Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
5GPueTFF2S.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\75873290272674793137.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\cred64[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\nppshell[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\39866407027900499026559352
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie
0x3d, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\42740063057692746811967690
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie
0x19, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\ProgramData\45707745472676257340529648
|
SQLite 3.x database, last written using SQLite version 3038005, file counter 4, database pages 36, 1st free page 10, free
pages 1, cookie 0x29, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\ProgramData\66974910856148417682877849
|
SQLite 3.x database, last written using SQLite version 3038005, file counter 10, database pages 7, 1st free page 5, free pages
2, cookie 0x13, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
|
C:\ProgramData\70342673400662660148807453
|
SQLite 3.x database, last written using SQLite version 3038005, file counter 4, database pages 36, 1st free page 10, free
pages 1, cookie 0x29, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\ProgramData\73647430720841230611985631
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie
0x3d, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\853321935212
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024,
components 3
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with no line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\5GPueTFF2S.exe
|
C:\Users\user\Desktop\5GPueTFF2S.exe
|
|
|
|
C:\ProgramData\75873290272674793137.exe
|
"C:\ProgramData\75873290272674793137.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "C:\Users\user\Desktop\5GPueTFF2S.exe" & exit
|
|
|
|
C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
|
"C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe"
/F
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k echo Y|CACLS "gntuud.exe" /P "user:N"&&CACLS "gntuud.exe" /P "user:R" /E&&echo Y|CACLS "..\03bd543fce"
/P "user:N"&&CACLS "..\03bd543fce" /P "user:R" /E&&Exit
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" echo Y"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" echo Y"
|
|
|
|
C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
|
C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll, Main
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\timeout.exe
|
timeout /t 6
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cacls.exe
|
CACLS "gntuud.exe" /P "user:N"
|
||
|
C:\Windows\SysWOW64\cacls.exe
|
CACLS "gntuud.exe" /P "user:R" /E
|
||
|
C:\Windows\SysWOW64\cacls.exe
|
CACLS "..\03bd543fce" /P "user:N"
|
||
|
C:\Windows\SysWOW64\cacls.exe
|
CACLS "..\03bd543fce" /P "user:R" /E
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
85.209.135.109/jg94cVd30f/index.php
|
|
||
|
http://135.181.10.220:8
|
unknown
|
|
|
|
http://135.181.10.220:80
|
|
||
|
http://135.181.10.220/1760
|
unknown
|
||
|
http://mikub7zdt5qfxou902vyke64v30mcoy.lnrmxftsk2pynk6vwbpg5s/
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://135ple-wells-2022.net/yzoyoebw6fqrey/nppshell.exe
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://135.181.10.220:80/update.zip
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://135.181.10.220:801760
|
unknown
|
||
|
http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exe
|
unknown
|
||
|
https://search.yahoo.com?fr=crmas_sfpf
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
|
unknown
|
||
|
https://t.me/vmt001
|
|||
|
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
|
unknown
|
||
|
http://135.181.10.220:80https://t.me/vmt001hello2092;open_open
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://search.yahoo.com?fr=crmas_sfp
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
http://135.181.10.220/update.zip
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://135.181.10.220:80/update.zipb1ef1c57276c118008692-d06ed635-68f6-4e9a-955c-90ce-806e6f6e6963
|
unknown
|
||
|
http://mIkUB7ZDt5qfxou902VyKe64v30McOy.LnrmXFtSK2Pynk6VWBPG5Sf1w0AavRp1BVjmQQUkh2vmJkxEZO5UQQZNHAms9
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exerO
|
unknown
|
||
|
http://135.181.10.220/1760jf.
|
unknown
|
||
|
http://135.181.10.220/
|
unknown
|
There are 21 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
135.181.10.220
|
unknown
|
Germany
|
|
|
|
85.209.135.109
|
unknown
|
Germany
|
|
|
|
192.168.2.4
|
unknown
|
unknown
|
|
|
|
8.8.8.8
|
unknown
|
United States
|
||
|
88.119.169.157
|
unknown
|
Lithuania
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
|
Startup
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1165000
|
heap
|
page read and write
|
|
|
|
A1000
|
unkown
|
page execute read
|
|
|
|
A31000
|
heap
|
page read and write
|
|
|
|
F71000
|
unkown
|
page execute read
|
|
|
|
A31000
|
heap
|
page read and write
|
|
|
|
B0A5000
|
trusted library allocation
|
page readonly
|
|
|
|
B070000
|
trusted library allocation
|
page read and write
|
|
|
|
2E11000
|
heap
|
page read and write
|
||
|
C4C0000
|
trusted library allocation
|
page read and write
|
||
|
13BA000
|
heap
|
page read and write
|
||
|
47F000
|
stack
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
8DBA000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
4CF8000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
9B56000
|
trusted library allocation
|
page read and write
|
||
|
4CF2000
|
trusted library allocation
|
page read and write
|
||
|
3D1A000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
3A9C000
|
stack
|
page read and write
|
||
|
4640000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
13DA000
|
heap
|
page read and write
|
||
|
8D67000
|
trusted library allocation
|
page read and write
|
||
|
4BD000
|
unkown
|
page execute read
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1184000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1568B340000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
4090000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
4CFA000
|
trusted library allocation
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
28CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
8DF9000
|
trusted library allocation
|
page read and write
|
||
|
6EF000
|
stack
|
page read and write
|
||
|
9E6000
|
heap
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
8DE6000
|
trusted library allocation
|
page read and write
|
||
|
409A000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
587000
|
stack
|
page read and write
|
||
|
4BD000
|
unkown
|
page execute read
|
||
|
654000
|
heap
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
434327F000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
AD000
|
stack
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
7AF000
|
stack
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
9FF000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
F9F000
|
unkown
|
page readonly
|
||
|
1AC000
|
stack
|
page read and write
|
||
|
AB6F000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
8ED1000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
3587000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
8E6A000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1216000
|
unkown
|
page readonly
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
149F000
|
stack
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1568B630000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
DE000
|
unkown
|
page execute read
|
||
|
A371000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
4CF3000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
510000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
1568B53E000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1568B552000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
4CF1000
|
trusted library allocation
|
page read and write
|
||
|
282A000
|
heap
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
963C000
|
stack
|
page read and write
|
||
|
1184000
|
heap
|
page read and write
|
||
|
371F000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
9540000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
6097D000
|
direct allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
45E0000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
351F000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
8DB7000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
6096E000
|
direct allocation
|
page read and write
|
||
|
1568B350000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2CB1000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1568B679000
|
heap
|
page read and write
|
||
|
4CFF000
|
trusted library allocation
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
381F000
|
stack
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
B0C0000
|
trusted library allocation
|
page read and write
|
||
|
434317E000
|
stack
|
page read and write
|
||
|
130A000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1568C3F0000
|
trusted library allocation
|
page read and write
|
||
|
3BF0000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
60900000
|
direct allocation
|
page execute and read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1568B620000
|
trusted library allocation
|
page read and write
|
||
|
AA2F000
|
stack
|
page read and write
|
||
|
E2A000
|
stack
|
page read and write
|
||
|
8CD0000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
BB5000
|
unkown
|
page readonly
|
||
|
8DE0000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
8E6A000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
69E000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
FAE000
|
unkown
|
page execute read
|
||
|
A371000
|
heap
|
page read and write
|
||
|
FFE000
|
unkown
|
page readonly
|
||
|
A381000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
4CFB000
|
trusted library allocation
|
page read and write
|
||
|
464A000
|
heap
|
page read and write
|
||
|
4BD000
|
unkown
|
page execute read
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
1568B480000
|
heap
|
page read and write
|
||
|
953C000
|
stack
|
page read and write
|
||
|
8DA3000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1568C450000
|
trusted library allocation
|
page read and write
|
||
|
579F000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1568B537000
|
heap
|
page read and write
|
||
|
60901000
|
direct allocation
|
page execute read
|
||
|
335D000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1568B670000
|
heap
|
page read and write
|
||
|
D9000
|
unkown
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
ABAE000
|
stack
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
FDB000
|
unkown
|
page execute read
|
||
|
A14E000
|
stack
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
8EEB000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
4CF2000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
141A000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
CCC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
9500000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
3B9A000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
FFE000
|
unkown
|
page readonly
|
||
|
DB2000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
B0CA000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
CAD000
|
stack
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
24959000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
F4C000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
82F000
|
stack
|
page read and write
|
||
|
8DA3000
|
trusted library allocation
|
page read and write
|
||
|
1568B53E000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
3324000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
4AA000
|
stack
|
page read and write
|
||
|
87E000
|
stack
|
page read and write
|
||
|
63D000
|
stack
|
page read and write
|
||
|
8ED0000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
395F000
|
stack
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
14C000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
399E000
|
stack
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
8DE6000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
4CF9000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
trusted library allocation
|
page read and write
|
||
|
8DA6000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
8DF9000
|
trusted library allocation
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
B070000
|
trusted library allocation
|
page read and write
|
||
|
8D9B000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
12A7000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
8DEC000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
8DA6000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
3BD0000
|
heap
|
page read and write
|
||
|
A92F000
|
stack
|
page read and write
|
||
|
8E6C000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
8D49000
|
trusted library allocation
|
page read and write
|
||
|
8D4D000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
10B000
|
unkown
|
page execute read
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page execute and read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A7B0000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page execute read
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
B0B4000
|
trusted library allocation
|
page read and write
|
||
|
4CF4000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
8C22000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page execute read
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
BB5000
|
unkown
|
page readonly
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
DB1000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
2826000
|
heap
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
567000
|
heap
|
page read and write
|
||
|
AEB0000
|
heap
|
page read and write
|
||
|
B00A000
|
stack
|
page read and write
|
||
|
16D000
|
stack
|
page read and write
|
||
|
3B9A000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
B071000
|
trusted library allocation
|
page execute read
|
||
|
469A000
|
heap
|
page read and write
|
||
|
8DB7000
|
trusted library allocation
|
page read and write
|
||
|
4BD000
|
unkown
|
page execute read
|
||
|
887000
|
heap
|
page read and write
|
||
|
67C000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
361F000
|
stack
|
page read and write
|
||
|
FA9000
|
unkown
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
CF000
|
unkown
|
page readonly
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
4CFD000
|
trusted library allocation
|
page read and write
|
||
|
8EE8000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
1568B680000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
1568B610000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
3B90000
|
heap
|
page read and write
|
||
|
8D63000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
8EE8000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2F01000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
32FA000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
AEAA000
|
stack
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
43431F9000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
8CF7000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1E0000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
8EE0000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
8DF0000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
8EE1000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
4F9000
|
stack
|
page read and write
|
||
|
59D0000
|
direct allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1216000
|
unkown
|
page readonly
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
138D000
|
unkown
|
page execute read
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
2CB1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A0000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
4CF3000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
8DEC000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
DB1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
ADAD000
|
stack
|
page read and write
|
||
|
8DD0000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
EC000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
3BFA000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
59C5000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
331D000
|
stack
|
page read and write
|
||
|
4CFF000
|
trusted library allocation
|
page read and write
|
||
|
A23000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
882000
|
heap
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
1568B55D000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1568C3E0000
|
heap
|
page readonly
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2BBB000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
654000
|
heap
|
page read and write
|
||
|
107A000
|
heap
|
page read and write
|
||
|
DB2000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
8DF0000
|
trusted library allocation
|
page read and write
|
||
|
1AC000
|
stack
|
page read and write
|
||
|
4342C8B000
|
stack
|
page read and write
|
||
|
6097A000
|
direct allocation
|
page read and write
|
||
|
3447000
|
heap
|
page read and write
|
||
|
A24C000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1A85000
|
unkown
|
page readonly
|
||
|
8D63000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
BB5000
|
unkown
|
page readonly
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
9E9000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
385E000
|
stack
|
page read and write
|
||
|
2CC0000
|
unclassified section
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
5AC000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
4CFF000
|
trusted library allocation
|
page read and write
|
||
|
A370000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1568B675000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
138D000
|
unkown
|
page execute read
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4BD000
|
unkown
|
page execute read
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
4CF5000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
1A85000
|
unkown
|
page readonly
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
B020000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
4343079000
|
stack
|
page read and write
|
||
|
AA6E000
|
stack
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2A64000
|
heap
|
page read and write
|
||
|
1568B4A0000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1568C1C0000
|
trusted library allocation
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
12CA000
|
heap
|
page read and write
|
||
|
1CF000
|
stack
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
954A000
|
heap
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
1568B4F0000
|
heap
|
page read and write
|
||
|
3313000
|
heap
|
page read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
1568C400000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
8DB8000
|
trusted library allocation
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
18E000
|
stack
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
8E92000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
50F000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
8D9B000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
8F0000
|
trusted library allocation
|
page read and write
|
||
|
DEC000
|
stack
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
8E30000
|
trusted library allocation
|
page read and write
|
||
|
4690000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
8CDD000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
40000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
6096F000
|
direct allocation
|
page readonly
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5940000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
72E000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
92D0000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
8DE0000
|
trusted library allocation
|
page read and write
|
||
|
487000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
655000
|
heap
|
page read and write
|
||
|
ACAF000
|
stack
|
page read and write
|
||
|
1568B53F000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
F8C000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
138A000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
B030000
|
trusted library allocation
|
page read and write
|
||
|
B060000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
3B90000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
4CF7000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
3D10000
|
heap
|
page read and write
|
||
|
DAC000
|
stack
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
60980000
|
direct allocation
|
page readonly
|
||
|
A371000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
82A000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
FD5000
|
unkown
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
6097B000
|
direct allocation
|
page readonly
|
||
|
A371000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
43430F9000
|
stack
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
46E6000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
10D000
|
stack
|
page read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
AF0D000
|
stack
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
105000
|
unkown
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
A23000
|
heap
|
page read and write
|
||
|
45EA000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1568C3D0000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
830000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
57A1000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page write copy
|
||
|
A371000
|
heap
|
page read and write
|
||
|
3BDA000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
A371000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
There are 949 hidden memdumps, click here to show them.