
42D8000
|
direct allocation
|
page read and write
|
||
|
325B000
|
stack
|
page read and write
|
||
|
2713000
|
direct allocation
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
413F000
|
direct allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
4CD0000
|
direct allocation
|
page read and write
|
||
|
6CBAF000
|
unkown
|
page write copy
|
||
|
6CBC8000
|
unkown
|
page readonly
|
||
|
291B000
|
stack
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
4D63000
|
direct allocation
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
2B6A000
|
direct allocation
|
page read and write
|
||
|
4D5C000
|
direct allocation
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
40EB000
|
direct allocation
|
page read and write
|
||
|
6CBB0000
|
unkown
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
2B63000
|
direct allocation
|
page read and write
|
||
|
4114000
|
direct allocation
|
page read and write
|
||
|
47A0000
|
heap
|
page read and write
|
||
|
74B000
|
stack
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
47F6000
|
direct allocation
|
page read and write
|
||
|
3305000
|
heap
|
page read and write
|
||
|
4A2D000
|
stack
|
page read and write
|
||
|
4294000
|
direct allocation
|
page read and write
|
||
|
3220000
|
direct allocation
|
page execute and read and write
|
||
|
4AA0000
|
direct allocation
|
page read and write
|
||
|
4FC4000
|
direct allocation
|
page read and write
|
||
|
42FC000
|
direct allocation
|
page read and write
|
||
|
4FA4000
|
direct allocation
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
452A000
|
direct allocation
|
page read and write
|
||
|
2721000
|
direct allocation
|
page read and write
|
||
|
4F9D000
|
direct allocation
|
page read and write
|
||
|
47E0000
|
direct allocation
|
page read and write
|
||
|
4262000
|
direct allocation
|
page read and write
|
||
|
4BD9000
|
direct allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
6CBB9000
|
unkown
|
page write copy
|
||
|
4BA4000
|
direct allocation
|
page read and write
|
||
|
5028000
|
direct allocation
|
page read and write
|
||
|
2704000
|
direct allocation
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
4146000
|
direct allocation
|
page read and write
|
||
|
79F000
|
stack
|
page read and write
|
||
|
428D000
|
direct allocation
|
page read and write
|
||
|
6C621000
|
unkown
|
page execute read
|
||
|
410B000
|
direct allocation
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
50B000
|
stack
|
page read and write
|
||
|
4D71000
|
direct allocation
|
page read and write
|
||
|
4694000
|
direct allocation
|
page read and write
|
||
|
4B9D000
|
direct allocation
|
page read and write
|
||
|
44B4000
|
direct allocation
|
page read and write
|
||
|
4154000
|
direct allocation
|
page read and write
|
||
|
4150000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
4BE8000
|
direct allocation
|
page read and write
|
||
|
4AEB000
|
direct allocation
|
page read and write
|
||
|
26FD000
|
direct allocation
|
page read and write
|
||
|
40CD000
|
direct allocation
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
4BC0000
|
remote allocation
|
page read and write
|
||
|
4478000
|
direct allocation
|
page read and write
|
||
|
4ADB000
|
direct allocation
|
page read and write
|
||
|
4138000
|
direct allocation
|
page read and write
|
||
|
653000
|
heap
|
page read and write
|
||
|
46DF000
|
direct allocation
|
page read and write
|
||
|
4148000
|
direct allocation
|
page read and write
|
||
|
46C2000
|
direct allocation
|
page read and write
|
||
|
4AF2000
|
direct allocation
|
page read and write
|
||
|
6C621000
|
unkown
|
page execute read
|
||
|
975000
|
heap
|
page read and write
|
||
|
6CBCA000
|
unkown
|
page readonly
|
||
|
2B0B000
|
direct allocation
|
page read and write
|
||
|
4FE0000
|
direct allocation
|
page read and write
|
||
|
6CBBB000
|
unkown
|
page read and write
|
||
|
4CB8000
|
direct allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
4A00000
|
heap
|
page read and write
|
||
|
295A000
|
stack
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
70B000
|
stack
|
page read and write
|
||
|
2B71000
|
direct allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
5EA000
|
heap
|
page read and write
|
||
|
303B000
|
stack
|
page read and write
|
||
|
2B3F000
|
direct allocation
|
page read and write
|
||
|
4D30000
|
direct allocation
|
page read and write
|
||
|
2C75000
|
heap
|
page read and write
|
||
|
42C9000
|
direct allocation
|
page read and write
|
||
|
2B04000
|
direct allocation
|
page read and write
|
||
|
7D6000
|
direct allocation
|
page read and write
|
||
|
4ABD000
|
direct allocation
|
page read and write
|
||
|
44D2000
|
direct allocation
|
page read and write
|
||
|
4804000
|
direct allocation
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
44CB000
|
direct allocation
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
42A4000
|
direct allocation
|
page read and write
|
||
|
4670000
|
direct allocation
|
page read and write
|
||
|
5190000
|
heap
|
page read and write
|
||
|
46BB000
|
direct allocation
|
page read and write
|
||
|
46B4000
|
direct allocation
|
page read and write
|
||
|
6CBAF000
|
unkown
|
page write copy
|
||
|
4B33000
|
direct allocation
|
page read and write
|
||
|
6CBC8000
|
unkown
|
page readonly
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
6CBB3000
|
unkown
|
page write copy
|
||
|
44F0000
|
direct allocation
|
page read and write
|
||
|
49D0000
|
direct allocation
|
page execute and read and write
|
||
|
40E2000
|
direct allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
43EF000
|
stack
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
2B2F000
|
stack
|
page read and write
|
||
|
6C63E000
|
unkown
|
page execute read
|
||
|
46FC000
|
direct allocation
|
page read and write
|
||
|
7E4000
|
direct allocation
|
page read and write
|
||
|
4100000
|
direct allocation
|
page read and write
|
||
|
65B000
|
heap
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
29D5000
|
heap
|
page read and write
|
||
|
4163000
|
direct allocation
|
page read and write
|
||
|
6C63E000
|
unkown
|
page execute read
|
||
|
654000
|
heap
|
page read and write
|
||
|
4AE4000
|
direct allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
47D2000
|
direct allocation
|
page read and write
|
||
|
41C0000
|
heap
|
page read and write
|
||
|
7DD000
|
direct allocation
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
411D000
|
direct allocation
|
page read and write
|
||
|
271A000
|
direct allocation
|
page read and write
|
||
|
2AED000
|
direct allocation
|
page read and write
|
||
|
44AD000
|
direct allocation
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
47BB000
|
direct allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
4133000
|
direct allocation
|
page read and write
|
||
|
808000
|
direct allocation
|
page read and write
|
||
|
44FF000
|
direct allocation
|
page read and write
|
||
|
79B000
|
direct allocation
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
40DB000
|
direct allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
416A000
|
direct allocation
|
page read and write
|
||
|
4D14000
|
direct allocation
|
page read and write
|
||
|
2C2D000
|
stack
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
46ED000
|
direct allocation
|
page read and write
|
||
|
4116000
|
direct allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
43C0000
|
direct allocation
|
page read and write
|
||
|
4B80000
|
direct allocation
|
page read and write
|
||
|
46A4000
|
direct allocation
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
289A000
|
heap
|
page read and write
|
||
|
5013000
|
direct allocation
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
4AD4000
|
direct allocation
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
4BC2000
|
direct allocation
|
page read and write
|
||
|
4DA000
|
stack
|
page read and write
|
||
|
42B2000
|
direct allocation
|
page read and write
|
||
|
46F4000
|
direct allocation
|
page read and write
|
||
|
4B0F000
|
direct allocation
|
page read and write
|
||
|
4303000
|
direct allocation
|
page read and write
|
||
|
26C4000
|
direct allocation
|
page read and write
|
||
|
2B5C000
|
direct allocation
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
4658000
|
direct allocation
|
page read and write
|
||
|
4BCB000
|
direct allocation
|
page read and write
|
||
|
2915000
|
heap
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
40D4000
|
direct allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
6CBC7000
|
unkown
|
page read and write
|
||
|
2C7B000
|
stack
|
page read and write
|
||
|
6C620000
|
unkown
|
page readonly
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
44F8000
|
direct allocation
|
page read and write
|
||
|
2B78000
|
direct allocation
|
page read and write
|
||
|
5021000
|
direct allocation
|
page read and write
|
||
|
4813000
|
direct allocation
|
page read and write
|
||
|
B4F000
|
heap
|
page read and write
|
||
|
65B000
|
heap
|
page read and write
|
||
|
46AB000
|
direct allocation
|
page read and write
|
||
|
6CBC0000
|
unkown
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
47EF000
|
direct allocation
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
6C621000
|
unkown
|
page execute read
|
||
|
40A7000
|
direct allocation
|
page read and write
|
||
|
6CBC5000
|
unkown
|
page write copy
|
||
|
2B22000
|
direct allocation
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
6CBAE000
|
unkown
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
40BD000
|
direct allocation
|
page read and write
|
||
|
49ED000
|
stack
|
page read and write
|
||
|
42F4000
|
direct allocation
|
page read and write
|
||
|
12B000
|
stack
|
page read and write
|
||
|
414D000
|
direct allocation
|
page read and write
|
||
|
33C1000
|
heap
|
page read and write
|
||
|
7AB000
|
direct allocation
|
page read and write
|
||
|
4CF4000
|
direct allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7B2000
|
direct allocation
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
2AF4000
|
direct allocation
|
page read and write
|
||
|
720000
|
direct allocation
|
page execute and read and write
|
||
|
6CBB6000
|
unkown
|
page read and write
|
||
|
6CBC7000
|
unkown
|
page read and write
|
||
|
481A000
|
direct allocation
|
page read and write
|
||
|
801000
|
direct allocation
|
page read and write
|
||
|
6CBAE000
|
unkown
|
page read and write
|
||
|
6CBCA000
|
unkown
|
page readonly
|
||
|
41D0000
|
heap
|
page read and write
|
||
|
6CBB3000
|
unkown
|
page write copy
|
||
|
6CBC8000
|
unkown
|
page readonly
|
||
|
4067000
|
direct allocation
|
page read and write
|
||
|
4BF6000
|
direct allocation
|
page read and write
|
||
|
2B4D000
|
direct allocation
|
page read and write
|
||
|
6CBB0000
|
unkown
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
2DDB000
|
stack
|
page read and write
|
||
|
411B000
|
direct allocation
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
26CB000
|
direct allocation
|
page read and write
|
||
|
6CBC0000
|
unkown
|
page read and write
|
||
|
4FBB000
|
direct allocation
|
page read and write
|
||
|
307F000
|
stack
|
page read and write
|
||
|
40C4000
|
direct allocation
|
page read and write
|
||
|
2EE5000
|
heap
|
page read and write
|
||
|
7B9000
|
direct allocation
|
page read and write
|
||
|
44BD000
|
direct allocation
|
page read and write
|
||
|
46D0000
|
direct allocation
|
page read and write
|
||
|
6CBB6000
|
unkown
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
6CBC7000
|
unkown
|
page read and write
|
||
|
40F9000
|
direct allocation
|
page read and write
|
||
|
412C000
|
direct allocation
|
page read and write
|
||
|
4171000
|
direct allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
7EC000
|
direct allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
4703000
|
direct allocation
|
page read and write
|
||
|
2E3B000
|
stack
|
page read and write
|
||
|
9BD000
|
stack
|
page read and write
|
||
|
4404000
|
direct allocation
|
page read and write
|
||
|
4FEF000
|
direct allocation
|
page read and write
|
||
|
5AF000
|
stack
|
page read and write
|
||
|
26EF000
|
direct allocation
|
page read and write
|
||
|
6CBC5000
|
unkown
|
page write copy
|
||
|
17A000
|
stack
|
page read and write
|
||
|
6CBC8000
|
unkown
|
page readonly
|
||
|
4104000
|
direct allocation
|
page read and write
|
||
|
4D29000
|
direct allocation
|
page read and write
|
||
|
4711000
|
direct allocation
|
page read and write
|
||
|
4B41000
|
direct allocation
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
4B2C000
|
direct allocation
|
page read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
4180000
|
direct allocation
|
page execute and read and write
|
||
|
4D46000
|
direct allocation
|
page read and write
|
||
|
6CBBB000
|
unkown
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
4FB4000
|
direct allocation
|
page read and write
|
||
|
4530000
|
trusted library allocation
|
page read and write
|
||
|
2B29000
|
direct allocation
|
page read and write
|
||
|
26BB000
|
direct allocation
|
page read and write
|
||
|
42ED000
|
direct allocation
|
page read and write
|
||
|
6CBAE000
|
unkown
|
page read and write
|
||
|
6C63E000
|
unkown
|
page execute read
|
||
|
4092000
|
direct allocation
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
46D8000
|
direct allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
501A000
|
direct allocation
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
6CBAE000
|
unkown
|
page read and write
|
||
|
4A88000
|
direct allocation
|
page read and write
|
||
|
415F000
|
stack
|
page read and write
|
||
|
29F5000
|
heap
|
page read and write
|
||
|
2E7A000
|
stack
|
page read and write
|
||
|
2AFD000
|
direct allocation
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
54A000
|
stack
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
6CBB9000
|
unkown
|
page write copy
|
||
|
43A8000
|
direct allocation
|
page read and write
|
||
|
26D2000
|
direct allocation
|
page read and write
|
||
|
5B0000
|
direct allocation
|
page execute and read and write
|
||
|
305A000
|
heap
|
page read and write
|
||
|
6CBB9000
|
unkown
|
page write copy
|
||
|
4B68000
|
direct allocation
|
page read and write
|
||
|
6CBB0000
|
unkown
|
page read and write
|
||
|
6C620000
|
unkown
|
page readonly
|
||
|
4780000
|
direct allocation
|
page read and write
|
||
|
3EB000
|
stack
|
page read and write
|
||
|
2B46000
|
direct allocation
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
4130000
|
direct allocation
|
page read and write
|
||
|
2B30000
|
direct allocation
|
page read and write
|
||
|
6CBCA000
|
unkown
|
page readonly
|
||
|
6CBAF000
|
unkown
|
page write copy
|
||
|
2B38000
|
direct allocation
|
page read and write
|
||
|
2CBB000
|
stack
|
page read and write
|
||
|
4BB4000
|
direct allocation
|
page read and write
|
||
|
4D3F000
|
direct allocation
|
page read and write
|
||
|
4520000
|
heap
|
page read and write
|
||
|
6CBC0000
|
unkown
|
page read and write
|
||
|
6CBB9000
|
unkown
|
page write copy
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
30DA000
|
heap
|
page read and write
|
||
|
4BEF000
|
direct allocation
|
page read and write
|
||
|
7FA000
|
direct allocation
|
page read and write
|
||
|
4482000
|
direct allocation
|
page read and write
|
||
|
6CBBB000
|
unkown
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
4821000
|
direct allocation
|
page read and write
|
||
|
671000
|
heap
|
page read and write
|
||
|
4500000
|
heap
|
page read and write
|
||
|
26A4000
|
direct allocation
|
page read and write
|
||
|
6CBC5000
|
unkown
|
page write copy
|
||
|
2EDF000
|
stack
|
page read and write
|
||
|
4099000
|
direct allocation
|
page read and write
|
||
|
413A000
|
direct allocation
|
page read and write
|
||
|
748000
|
direct allocation
|
page read and write
|
||
|
6CBB3000
|
unkown
|
page write copy
|
||
|
4178000
|
direct allocation
|
page read and write
|
||
|
49B000
|
stack
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
470A000
|
direct allocation
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
6C63E000
|
unkown
|
page execute read
|
||
|
4122000
|
direct allocation
|
page read and write
|
||
|
4B48000
|
direct allocation
|
page read and write
|
||
|
6C620000
|
unkown
|
page readonly
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
7C0000
|
direct allocation
|
page read and write
|
||
|
332F000
|
stack
|
page read and write
|
||
|
4D0B000
|
direct allocation
|
page read and write
|
||
|
44E0000
|
heap
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
43DD000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
4BBB000
|
direct allocation
|
page read and write
|
||
|
42E6000
|
direct allocation
|
page read and write
|
||
|
6CBB3000
|
unkown
|
page write copy
|
||
|
4BFD000
|
direct allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
4531000
|
direct allocation
|
page read and write
|
||
|
42D0000
|
direct allocation
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
6CBB6000
|
unkown
|
page read and write
|
||
|
13B000
|
stack
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
2668000
|
direct allocation
|
page read and write
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
4D6A000
|
direct allocation
|
page read and write
|
||
|
26E8000
|
direct allocation
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
26B4000
|
direct allocation
|
page read and write
|
||
|
47CB000
|
direct allocation
|
page read and write
|
||
|
4B3A000
|
direct allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
4D22000
|
direct allocation
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
7F3000
|
direct allocation
|
page read and write
|
||
|
34E0000
|
direct allocation
|
page execute and read and write
|
||
|
450D000
|
direct allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
2AD0000
|
direct allocation
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
4750000
|
heap
|
page read and write
|
||
|
29E0000
|
direct allocation
|
page execute and read and write
|
||
|
4BFE000
|
stack
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
2B12000
|
direct allocation
|
page read and write
|
||
|
46C9000
|
direct allocation
|
page read and write
|
||
|
4FCB000
|
direct allocation
|
page read and write
|
||
|
4D78000
|
direct allocation
|
page read and write
|
||
|
6CBC5000
|
unkown
|
page write copy
|
||
|
5D7000
|
heap
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
44DB000
|
direct allocation
|
page read and write
|
||
|
4AC4000
|
direct allocation
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
760000
|
direct allocation
|
page read and write
|
||
|
4768000
|
direct allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
6CBBB000
|
unkown
|
page read and write
|
||
|
47E8000
|
direct allocation
|
page read and write
|
||
|
84E000
|
stack
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
4590000
|
heap
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
2AB8000
|
direct allocation
|
page read and write
|
||
|
468D000
|
direct allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
4BC0000
|
remote allocation
|
page read and write
|
||
|
6CBC7000
|
unkown
|
page read and write
|
||
|
6CBCA000
|
unkown
|
page readonly
|
||
|
7CF000
|
direct allocation
|
page read and write
|
||
|
28BA000
|
heap
|
page read and write
|
||
|
32B000
|
stack
|
page read and write
|
||
|
B57000
|
heap
|
page read and write
|
||
|
2EF6000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
5004000
|
direct allocation
|
page read and write
|
||
|
4D04000
|
direct allocation
|
page read and write
|
||
|
40ED000
|
direct allocation
|
page read and write
|
||
|
658000
|
heap
|
page read and write
|
||
|
28B1000
|
heap
|
page read and write
|
||
|
2EDA000
|
heap
|
page read and write
|
||
|
4D54000
|
direct allocation
|
page read and write
|
||
|
4C13000
|
direct allocation
|
page read and write
|
||
|
451C000
|
direct allocation
|
page read and write
|
||
|
6C621000
|
unkown
|
page execute read
|
||
|
28FC000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
B20000
|
direct allocation
|
page execute and read and write
|
||
|
4B1D000
|
direct allocation
|
page read and write
|
||
|
4FB000
|
stack
|
page read and write
|
||
|
46E6000
|
direct allocation
|
page read and write
|
||
|
4FE8000
|
direct allocation
|
page read and write
|
||
|
4523000
|
direct allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
415C000
|
direct allocation
|
page read and write
|
||
|
6CBB0000
|
unkown
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
6CBCA000
|
unkown
|
page readonly
|
||
|
6CBAF000
|
unkown
|
page write copy
|
||
|
4B90000
|
heap
|
page read and write
|
||
|
480C000
|
direct allocation
|
page read and write
|
||
|
2680000
|
direct allocation
|
page read and write
|
||
|
6CBBB000
|
unkown
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
2EB000
|
stack
|
page read and write
|
||
|
4C3F000
|
stack
|
page read and write
|
||
|
437000
|
stack
|
page read and write
|
||
|
4C28000
|
direct allocation
|
page read and write
|
||
|
40F4000
|
direct allocation
|
page read and write
|
||
|
2B54000
|
direct allocation
|
page read and write
|
||
|
430A000
|
direct allocation
|
page read and write
|
||
|
329A000
|
stack
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
4141000
|
direct allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
4E1F000
|
stack
|
page read and write
|
||
|
57F000
|
stack
|
page read and write
|
||
|
4B24000
|
direct allocation
|
page read and write
|
||
|
4828000
|
direct allocation
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
410F000
|
direct allocation
|
page read and write
|
||
|
4BD2000
|
direct allocation
|
page read and write
|
||
|
40A0000
|
direct allocation
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
45A4000
|
heap
|
page read and write
|
||
|
44E2000
|
direct allocation
|
page read and write
|
||
|
6CBB0000
|
unkown
|
page read and write
|
||
|
4FD2000
|
direct allocation
|
page read and write
|
||
|
820000
|
direct allocation
|
page execute and read and write
|
||
|
4FD9000
|
direct allocation
|
page read and write
|
||
|
49AF000
|
stack
|
page read and write
|
||
|
269D000
|
direct allocation
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
4088000
|
direct allocation
|
page read and write
|
||
|
40F2000
|
direct allocation
|
page read and write
|
||
|
2B1B000
|
direct allocation
|
page read and write
|
||
|
4311000
|
direct allocation
|
page read and write
|
||
|
40B8000
|
direct allocation
|
page read and write
|
||
|
429D000
|
direct allocation
|
page read and write
|
||
|
26D9000
|
direct allocation
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
44C4000
|
direct allocation
|
page read and write
|
||
|
42BB000
|
direct allocation
|
page read and write
|
||
|
2728000
|
direct allocation
|
page read and write
|
||
|
4B16000
|
direct allocation
|
page read and write
|
||
|
4108000
|
direct allocation
|
page read and write
|
||
|
6C63E000
|
unkown
|
page execute read
|
||
|
4CED000
|
direct allocation
|
page read and write
|
||
|
4129000
|
direct allocation
|
page read and write
|
||
|
6CBC5000
|
unkown
|
page write copy
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
6C620000
|
unkown
|
page readonly
|
||
|
43E4000
|
direct allocation
|
page read and write
|
||
|
77F000
|
stack
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
297F000
|
stack
|
page read and write
|
||
|
5FB000
|
stack
|
page read and write
|
||
|
4B00000
|
direct allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
6CBB6000
|
unkown
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
47C4000
|
direct allocation
|
page read and write
|
||
|
4C0C000
|
direct allocation
|
page read and write
|
||
|
43FB000
|
direct allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
4AF9000
|
direct allocation
|
page read and write
|
||
|
4D38000
|
direct allocation
|
page read and write
|
||
|
6CBC0000
|
unkown
|
page read and write
|
||
|
4470000
|
heap
|
page read and write
|
||
|
4490000
|
direct allocation
|
page read and write
|
||
|
4C1A000
|
direct allocation
|
page read and write
|
||
|
6CBAE000
|
unkown
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page read and write
|
||
|
4258000
|
direct allocation
|
page read and write
|
||
|
7C8000
|
direct allocation
|
page read and write
|
||
|
6CBC8000
|
unkown
|
page readonly
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
46E000
|
stack
|
page read and write
|
||
|
4124000
|
direct allocation
|
page read and write
|
||
|
42DF000
|
direct allocation
|
page read and write
|
||
|
653000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
2A1A000
|
heap
|
page read and write
|
||
|
75F000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
4506000
|
direct allocation
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
42AB000
|
direct allocation
|
page read and write
|
||
|
292B000
|
heap
|
page read and write
|
||
|
4514000
|
direct allocation
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
43F4000
|
direct allocation
|
page read and write
|
||
|
6CBC0000
|
unkown
|
page read and write
|
||
|
794000
|
direct allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
26E0000
|
direct allocation
|
page read and write
|
||
|
4C04000
|
direct allocation
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page execute and read and write
|
||
|
294A000
|
heap
|
page read and write
|
||
|
2F90000
|
direct allocation
|
page execute and read and write
|
||
|
6CBB3000
|
unkown
|
page write copy
|
||
|
6CBC7000
|
unkown
|
page read and write
|
||
|
47FD000
|
direct allocation
|
page read and write
|
||
|
41B0000
|
heap
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
6CBAF000
|
unkown
|
page write copy
|
||
|
4C21000
|
direct allocation
|
page read and write
|
||
|
4318000
|
direct allocation
|
page read and write
|
||
|
4F68000
|
direct allocation
|
page read and write
|
||
|
77D000
|
direct allocation
|
page read and write
|
||
|
6CBB6000
|
unkown
|
page read and write
|
||
|
4BE0000
|
direct allocation
|
page read and write
|
||
|
4D1B000
|
direct allocation
|
page read and write
|
||
|
47A4000
|
direct allocation
|
page read and write
|
||
|
47B4000
|
direct allocation
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
4D4D000
|
direct allocation
|
page read and write
|
||
|
500C000
|
direct allocation
|
page read and write
|
||
|
4BC0000
|
remote allocation
|
page read and write
|
||
|
16B000
|
stack
|
page read and write
|
||
|
40D0000
|
direct allocation
|
page read and write
|
||
|
4870000
|
heap
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
4718000
|
direct allocation
|
page read and write
|
||
|
4B72000
|
direct allocation
|
page read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
4B08000
|
direct allocation
|
page read and write
|
||
|
4FFD000
|
direct allocation
|
page read and write
|
||
|
47D9000
|
direct allocation
|
page read and write
|
||
|
3AB000
|
stack
|
page read and write
|
||
|
840000
|
direct allocation
|
page execute and read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
49AC000
|
stack
|
page read and write
|
||
|
42C2000
|
direct allocation
|
page read and write
|
||
|
2F6F000
|
stack
|
page read and write
|
||
|
43AE000
|
stack
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
4A7E000
|
stack
|
page read and write
|
||
|
4F80000
|
direct allocation
|
page read and write
|
||
|
33AA000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
270C000
|
direct allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
4BAD000
|
direct allocation
|
page read and write
|
||
|
479D000
|
direct allocation
|
page read and write
|
||
|
4ABF000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
47A000
|
stack
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
4071000
|
direct allocation
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
7A4000
|
direct allocation
|
page read and write
|
||
|
2AC2000
|
direct allocation
|
page read and write
|
||
|
2E30000
|
direct allocation
|
page execute and read and write
|
||
|
4FF6000
|
direct allocation
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
2B30000
|
direct allocation
|
page execute and read and write
|
||
|
6C620000
|
unkown
|
page readonly
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
4538000
|
direct allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
44E9000
|
direct allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
671000
|
heap
|
page read and write
|
||
|
26F6000
|
direct allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
4270000
|
direct allocation
|
page read and write
|
||
|
45A0000
|
heap
|
page read and write
|
||
|
6C621000
|
unkown
|
page execute read
|
||
|
2E5A000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
There are 628 hidden memdumps, click here to show them.