Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
O8ZHhytWhn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Microsoft\wjaoab.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\eb42b1a5c308fc11edf1ddbdd25c8486_d06ed635-68f6-4e9a-955c-4899f5f57b9a
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\O8ZHhytWhn.exe
|
"C:\Users\user\Desktop\O8ZHhytWhn.exe"
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.coin dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns2.soprodns.ru
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\wjaoab.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\wjaoab.exe"
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.coin dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.coin dns1.soprodns.ru
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\wjaoab.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\wjaoab.exe"
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.coin dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.coin dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.coin dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.coin dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.coin dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup nomoreransom.bit dns2.soprodns.ru
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
nslookup gandcrab.bit dns1.soprodns.ru
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 40 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://gdcbghvjyqy7jclk.onion/3a23db8448d3b2b
|
unknown
|
|
|
|
https://www.torproject.org/
|
unknown
|
||
|
https://tox.chat/download.html
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
nomoreransom.coin
|
unknown
|
|
|
|
nomoreransom.bit
|
unknown
|
|
|
|
gandcrab.bit
|
unknown
|
|
|
|
dns1.soprodns.ru
|
unknown
|
|
|
|
dns2.soprodns.ru
|
unknown
|
|
|
|
ipv4bot.whatismyipaddress.com
|
unknown
|
||
|
8.8.8.8.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
|
wzugsdsqebh
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
FBCA000
|
unkown
|
page readonly
|
|
|
|
F1DA000
|
unkown
|
page readonly
|
|
|
|
FBD2000
|
unkown
|
page write copy
|
|
|
|
F1E2000
|
unkown
|
page write copy
|
|
|
|
FBD2000
|
unkown
|
page write copy
|
|
|
|
FBCA000
|
unkown
|
page readonly
|
|
|
|
FBD2000
|
unkown
|
page write copy
|
|
|
|
F1E2000
|
unkown
|
page read and write
|
|
|
|
FBCA000
|
unkown
|
page readonly
|
|
|
|
FBD2000
|
unkown
|
page write copy
|
|
|
|
FBCA000
|
unkown
|
page readonly
|
|
|
|
F1DA000
|
unkown
|
page readonly
|
|
|
|
16DF4C4D000
|
heap
|
page read and write
|
||
|
16AA7E91000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
27EA5A63000
|
heap
|
page read and write
|
||
|
B26547A000
|
stack
|
page read and write
|
||
|
27EA5A10000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
9E18A7B000
|
stack
|
page read and write
|
||
|
25F53510000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA5C00000
|
trusted library allocation
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
16AA87AF000
|
heap
|
page read and write
|
||
|
B26517A000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA57B0000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
direct allocation
|
page execute and read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
111FCC31000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
1EE4DA80000
|
heap
|
page read and write
|
||
|
9C0000
|
direct allocation
|
page read and write
|
||
|
B264DFB000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
3E4A47A000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
18E633B0000
|
trusted library allocation
|
page read and write
|
||
|
46D637F000
|
stack
|
page read and write
|
||
|
25F53600000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
16AA8743000
|
heap
|
page read and write
|
||
|
111FCC5C000
|
heap
|
page read and write
|
||
|
B264FFE000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
9E18B7C000
|
stack
|
page read and write
|
||
|
27EA0B00000
|
heap
|
page read and write
|
||
|
331D000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
627EDFD000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
18E62AA0000
|
heap
|
page read and write
|
||
|
16AA8722000
|
heap
|
page read and write
|
||
|
8E0000
|
direct allocation
|
page execute and read and write
|
||
|
27EA0258000
|
heap
|
page read and write
|
||
|
25F53702000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA0241000
|
heap
|
page read and write
|
||
|
25F53671000
|
heap
|
page read and write
|
||
|
16DF4AD0000
|
heap
|
page read and write
|
||
|
16AA7FE5000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
25F53665000
|
heap
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
130E1BF0000
|
remote allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
18E62C29000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
800000
|
trusted library allocation
|
page read and write
|
||
|
18E62D08000
|
heap
|
page read and write
|
||
|
27EA0120000
|
heap
|
page read and write
|
||
|
111FCC5A000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
16AA87C8000
|
heap
|
page read and write
|
||
|
25F53580000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
111FCC55000
|
heap
|
page read and write
|
||
|
111FCC5E000
|
heap
|
page read and write
|
||
|
16AA8792000
|
heap
|
page read and write
|
||
|
111FCC63000
|
heap
|
page read and write
|
||
|
16AA7D10000
|
trusted library allocation
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
111FCC4D000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
1EE4DC02000
|
heap
|
page read and write
|
||
|
1EE4DAD0000
|
heap
|
page read and write
|
||
|
130E1C29000
|
heap
|
page read and write
|
||
|
27EA026F000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA0B18000
|
heap
|
page read and write
|
||
|
16AA7E00000
|
heap
|
page read and write
|
||
|
16AA8602000
|
heap
|
page read and write
|
||
|
27EA1720000
|
trusted library allocation
|
page read and write
|
||
|
111FCC13000
|
heap
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
16AA7E52000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
10067E000
|
stack
|
page read and write
|
||
|
27EA1360000
|
trusted library section
|
page readonly
|
||
|
18E62D00000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
9E1887C000
|
stack
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
27EA5AA6000
|
heap
|
page read and write
|
||
|
111FCC6A000
|
heap
|
page read and write
|
||
|
27EA5AF0000
|
heap
|
page read and write
|
||
|
16AA7E68000
|
heap
|
page read and write
|
||
|
111FD402000
|
trusted library allocation
|
page read and write
|
||
|
BA7DAF9000
|
stack
|
page read and write
|
||
|
111FCC75000
|
heap
|
page read and write
|
||
|
A2F000
|
heap
|
page read and write
|
||
|
16AA8702000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
25F5363D000
|
heap
|
page read and write
|
||
|
9D0000
|
direct allocation
|
page read and write
|
||
|
4FB27E000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
8D0000
|
direct allocation
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
25F53602000
|
heap
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
111FCC40000
|
heap
|
page read and write
|
||
|
16AA8827000
|
heap
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
1EE4DC47000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA1350000
|
trusted library section
|
page readonly
|
||
|
111FCC5D000
|
heap
|
page read and write
|
||
|
27EA5A56000
|
heap
|
page read and write
|
||
|
4FADCB000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
16AA7E59000
|
heap
|
page read and write
|
||
|
16AA7E43000
|
heap
|
page read and write
|
||
|
111FCC77000
|
heap
|
page read and write
|
||
|
27EA5AFD000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
9D0000
|
direct allocation
|
page read and write
|
||
|
27EA58E4000
|
trusted library allocation
|
page read and write
|
||
|
130E1C13000
|
heap
|
page read and write
|
||
|
25F54002000
|
trusted library allocation
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
16DF4D02000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16DF4C7F000
|
heap
|
page read and write
|
||
|
B264F7E000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
25F53675000
|
heap
|
page read and write
|
||
|
CA0000
|
direct allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
18E62C67000
|
heap
|
page read and write
|
||
|
1EE4DBD0000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
111FCC84000
|
heap
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
B26567F000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA0229000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA5A20000
|
heap
|
page read and write
|
||
|
1EE4DC13000
|
heap
|
page read and write
|
||
|
16AA7BA0000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16DF4C52000
|
heap
|
page read and write
|
||
|
130E1A60000
|
heap
|
page read and write
|
||
|
AE0000
|
direct allocation
|
page execute and read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
111FCC42000
|
heap
|
page read and write
|
||
|
18E62B10000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
9E1907F000
|
stack
|
page read and write
|
||
|
A11000
|
heap
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
346B000
|
direct allocation
|
page execute and read and write
|
||
|
27EA57A0000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
16AA7E55000
|
heap
|
page read and write
|
||
|
3E49FFA000
|
stack
|
page read and write
|
||
|
25F5366B000
|
heap
|
page read and write
|
||
|
111FCC64000
|
heap
|
page read and write
|
||
|
27EA5904000
|
trusted library allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
9D0000
|
direct allocation
|
page read and write
|
||
|
16AA7F13000
|
heap
|
page read and write
|
||
|
27EA59D0000
|
trusted library allocation
|
page read and write
|
||
|
16AA8722000
|
heap
|
page read and write
|
||
|
9C0000
|
direct allocation
|
page execute and read and write
|
||
|
46D627C000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
25F53627000
|
heap
|
page read and write
|
||
|
9E1917E000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16AA7BB0000
|
heap
|
page read and write
|
||
|
B2645BB000
|
stack
|
page read and write
|
||
|
16AA876F000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
111FCC26000
|
heap
|
page read and write
|
||
|
1EE4DD02000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
A57000
|
heap
|
page read and write
|
||
|
27EA5720000
|
trusted library allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
E0F000
|
stack
|
page read and write
|
||
|
16AA8700000
|
heap
|
page read and write
|
||
|
111FCC29000
|
heap
|
page read and write
|
||
|
18E62AB0000
|
heap
|
page read and write
|
||
|
111FCC60000
|
heap
|
page read and write
|
||
|
130E1C41000
|
heap
|
page read and write
|
||
|
27EA0A15000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA0B18000
|
heap
|
page read and write
|
||
|
27EA1713000
|
trusted library allocation
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
9E18E7D000
|
stack
|
page read and write
|
||
|
111FCC56000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA02FD000
|
heap
|
page read and write
|
||
|
111FCC7B000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
BA7DCFE000
|
stack
|
page read and write
|
||
|
27EA0292000
|
heap
|
page read and write
|
||
|
1009FD000
|
stack
|
page read and write
|
||
|
111FCC3C000
|
heap
|
page read and write
|
||
|
627EAFB000
|
stack
|
page read and write
|
||
|
B26537F000
|
stack
|
page read and write
|
||
|
27EA5B04000
|
heap
|
page read and write
|
||
|
9D0000
|
direct allocation
|
page read and write
|
||
|
130E1C00000
|
heap
|
page read and write
|
||
|
16AA8754000
|
heap
|
page read and write
|
||
|
27EA1270000
|
trusted library allocation
|
page read and write
|
||
|
627E56B000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA5A20000
|
trusted library allocation
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
291C000
|
stack
|
page read and write
|
||
|
627E9FF000
|
stack
|
page read and write
|
||
|
16AA7E29000
|
heap
|
page read and write
|
||
|
1EE4DC52000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA00C0000
|
heap
|
page read and write
|
||
|
27EA58CE000
|
trusted library allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16AA7E65000
|
heap
|
page read and write
|
||
|
27EA5AE5000
|
heap
|
page read and write
|
||
|
130E1D02000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
direct allocation
|
page read and write
|
||
|
B264CFF000
|
stack
|
page read and write
|
||
|
18E62C60000
|
heap
|
page read and write
|
||
|
18E62C63000
|
heap
|
page read and write
|
||
|
1008FD000
|
stack
|
page read and write
|
||
|
111FCC74000
|
heap
|
page read and write
|
||
|
46D697F000
|
stack
|
page read and write
|
||
|
FBD4000
|
unkown
|
page readonly
|
||
|
277D000
|
stack
|
page read and write
|
||
|
111FCC45000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
18E63402000
|
trusted library allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
FBC0000
|
unkown
|
page readonly
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16AA8823000
|
heap
|
page read and write
|
||
|
16AA8800000
|
heap
|
page read and write
|
||
|
27EA09C0000
|
trusted library allocation
|
page read and write
|
||
|
27EA0A00000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA5AEC000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16DF4C89000
|
heap
|
page read and write
|
||
|
27EA58F0000
|
trusted library allocation
|
page read and write
|
||
|
18E62C7E000
|
heap
|
page read and write
|
||
|
1EE4DA70000
|
heap
|
page read and write
|
||
|
FBC1000
|
unkown
|
page execute read
|
||
|
130E1A50000
|
heap
|
page read and write
|
||
|
27EA029E000
|
heap
|
page read and write
|
||
|
16AA7E3C000
|
heap
|
page read and write
|
||
|
27EA0279000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
4FB47E000
|
stack
|
page read and write
|
||
|
9C0000
|
direct allocation
|
page read and write
|
||
|
627E87F000
|
stack
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
A53000
|
heap
|
page read and write
|
||
|
3460000
|
direct allocation
|
page execute and read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
25F5365A000
|
heap
|
page read and write
|
||
|
3E4A0FF000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
3E4A6FF000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
111FCC59000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
3E4A5FE000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
1007FF000
|
stack
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
321D000
|
stack
|
page read and write
|
||
|
16DF4AC0000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA5C20000
|
remote allocation
|
page read and write
|
||
|
111FCC3A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA1710000
|
trusted library allocation
|
page read and write
|
||
|
9E18D7E000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
820000
|
direct allocation
|
page read and write
|
||
|
18E62C5D000
|
heap
|
page read and write
|
||
|
111FCC00000
|
heap
|
page read and write
|
||
|
16AA8830000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
25F535B0000
|
trusted library allocation
|
page read and write
|
||
|
FBD4000
|
unkown
|
page readonly
|
||
|
18E62D02000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA1390000
|
trusted library section
|
page readonly
|
||
|
18E62C80000
|
heap
|
page read and write
|
||
|
B2651FF000
|
stack
|
page read and write
|
||
|
16AA7E76000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
B264AFC000
|
stack
|
page read and write
|
||
|
46D687C000
|
stack
|
page read and write
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
27EA0313000
|
heap
|
page read and write
|
||
|
9D0000
|
direct allocation
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA0302000
|
heap
|
page read and write
|
||
|
627EEFF000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16AA7E57000
|
heap
|
page read and write
|
||
|
16AA7E73000
|
heap
|
page read and write
|
||
|
16AA7F8E000
|
heap
|
page read and write
|
||
|
111FCD02000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA0276000
|
heap
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
3E49B8B000
|
stack
|
page read and write
|
||
|
3E4A1FB000
|
stack
|
page read and write
|
||
|
27EA0B13000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
130E1AC0000
|
heap
|
page read and write
|
||
|
27EA02AE000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA6000000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA58C0000
|
trusted library allocation
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
16DF5602000
|
trusted library allocation
|
page read and write
|
||
|
3E4A57E000
|
stack
|
page read and write
|
||
|
27EA58E0000
|
trusted library allocation
|
page read and write
|
||
|
130E2402000
|
trusted library allocation
|
page read and write
|
||
|
27EA58C8000
|
trusted library allocation
|
page read and write
|
||
|
335D000
|
stack
|
page read and write
|
||
|
345A000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA0200000
|
heap
|
page read and write
|
||
|
100A7E000
|
stack
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
800000
|
direct allocation
|
page read and write
|
||
|
46D62FE000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
16DF4C70000
|
heap
|
page read and write
|
||
|
111FCC65000
|
heap
|
page read and write
|
||
|
111FCC68000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA00B0000
|
heap
|
page read and write
|
||
|
27EA5900000
|
trusted library allocation
|
page read and write
|
||
|
27EA5AFA000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A1C000
|
heap
|
page read and write
|
||
|
27EA1370000
|
trusted library section
|
page readonly
|
||
|
627ECFE000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA16F1000
|
trusted library allocation
|
page read and write
|
||
|
27EA0B58000
|
heap
|
page read and write
|
||
|
B26507F000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
130E1C56000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
130E1BF0000
|
remote allocation
|
page read and write
|
||
|
16AA7FB9000
|
heap
|
page read and write
|
||
|
10057E000
|
stack
|
page read and write
|
||
|
27EA5B00000
|
heap
|
page read and write
|
||
|
16DF4C13000
|
heap
|
page read and write
|
||
|
16AA7E13000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
10077D000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
1EE4DC00000
|
heap
|
page read and write
|
||
|
FBC1000
|
unkown
|
page execute read
|
||
|
B264EFE000
|
stack
|
page read and write
|
||
|
27EA5A2E000
|
heap
|
page read and write
|
||
|
130E1BF0000
|
remote allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
FBD4000
|
unkown
|
page readonly
|
||
|
A06000
|
heap
|
page read and write
|
||
|
111FCC62000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
8C0000
|
direct allocation
|
page read and write
|
||
|
130E1C02000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
18E62C8A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
1EE4DC2F000
|
heap
|
page read and write
|
||
|
27EA0213000
|
heap
|
page read and write
|
||
|
27EA5730000
|
trusted library allocation
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
810000
|
direct allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
1EE4DC1F000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
111FCC7A000
|
heap
|
page read and write
|
||
|
111FCC32000
|
heap
|
page read and write
|
||
|
FBC0000
|
unkown
|
page readonly
|
||
|
27EA5AF9000
|
heap
|
page read and write
|
||
|
18E62C64000
|
heap
|
page read and write
|
||
|
18E62C79000
|
heap
|
page read and write
|
||
|
1EE4DC3C000
|
heap
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
9C0000
|
direct allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
F1D1000
|
unkown
|
page execute read
|
||
|
9E18C7F000
|
stack
|
page read and write
|
||
|
BA7DBFE000
|
stack
|
page read and write
|
||
|
9E18F7E000
|
stack
|
page read and write
|
||
|
111FCC49000
|
heap
|
page read and write
|
||
|
CB0000
|
direct allocation
|
page read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
1EE4E402000
|
trusted library allocation
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
111FCC57000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
10007B000
|
stack
|
page read and write
|
||
|
9E1937F000
|
stack
|
page read and write
|
||
|
27EA0B02000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
1EE4DC43000
|
heap
|
page read and write
|
||
|
111FC9F0000
|
heap
|
page read and write
|
||
|
16AA8813000
|
heap
|
page read and write
|
||
|
FBD4000
|
unkown
|
page readonly
|
||
|
A06000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA0326000
|
heap
|
page read and write
|
||
|
16AA87BE000
|
heap
|
page read and write
|
||
|
B264BFB000
|
stack
|
page read and write
|
||
|
F1D1000
|
unkown
|
page execute read
|
||
|
2921000
|
heap
|
page read and write
|
||
|
F1D0000
|
unkown
|
page readonly
|
||
|
111FCA50000
|
heap
|
page read and write
|
||
|
27EA5A00000
|
heap
|
page read and write
|
||
|
18E62D13000
|
heap
|
page read and write
|
||
|
18E62C54000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
F1E4000
|
unkown
|
page readonly
|
||
|
9E1927F000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
16AA7E90000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
27EA5990000
|
trusted library allocation
|
page read and write
|
||
|
46D6677000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA5A14000
|
heap
|
page read and write
|
||
|
FBC0000
|
unkown
|
page readonly
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
B2649F7000
|
stack
|
page read and write
|
||
|
F1D0000
|
unkown
|
page readonly
|
||
|
111FCC41000
|
heap
|
page read and write
|
||
|
18E62C3C000
|
heap
|
page read and write
|
||
|
FBC1000
|
unkown
|
page execute read
|
||
|
F1E4000
|
unkown
|
page readonly
|
||
|
16DF4B60000
|
trusted library allocation
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
27EA58F0000
|
trusted library allocation
|
page read and write
|
||
|
130E1BC0000
|
trusted library allocation
|
page read and write
|
||
|
16DF4C29000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
4FB07E000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA5C20000
|
remote allocation
|
page read and write
|
||
|
27EA0274000
|
heap
|
page read and write
|
||
|
627E5EE000
|
stack
|
page read and write
|
||
|
111FCC58000
|
heap
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A43000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16DF4D08000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
111FCC61000
|
heap
|
page read and write
|
||
|
25F53520000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
18E62C13000
|
heap
|
page read and write
|
||
|
FBC1000
|
unkown
|
page execute read
|
||
|
9C0000
|
direct allocation
|
page read and write
|
||
|
627EBF7000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
4FB0FE000
|
stack
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
16AA7D30000
|
trusted library allocation
|
page read and write
|
||
|
27EA1380000
|
trusted library section
|
page readonly
|
||
|
25F53713000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
25F53613000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA5A87000
|
heap
|
page read and write
|
||
|
272E000
|
stack
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
B2652FD000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
16AA7E88000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
9C0000
|
direct allocation
|
page read and write
|
||
|
27EA5B02000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
9C0000
|
direct allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A58000
|
heap
|
page read and write
|
||
|
18E62C7E000
|
heap
|
page read and write
|
||
|
3E4A279000
|
stack
|
page read and write
|
||
|
BA7D9FE000
|
stack
|
page read and write
|
||
|
16AA7E84000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA5C20000
|
remote allocation
|
page read and write
|
||
|
3E4A37F000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
309F000
|
stack
|
page read and write
|
||
|
27EA028D000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
18E62C79000
|
heap
|
page read and write
|
||
|
27EA58E1000
|
trusted library allocation
|
page read and write
|
||
|
16DF4B30000
|
heap
|
page read and write
|
||
|
16DF4D00000
|
heap
|
page read and write
|
||
|
27EA5A3F000
|
heap
|
page read and write
|
||
|
111FCB50000
|
trusted library allocation
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
111FCC6D000
|
heap
|
page read and write
|
||
|
27EA58C0000
|
trusted library allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
BA7D58B000
|
stack
|
page read and write
|
||
|
6F0000
|
direct allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
F0F000
|
stack
|
page read and write
|
||
|
FBC0000
|
unkown
|
page readonly
|
||
|
16AA7C10000
|
heap
|
page read and write
|
||
|
2F5F000
|
stack
|
page read and write
|
||
|
111FC9E0000
|
heap
|
page read and write
|
||
|
C18000
|
heap
|
page read and write
|
||
|
27EA09D0000
|
trusted library section
|
page read and write
|
||
|
1001FF000
|
stack
|
page read and write
|
||
|
16DF4C7E000
|
heap
|
page read and write
|
||
|
27EA0A02000
|
heap
|
page read and write
|
||
|
16DF4D13000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16DF4C3C000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
4FB37E000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
16DF4C00000
|
heap
|
page read and write
|
||
|
1EE4DC29000
|
heap
|
page read and write
|
||
|
27EA5B05000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
6E0000
|
direct allocation
|
page read and write
|
||
|
27EA59F0000
|
trusted library allocation
|
page read and write
|
||
|
16AA8802000
|
heap
|
page read and write
|
||
|
9D0000
|
direct allocation
|
page read and write
|
||
|
111FCC7E000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
27EA5A4C000
|
heap
|
page read and write
|
||
|
18E62C00000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA0223000
|
heap
|
page read and write
|
||
|
27EA59E0000
|
trusted library allocation
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
119E000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
46D657B000
|
stack
|
page read and write
|
||
|
111FCC6B000
|
heap
|
page read and write
|
||
|
27EA13A0000
|
trusted library section
|
page readonly
|
||
|
2920000
|
heap
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
46D677F000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
27EA5AA4000
|
heap
|
page read and write
|
||
|
4FB57E000
|
stack
|
page read and write
|
||
|
13EF000
|
stack
|
page read and write
|
||
|
2E5F000
|
stack
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
There are 667 hidden memdumps, click here to show them.