Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RechX2022.11.11_1045X.xls
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Author: Gydar, Last Saved
By: Gydar, Name of Creating Application: Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date:
Thu Nov 10 07:26:07 2022, Security: 0
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\2yXcjy57oZTTUNweDidCGUY[1].dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\o0oHPECmC0WPIXcvQPJOXzFOO7w00z7mkDO[1].dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\EvvmhfKiKFhKrSuHfBq[1].dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\RechX2022.11.11_1045X.xls
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Author: Gydar, Last Saved
By: Gydar, Name of Creating Application: Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date:
Thu Nov 10 07:26:07 2022, Security: 0
|
dropped
|
|
|
|
C:\Users\user\elv2.ooocccxxx
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\elv3.ooocccxxx
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\elv4.ooocccxxx
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\AAA2.tmp (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\D116.tmp (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF32588C8EB2A3FE52.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF8A90DB7077A13DA6.TMP
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\6B247BB0.tmp (copy)
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Author: Gydar, Last Saved
By: Gydar, Name of Creating Application: Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date:
Thu Nov 10 07:26:07 2022, Security: 0
|
dropped
|
||
|
C:\Users\user\Desktop\BD680000
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Author: Gydar, Last Saved By:
user, Name of Creating Application: Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date: Mon
Nov 14 16:07:30 2022, Security: 0
|
dropped
|
||
|
C:\Users\user\Desktop\BD680000:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\System32\HXVNCiWla\DkEI.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\LxJhBpIGuQtuqLqlk\rgLdvmpYAAMw.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\YsDsgPDHHUIQoh\TzrBJWzmduQmnx.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe /S ..\elv1.ooocccxxx
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe /S ..\elv2.ooocccxxx
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\YsDsgPDHHUIQoh\TzrBJWzmduQmnx.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe /S ..\elv3.ooocccxxx
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LxJhBpIGuQtuqLqlk\rgLdvmpYAAMw.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe /S ..\elv4.ooocccxxx
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HXVNCiWla\DkEI.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\YsDsgPDHHUIQoh\TzrBJWzmduQmnx.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\LxJhBpIGuQtuqLqlk\rgLdvmpYAAMw.dll
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\HXVNCiWla\DkEI.dll
|
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://182.162.143.56/qhecxbnpzjg/
|
182.162.143.56
|
|
|
|
http://sbm.xinmoshiwang.com/upload/VaOfWEb3pW76UO/
|
47.92.35.35
|
|
|
|
https://182.162.143.56/boiplpwswxcuxnjh/uinwb/ubppn/lupq/
|
182.162.143.56
|
|
|
|
https://182.162.143.56/acqrviy/djjybechrofav/
|
182.162.143.56
|
|
|
|
https://182.162.143.56/foelwwmtkdwehjqr/njwmpsxnqsxod/rlwwfo/
|
182.162.143.56
|
|
|
|
https://182.162.143.56/urupsapzfmrxqv/
|
182.162.143.56
|
|
|
|
https://182.162.
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
http://ly.yjlianyi.top/wp-admin/4cChao/
|
81.68.152.197
|
||
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
https://datie-tw.com/img/O8G0RDZj7MYCuJyPoP/
|
175.98.167.165
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
https://173.255.211.88/owewlpmufrqxtxj/
|
unknown
|
||
|
https://copunupo.ac.zm/cgi-bin/WFFcGx/
|
41.63.0.22
|
||
|
https://182.162.143.56/boiplpwswxcuxnjh/uinwb/ubppn/lupq/B
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
https://182.162.143.56/urupsapzfmrxqv/zW
|
unknown
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sbm.xinmoshiwang.com
|
47.92.35.35
|
||
|
datie-tw.com
|
175.98.167.165
|
||
|
copunupo.ac.zm
|
41.63.0.22
|
||
|
ly.yjlianyi.top
|
81.68.152.197
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
110.232.117.186
|
unknown
|
Australia
|
|
|
|
103.132.242.26
|
unknown
|
India
|
|
|
|
104.168.155.143
|
unknown
|
United States
|
|
|
|
79.137.35.198
|
unknown
|
France
|
|
|
|
45.118.115.99
|
unknown
|
Indonesia
|
|
|
|
172.104.251.154
|
unknown
|
United States
|
|
|
|
115.68.227.76
|
unknown
|
Korea Republic of
|
|
|
|
163.44.196.120
|
unknown
|
Singapore
|
|
|
|
206.189.28.199
|
unknown
|
United States
|
|
|
|
45.63.99.23
|
unknown
|
United States
|
|
|
|
107.170.39.149
|
unknown
|
United States
|
|
|
|
197.242.150.244
|
unknown
|
South Africa
|
|
|
|
185.4.135.165
|
unknown
|
Greece
|
|
|
|
183.111.227.137
|
unknown
|
Korea Republic of
|
|
|
|
45.176.232.124
|
unknown
|
Colombia
|
|
|
|
139.59.56.73
|
unknown
|
Singapore
|
|
|
|
169.57.156.166
|
unknown
|
United States
|
|
|
|
164.68.99.3
|
unknown
|
Germany
|
|
|
|
139.59.126.41
|
unknown
|
Singapore
|
|
|
|
167.172.253.162
|
unknown
|
United States
|
|
|
|
147.139.166.154
|
unknown
|
United States
|
|
|
|
202.129.205.3
|
unknown
|
Thailand
|
|
|
|
167.172.199.165
|
unknown
|
United States
|
|
|
|
153.92.5.27
|
unknown
|
Germany
|
|
|
|
159.65.140.115
|
unknown
|
United States
|
|
|
|
159.65.88.10
|
unknown
|
United States
|
|
|
|
172.105.226.75
|
unknown
|
United States
|
|
|
|
164.90.222.65
|
unknown
|
United States
|
|
|
|
213.239.212.5
|
unknown
|
Germany
|
|
|
|
5.135.159.50
|
unknown
|
France
|
|
|
|
173.255.211.88
|
unknown
|
United States
|
|
|
|
212.24.98.99
|
unknown
|
Lithuania
|
|
|
|
186.194.240.217
|
unknown
|
Brazil
|
|
|
|
91.187.140.35
|
unknown
|
Serbia
|
|
|
|
119.59.103.152
|
unknown
|
Thailand
|
|
|
|
159.89.202.34
|
unknown
|
United States
|
|
|
|
201.94.166.162
|
unknown
|
Brazil
|
|
|
|
160.16.142.56
|
unknown
|
Japan
|
|
|
|
103.75.201.2
|
unknown
|
Thailand
|
|
|
|
91.207.28.33
|
unknown
|
Kyrgyzstan
|
|
|
|
103.43.75.120
|
unknown
|
Japan
|
|
|
|
188.44.20.25
|
unknown
|
Macedonia
|
|
|
|
45.235.8.30
|
unknown
|
Brazil
|
|
|
|
153.126.146.25
|
unknown
|
Japan
|
|
|
|
72.15.201.15
|
unknown
|
United States
|
|
|
|
82.223.21.224
|
unknown
|
Spain
|
|
|
|
173.212.193.249
|
unknown
|
Germany
|
|
|
|
95.217.221.146
|
unknown
|
Germany
|
|
|
|
149.56.131.28
|
unknown
|
Canada
|
|
|
|
209.97.163.214
|
unknown
|
United States
|
|
|
|
182.162.143.56
|
unknown
|
Korea Republic of
|
|
|
|
1.234.2.232
|
unknown
|
Korea Republic of
|
|
|
|
129.232.188.93
|
unknown
|
South Africa
|
|
|
|
94.23.45.86
|
unknown
|
France
|
|
|
|
81.68.152.197
|
ly.yjlianyi.top
|
China
|
||
|
175.98.167.165
|
datie-tw.com
|
Taiwan; Republic of China (ROC)
|
||
|
47.92.35.35
|
sbm.xinmoshiwang.com
|
China
|
||
|
41.63.0.22
|
copunupo.ac.zm
|
Zambia
|
There are 48 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
TzrBJWzmduQmnx.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
rgLdvmpYAAMw.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
DkEI.dll
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
),'
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\6647D
|
6647D
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
4j'
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\86EAA
|
86EAA
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1AA000
|
heap
|
page read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
3C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
28A000
|
heap
|
page read and write
|
|
|
|
3B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1EF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
4C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
3B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
37A000
|
heap
|
page read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
31A000
|
heap
|
page read and write
|
|
|
|
140000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
4B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2266000
|
heap
|
page read and write
|
||
|
218D000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
201000
|
heap
|
page read and write
|
||
|
249000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page read and write
|
||
|
7FEF90F1000
|
unkown
|
page execute read
|
||
|
2D06000
|
heap
|
page read and write
|
||
|
239000
|
heap
|
page read and write
|
||
|
1FDB000
|
heap
|
page read and write
|
||
|
22B7000
|
heap
|
page read and write
|
||
|
2E2000
|
heap
|
page read and write
|
||
|
20A5000
|
heap
|
page read and write
|
||
|
2D39000
|
stack
|
page read and write
|
||
|
2186000
|
heap
|
page read and write
|
||
|
23EC000
|
stack
|
page read and write
|
||
|
3E4000
|
heap
|
page read and write
|
||
|
368000
|
heap
|
page read and write
|
||
|
21B000
|
stack
|
page read and write
|
||
|
21DE000
|
heap
|
page read and write
|
||
|
217B000
|
heap
|
page read and write
|
||
|
362000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
23EF000
|
stack
|
page read and write
|
||
|
2C4000
|
heap
|
page read and write
|
||
|
10C000
|
stack
|
page read and write
|
||
|
23B000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
126000
|
heap
|
page read and write
|
||
|
3304000
|
heap
|
page read and write
|
||
|
1F3000
|
heap
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
21B5000
|
heap
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
1F60000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
35E000
|
heap
|
page read and write
|
||
|
2D02000
|
heap
|
page read and write
|
||
|
7FEF9157000
|
unkown
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
C3000
|
heap
|
page read and write
|
||
|
2D07000
|
heap
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3AD000
|
heap
|
page read and write
|
||
|
7FEF9112000
|
unkown
|
page readonly
|
||
|
400000
|
remote allocation
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2187000
|
heap
|
page read and write
|
||
|
21F7000
|
heap
|
page read and write
|
||
|
114000
|
heap
|
page read and write
|
||
|
7FEF915D000
|
unkown
|
page readonly
|
||
|
2156000
|
heap
|
page read and write
|
||
|
1F20000
|
direct allocation
|
page execute and read and write
|
||
|
3CD000
|
heap
|
page read and write
|
||
|
4FF000
|
stack
|
page read and write
|
||
|
236C000
|
stack
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
7FEF90EA000
|
unkown
|
page readonly
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
4F6000
|
heap
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
354000
|
heap
|
page read and write
|
||
|
80000
|
heap
|
page read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
213B000
|
heap
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
201000
|
heap
|
page read and write
|
||
|
215D000
|
heap
|
page read and write
|
||
|
2BF2000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
128000
|
heap
|
page read and write
|
||
|
3D6000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
249000
|
heap
|
page read and write
|
||
|
456000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
1A3000
|
heap
|
page read and write
|
||
|
201000
|
heap
|
page read and write
|
||
|
2A0000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
254F000
|
stack
|
page read and write
|
||
|
7FEF9081000
|
unkown
|
page execute read
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
346E000
|
stack
|
page read and write
|
||
|
2DA000
|
heap
|
page read and write
|
||
|
2B94000
|
heap
|
page read and write
|
||
|
1E8000
|
heap
|
page read and write
|
||
|
E0000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2CE9000
|
heap
|
page read and write
|
||
|
2157000
|
heap
|
page read and write
|
||
|
2346000
|
heap
|
page read and write
|
||
|
7FEF9077000
|
unkown
|
page read and write
|
||
|
2BD9000
|
heap
|
page read and write
|
||
|
CA000
|
heap
|
page read and write
|
||
|
1D6000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
216D000
|
heap
|
page read and write
|
||
|
13B000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
377000
|
heap
|
page read and write
|
||
|
586000
|
heap
|
page read and write
|
||
|
2A6000
|
heap
|
page read and write
|
||
|
1ED000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
335000
|
heap
|
page read and write
|
||
|
2167000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
20F7000
|
heap
|
page read and write
|
||
|
3B6000
|
heap
|
page read and write
|
||
|
200B000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
25FC000
|
stack
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
7FEF90F0000
|
unkown
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2B0000
|
direct allocation
|
page execute and read and write
|
||
|
2FE000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
235A000
|
stack
|
page read and write
|
||
|
2C7000
|
heap
|
page read and write
|
||
|
2246000
|
heap
|
page read and write
|
||
|
261E000
|
stack
|
page read and write
|
||
|
21CE000
|
heap
|
page read and write
|
||
|
2316000
|
heap
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
7FEF90F0000
|
unkown
|
page readonly
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
342000
|
heap
|
page read and write
|
||
|
52C000
|
stack
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
21CB000
|
heap
|
page read and write
|
||
|
77000
|
heap
|
page read and write
|
||
|
2D4000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
2145000
|
heap
|
page read and write
|
||
|
282C000
|
stack
|
page read and write
|
||
|
7FEF907C000
|
unkown
|
page execute
|
||
|
23C000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
3E7000
|
heap
|
page read and write
|
||
|
30A3000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2287000
|
heap
|
page read and write
|
||
|
2D4000
|
heap
|
page read and write
|
||
|
1FA000
|
heap
|
page read and write
|
||
|
34D000
|
heap
|
page read and write
|
||
|
349000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
6FF000
|
stack
|
page read and write
|
||
|
7FEF907C000
|
unkown
|
page execute
|
||
|
224D000
|
heap
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
3F6000
|
heap
|
page read and write
|
||
|
7FEF915D000
|
unkown
|
page readonly
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
135000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
207000
|
heap
|
page read and write
|
||
|
2BDF000
|
heap
|
page read and write
|
||
|
7FEF9077000
|
unkown
|
page read and write
|
||
|
1FA5000
|
heap
|
page read and write
|
||
|
7EFE0000
|
unkown
|
page readonly
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
7FEF9032000
|
unkown
|
page readonly
|
||
|
7FEF90EC000
|
unkown
|
page execute
|
||
|
7FEF90E7000
|
unkown
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1FA0000
|
heap
|
page read and write
|
||
|
3097000
|
heap
|
page read and write
|
||
|
25E000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
3E0000
|
direct allocation
|
page execute and read and write
|
||
|
207000
|
heap
|
page read and write
|
||
|
7FEF9011000
|
unkown
|
page execute read
|
||
|
3307000
|
heap
|
page read and write
|
||
|
22F7000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
7FEF907D000
|
unkown
|
page readonly
|
||
|
253E000
|
stack
|
page read and write
|
||
|
400000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
20A0000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
1A0000
|
trusted library allocation
|
page read and write
|
||
|
2469000
|
stack
|
page read and write
|
||
|
1F65000
|
heap
|
page read and write
|
||
|
310000
|
remote allocation
|
page read and write
|
||
|
1A7000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
500000
|
trusted library allocation
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
254C000
|
stack
|
page read and write
|
||
|
7FEF90ED000
|
unkown
|
page readonly
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
22B6000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
11B000
|
stack
|
page read and write
|
||
|
2AAC000
|
stack
|
page read and write
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
1A0000
|
remote allocation
|
page read and write
|
||
|
54B000
|
heap
|
page read and write
|
||
|
7FEF9032000
|
unkown
|
page readonly
|
||
|
7FEF907A000
|
unkown
|
page readonly
|
||
|
373000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2150000
|
heap
|
page read and write
|
||
|
2D12000
|
heap
|
page read and write
|
||
|
280000
|
heap
|
page read and write
|
||
|
244F000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
7FEF907D000
|
unkown
|
page readonly
|
||
|
100000
|
heap
|
page read and write
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
368000
|
heap
|
page read and write
|
||
|
2A0000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
D3000
|
heap
|
page read and write
|
||
|
184000
|
heap
|
page read and write
|
||
|
7FEF90EC000
|
unkown
|
page execute
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
7FEF90E7000
|
unkown
|
page read and write
|
||
|
23B9000
|
stack
|
page read and write
|
||
|
207000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
2247000
|
heap
|
page read and write
|
||
|
210000
|
trusted library allocation
|
page read and write
|
||
|
2207000
|
heap
|
page read and write
|
||
|
222E000
|
heap
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
22DE000
|
heap
|
page read and write
|
||
|
24BF000
|
stack
|
page read and write
|
||
|
21FE000
|
heap
|
page read and write
|
||
|
1FD000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
290000
|
heap
|
page read and write
|
||
|
443000
|
heap
|
page read and write
|
||
|
7FEF915D000
|
unkown
|
page readonly
|
||
|
515000
|
heap
|
page read and write
|
||
|
210000
|
remote allocation
|
page read and write
|
||
|
226D000
|
heap
|
page read and write
|
||
|
500000
|
trusted library allocation
|
page read and write
|
||
|
7FEF915C000
|
unkown
|
page execute
|
||
|
261B000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
7FEF907D000
|
unkown
|
page readonly
|
||
|
216E000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2699000
|
stack
|
page read and write
|
||
|
243000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7FEF9010000
|
unkown
|
page readonly
|
||
|
4F0000
|
direct allocation
|
page execute and read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
22BE000
|
heap
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
22E7000
|
heap
|
page read and write
|
||
|
AE000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
4E0000
|
direct allocation
|
page execute and read and write
|
||
|
7FEF9032000
|
unkown
|
page readonly
|
||
|
530000
|
heap
|
page read and write
|
||
|
2DE000
|
heap
|
page read and write
|
||
|
7FEF915A000
|
unkown
|
page readonly
|
||
|
500000
|
trusted library allocation
|
page read and write
|
||
|
21B7000
|
heap
|
page read and write
|
||
|
7FEF90A2000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2C8000
|
heap
|
page read and write
|
||
|
4F0000
|
direct allocation
|
page execute and read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
49C000
|
heap
|
page read and write
|
||
|
30B4000
|
heap
|
page read and write
|
||
|
BE000
|
heap
|
page read and write
|
||
|
7FEF90ED000
|
unkown
|
page readonly
|
||
|
2280000
|
heap
|
page read and write
|
||
|
7FEF90EA000
|
unkown
|
page readonly
|
||
|
250D000
|
stack
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
7FEF9112000
|
unkown
|
page readonly
|
||
|
22DF000
|
stack
|
page read and write
|
||
|
26E000
|
heap
|
page read and write
|
||
|
21F6000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
283000
|
heap
|
page read and write
|
||
|
7FEF915C000
|
unkown
|
page execute
|
||
|
2CF2000
|
heap
|
page read and write
|
||
|
2E2000
|
heap
|
page read and write
|
||
|
157000
|
heap
|
page read and write
|
||
|
2A7000
|
heap
|
page read and write
|
||
|
7FEF90F0000
|
unkown
|
page readonly
|
||
|
2E2000
|
heap
|
page read and write
|
||
|
2EEC000
|
stack
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
510000
|
remote allocation
|
page read and write
|
||
|
234F000
|
stack
|
page read and write
|
||
|
20DB000
|
heap
|
page read and write
|
||
|
2B98000
|
heap
|
page read and write
|
||
|
23B000
|
heap
|
page read and write
|
||
|
327000
|
heap
|
page read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
21B6000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
223F000
|
stack
|
page read and write
|
||
|
12C000
|
stack
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
184000
|
heap
|
page read and write
|
||
|
7FEF9080000
|
unkown
|
page readonly
|
||
|
2105000
|
heap
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
374000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
1DE000
|
heap
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
2B83000
|
heap
|
page read and write
|
||
|
2B6000
|
heap
|
page read and write
|
||
|
227E000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
27B000
|
stack
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2B0000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
26C000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
498000
|
heap
|
page read and write
|
||
|
7FEF9010000
|
unkown
|
page readonly
|
||
|
2FA000
|
heap
|
page read and write
|
||
|
247D000
|
stack
|
page read and write
|
||
|
2276000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
7FEF9080000
|
unkown
|
page readonly
|
||
|
10000
|
heap
|
page read and write
|
||
|
24EF000
|
stack
|
page read and write
|
||
|
3C1000
|
heap
|
page read and write
|
||
|
4F0000
|
trusted library allocation
|
page read and write
|
||
|
249F000
|
stack
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
3F6000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
32D000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
210000
|
remote allocation
|
page read and write
|
||
|
510000
|
remote allocation
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
7FEF9081000
|
unkown
|
page execute read
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2E6000
|
heap
|
page read and write
|
||
|
87000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2C8000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
7FEF90ED000
|
unkown
|
page readonly
|
||
|
310000
|
remote allocation
|
page read and write
|
||
|
12C000
|
stack
|
page read and write
|
||
|
2277000
|
heap
|
page read and write
|
||
|
1E8000
|
heap
|
page read and write
|
||
|
7FEF9011000
|
unkown
|
page execute read
|
||
|
22F6000
|
heap
|
page read and write
|
||
|
2F3000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
7FEF90A2000
|
unkown
|
page readonly
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
1E7000
|
heap
|
page read and write
|
||
|
1F3000
|
heap
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
334000
|
heap
|
page read and write
|
||
|
359000
|
heap
|
page read and write
|
||
|
349000
|
heap
|
page read and write
|
||
|
7FEF9112000
|
unkown
|
page readonly
|
||
|
44A000
|
heap
|
page read and write
|
||
|
7FEF907A000
|
unkown
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
237000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
1F9B000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
30B8000
|
heap
|
page read and write
|
||
|
7FEF915A000
|
unkown
|
page readonly
|
||
|
2BEE000
|
heap
|
page read and write
|
||
|
201000
|
heap
|
page read and write
|
||
|
243000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
216000
|
heap
|
page read and write
|
||
|
2AE000
|
stack
|
page read and write
|
||
|
339000
|
heap
|
page read and write
|
||
|
22B000
|
stack
|
page read and write
|
||
|
3308000
|
heap
|
page read and write
|
||
|
300000
|
trusted library allocation
|
page read and write
|
||
|
257F000
|
stack
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
362000
|
heap
|
page read and write
|
||
|
1B6000
|
heap
|
page read and write
|
||
|
2D3E000
|
stack
|
page read and write
|
||
|
2D6000
|
heap
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
205E000
|
stack
|
page read and write
|
||
|
21EB000
|
heap
|
page read and write
|
||
|
2F6000
|
heap
|
page read and write
|
||
|
342000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
110000
|
heap
|
page read and write
|
||
|
2195000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
20C0000
|
heap
|
page read and write
|
||
|
2DE000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2B9C000
|
heap
|
page read and write
|
||
|
25CE000
|
stack
|
page read and write
|
||
|
226000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
30BC000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
3F7000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
77F000
|
stack
|
page read and write
|
||
|
7FEF915A000
|
unkown
|
page readonly
|
||
|
2A0C000
|
stack
|
page read and write
|
||
|
24DC000
|
stack
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
465000
|
heap
|
page read and write
|
||
|
330D000
|
heap
|
page read and write
|
||
|
114000
|
heap
|
page read and write
|
||
|
456000
|
heap
|
page read and write
|
||
|
2B81000
|
heap
|
page read and write
|
||
|
433000
|
heap
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
220D000
|
heap
|
page read and write
|
||
|
2C6000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
4F0000
|
direct allocation
|
page execute and read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
7FEF907A000
|
unkown
|
page readonly
|
||
|
7FEF9011000
|
unkown
|
page execute read
|
||
|
1E4000
|
heap
|
page read and write
|
||
|
744000
|
heap
|
page read and write
|
||
|
2075000
|
heap
|
page read and write
|
||
|
2C4000
|
heap
|
page read and write
|
||
|
43A000
|
heap
|
page read and write
|
||
|
2070000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
21BD000
|
heap
|
page read and write
|
||
|
296C000
|
stack
|
page read and write
|
||
|
414000
|
heap
|
page read and write
|
||
|
7FEF9157000
|
unkown
|
page read and write
|
||
|
3F0000
|
trusted library allocation
|
page read and write
|
||
|
20F6000
|
heap
|
page read and write
|
||
|
1E6000
|
heap
|
page read and write
|
||
|
141000
|
heap
|
page read and write
|
||
|
133000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2CFE000
|
heap
|
page read and write
|
||
|
7FEF90A2000
|
unkown
|
page readonly
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
313000
|
heap
|
page read and write
|
||
|
7FEF90E7000
|
unkown
|
page read and write
|
||
|
24E000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
4A2000
|
heap
|
page read and write
|
||
|
510000
|
trusted library allocation
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
500000
|
trusted library allocation
|
page read and write
|
||
|
23AF000
|
stack
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
24E000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
230000
|
heap
|
page read and write
|
||
|
7FEF90F1000
|
unkown
|
page execute read
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
170000
|
direct allocation
|
page execute and read and write
|
||
|
2BE1000
|
heap
|
page read and write
|
||
|
24DE000
|
stack
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1F30000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
2317000
|
heap
|
page read and write
|
||
|
37D000
|
heap
|
page read and write
|
||
|
1A0000
|
remote allocation
|
page read and write
|
||
|
2267000
|
heap
|
page read and write
|
||
|
30A1000
|
heap
|
page read and write
|
||
|
35E000
|
heap
|
page read and write
|
||
|
21FD000
|
heap
|
page read and write
|
||
|
7FEF9157000
|
unkown
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
261000
|
heap
|
page read and write
|
||
|
2166000
|
heap
|
page read and write
|
||
|
120000
|
heap
|
page read and write
|
||
|
42E000
|
heap
|
page read and write
|
||
|
7FEF907C000
|
unkown
|
page execute
|
||
|
1F3000
|
heap
|
page read and write
|
||
|
200000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
2D01000
|
heap
|
page read and write
|
||
|
7FEF915C000
|
unkown
|
page execute
|
||
|
136000
|
heap
|
page read and write
|
||
|
7FEF9080000
|
unkown
|
page readonly
|
||
|
7FEF90EA000
|
unkown
|
page readonly
|
||
|
116000
|
heap
|
page read and write
|
||
|
7FEF90EC000
|
unkown
|
page execute
|
||
|
1FD0000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
7FEF9010000
|
unkown
|
page readonly
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
255E000
|
stack
|
page read and write
|
||
|
359000
|
heap
|
page read and write
|
||
|
500000
|
remote allocation
|
page read and write
|
||
|
3F6000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2286000
|
heap
|
page read and write
|
||
|
24000
|
heap
|
page read and write
|
||
|
24CC000
|
stack
|
page read and write
|
||
|
3BB000
|
heap
|
page read and write
|
||
|
1F9000
|
heap
|
page read and write
|
||
|
310000
|
trusted library allocation
|
page read and write
|
||
|
644000
|
heap
|
page read and write
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
20FD000
|
heap
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
1F0000
|
direct allocation
|
page execute and read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
7FEF90F1000
|
unkown
|
page execute read
|
||
|
500000
|
remote allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
34D000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
207000
|
heap
|
page read and write
|
||
|
2206000
|
heap
|
page read and write
|
||
|
596000
|
heap
|
page read and write
|
||
|
2347000
|
heap
|
page read and write
|
||
|
3B8000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
7FEF9077000
|
unkown
|
page read and write
|
||
|
556000
|
heap
|
page read and write
|
||
|
20AB000
|
heap
|
page read and write
|
||
|
41E000
|
heap
|
page read and write
|
||
|
DA000
|
heap
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
18E000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
226E000
|
heap
|
page read and write
|
||
|
7FEF9081000
|
unkown
|
page execute read
|
||
|
11B000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
235000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
266D000
|
stack
|
page read and write
|
There are 620 hidden memdumps, click here to show them.