Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
pdf_novichki.rar
|
RAR archive data, v5
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_pdf4ik.scr_d3ed75eaedbf1e5597eeca0ea8836d4192ee030_201b8dc8_79653cc3-7dca-4c64-8ba1-b09584582b02\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\Desktop\pdf_novichki\pdf\pdf4ik.scr
|
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7C94.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat Mar 18 20:39:16 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER839A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER83F9.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_13929_20386-20230318T2137210340-1708.etl
|
data
|
modified
|
||
|
C:\Users\user\Desktop\pdf_novichki\pdf\ne trogaite.txt
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.0, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: PuTTY release 0.78 installer, Author: Simon Tatham, Keywords: Installer, Comments: This installer database
contains the logic and data required to install PuTTY release 0.78 (64-bit)., Template: x64;1033, Revision Number: {F5BABDF1-815A-4F73-82E1-B79790A1551E},
Create Time/Date: Fri Oct 28 19:24:49 2022, Last Saved Time/Date: Fri Oct 28 19:24:49 2022, Number of Pages: 200, Number of
Words: 2, Number of Characters: 0, Name of Creating Application: Windows Installer XML Toolset (), Security: 2
|
dropped
|
||
|
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\7-Zip\7zG.exe
|
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\user\Desktop\pdf_novichki\" -spe -an -ai#7zMap2692:86:7zEvent4577
|
|
|
|
C:\Users\user\Desktop\pdf_novichki\pdf\pdf4ik.scr
|
"C:\Users\user\Desktop\pdf_novichki\pdf\pdf4ik.scr" /S
|
|
|
|
C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
|
"C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE" /PIM NoEmail
|
||
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6916 -s 1968
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://t.me/:
|
unknown
|
||
|
http://116.203.13.130/
|
116.203.13.130
|
||
|
https://t.me/X
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199486572327http://135.181.87.234:80update.zip;open_open
|
unknown
|
||
|
https://t.me/zaskullz
|
149.154.167.99
|
||
|
http://116.203.13.130/edit.zip:D
|
unknown
|
||
|
http://116.203.13.130/edit.zipvqD
|
unknown
|
||
|
https://web.telegram.org
|
unknown
|
||
|
http://116.203.13.130/edit.zipcac5b60b5e28992247664-7ff3f708-074b-4ff4-b2c5-87e7-806e6f6e6963
|
unknown
|
||
|
http://116.203.13.130
|
unknown
|
||
|
http://116.203.13.130/oI
|
unknown
|
||
|
http://116.203.13.130/edit.zipx
|
unknown
|
||
|
http://116.203.13.130/edit.zip
|
116.203.13.130
|
||
|
http://116.203.13.130/edit.zip9
|
unknown
|
||
|
http://135.181.87.234:80
|
unknown
|
||
|
http://www.autoitscript.com/autoit3
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199486572327
|
|||
|
https://support.mozilla.org
|
unknown
|
||
|
https://t.me/zaskullzfunkstaredit.zipMozilla/5.0
|
unknown
|
||
|
http://116.203.13.130z
|
unknown
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
t.me
|
149.154.167.99
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
116.203.13.130
|
unknown
|
Germany
|
||
|
20.224.151.203
|
unknown
|
United States
|
||
|
192.229.221.95
|
unknown
|
United States
|
||
|
52.109.88.191
|
unknown
|
United States
|
||
|
149.154.167.99
|
t.me
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\Settings\Data
|
global_Accessibility_ReminderType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9207f3e0a3b11019908b08002b2a56c2
|
11023d05
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{AA8FA310-0939-4CE3-B9BB-AE05B2695110}
|
5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{AA8FA310-0939-4CE3-B9BB-AE05B2695110}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{691E1C12-2693-4D4A-852C-7478657BBE6E}
|
255
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{691E1C12-2693-4D4A-852C-7478657BBE6E}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{287BF315-5A11-4B2F-B069-B761ADE25A49}
|
4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{287BF315-5A11-4B2F-B069-B761ADE25A49}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{6B6B571B-F4E3-4FBB-A83F-0790D11D19AB}
|
255
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{6B6B571B-F4E3-4FBB-A83F-0790D11D19AB}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{284B8D30-4AA6-4A0F-9143-CE2E8E1F10F0}
|
255
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{284B8D30-4AA6-4A0F-9143-CE2E8E1F10F0}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{F762CE39-AC6C-4E1C-B55F-0E11586E6D07}
|
5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{F762CE39-AC6C-4E1C-B55F-0E11586E6D07}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02CAC15F-D4BE-400E-9127-D54982AA4AE9}
|
5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02CAC15F-D4BE-400E-9127-D54982AA4AE9}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{11ADBD74-7DF2-4E8E-802B-B3BCBFD04A78}
|
5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{11ADBD74-7DF2-4E8E-802B-B3BCBFD04A78}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02FD33DF-F746-4A10-93A0-2BC6273BC8E4}
|
4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02FD33DF-F746-4A10-93A0-2BC6273BC8E4}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{13967EE5-6B23-4BCD-A496-1D788449A8CF}
|
4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{13967EE5-6B23-4BCD-A496-1D788449A8CF}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ULSMonitor
|
ULSTagIds0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ULSMonitor
|
ULSCategoriesSeverities
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{AA8FA310-0939-4CE3-B9BB-AE05B2695110}
|
5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{AA8FA310-0939-4CE3-B9BB-AE05B2695110}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{691E1C12-2693-4D4A-852C-7478657BBE6E}
|
255
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{691E1C12-2693-4D4A-852C-7478657BBE6E}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{287BF315-5A11-4B2F-B069-B761ADE25A49}
|
4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{287BF315-5A11-4B2F-B069-B761ADE25A49}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{6B6B571B-F4E3-4FBB-A83F-0790D11D19AB}
|
255
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{6B6B571B-F4E3-4FBB-A83F-0790D11D19AB}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{284B8D30-4AA6-4A0F-9143-CE2E8E1F10F0}
|
255
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{284B8D30-4AA6-4A0F-9143-CE2E8E1F10F0}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{F762CE39-AC6C-4E1C-B55F-0E11586E6D07}
|
5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{F762CE39-AC6C-4E1C-B55F-0E11586E6D07}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02CAC15F-D4BE-400E-9127-D54982AA4AE9}
|
5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02CAC15F-D4BE-400E-9127-D54982AA4AE9}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{11ADBD74-7DF2-4E8E-802B-B3BCBFD04A78}
|
5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{11ADBD74-7DF2-4E8E-802B-B3BCBFD04A78}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02FD33DF-F746-4A10-93A0-2BC6273BC8E4}
|
4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02FD33DF-F746-4A10-93A0-2BC6273BC8E4}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{13967EE5-6B23-4BCD-A496-1D788449A8CF}
|
4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{13967EE5-6B23-4BCD-A496-1D788449A8CF}
|
Categories
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ULSMonitor
|
ULSTagIds0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ULSMonitor
|
ULSCategoriesSeverities
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\Settings
|
Accounts
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\Settings\Data
|
global_AccountsNeedResyncing
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C003C10B7DF4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
There are 56 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
29ADC000
|
heap
|
page read and write
|
|
|
|
29D80000
|
direct allocation
|
page execute and read and write
|
|
|
|
1C665352000
|
heap
|
page read and write
|
||
|
2C74D0E9000
|
heap
|
page read and write
|
||
|
2C74B345000
|
heap
|
page read and write
|
||
|
2C74D12C000
|
heap
|
page read and write
|
||
|
2378E7A0000
|
heap
|
page read and write
|
||
|
2C74D204000
|
heap
|
page read and write
|
||
|
2C74D11E000
|
heap
|
page read and write
|
||
|
29B36000
|
heap
|
page read and write
|
||
|
2C74D11E000
|
heap
|
page read and write
|
||
|
1BB25A4A000
|
heap
|
page read and write
|
||
|
56916FF000
|
stack
|
page read and write
|
||
|
2C74D26B000
|
heap
|
page read and write
|
||
|
1BB259E0000
|
heap
|
page read and write
|
||
|
2378E901000
|
heap
|
page read and write
|
||
|
2C74D120000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2378DDCA000
|
heap
|
page read and write
|
||
|
24831602000
|
trusted library allocation
|
page read and write
|
||
|
2378DDC1000
|
heap
|
page read and write
|
||
|
2378DDBF000
|
heap
|
page read and write
|
||
|
2C74D2A8000
|
heap
|
page read and write
|
||
|
2C74B37E000
|
heap
|
page read and write
|
||
|
B13AB7F000
|
stack
|
page read and write
|
||
|
2A0E67DB000
|
heap
|
page read and write
|
||
|
2C74B30E000
|
heap
|
page read and write
|
||
|
2C74D262000
|
heap
|
page read and write
|
||
|
2C74D271000
|
heap
|
page read and write
|
||
|
2378DDC4000
|
heap
|
page read and write
|
||
|
864EDF7000
|
stack
|
page read and write
|
||
|
2C74D24E000
|
heap
|
page read and write
|
||
|
2B3A87E000
|
stack
|
page read and write
|
||
|
5691C7E000
|
stack
|
page read and write
|
||
|
1BB25F15000
|
heap
|
page read and write
|
||
|
2C74D10E000
|
heap
|
page read and write
|
||
|
2378DD6D000
|
heap
|
page read and write
|
||
|
1EC92438000
|
heap
|
page read and write
|
||
|
56919FE000
|
stack
|
page read and write
|
||
|
2378DDCD000
|
heap
|
page read and write
|
||
|
293EC15A000
|
heap
|
page read and write
|
||
|
2C74D11D000
|
heap
|
page read and write
|
||
|
2482FA2B000
|
heap
|
page read and write
|
||
|
2482FA00000
|
heap
|
page read and write
|
||
|
2378DD2F000
|
heap
|
page read and write
|
||
|
B55000
|
unkown
|
page write copy
|
||
|
2378DD8B000
|
heap
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
2C74D136000
|
heap
|
page read and write
|
||
|
1E210C49000
|
heap
|
page read and write
|
||
|
2C74D27E000
|
heap
|
page read and write
|
||
|
2C74D2BF000
|
heap
|
page read and write
|
||
|
1BB25A00000
|
unkown
|
page read and write
|
||
|
2C74D1FE000
|
heap
|
page read and write
|
||
|
2378DDF6000
|
heap
|
page read and write
|
||
|
2881D62B000
|
heap
|
page read and write
|
||
|
2C74D13A000
|
heap
|
page read and write
|
||
|
1E210C7E000
|
heap
|
page read and write
|
||
|
2C74D273000
|
heap
|
page read and write
|
||
|
2378DDB3000
|
heap
|
page read and write
|
||
|
160E000
|
heap
|
page read and write
|
||
|
1EC92C15000
|
heap
|
page read and write
|
||
|
2378DD85000
|
heap
|
page read and write
|
||
|
2C74D128000
|
heap
|
page read and write
|
||
|
2C74D114000
|
heap
|
page read and write
|
||
|
293EDB20000
|
heap
|
page read and write
|
||
|
1E211402000
|
trusted library allocation
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
1E210D02000
|
heap
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
2C74D295000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2C74D103000
|
heap
|
page read and write
|
||
|
2378E64A000
|
heap
|
page read and write
|
||
|
2C74D251000
|
heap
|
page read and write
|
||
|
2378DD5B000
|
heap
|
page read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
2C74D295000
|
heap
|
page read and write
|
||
|
2C74D27E000
|
heap
|
page read and write
|
||
|
F8E6F7E000
|
stack
|
page read and write
|
||
|
2C74D0FF000
|
heap
|
page read and write
|
||
|
293EC135000
|
heap
|
page read and write
|
||
|
1EC92467000
|
heap
|
page read and write
|
||
|
2378DDC4000
|
heap
|
page read and write
|
||
|
2C74D25A000
|
heap
|
page read and write
|
||
|
1BB25F13000
|
heap
|
page read and write
|
||
|
1506000
|
stack
|
page read and write
|
||
|
158D000
|
heap
|
page read and write
|
||
|
293EE2A7000
|
trusted library allocation
|
page read and write
|
||
|
29DEB000
|
direct allocation
|
page execute and read and write
|
||
|
2C74D232000
|
heap
|
page read and write
|
||
|
2C74D28B000
|
heap
|
page read and write
|
||
|
2482F970000
|
heap
|
page read and write
|
||
|
2C74D10C000
|
heap
|
page read and write
|
||
|
2C74D1FC000
|
heap
|
page read and write
|
||
|
2881D590000
|
heap
|
page read and write
|
||
|
15F2000
|
heap
|
page read and write
|
||
|
293EC154000
|
heap
|
page read and write
|
||
|
2C74B353000
|
heap
|
page read and write
|
||
|
1C665A31000
|
heap
|
page read and write
|
||
|
2881DD60000
|
trusted library allocation
|
page read and write
|
||
|
2C74B323000
|
heap
|
page read and write
|
||
|
2C74D116000
|
heap
|
page read and write
|
||
|
F8E6FFF000
|
stack
|
page read and write
|
||
|
2B3ACFA000
|
stack
|
page read and write
|
||
|
2C74B1A0000
|
heap
|
page read and write
|
||
|
293EC148000
|
heap
|
page read and write
|
||
|
2378E906000
|
heap
|
page read and write
|
||
|
2C74D1D5000
|
heap
|
page read and write
|
||
|
293EF7F0000
|
trusted library allocation
|
page read and write
|
||
|
2C74D1FA000
|
heap
|
page read and write
|
||
|
1E210C02000
|
heap
|
page read and write
|
||
|
1E210C56000
|
heap
|
page read and write
|
||
|
14F4000
|
stack
|
page read and write
|
||
|
2C74D12C000
|
heap
|
page read and write
|
||
|
2C74B343000
|
heap
|
page read and write
|
||
|
569187B000
|
stack
|
page read and write
|
||
|
2378DDF6000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2378DDB7000
|
heap
|
page read and write
|
||
|
2C74D10A000
|
heap
|
page read and write
|
||
|
2C74D0FA000
|
heap
|
page read and write
|
||
|
2378DE08000
|
heap
|
page read and write
|
||
|
2C74D212000
|
heap
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
2C74B359000
|
heap
|
page read and write
|
||
|
78CBF000
|
stack
|
page read and write
|
||
|
2C74D26F000
|
heap
|
page read and write
|
||
|
1C665220000
|
heap
|
page read and write
|
||
|
2C74D105000
|
heap
|
page read and write
|
||
|
2378DDFC000
|
heap
|
page read and write
|
||
|
293EC15E000
|
heap
|
page read and write
|
||
|
F5000
|
heap
|
page read and write
|
||
|
2378DD98000
|
heap
|
page read and write
|
||
|
2C74FB30000
|
heap
|
page read and write
|
||
|
1C665A79000
|
heap
|
page read and write
|
||
|
2C74D108000
|
heap
|
page read and write
|
||
|
2C74D216000
|
heap
|
page read and write
|
||
|
936DEFE000
|
stack
|
page read and write
|
||
|
B68000
|
unkown
|
page write copy
|
||
|
2A0E81E0000
|
heap
|
page read and write
|
||
|
1C665240000
|
heap
|
page read and write
|
||
|
2378DD8A000
|
heap
|
page read and write
|
||
|
B13A9FF000
|
stack
|
page read and write
|
||
|
293EC100000
|
heap
|
page read and write
|
||
|
2378DD9F000
|
heap
|
page read and write
|
||
|
2C74D131000
|
heap
|
page read and write
|
||
|
2C74D10A000
|
heap
|
page read and write
|
||
|
E83917B000
|
stack
|
page read and write
|
||
|
293EC235000
|
heap
|
page read and write
|
||
|
2C74D11E000
|
heap
|
page read and write
|
||
|
1EC92413000
|
heap
|
page read and write
|
||
|
2378DD87000
|
heap
|
page read and write
|
||
|
2C74D0FE000
|
heap
|
page read and write
|
||
|
2881D645000
|
heap
|
page read and write
|
||
|
2C74B200000
|
heap
|
page read and write
|
||
|
2C74B30D000
|
heap
|
page read and write
|
||
|
2378DDF5000
|
heap
|
page read and write
|
||
|
2C74D10C000
|
heap
|
page read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
2B3A5AD000
|
stack
|
page read and write
|
||
|
B55000
|
unkown
|
page read and write
|
||
|
2C74D10C000
|
heap
|
page read and write
|
||
|
864F0FF000
|
stack
|
page read and write
|
||
|
5691AFD000
|
stack
|
page read and write
|
||
|
2C74FB20000
|
trusted library allocation
|
page read and write
|
||
|
2C74B31B000
|
heap
|
page read and write
|
||
|
2378E7A2000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
2C74D29D000
|
heap
|
page read and write
|
||
|
2C74D295000
|
heap
|
page read and write
|
||
|
2C74D299000
|
heap
|
page read and write
|
||
|
2C74D0F4000
|
heap
|
page read and write
|
||
|
2C74D103000
|
heap
|
page read and write
|
||
|
1EC92513000
|
heap
|
page read and write
|
||
|
E8392FD000
|
stack
|
page read and write
|
||
|
2881D653000
|
heap
|
page read and write
|
||
|
293EC109000
|
heap
|
page read and write
|
||
|
2482FB13000
|
heap
|
page read and write
|
||
|
2881D580000
|
heap
|
page read and write
|
||
|
B51000
|
unkown
|
page write copy
|
||
|
293EC131000
|
heap
|
page read and write
|
||
|
2C74D1F6000
|
heap
|
page read and write
|
||
|
293EC230000
|
heap
|
page read and write
|
||
|
2C74B35A000
|
heap
|
page read and write
|
||
|
2C74B372000
|
heap
|
page read and write
|
||
|
E83927F000
|
stack
|
page read and write
|
||
|
2C74B348000
|
heap
|
page read and write
|
||
|
2C74D10C000
|
heap
|
page read and write
|
||
|
2378DDCB000
|
heap
|
page read and write
|
||
|
1EC92340000
|
heap
|
page read and write
|
||
|
2C74D0E0000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2C74D279000
|
heap
|
page read and write
|
||
|
E83907C000
|
stack
|
page read and write
|
||
|
248314D0000
|
remote allocation
|
page read and write
|
||
|
1C665A76000
|
heap
|
page read and write
|
||
|
74330000
|
remote allocation
|
page read and write
|
||
|
293EDB23000
|
heap
|
page read and write
|
||
|
2378E8F0000
|
heap
|
page read and write
|
||
|
1C665358000
|
heap
|
page read and write
|
||
|
293EDF60000
|
heap
|
page read and write
|
||
|
1C665978000
|
heap
|
page read and write
|
||
|
2378E7AA000
|
heap
|
page read and write
|
||
|
2C74D1EE000
|
heap
|
page read and write
|
||
|
2378DD79000
|
heap
|
page read and write
|
||
|
2C74D11A000
|
heap
|
page read and write
|
||
|
2378DCB0000
|
heap
|
page read and write
|
||
|
2C74B351000
|
heap
|
page read and write
|
||
|
2C74FB43000
|
heap
|
page read and write
|
||
|
F8E6EFE000
|
stack
|
page read and write
|
||
|
1EC9242A000
|
heap
|
page read and write
|
||
|
2378DDA7000
|
heap
|
page read and write
|
||
|
5691A7E000
|
stack
|
page read and write
|
||
|
2378DDC4000
|
heap
|
page read and write
|
||
|
2C74D10A000
|
heap
|
page read and write
|
||
|
2C74D123000
|
heap
|
page read and write
|
||
|
2482FB17000
|
heap
|
page read and write
|
||
|
2C74D27F000
|
heap
|
page read and write
|
||
|
6D770FF000
|
stack
|
page read and write
|
||
|
2378DD2A000
|
heap
|
page read and write
|
||
|
2C74D134000
|
heap
|
page read and write
|
||
|
2C74D11E000
|
heap
|
page read and write
|
||
|
B52000
|
unkown
|
page readonly
|
||
|
2C74D106000
|
heap
|
page read and write
|
||
|
2C74D10E000
|
heap
|
page read and write
|
||
|
293EC14E000
|
heap
|
page read and write
|
||
|
2378E640000
|
heap
|
page read and write
|
||
|
2A0E65B0000
|
heap
|
page read and write
|
||
|
2C74D24B000
|
heap
|
page read and write
|
||
|
2C74D135000
|
heap
|
page read and write
|
||
|
2378DE0D000
|
heap
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
2C74D237000
|
heap
|
page read and write
|
||
|
2B3A8FE000
|
stack
|
page read and write
|
||
|
2378DDF7000
|
heap
|
page read and write
|
||
|
F8E73FB000
|
stack
|
page read and write
|
||
|
2378DE08000
|
heap
|
page read and write
|
||
|
293EC165000
|
heap
|
page read and write
|
||
|
2C74D1E9000
|
heap
|
page read and write
|
||
|
2378E655000
|
heap
|
page read and write
|
||
|
2378DDD2000
|
heap
|
page read and write
|
||
|
2C74D216000
|
heap
|
page read and write
|
||
|
2C74D1E9000
|
heap
|
page read and write
|
||
|
293EC14C000
|
heap
|
page read and write
|
||
|
2C74FB3D000
|
heap
|
page read and write
|
||
|
936DE7E000
|
stack
|
page read and write
|
||
|
2378DDD8000
|
heap
|
page read and write
|
||
|
E8391FE000
|
stack
|
page read and write
|
||
|
162E000
|
heap
|
page read and write
|
||
|
2C74D11A000
|
heap
|
page read and write
|
||
|
BD3D32A000
|
stack
|
page read and write
|
||
|
2378E8F7000
|
heap
|
page read and write
|
||
|
B13A6FD000
|
stack
|
page read and write
|
||
|
2C74FB4E000
|
heap
|
page read and write
|
||
|
1E210B80000
|
trusted library allocation
|
page read and write
|
||
|
2C74D130000
|
heap
|
page read and write
|
||
|
2C74D115000
|
heap
|
page read and write
|
||
|
200F000
|
stack
|
page read and write
|
||
|
1E210C6D000
|
heap
|
page read and write
|
||
|
B13A1BB000
|
stack
|
page read and write
|
||
|
7964F000
|
stack
|
page read and write
|
||
|
2378DE0D000
|
heap
|
page read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
2378DD4D000
|
heap
|
page read and write
|
||
|
2378DDD8000
|
heap
|
page read and write
|
||
|
293EBF80000
|
heap
|
page read and write
|
||
|
2C74D0F4000
|
heap
|
page read and write
|
||
|
2C74D123000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2C74D10E000
|
heap
|
page read and write
|
||
|
7B2FF000
|
stack
|
page read and write
|
||
|
293EC146000
|
heap
|
page read and write
|
||
|
2378DDEE000
|
heap
|
page read and write
|
||
|
2C74D20B000
|
heap
|
page read and write
|
||
|
2482FA43000
|
heap
|
page read and write
|
||
|
2C74D11A000
|
heap
|
page read and write
|
||
|
56917F9000
|
stack
|
page read and write
|
||
|
2C74D103000
|
heap
|
page read and write
|
||
|
2C74B205000
|
heap
|
page read and write
|
||
|
1C665A55000
|
heap
|
page read and write
|
||
|
2378DE07000
|
heap
|
page read and write
|
||
|
293EC148000
|
heap
|
page read and write
|
||
|
2881D65B000
|
heap
|
page read and write
|
||
|
B7F000
|
unkown
|
page write copy
|
||
|
2378E7AB000
|
heap
|
page read and write
|
||
|
2881D640000
|
heap
|
page read and write
|
||
|
2C74D13E000
|
heap
|
page read and write
|
||
|
293EC14A000
|
heap
|
page read and write
|
||
|
2378DD87000
|
heap
|
page read and write
|
||
|
2378DDF3000
|
heap
|
page read and write
|
||
|
248314D0000
|
remote allocation
|
page read and write
|
||
|
2C74D28B000
|
heap
|
page read and write
|
||
|
293EC154000
|
heap
|
page read and write
|
||
|
1EC92C02000
|
heap
|
page read and write
|
||
|
2C74D253000
|
heap
|
page read and write
|
||
|
1C665A99000
|
heap
|
page read and write
|
||
|
2378E760000
|
heap
|
page read and write
|
||
|
2C74D10A000
|
heap
|
page read and write
|
||
|
2C74FB55000
|
heap
|
page read and write
|
||
|
1C665A79000
|
heap
|
page read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
1EC9244E000
|
heap
|
page read and write
|
||
|
2881D713000
|
heap
|
page read and write
|
||
|
2C74D1F6000
|
heap
|
page read and write
|
||
|
2C74D282000
|
heap
|
page read and write
|
||
|
7DF3FF901000
|
trusted library allocation
|
page execute read
|
||
|
1C665A99000
|
heap
|
page read and write
|
||
|
2C74D225000
|
heap
|
page read and write
|
||
|
2378DD88000
|
heap
|
page read and write
|
||
|
293EC142000
|
heap
|
page read and write
|
||
|
2378E8FE000
|
heap
|
page read and write
|
||
|
2378DDDF000
|
heap
|
page read and write
|
||
|
7799F000
|
stack
|
page read and write
|
||
|
2378DE07000
|
heap
|
page read and write
|
||
|
2881D602000
|
heap
|
page read and write
|
||
|
2C74D126000
|
heap
|
page read and write
|
||
|
2378E7A5000
|
heap
|
page read and write
|
||
|
2C74B320000
|
heap
|
page read and write
|
||
|
2378DDE1000
|
heap
|
page read and write
|
||
|
2378DD94000
|
heap
|
page read and write
|
||
|
2C74D114000
|
heap
|
page read and write
|
||
|
2378DDD8000
|
heap
|
page read and write
|
||
|
2378DEF5000
|
heap
|
page read and write
|
||
|
2378DDED000
|
heap
|
page read and write
|
||
|
2C74D12F000
|
heap
|
page read and write
|
||
|
1BB25A0F000
|
unkown
|
page read and write
|
||
|
79FDC000
|
stack
|
page read and write
|
||
|
2378DDD8000
|
heap
|
page read and write
|
||
|
2378E8FB000
|
heap
|
page read and write
|
||
|
2C74D273000
|
heap
|
page read and write
|
||
|
2C74D0FA000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
2378E65E000
|
heap
|
page read and write
|
||
|
2C74D297000
|
heap
|
page read and write
|
||
|
2B9D0000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2378DDE4000
|
heap
|
page read and write
|
||
|
2378DDBA000
|
heap
|
page read and write
|
||
|
293EE2B0000
|
trusted library allocation
|
page read and write
|
||
|
1C665A3F000
|
heap
|
page read and write
|
||
|
2C74D2A4000
|
heap
|
page read and write
|
||
|
73FCE000
|
stack
|
page read and write
|
||
|
293EC12D000
|
heap
|
page read and write
|
||
|
2C74B333000
|
heap
|
page read and write
|
||
|
BD3DAFE000
|
stack
|
page read and write
|
||
|
1BB25B02000
|
trusted library allocation
|
page read and write
|
||
|
2C74B34F000
|
heap
|
page read and write
|
||
|
2C74B318000
|
heap
|
page read and write
|
||
|
2C74D220000
|
heap
|
page read and write
|
||
|
2C74D26F000
|
heap
|
page read and write
|
||
|
1BB25B24000
|
heap
|
page read and write
|
||
|
1BB25A13000
|
unkown
|
page read and write
|
||
|
B13AC7E000
|
stack
|
page read and write
|
||
|
2881D702000
|
heap
|
page read and write
|
||
|
2378E65E000
|
heap
|
page read and write
|
||
|
2C74D131000
|
heap
|
page read and write
|
||
|
2C74B323000
|
heap
|
page read and write
|
||
|
1E210B00000
|
heap
|
page read and write
|
||
|
160F000
|
heap
|
page read and write
|
||
|
2881DD50000
|
trusted library allocation
|
page read and write
|
||
|
1BB25F00000
|
heap
|
page read and write
|
||
|
2C74FE40000
|
heap
|
page read and write
|
||
|
2C74D1F6000
|
heap
|
page read and write
|
||
|
1BB25A2A000
|
heap
|
page read and write
|
||
|
864EA7E000
|
stack
|
page read and write
|
||
|
2378DE00000
|
heap
|
page read and write
|
||
|
2C74D131000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2C74B280000
|
heap
|
page read and write
|
||
|
2C74D131000
|
heap
|
page read and write
|
||
|
2C74D10E000
|
heap
|
page read and write
|
||
|
2378DD6A000
|
heap
|
page read and write
|
||
|
2C74D2C6000
|
heap
|
page read and write
|
||
|
2378DDD5000
|
heap
|
page read and write
|
||
|
293EC0E0000
|
heap
|
page read and write
|
||
|
2A0E6735000
|
heap
|
page read and write
|
||
|
1C665270000
|
trusted library allocation
|
page read and write
|
||
|
B13ADFA000
|
stack
|
page read and write
|
||
|
B13A57E000
|
stack
|
page read and write
|
||
|
1C665347000
|
heap
|
page read and write
|
||
|
73B5E000
|
stack
|
page read and write
|
||
|
2C74B34C000
|
heap
|
page read and write
|
||
|
2C74D26B000
|
heap
|
page read and write
|
||
|
2C74D0E0000
|
heap
|
page read and write
|
||
|
2C74D287000
|
heap
|
page read and write
|
||
|
2BAB0000
|
heap
|
page read and write
|
||
|
293EC13F000
|
heap
|
page read and write
|
||
|
2C74D11A000
|
heap
|
page read and write
|
||
|
1EC92C00000
|
heap
|
page read and write
|
||
|
864EBF8000
|
stack
|
page read and write
|
||
|
2C74D244000
|
heap
|
page read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
2881DE02000
|
trusted library allocation
|
page read and write
|
||
|
2C74D23B000
|
heap
|
page read and write
|
||
|
1BB25980000
|
trusted library allocation
|
page read and write
|
||
|
293EC158000
|
heap
|
page read and write
|
||
|
2378DDFB000
|
heap
|
page read and write
|
||
|
2C74B346000
|
heap
|
page read and write
|
||
|
2378DD9E000
|
heap
|
page read and write
|
||
|
2C74D103000
|
heap
|
page read and write
|
||
|
2378DE0E000
|
heap
|
page read and write
|
||
|
2C74D25A000
|
heap
|
page read and write
|
||
|
2378E906000
|
heap
|
page read and write
|
||
|
74330000
|
remote allocation
|
page read and write
|
||
|
864EAFE000
|
stack
|
page read and write
|
||
|
1E210AF0000
|
heap
|
page read and write
|
||
|
2C74F310000
|
trusted library allocation
|
page read and write
|
||
|
2482FA7B000
|
heap
|
page read and write
|
||
|
1613000
|
heap
|
page read and write
|
||
|
2C74FB6E000
|
heap
|
page read and write
|
||
|
2C74D22C000
|
heap
|
page read and write
|
||
|
293EC151000
|
heap
|
page read and write
|
||
|
7446E000
|
stack
|
page read and write
|
||
|
2378E7A3000
|
heap
|
page read and write
|
||
|
2378DD63000
|
heap
|
page read and write
|
||
|
2C74D120000
|
heap
|
page read and write
|
||
|
2C74D131000
|
heap
|
page read and write
|
||
|
293EC12C000
|
heap
|
page read and write
|
||
|
1C665A99000
|
heap
|
page read and write
|
||
|
2C74D10C000
|
heap
|
page read and write
|
||
|
2378DDB7000
|
heap
|
page read and write
|
||
|
2C74D1FE000
|
heap
|
page read and write
|
||
|
2C74D28F000
|
heap
|
page read and write
|
||
|
F8E6E7E000
|
stack
|
page read and write
|
||
|
1C665971000
|
heap
|
page read and write
|
||
|
2378DD5D000
|
heap
|
page read and write
|
||
|
936DF78000
|
stack
|
page read and write
|
||
|
AA7F0FF000
|
stack
|
page read and write
|
||
|
AA7EDEC000
|
stack
|
page read and write
|
||
|
AA7F07E000
|
stack
|
page read and write
|
||
|
E838CA7000
|
stack
|
page read and write
|
||
|
1C665A31000
|
heap
|
page read and write
|
||
|
2C74D0D0000
|
heap
|
page read and write
|
||
|
2378DDBE000
|
heap
|
page read and write
|
||
|
1C6652A9000
|
heap
|
page read and write
|
||
|
2378DD41000
|
heap
|
page read and write
|
||
|
E838D2E000
|
stack
|
page read and write
|
||
|
2C74D200000
|
heap
|
page read and write
|
||
|
56912BD000
|
stack
|
page read and write
|
||
|
293EC154000
|
heap
|
page read and write
|
||
|
1627000
|
heap
|
page read and write
|
||
|
1BB25A3F000
|
heap
|
page read and write
|
||
|
BD3DBFE000
|
stack
|
page read and write
|
||
|
2C74D13A000
|
heap
|
page read and write
|
||
|
2378DD59000
|
heap
|
page read and write
|
||
|
2C74B31D000
|
heap
|
page read and write
|
||
|
2C74D117000
|
heap
|
page read and write
|
||
|
293F0BF0000
|
trusted library allocation
|
page read and write
|
||
|
2C74B34D000
|
heap
|
page read and write
|
||
|
1EC92420000
|
heap
|
page read and write
|
||
|
1C665338000
|
heap
|
page read and write
|
||
|
1616000
|
heap
|
page read and write
|
||
|
73B9E000
|
stack
|
page read and write
|
||
|
2A0E66F0000
|
heap
|
page read and write
|
||
|
1453000
|
stack
|
page read and write
|
||
|
2378DDCA000
|
heap
|
page read and write
|
||
|
2378DDBD000
|
heap
|
page read and write
|
||
|
936DCFF000
|
stack
|
page read and write
|
||
|
56918FE000
|
stack
|
page read and write
|
||
|
2482FB02000
|
heap
|
page read and write
|
||
|
2378DD48000
|
heap
|
page read and write
|
||
|
2378DD7E000
|
heap
|
page read and write
|
||
|
2C74B348000
|
heap
|
page read and write
|
||
|
2C751744000
|
trusted library allocation
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
2C74D216000
|
heap
|
page read and write
|
||
|
1524000
|
stack
|
page read and write
|
||
|
2378E7AA000
|
heap
|
page read and write
|
||
|
2C74D284000
|
heap
|
page read and write
|
||
|
293EC15E000
|
heap
|
page read and write
|
||
|
1C665265000
|
heap
|
page read and write
|
||
|
2C74B32B000
|
heap
|
page read and write
|
||
|
2C74B339000
|
heap
|
page read and write
|
||
|
2C74D11E000
|
heap
|
page read and write
|
||
|
2C74D114000
|
heap
|
page read and write
|
||
|
2378DDEA000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2378E7A4000
|
heap
|
page read and write
|
||
|
2C752020000
|
heap
|
page readonly
|
||
|
2C74B33A000
|
heap
|
page read and write
|
||
|
293EE2AD000
|
trusted library allocation
|
page read and write
|
||
|
2378DDBD000
|
heap
|
page read and write
|
||
|
2378DDEB000
|
heap
|
page read and write
|
||
|
1EC9247D000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
B13AAFD000
|
stack
|
page read and write
|
||
|
2378E64F000
|
heap
|
page read and write
|
||
|
864EEFE000
|
stack
|
page read and write
|
||
|
2881D600000
|
heap
|
page read and write
|
||
|
2C74D28D000
|
heap
|
page read and write
|
||
|
5691979000
|
stack
|
page read and write
|
||
|
2C74D223000
|
heap
|
page read and write
|
||
|
2378DD5F000
|
heap
|
page read and write
|
||
|
864E7CB000
|
stack
|
page read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
2378DEF0000
|
heap
|
page read and write
|
||
|
2C74B329000
|
heap
|
page read and write
|
||
|
2378DDE1000
|
heap
|
page read and write
|
||
|
2C74B34C000
|
heap
|
page read and write
|
||
|
2378DDFB000
|
heap
|
page read and write
|
||
|
2C74D0F3000
|
heap
|
page read and write
|
||
|
2C74D0F9000
|
heap
|
page read and write
|
||
|
2378DDEA000
|
heap
|
page read and write
|
||
|
2378DE01000
|
heap
|
page read and write
|
||
|
1E210C2B000
|
heap
|
page read and write
|
||
|
2A0E67D0000
|
heap
|
page read and write
|
||
|
2C74D0FE000
|
heap
|
page read and write
|
||
|
B13A87E000
|
stack
|
page read and write
|
||
|
2C74CCB0000
|
heap
|
page read and write
|
||
|
936E27B000
|
stack
|
page read and write
|
||
|
F8E70FE000
|
stack
|
page read and write
|
||
|
2C74D2BF000
|
heap
|
page read and write
|
||
|
2378DCD0000
|
heap
|
page read and write
|
||
|
2378DDFC000
|
heap
|
page read and write
|
||
|
2378DD52000
|
heap
|
page read and write
|
||
|
2C74D225000
|
heap
|
page read and write
|
||
|
864EFFE000
|
stack
|
page read and write
|
||
|
2482FA13000
|
heap
|
page read and write
|
||
|
B13A7FE000
|
stack
|
page read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
2378DD9E000
|
heap
|
page read and write
|
||
|
2378DDB1000
|
heap
|
page read and write
|
||
|
2C74D10D000
|
heap
|
page read and write
|
||
|
1C66536C000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2482FA80000
|
heap
|
page read and write
|
||
|
2378DDF6000
|
heap
|
page read and write
|
||
|
1E210C00000
|
heap
|
page read and write
|
||
|
936E17F000
|
stack
|
page read and write
|
||
|
2378DDAB000
|
heap
|
page read and write
|
||
|
2C74D22A000
|
heap
|
page read and write
|
||
|
F8E6B9C000
|
stack
|
page read and write
|
||
|
E8390FF000
|
stack
|
page read and write
|
||
|
6D7747E000
|
stack
|
page read and write
|
||
|
1647000
|
heap
|
page read and write
|
||
|
2C74D1F0000
|
heap
|
page read and write
|
||
|
6D76BDB000
|
stack
|
page read and write
|
||
|
B13A8FD000
|
stack
|
page read and write
|
||
|
936D79B000
|
stack
|
page read and write
|
||
|
2C74D225000
|
heap
|
page read and write
|
||
|
1BB25E02000
|
heap
|
page read and write
|
||
|
2C74D22C000
|
heap
|
page read and write
|
||
|
2C74B170000
|
heap
|
page read and write
|
||
|
2C751762000
|
trusted library allocation
|
page read and write
|
||
|
1C6651C0000
|
heap
|
page read and write
|
||
|
2C74D117000
|
heap
|
page read and write
|
||
|
2C74D131000
|
heap
|
page read and write
|
||
|
2C74D107000
|
heap
|
page read and write
|
||
|
2C74B318000
|
heap
|
page read and write
|
||
|
1C665331000
|
heap
|
page read and write
|
||
|
2C74B31C000
|
heap
|
page read and write
|
||
|
569177E000
|
stack
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
F8E717B000
|
stack
|
page read and write
|
||
|
293EC161000
|
heap
|
page read and write
|
||
|
2C74D10C000
|
heap
|
page read and write
|
||
|
2C74D138000
|
heap
|
page read and write
|
||
|
2C74D10E000
|
heap
|
page read and write
|
||
|
2C74D211000
|
heap
|
page read and write
|
||
|
293EE2A0000
|
trusted library allocation
|
page read and write
|
||
|
2C74D131000
|
heap
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
2C74B20E000
|
heap
|
page read and write
|
||
|
2C74D113000
|
heap
|
page read and write
|
||
|
1EC9245A000
|
heap
|
page read and write
|
||
|
2C74B312000
|
heap
|
page read and write
|
||
|
293EC135000
|
heap
|
page read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
2C74D12C000
|
heap
|
page read and write
|
||
|
1BB25F02000
|
heap
|
page read and write
|
||
|
158A000
|
heap
|
page read and write
|
||
|
2C74D20B000
|
heap
|
page read and write
|
||
|
2C74D0F0000
|
heap
|
page read and write
|
||
|
2378DDA0000
|
heap
|
page read and write
|
||
|
2C74D26B000
|
heap
|
page read and write
|
||
|
1EC92440000
|
heap
|
page read and write
|
||
|
5691BF9000
|
stack
|
page read and write
|
||
|
1621000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2378DDF3000
|
heap
|
page read and write
|
||
|
2378DDD2000
|
heap
|
page read and write
|
||
|
7832F000
|
stack
|
page read and write
|
||
|
2C74D136000
|
heap
|
page read and write
|
||
|
2C74B311000
|
heap
|
page read and write
|
||
|
F8E707D000
|
stack
|
page read and write
|
||
|
2C74D0E6000
|
heap
|
page read and write
|
||
|
2C74D20B000
|
heap
|
page read and write
|
||
|
248314D0000
|
remote allocation
|
page read and write
|
||
|
F8E6B8D000
|
stack
|
page read and write
|
||
|
2C74D120000
|
heap
|
page read and write
|
||
|
2378DD7E000
|
heap
|
page read and write
|
||
|
2C74B20E000
|
heap
|
page read and write
|
||
|
2C74B31D000
|
heap
|
page read and write
|
||
|
1C6652C9000
|
heap
|
page read and write
|
||
|
2378DDD2000
|
heap
|
page read and write
|
||
|
2378E648000
|
heap
|
page read and write
|
||
|
2482FA74000
|
heap
|
page read and write
|
||
|
1E210C13000
|
heap
|
page read and write
|
||
|
2482FA02000
|
heap
|
page read and write
|
||
|
293EC149000
|
heap
|
page read and write
|
||
|
2C74B20D000
|
heap
|
page read and write
|
||
|
2A0E6730000
|
heap
|
page read and write
|
||
|
1C665A30000
|
heap
|
page read and write
|
||
|
2378DDEA000
|
heap
|
page read and write
|
||
|
74330000
|
remote allocation
|
page read and write
|
||
|
2378DDA8000
|
heap
|
page read and write
|
||
|
2378DDB7000
|
heap
|
page read and write
|
||
|
2C74D2A4000
|
heap
|
page read and write
|
||
|
2C74D282000
|
heap
|
page read and write
|
||
|
1C6652E1000
|
heap
|
page read and write
|
||
|
2378DDDF000
|
heap
|
page read and write
|
||
|
2C74D141000
|
heap
|
page read and write
|
||
|
2C74D11F000
|
heap
|
page read and write
|
||
|
2C74B342000
|
heap
|
page read and write
|
||
|
2378DDFB000
|
heap
|
page read and write
|
||
|
1EC92502000
|
heap
|
page read and write
|
||
|
2C74D11B000
|
heap
|
page read and write
|
||
|
1C665981000
|
heap
|
page read and write
|
||
|
2378DD7A000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
936DBFB000
|
stack
|
page read and write
|
||
|
2378DDB1000
|
heap
|
page read and write
|
||
|
1C665930000
|
heap
|
page read and write
|
||
|
2C74D11A000
|
heap
|
page read and write
|
||
|
1C665A99000
|
heap
|
page read and write
|
||
|
2378DD52000
|
heap
|
page read and write
|
||
|
2C74B376000
|
heap
|
page read and write
|
||
|
936DDF8000
|
stack
|
page read and write
|
||
|
2482FB00000
|
heap
|
page read and write
|
||
|
2378E7AA000
|
heap
|
page read and write
|
||
|
2378E64A000
|
heap
|
page read and write
|
||
|
2378DDCE000
|
heap
|
page read and write
|
||
|
2C74D200000
|
heap
|
page read and write
|
||
|
1C665A32000
|
heap
|
page read and write
|
||
|
2C74D1FC000
|
heap
|
page read and write
|
||
|
1BB25E00000
|
heap
|
page read and write
|
||
|
2C74D125000
|
heap
|
page read and write
|
||
|
2C74D276000
|
heap
|
page read and write
|
||
|
2378DDC1000
|
heap
|
page read and write
|
||
|
293EC13A000
|
heap
|
page read and write
|
||
|
2378DE07000
|
heap
|
page read and write
|
||
|
936E07C000
|
stack
|
page read and write
|
||
|
2378E7A7000
|
heap
|
page read and write
|
||
|
293EC149000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2C74D0FF000
|
heap
|
page read and write
|
||
|
2C74D103000
|
heap
|
page read and write
|
||
|
2C74D116000
|
heap
|
page read and write
|
||
|
2C74D0EB000
|
heap
|
page read and write
|
||
|
2C74D122000
|
heap
|
page read and write
|
||
|
29A80000
|
heap
|
page execute and read and write
|
||
|
2C74D12D000
|
heap
|
page read and write
|
||
|
293EE1A0000
|
trusted library allocation
|
page read and write
|
||
|
2C74D2B3000
|
heap
|
page read and write
|
||
|
2C74D122000
|
heap
|
page read and write
|
||
|
2C74D27E000
|
heap
|
page read and write
|
||
|
2378DDB7000
|
heap
|
page read and write
|
||
|
1EC92500000
|
heap
|
page read and write
|
||
|
2C74D26D000
|
heap
|
page read and write
|
||
|
2378DDF6000
|
heap
|
page read and write
|
||
|
2378DDD2000
|
heap
|
page read and write
|
||
|
2C74B030000
|
heap
|
page read and write
|
||
|
2C74D107000
|
heap
|
page read and write
|
||
|
1BB25B15000
|
trusted library allocation
|
page read and write
|
||
|
2378DD9F000
|
heap
|
page read and write
|
||
|
1E210C43000
|
heap
|
page read and write
|
||
|
2C74D122000
|
heap
|
page read and write
|
||
|
2C74FB6E000
|
heap
|
page read and write
|
||
|
2C74D232000
|
heap
|
page read and write
|
||
|
2C74D29D000
|
heap
|
page read and write
|
||
|
6D772FC000
|
stack
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
2C74D11A000
|
heap
|
page read and write
|
||
|
F8E71FB000
|
stack
|
page read and write
|
||
|
2C74B311000
|
heap
|
page read and write
|
||
|
2C74D21D000
|
heap
|
page read and write
|
||
|
2482F9E0000
|
heap
|
page read and write
|
||
|
2C74B320000
|
heap
|
page read and write
|
||
|
157E000
|
stack
|
page read and write
|
||
|
30000
|
direct allocation
|
page read and write
|
||
|
1EC92482000
|
heap
|
page read and write
|
||
|
1BB25970000
|
heap
|
page read and write
|
||
|
2C74D136000
|
heap
|
page read and write
|
||
|
2C74FB70000
|
heap
|
page read and write
|
||
|
2C74D12E000
|
heap
|
page read and write
|
||
|
2C74D126000
|
heap
|
page read and write
|
||
|
2378DDC4000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2378DD71000
|
heap
|
page read and write
|
||
|
164A000
|
heap
|
page read and write
|
||
|
2C74D1FA000
|
heap
|
page read and write
|
||
|
2C74FB39000
|
heap
|
page read and write
|
||
|
2378DE0A000
|
heap
|
page read and write
|
||
|
1BB25A02000
|
unkown
|
page read and write
|
||
|
2C74B318000
|
heap
|
page read and write
|
||
|
293ED9E8000
|
heap
|
page read and write
|
||
|
2B3ABFE000
|
stack
|
page read and write
|
||
|
2C74D0E8000
|
heap
|
page read and write
|
||
|
2A0E6710000
|
heap
|
page read and write
|
||
|
1EC92400000
|
heap
|
page read and write
|
||
|
2881D5F0000
|
heap
|
page read and write
|
||
|
2BA4E000
|
stack
|
page read and write
|
||
|
2378DDC9000
|
heap
|
page read and write
|
||
|
B70000
|
unkown
|
page write copy
|
||
|
2378DDB1000
|
heap
|
page read and write
|
||
|
2C74D1D0000
|
heap
|
page read and write
|
||
|
1BB25E13000
|
heap
|
page read and write
|
||
|
2C74B327000
|
heap
|
page read and write
|
||
|
24831480000
|
trusted library allocation
|
page read and write
|
||
|
293EE0A0000
|
trusted library allocation
|
page read and write
|
||
|
2378DD10000
|
heap
|
page read and write
|
||
|
248314A0000
|
trusted library allocation
|
page read and write
|
||
|
2C74D0F6000
|
heap
|
page read and write
|
||
|
2C74D104000
|
heap
|
page read and write
|
||
|
6D771FC000
|
stack
|
page read and write
|
||
|
2378E7A7000
|
heap
|
page read and write
|
||
|
2378DDB1000
|
heap
|
page read and write
|
||
|
2C74D1E1000
|
heap
|
page read and write
|
||
|
2378DD8B000
|
heap
|
page read and write
|
||
|
2C74D123000
|
heap
|
page read and write
|
||
|
29B80000
|
heap
|
page read and write
|
||
|
2378DDCE000
|
heap
|
page read and write
|
||
|
1607000
|
heap
|
page read and write
|
||
|
2C74D20B000
|
heap
|
page read and write
|
||
|
204E000
|
stack
|
page read and write
|
||
|
B58000
|
unkown
|
page write copy
|
||
|
2378DDCA000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2C74D0F8000
|
heap
|
page read and write
|
||
|
1C665A50000
|
heap
|
page read and write
|
||
|
2378DD9F000
|
heap
|
page read and write
|
||
|
2C74B355000
|
heap
|
page read and write
|
||
|
2C74D200000
|
heap
|
page read and write
|
||
|
2C74D108000
|
heap
|
page read and write
|
||
|
1C665260000
|
heap
|
page read and write
|
||
|
2378E904000
|
heap
|
page read and write
|
||
|
2378E64E000
|
heap
|
page read and write
|
||
|
1C665990000
|
heap
|
page read and write
|
||
|
5691B7E000
|
stack
|
page read and write
|
||
|
1E210C50000
|
heap
|
page read and write
|
||
|
2BA8E000
|
stack
|
page read and write
|
||
|
2B3AAFF000
|
stack
|
page read and write
|
||
|
7A96E000
|
stack
|
page read and write
|
||
|
1E210B50000
|
heap
|
page read and write
|
||
|
2482FA62000
|
heap
|
page read and write
|
||
|
2C74D2B3000
|
heap
|
page read and write
|
||
|
2C74D0E5000
|
heap
|
page read and write
|
||
|
2378DD17000
|
heap
|
page read and write
|
||
|
2C74D10E000
|
heap
|
page read and write
|
||
|
2C74D134000
|
heap
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
163B000
|
heap
|
page read and write
|
||
|
2378DDBE000
|
heap
|
page read and write
|
||
|
1EC922D0000
|
heap
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
2378DD8A000
|
heap
|
page read and write
|
||
|
1EC92370000
|
trusted library allocation
|
page read and write
|
||
|
1C665A6A000
|
heap
|
page read and write
|
||
|
2378DE0D000
|
heap
|
page read and write
|
||
|
2378DD61000
|
heap
|
page read and write
|
||
|
2C74D11A000
|
heap
|
page read and write
|
||
|
2C74D116000
|
heap
|
page read and write
|
||
|
2378DD3B000
|
heap
|
page read and write
|
||
|
2C74D0FE000
|
heap
|
page read and write
|
||
|
2881D613000
|
heap
|
page read and write
|
||
|
2378E8FC000
|
heap
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
1C66597F000
|
heap
|
page read and write
|
||
|
1605000
|
heap
|
page read and write
|
||
|
1BB25B00000
|
trusted library allocation
|
page read and write
|
||
|
2C74D28B000
|
heap
|
page read and write
|
||
|
2378E8F9000
|
heap
|
page read and write
|
||
|
2C74D127000
|
heap
|
page read and write
|
||
|
2C74D1E9000
|
heap
|
page read and write
|
||
|
2881D659000
|
heap
|
page read and write
|
||
|
293EC141000
|
heap
|
page read and write
|
||
|
2881D700000
|
heap
|
page read and write
|
||
|
293ED9E0000
|
heap
|
page read and write
|
||
|
2378DDCE000
|
heap
|
page read and write
|
||
|
2C74D128000
|
heap
|
page read and write
|
||
|
15D8000
|
heap
|
page read and write
|
||
|
2378DD5F000
|
heap
|
page read and write
|
||
|
E838DAE000
|
stack
|
page read and write
|
||
|
BA7000
|
unkown
|
page write copy
|
||
|
2C74B2F3000
|
heap
|
page read and write
|
||
|
2C74D248000
|
heap
|
page read and write
|
||
|
293EC0C0000
|
heap
|
page read and write
|
||
|
2482F980000
|
heap
|
page read and write
|
||
|
1C6652A0000
|
heap
|
page read and write
|
||
|
2378DDD0000
|
heap
|
page read and write
|
||
|
2C74D0FE000
|
heap
|
page read and write
|
||
|
2C74D112000
|
heap
|
page read and write
|
||
|
2C74D2AE000
|
heap
|
page read and write
|
||
|
864ECFB000
|
stack
|
page read and write
|
||
|
2378DDC4000
|
heap
|
page read and write
|
||
|
2378DB90000
|
heap
|
page read and write
|
||
|
2378E7AE000
|
heap
|
page read and write
|
||
|
1EC922E0000
|
heap
|
page read and write
|
||
|
73CAE000
|
stack
|
page read and write
|
||
|
2C74D115000
|
heap
|
page read and write
|
||
|
293EC139000
|
heap
|
page read and write
|
||
|
2C74D1D7000
|
heap
|
page read and write
|
||
|
2378DDAF000
|
heap
|
page read and write
|
There are 794 hidden memdumps, click here to show them.