Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
NUEVA ORDEN-MATSA 10-2022,.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\NUEVA ORDEN-MATSA 10-2022,.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\nssdbm3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1C1DB9BC\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50760375990489576525014.tmp
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie
0x19, schema 4, UTF-8, version-valid-for 2
|
modified
|
There are 41 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\NUEVA ORDEN-MATSA 10-2022,.exe
|
C:\Users\user\Desktop\NUEVA ORDEN-MATSA 10-2022,.exe
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe" /c C:\Windows\system32\timeout.exe 3 & del "cvtres.exe
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\timeout.exe
|
C:\Windows\system32\timeout.exe 3
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://cinho.shop/PL341/index.php
|
188.114.97.3
|
|
|
|
http://www.cyberlink.com0/
|
unknown
|
||
|
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
|
http://cinho.shop/PL341/index.phpA
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.cyberlink.com0
|
unknown
|
||
|
http://ip-api.com/json
|
unknown
|
||
|
http://www.mozilla.com0
|
unknown
|
||
|
https://dotbit.me/a/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cinho.shop
|
188.114.97.3
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
cinho.shop
|
European Union
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
81C8000
|
direct allocation
|
page read and write
|
|
|
|
7E30000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3A41000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
81D4000
|
direct allocation
|
page read and write
|
|
|
|
18E68E3D000
|
heap
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
29127664000
|
heap
|
page read and write
|
||
|
294D57F0000
|
heap
|
page read and write
|
||
|
325D000
|
stack
|
page read and write
|
||
|
3370000
|
unkown
|
page readonly
|
||
|
18E68E02000
|
heap
|
page read and write
|
||
|
EEE6B7C000
|
stack
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
71E7C7B000
|
stack
|
page read and write
|
||
|
501D000
|
trusted library allocation
|
page read and write
|
||
|
4A7E000
|
stack
|
page read and write
|
||
|
34F0000
|
trusted library allocation
|
page read and write
|
||
|
71E817F000
|
stack
|
page read and write
|
||
|
81E8000
|
direct allocation
|
page read and write
|
||
|
29128200000
|
heap
|
page read and write
|
||
|
7878000
|
direct allocation
|
page read and write
|
||
|
78CC000
|
direct allocation
|
page read and write
|
||
|
598E8FE000
|
stack
|
page read and write
|
||
|
2532AC63000
|
heap
|
page read and write
|
||
|
2532AC64000
|
heap
|
page read and write
|
||
|
4B6A000
|
heap
|
page read and write
|
||
|
6720000
|
direct allocation
|
page read and write
|
||
|
291277E5000
|
heap
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
6730000
|
direct allocation
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
75FC000
|
direct allocation
|
page read and write
|
||
|
29127629000
|
heap
|
page read and write
|
||
|
2532AC44000
|
heap
|
page read and write
|
||
|
2532AC4D000
|
heap
|
page read and write
|
||
|
2532AC46000
|
heap
|
page read and write
|
||
|
760000
|
unkown
|
page readonly
|
||
|
74EC000
|
direct allocation
|
page read and write
|
||
|
4B27000
|
heap
|
page read and write
|
||
|
75F0000
|
direct allocation
|
page read and write
|
||
|
66C0000
|
direct allocation
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
34E2000
|
heap
|
page read and write
|
||
|
283A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
78D4000
|
direct allocation
|
page read and write
|
||
|
1ADF0889000
|
heap
|
page read and write
|
||
|
8234000
|
direct allocation
|
page read and write
|
||
|
8238000
|
direct allocation
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
95E06FE000
|
stack
|
page read and write
|
||
|
251077F000
|
stack
|
page read and write
|
||
|
BB1CB7E000
|
stack
|
page read and write
|
||
|
72E0000
|
direct allocation
|
page read and write
|
||
|
6710000
|
direct allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
7888000
|
direct allocation
|
page read and write
|
||
|
3380000
|
unkown
|
page read and write
|
||
|
1074000
|
trusted library allocation
|
page read and write
|
||
|
66CC000
|
direct allocation
|
page read and write
|
||
|
1E8E3680000
|
heap
|
page read and write
|
||
|
2532AC83000
|
heap
|
page read and write
|
||
|
2532AC62000
|
heap
|
page read and write
|
||
|
4B5D000
|
heap
|
page read and write
|
||
|
662D000
|
stack
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
95E04FB000
|
stack
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
821C000
|
direct allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
18E68E55000
|
heap
|
page read and write
|
||
|
66AC000
|
direct allocation
|
page read and write
|
||
|
3380000
|
unkown
|
page read and write
|
||
|
81D8000
|
direct allocation
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
29128193000
|
heap
|
page read and write
|
||
|
BB1CA7F000
|
stack
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
6750000
|
direct allocation
|
page read and write
|
||
|
6760000
|
direct allocation
|
page read and write
|
||
|
4FD7000
|
trusted library allocation
|
page read and write
|
||
|
48E9000
|
stack
|
page read and write
|
||
|
251067F000
|
stack
|
page read and write
|
||
|
19C1FFA000
|
stack
|
page read and write
|
||
|
6740000
|
direct allocation
|
page read and write
|
||
|
18E68D90000
|
heap
|
page read and write
|
||
|
4B3D000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
4B12000
|
heap
|
page read and write
|
||
|
2532AC3D000
|
heap
|
page read and write
|
||
|
4B6B000
|
heap
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
71E0000
|
direct allocation
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
7938000
|
direct allocation
|
page read and write
|
||
|
1A958B30000
|
trusted library allocation
|
page read and write
|
||
|
7528000
|
direct allocation
|
page read and write
|
||
|
18E68E29000
|
heap
|
page read and write
|
||
|
8300000
|
direct allocation
|
page read and write
|
||
|
294D5950000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
direct allocation
|
page read and write
|
||
|
8244000
|
direct allocation
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
6730000
|
direct allocation
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
7528000
|
direct allocation
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
66F8000
|
direct allocation
|
page read and write
|
||
|
826C000
|
direct allocation
|
page read and write
|
||
|
840E000
|
direct allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
CCB000
|
heap
|
page read and write
|
||
|
1064000
|
trusted library allocation
|
page read and write
|
||
|
29128223000
|
heap
|
page read and write
|
||
|
1E8E3879000
|
heap
|
page read and write
|
||
|
6760000
|
direct allocation
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
1E8E3813000
|
heap
|
page read and write
|
||
|
2532AC60000
|
heap
|
page read and write
|
||
|
2ADC000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page execute and read and write
|
||
|
6710000
|
direct allocation
|
page read and write
|
||
|
8270000
|
direct allocation
|
page read and write
|
||
|
294D6312000
|
heap
|
page read and write
|
||
|
35D8000
|
heap
|
page read and write
|
||
|
8218000
|
direct allocation
|
page read and write
|
||
|
6750000
|
direct allocation
|
page read and write
|
||
|
4B49000
|
heap
|
page read and write
|
||
|
29128122000
|
heap
|
page read and write
|
||
|
1063000
|
trusted library allocation
|
page execute and read and write
|
||
|
EEE757E000
|
stack
|
page read and write
|
||
|
86FE000
|
stack
|
page read and write
|
||
|
1E8E3610000
|
heap
|
page read and write
|
||
|
824C000
|
direct allocation
|
page read and write
|
||
|
70E0000
|
direct allocation
|
page read and write
|
||
|
18E68DF0000
|
remote allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
4B3F000
|
heap
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
765C000
|
direct allocation
|
page read and write
|
||
|
EEE6F7A000
|
stack
|
page read and write
|
||
|
CFE000
|
heap
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
71E837F000
|
stack
|
page read and write
|
||
|
2532B602000
|
trusted library allocation
|
page read and write
|
||
|
83A0000
|
direct allocation
|
page read and write
|
||
|
786000
|
unkown
|
page readonly
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
149C7245000
|
heap
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
2912763D000
|
heap
|
page read and write
|
||
|
1ADF07D0000
|
remote allocation
|
page read and write
|
||
|
6750000
|
direct allocation
|
page read and write
|
||
|
29127613000
|
heap
|
page read and write
|
||
|
2532AB60000
|
heap
|
page read and write
|
||
|
149C7050000
|
heap
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
95E08FE000
|
stack
|
page read and write
|
||
|
2532AC73000
|
heap
|
page read and write
|
||
|
8210000
|
direct allocation
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
2532AC54000
|
heap
|
page read and write
|
||
|
35E9000
|
heap
|
page read and write
|
||
|
81E4000
|
direct allocation
|
page read and write
|
||
|
2912766C000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
149C6FF0000
|
heap
|
page read and write
|
||
|
8248000
|
direct allocation
|
page read and write
|
||
|
4B4A000
|
heap
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
4B5A000
|
heap
|
page read and write
|
||
|
6730000
|
direct allocation
|
page read and write
|
||
|
81C4000
|
direct allocation
|
page read and write
|
||
|
35D8000
|
heap
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
direct allocation
|
page read and write
|
||
|
81DC000
|
direct allocation
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
1A958C02000
|
heap
|
page read and write
|
||
|
294D6300000
|
heap
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
84AC000
|
direct allocation
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
D2B000
|
heap
|
page read and write
|
||
|
6CCA000
|
stack
|
page read and write
|
||
|
29127669000
|
heap
|
page read and write
|
||
|
4FFE000
|
stack
|
page read and write
|
||
|
7884000
|
direct allocation
|
page read and write
|
||
|
7600000
|
direct allocation
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
4B5D000
|
heap
|
page read and write
|
||
|
3370000
|
unkown
|
page readonly
|
||
|
4B76000
|
heap
|
page read and write
|
||
|
1D627E000
|
stack
|
page read and write
|
||
|
2532AC00000
|
heap
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
1ADF0750000
|
heap
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
29128213000
|
heap
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
95E047C000
|
stack
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
84D0000
|
direct allocation
|
page read and write
|
||
|
29128202000
|
heap
|
page read and write
|
||
|
4B9C000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
2A0D000
|
stack
|
page read and write
|
||
|
294D5B13000
|
heap
|
page read and write
|
||
|
7608000
|
direct allocation
|
page read and write
|
||
|
35E9000
|
heap
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
294D5A67000
|
heap
|
page read and write
|
||
|
4A40000
|
trusted library allocation
|
page read and write
|
||
|
3370000
|
unkown
|
page readonly
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
1ADF0913000
|
heap
|
page read and write
|
||
|
D2B000
|
heap
|
page read and write
|
||
|
4B66000
|
heap
|
page read and write
|
||
|
6DCF000
|
stack
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
2532AC6C000
|
heap
|
page read and write
|
||
|
34DE000
|
unkown
|
page read and write
|
||
|
97AE000
|
stack
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
6686000
|
heap
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
1ADF0873000
|
heap
|
page read and write
|
||
|
4A48000
|
trusted library allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
3360000
|
unkown
|
page readonly
|
||
|
34E6000
|
heap
|
page read and write
|
||
|
84C0000
|
direct allocation
|
page read and write
|
||
|
71E827D000
|
stack
|
page read and write
|
||
|
75E0000
|
direct allocation
|
page read and write
|
||
|
149C7229000
|
heap
|
page read and write
|
||
|
839C000
|
direct allocation
|
page read and write
|
||
|
19C21FF000
|
stack
|
page read and write
|
||
|
839C000
|
direct allocation
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
ECF000
|
stack
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
70E0000
|
direct allocation
|
page read and write
|
||
|
1ADF0918000
|
heap
|
page read and write
|
||
|
149C724F000
|
heap
|
page read and write
|
||
|
598E37B000
|
stack
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
81D8000
|
direct allocation
|
page read and write
|
||
|
788C000
|
direct allocation
|
page read and write
|
||
|
4A95000
|
heap
|
page read and write
|
||
|
3380000
|
unkown
|
page read and write
|
||
|
84C0000
|
direct allocation
|
page read and write
|
||
|
66B0000
|
direct allocation
|
page read and write
|
||
|
6720000
|
direct allocation
|
page read and write
|
||
|
2532AC7C000
|
heap
|
page read and write
|
||
|
2532AC41000
|
heap
|
page read and write
|
||
|
8208000
|
direct allocation
|
page read and write
|
||
|
787C000
|
direct allocation
|
page read and write
|
||
|
25103FC000
|
stack
|
page read and write
|
||
|
4B27000
|
heap
|
page read and write
|
||
|
6680000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
2ADE000
|
trusted library allocation
|
page read and write
|
||
|
95E02FF000
|
stack
|
page read and write
|
||
|
29127688000
|
heap
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
18E68DC0000
|
trusted library allocation
|
page read and write
|
||
|
149C7254000
|
heap
|
page read and write
|
||
|
95E007C000
|
stack
|
page read and write
|
||
|
1E8E3913000
|
heap
|
page read and write
|
||
|
1ADF0813000
|
heap
|
page read and write
|
||
|
6760000
|
direct allocation
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
6750000
|
direct allocation
|
page read and write
|
||
|
820C000
|
direct allocation
|
page read and write
|
||
|
666E000
|
stack
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
149C7213000
|
heap
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
1ADF06F0000
|
heap
|
page read and write
|
||
|
5157000
|
trusted library allocation
|
page read and write
|
||
|
1E8E3857000
|
heap
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
2532AC66000
|
heap
|
page read and write
|
||
|
4B48000
|
heap
|
page read and write
|
||
|
2912816D000
|
heap
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
2532ABC0000
|
heap
|
page read and write
|
||
|
1D5E7C000
|
stack
|
page read and write
|
||
|
71E877F000
|
stack
|
page read and write
|
||
|
66B0000
|
direct allocation
|
page read and write
|
||
|
76EC000
|
direct allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
1D63FF000
|
stack
|
page read and write
|
||
|
4FC4000
|
trusted library allocation
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
73E0000
|
direct allocation
|
page read and write
|
||
|
C7C000
|
stack
|
page read and write
|
||
|
4A9F000
|
trusted library allocation
|
page read and write
|
||
|
291281BD000
|
heap
|
page read and write
|
||
|
2532AC74000
|
heap
|
page read and write
|
||
|
294D5A3D000
|
heap
|
page read and write
|
||
|
2860000
|
trusted library allocation
|
page read and write
|
||
|
1A9589D0000
|
heap
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
EEE717B000
|
stack
|
page read and write
|
||
|
6740000
|
direct allocation
|
page read and write
|
||
|
66B0000
|
direct allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
7528000
|
direct allocation
|
page read and write
|
||
|
29128154000
|
heap
|
page read and write
|
||
|
1E8E3864000
|
heap
|
page read and write
|
||
|
788C000
|
direct allocation
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
1E8E3802000
|
heap
|
page read and write
|
||
|
839C000
|
direct allocation
|
page read and write
|
||
|
EEE707F000
|
stack
|
page read and write
|
||
|
2532AC30000
|
heap
|
page read and write
|
||
|
1ADF0858000
|
heap
|
page read and write
|
||
|
2532AD02000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
598EAFF000
|
stack
|
page read and write
|
||
|
294D5ACE000
|
heap
|
page read and write
|
||
|
66C0000
|
direct allocation
|
page read and write
|
||
|
C3C000
|
stack
|
page read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
149C7302000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
95E07FD000
|
stack
|
page read and write
|
||
|
56AE000
|
stack
|
page read and write
|
||
|
2532AC47000
|
heap
|
page read and write
|
||
|
8228000
|
direct allocation
|
page read and write
|
||
|
250FFDC000
|
stack
|
page read and write
|
||
|
29127713000
|
heap
|
page read and write
|
||
|
149C7200000
|
heap
|
page read and write
|
||
|
4A8E000
|
stack
|
page read and write
|
||
|
1ADF07D0000
|
remote allocation
|
page read and write
|
||
|
5000000
|
trusted library section
|
page read and write
|
||
|
669C000
|
direct allocation
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
2532AC40000
|
heap
|
page read and write
|
||
|
4B5D000
|
heap
|
page read and write
|
||
|
EEE71F9000
|
stack
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
598E7FE000
|
stack
|
page read and write
|
||
|
781C000
|
direct allocation
|
page read and write
|
||
|
7684000
|
direct allocation
|
page read and write
|
||
|
66C0000
|
direct allocation
|
page read and write
|
||
|
149C7000000
|
heap
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
6740000
|
direct allocation
|
page read and write
|
||
|
BB1C35B000
|
stack
|
page read and write
|
||
|
1A9589C0000
|
heap
|
page read and write
|
||
|
1ADF07D0000
|
remote allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
84C4000
|
direct allocation
|
page read and write
|
||
|
18E68D20000
|
heap
|
page read and write
|
||
|
787C000
|
direct allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
6760000
|
direct allocation
|
page read and write
|
||
|
839C000
|
direct allocation
|
page read and write
|
||
|
8400000
|
direct allocation
|
page read and write
|
||
|
291277B9000
|
heap
|
page read and write
|
||
|
1ADF22B0000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
1D64FD000
|
stack
|
page read and write
|
||
|
1ADF07A0000
|
trusted library allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
29128102000
|
heap
|
page read and write
|
||
|
1E8E4002000
|
trusted library allocation
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
18E68DF0000
|
remote allocation
|
page read and write
|
||
|
37E1000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
294D5A29000
|
heap
|
page read and write
|
||
|
8280000
|
direct allocation
|
page read and write
|
||
|
18E68DF0000
|
remote allocation
|
page read and write
|
||
|
29127692000
|
heap
|
page read and write
|
||
|
8412000
|
direct allocation
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
71E7E7A000
|
stack
|
page read and write
|
||
|
1E8E3620000
|
heap
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
2912762F000
|
heap
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
514E000
|
stack
|
page read and write
|
||
|
762000
|
unkown
|
page readonly
|
||
|
19C1EFE000
|
stack
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
4B4A000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
B35000
|
stack
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
29127656000
|
heap
|
page read and write
|
||
|
35E9000
|
heap
|
page read and write
|
||
|
2FA8000
|
heap
|
page read and write
|
||
|
18E69802000
|
trusted library allocation
|
page read and write
|
||
|
29127694000
|
heap
|
page read and write
|
||
|
35D8000
|
heap
|
page read and write
|
||
|
71E857F000
|
stack
|
page read and write
|
||
|
66C8000
|
direct allocation
|
page read and write
|
||
|
2532AC42000
|
heap
|
page read and write
|
||
|
1ADF0800000
|
heap
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
2532AC55000
|
heap
|
page read and write
|
||
|
2532AC7D000
|
heap
|
page read and write
|
||
|
1E8E3900000
|
heap
|
page read and write
|
||
|
4A97000
|
heap
|
page read and write
|
||
|
2532AC5F000
|
heap
|
page read and write
|
||
|
2A70000
|
trusted library allocation
|
page read and write
|
||
|
4B38000
|
heap
|
page read and write
|
||
|
7880000
|
direct allocation
|
page read and write
|
||
|
35EB000
|
heap
|
page read and write
|
||
|
83A0000
|
direct allocation
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
294D5ABD000
|
heap
|
page read and write
|
||
|
6730000
|
direct allocation
|
page read and write
|
||
|
149C7A02000
|
trusted library allocation
|
page read and write
|
||
|
6E1E000
|
stack
|
page read and write
|
||
|
95E037C000
|
stack
|
page read and write
|
||
|
4B6A000
|
heap
|
page read and write
|
||
|
29127540000
|
heap
|
page read and write
|
||
|
2AE2000
|
trusted library allocation
|
page read and write
|
||
|
95E01FE000
|
stack
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
34E6000
|
heap
|
page read and write
|
||
|
29128100000
|
heap
|
page read and write
|
||
|
7920000
|
direct allocation
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
7D80000
|
direct allocation
|
page read and write
|
||
|
66A4000
|
direct allocation
|
page read and write
|
||
|
83A0000
|
direct allocation
|
page read and write
|
||
|
1ADF0857000
|
heap
|
page read and write
|
||
|
70E0000
|
direct allocation
|
page read and write
|
||
|
1A958D13000
|
heap
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
66B0000
|
direct allocation
|
page read and write
|
||
|
95DFE7B000
|
stack
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
2532AC6E000
|
heap
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
6F30000
|
heap
|
page read and write
|
||
|
7604000
|
direct allocation
|
page read and write
|
||
|
4B55000
|
heap
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
81F8000
|
direct allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
CF1000
|
heap
|
page read and write
|
||
|
81D4000
|
direct allocation
|
page read and write
|
||
|
1ADF0780000
|
trusted library allocation
|
page read and write
|
||
|
149C723C000
|
heap
|
page read and write
|
||
|
4A40000
|
trusted library allocation
|
page read and write
|
||
|
EEE74FE000
|
stack
|
page read and write
|
||
|
6710000
|
direct allocation
|
page read and write
|
||
|
4A90000
|
heap
|
page read and write
|
||
|
1ADF2270000
|
trusted library allocation
|
page read and write
|
||
|
A3C000
|
stack
|
page read and write
|
||
|
7380000
|
trusted library allocation
|
page read and write
|
||
|
4AA0000
|
trusted library allocation
|
page read and write
|
||
|
294D5A00000
|
heap
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
1E8E3868000
|
heap
|
page read and write
|
||
|
2912778E000
|
heap
|
page read and write
|
||
|
37CF000
|
unkown
|
page read and write
|
||
|
149C7247000
|
heap
|
page read and write
|
||
|
75F0000
|
direct allocation
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
6690000
|
direct allocation
|
page read and write
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
822C000
|
direct allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
81D0000
|
direct allocation
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
294D5A88000
|
heap
|
page read and write
|
||
|
7878000
|
direct allocation
|
page read and write
|
||
|
4B59000
|
heap
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
1ADF0862000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page execute and read and write
|
||
|
598E3FE000
|
stack
|
page read and write
|
||
|
18E68F02000
|
heap
|
page read and write
|
||
|
3360000
|
unkown
|
page readonly
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
2532AC48000
|
heap
|
page read and write
|
||
|
81C4000
|
direct allocation
|
page read and write
|
||
|
4D0E000
|
stack
|
page read and write
|
||
|
4B42000
|
heap
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
149C722E000
|
heap
|
page read and write
|
||
|
EEE73FF000
|
stack
|
page read and write
|
||
|
35EA000
|
heap
|
page read and write
|
||
|
294D5850000
|
heap
|
page read and write
|
||
|
251087C000
|
stack
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
4CCF000
|
stack
|
page read and write
|
||
|
598E67E000
|
stack
|
page read and write
|
||
|
1A958C70000
|
heap
|
page read and write
|
||
|
1D60FF000
|
stack
|
page read and write
|
||
|
D2B000
|
heap
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
1A958C41000
|
heap
|
page read and write
|
||
|
7E30000
|
direct allocation
|
page read and write
|
||
|
7504000
|
direct allocation
|
page read and write
|
||
|
71E847F000
|
stack
|
page read and write
|
||
|
839C000
|
direct allocation
|
page read and write
|
||
|
104F000
|
stack
|
page read and write
|
||
|
2A20000
|
trusted library section
|
page read and write
|
||
|
294D5A6D000
|
heap
|
page read and write
|
||
|
4B48000
|
heap
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
7878000
|
direct allocation
|
page read and write
|
||
|
1A958C78000
|
heap
|
page read and write
|
||
|
1A958C13000
|
heap
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
2532AC7A000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1A958C5A000
|
heap
|
page read and write
|
||
|
8230000
|
direct allocation
|
page read and write
|
||
|
1E8E383C000
|
heap
|
page read and write
|
||
|
294D5AE8000
|
heap
|
page read and write
|
||
|
75E0000
|
direct allocation
|
page read and write
|
||
|
71E867F000
|
stack
|
page read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
7A00000
|
direct allocation
|
page read and write
|
||
|
4B53000
|
heap
|
page read and write
|
||
|
28C0000
|
heap
|
page read and write
|
||
|
19C20FA000
|
stack
|
page read and write
|
||
|
2532AC61000
|
heap
|
page read and write
|
||
|
66C0000
|
direct allocation
|
page read and write
|
||
|
87FC000
|
stack
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
81EC000
|
direct allocation
|
page read and write
|
||
|
4570000
|
heap
|
page read and write
|
||
|
2532AC13000
|
heap
|
page read and write
|
||
|
18E68E13000
|
heap
|
page read and write
|
||
|
556E000
|
stack
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
74E0000
|
direct allocation
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
6740000
|
direct allocation
|
page read and write
|
||
|
66C0000
|
direct allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
6770000
|
direct allocation
|
page read and write
|
||
|
1ADF0802000
|
heap
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
29127644000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
BB1C87B000
|
stack
|
page read and write
|
||
|
BB1C97E000
|
stack
|
page read and write
|
||
|
4580000
|
trusted library allocation
|
page readonly
|
||
|
4B44000
|
heap
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
294D57E0000
|
heap
|
page read and write
|
||
|
7880000
|
direct allocation
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
2847000
|
trusted library allocation
|
page execute and read and write
|
||
|
96AD000
|
stack
|
page read and write
|
||
|
7880000
|
direct allocation
|
page read and write
|
||
|
4FC2000
|
trusted library allocation
|
page read and write
|
||
|
1ADF0858000
|
heap
|
page read and write
|
||
|
81D8000
|
direct allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
335D000
|
stack
|
page read and write
|
||
|
75E0000
|
direct allocation
|
page read and write
|
||
|
2A41000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
2532AC49000
|
heap
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
81CC000
|
direct allocation
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
825C000
|
direct allocation
|
page read and write
|
||
|
1E8E3800000
|
heap
|
page read and write
|
||
|
2532AC4E000
|
heap
|
page read and write
|
||
|
2A64000
|
trusted library allocation
|
page read and write
|
||
|
1ADF083D000
|
heap
|
page read and write
|
||
|
1D637D000
|
stack
|
page read and write
|
||
|
294D5A13000
|
heap
|
page read and write
|
||
|
2A4F000
|
trusted library allocation
|
page read and write
|
||
|
8610000
|
heap
|
page read and write
|
||
|
18E68D30000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
8500000
|
heap
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
1A958C2A000
|
heap
|
page read and write
|
||
|
1D617E000
|
stack
|
page read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
291275A0000
|
heap
|
page read and write
|
||
|
294D5A65000
|
heap
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
29128002000
|
heap
|
page read and write
|
||
|
251097D000
|
stack
|
page read and write
|
||
|
71E807C000
|
stack
|
page read and write
|
||
|
8204000
|
direct allocation
|
page read and write
|
||
|
66B0000
|
direct allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
7874000
|
direct allocation
|
page read and write
|
||
|
65EE000
|
stack
|
page read and write
|
||
|
8260000
|
direct allocation
|
page read and write
|
||
|
2532AC45000
|
heap
|
page read and write
|
||
|
45EC000
|
stack
|
page read and write
|
||
|
2532AC39000
|
heap
|
page read and write
|
||
|
8214000
|
direct allocation
|
page read and write
|
||
|
95E05FF000
|
stack
|
page read and write
|
||
|
34E6000
|
heap
|
page read and write
|
||
|
2912768B000
|
heap
|
page read and write
|
||
|
8250000
|
direct allocation
|
page read and write
|
||
|
2510B7F000
|
stack
|
page read and write
|
||
|
291281CF000
|
heap
|
page read and write
|
||
|
1ADF0848000
|
heap
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
6720000
|
direct allocation
|
page read and write
|
||
|
4245000
|
trusted library allocation
|
page read and write
|
||
|
1E8E3828000
|
heap
|
page read and write
|
||
|
294D5B02000
|
heap
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
1A959402000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
7870000
|
direct allocation
|
page read and write
|
||
|
1A958C76000
|
heap
|
page read and write
|
||
|
284B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7858000
|
direct allocation
|
page read and write
|
||
|
291275D0000
|
trusted library allocation
|
page read and write
|
||
|
29128143000
|
heap
|
page read and write
|
||
|
29128122000
|
heap
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
18E68E00000
|
heap
|
page read and write
|
||
|
48FA000
|
stack
|
page read and write
|
||
|
29127E70000
|
trusted library allocation
|
page read and write
|
||
|
6F1F000
|
stack
|
page read and write
|
||
|
6710000
|
direct allocation
|
page read and write
|
||
|
2830000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
direct allocation
|
page read and write
|
||
|
1ADF06E0000
|
heap
|
page read and write
|
||
|
EEE72FA000
|
stack
|
page read and write
|
||
|
7834000
|
direct allocation
|
page read and write
|
||
|
1D667E000
|
stack
|
page read and write
|
||
|
1D65FD000
|
stack
|
page read and write
|
||
|
2510A7F000
|
stack
|
page read and write
|
||
|
2532AC4B000
|
heap
|
page read and write
|
||
|
81F0000
|
direct allocation
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
1A958C00000
|
heap
|
page read and write
|
||
|
8278000
|
direct allocation
|
page read and write
|
||
|
7878000
|
direct allocation
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
2532AC29000
|
heap
|
page read and write
|
||
|
19C1AEB000
|
stack
|
page read and write
|
||
|
81C8000
|
direct allocation
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
7890000
|
direct allocation
|
page read and write
|
||
|
EEE767F000
|
stack
|
page read and write
|
||
|
1ADF2402000
|
trusted library allocation
|
page read and write
|
||
|
251057F000
|
stack
|
page read and write
|
||
|
291281B1000
|
heap
|
page read and write
|
||
|
4B5E000
|
heap
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
1A958D02000
|
heap
|
page read and write
|
||
|
2ACF000
|
trusted library allocation
|
page read and write
|
||
|
2532AC4F000
|
heap
|
page read and write
|
||
|
1E8E3902000
|
heap
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
2532AC69000
|
heap
|
page read and write
|
||
|
6710000
|
direct allocation
|
page read and write
|
||
|
4AD8000
|
heap
|
page read and write
|
||
|
149C7150000
|
trusted library allocation
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
5220000
|
heap
|
page execute and read and write
|
||
|
1ADF0900000
|
heap
|
page read and write
|
||
|
2532AC67000
|
heap
|
page read and write
|
||
|
1ADF082A000
|
heap
|
page read and write
|
||
|
BA5000
|
heap
|
page read and write
|
||
|
18E68E5C000
|
heap
|
page read and write
|
||
|
2912765B000
|
heap
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
29127600000
|
heap
|
page read and write
|
||
|
6694000
|
direct allocation
|
page read and write
|
||
|
1ADF0847000
|
heap
|
page read and write
|
||
|
2532AB50000
|
heap
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
4B55000
|
heap
|
page read and write
|
||
|
35E9000
|
heap
|
page read and write
|
||
|
1A958A30000
|
heap
|
page read and write
|
||
|
1ADF0902000
|
heap
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
2837000
|
trusted library allocation
|
page execute and read and write
|
||
|
37D0000
|
trusted library allocation
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
81D8000
|
direct allocation
|
page read and write
|
||
|
4910000
|
remote allocation
|
page read and write
|
||
|
4A80000
|
trusted library section
|
page read and write
|
||
|
294D5AC7000
|
heap
|
page read and write
|
||
|
37E1000
|
trusted library allocation
|
page read and write
|
||
|
294D5AE2000
|
heap
|
page read and write
|
||
|
1ADF0848000
|
heap
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
2532AC02000
|
heap
|
page read and write
|
||
|
2532ABF0000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
598E9FE000
|
stack
|
page read and write
|
||
|
81F4000
|
direct allocation
|
page read and write
|
||
|
5158000
|
trusted library allocation
|
page read and write
|
||
|
1E8E3780000
|
trusted library allocation
|
page read and write
|
||
|
29128227000
|
heap
|
page read and write
|
||
|
294D6202000
|
heap
|
page read and write
|
||
|
8398000
|
direct allocation
|
page read and write
|
||
|
8220000
|
direct allocation
|
page read and write
|
||
|
6720000
|
direct allocation
|
page read and write
|
||
|
4FCC000
|
trusted library allocation
|
page read and write
|
||
|
81D8000
|
direct allocation
|
page read and write
|
||
|
1A958C66000
|
heap
|
page read and write
|
||
|
149C7202000
|
heap
|
page read and write
|
||
|
29128230000
|
heap
|
page read and write
|
||
|
6F9E000
|
stack
|
page read and write
|
||
|
8394000
|
direct allocation
|
page read and write
|
||
|
29127530000
|
heap
|
page read and write
|
||
|
71E7F7D000
|
stack
|
page read and write
|
||
|
3360000
|
unkown
|
page readonly
|
||
|
2532AC6A000
|
heap
|
page read and write
|
There are 761 hidden memdumps, click here to show them.