Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
0qlnWcmhSC.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\geo[1].json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\0qlnWcmhSC.exe
|
"C:\Users\user\Desktop\0qlnWcmhSC.exe"
|
|
|
|
C:\Users\user\Desktop\0qlnWcmhSC.exe
|
"C:\Users\user\Desktop\0qlnWcmhSC.exe"
|
|
|
|
C:\Users\user\Desktop\0qlnWcmhSC.exe
|
"C:\Users\user\Desktop\0qlnWcmhSC.exe" --Admin IsNotAutoStart IsNotTask
|
|
|
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe --Task
|
|
|
|
C:\Users\user\Desktop\0qlnWcmhSC.exe
|
"C:\Users\user\Desktop\0qlnWcmhSC.exe" --Admin IsNotAutoStart IsNotTask
|
|
|
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe
|
"C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe --Task
|
|
|
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe
|
"C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe
|
"C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe
|
"C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7\0qlnWcmhSC.exe" --AutoStart
|
|
|
|
C:\Windows\SysWOW64\icacls.exe
|
icacls "C:\Users\user\AppData\Local\a728bb78-6259-4af3-b6ac-e10b42e567f7" /deny *S-1-1-0:(OI)(CI)(DE,DC)
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://acacaca.org/test2/get.php
|
|
||
|
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error
|
unknown
|
||
|
https://api.2ip.ua/geo.json
|
162.0.217.254
|
||
|
http://www.openssl.org/support/faq.html
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.2ip.ua
|
162.0.217.254
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
162.0.217.254
|
api.2ip.ua
|
Canada
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
|
SysHelper
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
42C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4320000
|
direct allocation
|
page execute and read and write
|
|
|
|
4290000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
42F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
42D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
26AF000
|
stack
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
2CE0000
|
remote allocation
|
page read and write
|
||
|
73A000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
14A8BA61000
|
heap
|
page read and write
|
||
|
41F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ECB5D02000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1BB4E380000
|
heap
|
page read and write
|
||
|
BC6A47E000
|
stack
|
page read and write
|
||
|
41DF000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
20D6724B000
|
heap
|
page read and write
|
||
|
1D58C300000
|
heap
|
page read and write
|
||
|
14A8BA95000
|
heap
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
D0E51FC000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
14A8CBE0000
|
trusted library section
|
page readonly
|
||
|
14A8B8F0000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
3F3D2F9000
|
stack
|
page read and write
|
||
|
1D58C1C0000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
20D67276000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
20D66FD0000
|
heap
|
page read and write
|
||
|
1D58C100000
|
heap
|
page read and write
|
||
|
3F3D1FF000
|
stack
|
page read and write
|
||
|
2B3A000
|
stack
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
23893648000
|
heap
|
page read and write
|
||
|
23893629000
|
heap
|
page read and write
|
||
|
D0E557C000
|
stack
|
page read and write
|
||
|
2389366A000
|
heap
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
14A91330000
|
trusted library allocation
|
page read and write
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
14A91450000
|
remote allocation
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
4290000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
A87000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
425F000
|
stack
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
16899C02000
|
trusted library allocation
|
page read and write
|
||
|
14A910F0000
|
heap
|
page read and write
|
||
|
1BB4E508000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1D58C25F000
|
heap
|
page read and write
|
||
|
31B0000
|
remote allocation
|
page read and write
|
||
|
1D58C313000
|
heap
|
page read and write
|
||
|
2AB9483C000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
3F3D67F000
|
stack
|
page read and write
|
||
|
42B0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
14A8BA40000
|
heap
|
page read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
C9DC7FF000
|
stack
|
page read and write
|
||
|
294961A0000
|
heap
|
page read and write
|
||
|
202E987B000
|
heap
|
page read and write
|
||
|
290E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
14A91300000
|
trusted library allocation
|
page read and write
|
||
|
65F000
|
heap
|
page read and write
|
||
|
253176B0000
|
heap
|
page read and write
|
||
|
14A8C518000
|
heap
|
page read and write
|
||
|
202E97A0000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
BC6A6FE000
|
stack
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
1D8D0A29000
|
heap
|
page read and write
|
||
|
73F000
|
heap
|
page read and write
|
||
|
B6E9A7F000
|
stack
|
page read and write
|
||
|
25317857000
|
heap
|
page read and write
|
||
|
2CE0000
|
remote allocation
|
page read and write
|
||
|
1ECB5D13000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
202E987F000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
99F000
|
stack
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
1D8D0B02000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute read
|
||
|
14A8BA29000
|
heap
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
14A91021000
|
heap
|
page read and write
|
||
|
16899260000
|
heap
|
page read and write
|
||
|
B6E97EE000
|
stack
|
page read and write
|
||
|
3F3D0FA000
|
stack
|
page read and write
|
||
|
D0E49CB000
|
stack
|
page read and write
|
||
|
BC69F2B000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2AB94870000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
238935B0000
|
trusted library allocation
|
page read and write
|
||
|
23893520000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
650000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
20D67278000
|
heap
|
page read and write
|
||
|
14A8C518000
|
heap
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
1D58C289000
|
heap
|
page read and write
|
||
|
23893641000
|
heap
|
page read and write
|
||
|
23893630000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2AB95202000
|
trusted library allocation
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
73F000
|
heap
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
657000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
2A4D000
|
stack
|
page read and write
|
||
|
54AE27B000
|
stack
|
page read and write
|
||
|
2949626E000
|
heap
|
page read and write
|
||
|
29496130000
|
heap
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
2C67000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
C9DC27B000
|
stack
|
page read and write
|
||
|
14A91420000
|
trusted library allocation
|
page read and write
|
||
|
2389366B000
|
heap
|
page read and write
|
||
|
2389364E000
|
heap
|
page read and write
|
||
|
5ED000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
14A91450000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
14A91100000
|
heap
|
page read and write
|
||
|
1ECB5B70000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
D539AFE000
|
stack
|
page read and write
|
||
|
23893510000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
3B391FF000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1BB4E513000
|
heap
|
page read and write
|
||
|
168993B0000
|
trusted library allocation
|
page read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
637000
|
heap
|
page read and write
|
||
|
14A8BA66000
|
heap
|
page read and write
|
||
|
1D58C224000
|
heap
|
page read and write
|
||
|
23893644000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
202E97D0000
|
trusted library allocation
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
80D000
|
stack
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
D539A7C000
|
stack
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
286F000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
74EE7FB000
|
stack
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
407E000
|
stack
|
page read and write
|
||
|
1BB4E500000
|
heap
|
page read and write
|
||
|
44C0000
|
heap
|
page read and write
|
||
|
1D58DCB0000
|
trusted library allocation
|
page read and write
|
||
|
1BB4EC80000
|
trusted library allocation
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
289F000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
23893639000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
269E000
|
stack
|
page read and write
|
||
|
1BB4E43C000
|
heap
|
page read and write
|
||
|
3F3CEF7000
|
stack
|
page read and write
|
||
|
25317902000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
2389364B000
|
heap
|
page read and write
|
||
|
84F000
|
stack
|
page read and write
|
||
|
1D58C262000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3170000
|
trusted library section
|
page readonly
|
||
|
4480000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
20D67130000
|
trusted library allocation
|
page read and write
|
||
|
273F000
|
stack
|
page read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
23893654000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
422F000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
14A910FA000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
418F000
|
stack
|
page read and write
|
||
|
1BB4E413000
|
heap
|
page read and write
|
||
|
56A000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
D0E547E000
|
stack
|
page read and write
|
||
|
54AE9FD000
|
stack
|
page read and write
|
||
|
26DE000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ECB6480000
|
trusted library allocation
|
page read and write
|
||
|
31B0000
|
remote allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
1ECB5C00000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
71D000
|
heap
|
page read and write
|
||
|
782000
|
heap
|
page read and write
|
||
|
255B000
|
heap
|
page read and write
|
||
|
732000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3B392FF000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
14A8C415000
|
heap
|
page read and write
|
||
|
3F3D6FE000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
751000
|
heap
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
294962C4000
|
heap
|
page read and write
|
||
|
54AE8FE000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3F3CAEC000
|
stack
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
D539E77000
|
stack
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
3B38A7B000
|
stack
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
14A8CC30000
|
trusted library section
|
page readonly
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
14A910DF000
|
heap
|
page read and write
|
||
|
23893580000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1ECB5C29000
|
heap
|
page read and write
|
||
|
1BB4E48A000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
29496213000
|
heap
|
page read and write
|
||
|
C9DC8FF000
|
stack
|
page read and write
|
||
|
14A8B9F0000
|
trusted library allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
1ECB5C4E000
|
heap
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
40E0000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1D58C1A0000
|
trusted library allocation
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
D0E4DFB000
|
stack
|
page read and write
|
||
|
14A8BAA2000
|
heap
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
20D67A02000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
64E000
|
stack
|
page read and write
|
||
|
14A8CC00000
|
trusted library section
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
1ECB5C83000
|
heap
|
page read and write
|
||
|
1D58C248000
|
heap
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
3B38DFF000
|
stack
|
page read and write
|
||
|
74EEA7F000
|
stack
|
page read and write
|
||
|
1D58C1F0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
14A8B990000
|
trusted library section
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
23893642000
|
heap
|
page read and write
|
||
|
2B3A000
|
stack
|
page read and write
|
||
|
1D58C257000
|
heap
|
page read and write
|
||
|
1D8D1202000
|
trusted library allocation
|
page read and write
|
||
|
B6E9FFF000
|
stack
|
page read and write
|
||
|
BC6A8FD000
|
stack
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
720000
|
heap
|
page read and write
|
||
|
1D58C273000
|
heap
|
page read and write
|
||
|
20D67308000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1D58DC70000
|
trusted library allocation
|
page read and write
|
||
|
42C0000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
29496D00000
|
heap
|
page read and write
|
||
|
2B4A000
|
stack
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
1D58C23D000
|
heap
|
page read and write
|
||
|
14A91308000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
14A8CA00000
|
trusted library allocation
|
page read and write
|
||
|
74EEC7F000
|
stack
|
page read and write
|
||
|
3F3D57F000
|
stack
|
page read and write
|
||
|
31B0000
|
remote allocation
|
page read and write
|
||
|
4470000
|
heap
|
page read and write
|
||
|
FA186FE000
|
stack
|
page read and write
|
||
|
F788C7F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
D539B7E000
|
stack
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
1D8D0A02000
|
heap
|
page read and write
|
||
|
2CBD000
|
stack
|
page read and write
|
||
|
27CF000
|
stack
|
page read and write
|
||
|
14A8B8E0000
|
heap
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
20D67255000
|
heap
|
page read and write
|
||
|
FA187FE000
|
stack
|
page read and write
|
||
|
14A8CBF0000
|
trusted library section
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
1D58C302000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
FA1847B000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
14A90FF0000
|
trusted library allocation
|
page read and write
|
||
|
74EE2FB000
|
stack
|
page read and write
|
||
|
14A8BAFE000
|
heap
|
page read and write
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
BC6A3FE000
|
stack
|
page read and write
|
||
|
14A9102F000
|
heap
|
page read and write
|
||
|
1D8D09C0000
|
trusted library allocation
|
page read and write
|
||
|
782000
|
heap
|
page read and write
|
||
|
557000
|
heap
|
page read and write
|
||
|
25317FF0000
|
remote allocation
|
page read and write
|
||
|
2389365E000
|
heap
|
page read and write
|
||
|
1D8D0A76000
|
heap
|
page read and write
|
||
|
168992B0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
14A8CF80000
|
trusted library allocation
|
page read and write
|
||
|
74EEB7C000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
14A90FF0000
|
trusted library allocation
|
page read and write
|
||
|
4270000
|
heap
|
page read and write
|
||
|
2389366D000
|
heap
|
page read and write
|
||
|
1D8D0860000
|
heap
|
page read and write
|
||
|
B6E9CFB000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
14A8BAA0000
|
heap
|
page read and write
|
||
|
548000
|
heap
|
page read and write
|
||
|
23893649000
|
heap
|
page read and write
|
||
|
25317829000
|
heap
|
page read and write
|
||
|
1D58C213000
|
heap
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
14A91102000
|
heap
|
page read and write
|
||
|
1D58C170000
|
heap
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
74EE3FE000
|
stack
|
page read and write
|
||
|
202EA202000
|
trusted library allocation
|
page read and write
|
||
|
2389363D000
|
heap
|
page read and write
|
||
|
D53A07F000
|
stack
|
page read and write
|
||
|
3B38EFE000
|
stack
|
page read and write
|
||
|
1D58DE02000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1D58C248000
|
heap
|
page read and write
|
||
|
14A8C513000
|
heap
|
page read and write
|
||
|
14A91400000
|
trusted library allocation
|
page read and write
|
||
|
4680000
|
heap
|
page read and write
|
||
|
14A8B980000
|
trusted library allocation
|
page read and write
|
||
|
14A8BA8E000
|
heap
|
page read and write
|
||
|
F788B7F000
|
stack
|
page read and write
|
||
|
14A91450000
|
remote allocation
|
page read and write
|
||
|
3F3D47E000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
14A8B9F3000
|
trusted library allocation
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
20D67200000
|
heap
|
page read and write
|
||
|
5ED000
|
heap
|
page read and write
|
||
|
1BB4E42A000
|
heap
|
page read and write
|
||
|
24FE000
|
stack
|
page read and write
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
73B000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
605000
|
heap
|
page read and write
|
||
|
23893600000
|
heap
|
page read and write
|
||
|
14A8BA13000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
42E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
1BB4E370000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
14A8C3D1000
|
trusted library allocation
|
page read and write
|
||
|
14A9103F000
|
heap
|
page read and write
|
||
|
333C000
|
stack
|
page read and write
|
||
|
25317FC0000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
25317FF0000
|
remote allocation
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
762000
|
heap
|
page read and write
|
||
|
202E9840000
|
heap
|
page read and write
|
||
|
25FF000
|
stack
|
page read and write
|
||
|
2E31000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
2949628A000
|
heap
|
page read and write
|
||
|
1ECB5C56000
|
heap
|
page read and write
|
||
|
29496D32000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
23893660000
|
heap
|
page read and write
|
||
|
16899413000
|
heap
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
2F30000
|
trusted library section
|
page readonly
|
||
|
785000
|
heap
|
page read and write
|
||
|
1ECB5C6F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
20D6727F000
|
heap
|
page read and write
|
||
|
65F000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
269E000
|
stack
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
23893613000
|
heap
|
page read and write
|
||
|
1D8D0A41000
|
heap
|
page read and write
|
||
|
BC6A67D000
|
stack
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
2F6C000
|
stack
|
page read and write
|
||
|
16899437000
|
heap
|
page read and write
|
||
|
41EF000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1ECB5B80000
|
heap
|
page read and write
|
||
|
3F3D5FE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
14A8C3F0000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
D0E537D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
14A8BA6A000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
5F2000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
30BA000
|
stack
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
14A8BB13000
|
heap
|
page read and write
|
||
|
2AB94813000
|
heap
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
54AE7FE000
|
stack
|
page read and write
|
||
|
14A8BB26000
|
heap
|
page read and write
|
||
|
294962BB000
|
heap
|
page read and write
|
||
|
3F3D4FE000
|
stack
|
page read and write
|
||
|
5F2000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
1ECB5C4A000
|
heap
|
page read and write
|
||
|
1D58C200000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
65F000
|
heap
|
page read and write
|
||
|
16899448000
|
heap
|
page read and write
|
||
|
B6E9BFE000
|
stack
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
3B390FE000
|
stack
|
page read and write
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
C9DC4FF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
20D67229000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4310000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
2F30000
|
trusted library section
|
page readonly
|
||
|
16899402000
|
heap
|
page read and write
|
||
|
3F3D3FB000
|
stack
|
page read and write
|
||
|
202E9740000
|
heap
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
5FB000
|
heap
|
page read and write
|
||
|
2AB94913000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2AB947E0000
|
trusted library allocation
|
page read and write
|
||
|
D0E507F000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2B4A000
|
stack
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
567000
|
heap
|
page read and write
|
||
|
14A910F6000
|
heap
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
555000
|
heap
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1BB4E47E000
|
heap
|
page read and write
|
||
|
45D0000
|
heap
|
page read and write
|
||
|
3B38CFF000
|
stack
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
1A88279000
|
stack
|
page read and write
|
||
|
1ECB5C50000
|
heap
|
page read and write
|
||
|
C9DC5FB000
|
stack
|
page read and write
|
||
|
C9DC6F7000
|
stack
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
14A91324000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library section
|
page readonly
|
||
|
20D67250000
|
heap
|
page read and write
|
||
|
5EE000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
29496140000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
25317720000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
202E9813000
|
heap
|
page read and write
|
||
|
27CB000
|
heap
|
page read and write
|
||
|
74EE37E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
269E000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
25317800000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1BB4E502000
|
heap
|
page read and write
|
||
|
1D58C282000
|
heap
|
page read and write
|
||
|
27FA000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
3F3D9FF000
|
stack
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
14A90FE0000
|
trusted library allocation
|
page read and write
|
||
|
ADF000
|
stack
|
page read and write
|
||
|
54AE6FE000
|
stack
|
page read and write
|
||
|
23894002000
|
trusted library allocation
|
page read and write
|
||
|
14A9104C000
|
heap
|
page read and write
|
||
|
54AE5FF000
|
stack
|
page read and write
|
||
|
5CD000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
14A910D9000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
79E000
|
heap
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
294962CC000
|
heap
|
page read and write
|
||
|
54AE47C000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute read
|
||
|
202E9853000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1A87E7B000
|
stack
|
page read and write
|
||
|
BC6A2FE000
|
stack
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1ECB5BE0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
54AEBFC000
|
stack
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
77E000
|
heap
|
page read and write
|
||
|
74EE6FB000
|
stack
|
page read and write
|
||
|
1BB4E3E0000
|
heap
|
page read and write
|
||
|
2AB94881000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
5F2000
|
heap
|
page read and write
|
||
|
2CE0000
|
remote allocation
|
page read and write
|
||
|
1ECB5D00000
|
heap
|
page read and write
|
||
|
16899400000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
D539D7B000
|
stack
|
page read and write
|
||
|
FA1857E000
|
stack
|
page read and write
|
||
|
29AF000
|
stack
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
2389367A000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
315F000
|
stack
|
page read and write
|
||
|
FA184FE000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
16899250000
|
heap
|
page read and write
|
||
|
87F000
|
stack
|
page read and write
|
||
|
762000
|
heap
|
page read and write
|
||
|
1D58C1F0000
|
remote allocation
|
page read and write
|
||
|
23893702000
|
heap
|
page read and write
|
||
|
23893684000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
16899502000
|
heap
|
page read and write
|
||
|
20D67213000
|
heap
|
page read and write
|
||
|
2389362D000
|
heap
|
page read and write
|
||
|
4520000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
29496200000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
14A91410000
|
trusted library allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
2AB94902000
|
heap
|
page read and write
|
||
|
14A8CC10000
|
trusted library section
|
page readonly
|
||
|
23893667000
|
heap
|
page read and write
|
||
|
2389367B000
|
heap
|
page read and write
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
54AEAFF000
|
stack
|
page read and write
|
||
|
1D58C1F0000
|
remote allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
662000
|
heap
|
page read and write
|
||
|
202E9902000
|
heap
|
page read and write
|
||
|
25317824000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
27ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
29496313000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
2AB94800000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
202E9828000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
202E9863000
|
heap
|
page read and write
|
||
|
3B38BFD000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
20D67313000
|
heap
|
page read and write
|
||
|
1D58C318000
|
heap
|
page read and write
|
||
|
B6E976B000
|
stack
|
page read and write
|
||
|
14A92000000
|
heap
|
page read and write
|
||
|
41EE000
|
trusted library allocation
|
page execute and read and write
|
||
|
253176C0000
|
heap
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
2CA0000
|
trusted library section
|
page readonly
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
14A91334000
|
trusted library allocation
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
1D58C258000
|
heap
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
C9DC47C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2AB94829000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20D6726F000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
D539C7B000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2AB94750000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
293F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
662000
|
heap
|
page read and write
|
||
|
14A91430000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
B6E9DF7000
|
stack
|
page read and write
|
||
|
F78857B000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1ECB5C3C000
|
heap
|
page read and write
|
||
|
1F7000
|
heap
|
page read and write
|
||
|
14A90FD0000
|
trusted library allocation
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
14A91321000
|
trusted library allocation
|
page read and write
|
||
|
3B3887B000
|
stack
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
1D8D08C0000
|
heap
|
page read and write
|
||
|
14A91099000
|
heap
|
page read and write
|
||
|
1689943E000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
25317FF0000
|
remote allocation
|
page read and write
|
||
|
84B000
|
stack
|
page read and write
|
||
|
2A4D000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
65B000
|
heap
|
page read and write
|
||
|
14A91300000
|
trusted library allocation
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
BC6A57E000
|
stack
|
page read and write
|
||
|
65F000
|
heap
|
page read and write
|
||
|
77F000
|
heap
|
page read and write
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2949623E000
|
heap
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
1ECB5D08000
|
heap
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
A8F000
|
stack
|
page read and write
|
||
|
29496229000
|
heap
|
page read and write
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
2389364D000
|
heap
|
page read and write
|
||
|
202E9900000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
23893677000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
1D58C110000
|
heap
|
page read and write
|
||
|
14A91450000
|
remote allocation
|
page read and write
|
||
|
1D58C258000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
70C000
|
heap
|
page read and write
|
||
|
294961D0000
|
trusted library allocation
|
page read and write
|
||
|
1689942F000
|
heap
|
page read and write
|
||
|
4190000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B394FE000
|
stack
|
page read and write
|
||
|
D0E50FC000
|
stack
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
14A8CC20000
|
trusted library section
|
page readonly
|
||
|
268E000
|
stack
|
page read and write
|
||
|
14A910E9000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3B393FF000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
BC6A7FD000
|
stack
|
page read and write
|
||
|
1BB4E400000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
23893661000
|
heap
|
page read and write
|
||
|
1A8817E000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
1BB4E457000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1D8D0850000
|
heap
|
page read and write
|
||
|
1ECB5C13000
|
heap
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
202E9868000
|
heap
|
page read and write
|
||
|
2C77000
|
heap
|
page read and write
|
||
|
C9DC37E000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
1BB4E470000
|
heap
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
14A9130E000
|
trusted library allocation
|
page read and write
|
||
|
14A910B1000
|
heap
|
page read and write
|
||
|
274A000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1D58C247000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
70D000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
25317813000
|
heap
|
page read and write
|
||
|
3B38FFD000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
D0E4F7F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
14A8C500000
|
heap
|
page read and write
|
||
|
1D8D0B13000
|
heap
|
page read and write
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
59E000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
777000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
14A8BB02000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
14A913C0000
|
trusted library allocation
|
page read and write
|
||
|
14A91065000
|
heap
|
page read and write
|
||
|
D539F7E000
|
stack
|
page read and write
|
||
|
2DBA000
|
stack
|
page read and write
|
||
|
B6E9EFE000
|
stack
|
page read and write
|
||
|
23893640000
|
heap
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
16899452000
|
heap
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
C9DC2FE000
|
stack
|
page read and write
|
||
|
14A91320000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
286F000
|
stack
|
page read and write
|
||
|
6EF000
|
heap
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
F788A7B000
|
stack
|
page read and write
|
||
|
14A910F8000
|
heap
|
page read and write
|
||
|
202E9913000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
770000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
202E9800000
|
heap
|
page read and write
|
||
|
26B0000
|
direct allocation
|
page read and write
|
||
|
20D6723C000
|
heap
|
page read and write
|
||
|
1BB4E402000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1BB4E451000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
2389364C000
|
heap
|
page read and write
|
||
|
294962E2000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
3F3CFFC000
|
stack
|
page read and write
|
||
|
74EE977000
|
stack
|
page read and write
|
||
|
27DF000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2531783D000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
14A8C402000
|
heap
|
page read and write
|
||
|
23893646000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
14A8CB00000
|
trusted library allocation
|
page read and write
|
||
|
1A8837F000
|
stack
|
page read and write
|
||
|
20D67302000
|
heap
|
page read and write
|
||
|
D0E567E000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
202E9802000
|
heap
|
page read and write
|
||
|
1D8D0A5C000
|
heap
|
page read and write
|
||
|
14A8C400000
|
heap
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
1D58C202000
|
heap
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
202E9730000
|
heap
|
page read and write
|
||
|
23893662000
|
heap
|
page read and write
|
||
|
1ECB5C76000
|
heap
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
266F000
|
stack
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
289B000
|
heap
|
page read and write
|
||
|
1D8D0A13000
|
heap
|
page read and write
|
||
|
20D66FC0000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
850000
|
trusted library allocation
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
20D67283000
|
heap
|
page read and write
|
||
|
14A8BA8C000
|
heap
|
page read and write
|
||
|
2AB9488E000
|
heap
|
page read and write
|
||
|
2389362E000
|
heap
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1D8D0A59000
|
heap
|
page read and write
|
||
|
1D8D0A00000
|
heap
|
page read and write
|
||
|
1A8807E000
|
stack
|
page read and write
|
||
|
1ECB6602000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
29496C02000
|
heap
|
page read and write
|
||
|
1D58C21F000
|
heap
|
page read and write
|
||
|
2AB94740000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1BB4EE02000
|
trusted library allocation
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
3F3D7FD000
|
stack
|
page read and write
|
||
|
2389367E000
|
heap
|
page read and write
|
||
|
2770000
|
direct allocation
|
page read and write
|
||
|
751000
|
heap
|
page read and write
|
||
|
FA189FE000
|
stack
|
page read and write
|
||
|
14A8B950000
|
heap
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
FA188FE000
|
stack
|
page read and write
|
||
|
25317802000
|
heap
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
14A91014000
|
heap
|
page read and write
|
||
|
14A91000000
|
heap
|
page read and write
|
||
|
1689942A000
|
heap
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
29496302000
|
heap
|
page read and write
|
||
|
2AB947B0000
|
heap
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
74EE87E000
|
stack
|
page read and write
|
||
|
20D67030000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20D6724E000
|
heap
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
25318002000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
26D0000
|
direct allocation
|
page read and write
|
||
|
23893645000
|
heap
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
23893647000
|
heap
|
page read and write
|
||
|
20D67300000
|
heap
|
page read and write
|
||
|
2C3F000
|
stack
|
page read and write
|
||
|
28CF000
|
stack
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
2389363A000
|
heap
|
page read and write
|
||
|
14A8BA00000
|
heap
|
page read and write
|
||
|
14A9109D000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
16899446000
|
heap
|
page read and write
|
||
|
D0E527B000
|
stack
|
page read and write
|
||
|
14A8C502000
|
heap
|
page read and write
|
||
|
14A91320000
|
trusted library allocation
|
page read and write
|
||
|
9BF000
|
stack
|
page read and write
|
There are 1022 hidden memdumps, click here to show them.