Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
bE5aaTiJM0.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\Desktop\BNAGMGSPLO.docx
|
data
|
dropped
|
|
|
|
C:\Users\user\Desktop\EWZCVGNOWT.mp3
|
data
|
dropped
|
|
|
|
C:\Users\user\Desktop\TQDFJHPUIU.png
|
data
|
dropped
|
|
|
|
C:\Users\user\Desktop\bE5aaTiJM0.exe
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Desktop\bE5aaTiJM0.exe.vvyu (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\_readme.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\SystemID\PersonalID.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old
|
data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\7D5KIW2V\www.msn[1].xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\7D5KIW2V\www.msn[1].xml.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\get[1].htm
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\bowsakkdestx.txt
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BJZFPPWAPT.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BJZFPPWAPT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\BNAGMGSPLO.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\BNAGMGSPLO.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\EEGWXUHVUG.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\EEGWXUHVUG.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\EFOYFBOLXA.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\EFOYFBOLXA.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\GRXZDKKVDB.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\GRXZDKKVDB.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\NVWZAPQSQL.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\NVWZAPQSQL.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\SQSJKEBWDT.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BNAGMGSPLO\SQSJKEBWDT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\DUUDTUBZFW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\DUUDTUBZFW.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\DUUDTUBZFW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\DUUDTUBZFW.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\EEGWXUHVUG.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\EEGWXUHVUG.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\EFOYFBOLXA.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\EFOYFBOLXA.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\EWZCVGNOWT.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\EWZCVGNOWT.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\ZGGKNSUKOP.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EEGWXUHVUG\ZGGKNSUKOP.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EFOYFBOLXA.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EFOYFBOLXA.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EFOYFBOLXA.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EFOYFBOLXA.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EOWRVPQCCS.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EOWRVPQCCS.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EWZCVGNOWT.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EWZCVGNOWT.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\EWZCVGNOWT.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\GRXZDKKVDB.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\GRXZDKKVDB.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\BJZFPPWAPT.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\BJZFPPWAPT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\EOWRVPQCCS.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\EOWRVPQCCS.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\EWZCVGNOWT.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\EWZCVGNOWT.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\NVWZAPQSQL.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\NVWZAPQSQL.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\NYMMPCEIMA.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\NYMMPCEIMA.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\TQDFJHPUIU.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NVWZAPQSQL\TQDFJHPUIU.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NYMMPCEIMA.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NYMMPCEIMA.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\SQSJKEBWDT.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\SQSJKEBWDT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\TQDFJHPUIU.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\ZGGKNSUKOP.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\ZGGKNSUKOP.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BJZFPPWAPT.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BJZFPPWAPT.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BJZFPPWAPT.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BJZFPPWAPT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BNAGMGSPLO.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BNAGMGSPLO.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\DUUDTUBZFW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\DUUDTUBZFW.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\DUUDTUBZFW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\DUUDTUBZFW.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\EEGWXUHVUG.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\EEGWXUHVUG.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\EFOYFBOLXA.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\EFOYFBOLXA.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\EWZCVGNOWT.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\EWZCVGNOWT.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\ZGGKNSUKOP.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EEGWXUHVUG\ZGGKNSUKOP.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EFOYFBOLXA.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EFOYFBOLXA.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EFOYFBOLXA.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EFOYFBOLXA.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EOWRVPQCCS.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EOWRVPQCCS.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EWZCVGNOWT.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EWZCVGNOWT.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EWZCVGNOWT.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\EWZCVGNOWT.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\GRXZDKKVDB.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\GRXZDKKVDB.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\BJZFPPWAPT.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\BJZFPPWAPT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\EOWRVPQCCS.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\EOWRVPQCCS.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\EWZCVGNOWT.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\EWZCVGNOWT.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\NVWZAPQSQL.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\NVWZAPQSQL.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\NYMMPCEIMA.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\NYMMPCEIMA.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\TQDFJHPUIU.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NVWZAPQSQL\TQDFJHPUIU.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NYMMPCEIMA.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NYMMPCEIMA.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\BJZFPPWAPT.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\BJZFPPWAPT.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\EEGWXUHVUG.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\EEGWXUHVUG.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\EFOYFBOLXA.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\EFOYFBOLXA.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\GRXZDKKVDB.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\GRXZDKKVDB.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\NVWZAPQSQL.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\NVWZAPQSQL.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\SQSJKEBWDT.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQSJKEBWDT\SQSJKEBWDT.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\TQDFJHPUIU.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\TQDFJHPUIU.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\ZGGKNSUKOP.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\ZGGKNSUKOP.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BJZFPPWAPT.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BJZFPPWAPT.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BJZFPPWAPT.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BJZFPPWAPT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\DUUDTUBZFW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\DUUDTUBZFW.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EEGWXUHVUG.docx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EEGWXUHVUG.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EEGWXUHVUG.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EEGWXUHVUG.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EFOYFBOLXA.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EFOYFBOLXA.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EFOYFBOLXA.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EFOYFBOLXA.xlsx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EOWRVPQCCS.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EOWRVPQCCS.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EWZCVGNOWT.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EWZCVGNOWT.jpg.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EWZCVGNOWT.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\EWZCVGNOWT.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\GRXZDKKVDB.png
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\GRXZDKKVDB.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NVWZAPQSQL.docx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NVWZAPQSQL.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NVWZAPQSQL.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NVWZAPQSQL.pdf.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NYMMPCEIMA.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NYMMPCEIMA.mp3.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\SQSJKEBWDT.docx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\SQSJKEBWDT.docx.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\TQDFJHPUIU.png
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\TQDFJHPUIU.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\ZGGKNSUKOP.png
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\ZGGKNSUKOP.png.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Amazon.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Amazon.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Bing.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Bing.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Facebook.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Facebook.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Google.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Google.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Live.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Live.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\NYTimes.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\NYTimes.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Reddit.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Reddit.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Twitter.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Twitter.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Wikipedia.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Wikipedia.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Youtube.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Youtube.url.vvyu (copy)
|
data
|
dropped
|
||
|
C:\Users\user\_readme.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\bootTel.dat
|
data
|
dropped
|
||
|
C:\bootTel.dat.vvyu (copy)
|
data
|
dropped
|
There are 206 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\bE5aaTiJM0.exe
|
"C:\Users\user\Desktop\bE5aaTiJM0.exe"
|
|
|
|
C:\Users\user\Desktop\bE5aaTiJM0.exe
|
"C:\Users\user\Desktop\bE5aaTiJM0.exe"
|
|
|
|
C:\Users\user\Desktop\bE5aaTiJM0.exe
|
"C:\Users\user\Desktop\bE5aaTiJM0.exe" --Admin IsNotAutoStart IsNotTask
|
|
|
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe --Task
|
|
|
|
C:\Users\user\Desktop\bE5aaTiJM0.exe
|
"C:\Users\user\Desktop\bE5aaTiJM0.exe" --Admin IsNotAutoStart IsNotTask
|
|
|
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe
|
"C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe
|
"C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe --Task
|
|
|
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe
|
"C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe
|
"C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe\bE5aaTiJM0.exe" --AutoStart
|
|
|
|
C:\Windows\SysWOW64\icacls.exe
|
icacls "C:\Users\user\AppData\Local\134b591f-abb9-4ef9-932a-7c7a6a2cddfe" /deny *S-1-1-0:(OI)(CI)(DE,DC)
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://acacaca.org/test2/get.php
|
|
||
|
https://we.tl/t-QsoSRIeA
|
unknown
|
|
|
|
http://acacaca.org/test2/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4
|
58.235.189.192
|
|
|
|
https://we.tl/t-QsoSRIeAK6
|
unknown
|
|
|
|
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error
|
unknown
|
||
|
http://www.nytimes.com/
|
unknown
|
||
|
https://api.2ip.ua/
|
unknown
|
||
|
https://api.2ip.ua/A
|
unknown
|
||
|
https://api.2ip.ua/geo.jsondllZ
|
unknown
|
||
|
http://www.youtube.com/
|
unknown
|
||
|
http://www.wikipedia.com/
|
unknown
|
||
|
http://www.amazon.com/
|
unknown
|
||
|
http://www.live.com/
|
unknown
|
||
|
https://api.2ip.ua/geo.jsonJ
|
unknown
|
||
|
https://api.2ip.ua/geo.jsonj
|
unknown
|
||
|
http://www.reddit.com/
|
unknown
|
||
|
http://www.twitter.com/
|
unknown
|
||
|
https://api.2ip.ua/S
|
unknown
|
||
|
https://api.2ip.ua/geo.json
|
162.0.217.254
|
||
|
https://api.2ip.ua/geo.jsonG
|
unknown
|
||
|
https://api.2ip.ua/U
|
unknown
|
||
|
http://www.openssl.org/support/faq.html
|
unknown
|
||
|
http://www.google.com/
|
unknown
|
There are 13 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
acacaca.org
|
58.235.189.192
|
|
|
|
api.2ip.ua
|
162.0.217.254
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
58.235.189.192
|
acacaca.org
|
Korea Republic of
|
|
|
|
162.0.217.254
|
api.2ip.ua
|
Canada
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
|
SysHelper
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
|
SysHelper
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4350000
|
direct allocation
|
page execute and read and write
|
|
|
|
4290000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4240000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4270000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4270000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
22E7FCE000
|
stack
|
page read and write
|
||
|
1F39CB97000
|
heap
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1F39CB0F000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
73F000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
7FA000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
1F39C1C0000
|
remote allocation
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
270E1520000
|
trusted library allocation
|
page read and write
|
||
|
C86F8FD000
|
stack
|
page read and write
|
||
|
270DCFF0000
|
trusted library section
|
page readonly
|
||
|
8A2000
|
heap
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1F39C2F7000
|
heap
|
page read and write
|
||
|
24308302000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
4280000
|
heap
|
page read and write
|
||
|
1F39C302000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
19AB1249000
|
heap
|
page read and write
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
404E000
|
stack
|
page read and write
|
||
|
1F39C100000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
1F39CB89000
|
heap
|
page read and write
|
||
|
2B5A000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1F39CBAE000
|
heap
|
page read and write
|
||
|
270E1550000
|
trusted library allocation
|
page read and write
|
||
|
5D7000
|
heap
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
270DCFE0000
|
trusted library section
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
266E000
|
stack
|
page read and write
|
||
|
1A756C95000
|
heap
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
1F39CBAA000
|
heap
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
31AC000
|
trusted library allocation
|
page read and write
|
||
|
12514601000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
1F39CB71000
|
heap
|
page read and write
|
||
|
270DC913000
|
heap
|
page read and write
|
||
|
1A756CA0000
|
trusted library allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
356797E000
|
stack
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
19AB122A000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
889000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2B4A000
|
stack
|
page read and write
|
||
|
1F39D003000
|
heap
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
1F39C2ED000
|
heap
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
27E4000
|
trusted library allocation
|
page execute and read and write
|
||
|
270E16D9000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
1F39C270000
|
heap
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
31A3000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
270DC918000
|
heap
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
270E1390000
|
trusted library allocation
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
2B97000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
270E1400000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
D17000
|
heap
|
page read and write
|
||
|
270E1600000
|
heap
|
page read and write
|
||
|
C86F2FE000
|
stack
|
page read and write
|
||
|
924000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
270E1702000
|
heap
|
page read and write
|
||
|
270DBE3D000
|
heap
|
page read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
2B7D000
|
stack
|
page read and write
|
||
|
19AB1255000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
270DCA01000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
35675FC000
|
stack
|
page read and write
|
||
|
1F39C2EA000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
93E000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
1F39C229000
|
heap
|
page read and write
|
||
|
1A756C50000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
23973F9000
|
stack
|
page read and write
|
||
|
270DC902000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
87C000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
4670000
|
heap
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
270E1850000
|
trusted library allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1A756A9D000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
19AB0FE0000
|
heap
|
page read and write
|
||
|
35674FD000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
270DD380000
|
trusted library allocation
|
page read and write
|
||
|
29AF000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
270DC800000
|
heap
|
page read and write
|
||
|
D3F000
|
stack
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
270E162E000
|
heap
|
page read and write
|
||
|
243080F0000
|
heap
|
page read and write
|
||
|
270DBF26000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
254A000
|
heap
|
page read and write
|
||
|
1F39CB72000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1B9DD83C000
|
heap
|
page read and write
|
||
|
19AB1213000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
3E9967F000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4300000
|
heap
|
page read and write
|
||
|
1A756B90000
|
trusted library allocation
|
page read and write
|
||
|
41CF000
|
stack
|
page read and write
|
||
|
1F39D044000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
270DC815000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
270DBF13000
|
heap
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
2E20000
|
remote allocation
|
page read and write
|
||
|
1A756BD0000
|
trusted library allocation
|
page read and write
|
||
|
64A397E000
|
stack
|
page read and write
|
||
|
2430824B000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
125145EE000
|
heap
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7BD000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
270E1705000
|
heap
|
page read and write
|
||
|
26E0000
|
direct allocation
|
page read and write
|
||
|
30B0000
|
remote allocation
|
page read and write
|
||
|
1F39CBBA000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
270DC918000
|
heap
|
page read and write
|
||
|
1F39C281000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
C86FBFF000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
934000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
74E000
|
heap
|
page read and write
|
||
|
1F39CB97000
|
heap
|
page read and write
|
||
|
270DBE8E000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
270DC900000
|
heap
|
page read and write
|
||
|
270E1700000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
35671CB000
|
stack
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
91E000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
742000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1F39CBC0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
C2F75F7000
|
stack
|
page read and write
|
||
|
1B9DD900000
|
heap
|
page read and write
|
||
|
270DBE58000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3E99478000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
3E98FCE000
|
stack
|
page read and write
|
||
|
3E99777000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
270DBDC0000
|
trusted library section
|
page read and write
|
||
|
1A756A95000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
2A5D000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
26E0000
|
direct allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
270E1520000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
1F39CB99000
|
heap
|
page read and write
|
||
|
270DBE76000
|
heap
|
page read and write
|
||
|
8A2000
|
heap
|
page read and write
|
||
|
30B0000
|
remote allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
31B7000
|
trusted library allocation
|
page read and write
|
||
|
1A756A20000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
1A756860000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
270DD361000
|
trusted library allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
2C7B000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4340000
|
heap
|
page read and write
|
||
|
2BA8000
|
heap
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
1F39C2AE000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
939000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
2E20000
|
remote allocation
|
page read and write
|
||
|
3E9937E000
|
stack
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
1F39C2E3000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
239747F000
|
stack
|
page read and write
|
||
|
92EE000
|
stack
|
page read and write
|
||
|
357C000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
270DBDB0000
|
trusted library allocation
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
1A756C99000
|
heap
|
page read and write
|
||
|
279F000
|
stack
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
64A3E7E000
|
stack
|
page read and write
|
||
|
931000
|
heap
|
page read and write
|
||
|
12514605000
|
heap
|
page read and write
|
||
|
83D000
|
stack
|
page read and write
|
||
|
270E16AD000
|
heap
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
3E992FC000
|
stack
|
page read and write
|
||
|
270E1860000
|
trusted library allocation
|
page read and write
|
||
|
1A756A8F000
|
heap
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
1F39CB9D000
|
heap
|
page read and write
|
||
|
B98000
|
heap
|
page read and write
|
||
|
270DBE13000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
26F0000
|
direct allocation
|
page read and write
|
||
|
C86F9FA000
|
stack
|
page read and write
|
||
|
31AC000
|
trusted library allocation
|
page read and write
|
||
|
12514555000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3070000
|
trusted library section
|
page readonly
|
||
|
31B7000
|
trusted library allocation
|
page read and write
|
||
|
286F000
|
stack
|
page read and write
|
||
|
1F39CB8E000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
8B1000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
1F39CBA8000
|
heap
|
page read and write
|
||
|
239727B000
|
stack
|
page read and write
|
||
|
1F39CBA4000
|
heap
|
page read and write
|
||
|
914000
|
heap
|
page read and write
|
||
|
1F39CB71000
|
heap
|
page read and write
|
||
|
19AB0FD0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
647000
|
heap
|
page read and write
|
||
|
756000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A756A40000
|
heap
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
270E16E8000
|
heap
|
page read and write
|
||
|
270E1550000
|
trusted library allocation
|
page read and write
|
||
|
74B000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
24308271000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
41C0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
74B000
|
heap
|
page read and write
|
||
|
1F39CB71000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
125145F1000
|
heap
|
page read and write
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F39CBAF000
|
heap
|
page read and write
|
||
|
1F39CB99000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1F39C2C2000
|
heap
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
30B1000
|
heap
|
page read and write
|
||
|
270E152E000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1F39C23C000
|
heap
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
1F39CB97000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1F39D020000
|
heap
|
page read and write
|
||
|
288F000
|
stack
|
page read and write
|
||
|
31A3000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
260F000
|
stack
|
page read and write
|
||
|
19AB1040000
|
heap
|
page read and write
|
||
|
1A756C00000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
51A000
|
remote allocation
|
page execute and read and write
|
||
|
24308308000
|
heap
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
1F39CBAA000
|
heap
|
page read and write
|
||
|
25CA000
|
heap
|
page read and write
|
||
|
1F39CB00000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F39CB97000
|
heap
|
page read and write
|
||
|
3E997FF000
|
unkown
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
939000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
270E1380000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1F39C2DB000
|
heap
|
page read and write
|
||
|
31AC000
|
stack
|
page read and write
|
||
|
24308160000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2396FAE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
2430824A000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
8E3000
|
heap
|
page read and write
|
||
|
64A3D7B000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
1F39CB97000
|
heap
|
page read and write
|
||
|
125145EE000
|
heap
|
page read and write
|
||
|
2B7D000
|
stack
|
page read and write
|
||
|
2DBF000
|
stack
|
page read and write
|
||
|
939000
|
heap
|
page read and write
|
||
|
81F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
2A4D000
|
stack
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
627000
|
heap
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
270DBE29000
|
heap
|
page read and write
|
||
|
931000
|
heap
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
2F30000
|
trusted library section
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
6EB000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
19AB124D000
|
heap
|
page read and write
|
||
|
1F39C27A000
|
heap
|
page read and write
|
||
|
31B7000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
22E83FF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
64A3B7B000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
B70000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
270DBF02000
|
heap
|
page read and write
|
||
|
125145F1000
|
heap
|
page read and write
|
||
|
19AB122C000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
3567A7E000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
1F39CB71000
|
heap
|
page read and write
|
||
|
1F39D019000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
3E98F4E000
|
stack
|
page read and write
|
||
|
275F000
|
stack
|
page read and write
|
||
|
2F30000
|
trusted library section
|
page readonly
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
72D000
|
heap
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
19AB1271000
|
heap
|
page read and write
|
||
|
24308200000
|
heap
|
page read and write
|
||
|
1F39C2B6000
|
heap
|
page read and write
|
||
|
6ED000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F39C200000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
C86F7FF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1F39C000000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
24308213000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
12514390000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F39D003000
|
heap
|
page read and write
|
||
|
125144E0000
|
heap
|
page read and write
|
||
|
1F39CB8F000
|
heap
|
page read and write
|
||
|
19AB1250000
|
heap
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
19AB1140000
|
trusted library allocation
|
page read and write
|
||
|
270B000
|
heap
|
page read and write
|
||
|
12514604000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
23972F9000
|
stack
|
page read and write
|
||
|
2C7A000
|
stack
|
page read and write
|
||
|
1F39C276000
|
heap
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
1F39CBDD000
|
heap
|
page read and write
|
||
|
1F39CB8B000
|
heap
|
page read and write
|
||
|
19AB1282000
|
heap
|
page read and write
|
||
|
12514550000
|
heap
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
270DCEE0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
C2F72FF000
|
stack
|
page read and write
|
||
|
1F39CB99000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
2430822A000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F39BFA0000
|
heap
|
page read and write
|
||
|
2396EAB000
|
stack
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
19AB1302000
|
heap
|
page read and write
|
||
|
1F39CB95000
|
heap
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
270DBEFF000
|
heap
|
page read and write
|
||
|
24308100000
|
heap
|
page read and write
|
||
|
1B9DD6E0000
|
heap
|
page read and write
|
||
|
125145FF000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
270E1564000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
270E1640000
|
heap
|
page read and write
|
||
|
1A756BF0000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
270E15F0000
|
trusted library allocation
|
page read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
270E16B3000
|
heap
|
page read and write
|
||
|
1A7569B0000
|
heap
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
3E98ECB000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
419F000
|
stack
|
page read and write
|
||
|
1F39D000000
|
heap
|
page read and write
|
||
|
C86F57F000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
74D000
|
heap
|
page read and write
|
||
|
1B9DD855000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
64A3C7B000
|
stack
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1B9DD670000
|
heap
|
page read and write
|
||
|
1F39CB91000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1F39C1C0000
|
remote allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F39C313000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
19AB1200000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1B9DD86C000
|
heap
|
page read and write
|
||
|
1F39CB87000
|
heap
|
page read and write
|
||
|
8AF000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
22E8478000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1F39CB9D000
|
heap
|
page read and write
|
||
|
C86F77E000
|
stack
|
page read and write
|
||
|
2CBD000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
24308190000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
22E82F9000
|
stack
|
page read and write
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
270E1689000
|
heap
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
19AB1308000
|
heap
|
page read and write
|
||
|
4450000
|
heap
|
page read and write
|
||
|
44D0000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F39CB9F000
|
heap
|
page read and write
|
||
|
1F39CBBA000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
92E000
|
heap
|
page read and write
|
||
|
31B2000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2B3A000
|
stack
|
page read and write
|
||
|
4670000
|
heap
|
page read and write
|
||
|
125145EE000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2430823C000
|
heap
|
page read and write
|
||
|
22E827F000
|
stack
|
page read and write
|
||
|
1A756A9D000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
C2F77FF000
|
stack
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
270E2000000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1B9DD828000
|
heap
|
page read and write
|
||
|
744000
|
heap
|
page read and write
|
||
|
4730000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
C2F6FCB000
|
stack
|
page read and write
|
||
|
8AF000
|
heap
|
page read and write
|
||
|
1B9DD802000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
270E1670000
|
trusted library allocation
|
page read and write
|
||
|
91B000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F39CB99000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
24308313000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
30000
|
heap
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
C86F5FF000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
1F39CB9D000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
125145E6000
|
heap
|
page read and write
|
||
|
270DD000000
|
trusted library section
|
page readonly
|
||
|
2F5F000
|
stack
|
page read and write
|
||
|
2B1F000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
270DBE7B000
|
heap
|
page read and write
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
3191000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
1A756A9D000
|
heap
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
1A756A86000
|
heap
|
page read and write
|
||
|
270DBD20000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
270DC7F0000
|
trusted library allocation
|
page read and write
|
||
|
81F000
|
heap
|
page read and write
|
||
|
41D1000
|
trusted library allocation
|
page execute and read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
1F39CB8D000
|
heap
|
page read and write
|
||
|
31A3000
|
trusted library allocation
|
page read and write
|
||
|
270E1410000
|
trusted library allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
1F39CB4E000
|
heap
|
page read and write
|
||
|
125145CB000
|
heap
|
page read and write
|
||
|
270DBD10000
|
heap
|
page read and write
|
||
|
270E1880000
|
remote allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
356777E000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1F39CB9D000
|
heap
|
page read and write
|
||
|
1F39CB13000
|
heap
|
page read and write
|
||
|
22E7F4A000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
125145D2000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
31AC000
|
trusted library allocation
|
page read and write
|
||
|
270DBE00000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
73C000
|
heap
|
page read and write
|
||
|
7A2000
|
heap
|
page read and write
|
||
|
41B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
41A4000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A756BE0000
|
heap
|
page readonly
|
||
|
270E1541000
|
trusted library allocation
|
page read and write
|
||
|
270E1560000
|
trusted library allocation
|
page read and write
|
||
|
1B9DD902000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1A756990000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
239737F000
|
stack
|
page read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
270E1528000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
125145E7000
|
heap
|
page read and write
|
||
|
3567877000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1B9DD680000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19AB124B000
|
heap
|
page read and write
|
||
|
414F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1F39BF90000
|
heap
|
page read and write
|
||
|
270DBE71000
|
heap
|
page read and write
|
||
|
273B000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
1A756A51000
|
heap
|
page read and write
|
||
|
C86F4FF000
|
stack
|
page read and write
|
||
|
2F71000
|
heap
|
page read and write
|
||
|
275E000
|
stack
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1F39CB89000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1F39CA02000
|
heap
|
page read and write
|
||
|
270E16F2000
|
heap
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
2540000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
C86F1FB000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
1A757790000
|
trusted library allocation
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
2650000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
270E1612000
|
heap
|
page read and write
|
||
|
1F39CB95000
|
heap
|
page read and write
|
||
|
819000
|
heap
|
page read and write
|
||
|
270E1880000
|
remote allocation
|
page read and write
|
||
|
1B9DD913000
|
heap
|
page read and write
|
||
|
1F39CB89000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
C2F727E000
|
stack
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
2DE0000
|
trusted library section
|
page readonly
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
24308282000
|
heap
|
page read and write
|
||
|
1F39CB0D000
|
heap
|
page read and write
|
||
|
2396F2D000
|
stack
|
page read and write
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
C86F0F9000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
274F000
|
stack
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
285F000
|
stack
|
page read and write
|
||
|
1F39C2EC000
|
heap
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
1F39CB83000
|
heap
|
page read and write
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
41D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
252B000
|
unkown
|
page read and write
|
||
|
270DD010000
|
trusted library section
|
page readonly
|
||
|
270E1540000
|
trusted library allocation
|
page read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
2DBA000
|
stack
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
356747E000
|
stack
|
page read and write
|
||
|
4530000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
125145D7000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
270E1661000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
1F39CB8D000
|
heap
|
page read and write
|
||
|
64A387C000
|
stack
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
30B0000
|
remote allocation
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
270DCFD0000
|
trusted library section
|
page readonly
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1F39C2AC000
|
heap
|
page read and write
|
||
|
35676FB000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
2E20000
|
remote allocation
|
page read and write
|
||
|
1F39CB97000
|
heap
|
page read and write
|
||
|
1F39CBAF000
|
heap
|
page read and write
|
||
|
1F39C2C9000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
19AB1300000
|
heap
|
page read and write
|
||
|
270DBD80000
|
heap
|
page read and write
|
||
|
288B000
|
heap
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
916000
|
heap
|
page read and write
|
||
|
C86F6FB000
|
stack
|
page read and write
|
||
|
C86EFF7000
|
stack
|
page read and write
|
||
|
1F39CB91000
|
heap
|
page read and write
|
||
|
1B9DD877000
|
heap
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
125145C0000
|
heap
|
page read and write
|
||
|
262F000
|
stack
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
1F39D002000
|
heap
|
page read and write
|
||
|
270E1830000
|
trusted library allocation
|
page read and write
|
||
|
125144C0000
|
heap
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
125145E3000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
270E16E0000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1F39CB97000
|
heap
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
934000
|
heap
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
1F39C2AA000
|
heap
|
page read and write
|
||
|
270DC802000
|
heap
|
page read and write
|
||
|
270DBEA0000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
24308C02000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
19AB123C000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3E998F8000
|
stack
|
page read and write
|
||
|
421F000
|
stack
|
page read and write
|
||
|
3530000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
22E837E000
|
stack
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24308278000
|
heap
|
page read and write
|
||
|
1B9DE002000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
270E1630000
|
heap
|
page read and write
|
||
|
1A756850000
|
heap
|
page read and write
|
||
|
C2F74FB000
|
stack
|
page read and write
|
||
|
1F39CB89000
|
heap
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
848000
|
heap
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
1A756C90000
|
heap
|
page read and write
|
||
|
C86EBDB000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
26DE000
|
stack
|
page read and write
|
||
|
19AB1313000
|
heap
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
8AF000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
4490000
|
heap
|
page read and write
|
||
|
270E1544000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
3E99577000
|
stack
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
1F39CB71000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
270DC7F3000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library section
|
page readonly
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
4A8000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
270E1880000
|
remote allocation
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
1A756A30000
|
trusted library allocation
|
page read and write
|
||
|
270E1680000
|
trusted library allocation
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
1F39CBC1000
|
heap
|
page read and write
|
||
|
24308300000
|
heap
|
page read and write
|
||
|
93EE000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
4A8000
|
unkown
|
page write copy
|
||
|
19A000
|
stack
|
page read and write
|
||
|
125145F1000
|
heap
|
page read and write
|
||
|
1F39CB71000
|
heap
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
19A000
|
stack
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
4570000
|
heap
|
page read and write
|
||
|
7FA000
|
heap
|
page read and write
|
||
|
125145E5000
|
heap
|
page read and write
|
||
|
19AB1A02000
|
trusted library allocation
|
page read and write
|
||
|
270DCFC0000
|
trusted library section
|
page readonly
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
1F39CB89000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
289F000
|
stack
|
page read and write
|
||
|
125145D6000
|
heap
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
8E3000
|
heap
|
page read and write
|
||
|
270DBE95000
|
heap
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
C86F47F000
|
stack
|
page read and write
|
||
|
C86F3FB000
|
stack
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1A756A81000
|
heap
|
page read and write
|
||
|
914000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
75F000
|
stack
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
1F39CB72000
|
heap
|
page read and write
|
||
|
3500000
|
direct allocation
|
page read and write
|
||
|
270E1840000
|
trusted library allocation
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
1B9DD7E0000
|
trusted library allocation
|
page read and write
|
||
|
332A000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
1B9DD813000
|
heap
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
270E16EA000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
33C0000
|
direct allocation
|
page read and write
|
||
|
2F70000
|
remote allocation
|
page read and write
|
||
|
252E000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
270DBE79000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
270E164D000
|
heap
|
page read and write
|
||
|
C2F76FF000
|
stack
|
page read and write
|
||
|
1F39C1C0000
|
remote allocation
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
1F39C213000
|
heap
|
page read and write
|
||
|
7BC000
|
heap
|
page read and write
|
||
|
1B9DD800000
|
heap
|
page read and write
|
||
|
9C0000
|
trusted library allocation
|
page read and write
|
There are 1105 hidden memdumps, click here to show them.