Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Original Shipment_Document.PDF.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nse53EC.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nse53EC.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\timelrer\Tdlen\Integrationsprvens.Adg72
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\timelrer\Tdlen\format-text-bold-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\timelrer\Tdlen\location-services-disabled-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\timelrer\Tdlen\uforfrdetheden.Rid
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Original Shipment_Document.PDF.exe
|
"C:\Users\user\Desktop\Original Shipment_Document.PDF.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x721C070B^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x7C156677^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x03631637^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x5C382120^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x7F303920^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x78713865^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x4B6D7569^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x19307575^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x41616575^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09696575^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x0975752C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x19697965^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x49796569^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x19307571^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x15793C65^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09216D75^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x15793C65^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09703C6B^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x4B6C7578^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x721C070B^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x7C156677^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x0363032C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x4B2D2024^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x55183929^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x563A7D2C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09753C65^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09216475^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09696575^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x15793C65^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09216675^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09697965^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x5079653D^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x0D697C35^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x172B6478^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x721C070B^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x7C156677^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x03630620^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x4D1F3C29^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x5C093A2C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x572D3037^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x11307537^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x0C75752C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x19686375^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09697569^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x19307575^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x15307575^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x10307B37^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x0A64721C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x721C070B^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x7C156677^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x03630720^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x583D132C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x553C7D2C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x4B6C7965^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x50792774^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x15793C65^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09216475^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x09696575^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x15733C65^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x0975752C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x19697C2C^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x172B6678^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x4C2A3037^962155845"
|
|
|
|
C:\Windows\SysWOW64\cmd.eXe
|
cmd.eXe /c SeT /a "0x0A6B6F7F^962155845"
|
|
|
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 119 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
30F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
19EAF44D000
|
heap
|
page read and write
|
||
|
1667B85B000
|
heap
|
page read and write
|
||
|
1667B83C000
|
heap
|
page read and write
|
||
|
17DEEA6C000
|
heap
|
page read and write
|
||
|
24098065000
|
heap
|
page read and write
|
||
|
24098067000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
20A0C200000
|
heap
|
page read and write
|
||
|
1D917513000
|
heap
|
page read and write
|
||
|
859AFFD000
|
stack
|
page read and write
|
||
|
1D9173E0000
|
trusted library allocation
|
page read and write
|
||
|
859AB7E000
|
stack
|
page read and write
|
||
|
1D495E59000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
2B131A44000
|
heap
|
page read and write
|
||
|
280123A0000
|
trusted library section
|
page readonly
|
||
|
1F9D4062000
|
heap
|
page read and write
|
||
|
BE0D67F000
|
stack
|
page read and write
|
||
|
6EAC4000
|
unkown
|
page readonly
|
||
|
280174E6000
|
heap
|
page read and write
|
||
|
1F9D403C000
|
heap
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
280171F0000
|
trusted library allocation
|
page read and write
|
||
|
30B18FB000
|
stack
|
page read and write
|
||
|
1D917479000
|
heap
|
page read and write
|
||
|
24098102000
|
heap
|
page read and write
|
||
|
1667B902000
|
heap
|
page read and write
|
||
|
A072FFF000
|
stack
|
page read and write
|
||
|
1F9D4089000
|
heap
|
page read and write
|
||
|
28017320000
|
remote allocation
|
page read and write
|
||
|
28017502000
|
heap
|
page read and write
|
||
|
280123B0000
|
trusted library section
|
page readonly
|
||
|
19EAF429000
|
heap
|
page read and write
|
||
|
1D495D60000
|
heap
|
page read and write
|
||
|
24098042000
|
heap
|
page read and write
|
||
|
17DEEA00000
|
heap
|
page read and write
|
||
|
44F000
|
unkown
|
page read and write
|
||
|
1667B908000
|
heap
|
page read and write
|
||
|
62217FE000
|
stack
|
page read and write
|
||
|
1667B86B000
|
heap
|
page read and write
|
||
|
28011C8E000
|
heap
|
page read and write
|
||
|
1667B829000
|
heap
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
20A0C302000
|
heap
|
page read and write
|
||
|
24098013000
|
heap
|
page read and write
|
||
|
17E0B1C0000
|
heap
|
page read and write
|
||
|
1D495E00000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1667B710000
|
heap
|
page read and write
|
||
|
1D495EB6000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
17E0B400000
|
heap
|
page read and write
|
||
|
280172D0000
|
trusted library allocation
|
page read and write
|
||
|
1667B7B0000
|
trusted library allocation
|
page read and write
|
||
|
2F7CAFE000
|
stack
|
page read and write
|
||
|
BE0D2FB000
|
stack
|
page read and write
|
||
|
1D496802000
|
heap
|
page read and write
|
||
|
28011C00000
|
heap
|
page read and write
|
||
|
28011C42000
|
heap
|
page read and write
|
||
|
1D496700000
|
heap
|
page read and write
|
||
|
24098029000
|
heap
|
page read and write
|
||
|
1D495FC2000
|
heap
|
page read and write
|
||
|
1D917413000
|
heap
|
page read and write
|
||
|
1D917440000
|
heap
|
page read and write
|
||
|
24098049000
|
heap
|
page read and write
|
||
|
19EAF400000
|
heap
|
page read and write
|
||
|
5E47B7E000
|
stack
|
page read and write
|
||
|
280123F3000
|
trusted library allocation
|
page read and write
|
||
|
280123C0000
|
trusted library section
|
page readonly
|
||
|
1D495F8C000
|
heap
|
page read and write
|
||
|
622127B000
|
stack
|
page read and write
|
||
|
1667B913000
|
heap
|
page read and write
|
||
|
1D917428000
|
heap
|
page read and write
|
||
|
A0730FF000
|
stack
|
page read and write
|
||
|
30B197F000
|
stack
|
page read and write
|
||
|
28013001000
|
trusted library allocation
|
page read and write
|
||
|
282B000
|
trusted library allocation
|
page read and write
|
||
|
17E0B220000
|
heap
|
page read and write
|
||
|
CAA248C000
|
stack
|
page read and write
|
||
|
280174E1000
|
heap
|
page read and write
|
||
|
1D49674B000
|
heap
|
page read and write
|
||
|
2B131A3B000
|
heap
|
page read and write
|
||
|
1D496773000
|
heap
|
page read and write
|
||
|
20A0C202000
|
heap
|
page read and write
|
||
|
28011D13000
|
heap
|
page read and write
|
||
|
17DEEA3D000
|
heap
|
page read and write
|
||
|
24098030000
|
heap
|
page read and write
|
||
|
2B131A29000
|
heap
|
page read and write
|
||
|
28012500000
|
heap
|
page read and write
|
||
|
1667B891000
|
heap
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
E6DCAFD000
|
stack
|
page read and write
|
||
|
E6DC47C000
|
stack
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
1D9172E0000
|
heap
|
page read and write
|
||
|
1F9D4060000
|
heap
|
page read and write
|
||
|
1D495E65000
|
heap
|
page read and write
|
||
|
17E0BB00000
|
heap
|
page read and write
|
||
|
17DEE950000
|
trusted library allocation
|
page read and write
|
||
|
1F9D4013000
|
heap
|
page read and write
|
||
|
28011B90000
|
trusted library allocation
|
page read and write
|
||
|
1D49670A000
|
heap
|
page read and write
|
||
|
19EAF340000
|
heap
|
page read and write
|
||
|
A072BF9000
|
stack
|
page read and write
|
||
|
362D000
|
stack
|
page read and write
|
||
|
2409806B000
|
heap
|
page read and write
|
||
|
28017020000
|
trusted library allocation
|
page read and write
|
||
|
28012701000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1667B87F000
|
heap
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
576000
|
heap
|
page read and write
|
||
|
28012518000
|
heap
|
page read and write
|
||
|
19EAF47E000
|
heap
|
page read and write
|
||
|
28018000000
|
heap
|
page read and write
|
||
|
24098000000
|
heap
|
page read and write
|
||
|
1D496725000
|
heap
|
page read and write
|
||
|
2826000
|
trusted library allocation
|
page read and write
|
||
|
24097E30000
|
heap
|
page read and write
|
||
|
28011C13000
|
heap
|
page read and write
|
||
|
1667B865000
|
heap
|
page read and write
|
||
|
1D495E54000
|
heap
|
page read and write
|
||
|
2240000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
28017500000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
280171CE000
|
trusted library allocation
|
page read and write
|
||
|
24098047000
|
heap
|
page read and write
|
||
|
20A0C258000
|
heap
|
page read and write
|
||
|
859AA7B000
|
stack
|
page read and write
|
||
|
1D495E8C000
|
heap
|
page read and write
|
||
|
1D496602000
|
heap
|
page read and write
|
||
|
2409802D000
|
heap
|
page read and write
|
||
|
1D495E95000
|
heap
|
page read and write
|
||
|
28011C78000
|
heap
|
page read and write
|
||
|
CAA28FE000
|
stack
|
page read and write
|
||
|
280171E1000
|
trusted library allocation
|
page read and write
|
||
|
282A000
|
trusted library allocation
|
page read and write
|
||
|
6EAC0000
|
unkown
|
page readonly
|
||
|
28011C29000
|
heap
|
page read and write
|
||
|
A07307F000
|
stack
|
page read and write
|
||
|
528000
|
heap
|
page read and write
|
||
|
5E4797B000
|
stack
|
page read and write
|
||
|
30B1C7D000
|
stack
|
page read and write
|
||
|
1667C002000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
4678E7D000
|
stack
|
page read and write
|
||
|
19EAF3B0000
|
heap
|
page read and write
|
||
|
2B131A02000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
280172F0000
|
trusted library allocation
|
page read and write
|
||
|
1667B85C000
|
heap
|
page read and write
|
||
|
467907E000
|
stack
|
page read and write
|
||
|
280123E0000
|
trusted library section
|
page readonly
|
||
|
1667B85F000
|
heap
|
page read and write
|
||
|
17E0BA02000
|
heap
|
page read and write
|
||
|
20A0C1D0000
|
remote allocation
|
page read and write
|
||
|
280171C8000
|
trusted library allocation
|
page read and write
|
||
|
280174A4000
|
heap
|
page read and write
|
||
|
28011C7D000
|
heap
|
page read and write
|
||
|
17E0B3F0000
|
trusted library allocation
|
page read and write
|
||
|
2409804E000
|
heap
|
page read and write
|
||
|
28017200000
|
trusted library allocation
|
page read and write
|
||
|
1D495E2F000
|
heap
|
page read and write
|
||
|
4678CFC000
|
stack
|
page read and write
|
||
|
2409807A000
|
heap
|
page read and write
|
||
|
28017465000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
1C9618E000
|
stack
|
page read and write
|
||
|
280174F7000
|
heap
|
page read and write
|
||
|
28017300000
|
trusted library allocation
|
page read and write
|
||
|
2F7CDFF000
|
stack
|
page read and write
|
||
|
1F9D4054000
|
heap
|
page read and write
|
||
|
1F9D408E000
|
heap
|
page read and write
|
||
|
A0726BB000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1F9D405B000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
28012513000
|
heap
|
page read and write
|
||
|
28011BA0000
|
trusted library section
|
page read and write
|
||
|
2409807B000
|
heap
|
page read and write
|
||
|
1D917464000
|
heap
|
page read and write
|
||
|
28013020000
|
trusted library allocation
|
page read and write
|
||
|
28011C23000
|
heap
|
page read and write
|
||
|
859ADFB000
|
stack
|
page read and write
|
||
|
28011CFF000
|
heap
|
page read and write
|
||
|
859ACFF000
|
stack
|
page read and write
|
||
|
28017415000
|
heap
|
page read and write
|
||
|
BE0CE7C000
|
stack
|
page read and write
|
||
|
A072CFB000
|
stack
|
page read and write
|
||
|
30B1D7E000
|
stack
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1667B827000
|
heap
|
page read and write
|
||
|
1F9D4049000
|
heap
|
page read and write
|
||
|
30B1B7E000
|
stack
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
1F9D3EB0000
|
heap
|
page read and write
|
||
|
17E0B513000
|
heap
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
280174FD000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
2409806D000
|
heap
|
page read and write
|
||
|
1C9697F000
|
stack
|
page read and write
|
||
|
17E0B471000
|
heap
|
page read and write
|
||
|
E6DCBFD000
|
stack
|
page read and write
|
||
|
46788FC000
|
stack
|
page read and write
|
||
|
1D495E91000
|
heap
|
page read and write
|
||
|
222E000
|
stack
|
page read and write
|
||
|
1D495E3D000
|
heap
|
page read and write
|
||
|
62216FE000
|
stack
|
page read and write
|
||
|
E6DC77E000
|
stack
|
page read and write
|
||
|
17E0B4BA000
|
heap
|
page read and write
|
||
|
1667B720000
|
heap
|
page read and write
|
||
|
19EAF451000
|
heap
|
page read and write
|
||
|
859B0FF000
|
stack
|
page read and write
|
||
|
24098802000
|
trusted library allocation
|
page read and write
|
||
|
20A0C040000
|
heap
|
page read and write
|
||
|
1F9D405F000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
A0733FC000
|
stack
|
page read and write
|
||
|
1667B85D000
|
heap
|
page read and write
|
||
|
2827000
|
trusted library allocation
|
page read and write
|
||
|
24098040000
|
heap
|
page read and write
|
||
|
1D495E6E000
|
heap
|
page read and write
|
||
|
1F9D4029000
|
heap
|
page read and write
|
||
|
E6DC9FF000
|
stack
|
page read and write
|
||
|
2F7C27B000
|
stack
|
page read and write
|
||
|
1667B86A000
|
heap
|
page read and write
|
||
|
24098060000
|
heap
|
page read and write
|
||
|
19EAF44B000
|
heap
|
page read and write
|
||
|
4678B7F000
|
stack
|
page read and write
|
||
|
2F7CBFF000
|
stack
|
page read and write
|
||
|
24098045000
|
heap
|
page read and write
|
||
|
17DEEA13000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
A072AF7000
|
stack
|
page read and write
|
||
|
1F9D4002000
|
heap
|
page read and write
|
||
|
2B131F90000
|
trusted library allocation
|
page read and write
|
||
|
28012402000
|
heap
|
page read and write
|
||
|
2409804B000
|
heap
|
page read and write
|
||
|
1D495FEB000
|
heap
|
page read and write
|
||
|
1D495D70000
|
heap
|
page read and write
|
||
|
CAA2AFF000
|
stack
|
page read and write
|
||
|
28017320000
|
remote allocation
|
page read and write
|
||
|
A072DFE000
|
stack
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
17DEEA76000
|
heap
|
page read and write
|
||
|
2409802E000
|
heap
|
page read and write
|
||
|
372B000
|
stack
|
page read and write
|
||
|
280170B0000
|
trusted library allocation
|
page read and write
|
||
|
2F7C6FC000
|
stack
|
page read and write
|
||
|
62212FE000
|
stack
|
page read and write
|
||
|
17DEEA66000
|
heap
|
page read and write
|
||
|
1F9D3F10000
|
heap
|
page read and write
|
||
|
28012BE0000
|
trusted library allocation
|
page read and write
|
||
|
17E0B4C2000
|
heap
|
page read and write
|
||
|
4678BFC000
|
stack
|
page read and write
|
||
|
46784EC000
|
stack
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
17E0B502000
|
heap
|
page read and write
|
||
|
17E0B445000
|
heap
|
page read and write
|
||
|
28011D02000
|
heap
|
page read and write
|
||
|
280174A2000
|
heap
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
17DEEA89000
|
heap
|
page read and write
|
||
|
4678F7E000
|
stack
|
page read and write
|
||
|
24097E40000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
1F9D4000000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
2F7C9FF000
|
stack
|
page read and write
|
||
|
28017442000
|
heap
|
page read and write
|
||
|
622137E000
|
stack
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
A07327A000
|
stack
|
page read and write
|
||
|
2F7CCFE000
|
stack
|
page read and write
|
||
|
28017502000
|
heap
|
page read and write
|
||
|
1D495E3A000
|
heap
|
page read and write
|
||
|
1F9D4102000
|
heap
|
page read and write
|
||
|
28012400000
|
heap
|
page read and write
|
||
|
19EAF350000
|
heap
|
page read and write
|
||
|
1C9677F000
|
stack
|
page read and write
|
||
|
1D917502000
|
heap
|
page read and write
|
||
|
19EAF3E0000
|
trusted library allocation
|
page read and write
|
||
|
24098039000
|
heap
|
page read and write
|
||
|
17E0B4DF000
|
heap
|
page read and write
|
||
|
1667B862000
|
heap
|
page read and write
|
||
|
2409803A000
|
heap
|
page read and write
|
||
|
30B1A77000
|
stack
|
page read and write
|
||
|
28017458000
|
heap
|
page read and write
|
||
|
A072EFB000
|
stack
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
19EAF470000
|
heap
|
page read and write
|
||
|
280171F0000
|
trusted library allocation
|
page read and write
|
||
|
2B131B02000
|
heap
|
page read and write
|
||
|
19EAF43C000
|
heap
|
page read and write
|
||
|
1667B879000
|
heap
|
page read and write
|
||
|
1C9667B000
|
stack
|
page read and write
|
||
|
19EAF413000
|
heap
|
page read and write
|
||
|
17DEEA5B000
|
heap
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
1F9D4802000
|
trusted library allocation
|
page read and write
|
||
|
17E0B4CB000
|
heap
|
page read and write
|
||
|
1D917500000
|
heap
|
page read and write
|
||
|
2B131830000
|
heap
|
page read and write
|
||
|
1D917454000
|
heap
|
page read and write
|
||
|
24098063000
|
heap
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
280171E0000
|
trusted library allocation
|
page read and write
|
||
|
24098077000
|
heap
|
page read and write
|
||
|
1667B813000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
CAA2BFE000
|
stack
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
1D495F13000
|
heap
|
page read and write
|
||
|
1F9D404A000
|
heap
|
page read and write
|
||
|
28012415000
|
heap
|
page read and write
|
||
|
280171E4000
|
trusted library allocation
|
page read and write
|
||
|
E6DC5FE000
|
stack
|
page read and write
|
||
|
62214FE000
|
stack
|
page read and write
|
||
|
A0735FE000
|
stack
|
page read and write
|
||
|
24098046000
|
heap
|
page read and write
|
||
|
2B131A3E000
|
heap
|
page read and write
|
||
|
1D496725000
|
heap
|
page read and write
|
||
|
1D49681B000
|
heap
|
page read and write
|
||
|
859AEF7000
|
stack
|
page read and write
|
||
|
20A0C213000
|
heap
|
page read and write
|
||
|
30B16FE000
|
stack
|
page read and write
|
||
|
1D495E6C000
|
heap
|
page read and write
|
||
|
20A0C1A0000
|
trusted library allocation
|
page read and write
|
||
|
24098062000
|
heap
|
page read and write
|
||
|
30B167E000
|
stack
|
page read and write
|
||
|
24098096000
|
heap
|
page read and write
|
||
|
2409804F000
|
heap
|
page read and write
|
||
|
28017400000
|
heap
|
page read and write
|
||
|
282E000
|
trusted library allocation
|
page read and write
|
||
|
1D496724000
|
heap
|
page read and write
|
||
|
20A0C030000
|
heap
|
page read and write
|
||
|
BE0D1FF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
280123F0000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
2B132002000
|
trusted library allocation
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
1C9608C000
|
stack
|
page read and write
|
||
|
28017290000
|
trusted library allocation
|
page read and write
|
||
|
E6DC6FE000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
BE0D07B000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1667B852000
|
heap
|
page read and write
|
||
|
19EAF513000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
17DEEA29000
|
heap
|
page read and write
|
||
|
17DEF202000
|
trusted library allocation
|
page read and write
|
||
|
1F9D407F000
|
heap
|
page read and write
|
||
|
1667B800000
|
heap
|
page read and write
|
||
|
17E0B4C8000
|
heap
|
page read and write
|
||
|
1F9D405D000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
A0732FF000
|
stack
|
page read and write
|
||
|
19EAFC02000
|
trusted library allocation
|
page read and write
|
||
|
20A0C1D0000
|
remote allocation
|
page read and write
|
||
|
E6DC87E000
|
stack
|
page read and write
|
||
|
1667B900000
|
heap
|
page read and write
|
||
|
1D49680A000
|
heap
|
page read and write
|
||
|
280123D0000
|
trusted library section
|
page readonly
|
||
|
28011AF0000
|
heap
|
page read and write
|
||
|
BE0D47A000
|
stack
|
page read and write
|
||
|
5E4733C000
|
stack
|
page read and write
|
||
|
859AAFE000
|
stack
|
page read and write
|
||
|
28011C7B000
|
heap
|
page read and write
|
||
|
1F9D4113000
|
heap
|
page read and write
|
||
|
19EAF449000
|
heap
|
page read and write
|
||
|
19EAF48A000
|
heap
|
page read and write
|
||
|
2F7C5FD000
|
stack
|
page read and write
|
||
|
1667B88A000
|
heap
|
page read and write
|
||
|
2B131A13000
|
heap
|
page read and write
|
||
|
2409807E000
|
heap
|
page read and write
|
||
|
1667B780000
|
heap
|
page read and write
|
||
|
1D495DD0000
|
heap
|
page read and write
|
||
|
1D49675C000
|
heap
|
page read and write
|
||
|
1F9D405C000
|
heap
|
page read and write
|
||
|
4678A7F000
|
stack
|
page read and write
|
||
|
1D917400000
|
heap
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
17E0B42A000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
28012502000
|
heap
|
page read and write
|
||
|
1F9D4108000
|
heap
|
page read and write
|
||
|
1F9D4100000
|
heap
|
page read and write
|
||
|
20A0CA02000
|
trusted library allocation
|
page read and write
|
||
|
28017030000
|
trusted library allocation
|
page read and write
|
||
|
4678D7B000
|
stack
|
page read and write
|
||
|
2825000
|
trusted library allocation
|
page read and write
|
||
|
17DEEB13000
|
heap
|
page read and write
|
||
|
1D917C02000
|
trusted library allocation
|
page read and write
|
||
|
20A0C229000
|
heap
|
page read and write
|
||
|
280170A0000
|
trusted library allocation
|
page read and write
|
||
|
2801742E000
|
heap
|
page read and write
|
||
|
1D917280000
|
heap
|
page read and write
|
||
|
28017310000
|
trusted library allocation
|
page read and write
|
||
|
6EAC1000
|
unkown
|
page execute read
|
||
|
20A0C0A0000
|
heap
|
page read and write
|
||
|
17DEE7E0000
|
heap
|
page read and write
|
||
|
4D0000
|
trusted library allocation
|
page read and write
|
||
|
2801744C000
|
heap
|
page read and write
|
||
|
582000
|
heap
|
page read and write
|
||
|
2409803D000
|
heap
|
page read and write
|
||
|
20A0C1D0000
|
remote allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1D496800000
|
heap
|
page read and write
|
||
|
42D000
|
unkown
|
page read and write
|
||
|
19EAF44F000
|
heap
|
page read and write
|
||
|
28012390000
|
trusted library section
|
page readonly
|
||
|
2B1317D0000
|
heap
|
page read and write
|
||
|
BE0D7FE000
|
stack
|
page read and write
|
||
|
24097FA0000
|
trusted library allocation
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
1D495E2A000
|
heap
|
page read and write
|
||
|
2801743F000
|
heap
|
page read and write
|
||
|
17DEEA59000
|
heap
|
page read and write
|
||
|
19EAF402000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
1D917270000
|
heap
|
page read and write
|
||
|
28011C73000
|
heap
|
page read and write
|
||
|
20A0C240000
|
heap
|
page read and write
|
||
|
1D495E43000
|
heap
|
page read and write
|
||
|
1F9D4054000
|
heap
|
page read and write
|
||
|
17E0B489000
|
heap
|
page read and write
|
||
|
5E4787B000
|
stack
|
page read and write
|
||
|
1D495E93000
|
heap
|
page read and write
|
||
|
BE0D57E000
|
stack
|
page read and write
|
||
|
28017204000
|
trusted library allocation
|
page read and write
|
||
|
2B131A2F000
|
heap
|
page read and write
|
||
|
17DEE7F0000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
1D917402000
|
heap
|
page read and write
|
||
|
17E0B1B0000
|
heap
|
page read and write
|
||
|
1C9610E000
|
stack
|
page read and write
|
||
|
1D496794000
|
heap
|
page read and write
|
||
|
1D496726000
|
heap
|
page read and write
|
||
|
1F9D3EA0000
|
heap
|
page read and write
|
||
|
19EAF508000
|
heap
|
page read and write
|
||
|
24098050000
|
heap
|
page read and write
|
||
|
1D496550000
|
trusted library allocation
|
page read and write
|
||
|
28017320000
|
remote allocation
|
page read and write
|
||
|
1D496823000
|
heap
|
page read and write
|
||
|
A14000
|
heap
|
page read and write
|
||
|
1667B867000
|
heap
|
page read and write
|
||
|
2F7C8FD000
|
stack
|
page read and write
|
||
|
28011CA1000
|
heap
|
page read and write
|
||
|
BE0D77B000
|
stack
|
page read and write
|
||
|
E6DC97E000
|
stack
|
page read and write
|
||
|
BE0D379000
|
stack
|
page read and write
|
||
|
2B131A53000
|
heap
|
page read and write
|
||
|
1C96877000
|
stack
|
page read and write
|
||
|
24098084000
|
heap
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
2409806A000
|
heap
|
page read and write
|
||
|
280172E0000
|
trusted library allocation
|
page read and write
|
||
|
CAA29F9000
|
stack
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
30B13AC000
|
stack
|
page read and write
|
||
|
280171C0000
|
trusted library allocation
|
page read and write
|
||
|
28017420000
|
heap
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
5E47A7B000
|
stack
|
page read and write
|
||
|
1D495E22000
|
heap
|
page read and write
|
||
|
28011C5A000
|
heap
|
page read and write
|
||
|
28012558000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
28011C95000
|
heap
|
page read and write
|
||
|
28012518000
|
heap
|
page read and write
|
||
|
17E0B413000
|
heap
|
page read and write
|
||
|
2B131A48000
|
heap
|
page read and write
|
||
|
A072F7F000
|
stack
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
A07317F000
|
stack
|
page read and write
|
||
|
62215FE000
|
stack
|
page read and write
|
||
|
17DEE850000
|
heap
|
page read and write
|
||
|
28017320000
|
trusted library allocation
|
page read and write
|
||
|
2F7C47B000
|
stack
|
page read and write
|
||
|
17DEEB02000
|
heap
|
page read and write
|
||
|
1D495E13000
|
heap
|
page read and write
|
||
|
30B17FB000
|
stack
|
page read and write
|
||
|
1667B860000
|
heap
|
page read and write
|
||
|
576000
|
heap
|
page read and write
|
||
|
19EAF502000
|
heap
|
page read and write
|
||
|
2B1317E0000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
BE0D87E000
|
stack
|
page read and write
|
||
|
28011B60000
|
heap
|
page read and write
|
||
|
2B131A00000
|
heap
|
page read and write
|
||
|
1C9657F000
|
stack
|
page read and write
|
||
|
A46000
|
heap
|
page read and write
|
||
|
1667B879000
|
heap
|
page read and write
|
||
|
1F9D4670000
|
trusted library allocation
|
page read and write
|
||
|
280174B3000
|
heap
|
page read and write
|
||
|
1D496530000
|
trusted library allocation
|
page read and write
|
||
|
19EAF46B000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
24097EA0000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
19EAF46B000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
19EAF500000
|
heap
|
page read and write
|
||
|
2F7C7FE000
|
stack
|
page read and write
|
||
|
1D917477000
|
heap
|
page read and write
|
||
|
280171C0000
|
trusted library allocation
|
page read and write
|
||
|
24098056000
|
heap
|
page read and write
|
||
|
17DEEA02000
|
heap
|
page read and write
|
||
|
28011D26000
|
heap
|
page read and write
|
||
|
28011CAE000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
6EAC6000
|
unkown
|
page readonly
|
||
|
28011B00000
|
heap
|
page read and write
|
There are 514 hidden memdumps, click here to show them.