Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO No. 3200005919.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\382858288932396262502121.tmp
|
SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 3, database pages 22, 1st free
page 7, free pages 2, cookie 0x10, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\nssdbm3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94EA6FBC\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsh409.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
||
|
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Afskede\Hitherunto\Sale\Swedish.ini
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Airward.Sav
|
Java JCE KeyStore
|
dropped
|
||
|
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\Oncosis.syl
|
data
|
dropped
|
||
|
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\WMIMethod.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\qipcap.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\leprousness.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
There are 47 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PO No. 3200005919.exe
|
C:\Users\user\Desktop\PO No. 3200005919.exe
|
|
|
|
C:\Users\user\Desktop\PO No. 3200005919.exe
|
C:\Users\user\Desktop\PO No. 3200005919.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe" /c C:\Windows\system32\timeout.exe 3 & del "PO No. 3200005919.exe
|
|
|
|
C:\Windows\SysWOW64\timeout.exe
|
C:\Windows\system32\timeout.exe 3
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://dbxo2.shop/dbx2/index.php
|
104.21.2.6
|
|
|
|
http://montevivo.es/lPkFJXszrxOMoP0.hhp
|
86.109.170.4
|
||
|
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://dbxo2.shop/dbx2/index.php?
|
unknown
|
||
|
https://mozilla.org0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.mozilla.com0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dbxo2.shop
|
104.21.2.6
|
|
|
|
montevivo.es
|
86.109.170.4
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.2.6
|
dbxo2.shop
|
United States
|
|
|
|
86.109.170.4
|
montevivo.es
|
Spain
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{BD84B380-8CA2-1069-AB1D-08000948F534} {000214E6-0000-0000-C000-000000000046} 0xFFFF
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\b\52C64B7E
|
@fontext.dll,-8007
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1D8D0000
|
direct allocation
|
page read and write
|
|
|
|
1D92C000
|
direct allocation
|
page read and write
|
|
|
|
1D3C0000
|
direct allocation
|
page read and write
|
|
|
|
1DE20000
|
direct allocation
|
page read and write
|
|
|
|
4120000
|
direct allocation
|
page execute and read and write
|
|
|
|
1660000
|
remote allocation
|
page execute and read and write
|
|
|
|
1DCC8000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1CFAF000
|
stack
|
page read and write
|
||
|
8FC000
|
unkown
|
page write copy
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A3E000
|
stack
|
page read and write
|
||
|
1E604000
|
direct allocation
|
page read and write
|
||
|
181C000
|
heap
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
10020000
|
trusted library allocation
|
page read and write
|
||
|
1E670000
|
direct allocation
|
page read and write
|
||
|
1D420000
|
direct allocation
|
page read and write
|
||
|
3D10000
|
heap
|
page read and write
|
||
|
1DB7C000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1A40000
|
trusted library allocation
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1D3D0000
|
direct allocation
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1B71000
|
heap
|
page read and write
|
||
|
20000
|
unclassified section
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E63C000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E634000
|
direct allocation
|
page read and write
|
||
|
1E61C000
|
direct allocation
|
page read and write
|
||
|
1E812000
|
direct allocation
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
unclassified section
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1CF6E000
|
stack
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1803000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D460000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
3300000
|
trusted library allocation
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1D400000
|
direct allocation
|
page read and write
|
||
|
2540000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D9A8000
|
direct allocation
|
page read and write
|
||
|
299D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1D400000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
23BC000
|
heap
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
1E610000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1E800000
|
direct allocation
|
page read and write
|
||
|
1D440000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D920000
|
direct allocation
|
page read and write
|
||
|
2384000
|
heap
|
page read and write
|
||
|
1D3E0000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D3E0000
|
direct allocation
|
page read and write
|
||
|
1D3E0000
|
direct allocation
|
page read and write
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
1E6C0000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
1D490000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D1FE000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1E6B0000
|
direct allocation
|
page read and write
|
||
|
1C76000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
3910000
|
heap
|
page read and write
|
||
|
1D0AB000
|
stack
|
page read and write
|
||
|
1E6B4000
|
direct allocation
|
page read and write
|
||
|
23BC000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1AFF000
|
stack
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D450000
|
direct allocation
|
page read and write
|
||
|
1D490000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1E644000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
432000
|
unkown
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E638000
|
direct allocation
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
198000
|
stack
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1796000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1E620000
|
direct allocation
|
page read and write
|
||
|
1D420000
|
direct allocation
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
1803000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E664000
|
direct allocation
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
3830000
|
heap
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DD5C000
|
direct allocation
|
page read and write
|
||
|
1D924000
|
direct allocation
|
page read and write
|
||
|
1E5F8000
|
direct allocation
|
page read and write
|
||
|
1D3F0000
|
direct allocation
|
page read and write
|
||
|
1E6C0000
|
direct allocation
|
page read and write
|
||
|
3B10000
|
heap
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page read and write
|
||
|
1D918000
|
direct allocation
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E6FC000
|
stack
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1E270000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D400000
|
direct allocation
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
1768000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1D3E0000
|
direct allocation
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
4590000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1DC98000
|
direct allocation
|
page read and write
|
||
|
1844000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
1D460000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
1DCC4000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1D440000
|
direct allocation
|
page read and write
|
||
|
1D3D0000
|
direct allocation
|
page read and write
|
||
|
23B9000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1E658000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D6D0000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1D430000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DE20000
|
direct allocation
|
page read and write
|
||
|
17CA000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
17BE000
|
heap
|
page read and write
|
||
|
1D410000
|
direct allocation
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
1D430000
|
direct allocation
|
page read and write
|
||
|
1D3D0000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
23B9000
|
heap
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
1E614000
|
direct allocation
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
1E600000
|
direct allocation
|
page read and write
|
||
|
1CB70000
|
trusted library allocation
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
1D7D0000
|
direct allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1D28C000
|
stack
|
page read and write
|
||
|
1D460000
|
direct allocation
|
page read and write
|
||
|
5DC000
|
stack
|
page read and write
|
||
|
18DF000
|
stack
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
237F000
|
stack
|
page read and write
|
||
|
1E69C000
|
direct allocation
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
1E67C000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1D3C8000
|
direct allocation
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D440000
|
direct allocation
|
page read and write
|
||
|
1D3E0000
|
direct allocation
|
page read and write
|
||
|
1D918000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
1E80E000
|
direct allocation
|
page read and write
|
||
|
1C70000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
3860000
|
heap
|
page read and write
|
||
|
1E64C000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1794000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D12E000
|
stack
|
page read and write
|
||
|
191E000
|
stack
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1E5FC000
|
direct allocation
|
page read and write
|
||
|
1D928000
|
direct allocation
|
page read and write
|
||
|
23BC000
|
heap
|
page read and write
|
||
|
1D930000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
17A9000
|
heap
|
page read and write
|
||
|
1E630000
|
direct allocation
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
1B71000
|
heap
|
page read and write
|
||
|
17FE000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D980000
|
direct allocation
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
1D410000
|
direct allocation
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1D430000
|
direct allocation
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
1B70000
|
heap
|
page read and write
|
||
|
17E1000
|
heap
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1E6BC000
|
direct allocation
|
page read and write
|
||
|
1E6BC000
|
direct allocation
|
page read and write
|
||
|
1E640000
|
direct allocation
|
page read and write
|
||
|
34F0000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
2A70000
|
trusted library allocation
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
23B5000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1CFEE000
|
stack
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCC8000
|
direct allocation
|
page read and write
|
||
|
17D8000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D4A0000
|
direct allocation
|
page read and write
|
||
|
1E688000
|
direct allocation
|
page read and write
|
||
|
1D460000
|
direct allocation
|
page read and write
|
||
|
1D3F0000
|
direct allocation
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
4230000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D410000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D450000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D3D0000
|
direct allocation
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
1D4A0000
|
direct allocation
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
560000
|
unclassified section
|
page readonly
|
||
|
1D440000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
130000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1E648000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
227E000
|
stack
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
3D20000
|
trusted library allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D450000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D3D0000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1DCE8000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1B80000
|
heap
|
page read and write
|
||
|
3469000
|
trusted library allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
3740000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D3C8000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1DD58000
|
direct allocation
|
page read and write
|
||
|
1D450000
|
direct allocation
|
page read and write
|
||
|
3556000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E5F0000
|
direct allocation
|
page read and write
|
||
|
1D480000
|
direct allocation
|
page read and write
|
||
|
4231000
|
heap
|
page read and write
|
||
|
1D3D0000
|
direct allocation
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
1DA10000
|
direct allocation
|
page read and write
|
||
|
1D420000
|
direct allocation
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1E698000
|
direct allocation
|
page read and write
|
||
|
3670000
|
heap
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
17D4000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
3550000
|
heap
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D9D0000
|
direct allocation
|
page read and write
|
||
|
1E674000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
427000
|
unkown
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D16F000
|
stack
|
page read and write
|
||
|
6BB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
1D470000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1B71000
|
heap
|
page read and write
|
||
|
23BC000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D480000
|
direct allocation
|
page read and write
|
||
|
1B71000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1D3E8000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
23B8000
|
heap
|
page read and write
|
||
|
1D4D0000
|
direct allocation
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
23FE000
|
stack
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
4BE000
|
stack
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
1D06E000
|
stack
|
page read and write
|
||
|
17E5000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E5F4000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D3E0000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1D430000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D410000
|
direct allocation
|
page read and write
|
||
|
E0000
|
trusted library allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D37C000
|
stack
|
page read and write
|
||
|
1D480000
|
direct allocation
|
page read and write
|
||
|
1DCC0000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1E65C000
|
direct allocation
|
page read and write
|
||
|
1D4A0000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
23B9000
|
heap
|
page read and write
|
||
|
1D9D0000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1D490000
|
direct allocation
|
page read and write
|
||
|
1B71000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
4231000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D1BE000
|
stack
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
1E1A4000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
1D5D0000
|
direct allocation
|
page read and write
|
||
|
17FA000
|
heap
|
page read and write
|
||
|
3B20000
|
trusted library allocation
|
page read and write
|
||
|
1D3F0000
|
direct allocation
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
1D918000
|
direct allocation
|
page read and write
|
||
|
1E624000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D400000
|
direct allocation
|
page read and write
|
||
|
17FF000
|
heap
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1B71000
|
heap
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
1D420000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
3730000
|
heap
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1D3F0000
|
direct allocation
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1DCE4000
|
direct allocation
|
page read and write
|
||
|
1B71000
|
heap
|
page read and write
|
||
|
1E9A0000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
24FF000
|
stack
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E68C000
|
direct allocation
|
page read and write
|
||
|
17FC000
|
heap
|
page read and write
|
||
|
1D38B000
|
stack
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1E700000
|
direct allocation
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E654000
|
direct allocation
|
page read and write
|
||
|
80000
|
trusted library allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
45E000
|
unkown
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1DCC8000
|
direct allocation
|
page read and write
|
||
|
1DCC4000
|
direct allocation
|
page read and write
|
||
|
23BC000
|
heap
|
page read and write
|
||
|
1E618000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
35E0000
|
heap
|
page read and write
|
||
|
1D480000
|
direct allocation
|
page read and write
|
||
|
1CBB0000
|
trusted library allocation
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
3590000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1EB0D000
|
stack
|
page read and write
|
||
|
1DCBC000
|
direct allocation
|
page read and write
|
||
|
189E000
|
stack
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
10059000
|
trusted library allocation
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
1D91C000
|
direct allocation
|
page read and write
|
||
|
2380000
|
heap
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
1D3F0000
|
direct allocation
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
1801000
|
heap
|
page read and write
|
||
|
1DCB0000
|
direct allocation
|
page read and write
|
||
|
23B9000
|
heap
|
page read and write
|
||
|
34A0000
|
heap
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1D02F000
|
stack
|
page read and write
|
||
|
1D92C000
|
direct allocation
|
page read and write
|
||
|
1D3F0000
|
direct allocation
|
page read and write
|
||
|
1DCB8000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
20000
|
unclassified section
|
page readonly
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1ABE000
|
stack
|
page read and write
|
||
|
1E5E8000
|
direct allocation
|
page read and write
|
||
|
65B000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1E678000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1D410000
|
direct allocation
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
1E660000
|
direct allocation
|
page read and write
|
||
|
1D3C4000
|
direct allocation
|
page read and write
|
||
|
1DB58000
|
direct allocation
|
page read and write
|
||
|
289B000
|
trusted library allocation
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
6DF000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1DB40000
|
direct allocation
|
page read and write
|
||
|
1D3D0000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
||
|
1DCB4000
|
direct allocation
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
2B2F000
|
stack
|
page read and write
|
||
|
1925000
|
heap
|
page read and write
|
There are 627 hidden memdumps, click here to show them.