Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
rAEAT-AvisodeNotificaci__n.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Betegner.But
|
data
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_caspol.exe_8e75fe8585f03f6e7a5776aa659ed6798ddaaf9_ea830a9b_b9de75dd-ca8c-4b40-893f-36ddd515dbdd\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3F32.tmp.dmp
|
Mini DuMP crash report, 14 streams, Mon Mar 20 11:38:31 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER40F8.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4128.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Abtegnene\Fabriksnyt\Mdepligts\Sprnghoved\colorimeter-colorhug-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Diuresis\Slockingstone\Rattlebrains\battery-level-90-charging-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Handlingssted\Skovsnegles\Herb\preferences-desktop-font-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Handlingssted\Skovsnegles\Herb\task-due-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Handlingssted\Skovsnegles\Herb\window-close.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Switchboards\Barnls\Minnesanger25.Sug
|
ASCII text, with very long lines (42980), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Switchboards\Barnls\System.Reflection.Primitives.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\Switchboards\Barnls\System.Reflection.TypeExtensions.dll
|
PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\media-playlist-consecutive-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\network-offline-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Musicalises34\Coleman\Biarcuated\network-wireless.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsu2B23.tmp\AdvSplash.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsu2B23.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
\Device\ConDrv
|
ISO-8859 text, with CRLF, LF line terminators
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\rAEAT-AvisodeNotificaci__n.exe
|
C:\Users\user\Desktop\rAEAT-AvisodeNotificaci__n.exe
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
|
C:\Users\user\Desktop\rAEAT-AvisodeNotificaci__n.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5816 -s 2552
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://checkip.dyndns.org/
|
132.226.8.169
|
|
|
|
http://crl.certum.pl/ctsca2021.crl0o
|
unknown
|
||
|
http://repository.certum.pl/ctnca.cer09
|
unknown
|
||
|
http://crl.certum.pl/ctnca.crl0k
|
unknown
|
||
|
https://doc-08-as-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/19pk727c
|
unknown
|
||
|
http://creativecommons.org/ns#ShareAlike
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://doc-08-as-docs.googleusercontent.com/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://creativecommons.org/ns#
|
unknown
|
||
|
https://github.com/dotnet/runtime
|
unknown
|
||
|
http://creativecommons.org/ns#DerivativeWorks
|
unknown
|
||
|
https://doc-08-as-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/19pk727cbroendti715a9k7i4jfb9nau/1679308650000/13380849351983225481/*/1z2zMikfPb67TZJIo_lB5FRH6cO_UKsr4?e=download&uuid=a39e1756-09be-48bf-9f6c-3bbe22c32c5b
|
142.250.184.193
|
||
|
http://creativecommons.org/licenses/by-sa/4.0/
|
unknown
|
||
|
http://creativecommons.org/ns#Distribution
|
unknown
|
||
|
http://repository.certum.pl/ctsca2021.cer0
|
unknown
|
||
|
http://subca.ocsp-certum.com05
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
http://creativecommons.org/ns#Attribution
|
unknown
|
||
|
http://subca.ocsp-certum.com02
|
unknown
|
||
|
http://subca.ocsp-certum.com01
|
unknown
|
||
|
http://crl.certum.pl/ctnca2.crl0l
|
unknown
|
||
|
http://repository.certum.pl/ctnca2.cer09
|
unknown
|
||
|
https://github.com/dotnet/runtimeBSJB
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://creativecommons.org/ns#Notice
|
unknown
|
||
|
http://creativecommons.org/ns#Reproduction
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.certum.pl/CPS0
|
unknown
|
There are 20 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
checkip.dyndns.com
|
132.226.8.169
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
drive.google.com
|
142.250.185.110
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.184.193
|
||
|
doc-08-as-docs.googleusercontent.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
132.226.8.169
|
checkip.dyndns.com
|
United States
|
|
|
|
142.250.184.193
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
142.250.185.110
|
drive.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\InstallDir32
|
Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Micos\Irises\Kandissens\Raceblanding
|
Sulphammonium164
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Hermeneutics\Ophjedes\Amtsraadsmedlemmet
|
Printerproblemernes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Replyingly\Avnbgen\Spisekamrenes
|
Rumfartscenterets
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Fetichry
|
Isobase
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\caspol_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
ProgramId
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
FileId
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
LongPathHash
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
Name
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
OriginalFileName
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
Publisher
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
Version
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
BinFileVersion
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
BinaryType
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
ProductName
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
ProductVersion
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
LinkDate
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
BinProductVersion
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
Size
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
Language
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
IsOsComponent
|
||
|
\REGISTRY\A\{bccd5b46-a793-0eb7-59e1-8cca6466b6b7}\Root\InventoryApplicationFile\caspol.exe|1c3df8b9b20d9142
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C0099025B964
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F30000
|
remote allocation
|
page execute and read and write
|
|
|
|
49EC000
|
direct allocation
|
page execute and read and write
|
|
|
|
48C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
28AEF8B0000
|
heap
|
page read and write
|
||
|
28AEFBB0000
|
heap
|
page read and write
|
||
|
232BCF2A000
|
heap
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
232BC53C000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
ECE0FE000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF2B000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
4104000
|
heap
|
page read and write
|
||
|
232BCF2E000
|
heap
|
page read and write
|
||
|
B63000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BC4F8000
|
heap
|
page read and write
|
||
|
217CF21B000
|
heap
|
page read and write
|
||
|
A833DFF000
|
stack
|
page read and write
|
||
|
232BCF74000
|
heap
|
page read and write
|
||
|
338F0000
|
direct allocation
|
page read and write
|
||
|
232BCF29000
|
heap
|
page read and write
|
||
|
28AEF940000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
4127000
|
heap
|
page read and write
|
||
|
232BC492000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
36B95000
|
trusted library allocation
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
232BCF7C000
|
heap
|
page read and write
|
||
|
232BCF2F000
|
heap
|
page read and write
|
||
|
232BCF5A000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
369C6000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
28AEFAB2000
|
heap
|
page read and write
|
||
|
232BCF5B000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
34690000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
33601000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
232BCF95000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BC53C000
|
heap
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
4102000
|
heap
|
page read and write
|
||
|
5A49000
|
trusted library allocation
|
page read and write
|
||
|
40FE000
|
heap
|
page read and write
|
||
|
358C7000
|
trusted library allocation
|
page read and write
|
||
|
10059000
|
trusted library allocation
|
page read and write
|
||
|
232BCF21000
|
heap
|
page read and write
|
||
|
28AEFA3E000
|
heap
|
page read and write
|
||
|
232BD445000
|
heap
|
page read and write
|
||
|
36968000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
28AEFCF0000
|
trusted library allocation
|
page read and write
|
||
|
341BE000
|
stack
|
page read and write
|
||
|
36C40000
|
heap
|
page execute and read and write
|
||
|
36CB0000
|
heap
|
page read and write
|
||
|
B8F000
|
heap
|
page read and write
|
||
|
3E84000
|
heap
|
page read and write
|
||
|
232BC42A000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF95000
|
heap
|
page read and write
|
||
|
2BFF000
|
stack
|
page read and write
|
||
|
232BC481000
|
heap
|
page read and write
|
||
|
232BC4A2000
|
heap
|
page read and write
|
||
|
33E1E000
|
stack
|
page read and write
|
||
|
232BCF5C000
|
heap
|
page read and write
|
||
|
232BCF0E000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF78000
|
heap
|
page read and write
|
||
|
7E9000
|
unkown
|
page readonly
|
||
|
232BCF14000
|
heap
|
page read and write
|
||
|
36C10000
|
trusted library allocation
|
page read and write
|
||
|
14DE3E28000
|
unkown
|
page read and write
|
||
|
232BCF41000
|
heap
|
page read and write
|
||
|
3709E000
|
stack
|
page read and write
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
232BCF46000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
232BCF6E000
|
heap
|
page read and write
|
||
|
7D0000
|
unkown
|
page readonly
|
||
|
28AEFAA0000
|
heap
|
page read and write
|
||
|
232BCF43000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF3A000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BD4BB000
|
heap
|
page read and write
|
||
|
3388F000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
36BB6000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BD412000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
28AEFAA9000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
411D000
|
heap
|
page read and write
|
||
|
411D000
|
heap
|
page read and write
|
||
|
232BCF24000
|
heap
|
page read and write
|
||
|
B9C000
|
heap
|
page read and write
|
||
|
217CF282000
|
heap
|
page read and write
|
||
|
232BCF78000
|
heap
|
page read and write
|
||
|
7D0000
|
unkown
|
page readonly
|
||
|
232BCF76000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BC400000
|
heap
|
page read and write
|
||
|
232BCF6F000
|
heap
|
page read and write
|
||
|
348AB000
|
trusted library allocation
|
page read and write
|
||
|
232BCF2B000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
232BCF3E000
|
heap
|
page read and write
|
||
|
232BCF1C000
|
heap
|
page read and write
|
||
|
10020000
|
trusted library allocation
|
page read and write
|
||
|
232BCF95000
|
heap
|
page read and write
|
||
|
34870000
|
trusted library allocation
|
page execute and read and write
|
||
|
232BCF2F000
|
heap
|
page read and write
|
||
|
232BCF78000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF5D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BC447000
|
heap
|
page read and write
|
||
|
232BC4A9000
|
heap
|
page read and write
|
||
|
28AEFAB5000
|
heap
|
page read and write
|
||
|
232BD340000
|
remote allocation
|
page read and write
|
||
|
28AEFCC0000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
40F9000
|
heap
|
page read and write
|
||
|
232BCF7C000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
C57537E000
|
stack
|
page read and write
|
||
|
369F0000
|
heap
|
page read and write
|
||
|
7E9000
|
unkown
|
page readonly
|
||
|
217CF290000
|
heap
|
page read and write
|
||
|
232BCF29000
|
heap
|
page read and write
|
||
|
232BD405000
|
heap
|
page read and write
|
||
|
232BC481000
|
heap
|
page read and write
|
||
|
232BCF5C000
|
heap
|
page read and write
|
||
|
232BCF2E000
|
heap
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF40000
|
heap
|
page read and write
|
||
|
346AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
A833C7F000
|
stack
|
page read and write
|
||
|
232BC49E000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
36C8E000
|
stack
|
page read and write
|
||
|
232BC420000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
40E4000
|
heap
|
page read and write
|
||
|
36BD0000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
232BCF3B000
|
heap
|
page read and write
|
||
|
232BCF29000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B7B000
|
heap
|
page read and write
|
||
|
28AEF9E0000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
217CF251000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
232BCF7B000
|
heap
|
page read and write
|
||
|
232BC490000
|
heap
|
page read and write
|
||
|
36C10000
|
trusted library allocation
|
page read and write
|
||
|
232BC427000
|
heap
|
page read and write
|
||
|
217CF24B000
|
heap
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
AF569FA000
|
stack
|
page read and write
|
||
|
28AEFAB0000
|
heap
|
page read and write
|
||
|
14DE4300000
|
heap
|
page read and write
|
||
|
217CF28E000
|
heap
|
page read and write
|
||
|
400E000
|
stack
|
page read and write
|
||
|
C57557A000
|
stack
|
page read and write
|
||
|
232BCF26000
|
heap
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
232BC4DE000
|
heap
|
page read and write
|
||
|
407157F000
|
stack
|
page read and write
|
||
|
232BCF81000
|
heap
|
page read and write
|
||
|
232BC505000
|
heap
|
page read and write
|
||
|
B93000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
40DE000
|
heap
|
page read and write
|
||
|
232BC427000
|
heap
|
page read and write
|
||
|
406B000
|
heap
|
page read and write
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
217CF26D000
|
heap
|
page read and write
|
||
|
232BCF23000
|
heap
|
page read and write
|
||
|
385C000
|
remote allocation
|
page execute and read and write
|
||
|
7EF000
|
unkown
|
page readonly
|
||
|
14DE3E11000
|
unkown
|
page read and write
|
||
|
217CF232000
|
heap
|
page read and write
|
||
|
232BCF18000
|
heap
|
page read and write
|
||
|
2F6D000
|
stack
|
page read and write
|
||
|
34896000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
A833D7C000
|
stack
|
page read and write
|
||
|
36BC0000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF7A000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
40FE000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF78000
|
heap
|
page read and write
|
||
|
346D2000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
232BCF42000
|
heap
|
page read and write
|
||
|
232BCF95000
|
heap
|
page read and write
|
||
|
217CF249000
|
heap
|
page read and write
|
||
|
232BCF28000
|
heap
|
page read and write
|
||
|
34070000
|
trusted library allocation
|
page read and write
|
||
|
14DE3D00000
|
heap
|
page read and write
|
||
|
407115D000
|
stack
|
page read and write
|
||
|
36C10000
|
trusted library allocation
|
page read and write
|
||
|
232BD428000
|
heap
|
page read and write
|
||
|
217CF110000
|
heap
|
page read and write
|
||
|
4124000
|
heap
|
page read and write
|
||
|
28AEFC40000
|
trusted library allocation
|
page read and write
|
||
|
14DE3F02000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
232BCF76000
|
heap
|
page read and write
|
||
|
232BCF32000
|
heap
|
page read and write
|
||
|
232BC51A000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF1B000
|
heap
|
page read and write
|
||
|
34963000
|
trusted library allocation
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
28AEFAB4000
|
heap
|
page read and write
|
||
|
28AEFAA9000
|
heap
|
page read and write
|
||
|
53EC000
|
direct allocation
|
page execute and read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
232BCF93000
|
heap
|
page read and write
|
||
|
36C10000
|
trusted library allocation
|
page read and write
|
||
|
34880000
|
trusted library allocation
|
page read and write
|
||
|
232BD40B000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF81000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
217CF256000
|
heap
|
page read and write
|
||
|
232BCF2C000
|
heap
|
page read and write
|
||
|
346C0000
|
trusted library allocation
|
page read and write
|
||
|
232BCF5C000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF20000
|
heap
|
page read and write
|
||
|
1A5C000
|
remote allocation
|
page execute and read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF32000
|
heap
|
page read and write
|
||
|
217CF227000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B7E000
|
heap
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF60000
|
heap
|
page read and write
|
||
|
36C10000
|
trusted library allocation
|
page read and write
|
||
|
232BCF76000
|
heap
|
page read and write
|
||
|
35E0000
|
trusted library allocation
|
page read and write
|
||
|
28AF0A40000
|
trusted library allocation
|
page read and write
|
||
|
232BCF3D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BC513000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
14DE4202000
|
heap
|
page read and write
|
||
|
217CFA02000
|
trusted library allocation
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
33618000
|
heap
|
page read and write
|
||
|
232BC4DE000
|
heap
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page read and write
|
||
|
28AEF9B0000
|
trusted library allocation
|
page read and write
|
||
|
AF568FE000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF0E000
|
heap
|
page read and write
|
||
|
414E000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
AF5647B000
|
stack
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
40F3000
|
heap
|
page read and write
|
||
|
232BCF76000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF7C000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
4106000
|
heap
|
page read and write
|
||
|
343E0000
|
remote allocation
|
page read and write
|
||
|
232BC53B000
|
heap
|
page read and write
|
||
|
232BCF2C000
|
heap
|
page read and write
|
||
|
18CE58A8000
|
heap
|
page read and write
|
||
|
18CE58B5000
|
heap
|
page read and write
|
||
|
232BCF19000
|
heap
|
page read and write
|
||
|
232BCF54000
|
heap
|
page read and write
|
||
|
217CEF90000
|
heap
|
page read and write
|
||
|
232BCF7C000
|
heap
|
page read and write
|
||
|
67EC000
|
direct allocation
|
page execute and read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
232BCF84000
|
heap
|
page read and write
|
||
|
14DE3F40000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
40F3000
|
heap
|
page read and write
|
||
|
232BC54D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
14DE3F15000
|
trusted library allocation
|
page read and write
|
||
|
40E4000
|
heap
|
page read and write
|
||
|
232BCF4F000
|
heap
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
217CF200000
|
heap
|
page read and write
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
217CF28D000
|
heap
|
page read and write
|
||
|
34720000
|
heap
|
page read and write
|
||
|
232BC421000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
40E3000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
217CF283000
|
heap
|
page read and write
|
||
|
217CF287000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
4116000
|
heap
|
page read and write
|
||
|
232BCF15000
|
heap
|
page read and write
|
||
|
232BCF80000
|
heap
|
page read and write
|
||
|
217CEFF0000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF8E000
|
heap
|
page read and write
|
||
|
343E0000
|
remote allocation
|
page read and write
|
||
|
28AEFABF000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF2D000
|
heap
|
page read and write
|
||
|
14DE3C90000
|
heap
|
page read and write
|
||
|
18CE5950000
|
heap
|
page read and write
|
||
|
40D7000
|
heap
|
page read and write
|
||
|
346A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BD469000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
358C1000
|
trusted library allocation
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
direct allocation
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BD49D000
|
heap
|
page read and write
|
||
|
232BD486000
|
heap
|
page read and write
|
||
|
232BCF61000
|
heap
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
3482E000
|
stack
|
page read and write
|
||
|
232BCF81000
|
heap
|
page read and write
|
||
|
28AEFAA0000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
14DE3E00000
|
unkown
|
page read and write
|
||
|
232BCF74000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
232BC51B000
|
heap
|
page read and write
|
||
|
28AEFAA0000
|
heap
|
page read and write
|
||
|
36C10000
|
trusted library allocation
|
page read and write
|
||
|
28AEFAAD000
|
heap
|
page read and write
|
||
|
232BCF51000
|
heap
|
page read and write
|
||
|
232BD4B3000
|
heap
|
page read and write
|
||
|
2E5C000
|
remote allocation
|
page execute and read and write
|
||
|
40DC000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
36BC0000
|
trusted library allocation
|
page read and write
|
||
|
232BCF16000
|
heap
|
page read and write
|
||
|
217CF302000
|
heap
|
page read and write
|
||
|
14DE3E6F000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
28AEFD40000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
232BCF3C000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF05000
|
heap
|
page read and write
|
||
|
A833AFD000
|
stack
|
page read and write
|
||
|
348B0000
|
heap
|
page execute and read and write
|
||
|
28AEFAA0000
|
heap
|
page read and write
|
||
|
346B0000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF76000
|
heap
|
page read and write
|
||
|
28AEFAB2000
|
heap
|
page read and write
|
||
|
232BCF1A000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
3486E000
|
stack
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
71EC000
|
direct allocation
|
page execute and read and write
|
||
|
36C20000
|
trusted library allocation
|
page read and write
|
||
|
A833CFA000
|
stack
|
page read and write
|
||
|
232BCF48000
|
heap
|
page read and write
|
||
|
232BC4AF000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF17000
|
heap
|
page read and write
|
||
|
A833A7B000
|
stack
|
page read and write
|
||
|
217CF27F000
|
heap
|
page read and write
|
||
|
346C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
232BCF3B000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF85000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
AF567FF000
|
stack
|
page read and write
|
||
|
105C000
|
remote allocation
|
page execute and read and write
|
||
|
232BCF29000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33DDE000
|
stack
|
page read and write
|
||
|
28AEFA93000
|
heap
|
page read and write
|
||
|
232BCF2F000
|
heap
|
page read and write
|
||
|
232BC2F0000
|
heap
|
page read and write
|
||
|
232BC280000
|
heap
|
page read and write
|
||
|
232BD4CA000
|
heap
|
page read and write
|
||
|
34960000
|
trusted library allocation
|
page read and write
|
||
|
232BD42E000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF02000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
232BC502000
|
heap
|
page read and write
|
||
|
B6F000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
36BC0000
|
trusted library allocation
|
page read and write
|
||
|
A833B7E000
|
stack
|
page read and write
|
||
|
B72000
|
heap
|
page read and write
|
||
|
232BCF5A000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
14DE4302000
|
heap
|
page read and write
|
||
|
4127000
|
heap
|
page read and write
|
||
|
3427D000
|
stack
|
page read and write
|
||
|
3441E000
|
stack
|
page read and write
|
||
|
232BCF60000
|
heap
|
page read and write
|
||
|
28AEFAA9000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
4108000
|
heap
|
page read and write
|
||
|
232BCE15000
|
heap
|
page read and write
|
||
|
33F5D000
|
stack
|
page read and write
|
||
|
232BCF95000
|
heap
|
page read and write
|
||
|
232BCF74000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
40F3000
|
heap
|
page read and write
|
||
|
33F1F000
|
stack
|
page read and write
|
||
|
245C000
|
remote allocation
|
page execute and read and write
|
||
|
14DE4000000
|
trusted library allocation
|
page read and write
|
||
|
232BD400000
|
heap
|
page read and write
|
||
|
14DE3E3D000
|
heap
|
page read and write
|
||
|
40EB000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF45000
|
heap
|
page read and write
|
||
|
338B0000
|
direct allocation
|
page read and write
|
||
|
217CF285000
|
heap
|
page read and write
|
||
|
18CE5850000
|
heap
|
page read and write
|
||
|
232BD340000
|
remote allocation
|
page read and write
|
||
|
28AF04F0000
|
trusted library allocation
|
page read and write
|
||
|
36B64000
|
trusted library allocation
|
page read and write
|
||
|
28AEFAA9000
|
heap
|
page read and write
|
||
|
14DE3F00000
|
trusted library allocation
|
page read and write
|
||
|
40E9000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BC4EF000
|
heap
|
page read and write
|
||
|
232BCF2B000
|
heap
|
page read and write
|
||
|
3456C000
|
stack
|
page read and write
|
||
|
217CF213000
|
heap
|
page read and write
|
||
|
232BCF56000
|
heap
|
page read and write
|
||
|
14DE3E13000
|
unkown
|
page read and write
|
||
|
28AEFA67000
|
heap
|
page read and write
|
||
|
3FCE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
28AEFABF000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
232BD4C0000
|
heap
|
page read and write
|
||
|
232BC4E7000
|
heap
|
page read and write
|
||
|
28AEFABF000
|
heap
|
page read and write
|
||
|
14DE4302000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BC51B000
|
heap
|
page read and write
|
||
|
B93000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
18CE5730000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
18CE57F5000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
789000
|
unkown
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
232BCF6D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF32000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
28AEFAA0000
|
heap
|
page read and write
|
||
|
232BCF29000
|
heap
|
page read and write
|
||
|
232BCF22000
|
heap
|
page read and write
|
||
|
232BCF92000
|
heap
|
page read and write
|
||
|
36C0D000
|
stack
|
page read and write
|
||
|
232BD45B000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF95000
|
heap
|
page read and write
|
||
|
232BCF72000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF5A000
|
heap
|
page read and write
|
||
|
14DE3E02000
|
unkown
|
page read and write
|
||
|
B38000
|
heap
|
page read and write
|
||
|
4116000
|
heap
|
page read and write
|
||
|
18CE5858000
|
heap
|
page read and write
|
||
|
40C7000
|
heap
|
page read and write
|
||
|
217CF289000
|
heap
|
page read and write
|
||
|
232BCF6B000
|
heap
|
page read and write
|
||
|
28AEFD10000
|
trusted library allocation
|
page read and write
|
||
|
232BCF74000
|
heap
|
page read and write
|
||
|
232BCF37000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF87000
|
heap
|
page read and write
|
||
|
2E6C000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF1E000
|
heap
|
page read and write
|
||
|
232BCF76000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
36BC0000
|
trusted library allocation
|
page read and write
|
||
|
232BCF8F000
|
heap
|
page read and write
|
||
|
217CF28A000
|
heap
|
page read and write
|
||
|
217CF23B000
|
heap
|
page read and write
|
||
|
3497D000
|
trusted library allocation
|
page read and write
|
||
|
4010000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
4108000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF70000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
4114000
|
heap
|
page read and write
|
||
|
28AEFA92000
|
heap
|
page read and write
|
||
|
232BCF7C000
|
heap
|
page read and write
|
||
|
14DE4300000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
40714FF000
|
stack
|
page read and write
|
||
|
232BC53B000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF0E000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
18CE55F0000
|
heap
|
page read and write
|
||
|
40711DE000
|
stack
|
page read and write
|
||
|
232BCF60000
|
heap
|
page read and write
|
||
|
232BD40D000
|
heap
|
page read and write
|
||
|
ECDCFD000
|
stack
|
page read and write
|
||
|
341D0000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF6B000
|
heap
|
page read and write
|
||
|
232BCF31000
|
heap
|
page read and write
|
||
|
3471E000
|
stack
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
232BCE00000
|
heap
|
page read and write
|
||
|
232BCF2A000
|
heap
|
page read and write
|
||
|
3D40000
|
unclassified section
|
page readonly
|
||
|
36BC0000
|
trusted library allocation
|
page read and write
|
||
|
346DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
C57517F000
|
unkown
|
page read and write
|
||
|
232BCF4B000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF70000
|
heap
|
page read and write
|
||
|
5DEC000
|
direct allocation
|
page execute and read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
36C10000
|
trusted library allocation
|
page read and write
|
||
|
28AEFABA000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
B6B000
|
heap
|
page read and write
|
||
|
14DE4200000
|
heap
|
page read and write
|
||
|
14DE3E6F000
|
heap
|
page read and write
|
||
|
4158000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
217CF271000
|
heap
|
page read and write
|
||
|
232BCF7E000
|
heap
|
page read and write
|
||
|
232BCF2A000
|
heap
|
page read and write
|
||
|
343E0000
|
remote allocation
|
page read and write
|
||
|
3437E000
|
stack
|
page read and write
|
||
|
346D0000
|
trusted library allocation
|
page read and write
|
||
|
232BC4F5000
|
heap
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
3451E000
|
stack
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
33600000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
28AEFAB2000
|
heap
|
page read and write
|
||
|
B73000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
33CDE000
|
stack
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
410B000
|
heap
|
page read and write
|
||
|
28AEFCA0000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BC600000
|
unclassified section
|
page readonly
|
||
|
40EB000
|
heap
|
page read and write
|
||
|
232BC456000
|
heap
|
page read and write
|
||
|
232BCF2E000
|
heap
|
page read and write
|
||
|
232BCF25000
|
heap
|
page read and write
|
||
|
40715F9000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BC461000
|
heap
|
page read and write
|
||
|
34667000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
3E80000
|
heap
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
14DE4213000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF78000
|
heap
|
page read and write
|
||
|
3378E000
|
stack
|
page read and write
|
||
|
14DE4313000
|
heap
|
page read and write
|
||
|
36B5E000
|
stack
|
page read and write
|
||
|
3ECE000
|
stack
|
page read and write
|
||
|
28AEFABF000
|
heap
|
page read and write
|
||
|
348C1000
|
trusted library allocation
|
page read and write
|
||
|
232BCF00000
|
heap
|
page read and write
|
||
|
232BCF0E000
|
heap
|
page read and write
|
||
|
232BCF56000
|
heap
|
page read and write
|
||
|
217CF247000
|
heap
|
page read and write
|
||
|
232BCF7D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
217CF280000
|
heap
|
page read and write
|
||
|
232BCF7C000
|
heap
|
page read and write
|
||
|
232BC610000
|
heap
|
page read and write
|
||
|
232BC4E0000
|
heap
|
page read and write
|
||
|
358E9000
|
trusted library allocation
|
page read and write
|
||
|
34890000
|
trusted library allocation
|
page read and write
|
||
|
232BCF61000
|
heap
|
page read and write
|
||
|
28AEFD00000
|
heap
|
page readonly
|
||
|
A833BFE000
|
stack
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
413F000
|
heap
|
page read and write
|
||
|
232BCF1D000
|
heap
|
page read and write
|
||
|
28AEFAA9000
|
heap
|
page read and write
|
||
|
7AB000
|
unkown
|
page read and write
|
||
|
232BD340000
|
remote allocation
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF1F000
|
heap
|
page read and write
|
||
|
14DE3E39000
|
unkown
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
232BCF92000
|
heap
|
page read and write
|
||
|
232BCE02000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
346D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E20000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF13000
|
heap
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
217CF286000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
7A4000
|
unkown
|
page read and write
|
||
|
410B000
|
heap
|
page read and write
|
||
|
40710DC000
|
stack
|
page read and write
|
||
|
232BC441000
|
heap
|
page read and write
|
||
|
232BD402000
|
heap
|
page read and write
|
||
|
217CF217000
|
heap
|
page read and write
|
||
|
18CE57F0000
|
heap
|
page read and write
|
||
|
217CF240000
|
heap
|
page read and write
|
||
|
232BCF5C000
|
heap
|
page read and write
|
||
|
232BC413000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
36C10000
|
trusted library allocation
|
page read and write
|
||
|
C57507B000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33910000
|
direct allocation
|
page read and write
|
||
|
232BD423000
|
heap
|
page read and write
|
||
|
28AEFAA0000
|
heap
|
page read and write
|
||
|
3130000
|
direct allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
28AEFAA9000
|
heap
|
page read and write
|
||
|
28AEFD30000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BD4B0000
|
heap
|
page read and write
|
||
|
413A000
|
heap
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
217CF27E000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
B72000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
7CE000
|
unkown
|
page read and write
|
||
|
27B5000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
40DF000
|
heap
|
page read and write
|
||
|
40A9000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
217CF100000
|
unclassified section
|
page readonly
|
||
|
28AEF9E8000
|
heap
|
page read and write
|
||
|
232BCF78000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
C57547B000
|
stack
|
page read and write
|
||
|
40DF000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF4A000
|
heap
|
page read and write
|
||
|
425E000
|
stack
|
page read and write
|
||
|
232BCF95000
|
heap
|
page read and write
|
||
|
232BC448000
|
heap
|
page read and write
|
||
|
232BCF2C000
|
heap
|
page read and write
|
||
|
232BD434000
|
heap
|
page read and write
|
||
|
232BCF32000
|
heap
|
page read and write
|
||
|
C57567E000
|
stack
|
page read and write
|
||
|
2714000
|
heap
|
page read and write
|
||
|
28AF0A80000
|
trusted library allocation
|
page read and write
|
||
|
232BD4AA000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
36C20000
|
trusted library allocation
|
page read and write
|
||
|
28AEFD35000
|
heap
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
232BCF40000
|
heap
|
page read and write
|
||
|
348A0000
|
trusted library allocation
|
page read and write
|
||
|
340BE000
|
stack
|
page read and write
|
||
|
232BCF47000
|
heap
|
page read and write
|
||
|
34966000
|
trusted library allocation
|
page read and write
|
||
|
232BC4B0000
|
heap
|
page read and write
|
||
|
B9C000
|
heap
|
page read and write
|
||
|
28AEFA7D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
36BC0000
|
trusted library allocation
|
page read and write
|
||
|
ECE479000
|
stack
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BD45D000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF2B000
|
heap
|
page read and write
|
||
|
28AEFA52000
|
heap
|
page read and write
|
||
|
232BC491000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
28AEFAB2000
|
heap
|
page read and write
|
||
|
232BCF7D000
|
heap
|
page read and write
|
||
|
346CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
232BCF2B000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
14DE4313000
|
heap
|
page read and write
|
||
|
28AEFAB2000
|
heap
|
page read and write
|
||
|
232BCC00000
|
trusted library allocation
|
page read and write
|
||
|
232BCF7C000
|
heap
|
page read and write
|
||
|
232BCF70000
|
heap
|
page read and write
|
||
|
232BCF2F000
|
heap
|
page read and write
|
||
|
232BC457000
|
heap
|
page read and write
|
||
|
3405C000
|
stack
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
36F9F000
|
stack
|
page read and write
|
||
|
28AEFABF000
|
heap
|
page read and write
|
||
|
217CF28C000
|
heap
|
page read and write
|
||
|
4110000
|
heap
|
page read and write
|
||
|
217CF160000
|
trusted library allocation
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
C575B7E000
|
stack
|
page read and write
|
||
|
232BC4D9000
|
heap
|
page read and write
|
||
|
33601000
|
heap
|
page read and write
|
||
|
232BCF39000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
36BA0000
|
trusted library allocation
|
page read and write
|
||
|
36BB0000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
33950000
|
heap
|
page read and write
|
||
|
232BCF92000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
7EF000
|
unkown
|
page readonly
|
||
|
407147E000
|
stack
|
page read and write
|
||
|
28AEFABF000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
232BCF5E000
|
heap
|
page read and write
|
||
|
346A4000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
28AEFAB2000
|
heap
|
page read and write
|
||
|
232BCF29000
|
heap
|
page read and write
|
There are 801 hidden memdumps, click here to show them.