Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SY5DeZW6pz.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\AutoIt3\Examples\Helpfile\Extras\MyProg.exe
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SY5DeZW6pz.exe_5a1e64436764aeb06a12223e505a1adc0f838d9_cfc0479b_04a1246b\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\vSQshX.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vSQshX.exe_e41397ed243f95936a1fabef5fb2c6d1bf7554_3e01cb5b_16a9314c\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER182.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Aug 31 21:41:32 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1EED.tmp.dmp
|
Mini DuMP crash report, 15 streams, Wed Aug 31 21:41:40 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER26BE.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2855.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6F2.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8E7.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\k1[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\k2[1].rar
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\584026FF.exe
|
ASCII text
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\7830502D.exe
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\bc49718863ee53e026d805ec372039e9_d06ed635-68f6-4e9a-955c-4899f5f57b9a
|
data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SY5DeZW6pz.exe
|
"C:\Users\user\Desktop\SY5DeZW6pz.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\vSQshX.exe
|
C:\Users\user\AppData\Local\Temp\vSQshX.exe
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5580 -s 532
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5540 -s 1432
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ddos.dnsnb8.net:799/cj//k3.rar%
|
unknown
|
|
|
|
http://gdcbghvjyqy7jclk.onion/3a23db8448d3b2b
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k3.rar
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar%
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k2.rar
|
63.251.106.25
|
|
|
|
http://ddos.dnsnb8.net/&
|
unknown
|
|
|
|
http://ddos.dnsnb8.net:799/cj//k1.rar
|
63.251.106.25
|
|
|
|
http://www.activestate.com
|
unknown
|
||
|
http://www.develop.comYann
|
unknown
|
||
|
http://%s:%d/%s/%sZwQuerySystemInformationntdll.dllNtSystemDebugControlSeDebugPrivilege%s%.8x.bat:DE
|
unknown
|
||
|
http://www.baanboard.comPraveen
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://www.rftp.com
|
unknown
|
||
|
https://www.torproject.org/
|
unknown
|
||
|
http://www.scintilla.org
|
unknown
|
||
|
http://www.activestate.comJames
|
unknown
|
||
|
http://www.develop.com
|
unknown
|
||
|
http://www.lua.org
|
unknown
|
||
|
http://www.spaceblue.comDenis
|
unknown
|
||
|
http://www.spaceblue.com
|
unknown
|
||
|
http://www.rftp.comSteve
|
unknown
|
||
|
http://www.baanboard.com
|
unknown
|
||
|
http://www.scintila.org/scite.rng
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/scite
|
unknown
|
||
|
https://tox.chat/download.html
|
unknown
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ddos.dnsnb8.net
|
63.251.106.25
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
63.251.106.25
|
ddos.dnsnb8.net
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHivePermissionsCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHiveOwnerCorrect
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
ProgramId
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
FileId
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
LongPathHash
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
Name
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
Publisher
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
Version
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
BinFileVersion
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
BinaryType
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
ProductName
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
ProductVersion
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
LinkDate
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
BinProductVersion
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
Size
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
Language
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
IsPeFile
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\sy5dezw6pz.exe|c5f0e3c3
|
IsOsComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00184006417502B9
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
ProgramId
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
FileId
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
LongPathHash
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
Name
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
Publisher
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
Version
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
BinFileVersion
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
BinaryType
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
ProductName
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
ProductVersion
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
LinkDate
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
BinProductVersion
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
Size
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
Language
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
IsPeFile
|
||
|
\REGISTRY\A\{8778895a-662c-2c43-e801-8c46cd5867ed}\Root\InventoryApplicationFile\vsqshx.exe|7df02bf0
|
IsOsComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F39A000
|
unkown
|
page readonly
|
|
|
|
F3A2000
|
unkown
|
page write copy
|
|
|
|
F3A2000
|
unkown
|
page write copy
|
|
|
|
F39A000
|
unkown
|
page readonly
|
|
|
|
3760000
|
unkown
|
page write copy
|
|
|
|
F3A2000
|
unkown
|
page write copy
|
|
|
|
F3A2000
|
unkown
|
page write copy
|
|
|
|
F39A000
|
unkown
|
page readonly
|
|
|
|
F39A000
|
unkown
|
page readonly
|
|
|
|
3760000
|
unkown
|
page write copy
|
|
|
|
12FC000
|
stack
|
page read and write
|
||
|
178A000
|
heap
|
page read and write
|
||
|
3687000
|
stack
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
22D0EAEF000
|
heap
|
page read and write
|
||
|
4BFED7F000
|
stack
|
page read and write
|
||
|
1700000
|
direct allocation
|
page read and write
|
||
|
1CE63463000
|
heap
|
page read and write
|
||
|
F391000
|
unkown
|
page execute read
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
267E01A0000
|
heap
|
page read and write
|
||
|
1F9FD300000
|
trusted library allocation
|
page read and write
|
||
|
155F5A59000
|
heap
|
page read and write
|
||
|
3823000
|
heap
|
page read and write
|
||
|
22089570000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
13C9000
|
heap
|
page read and write
|
||
|
267E0E90000
|
trusted library allocation
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
22D0F571000
|
heap
|
page read and write
|
||
|
F3A6000
|
unkown
|
page execute and read and write
|
||
|
22D0EAB1000
|
heap
|
page read and write
|
||
|
C24000
|
unkown
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
1CE6347D000
|
heap
|
page read and write
|
||
|
1700000
|
direct allocation
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
1F9FD228000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
22D0EAA6000
|
heap
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
1CE63400000
|
heap
|
page read and write
|
||
|
127D000
|
stack
|
page read and write
|
||
|
1730000
|
direct allocation
|
page read and write
|
||
|
14C5000
|
heap
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
81C897F000
|
stack
|
page read and write
|
||
|
13C9000
|
heap
|
page read and write
|
||
|
155F5A52000
|
heap
|
page read and write
|
||
|
380F000
|
stack
|
page read and write
|
||
|
1437000
|
heap
|
page read and write
|
||
|
3FCE000
|
stack
|
page read and write
|
||
|
1CE63460000
|
heap
|
page read and write
|
||
|
17A6000
|
heap
|
page read and write
|
||
|
22D0F551000
|
heap
|
page read and write
|
||
|
C26000
|
unkown
|
page execute and write copy
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
54BBDCE000
|
stack
|
page read and write
|
||
|
155F5A56000
|
heap
|
page read and write
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
211A0713000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
155F5A8F000
|
heap
|
page read and write
|
||
|
3D8E000
|
stack
|
page read and write
|
||
|
211A0682000
|
heap
|
page read and write
|
||
|
267E01E5000
|
heap
|
page read and write
|
||
|
211A064C000
|
heap
|
page read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
415F000
|
stack
|
page read and write
|
||
|
1F9FD700000
|
heap
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
1F9FD302000
|
trusted library allocation
|
page read and write
|
||
|
155F5860000
|
heap
|
page read and write
|
||
|
1700000
|
direct allocation
|
page read and write
|
||
|
140A000
|
heap
|
page read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
1F9FD717000
|
heap
|
page read and write
|
||
|
22D0EAA2000
|
heap
|
page read and write
|
||
|
F3A4000
|
unkown
|
page readonly
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
17B5000
|
heap
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
73C1DCF000
|
stack
|
page read and write
|
||
|
22D0EA13000
|
heap
|
page read and write
|
||
|
1CE63481000
|
heap
|
page read and write
|
||
|
267E1110000
|
trusted library allocation
|
page read and write
|
||
|
F3AB000
|
unkown
|
page write copy
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
155F5B00000
|
heap
|
page read and write
|
||
|
155F5A29000
|
heap
|
page read and write
|
||
|
54BC4FE000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
17C8000
|
heap
|
page read and write
|
||
|
140D000
|
heap
|
page read and write
|
||
|
415F000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
F390000
|
unkown
|
page readonly
|
||
|
155F5A55000
|
heap
|
page read and write
|
||
|
138C000
|
heap
|
page read and write
|
||
|
22D0EA29000
|
heap
|
page read and write
|
||
|
1CE63493000
|
heap
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
73C21FE000
|
stack
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
142E000
|
heap
|
page read and write
|
||
|
1700000
|
direct allocation
|
page read and write
|
||
|
211A0E02000
|
trusted library allocation
|
page read and write
|
||
|
1730000
|
direct allocation
|
page read and write
|
||
|
4160000
|
trusted library allocation
|
page read and write
|
||
|
4BFE87C000
|
stack
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
267E10E0000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
358D000
|
stack
|
page read and write
|
||
|
4BFEE78000
|
stack
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
22D0F595000
|
heap
|
page read and write
|
||
|
C26000
|
unkown
|
page execute and read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
22D0EAC1000
|
heap
|
page read and write
|
||
|
3FCE000
|
stack
|
page read and write
|
||
|
22D0EAF9000
|
heap
|
page read and write
|
||
|
53D207C000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
267E02D5000
|
heap
|
page read and write
|
||
|
4000000
|
remote allocation
|
page read and write
|
||
|
155F5A4E000
|
heap
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
22D0EB13000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
153D000
|
stack
|
page read and write
|
||
|
F390000
|
unkown
|
page readonly
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
1700000
|
direct allocation
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
155F5A48000
|
heap
|
page read and write
|
||
|
320F000
|
stack
|
page read and write
|
||
|
22089620000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
155F5A50000
|
heap
|
page read and write
|
||
|
1CE63500000
|
heap
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
267E0050000
|
heap
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
13E4000
|
heap
|
page read and write
|
||
|
380F000
|
stack
|
page read and write
|
||
|
1CE63402000
|
heap
|
page read and write
|
||
|
54BC2FB000
|
stack
|
page read and write
|
||
|
14C5000
|
heap
|
page read and write
|
||
|
3E8E000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
396E000
|
stack
|
page read and write
|
||
|
182B000
|
heap
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
53D227C000
|
stack
|
page read and write
|
||
|
320F000
|
stack
|
page read and write
|
||
|
211A0480000
|
heap
|
page read and write
|
||
|
155F58D0000
|
heap
|
page read and write
|
||
|
73C1D4A000
|
stack
|
page read and write
|
||
|
22D0EAC8000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
16DE000
|
stack
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
1730000
|
direct allocation
|
page read and write
|
||
|
1730000
|
direct allocation
|
page read and write
|
||
|
22D0EA00000
|
heap
|
page read and write
|
||
|
3D2A000
|
stack
|
page read and write
|
||
|
ED075F9000
|
stack
|
page read and write
|
||
|
1CE63280000
|
heap
|
page read and write
|
||
|
211A0410000
|
heap
|
page read and write
|
||
|
1F9FD323000
|
heap
|
page read and write
|
||
|
F3A4000
|
unkown
|
page readonly
|
||
|
3823000
|
heap
|
page read and write
|
||
|
22D0EAE2000
|
heap
|
page read and write
|
||
|
396E000
|
stack
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
3820000
|
heap
|
page read and write
|
||
|
3687000
|
stack
|
page read and write
|
||
|
3AEE000
|
stack
|
page read and write
|
||
|
4BFEC77000
|
stack
|
page read and write
|
||
|
81C86FB000
|
stack
|
page read and write
|
||
|
155F5A54000
|
heap
|
page read and write
|
||
|
137C000
|
stack
|
page read and write
|
||
|
1710000
|
remote allocation
|
page read and write
|
||
|
22089960000
|
heap
|
page read and write
|
||
|
182B000
|
heap
|
page read and write
|
||
|
BED077F000
|
stack
|
page read and write
|
||
|
1700000
|
direct allocation
|
page execute and read and write
|
||
|
22D0E9C0000
|
heap
|
page read and write
|
||
|
22D0EA85000
|
heap
|
page read and write
|
||
|
1CE63502000
|
heap
|
page read and write
|
||
|
1CE63413000
|
heap
|
page read and write
|
||
|
1827000
|
heap
|
page read and write
|
||
|
22D0E9F0000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
1CE63466000
|
heap
|
page read and write
|
||
|
16E0000
|
direct allocation
|
page read and write
|
||
|
16AF000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
4BFEA7D000
|
stack
|
page read and write
|
||
|
321D000
|
stack
|
page read and write
|
||
|
53D237B000
|
stack
|
page read and write
|
||
|
16FD000
|
stack
|
page read and write
|
||
|
332C000
|
heap
|
page read and write
|
||
|
C21000
|
unkown
|
page execute read
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
1F9FD20D000
|
unkown
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
211A0580000
|
trusted library allocation
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
140D000
|
heap
|
page read and write
|
||
|
155F5B13000
|
heap
|
page read and write
|
||
|
211A0652000
|
heap
|
page read and write
|
||
|
4BFE8FE000
|
stack
|
page read and write
|
||
|
F391000
|
unkown
|
page execute read
|
||
|
149E000
|
stack
|
page read and write
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
211A0602000
|
heap
|
page read and write
|
||
|
C21000
|
unkown
|
page execute read
|
||
|
211A0613000
|
heap
|
page read and write
|
||
|
220897C0000
|
heap
|
page read and write
|
||
|
3D2A000
|
stack
|
page read and write
|
||
|
13C9000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
137C000
|
stack
|
page read and write
|
||
|
267E01A8000
|
heap
|
page read and write
|
||
|
16D0000
|
direct allocation
|
page read and write
|
||
|
3FCE000
|
stack
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
81C83EE000
|
stack
|
page read and write
|
||
|
155F5A4B000
|
heap
|
page read and write
|
||
|
415F000
|
stack
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
211A0670000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
F3A6000
|
unkown
|
page execute and write copy
|
||
|
54BC1FF000
|
stack
|
page read and write
|
||
|
211A0420000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page read and write
|
||
|
FF0000
|
unkown
|
page read and write
|
||
|
81C887F000
|
stack
|
page read and write
|
||
|
30C9000
|
stack
|
page read and write
|
||
|
1700000
|
direct allocation
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
22D0F596000
|
heap
|
page read and write
|
||
|
155F5870000
|
heap
|
page read and write
|
||
|
3FD0000
|
trusted library section
|
page readonly
|
||
|
169E000
|
stack
|
page read and write
|
||
|
13EF000
|
heap
|
page read and write
|
||
|
137C000
|
stack
|
page read and write
|
||
|
FEC000
|
stack
|
page read and write
|
||
|
1CE63477000
|
heap
|
page read and write
|
||
|
267E0300000
|
trusted library allocation
|
page read and write
|
||
|
54BC6FF000
|
stack
|
page read and write
|
||
|
370E000
|
stack
|
page read and write
|
||
|
211A0681000
|
heap
|
page read and write
|
||
|
F391000
|
unkown
|
page execute read
|
||
|
3D8E000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
73C227D000
|
stack
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
155F5B02000
|
heap
|
page read and write
|
||
|
1F9FD23A000
|
heap
|
page read and write
|
||
|
13B9000
|
heap
|
page read and write
|
||
|
267E01B0000
|
heap
|
page read and write
|
||
|
1CE633E0000
|
trusted library allocation
|
page read and write
|
||
|
267E02A0000
|
heap
|
page read and write
|
||
|
C23000
|
unkown
|
page readonly
|
||
|
54BC07E000
|
stack
|
page read and write
|
||
|
127D000
|
stack
|
page read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
F3A7000
|
unkown
|
page execute and write copy
|
||
|
BED07FB000
|
stack
|
page read and write
|
||
|
F390000
|
unkown
|
page readonly
|
||
|
1F9FD600000
|
heap
|
page read and write
|
||
|
BED067C000
|
stack
|
page read and write
|
||
|
22D0F500000
|
heap
|
page read and write
|
||
|
4160000
|
trusted library allocation
|
page read and write
|
||
|
81C87FB000
|
stack
|
page read and write
|
||
|
14C5000
|
heap
|
page read and write
|
||
|
1730000
|
direct allocation
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
1827000
|
heap
|
page read and write
|
||
|
81C8A77000
|
stack
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
13EF000
|
heap
|
page read and write
|
||
|
F391000
|
unkown
|
page execute read
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
30C9000
|
stack
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
1F9FD213000
|
unkown
|
page read and write
|
||
|
3D2A000
|
stack
|
page read and write
|
||
|
3ECE000
|
stack
|
page read and write
|
||
|
22D0F512000
|
heap
|
page read and write
|
||
|
ED071FC000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
211A0600000
|
heap
|
page read and write
|
||
|
155F5A8B000
|
heap
|
page read and write
|
||
|
182B000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
332C000
|
heap
|
page read and write
|
||
|
54BBD4B000
|
stack
|
page read and write
|
||
|
380F000
|
stack
|
page read and write
|
||
|
F3A6000
|
unkown
|
page execute and read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
267E10F0000
|
heap
|
page readonly
|
||
|
211A0708000
|
heap
|
page read and write
|
||
|
211A0629000
|
heap
|
page read and write
|
||
|
F3A6000
|
unkown
|
page execute and read and write
|
||
|
370E000
|
stack
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
22D0F320000
|
remote allocation
|
page read and write
|
||
|
3C2C000
|
stack
|
page read and write
|
||
|
211A068C000
|
heap
|
page read and write
|
||
|
4BFEB7A000
|
stack
|
page read and write
|
||
|
1730000
|
direct allocation
|
page read and write
|
||
|
267E01ED000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
3E8E000
|
stack
|
page read and write
|
||
|
267E01ED000
|
heap
|
page read and write
|
||
|
267E0E20000
|
trusted library allocation
|
page read and write
|
||
|
220895D0000
|
heap
|
page read and write
|
||
|
22D0EAA7000
|
heap
|
page read and write
|
||
|
53D20FF000
|
stack
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
C26000
|
unkown
|
page execute and read and write
|
||
|
155F59D0000
|
trusted library allocation
|
page read and write
|
||
|
1CE63270000
|
heap
|
page read and write
|
||
|
22D0F402000
|
heap
|
page read and write
|
||
|
3ECE000
|
stack
|
page read and write
|
||
|
155F5A51000
|
heap
|
page read and write
|
||
|
C26000
|
unkown
|
page execute and read and write
|
||
|
1F9FD315000
|
trusted library allocation
|
page read and write
|
||
|
3ECC000
|
stack
|
page read and write
|
||
|
396E000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1740000
|
trusted library allocation
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
143A000
|
heap
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
22D0EAEC000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
BED06FF000
|
stack
|
page read and write
|
||
|
14A0000
|
direct allocation
|
page read and write
|
||
|
3AEE000
|
stack
|
page read and write
|
||
|
F3A4000
|
unkown
|
page readonly
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
3D8E000
|
stack
|
page read and write
|
||
|
16DE000
|
stack
|
page read and write
|
||
|
1700000
|
direct allocation
|
page read and write
|
||
|
1F9FD0D0000
|
heap
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
17CE000
|
heap
|
page read and write
|
||
|
3AEE000
|
stack
|
page read and write
|
||
|
BED08FF000
|
stack
|
page read and write
|
||
|
178A000
|
heap
|
page read and write
|
||
|
F3A7000
|
unkown
|
page execute and write copy
|
||
|
22D0F320000
|
remote allocation
|
page read and write
|
||
|
181A000
|
stack
|
page read and write
|
||
|
22D0F573000
|
heap
|
page read and write
|
||
|
16AF000
|
stack
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
3820000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
73C207F000
|
stack
|
page read and write
|
||
|
22D0F518000
|
heap
|
page read and write
|
||
|
142E000
|
heap
|
page read and write
|
||
|
22D0F573000
|
heap
|
page read and write
|
||
|
22D0F57B000
|
heap
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
16FD000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
16DE000
|
stack
|
page read and write
|
||
|
267E02D0000
|
heap
|
page read and write
|
||
|
1730000
|
direct allocation
|
page read and write
|
||
|
1CE63508000
|
heap
|
page read and write
|
||
|
C23000
|
unkown
|
page readonly
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
332C000
|
heap
|
page read and write
|
||
|
155F5A4A000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
267E0060000
|
trusted library allocation
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3FD0000
|
trusted library section
|
page readonly
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
22D0F584000
|
heap
|
page read and write
|
||
|
F3A4000
|
unkown
|
page readonly
|
||
|
211A0700000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
153D000
|
stack
|
page read and write
|
||
|
3823000
|
heap
|
page read and write
|
||
|
14A0000
|
direct allocation
|
page read and write
|
||
|
220895F0000
|
heap
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
54BC17B000
|
stack
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
3C2C000
|
stack
|
page read and write
|
||
|
C24000
|
unkown
|
page read and write
|
||
|
267E02D9000
|
heap
|
page read and write
|
||
|
30C9000
|
stack
|
page read and write
|
||
|
53D267F000
|
stack
|
page read and write
|
||
|
BED0979000
|
stack
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
358D000
|
stack
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
1700000
|
direct allocation
|
page read and write
|
||
|
3BEF000
|
stack
|
page read and write
|
||
|
370E000
|
stack
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
320F000
|
stack
|
page read and write
|
||
|
1F9FD140000
|
heap
|
page read and write
|
||
|
140D000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
267E01ED000
|
heap
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
155F5A4D000
|
heap
|
page read and write
|
||
|
F390000
|
unkown
|
page readonly
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
1F9FD200000
|
unkown
|
page read and write
|
||
|
405E000
|
stack
|
page read and write
|
||
|
211A064F000
|
heap
|
page read and write
|
||
|
1CE6347D000
|
heap
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
155F5A13000
|
heap
|
page read and write
|
||
|
1F9FD237000
|
heap
|
page read and write
|
||
|
14A0000
|
direct allocation
|
page read and write
|
||
|
142E000
|
heap
|
page read and write
|
||
|
4BFEF7F000
|
stack
|
page read and write
|
||
|
4BFE97E000
|
stack
|
page read and write
|
||
|
3FD0000
|
trusted library section
|
page readonly
|
||
|
53D257F000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
1CE6345C000
|
heap
|
page read and write
|
||
|
1F9FD613000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
181B000
|
stack
|
page read and write
|
||
|
181B000
|
stack
|
page read and write
|
||
|
3BEF000
|
stack
|
page read and write
|
||
|
13EB000
|
heap
|
page read and write
|
||
|
54BC5FD000
|
stack
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
22D0EA3C000
|
heap
|
page read and write
|
||
|
54BC3F7000
|
stack
|
page read and write
|
||
|
3C2C000
|
stack
|
page read and write
|
||
|
ED0707D000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
155F5B08000
|
heap
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
1CE632E0000
|
heap
|
page read and write
|
||
|
C21000
|
unkown
|
page execute read
|
||
|
267E1100000
|
trusted library allocation
|
page read and write
|
||
|
22D0E950000
|
heap
|
page read and write
|
||
|
22D0F562000
|
heap
|
page read and write
|
||
|
81C836D000
|
stack
|
page read and write
|
||
|
3690000
|
heap
|
page read and write
|
||
|
13C7000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
22D0EB02000
|
heap
|
page read and write
|
||
|
4BFF07C000
|
stack
|
page read and write
|
||
|
F3A7000
|
unkown
|
page execute and write copy
|
||
|
4000000
|
remote allocation
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
16AF000
|
stack
|
page read and write
|
||
|
1CE63477000
|
heap
|
page read and write
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
1710000
|
remote allocation
|
page read and write
|
||
|
22D0F585000
|
heap
|
page read and write
|
||
|
197E000
|
stack
|
page read and write
|
||
|
1CE6345E000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
1CE63C02000
|
trusted library allocation
|
page read and write
|
||
|
405E000
|
stack
|
page read and write
|
||
|
127D000
|
stack
|
page read and write
|
||
|
155F5A58000
|
heap
|
page read and write
|
||
|
13EF000
|
heap
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
1CE63488000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
178A000
|
heap
|
page read and write
|
||
|
1F9FD702000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
F80000
|
unkown
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
211A0702000
|
heap
|
page read and write
|
||
|
386E000
|
stack
|
page read and write
|
||
|
22D0EAD9000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
1CE63513000
|
heap
|
page read and write
|
||
|
22D0EA5B000
|
heap
|
page read and write
|
||
|
1F9FD602000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
F3AB000
|
unkown
|
page write copy
|
||
|
267E02E0000
|
heap
|
page read and write
|
||
|
53D217E000
|
stack
|
page read and write
|
||
|
267E0EA0000
|
trusted library allocation
|
page read and write
|
||
|
386E000
|
stack
|
page read and write
|
||
|
405E000
|
stack
|
page read and write
|
||
|
C21000
|
unkown
|
page execute and write copy
|
||
|
140D000
|
heap
|
page read and write
|
||
|
22089965000
|
heap
|
page read and write
|
||
|
13EF000
|
heap
|
page read and write
|
||
|
1F9FD713000
|
heap
|
page read and write
|
||
|
FEC000
|
stack
|
page read and write
|
||
|
4BFEEFE000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
358D000
|
stack
|
page read and write
|
||
|
F3AB000
|
unkown
|
page write copy
|
||
|
ED073FF000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
155F5A49000
|
heap
|
page read and write
|
||
|
197E000
|
stack
|
page read and write
|
||
|
3690000
|
heap
|
page read and write
|
||
|
386E000
|
stack
|
page read and write
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
1827000
|
heap
|
page read and write
|
||
|
3687000
|
stack
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
140E000
|
heap
|
page read and write
|
||
|
155F5A00000
|
heap
|
page read and write
|
||
|
14A0000
|
direct allocation
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
3820000
|
heap
|
page read and write
|
||
|
197F000
|
stack
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
1CE6343C000
|
heap
|
page read and write
|
||
|
73C2179000
|
stack
|
page read and write
|
||
|
1CE63429000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3690000
|
heap
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
1F9FD702000
|
heap
|
page read and write
|
||
|
211A063C000
|
heap
|
page read and write
|
||
|
22D0E960000
|
heap
|
page read and write
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
3BEF000
|
stack
|
page read and write
|
||
|
267E01EF000
|
heap
|
page read and write
|
||
|
22D0EAEF000
|
heap
|
page read and write
|
||
|
22D0F320000
|
remote allocation
|
page read and write
|
||
|
155F5A70000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
ED074FE000
|
stack
|
page read and write
|
||
|
332C000
|
heap
|
page read and write
|
||
|
138D000
|
heap
|
page read and write
|
||
|
73C20FE000
|
stack
|
page read and write
|
||
|
3E8E000
|
stack
|
page read and write
|
||
|
53D2477000
|
stack
|
page read and write
|
||
|
1CE63454000
|
heap
|
page read and write
|
||
|
155F5A3C000
|
heap
|
page read and write
|
||
|
1F9FD23B000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
C23000
|
unkown
|
page write copy
|
||
|
155F5A7E000
|
heap
|
page read and write
|
||
|
155F6202000
|
trusted library allocation
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
F3AB000
|
unkown
|
page write copy
|
||
|
1700000
|
direct allocation
|
page execute and read and write
|
||
|
C24000
|
unkown
|
page read and write
|
||
|
4160000
|
trusted library allocation
|
page read and write
|
||
|
81C82EC000
|
stack
|
page read and write
|
||
|
FEC000
|
stack
|
page read and write
|
||
|
BED0879000
|
stack
|
page read and write
|
||
|
81C8B7F000
|
stack
|
page read and write
|
||
|
1F9FD0E0000
|
trusted library allocation
|
page read and write
|
||
|
C23000
|
unkown
|
page readonly
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
1F9FD202000
|
unkown
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
There are 594 hidden memdumps, click here to show them.