Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
3TpW2Sn68z.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\directory\RegAsymX.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RegAsymX.vbs
|
data
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_54b38e612730b8c5952b2618de6f5b28d71e92_bac6fce3_69ee89ae-f8ea-433c-9a8e-e8d9b5708f58\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC84C.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Sep 5 12:17:06 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCEB6.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCEE6.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Lymnaeidae
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autA43A.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autA489.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autA870.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autA8DF.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autAD71.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autADD0.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autDA6D.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autDABC.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ophiolatrous
|
data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\3TpW2Sn68z.exe
|
"C:\Users\user\Desktop\3TpW2Sn68z.exe"
|
|
|
|
C:\Users\user\AppData\Local\directory\RegAsymX.exe
|
"C:\Users\user\Desktop\3TpW2Sn68z.exe"
|
|
|
|
C:\Users\user\AppData\Local\directory\RegAsymX.exe
|
"C:\Users\user\AppData\Local\directory\RegAsymX.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RegAsymX.vbs"
|
|
|
|
C:\Users\user\AppData\Local\directory\RegAsymX.exe
|
"C:\Users\user\AppData\Local\directory\RegAsymX.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7660 -s 568
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
84.38.132.103
|
|
||
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
84.38.132.103
|
unknown
|
Latvia
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-FR1M2R
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-FR1M2R
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-FR1M2R
|
time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-FR1M2R
|
WD
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-FR1M2R
|
WD
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
ProgramId
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
FileId
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
LongPathHash
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
Name
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
OriginalFileName
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
Publisher
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
Version
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
BinFileVersion
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
BinaryType
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
ProductName
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
ProductVersion
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
LinkDate
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
BinProductVersion
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
Size
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
Language
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
IsOsComponent
|
||
|
\REGISTRY\A\{a73be6fa-fb11-87a2-e07c-27d8aa3c4c16}\Root\InventoryApplicationFile\svchost.exe|1260c7b0519b1406
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 17 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4130000
|
direct allocation
|
page read and write
|
|
|
|
3CEF000
|
stack
|
page read and write
|
|
|
|
1040000
|
direct allocation
|
page read and write
|
|
|
|
1938000
|
heap
|
page read and write
|
|
|
|
1B5D000
|
heap
|
page read and write
|
|
|
|
1118000
|
heap
|
page read and write
|
|
|
|
1148000
|
heap
|
page read and write
|
|
|
|
14DA000
|
heap
|
page read and write
|
|
|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
DD0000
|
direct allocation
|
page read and write
|
|
|
|
2CC8E000
|
stack
|
page read and write
|
||
|
7FD7E000
|
stack
|
page read and write
|
||
|
4667F000
|
stack
|
page read and write
|
||
|
2774F000
|
stack
|
page read and write
|
||
|
6D0FE000
|
stack
|
page read and write
|
||
|
338FE000
|
stack
|
page read and write
|
||
|
6F94E000
|
stack
|
page read and write
|
||
|
5B23E000
|
stack
|
page read and write
|
||
|
F98BE000
|
stack
|
page read and write
|
||
|
E02FE000
|
stack
|
page read and write
|
||
|
1A1CF000
|
stack
|
page read and write
|
||
|
D943F000
|
stack
|
page read and write
|
||
|
3ECE000
|
stack
|
page read and write
|
||
|
C007F000
|
stack
|
page read and write
|
||
|
D98BE000
|
stack
|
page read and write
|
||
|
7FDBE000
|
stack
|
page read and write
|
||
|
B903E000
|
stack
|
page read and write
|
||
|
BB1FF000
|
stack
|
page read and write
|
||
|
8BBEF000
|
stack
|
page read and write
|
||
|
EA63F000
|
stack
|
page read and write
|
||
|
8EC3F000
|
stack
|
page read and write
|
||
|
34DFF000
|
stack
|
page read and write
|
||
|
57ABF000
|
stack
|
page read and write
|
||
|
69DFE000
|
stack
|
page read and write
|
||
|
41A3E000
|
stack
|
page read and write
|
||
|
2954E000
|
stack
|
page read and write
|
||
|
D107F000
|
stack
|
page read and write
|
||
|
A407E000
|
stack
|
page read and write
|
||
|
4120000
|
heap
|
page read and write
|
||
|
E57FE000
|
stack
|
page read and write
|
||
|
2114F000
|
stack
|
page read and write
|
||
|
E46FE000
|
stack
|
page read and write
|
||
|
53F7E000
|
stack
|
page read and write
|
||
|
FBABE000
|
stack
|
page read and write
|
||
|
CC43E000
|
stack
|
page read and write
|
||
|
C4CFF000
|
stack
|
page read and write
|
||
|
E757F000
|
stack
|
page read and write
|
||
|
B18FF000
|
stack
|
page read and write
|
||
|
3F84000
|
unclassified section
|
page execute and read and write
|
||
|
6D13E000
|
stack
|
page read and write
|
||
|
9303F000
|
stack
|
page read and write
|
||
|
F76BE000
|
stack
|
page read and write
|
||
|
89FEF000
|
stack
|
page read and write
|
||
|
8DDAE000
|
stack
|
page read and write
|
||
|
1730F000
|
stack
|
page read and write
|
||
|
3CDBE000
|
stack
|
page read and write
|
||
|
4FFBE000
|
stack
|
page read and write
|
||
|
17B8F000
|
stack
|
page read and write
|
||
|
F58FE000
|
stack
|
page read and write
|
||
|
2D0CE000
|
stack
|
page read and write
|
||
|
24CCF000
|
stack
|
page read and write
|
||
|
1F7CF000
|
stack
|
page read and write
|
||
|
1B50000
|
heap
|
page read and write
|
||
|
F943F000
|
stack
|
page read and write
|
||
|
813EF000
|
stack
|
page read and write
|
||
|
1A60F000
|
stack
|
page read and write
|
||
|
7D83F000
|
stack
|
page read and write
|
||
|
E02BF000
|
stack
|
page read and write
|
||
|
25DCF000
|
stack
|
page read and write
|
||
|
3A77E000
|
stack
|
page read and write
|
||
|
AB73F000
|
stack
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
5F83E000
|
stack
|
page read and write
|
||
|
76CDE000
|
stack
|
page read and write
|
||
|
64CFF000
|
stack
|
page read and write
|
||
|
4227F000
|
stack
|
page read and write
|
||
|
B2E3F000
|
stack
|
page read and write
|
||
|
F437F000
|
stack
|
page read and write
|
||
|
FC4E000
|
stack
|
page read and write
|
||
|
43D000
|
stack
|
page read and write
|
||
|
27BCE000
|
stack
|
page read and write
|
||
|
23BCF000
|
stack
|
page read and write
|
||
|
7F83F000
|
stack
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
4EE7F000
|
stack
|
page read and write
|
||
|
1488F000
|
stack
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
1358000
|
heap
|
page read and write
|
||
|
83FEF000
|
stack
|
page read and write
|
||
|
AF73E000
|
stack
|
page read and write
|
||
|
3AFBF000
|
stack
|
page read and write
|
||
|
3F72000
|
unclassified section
|
page execute and read and write
|
||
|
E42BE000
|
stack
|
page read and write
|
||
|
98DBF000
|
stack
|
page read and write
|
||
|
EAEFE000
|
stack
|
page read and write
|
||
|
9C4FF000
|
stack
|
page read and write
|
||
|
31F7E000
|
stack
|
page read and write
|
||
|
63BFF000
|
stack
|
page read and write
|
||
|
6FC6E000
|
stack
|
page read and write
|
||
|
754CE000
|
stack
|
page read and write
|
||
|
E4B3E000
|
stack
|
page read and write
|
||
|
AD93F000
|
stack
|
page read and write
|
||
|
E6D3E000
|
stack
|
page read and write
|
||
|
F87BE000
|
stack
|
page read and write
|
||
|
FB1FF000
|
stack
|
page read and write
|
||
|
1AA4F000
|
stack
|
page read and write
|
||
|
DE4F000
|
stack
|
page read and write
|
||
|
3853F000
|
stack
|
page read and write
|
||
|
F4BFF000
|
stack
|
page read and write
|
||
|
9EB3F000
|
stack
|
page read and write
|
||
|
6777F000
|
stack
|
page read and write
|
||
|
736AE000
|
stack
|
page read and write
|
||
|
46AFE000
|
stack
|
page read and write
|
||
|
A5DFF000
|
stack
|
page read and write
|
||
|
4513F000
|
stack
|
page read and write
|
||
|
2BB8E000
|
stack
|
page read and write
|
||
|
883EF000
|
stack
|
page read and write
|
||
|
A26BF000
|
stack
|
page read and write
|
||
|
73A7E000
|
stack
|
page read and write
|
||
|
6BFFE000
|
stack
|
page read and write
|
||
|
6DA3E000
|
stack
|
page read and write
|
||
|
547BF000
|
stack
|
page read and write
|
||
|
2AECE000
|
stack
|
page read and write
|
||
|
B8BFE000
|
stack
|
page read and write
|
||
|
32C2000
|
system
|
page execute and read and write
|
||
|
1008E000
|
stack
|
page read and write
|
||
|
18CEB2F0000
|
heap
|
page read and write
|
||
|
8F4FE000
|
stack
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
143F000
|
heap
|
page read and write
|
||
|
9D63E000
|
stack
|
page read and write
|
||
|
1143000
|
heap
|
page read and write
|
||
|
CD8E000
|
stack
|
page read and write
|
||
|
2DD8E000
|
stack
|
page read and write
|
||
|
3857E000
|
stack
|
page read and write
|
||
|
8A2000
|
unkown
|
page readonly
|
||
|
8C42E000
|
stack
|
page read and write
|
||
|
507FF000
|
stack
|
page read and write
|
||
|
99EFE000
|
stack
|
page read and write
|
||
|
ED53E000
|
stack
|
page read and write
|
||
|
6C83F000
|
stack
|
page read and write
|
||
|
3C0BF000
|
stack
|
page read and write
|
||
|
EDDBE000
|
stack
|
page read and write
|
||
|
1388000
|
heap
|
page read and write
|
||
|
4A67E000
|
stack
|
page read and write
|
||
|
11A1000
|
heap
|
page read and write
|
||
|
10DF000
|
heap
|
page read and write
|
||
|
18A000
|
stack
|
page read and write
|
||
|
4F2BF000
|
stack
|
page read and write
|
||
|
3747E000
|
stack
|
page read and write
|
||
|
B14FE000
|
stack
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
1F3CE000
|
stack
|
page read and write
|
||
|
39EFE000
|
stack
|
page read and write
|
||
|
2558E000
|
stack
|
page read and write
|
||
|
478000
|
direct allocation
|
page execute and read and write
|
||
|
5A9BE000
|
stack
|
page read and write
|
||
|
7558E000
|
stack
|
page read and write
|
||
|
5FC3F000
|
stack
|
page read and write
|
||
|
927FE000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
316FE000
|
stack
|
page read and write
|
||
|
4046000
|
heap
|
page read and write
|
||
|
C90F000
|
stack
|
page read and write
|
||
|
74ACE000
|
stack
|
page read and write
|
||
|
437BF000
|
stack
|
page read and write
|
||
|
131E000
|
heap
|
page read and write
|
||
|
50C7E000
|
stack
|
page read and write
|
||
|
C44BE000
|
stack
|
page read and write
|
||
|
16ECF000
|
stack
|
page read and write
|
||
|
11EF000
|
stack
|
page read and write
|
||
|
C403F000
|
stack
|
page read and write
|
||
|
455BE000
|
stack
|
page read and write
|
||
|
5903E000
|
stack
|
page read and write
|
||
|
6E6FE000
|
stack
|
page read and write
|
||
|
D657F000
|
stack
|
page read and write
|
||
|
6FCAE000
|
stack
|
page read and write
|
||
|
FADBF000
|
stack
|
page read and write
|
||
|
7FF7E000
|
stack
|
page read and write
|
||
|
1AECE000
|
stack
|
page read and write
|
||
|
8CC6F000
|
stack
|
page read and write
|
||
|
91F7E000
|
stack
|
page read and write
|
||
|
5837E000
|
stack
|
page read and write
|
||
|
1E6CF000
|
stack
|
page read and write
|
||
|
2000000
|
heap
|
page read and write
|
||
|
349BF000
|
stack
|
page read and write
|
||
|
E867F000
|
stack
|
page read and write
|
||
|
5ACE000
|
stack
|
page read and write
|
||
|
391FF000
|
stack
|
page read and write
|
||
|
4BFFE000
|
stack
|
page read and write
|
||
|
A7FFF000
|
stack
|
page read and write
|
||
|
F7AFE000
|
stack
|
page read and write
|
||
|
5B1FF000
|
stack
|
page read and write
|
||
|
C2F7E000
|
stack
|
page read and write
|
||
|
6BFBF000
|
stack
|
page read and write
|
||
|
FCB7F000
|
stack
|
page read and write
|
||
|
BADFE000
|
stack
|
page read and write
|
||
|
833EF000
|
stack
|
page read and write
|
||
|
6517E000
|
stack
|
page read and write
|
||
|
76C5F000
|
stack
|
page read and write
|
||
|
9923E000
|
stack
|
page read and write
|
||
|
F25BF000
|
stack
|
page read and write
|
||
|
6F07E000
|
stack
|
page read and write
|
||
|
FDC7F000
|
stack
|
page read and write
|
||
|
D21BE000
|
stack
|
page read and write
|
||
|
BB83F000
|
stack
|
page read and write
|
||
|
D547F000
|
stack
|
page read and write
|
||
|
68CFE000
|
stack
|
page read and write
|
||
|
1BB8E000
|
stack
|
page read and write
|
||
|
1DA0F000
|
stack
|
page read and write
|
||
|
F97000
|
heap
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
A66BE000
|
stack
|
page read and write
|
||
|
7B03F000
|
stack
|
page read and write
|
||
|
433BE000
|
stack
|
page read and write
|
||
|
2998E000
|
stack
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
EF2FE000
|
stack
|
page read and write
|
||
|
B7EFF000
|
stack
|
page read and write
|
||
|
62B3E000
|
stack
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
AE1BF000
|
stack
|
page read and write
|
||
|
60D7E000
|
stack
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
46ABF000
|
stack
|
page read and write
|
||
|
E3A3E000
|
stack
|
page read and write
|
||
|
E17FF000
|
stack
|
page read and write
|
||
|
CDDBE000
|
stack
|
page read and write
|
||
|
E1C3F000
|
stack
|
page read and write
|
||
|
3DEBE000
|
stack
|
page read and write
|
||
|
E7E3E000
|
stack
|
page read and write
|
||
|
525BF000
|
stack
|
page read and write
|
||
|
CDD7F000
|
stack
|
page read and write
|
||
|
8B4000
|
unkown
|
page readonly
|
||
|
8F0BE000
|
stack
|
page read and write
|
||
|
991FF000
|
stack
|
page read and write
|
||
|
2A1CF000
|
stack
|
page read and write
|
||
|
18CEB3A0000
|
heap
|
page read and write
|
||
|
2224F000
|
stack
|
page read and write
|
||
|
8B0000
|
unkown
|
page write copy
|
||
|
DB67E000
|
stack
|
page read and write
|
||
|
619FF000
|
stack
|
page read and write
|
||
|
E68BF000
|
stack
|
page read and write
|
||
|
12CA000
|
heap
|
page read and write
|
||
|
5BEFE000
|
stack
|
page read and write
|
||
|
C48FE000
|
stack
|
page read and write
|
||
|
558BF000
|
stack
|
page read and write
|
||
|
5327F000
|
stack
|
page read and write
|
||
|
EB0F000
|
stack
|
page read and write
|
||
|
87C000
|
unkown
|
page readonly
|
||
|
FEDBE000
|
stack
|
page read and write
|
||
|
15FF000
|
stack
|
page read and write
|
||
|
D837E000
|
stack
|
page read and write
|
||
|
FE0FE000
|
stack
|
page read and write
|
||
|
389BE000
|
stack
|
page read and write
|
||
|
1510F000
|
stack
|
page read and write
|
||
|
7467E000
|
stack
|
page read and write
|
||
|
3303F000
|
stack
|
page read and write
|
||
|
54C3E000
|
stack
|
page read and write
|
||
|
6BB7F000
|
stack
|
page read and write
|
||
|
B3AFF000
|
stack
|
page read and write
|
||
|
F547F000
|
stack
|
page read and write
|
||
|
8B0000
|
unkown
|
page write copy
|
||
|
459BF000
|
stack
|
page read and write
|
||
|
11A0E000
|
stack
|
page read and write
|
||
|
219CF000
|
stack
|
page read and write
|
||
|
7C8F000
|
stack
|
page read and write
|
||
|
D03FE000
|
stack
|
page read and write
|
||
|
7D43F000
|
stack
|
page read and write
|
||
|
87BEF000
|
stack
|
page read and write
|
||
|
C557F000
|
stack
|
page read and write
|
||
|
FBEBF000
|
stack
|
page read and write
|
||
|
1404E000
|
stack
|
page read and write
|
||
|
38DBF000
|
stack
|
page read and write
|
||
|
7455F000
|
stack
|
page read and write
|
||
|
85BEF000
|
stack
|
page read and write
|
||
|
6403F000
|
stack
|
page read and write
|
||
|
42AFF000
|
stack
|
page read and write
|
||
|
699BE000
|
stack
|
page read and write
|
||
|
9B83F000
|
stack
|
page read and write
|
||
|
EBBBE000
|
stack
|
page read and write
|
||
|
ABFBF000
|
stack
|
page read and write
|
||
|
411BE000
|
stack
|
page read and write
|
||
|
62AFF000
|
stack
|
page read and write
|
||
|
1D18F000
|
stack
|
page read and write
|
||
|
847EF000
|
stack
|
page read and write
|
||
|
BC0FE000
|
stack
|
page read and write
|
||
|
6F80E000
|
stack
|
page read and write
|
||
|
75BAE000
|
stack
|
page read and write
|
||
|
5877F000
|
stack
|
page read and write
|
||
|
9A2FF000
|
stack
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
61A3E000
|
stack
|
page read and write
|
||
|
456F000
|
stack
|
page read and write
|
||
|
4887F000
|
stack
|
page read and write
|
||
|
D58BF000
|
stack
|
page read and write
|
||
|
3BC7F000
|
stack
|
page read and write
|
||
|
9E6FF000
|
stack
|
page read and write
|
||
|
309FF000
|
stack
|
page read and write
|
||
|
F327F000
|
stack
|
page read and write
|
||
|
92C3E000
|
stack
|
page read and write
|
||
|
EEA3F000
|
stack
|
page read and write
|
||
|
7903F000
|
stack
|
page read and write
|
||
|
EB4E000
|
stack
|
page read and write
|
||
|
53B3E000
|
stack
|
page read and write
|
||
|
1168000
|
heap
|
page read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
11D9000
|
heap
|
page read and write
|
||
|
8AFEF000
|
stack
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
AEE7F000
|
stack
|
page read and write
|
||
|
E293E000
|
stack
|
page read and write
|
||
|
FCBBE000
|
stack
|
page read and write
|
||
|
3EFBE000
|
stack
|
page read and write
|
||
|
568E000
|
stack
|
page read and write
|
||
|
7473E000
|
stack
|
page read and write
|
||
|
6627E000
|
stack
|
page read and write
|
||
|
622BE000
|
stack
|
page read and write
|
||
|
F8BBF000
|
stack
|
page read and write
|
||
|
1734E000
|
stack
|
page read and write
|
||
|
3D5FF000
|
stack
|
page read and write
|
||
|
2F1C000
|
stack
|
page read and write
|
||
|
B98BE000
|
stack
|
page read and write
|
||
|
A2CF000
|
stack
|
page read and write
|
||
|
BEFBE000
|
stack
|
page read and write
|
||
|
927BF000
|
stack
|
page read and write
|
||
|
FA9BE000
|
stack
|
page read and write
|
||
|
7FEFE000
|
stack
|
page read and write
|
||
|
ECB000
|
heap
|
page read and write
|
||
|
6407E000
|
stack
|
page read and write
|
||
|
C4CF000
|
stack
|
page read and write
|
||
|
A48BF000
|
stack
|
page read and write
|
||
|
4953F000
|
stack
|
page read and write
|
||
|
6733F000
|
stack
|
page read and write
|
||
|
1CC4F000
|
stack
|
page read and write
|
||
|
D0C3F000
|
stack
|
page read and write
|
||
|
565BE000
|
stack
|
page read and write
|
||
|
F07FF000
|
stack
|
page read and write
|
||
|
2BF8F000
|
stack
|
page read and write
|
||
|
1A434FE000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
8AC000
|
unkown
|
page write copy
|
||
|
B7ABF000
|
stack
|
page read and write
|
||
|
11CA000
|
heap
|
page read and write
|
||
|
6337F000
|
stack
|
page read and write
|
||
|
B47FE000
|
stack
|
page read and write
|
||
|
33D3E000
|
stack
|
page read and write
|
||
|
49ED000
|
stack
|
page read and write
|
||
|
18CEB163000
|
heap
|
page read and write
|
||
|
ED0BF000
|
stack
|
page read and write
|
||
|
6B77E000
|
stack
|
page read and write
|
||
|
193E000
|
heap
|
page read and write
|
||
|
CD53E000
|
stack
|
page read and write
|
||
|
3633F000
|
stack
|
page read and write
|
||
|
8DDEE000
|
stack
|
page read and write
|
||
|
4E1BF000
|
stack
|
page read and write
|
||
|
21A0E000
|
stack
|
page read and write
|
||
|
65E3E000
|
stack
|
page read and write
|
||
|
71FEF000
|
stack
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
E99FF000
|
stack
|
page read and write
|
||
|
E2CE000
|
stack
|
page read and write
|
||
|
52E3F000
|
stack
|
page read and write
|
||
|
30E3F000
|
stack
|
page read and write
|
||
|
53F3F000
|
stack
|
page read and write
|
||
|
E91FF000
|
stack
|
page read and write
|
||
|
448BF000
|
stack
|
page read and write
|
||
|
AA63F000
|
stack
|
page read and write
|
||
|
36FFF000
|
stack
|
page read and write
|
||
|
C22BE000
|
stack
|
page read and write
|
||
|
CEA7E000
|
stack
|
page read and write
|
||
|
13BCF000
|
stack
|
page read and write
|
||
|
7B0000
|
direct allocation
|
page read and write
|
||
|
73ABE000
|
stack
|
page read and write
|
||
|
6FBAE000
|
stack
|
page read and write
|
||
|
E28FF000
|
stack
|
page read and write
|
||
|
69DBF000
|
stack
|
page read and write
|
||
|
FA97F000
|
stack
|
page read and write
|
||
|
FFDDF000
|
stack
|
page read and write
|
||
|
5507E000
|
stack
|
page read and write
|
||
|
EC83F000
|
stack
|
page read and write
|
||
|
F9CFE000
|
stack
|
page read and write
|
||
|
D4BFF000
|
stack
|
page read and write
|
||
|
AEA7E000
|
stack
|
page read and write
|
||
|
10D0F000
|
stack
|
page read and write
|
||
|
901BE000
|
stack
|
page read and write
|
||
|
9AB7F000
|
stack
|
page read and write
|
||
|
F7CF000
|
stack
|
page read and write
|
||
|
66F3E000
|
stack
|
page read and write
|
||
|
C9DBF000
|
stack
|
page read and write
|
||
|
B947E000
|
stack
|
page read and write
|
||
|
EF6FF000
|
stack
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
B36BF000
|
stack
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
A847E000
|
stack
|
page read and write
|
||
|
A99BE000
|
stack
|
page read and write
|
||
|
BC4F000
|
stack
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
F7ABF000
|
stack
|
page read and write
|
||
|
536BF000
|
stack
|
page read and write
|
||
|
53AFF000
|
stack
|
page read and write
|
||
|
9E73E000
|
stack
|
page read and write
|
||
|
7B43F000
|
stack
|
page read and write
|
||
|
2D94E000
|
stack
|
page read and write
|
||
|
5A0FF000
|
stack
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
46F3E000
|
stack
|
page read and write
|
||
|
C59FE000
|
stack
|
page read and write
|
||
|
CB77E000
|
stack
|
page read and write
|
||
|
3D63E000
|
stack
|
page read and write
|
||
|
A1E3F000
|
stack
|
page read and write
|
||
|
3347F000
|
stack
|
page read and write
|
||
|
CAEFE000
|
stack
|
page read and write
|
||
|
EDD7F000
|
stack
|
page read and write
|
||
|
B3F7E000
|
stack
|
page read and write
|
||
|
5BA7F000
|
stack
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
35A4000
|
heap
|
page read and write
|
||
|
74B0E000
|
stack
|
page read and write
|
||
|
A2AFF000
|
stack
|
page read and write
|
||
|
E13BF000
|
stack
|
page read and write
|
||
|
A48FE000
|
stack
|
page read and write
|
||
|
FF1BF000
|
stack
|
page read and write
|
||
|
D503F000
|
stack
|
page read and write
|
||
|
EE5FF000
|
stack
|
page read and write
|
||
|
BA57E000
|
stack
|
page read and write
|
||
|
E46BF000
|
stack
|
page read and write
|
||
|
C337F000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
345BE000
|
stack
|
page read and write
|
||
|
5B67E000
|
stack
|
page read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
5E7FF000
|
stack
|
page read and write
|
||
|
DD43E000
|
stack
|
page read and write
|
||
|
9677F000
|
stack
|
page read and write
|
||
|
56DFF000
|
stack
|
page read and write
|
||
|
2A60F000
|
stack
|
page read and write
|
||
|
9DA3F000
|
stack
|
page read and write
|
||
|
F903E000
|
stack
|
page read and write
|
||
|
4AABE000
|
stack
|
page read and write
|
||
|
C15FE000
|
stack
|
page read and write
|
||
|
6FDAE000
|
stack
|
page read and write
|
||
|
1268F000
|
stack
|
page read and write
|
||
|
168E000
|
stack
|
page read and write
|
||
|
659FE000
|
stack
|
page read and write
|
||
|
8A2000
|
unkown
|
page readonly
|
||
|
6447F000
|
stack
|
page read and write
|
||
|
D1D3F000
|
stack
|
page read and write
|
||
|
1F4E000
|
stack
|
page read and write
|
||
|
EE1FE000
|
stack
|
page read and write
|
||
|
EF8E000
|
stack
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
F6DFF000
|
stack
|
page read and write
|
||
|
E87BE000
|
stack
|
page read and write
|
||
|
1114F000
|
stack
|
page read and write
|
||
|
AF8F000
|
stack
|
page read and write
|
||
|
7FFBE000
|
stack
|
page read and write
|
||
|
C6AFE000
|
stack
|
page read and write
|
||
|
478000
|
direct allocation
|
page execute and read and write
|
||
|
630000
|
unkown
|
page write copy
|
||
|
8D4EF000
|
stack
|
page read and write
|
||
|
648FE000
|
stack
|
page read and write
|
||
|
16A8F000
|
stack
|
page read and write
|
||
|
2888E000
|
stack
|
page read and write
|
||
|
7AC3F000
|
stack
|
page read and write
|
||
|
67BBF000
|
stack
|
page read and write
|
||
|
2048F000
|
stack
|
page read and write
|
||
|
10C7000
|
heap
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
86BEF000
|
stack
|
page read and write
|
||
|
A00BE000
|
stack
|
page read and write
|
||
|
9D1BF000
|
stack
|
page read and write
|
||
|
D9CBF000
|
stack
|
page read and write
|
||
|
1A64E000
|
stack
|
page read and write
|
||
|
9C0FE000
|
stack
|
page read and write
|
||
|
823EF000
|
stack
|
page read and write
|
||
|
1A48000
|
heap
|
page read and write
|
||
|
19CA000
|
heap
|
page read and write
|
||
|
666BE000
|
stack
|
page read and write
|
||
|
4EA3F000
|
stack
|
page read and write
|
||
|
FDCBE000
|
stack
|
page read and write
|
||
|
B0C7E000
|
stack
|
page read and write
|
||
|
367BE000
|
stack
|
page read and write
|
||
|
12EA000
|
heap
|
page read and write
|
||
|
9457F000
|
stack
|
page read and write
|
||
|
59CBF000
|
stack
|
page read and write
|
||
|
F217F000
|
stack
|
page read and write
|
||
|
644BE000
|
stack
|
page read and write
|
||
|
D29FF000
|
stack
|
page read and write
|
||
|
5ECF000
|
stack
|
page read and write
|
||
|
608FF000
|
stack
|
page read and write
|
||
|
CBFFE000
|
stack
|
page read and write
|
||
|
E64BE000
|
stack
|
page read and write
|
||
|
7FDFE000
|
stack
|
page read and write
|
||
|
87C000
|
unkown
|
page readonly
|
||
|
6FB2E000
|
stack
|
page read and write
|
||
|
C33BE000
|
stack
|
page read and write
|
||
|
622000
|
unkown
|
page readonly
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
D76BE000
|
stack
|
page read and write
|
||
|
1B42000
|
heap
|
page read and write
|
||
|
8EC7E000
|
stack
|
page read and write
|
||
|
912BE000
|
stack
|
page read and write
|
||
|
4B73F000
|
stack
|
page read and write
|
||
|
2E5CF000
|
stack
|
page read and write
|
||
|
5C77E000
|
stack
|
page read and write
|
||
|
7548E000
|
stack
|
page read and write
|
||
|
2D08F000
|
stack
|
page read and write
|
||
|
A6AFE000
|
stack
|
page read and write
|
||
|
4E5FF000
|
stack
|
page read and write
|
||
|
604FE000
|
stack
|
page read and write
|
||
|
18CEB310000
|
heap
|
page read and write
|
||
|
5ADBF000
|
stack
|
page read and write
|
||
|
88FEF000
|
stack
|
page read and write
|
||
|
AB2FF000
|
stack
|
page read and write
|
||
|
1967000
|
heap
|
page read and write
|
||
|
7DC3F000
|
stack
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
2620F000
|
stack
|
page read and write
|
||
|
1378F000
|
stack
|
page read and write
|
||
|
3967E000
|
stack
|
page read and write
|
||
|
9F7FF000
|
stack
|
page read and write
|
||
|
6513F000
|
stack
|
page read and write
|
||
|
2668E000
|
stack
|
page read and write
|
||
|
F6E3E000
|
stack
|
page read and write
|
||
|
76D1E000
|
stack
|
page read and write
|
||
|
87FEF000
|
stack
|
page read and write
|
||
|
1950F000
|
stack
|
page read and write
|
||
|
3DEE000
|
direct allocation
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
1030000
|
direct allocation
|
page execute and read and write
|
||
|
B613F000
|
stack
|
page read and write
|
||
|
6FAEE000
|
stack
|
page read and write
|
||
|
B5D3E000
|
stack
|
page read and write
|
||
|
CF6FF000
|
stack
|
page read and write
|
||
|
A26FE000
|
stack
|
page read and write
|
||
|
327FE000
|
stack
|
page read and write
|
||
|
3677F000
|
stack
|
page read and write
|
||
|
1B31000
|
heap
|
page read and write
|
||
|
7664E000
|
stack
|
page read and write
|
||
|
1AA9000
|
heap
|
page read and write
|
||
|
AFCE000
|
stack
|
page read and write
|
||
|
AC43E000
|
stack
|
page read and write
|
||
|
134A000
|
heap
|
page read and write
|
||
|
EEE7F000
|
stack
|
page read and write
|
||
|
A6EFF000
|
stack
|
page read and write
|
||
|
F38F000
|
stack
|
page read and write
|
||
|
CF2FE000
|
stack
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
EEA7E000
|
stack
|
page read and write
|
||
|
2448E000
|
stack
|
page read and write
|
||
|
ACC7F000
|
stack
|
page read and write
|
||
|
2268F000
|
stack
|
page read and write
|
||
|
F2E3F000
|
stack
|
page read and write
|
||
|
137CE000
|
stack
|
page read and write
|
||
|
7FF3E000
|
stack
|
page read and write
|
||
|
123E000
|
heap
|
page read and write
|
||
|
7783F000
|
stack
|
page read and write
|
||
|
9E2BF000
|
stack
|
page read and write
|
||
|
E647F000
|
stack
|
page read and write
|
||
|
7D03F000
|
stack
|
page read and write
|
||
|
3C97E000
|
stack
|
page read and write
|
||
|
F3B3E000
|
stack
|
page read and write
|
||
|
A4CFF000
|
stack
|
page read and write
|
||
|
747DE000
|
stack
|
page read and write
|
||
|
3DA7E000
|
stack
|
page read and write
|
||
|
78C3F000
|
stack
|
page read and write
|
||
|
B837E000
|
stack
|
page read and write
|
||
|
C48BF000
|
stack
|
page read and write
|
||
|
CC3FF000
|
stack
|
page read and write
|
||
|
7C03F000
|
stack
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
D69FE000
|
stack
|
page read and write
|
||
|
35F3E000
|
stack
|
page read and write
|
||
|
C11BE000
|
stack
|
page read and write
|
||
|
A33BE000
|
stack
|
page read and write
|
||
|
444BE000
|
stack
|
page read and write
|
||
|
1444F000
|
stack
|
page read and write
|
||
|
909FF000
|
stack
|
page read and write
|
||
|
FA13E000
|
stack
|
page read and write
|
||
|
215CE000
|
stack
|
page read and write
|
||
|
A0D3F000
|
stack
|
page read and write
|
||
|
D3F7E000
|
stack
|
page read and write
|
||
|
4E1FE000
|
stack
|
page read and write
|
||
|
DADFE000
|
stack
|
page read and write
|
||
|
3F3BF000
|
stack
|
page read and write
|
||
|
170E000
|
stack
|
page read and write
|
||
|
2158F000
|
stack
|
page read and write
|
||
|
1144000
|
heap
|
page read and write
|
||
|
1514E000
|
stack
|
page read and write
|
||
|
1884F000
|
stack
|
page read and write
|
||
|
DC33E000
|
stack
|
page read and write
|
||
|
C803E000
|
stack
|
page read and write
|
||
|
3EF7F000
|
stack
|
page read and write
|
||
|
1C3CF000
|
stack
|
page read and write
|
||
|
803EF000
|
stack
|
page read and write
|
||
|
6B33E000
|
stack
|
page read and write
|
||
|
2884F000
|
stack
|
page read and write
|
||
|
CC83F000
|
stack
|
page read and write
|
||
|
D36FE000
|
stack
|
page read and write
|
||
|
2228E000
|
stack
|
page read and write
|
||
|
564F000
|
stack
|
page read and write
|
||
|
E86BE000
|
stack
|
page read and write
|
||
|
B193E000
|
stack
|
page read and write
|
||
|
C1E3F000
|
stack
|
page read and write
|
||
|
1EF4F000
|
stack
|
page read and write
|
||
|
2AA4F000
|
stack
|
page read and write
|
||
|
D58FE000
|
stack
|
page read and write
|
||
|
B58FE000
|
stack
|
page read and write
|
||
|
7CC3F000
|
stack
|
page read and write
|
||
|
2AA8E000
|
stack
|
page read and write
|
||
|
C2B3E000
|
stack
|
page read and write
|
||
|
B4BFF000
|
stack
|
page read and write
|
||
|
AAA7F000
|
stack
|
page read and write
|
||
|
5C73F000
|
stack
|
page read and write
|
||
|
4913E000
|
stack
|
page read and write
|
||
|
147E000
|
heap
|
page read and write
|
||
|
1374000
|
heap
|
page read and write
|
||
|
A737E000
|
stack
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
EC3FF000
|
stack
|
page read and write
|
||
|
3417E000
|
stack
|
page read and write
|
||
|
1840F000
|
stack
|
page read and write
|
||
|
576BE000
|
stack
|
page read and write
|
||
|
3703E000
|
stack
|
page read and write
|
||
|
2800E000
|
stack
|
page read and write
|
||
|
91F3F000
|
stack
|
page read and write
|
||
|
C8CFE000
|
stack
|
page read and write
|
||
|
62F7E000
|
stack
|
page read and write
|
||
|
B10BE000
|
stack
|
page read and write
|
||
|
F03BF000
|
stack
|
page read and write
|
||
|
F3F3F000
|
stack
|
page read and write
|
||
|
2334F000
|
stack
|
page read and write
|
||
|
A74E000
|
stack
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
3DC2000
|
heap
|
page read and write
|
||
|
47BFE000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
9413F000
|
stack
|
page read and write
|
||
|
248CE000
|
stack
|
page read and write
|
||
|
5833F000
|
stack
|
page read and write
|
||
|
E0B3F000
|
stack
|
page read and write
|
||
|
CEE7F000
|
stack
|
page read and write
|
||
|
7349E000
|
stack
|
page read and write
|
||
|
19CA000
|
heap
|
page read and write
|
||
|
18CEB3AC000
|
heap
|
page read and write
|
||
|
B40E000
|
stack
|
page read and write
|
||
|
1143000
|
heap
|
page read and write
|
||
|
4847E000
|
stack
|
page read and write
|
||
|
1B09000
|
heap
|
page read and write
|
||
|
7372E000
|
stack
|
page read and write
|
||
|
D4C3E000
|
stack
|
page read and write
|
||
|
48CFE000
|
stack
|
page read and write
|
||
|
CAA7F000
|
stack
|
page read and write
|
||
|
E4F3F000
|
stack
|
page read and write
|
||
|
86FEF000
|
stack
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
92BFF000
|
stack
|
page read and write
|
||
|
B25FE000
|
stack
|
page read and write
|
||
|
459FE000
|
stack
|
page read and write
|
||
|
AFB3F000
|
stack
|
page read and write
|
||
|
CFFBE000
|
stack
|
page read and write
|
||
|
FE0BF000
|
stack
|
page read and write
|
||
|
BD1FE000
|
stack
|
page read and write
|
||
|
B14BF000
|
stack
|
page read and write
|
||
|
ED6000
|
heap
|
page read and write
|
||
|
28CCE000
|
stack
|
page read and write
|
||
|
9C93F000
|
stack
|
page read and write
|
||
|
AE1FE000
|
stack
|
page read and write
|
||
|
490FF000
|
stack
|
page read and write
|
||
|
F32BE000
|
stack
|
page read and write
|
||
|
7E83F000
|
stack
|
page read and write
|
||
|
D0C7E000
|
stack
|
page read and write
|
||
|
52000
|
heap
|
page read and write
|
||
|
290CF000
|
stack
|
page read and write
|
||
|
733EF000
|
stack
|
page read and write
|
||
|
E87FE000
|
stack
|
page read and write
|
||
|
EBB7F000
|
stack
|
page read and write
|
||
|
3897F000
|
stack
|
page read and write
|
||
|
87C000
|
unkown
|
page readonly
|
||
|
F47BF000
|
stack
|
page read and write
|
||
|
135A000
|
heap
|
page read and write
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
1778E000
|
stack
|
page read and write
|
||
|
93CFF000
|
stack
|
page read and write
|
||
|
7FD3E000
|
stack
|
page read and write
|
||
|
CA23E000
|
stack
|
page read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
FB23E000
|
stack
|
page read and write
|
||
|
193E000
|
heap
|
page read and write
|
||
|
5C2FF000
|
stack
|
page read and write
|
||
|
437FE000
|
stack
|
page read and write
|
||
|
854E000
|
stack
|
page read and write
|
||
|
3527E000
|
stack
|
page read and write
|
||
|
39EBF000
|
stack
|
page read and write
|
||
|
F767F000
|
stack
|
page read and write
|
||
|
9567F000
|
stack
|
page read and write
|
||
|
349FE000
|
stack
|
page read and write
|
||
|
F3CE000
|
stack
|
page read and write
|
||
|
12E9000
|
heap
|
page read and write
|
||
|
96BFE000
|
stack
|
page read and write
|
||
|
61E7E000
|
stack
|
page read and write
|
||
|
A803E000
|
stack
|
page read and write
|
||
|
C737E000
|
stack
|
page read and write
|
||
|
AA23E000
|
stack
|
page read and write
|
||
|
BFC3F000
|
stack
|
page read and write
|
||
|
31B3E000
|
stack
|
page read and write
|
||
|
16F0E000
|
stack
|
page read and write
|
||
|
626BF000
|
stack
|
page read and write
|
||
|
688BE000
|
stack
|
page read and write
|
||
|
ECB000
|
heap
|
page read and write
|
||
|
897EF000
|
stack
|
page read and write
|
||
|
E75BE000
|
stack
|
page read and write
|
||
|
BA53F000
|
stack
|
page read and write
|
||
|
E827E000
|
stack
|
page read and write
|
||
|
4BFBF000
|
stack
|
page read and write
|
||
|
3B83F000
|
stack
|
page read and write
|
||
|
2F70E000
|
stack
|
page read and write
|
||
|
1D5CF000
|
stack
|
page read and write
|
||
|
CBB7F000
|
stack
|
page read and write
|
||
|
C26FE000
|
stack
|
page read and write
|
||
|
1338E000
|
stack
|
page read and write
|
||
|
EA1FF000
|
stack
|
page read and write
|
||
|
690FF000
|
stack
|
page read and write
|
||
|
76C9E000
|
stack
|
page read and write
|
||
|
4737E000
|
stack
|
page read and write
|
||
|
9F83E000
|
stack
|
page read and write
|
||
|
15E0E000
|
stack
|
page read and write
|
||
|
FA53F000
|
stack
|
page read and write
|
||
|
B6E3E000
|
stack
|
page read and write
|
||
|
FB63F000
|
stack
|
page read and write
|
||
|
8B3EF000
|
stack
|
page read and write
|
||
|
5D9FE000
|
stack
|
page read and write
|
||
|
B3F3F000
|
stack
|
page read and write
|
||
|
7651E000
|
stack
|
page read and write
|
||
|
1BF8F000
|
stack
|
page read and write
|
||
|
72FEF000
|
stack
|
page read and write
|
||
|
CAABE000
|
stack
|
page read and write
|
||
|
4407E000
|
stack
|
page read and write
|
||
|
1157000
|
heap
|
page read and write
|
||
|
1664F000
|
stack
|
page read and write
|
||
|
D4F000
|
stack
|
page read and write
|
||
|
4D97E000
|
stack
|
page read and write
|
||
|
8B4000
|
unkown
|
page readonly
|
||
|
CA1FF000
|
stack
|
page read and write
|
||
|
448FE000
|
stack
|
page read and write
|
||
|
70BEF000
|
stack
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
A37BF000
|
stack
|
page read and write
|
||
|
34E3E000
|
stack
|
page read and write
|
||
|
D437F000
|
stack
|
page read and write
|
||
|
DF1FE000
|
stack
|
page read and write
|
||
|
F5CFF000
|
stack
|
page read and write
|
||
|
2EE8E000
|
stack
|
page read and write
|
||
|
58BBF000
|
stack
|
page read and write
|
||
|
738AE000
|
stack
|
page read and write
|
||
|
2E60E000
|
stack
|
page read and write
|
||
|
B03FE000
|
stack
|
page read and write
|
||
|
764DE000
|
stack
|
page read and write
|
||
|
AB4F000
|
stack
|
page read and write
|
||
|
2DD4F000
|
stack
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
52E7E000
|
stack
|
page read and write
|
||
|
FED7F000
|
stack
|
page read and write
|
||
|
12D8000
|
heap
|
page read and write
|
||
|
ED0FE000
|
stack
|
page read and write
|
||
|
D723F000
|
stack
|
page read and write
|
||
|
9307E000
|
stack
|
page read and write
|
||
|
7BC3F000
|
stack
|
page read and write
|
||
|
5767F000
|
stack
|
page read and write
|
||
|
4E63E000
|
stack
|
page read and write
|
||
|
D217F000
|
stack
|
page read and write
|
||
|
1C40E000
|
stack
|
page read and write
|
||
|
A55BE000
|
stack
|
page read and write
|
||
|
25E0E000
|
stack
|
page read and write
|
||
|
BFC7E000
|
stack
|
page read and write
|
||
|
9897F000
|
stack
|
page read and write
|
||
|
8D0EE000
|
stack
|
page read and write
|
||
|
40D7E000
|
stack
|
page read and write
|
||
|
D87BE000
|
stack
|
page read and write
|
||
|
D613F000
|
stack
|
page read and write
|
||
|
5503F000
|
stack
|
page read and write
|
||
|
21E4E000
|
stack
|
page read and write
|
||
|
600000
|
direct allocation
|
page execute and read and write
|
||
|
A887F000
|
stack
|
page read and write
|
||
|
B54BE000
|
stack
|
page read and write
|
||
|
A843F000
|
stack
|
page read and write
|
||
|
713EF000
|
stack
|
page read and write
|
||
|
934BE000
|
stack
|
page read and write
|
||
|
A007F000
|
stack
|
page read and write
|
||
|
BE2FE000
|
stack
|
page read and write
|
||
|
3237F000
|
stack
|
page read and write
|
||
|
9A4F000
|
stack
|
page read and write
|
||
|
4403F000
|
stack
|
page read and write
|
||
|
F947E000
|
stack
|
page read and write
|
||
|
655BE000
|
stack
|
page read and write
|
||
|
A513F000
|
stack
|
page read and write
|
||
|
C88BE000
|
stack
|
page read and write
|
||
|
7B83F000
|
stack
|
page read and write
|
||
|
4A63F000
|
stack
|
page read and write
|
||
|
A6ABF000
|
stack
|
page read and write
|
||
|
9417E000
|
stack
|
page read and write
|
||
|
30E7E000
|
stack
|
page read and write
|
||
|
1F38F000
|
stack
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
D18FF000
|
stack
|
page read and write
|
||
|
97CFE000
|
stack
|
page read and write
|
||
|
FBA7F000
|
stack
|
page read and write
|
||
|
B2E7E000
|
stack
|
page read and write
|
||
|
6FCF000
|
stack
|
page read and write
|
||
|
B21BE000
|
stack
|
page read and write
|
||
|
6E2BE000
|
stack
|
page read and write
|
||
|
2F6CF000
|
stack
|
page read and write
|
||
|
334BE000
|
stack
|
page read and write
|
||
|
C1E7E000
|
stack
|
page read and write
|
||
|
4C87E000
|
stack
|
page read and write
|
||
|
28C8F000
|
stack
|
page read and write
|
||
|
C90FF000
|
stack
|
page read and write
|
||
|
68CBF000
|
stack
|
page read and write
|
||
|
BEF7F000
|
stack
|
page read and write
|
||
|
8E7FF000
|
stack
|
page read and write
|
||
|
7883F000
|
stack
|
page read and write
|
||
|
ED4FF000
|
stack
|
page read and write
|
||
|
674F000
|
stack
|
page read and write
|
||
|
12CA000
|
heap
|
page read and write
|
||
|
DA13E000
|
stack
|
page read and write
|
||
|
6AABE000
|
stack
|
page read and write
|
||
|
BCDBE000
|
stack
|
page read and write
|
||
|
81FEF000
|
stack
|
page read and write
|
||
|
7560E000
|
stack
|
page read and write
|
||
|
1A439FD000
|
stack
|
page read and write
|
||
|
8B4000
|
unkown
|
page readonly
|
||
|
1844E000
|
stack
|
page read and write
|
||
|
6EFBE000
|
stack
|
page read and write
|
||
|
42F3F000
|
stack
|
page read and write
|
||
|
4BBBE000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
9EFBE000
|
stack
|
page read and write
|
||
|
B07FF000
|
stack
|
page read and write
|
||
|
6F9AE000
|
stack
|
page read and write
|
||
|
7FC3F000
|
stack
|
page read and write
|
||
|
6957E000
|
stack
|
page read and write
|
||
|
6FD2E000
|
stack
|
page read and write
|
||
|
F613F000
|
stack
|
page read and write
|
||
|
A5E3E000
|
stack
|
page read and write
|
||
|
739BE000
|
stack
|
page read and write
|
||
|
E0FBE000
|
stack
|
page read and write
|
||
|
1620F000
|
stack
|
page read and write
|
||
|
1998E000
|
stack
|
page read and write
|
||
|
6C3FF000
|
stack
|
page read and write
|
||
|
12CB000
|
heap
|
page read and write
|
||
|
4042000
|
heap
|
page read and write
|
||
|
61E3F000
|
stack
|
page read and write
|
||
|
39A7F000
|
stack
|
page read and write
|
||
|
2664F000
|
stack
|
page read and write
|
||
|
FB67E000
|
stack
|
page read and write
|
||
|
1492000
|
heap
|
page read and write
|
||
|
19E9000
|
heap
|
page read and write
|
||
|
3E9E000
|
stack
|
page read and write
|
||
|
956BE000
|
stack
|
page read and write
|
||
|
2C84E000
|
stack
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
9DE7F000
|
stack
|
page read and write
|
||
|
1888E000
|
stack
|
page read and write
|
||
|
CE1FE000
|
stack
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
90E7E000
|
stack
|
page read and write
|
||
|
938FE000
|
stack
|
page read and write
|
||
|
5947E000
|
stack
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
1208000
|
heap
|
page read and write
|
||
|
EC3000
|
heap
|
page read and write
|
||
|
6913E000
|
stack
|
page read and write
|
||
|
EB77E000
|
stack
|
page read and write
|
||
|
F65BE000
|
stack
|
page read and write
|
||
|
BC0BF000
|
stack
|
page read and write
|
||
|
6D0BF000
|
stack
|
page read and write
|
||
|
DA9BE000
|
stack
|
page read and write
|
||
|
DE53E000
|
stack
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
B76BE000
|
stack
|
page read and write
|
||
|
66EFF000
|
stack
|
page read and write
|
||
|
2C40E000
|
stack
|
page read and write
|
||
|
AAEFE000
|
stack
|
page read and write
|
||
|
FC73F000
|
stack
|
page read and write
|
||
|
6667F000
|
stack
|
page read and write
|
||
|
123E000
|
heap
|
page read and write
|
||
|
BDA3F000
|
stack
|
page read and write
|
||
|
60D3F000
|
stack
|
page read and write
|
||
|
8AC000
|
unkown
|
page write copy
|
||
|
E207F000
|
stack
|
page read and write
|
||
|
10ED000
|
heap
|
page read and write
|
||
|
8D8F000
|
stack
|
page read and write
|
||
|
9FC7E000
|
stack
|
page read and write
|
||
|
C1A3E000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
3DA3F000
|
stack
|
page read and write
|
||
|
EB2FF000
|
stack
|
page read and write
|
||
|
B80F000
|
stack
|
page read and write
|
||
|
CE5FF000
|
stack
|
page read and write
|
||
|
A2F7E000
|
stack
|
page read and write
|
||
|
9D1FE000
|
stack
|
page read and write
|
||
|
837EF000
|
stack
|
page read and write
|
||
|
1267000
|
heap
|
page read and write
|
||
|
77C3F000
|
stack
|
page read and write
|
||
|
938BF000
|
stack
|
page read and write
|
||
|
737EE000
|
stack
|
page read and write
|
||
|
7803F000
|
stack
|
page read and write
|
||
|
4FB3F000
|
stack
|
page read and write
|
||
|
6B2FF000
|
stack
|
page read and write
|
||
|
8C82F000
|
stack
|
page read and write
|
||
|
CB33E000
|
stack
|
page read and write
|
||
|
8B4000
|
unkown
|
page readonly
|
||
|
FD87E000
|
stack
|
page read and write
|
||
|
1238000
|
heap
|
page read and write
|
||
|
FC77E000
|
stack
|
page read and write
|
||
|
6FC2E000
|
stack
|
page read and write
|
||
|
20D0F000
|
stack
|
page read and write
|
||
|
C117F000
|
stack
|
page read and write
|
||
|
94DFF000
|
stack
|
page read and write
|
||
|
C55BE000
|
stack
|
page read and write
|
||
|
316BF000
|
stack
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
1004F000
|
stack
|
page read and write
|
||
|
521BE000
|
stack
|
page read and write
|
||
|
7382E000
|
stack
|
page read and write
|
||
|
42F7E000
|
stack
|
page read and write
|
||
|
C733F000
|
stack
|
page read and write
|
||
|
923BE000
|
stack
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
AE63E000
|
stack
|
page read and write
|
||
|
93D3E000
|
stack
|
page read and write
|
||
|
4AEBF000
|
stack
|
page read and write
|
||
|
9BC7F000
|
stack
|
page read and write
|
||
|
857EF000
|
stack
|
page read and write
|
||
|
3CA0000
|
direct allocation
|
page read and write
|
||
|
2EA0F000
|
stack
|
page read and write
|
||
|
29D8F000
|
stack
|
page read and write
|
||
|
1A8E000
|
stack
|
page read and write
|
||
|
DE93F000
|
stack
|
page read and write
|
||
|
19DCE000
|
stack
|
page read and write
|
||
|
104CE000
|
stack
|
page read and write
|
||
|
DFEBE000
|
stack
|
page read and write
|
||
|
12FD000
|
heap
|
page read and write
|
||
|
45E3E000
|
stack
|
page read and write
|
||
|
10EB000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
503FE000
|
stack
|
page read and write
|
||
|
C6F3E000
|
stack
|
page read and write
|
||
|
F9CBF000
|
stack
|
page read and write
|
||
|
2C80F000
|
stack
|
page read and write
|
||
|
32D4000
|
system
|
page execute and read and write
|
||
|
C4D3E000
|
stack
|
page read and write
|
||
|
1AEA000
|
heap
|
page read and write
|
||
|
4AEFE000
|
stack
|
page read and write
|
||
|
6EAFF000
|
stack
|
page read and write
|
||
|
84FEF000
|
stack
|
page read and write
|
||
|
C6ABF000
|
stack
|
page read and write
|
||
|
D903E000
|
stack
|
page read and write
|
||
|
2020000
|
direct allocation
|
page execute and read and write
|
||
|
532BE000
|
stack
|
page read and write
|
||
|
B767F000
|
stack
|
page read and write
|
||
|
82FEF000
|
stack
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
746FE000
|
stack
|
page read and write
|
||
|
C66BE000
|
stack
|
page read and write
|
||
|
723EF000
|
stack
|
page read and write
|
||
|
E20BE000
|
stack
|
page read and write
|
||
|
4D93F000
|
stack
|
page read and write
|
||
|
44CFF000
|
stack
|
page read and write
|
||
|
A1A3E000
|
stack
|
page read and write
|
||
|
7641E000
|
stack
|
page read and write
|
||
|
3EB3F000
|
stack
|
page read and write
|
||
|
1346000
|
heap
|
page read and write
|