Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Swift Mesaj#U0131#09971.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\492576258725572177298999.tmp
|
SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 3, database pages 22, 1st free
page 7, free pages 2, cookie 0x10, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\nssdbm3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\E0F35830\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsjFA0C.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Bikes\Bombekrater210\Cykelhandlerne.Sme
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Castrate\memstat.c
|
C source, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Coasting102.For
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Novelizes\selection-end-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\libxml2-2.0.typelib
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
There are 46 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
|
|
|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe" /c C:\Windows\system32\timeout.exe 3 & del "Swift Mesaj#U0131#09971.exe
|
|
|
|
C:\Windows\SysWOW64\timeout.exe
|
C:\Windows\system32\timeout.exe 3
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://dbxo1.shop/db1/index.php
|
172.67.203.65
|
|
|
|
https://aapancart.com/
|
unknown
|
||
|
http://dbxo1.shop/db1/index.phpp
|
unknown
|
||
|
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
|
http://dbxo1.shop/db1/index.phpft
|
unknown
|
||
|
http://dbxo1.shop/db1/index.phpl
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://dbxo1.shop/
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.mozilla.com0
|
unknown
|
||
|
http://dbxo1.shop/nr
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://dbxo1.shop/db1/index.phpC
|
unknown
|
There are 3 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dbxo1.shop
|
172.67.203.65
|
|
|
|
aapancart.com
|
103.14.99.114
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.203.65
|
dbxo1.shop
|
United States
|
|
|
|
103.14.99.114
|
aapancart.com
|
Singapore
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fivefoldness\Endosseringerne\Fouragen
|
Arigue
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Fruticeta\Lavandin\Kingliest\Ernringsenhed
|
Legating
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1D9B8000
|
direct allocation
|
page read and write
|
|
|
|
2AF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1660000
|
remote allocation
|
page execute and read and write
|
|
|
|
5AB000
|
heap
|
page read and write
|
|
|
|
1D460000
|
direct allocation
|
page read and write
|
|
|
|
1D570000
|
direct allocation
|
page read and write
|
|
|
|
1D9BC000
|
direct allocation
|
page read and write
|
|
|
|
18BC000
|
heap
|
page read and write
|
||
|
1DD10000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D480000
|
direct allocation
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1D500000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
1E680000
|
direct allocation
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1D4E0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
179E000
|
stack
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
10020000
|
trusted library allocation
|
page read and write
|
||
|
242F000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD14000
|
direct allocation
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D1FD000
|
stack
|
page read and write
|
||
|
1D0AD000
|
stack
|
page read and write
|
||
|
1DD1C000
|
direct allocation
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
1D02F000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D570000
|
direct allocation
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1CFEE000
|
stack
|
page read and write
|
||
|
1E66C000
|
direct allocation
|
page read and write
|
||
|
1DAEC000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1CA31000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD10000
|
direct allocation
|
page read and write
|
||
|
45C000
|
unkown
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1E6E4000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1E694000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD10000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D990000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DA70000
|
direct allocation
|
page read and write
|
||
|
1DA80000
|
direct allocation
|
page read and write
|
||
|
186C000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1CA30000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
185A000
|
heap
|
page read and write
|
||
|
1E658000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1D29E000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4F0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4A0000
|
direct allocation
|
page read and write
|
||
|
1CA31000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1E70C000
|
direct allocation
|
page read and write
|
||
|
17F8000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4C0000
|
direct allocation
|
page read and write
|
||
|
1D4D0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
473000
|
unkown
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DCE8000
|
direct allocation
|
page read and write
|
||
|
183A000
|
heap
|
page read and write
|
||
|
1D970000
|
direct allocation
|
page read and write
|
||
|
1E6B4000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
2C51000
|
heap
|
page read and write
|
||
|
1D480000
|
direct allocation
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D540000
|
direct allocation
|
page read and write
|
||
|
1A6F000
|
stack
|
page read and write
|
||
|
1DD28000
|
direct allocation
|
page read and write
|
||
|
1D540000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1E90E000
|
direct allocation
|
page read and write
|
||
|
18BC000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
178000
|
direct allocation
|
page read and write
|
||
|
18C4000
|
heap
|
page read and write
|
||
|
1D4D0000
|
direct allocation
|
page read and write
|
||
|
186C000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
20000
|
unclassified section
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
186C000
|
heap
|
page read and write
|
||
|
1E824000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
1D47C000
|
direct allocation
|
page read and write
|
||
|
1D530000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DA70000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D474000
|
direct allocation
|
page read and write
|
||
|
1E6F4000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1DD5C000
|
direct allocation
|
page read and write
|
||
|
1DA80000
|
direct allocation
|
page read and write
|
||
|
1B2F000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D510000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D49C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
60000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E6A8000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
1D12E000
|
stack
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1D530000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D670000
|
direct allocation
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D490000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
1D41C000
|
stack
|
page read and write
|
||
|
1D870000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
4530000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
1D520000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
51E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D500000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D9B8000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4B0000
|
direct allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E6D8000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D4E0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
18AF000
|
heap
|
page read and write
|
||
|
18C2000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E700000
|
direct allocation
|
page read and write
|
||
|
2464000
|
heap
|
page read and write
|
||
|
18CA000
|
heap
|
page read and write
|
||
|
5EF000
|
stack
|
page read and write
|
||
|
186C000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DA9C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E710000
|
direct allocation
|
page read and write
|
||
|
178000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E65C000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1E6CC000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D978000
|
direct allocation
|
page read and write
|
||
|
1A70000
|
trusted library allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D06E000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E670000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1871000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1D260000
|
remote allocation
|
page read and write
|
||
|
1D480000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
83F000
|
stack
|
page read and write
|
||
|
18C6000
|
heap
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D510000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D16F000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E83C000
|
direct allocation
|
page read and write
|
||
|
1DD14000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
9E0000
|
trusted library allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
43F000
|
unkown
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
A0000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4C0000
|
direct allocation
|
page read and write
|
||
|
43C000
|
unkown
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E710000
|
direct allocation
|
page read and write
|
||
|
2460000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1CA31000
|
heap
|
page read and write
|
||
|
1DD18000
|
direct allocation
|
page read and write
|
||
|
1DB7C000
|
direct allocation
|
page read and write
|
||
|
1E6B0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DB14000
|
direct allocation
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
1E74C000
|
stack
|
page read and write
|
||
|
2C51000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
F0000
|
trusted library allocation
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD10000
|
direct allocation
|
page read and write
|
||
|
186A000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4C8000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1D468000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1CBB0000
|
trusted library allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
17F0000
|
heap
|
page read and write
|
||
|
1875000
|
heap
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4F0000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
18F6000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E6A4000
|
direct allocation
|
page read and write
|
||
|
1DCC4000
|
direct allocation
|
page read and write
|
||
|
1EB00000
|
trusted library allocation
|
page read and write
|
||
|
1D4A0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D260000
|
remote allocation
|
page read and write
|
||
|
520000
|
trusted library allocation
|
page read and write
|
||
|
1DDC0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D530000
|
direct allocation
|
page read and write
|
||
|
1DE90000
|
direct allocation
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D1BD000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1E70C000
|
direct allocation
|
page read and write
|
||
|
52C000
|
stack
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4B0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
1E6B8000
|
direct allocation
|
page read and write
|
||
|
1D4B0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1D498000
|
direct allocation
|
page read and write
|
||
|
1E698000
|
direct allocation
|
page read and write
|
||
|
1E6D0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E660000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD20000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E674000
|
direct allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D570000
|
direct allocation
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
560000
|
unclassified section
|
page readonly
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DA70000
|
direct allocation
|
page read and write
|
||
|
1E900000
|
direct allocation
|
page read and write
|
||
|
22CE000
|
stack
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E704000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1914000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
1E6A0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E830000
|
direct allocation
|
page read and write
|
||
|
2B68000
|
heap
|
page read and write
|
||
|
1D520000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E654000
|
direct allocation
|
page read and write
|
||
|
1E68C000
|
direct allocation
|
page read and write
|
||
|
1D260000
|
remote allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4E0000
|
direct allocation
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD24000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D540000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D540000
|
direct allocation
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E678000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
1D770000
|
direct allocation
|
page read and write
|
||
|
3359000
|
trusted library allocation
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1DDA8000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD10000
|
direct allocation
|
page read and write
|
||
|
1865000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D47C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
1825000
|
heap
|
page read and write
|
||
|
1D520000
|
direct allocation
|
page read and write
|
||
|
1D490000
|
direct allocation
|
page read and write
|
||
|
470000
|
unclassified section
|
page readonly
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D478000
|
direct allocation
|
page read and write
|
||
|
1D4C0000
|
direct allocation
|
page read and write
|
||
|
1D2DF000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1E6C0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
17C000
|
direct allocation
|
page read and write
|
||
|
1EB28000
|
trusted library allocation
|
page read and write
|
||
|
1CF6E000
|
stack
|
page read and write
|
||
|
1E64C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD1C000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
10059000
|
trusted library allocation
|
page read and write
|
||
|
1D520000
|
direct allocation
|
page read and write
|
||
|
18BC000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
18B4000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD58000
|
direct allocation
|
page read and write
|
||
|
1D500000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4D0000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
18AD000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1CA31000
|
heap
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1A2E000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DA90000
|
direct allocation
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E67C000
|
direct allocation
|
page read and write
|
||
|
1D500000
|
direct allocation
|
page read and write
|
||
|
1D490000
|
direct allocation
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1E6E8000
|
direct allocation
|
page read and write
|
||
|
1D480000
|
direct allocation
|
page read and write
|
||
|
1E6D4000
|
direct allocation
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD10000
|
direct allocation
|
page read and write
|
||
|
1E6F8000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E800000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E912000
|
direct allocation
|
page read and write
|
||
|
4EC000
|
stack
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D530000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
1D490000
|
direct allocation
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
1DD18000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1EAFD000
|
stack
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
1DD10000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1EB01000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
99E000
|
stack
|
page read and write
|
||
|
20000
|
unclassified section
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1AEE000
|
stack
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D510000
|
direct allocation
|
page read and write
|
||
|
2325000
|
heap
|
page read and write
|
||
|
1E664000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
18BC000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DCAC000
|
direct allocation
|
page read and write
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D32C000
|
stack
|
page read and write
|
||
|
1D4A0000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1E840000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E6BC000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4C0000
|
direct allocation
|
page read and write
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4D0000
|
direct allocation
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D42B000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D47C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1DD08000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
1D474000
|
direct allocation
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1CB70000
|
trusted library allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
1910000
|
heap
|
page read and write
|
||
|
1E2C0000
|
direct allocation
|
page read and write
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D474000
|
direct allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1D4B0000
|
direct allocation
|
page read and write
|
||
|
1D490000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1868000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
1E650000
|
direct allocation
|
page read and write
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1875000
|
heap
|
page read and write
|
||
|
1DA8C000
|
direct allocation
|
page read and write
|
||
|
1D4A0000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1DD04000
|
direct allocation
|
page read and write
|
||
|
1D4E0000
|
direct allocation
|
page read and write
|
||
|
228E000
|
stack
|
page read and write
|
||
|
1DD00000
|
direct allocation
|
page read and write
|
||
|
186C000
|
heap
|
page read and write
|
||
|
1CFAF000
|
stack
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D510000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
1DD28000
|
direct allocation
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
1E69C000
|
direct allocation
|
page read and write
|
||
|
1E2C0000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1E208000
|
direct allocation
|
page read and write
|
||
|
1DD0C000
|
direct allocation
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1E690000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4F0000
|
direct allocation
|
page read and write
|
||
|
18BD000
|
heap
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
992000
|
unkown
|
page write copy
|
||
|
1D464000
|
direct allocation
|
page read and write
|
||
|
1915000
|
heap
|
page read and write
|
||
|
1914000
|
heap
|
page read and write
|
||
|
1D4F0000
|
direct allocation
|
page read and write
|
||
|
1D4E0000
|
direct allocation
|
page read and write
|
There are 742 hidden memdumps, click here to show them.