Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
0dN59ZIkEM.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\ProgramData\HCAEGCBFHJDG\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\HCAEGCBFHJDG\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\HCAEGCBFHJDG\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\HCAEGCBFHJDG\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\1151\Spice.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\freebl3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\mozglue[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\nss3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\softokn3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q4M8ZOMH\sqln[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\BFHJJJDAFBKEBGDGHCGDBKJECF
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\ProgramData\CBKJJJDH
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\CFIEHCFIECBGCBFHIJJKEGHIEC
|
SQLite Write-Ahead Log, version 3007000
|
modified
|
||
|
C:\ProgramData\CGCFBFBGHDGDAKECAKJEHCGDAA
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\ProgramData\DGDAEHCB
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\GIIDBGDAFHJDHIDGDGII
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\HCAEGCBF
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\ProgramData\HCAEGCBFHJDG\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\HCAEGCBFHJDG\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\HIDAFHDH
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\IDBGHDGHCGHCAAKFIIECFHCFBF
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\ProgramData\JJJEGHDAECBFHJKEGIJK
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\1151\a
|
OpenPGP Public Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Aboriginal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Automation
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Bag
|
ASCII text, with very long lines (877), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Bag.cmd (copy)
|
ASCII text, with very long lines (877), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Chair
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Factor
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Flush
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\76561199677575543[1].htm
|
HTML document, Unicode text, UTF-8 text, with very long lines (3041), with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\msvcp140[1].dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\vcruntime140[1].dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Jobs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Mattress
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Mostly
|
OpenPGP Public Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Rap
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Robust
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Wedding
|
data
|
dropped
|
There are 30 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\0dN59ZIkEM.exe
|
"C:\Users\user\Desktop\0dN59ZIkEM.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c move Bag Bag.cmd && Bag.cmd
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "wrsa.exe opssvc.exe"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "avastui.exe avgui.exe nswscsvc.exe sophoshealth.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c md 1151
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /V "NickelTruckWritersBattery" Mattress
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b Mostly + Rap + Robust + Aboriginal 1151\a
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\1151\Spice.pif
|
1151\Spice.pif 1151\a
|
|
|
|
C:\Windows\SysWOW64\PING.EXE
|
ping -n 5 127.0.0.1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.j
|
unknown
|
||
|
https://37.27.87.155ta
|
unknown
|
||
|
https://steamcommunity.com/?subsection=broadcasts
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199677575543/badges
|
unknown
|
||
|
https://37.27.87.155/sqln.dll
|
37.27.87.155
|
||
|
https://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://www.gstatic.cn/recaptcha/
|
unknown
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=engli
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/promo/stickers.js?v=GfA42_x2_aub&
|
unknown
|
||
|
https://37.27.87.155/GHDGDAKECAKJEHCGDAA
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE
|
unknown
|
||
|
https://37.27.87.155/ramData
|
unknown
|
||
|
http://www.valvesoftware.com/legal.htm
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199677575543/inventory/
|
unknown
|
||
|
https://37.27.87.155/softokn3.dll
|
37.27.87.155
|
||
|
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
https://steamcommunity.com/o
|
unknown
|
||
|
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
|
https://37.27.87.155/nss3.dll
|
37.27.87.155
|
||
|
https://mozilla.org0/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
|
unknown
|
||
|
https://37.27.87.155/vcruntime140.dll
|
37.27.87.155
|
||
|
http://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
|
unknown
|
||
|
https://store.steampowered.com/points/shop/
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://37.27.87.155HDHIDGIEBGIJEHIJKFIIition:
|
unknown
|
||
|
https://37.27.87.155AAKKE
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199677575543Mozilla/5.0
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=bZKSp7oNwVPK
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://37.27.87.155VWXYZ12345678900)
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
|
unknown
|
||
|
https://37.27.87.155/msvcp140.dll
|
37.27.87.155
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199677575543
|
23.7.115.52
|
||
|
https://www.google.com/recaptcha/
|
unknown
|
||
|
https://37.27.87.155/
|
37.27.87.155
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=c4Un
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=3gW5J8_jG_Yc&
|
unknown
|
||
|
https://store.steampowered.com/about/
|
unknown
|
||
|
https://steamcommunity.com/my/wishlist/
|
unknown
|
||
|
https://t.me/
|
unknown
|
||
|
https://t.me/snsb82At
|
unknown
|
||
|
https://37.27.87.155/;
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&
|
unknown
|
||
|
https://37.27.87.155/freebl3.dll
|
37.27.87.155
|
||
|
https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=EyWBqDQS-6
|
unknown
|
||
|
https://help.steampowered.com/en/
|
unknown
|
||
|
https://steamcommunity.com/market/
|
unknown
|
||
|
https://store.steampowered.com/news/
|
unknown
|
||
|
https://37.27.87.155/freebl3.dll(e
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=PyuRtGtUpR0t&l=englis
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
|
unknown
|
||
|
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
|
unknown
|
||
|
https://steamcommunity.com/discussions/
|
unknown
|
||
|
https://steamcommunity.com/O
|
unknown
|
||
|
https://store.steampowered.com/stats/
|
unknown
|
||
|
https://37.27.87.155CAKJE
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&
|
unknown
|
||
|
https://store.steampowered.com/steam_refunds/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
|
unknown
|
||
|
https://steamcommunity.com/workshop/
|
unknown
|
||
|
https://store.steampowered.com/legal/
|
unknown
|
||
|
https://t.me/snsb82
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=engl
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=gNE3gksLVEVa&l=en
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://37.27.87.155/o
|
unknown
|
||
|
https://37.27.87.155/p
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&am
|
unknown
|
||
|
https://37.27.87.155KKKEH
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=engli
|
unknown
|
||
|
https://recaptcha.net
|
unknown
|
||
|
https://37.27.87.155
|
unknown
|
||
|
https://store.steampowered.com/
|
unknown
|
||
|
https://37.27.87.155/mozglue.dll
|
37.27.87.155
|
||
|
https://37.27.87.155FBGIIIEBGDGDAKJKKKEBition:
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199677575543j
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
steamcommunity.com
|
23.7.115.52
|
||
|
ihIVTwGgMFMSkvPLDBTLteOUVB.ihIVTwGgMFMSkvPLDBTLteOUVB
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
37.27.87.155
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
23.7.115.52
|
steamcommunity.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
481B000
|
trusted library allocation
|
page read and write
|
|
|
|
4811000
|
direct allocation
|
page execute and read and write
|
|
|
|
1820000
|
trusted library allocation
|
page read and write
|
|
|
|
1A10000
|
trusted library allocation
|
page read and write
|
|
|
|
17A0000
|
trusted library allocation
|
page read and write
|
|
|
|
1751000
|
heap
|
page read and write
|
|
|
|
16C9000
|
heap
|
page read and write
|
|
|
|
353C000
|
stack
|
page read and write
|
||
|
1C3A000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1AFA000
|
trusted library allocation
|
page read and write
|
||
|
4A2E000
|
stack
|
page read and write
|
||
|
17C8000
|
trusted library allocation
|
page read and write
|
||
|
493A000
|
direct allocation
|
page execute and read and write
|
||
|
10001000
|
direct allocation
|
page execute read
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
1D5B000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
1785000
|
heap
|
page read and write
|
||
|
194D000
|
trusted library allocation
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
4A90000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
CE54000
|
trusted library allocation
|
page read and write
|
||
|
19C3000
|
trusted library allocation
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
32CD000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1020D000
|
direct allocation
|
page execute read
|
||
|
16FC000
|
heap
|
page read and write
|
||
|
7AF000
|
stack
|
page read and write
|
||
|
16F8000
|
heap
|
page read and write
|
||
|
1A10000
|
trusted library allocation
|
page read and write
|
||
|
2070000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page read and write
|
||
|
1AF3000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
1B05000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
direct allocation
|
page execute and read and write
|
||
|
193E000
|
trusted library allocation
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
2020000
|
heap
|
page read and write
|
||
|
1A3C000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
2C33000
|
heap
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
2C34000
|
heap
|
page read and write
|
||
|
736000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
49AE000
|
stack
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
1B82000
|
trusted library allocation
|
page read and write
|
||
|
1B97000
|
trusted library allocation
|
page read and write
|
||
|
17DD000
|
trusted library allocation
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
1B1A000
|
trusted library allocation
|
page read and write
|
||
|
210E000
|
stack
|
page read and write
|
||
|
614000
|
heap
|
page read and write
|
||
|
67BF000
|
trusted library allocation
|
page read and write
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
6864000
|
trusted library allocation
|
page read and write
|
||
|
32B2000
|
heap
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
1AAB000
|
trusted library allocation
|
page read and write
|
||
|
1B83000
|
trusted library allocation
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
1B6B000
|
trusted library allocation
|
page read and write
|
||
|
60A000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
17C1000
|
trusted library allocation
|
page read and write
|
||
|
4846000
|
direct allocation
|
page execute and read and write
|
||
|
1752000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1024D000
|
direct allocation
|
page readonly
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
E70000
|
unkown
|
page readonly
|
||
|
194E000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
18EE000
|
trusted library allocation
|
page read and write
|
||
|
25DF000
|
stack
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
261E000
|
stack
|
page read and write
|
||
|
19C8000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
1752000
|
heap
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
2020000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
17A1000
|
trusted library allocation
|
page read and write
|
||
|
2C3C000
|
heap
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
CEFE000
|
trusted library allocation
|
page read and write
|
||
|
197A000
|
trusted library allocation
|
page read and write
|
||
|
32B2000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
4AC0000
|
heap
|
page read and write
|
||
|
1954000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1943000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1C3B000
|
trusted library allocation
|
page read and write
|
||
|
2C0E000
|
heap
|
page read and write
|
||
|
10218000
|
direct allocation
|
page readonly
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
1821000
|
trusted library allocation
|
page read and write
|
||
|
1499000
|
heap
|
page read and write
|
||
|
2020000
|
trusted library allocation
|
page read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
18C0000
|
trusted library allocation
|
page read and write
|
||
|
1A6F000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
E71000
|
unkown
|
page execute read
|
||
|
324E000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page read and write
|
||
|
1B10000
|
trusted library allocation
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
17E2000
|
trusted library allocation
|
page read and write
|
||
|
34FF000
|
stack
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
1C3B000
|
trusted library allocation
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
F30000
|
unkown
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
14D7000
|
heap
|
page read and write
|
||
|
307C000
|
stack
|
page read and write
|
||
|
1316000
|
stack
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
6AC000
|
stack
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
2C3C000
|
heap
|
page read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
1B15000
|
trusted library allocation
|
page read and write
|
||
|
1B0C000
|
trusted library allocation
|
page read and write
|
||
|
1B96000
|
trusted library allocation
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
15DE000
|
heap
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
2C2C000
|
heap
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
6310000
|
remote allocation
|
page read and write
|
||
|
1D16000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1AC0000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
32BA000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
329E000
|
heap
|
page read and write
|
||
|
1BF6000
|
trusted library allocation
|
page read and write
|
||
|
1024A000
|
direct allocation
|
page readonly
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
496F000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
6EE2000
|
trusted library allocation
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page read and write
|
||
|
1AF7000
|
trusted library allocation
|
page read and write
|
||
|
363D000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
32BD000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
D39E000
|
stack
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1943000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
17A1000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2020000
|
trusted library allocation
|
page read and write
|
||
|
6B8E000
|
stack
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
E71000
|
unkown
|
page execute read
|
||
|
1954000
|
trusted library allocation
|
page read and write
|
||
|
1771000
|
heap
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
62D000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
1964000
|
trusted library allocation
|
page read and write
|
||
|
3136000
|
heap
|
page read and write
|
||
|
50DF000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1C6E000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1798000
|
heap
|
page read and write
|
||
|
1AA0000
|
trusted library allocation
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
1964000
|
trusted library allocation
|
page read and write
|
||
|
1CA7000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
16AF000
|
heap
|
page read and write
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
18F1000
|
trusted library allocation
|
page read and write
|
||
|
17E2000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C60000
|
heap
|
page read and write
|
||
|
16D3000
|
heap
|
page read and write
|
||
|
329E000
|
heap
|
page read and write
|
||
|
B0F000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1A3F000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
1996000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
18F6000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
10000000
|
direct allocation
|
page execute and read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
32CF000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
32BA000
|
heap
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
32CD000
|
heap
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
1963000
|
trusted library allocation
|
page read and write
|
||
|
4A6F000
|
stack
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
17C8000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
10166000
|
direct allocation
|
page execute read
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
18E7000
|
trusted library allocation
|
page read and write
|
||
|
1821000
|
trusted library allocation
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2076000
|
heap
|
page read and write
|
||
|
35C8000
|
heap
|
page read and write
|
||
|
192F000
|
trusted library allocation
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
F30000
|
unkown
|
page write copy
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
2194000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
1CE3000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
1020F000
|
direct allocation
|
page readonly
|
||
|
19C0000
|
trusted library allocation
|
page read and write
|
||
|
282D000
|
heap
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1476000
|
heap
|
page read and write
|
||
|
1599000
|
heap
|
page read and write
|
||
|
3826000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
F26000
|
unkown
|
page readonly
|
||
|
2C2D000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1A0F000
|
trusted library allocation
|
page read and write
|
||
|
1B0A000
|
trusted library allocation
|
page read and write
|
||
|
1D17000
|
trusted library allocation
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
1B83000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
unkown
|
page readonly
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1AD8000
|
trusted library allocation
|
page read and write
|
||
|
17D4000
|
trusted library allocation
|
page read and write
|
||
|
1B19000
|
trusted library allocation
|
page read and write
|
||
|
D79E000
|
stack
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
282E000
|
heap
|
page read and write
|
||
|
1B6A000
|
trusted library allocation
|
page read and write
|
||
|
170B000
|
heap
|
page read and write
|
||
|
2BF8000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
1AD4000
|
trusted library allocation
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
18F9000
|
trusted library allocation
|
page read and write
|
||
|
2C3C000
|
heap
|
page read and write
|
||
|
1953000
|
trusted library allocation
|
page read and write
|
||
|
2828000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
6CDB000
|
trusted library allocation
|
page read and write
|
||
|
1A14000
|
trusted library allocation
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
1854000
|
trusted library allocation
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
63B000
|
heap
|
page read and write
|
||
|
433E000
|
stack
|
page read and write
|
||
|
18A0000
|
trusted library allocation
|
page read and write
|
||
|
6E39000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
17C9000
|
trusted library allocation
|
page read and write
|
||
|
1B11000
|
trusted library allocation
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
1B83000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
4780000
|
trusted library allocation
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
20B0000
|
heap
|
page read and write
|
||
|
32C3000
|
heap
|
page read and write
|
||
|
15B8000
|
heap
|
page read and write
|
||
|
51DF000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
32AD000
|
heap
|
page read and write
|
||
|
1A6F000
|
trusted library allocation
|
page read and write
|
||
|
10008000
|
direct allocation
|
page execute read
|
||
|
2C3C000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
565F000
|
stack
|
page read and write
|
||
|
32CD000
|
heap
|
page read and write
|
||
|
10242000
|
direct allocation
|
page read and write
|
||
|
4A1B000
|
direct allocation
|
page execute and read and write
|
||
|
2060000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
19C7000
|
trusted library allocation
|
page read and write
|
||
|
282A000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
303C000
|
stack
|
page read and write
|
||
|
132D000
|
stack
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
1942000
|
trusted library allocation
|
page read and write
|
||
|
32C4000
|
heap
|
page read and write
|
||
|
6E1B000
|
trusted library allocation
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2C3C000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
1AFD000
|
trusted library allocation
|
page read and write
|
||
|
1EDD000
|
stack
|
page read and write
|
||
|
2826000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
17A1000
|
trusted library allocation
|
page read and write
|
||
|
484A000
|
direct allocation
|
page execute and read and write
|
||
|
1821000
|
trusted library allocation
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
1B19000
|
trusted library allocation
|
page read and write
|
||
|
6902000
|
trusted library allocation
|
page read and write
|
||
|
1F5D000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1821000
|
trusted library allocation
|
page read and write
|
||
|
5E9F000
|
stack
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
1B92000
|
trusted library allocation
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
2C3C000
|
heap
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2B6F000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
4810000
|
direct allocation
|
page read and write
|
||
|
16B7000
|
heap
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
1ACE000
|
trusted library allocation
|
page read and write
|
||
|
1AEF000
|
trusted library allocation
|
page read and write
|
||
|
493D000
|
direct allocation
|
page execute and read and write
|
||
|
3F3E000
|
stack
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
1954000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1C3B000
|
trusted library allocation
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
2829000
|
heap
|
page read and write
|
||
|
3C50000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1B0F000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
1AD0000
|
trusted library allocation
|
page read and write
|
||
|
170C000
|
heap
|
page read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
5EDD000
|
stack
|
page read and write
|
||
|
1F1E000
|
stack
|
page read and write
|
||
|
13A8000
|
heap
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
614000
|
heap
|
page read and write
|
||
|
2823000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
2C1B000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
13C3000
|
heap
|
page read and write
|
||
|
17A1000
|
trusted library allocation
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
2064000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
16DF000
|
heap
|
page read and write
|
||
|
1024F000
|
direct allocation
|
page readonly
|
||
|
131F000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
4E5F000
|
stack
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
62D000
|
heap
|
page read and write
|
||
|
1448000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1D85000
|
trusted library allocation
|
page read and write
|
||
|
4943000
|
direct allocation
|
page execute and read and write
|
||
|
1EA6000
|
trusted library allocation
|
page read and write
|
||
|
17E2000
|
trusted library allocation
|
page read and write
|
||
|
C5A000
|
stack
|
page read and write
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
F39000
|
unkown
|
page readonly
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
19BD000
|
trusted library allocation
|
page read and write
|
||
|
32B2000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
6310000
|
remote allocation
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
32BE000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
2C1C000
|
heap
|
page read and write
|
||
|
19BA000
|
trusted library allocation
|
page read and write
|
||
|
1B97000
|
trusted library allocation
|
page read and write
|
||
|
477D000
|
stack
|
page read and write
|
||
|
1A10000
|
trusted library allocation
|
page read and write
|
||
|
17E2000
|
trusted library allocation
|
page read and write
|
||
|
1327000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1B6B000
|
trusted library allocation
|
page read and write
|
||
|
19EA000
|
trusted library allocation
|
page read and write
|
||
|
6310000
|
remote allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
62DC000
|
stack
|
page read and write
|
||
|
F26000
|
unkown
|
page readonly
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
1A6F000
|
trusted library allocation
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
1B1E000
|
trusted library allocation
|
page read and write
|
||
|
19EB000
|
trusted library allocation
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2E97000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
18A1000
|
trusted library allocation
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
525E000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
4A51000
|
direct allocation
|
page execute and read and write
|
||
|
32C9000
|
heap
|
page read and write
|
||
|
1817000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1AC5000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
1C3B000
|
trusted library allocation
|
page read and write
|
||
|
17A1000
|
trusted library allocation
|
page read and write
|
||
|
1C6D000
|
trusted library allocation
|
page read and write
|
||
|
17E2000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
17A1000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
674F000
|
stack
|
page read and write
|
||
|
134C000
|
stack
|
page read and write
|
||
|
131B000
|
stack
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1312000
|
stack
|
page read and write
|
||
|
1B02000
|
trusted library allocation
|
page read and write
|
||
|
32B2000
|
heap
|
page read and write
|
||
|
F34000
|
unkown
|
page write copy
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
1ADD000
|
trusted library allocation
|
page read and write
|
||
|
6EC000
|
stack
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
32BA000
|
heap
|
page read and write
|
||
|
32C8000
|
heap
|
page read and write
|
||
|
1BD2000
|
trusted library allocation
|
page read and write
|
||
|
515F000
|
stack
|
page read and write
|
||
|
1821000
|
trusted library allocation
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
17E2000
|
trusted library allocation
|
page read and write
|
||
|
6BD4000
|
trusted library allocation
|
page read and write
|
||
|
17DB000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
282B000
|
heap
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
2821000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1429000
|
heap
|
page read and write
|
||
|
6CD4000
|
trusted library allocation
|
page read and write
|
||
|
19A6000
|
trusted library allocation
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
2C0E000
|
heap
|
page read and write
|
||
|
32A2000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
1AE5000
|
trusted library allocation
|
page read and write
|
||
|
181B000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
F39000
|
unkown
|
page readonly
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
437C000
|
stack
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
5F9000
|
heap
|
page read and write
|
||
|
1B06000
|
trusted library allocation
|
page read and write
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
2824000
|
heap
|
page read and write
|
||
|
1AC9000
|
trusted library allocation
|
page read and write
|
||
|
5F9000
|
heap
|
page read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
4981000
|
direct allocation
|
page execute and read and write
|
||
|
1A10000
|
trusted library allocation
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
5A5D000
|
stack
|
page read and write
|
||
|
32BA000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
1900000
|
trusted library allocation
|
page read and write
|
||
|
1323000
|
stack
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
19B1000
|
trusted library allocation
|
page read and write
|
There are 644 hidden memdumps, click here to show them.