Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Orden de compra 0001-00255454.xlam.xlsx
|
Microsoft Excel 2007+
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\T76434567000[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\negrett.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\T76434567000[1].htm
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\atule
|
ASCII text, with very long lines (29744), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut187.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut1C6.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut3C55.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut3C94.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut761A.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut77DF.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nonhazardousness
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~$imgs.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\~$Orden de compra 0001-00255454.xlam.xls
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\~$Orden de compra 0001-00255454.xlam.xlsx
|
data
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
|
|
|
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
|
"C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE" -Embedding
|
|
|
|
C:\Users\user\AppData\Roaming\negrett.exe
|
C:\Users\user\AppData\Roaming\negrett.exe
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
C:\Users\user\AppData\Roaming\negrett.exe
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
C:\Users\user\AppData\Roaming\negrett.exe
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://baitalasma.com/T76434567000.exe
|
38.242.255.115
|
|
|
|
https://baitalasma.com/T76434567000.exe
|
38.242.255.115
|
|
|
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
https://baitalasma.com/T7643
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/81.181.54.1044
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/81.181.54.104
|
172.67.177.134
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
https://baitalasma.com/T76434567000.exeate
|
unknown
|
||
|
https://baitalasma.com/T76434567000.exe~x
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://scratchdreams.tk
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://scratchdreams.tk/_send_.php?TS
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://baitalasma.com/T76434567000.exej
|
unknown
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
||
|
https://baitalasma.com/T76434567000.exeqqC:
|
unknown
|
||
|
https://baitalasma.com/
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
baitalasma.com
|
38.242.255.115
|
|
|
|
reallyfreegeoip.org
|
172.67.177.134
|
||
|
checkip.dyndns.com
|
158.101.44.242
|
||
|
checkip.dyndns.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
38.242.255.115
|
baitalasma.com
|
United States
|
|
|
|
104.21.67.152
|
unknown
|
United States
|
||
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
||
|
172.67.177.134
|
reallyfreegeoip.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
tu#
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel
|
Enabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
&z#
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
EquationEditorFilesIntl_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
EquationEditorFilesIntl_1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
There are 23 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
system
|
page execute and read and write
|
|
|
|
7D0000
|
direct allocation
|
page read and write
|
|
|
|
665000
|
heap
|
page read and write
|
|
|
|
259A000
|
trusted library allocation
|
page read and write
|
|
|
|
C30000
|
trusted library section
|
page read and write
|
|
|
|
3411000
|
trusted library allocation
|
page read and write
|
|
|
|
560000
|
direct allocation
|
page read and write
|
|
|
|
2462000
|
trusted library allocation
|
page read and write
|
|
|
|
239A000
|
trusted library allocation
|
page read and write
|
|
|
|
820000
|
trusted library section
|
page read and write
|
|
|
|
24C5000
|
trusted library allocation
|
page read and write
|
|
|
|
A32000
|
heap
|
page read and write
|
||
|
2441000
|
trusted library allocation
|
page read and write
|
||
|
246D000
|
trusted library allocation
|
page read and write
|
||
|
5E7000
|
heap
|
page read and write
|
||
|
603000
|
heap
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
EED000
|
direct allocation
|
page read and write
|
||
|
592E000
|
stack
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
61FE000
|
stack
|
page read and write
|
||
|
24ED000
|
trusted library allocation
|
page read and write
|
||
|
12AD000
|
direct allocation
|
page read and write
|
||
|
2367000
|
trusted library allocation
|
page read and write
|
||
|
EEA000
|
direct allocation
|
page read and write
|
||
|
2DC4000
|
direct allocation
|
page read and write
|
||
|
13F2000
|
unkown
|
page readonly
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
7A8F000
|
stack
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
2E30000
|
direct allocation
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
2556000
|
trusted library allocation
|
page read and write
|
||
|
2DC1000
|
direct allocation
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
13CC000
|
unkown
|
page readonly
|
||
|
2C67000
|
direct allocation
|
page read and write
|
||
|
2C64000
|
direct allocation
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
6EF000
|
stack
|
page read and write
|
||
|
1002000
|
heap
|
page read and write
|
||
|
24C1000
|
trusted library allocation
|
page read and write
|
||
|
2ACB000
|
heap
|
page read and write
|
||
|
2596000
|
trusted library allocation
|
page read and write
|
||
|
A6B000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
11D0000
|
direct allocation
|
page read and write
|
||
|
53F000
|
heap
|
page read and write
|
||
|
10C4000
|
unkown
|
page readonly
|
||
|
160000
|
trusted library allocation
|
page read and write
|
||
|
464E000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
2471000
|
trusted library allocation
|
page read and write
|
||
|
BD2000
|
unkown
|
page readonly
|
||
|
270000
|
trusted library allocation
|
page read and write
|
||
|
2DC1000
|
direct allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
2CC0000
|
direct allocation
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
3C6000
|
heap
|
page read and write
|
||
|
13FC000
|
unkown
|
page read and write
|
||
|
2B70000
|
direct allocation
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
2B70000
|
direct allocation
|
page read and write
|
||
|
19A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E30000
|
direct allocation
|
page read and write
|
||
|
5AC000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
73BD000
|
heap
|
page read and write
|
||
|
170000
|
trusted library allocation
|
page read and write
|
||
|
3A1000
|
heap
|
page read and write
|
||
|
382000
|
heap
|
page read and write
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
5C8000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
81A000
|
heap
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
2C64000
|
direct allocation
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
1E2F000
|
stack
|
page read and write
|
||
|
EEA000
|
direct allocation
|
page read and write
|
||
|
7B1E000
|
stack
|
page read and write
|
||
|
2DD0000
|
direct allocation
|
page read and write
|
||
|
3A1000
|
heap
|
page read and write
|
||
|
2428000
|
trusted library allocation
|
page read and write
|
||
|
51F000
|
stack
|
page read and write
|
||
|
2371000
|
trusted library allocation
|
page read and write
|
||
|
4E8D000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A1000
|
heap
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
2C61000
|
direct allocation
|
page read and write
|
||
|
7DE0000
|
heap
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
352F000
|
stack
|
page read and write
|
||
|
390000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F7000
|
trusted library allocation
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
2430000
|
trusted library allocation
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
2373000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
2B70000
|
direct allocation
|
page read and write
|
||
|
C71000
|
heap
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
2356000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
unkown
|
page write copy
|
||
|
235C000
|
trusted library allocation
|
page read and write
|
||
|
358000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
51A000
|
heap
|
page read and write
|
||
|
270000
|
trusted library allocation
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
750000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C61000
|
direct allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
DD4000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
29D2000
|
heap
|
page read and write
|
||
|
361000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page execute and read and write
|
||
|
2479000
|
trusted library allocation
|
page read and write
|
||
|
349F000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
2360000
|
trusted library allocation
|
page read and write
|
||
|
2507000
|
trusted library allocation
|
page read and write
|
||
|
12AA000
|
direct allocation
|
page read and write
|
||
|
2CC0000
|
direct allocation
|
page read and write
|
||
|
2447000
|
trusted library allocation
|
page read and write
|
||
|
B11000
|
unkown
|
page execute read
|
||
|
1FDF000
|
stack
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
2521000
|
trusted library allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
514D000
|
stack
|
page read and write
|
||
|
180000
|
trusted library allocation
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
380000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
498E000
|
stack
|
page read and write
|
||
|
67F000
|
stack
|
page read and write
|
||
|
3379000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
EEA000
|
direct allocation
|
page read and write
|
||
|
7EC0000
|
heap
|
page read and write
|
||
|
1013000
|
heap
|
page read and write
|
||
|
4CD000
|
stack
|
page read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
381000
|
heap
|
page read and write
|
||
|
243B000
|
trusted library allocation
|
page read and write
|
||
|
542D000
|
stack
|
page read and write
|
||
|
5BD000
|
heap
|
page read and write
|
||
|
73A0000
|
heap
|
page read and write
|
||
|
2DC4000
|
direct allocation
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
24CF000
|
stack
|
page read and write
|
||
|
2DC4000
|
direct allocation
|
page read and write
|
||
|
2542000
|
trusted library allocation
|
page read and write
|
||
|
AC4000
|
heap
|
page read and write
|
||
|
6CC000
|
stack
|
page read and write
|
||
|
12AD000
|
direct allocation
|
page read and write
|
||
|
BAC000
|
unkown
|
page readonly
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
361000
|
heap
|
page read and write
|
||
|
6AF000
|
stack
|
page read and write
|
||
|
DB6000
|
heap
|
page read and write
|
||
|
12AA000
|
direct allocation
|
page read and write
|
||
|
82A000
|
heap
|
page read and write
|
||
|
798F000
|
stack
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
180000
|
direct allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
140000
|
trusted library section
|
page read and write
|
||
|
12AD000
|
direct allocation
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
396000
|
trusted library allocation
|
page execute and read and write
|
||
|
2310000
|
trusted library allocation
|
page read and write
|
||
|
739D000
|
stack
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
442D000
|
heap
|
page read and write
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
2417000
|
trusted library allocation
|
page read and write
|
||
|
600E000
|
stack
|
page read and write
|
||
|
550E000
|
stack
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
A21000
|
heap
|
page read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
10E2000
|
heap
|
page read and write
|
||
|
436000
|
heap
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
1404000
|
unkown
|
page readonly
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
11D0000
|
direct allocation
|
page read and write
|
||
|
2DD0000
|
direct allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
4390000
|
heap
|
page read and write
|
||
|
2E30000
|
direct allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
7B20000
|
remote allocation
|
page read and write
|
||
|
2502000
|
heap
|
page read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
38B000
|
heap
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
1012000
|
heap
|
page read and write
|
||
|
2AC4000
|
heap
|
page read and write
|
||
|
AA000
|
stack
|
page read and write
|
||
|
2354000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
10BC000
|
unkown
|
page read and write
|
||
|
4FFE000
|
stack
|
page read and write
|
||
|
43B000
|
system
|
page execute and read and write
|
||
|
2C61000
|
direct allocation
|
page read and write
|
||
|
280000
|
trusted library allocation
|
page read and write
|
||
|
7B60000
|
heap
|
page read and write
|
||
|
12AD000
|
direct allocation
|
page read and write
|
||
|
794C000
|
stack
|
page read and write
|
||
|
FF1000
|
unkown
|
page execute read
|
||
|
2C61000
|
direct allocation
|
page read and write
|
||
|
392F000
|
stack
|
page read and write
|
||
|
25F3000
|
trusted library allocation
|
page read and write
|
||
|
10B2000
|
unkown
|
page readonly
|
||
|
606000
|
heap
|
page read and write
|
||
|
39A000
|
trusted library allocation
|
page execute and read and write
|
||
|
108C000
|
unkown
|
page readonly
|
||
|
5C6E000
|
stack
|
page read and write
|
||
|
7C6F000
|
stack
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
2DD0000
|
direct allocation
|
page read and write
|
||
|
12AA000
|
direct allocation
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
4360000
|
trusted library allocation
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
13CC000
|
unkown
|
page readonly
|
||
|
1A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
2CC0000
|
direct allocation
|
page read and write
|
||
|
2434000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
direct allocation
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
392000
|
trusted library allocation
|
page read and write
|
||
|
608000
|
heap
|
page read and write
|
||
|
2DC1000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
3DF000
|
stack
|
page read and write
|
||
|
90F000
|
heap
|
page read and write
|
||
|
922000
|
heap
|
page read and write
|
||
|
11D0000
|
direct allocation
|
page read and write
|
||
|
865000
|
heap
|
page read and write
|
||
|
2C64000
|
direct allocation
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
2433000
|
trusted library allocation
|
page read and write
|
||
|
233F000
|
stack
|
page read and write
|
||
|
2C64000
|
direct allocation
|
page read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
3D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27A000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
6BF000
|
stack
|
page read and write
|
||
|
DB7000
|
heap
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1EA000
|
stack
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
7D80000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
235000
|
stack
|
page read and write
|
||
|
26C4000
|
heap
|
page read and write
|
||
|
2424000
|
trusted library allocation
|
page read and write
|
||
|
8CA000
|
heap
|
page read and write
|
||
|
17D000
|
trusted library allocation
|
page execute and read and write
|
||
|
57F000
|
heap
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
10C4000
|
heap
|
page read and write
|
||
|
3F7000
|
heap
|
page read and write
|
||
|
390000
|
trusted library allocation
|
page read and write
|
||
|
7EDB000
|
heap
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
1A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
11D0000
|
direct allocation
|
page read and write
|
||
|
7E6000
|
heap
|
page read and write
|
||
|
3A1000
|
heap
|
page read and write
|
||
|
A77000
|
trusted library allocation
|
page read and write
|
||
|
241C000
|
trusted library allocation
|
page read and write
|
||
|
7DC0000
|
heap
|
page read and write
|
||
|
2C67000
|
direct allocation
|
page read and write
|
||
|
2C67000
|
direct allocation
|
page read and write
|
||
|
557000
|
heap
|
page read and write
|
||
|
A32000
|
heap
|
page read and write
|
||
|
2634000
|
heap
|
page read and write
|
||
|
10C4000
|
unkown
|
page readonly
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
2436000
|
trusted library allocation
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
A6B000
|
heap
|
page read and write
|
||
|
A94000
|
heap
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
2592000
|
trusted library allocation
|
page read and write
|
||
|
2352000
|
trusted library allocation
|
page read and write
|
||
|
C82000
|
heap
|
page read and write
|
||
|
81B000
|
heap
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
EAB000
|
heap
|
page read and write
|
||
|
EED000
|
direct allocation
|
page read and write
|
||
|
2528000
|
trusted library allocation
|
page read and write
|
||
|
3A2000
|
trusted library allocation
|
page read and write
|
||
|
5A97000
|
heap
|
page read and write
|
||
|
18A000
|
stack
|
page read and write
|
||
|
235E000
|
trusted library allocation
|
page read and write
|
||
|
251B000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
38B000
|
heap
|
page read and write
|
||
|
2B70000
|
direct allocation
|
page read and write
|
||
|
10BC000
|
unkown
|
page write copy
|
||
|
C61000
|
heap
|
page read and write
|
||
|
436F000
|
trusted library allocation
|
page read and write
|
||
|
241F000
|
trusted library allocation
|
page read and write
|
||
|
383000
|
heap
|
page read and write
|
||
|
AB2000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
260000
|
trusted library allocation
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
243D000
|
trusted library allocation
|
page read and write
|
||
|
2504000
|
trusted library allocation
|
page read and write
|
||
|
381000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
274000
|
trusted library allocation
|
page read and write
|
||
|
273000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
760C000
|
stack
|
page read and write
|
||
|
5C4000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
1013000
|
heap
|
page read and write
|
||
|
361000
|
heap
|
page read and write
|
||
|
2C67000
|
direct allocation
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write | page guard
|
||
|
378000
|
stack
|
page read and write
|
||
|
260A000
|
trusted library allocation
|
page read and write
|
||
|
BDC000
|
unkown
|
page read and write
|
||
|
2DC7000
|
direct allocation
|
page read and write
|
||
|
5872000
|
heap
|
page read and write
|
||
|
2532000
|
trusted library allocation
|
page read and write
|
||
|
242C000
|
trusted library allocation
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
direct allocation
|
page read and write
|
||
|
B0A000
|
heap
|
page read and write
|
||
|
7DE1000
|
heap
|
page read and write
|
||
|
E0B000
|
heap
|
page read and write
|
||
|
BDC000
|
unkown
|
page write copy
|
||
|
BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C0000
|
unkown
|
page write copy
|
||
|
361000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
A21000
|
heap
|
page read and write
|
||
|
E0B000
|
heap
|
page read and write
|
||
|
2DC4000
|
direct allocation
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
24FB000
|
trusted library allocation
|
page read and write
|
||
|
244E000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
direct allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page execute and read and write
|
||
|
A5C000
|
heap
|
page read and write
|
||
|
5A3E000
|
stack
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
27000
|
heap
|
page read and write
|
||
|
7ACF000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
69C000
|
stack
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
41F000
|
system
|
page execute and read and write
|
||
|
C2E000
|
stack
|
page read and write
|
||
|
13F2000
|
unkown
|
page readonly
|
||
|
10000
|
heap
|
page read and write
|
||
|
82B000
|
heap
|
page read and write
|
||
|
2C64000
|
direct allocation
|
page read and write
|
||
|
7550000
|
heap
|
page read and write
|
||
|
3AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C61000
|
direct allocation
|
page read and write
|
||
|
EEA000
|
direct allocation
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
24EA000
|
trusted library allocation
|
page read and write
|
||
|
2546000
|
trusted library allocation
|
page read and write
|
||
|
1E70000
|
heap
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
2DC4000
|
direct allocation
|
page read and write
|
||
|
13FC000
|
unkown
|
page write copy
|
||
|
2422000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
5D1E000
|
stack
|
page read and write
|
||
|
5B3B000
|
heap
|
page read and write
|
||
|
7D7000
|
heap
|
page read and write
|
||
|
4FF000
|
stack
|
page read and write
|
||
|
2DD0000
|
direct allocation
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
E0C000
|
heap
|
page read and write
|
||
|
EEA000
|
direct allocation
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
2B70000
|
direct allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
573E000
|
stack
|
page read and write | page guard
|
||
|
7610000
|
heap
|
page read and write
|
||
|
50C000
|
stack
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
C81000
|
heap
|
page read and write
|
||
|
A5C000
|
heap
|
page read and write
|
||
|
2464000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
422000
|
system
|
page execute and read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page execute and read and write
|
||
|
2DC1000
|
direct allocation
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
2AC8000
|
heap
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
FF1000
|
unkown
|
page execute read
|
||
|
3C8000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
2DC7000
|
direct allocation
|
page read and write
|
||
|
820000
|
direct allocation
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
BD2000
|
unkown
|
page readonly
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
2C64000
|
direct allocation
|
page read and write
|
||
|
EED000
|
direct allocation
|
page read and write
|
||
|
287000
|
trusted library allocation
|
page read and write
|
||
|
3341000
|
trusted library allocation
|
page read and write
|
||
|
12AD000
|
direct allocation
|
page read and write
|
||
|
2E30000
|
direct allocation
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
3E9E000
|
direct allocation
|
page read and write
|
||
|
5A58000
|
heap
|
page read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
174000
|
trusted library allocation
|
page read and write
|
||
|
1DE5000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
4510000
|
heap
|
page read and write
|
||
|
EED000
|
direct allocation
|
page read and write
|
||
|
387000
|
stack
|
page read and write
|
||
|
B11000
|
unkown
|
page execute read
|
||
|
2DC7000
|
direct allocation
|
page read and write
|
||
|
573000
|
heap
|
page read and write
|
||
|
2DC1000
|
direct allocation
|
page read and write
|
||
|
11E000
|
heap
|
page read and write
|
||
|
401E000
|
stack
|
page read and write
|
||
|
237E000
|
trusted library allocation
|
page read and write
|
||
|
583E000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2341000
|
trusted library allocation
|
page read and write
|
||
|
5C4000
|
heap
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
504E000
|
stack
|
page read and write
|
||
|
4AC0000
|
heap
|
page execute and read and write
|
||
|
2398000
|
trusted library allocation
|
page read and write
|
||
|
5A79000
|
heap
|
page read and write
|
||
|
196000
|
trusted library allocation
|
page execute and read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
173000
|
trusted library allocation
|
page execute and read and write
|
||
|
34F000
|
heap
|
page read and write
|
||
|
2613000
|
trusted library allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
3C8000
|
heap
|
page read and write
|
||
|
2C61000
|
direct allocation
|
page read and write
|
||
|
A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
253E000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
25D6000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
55E2000
|
heap
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
242A000
|
trusted library allocation
|
page read and write
|
||
|
2504000
|
trusted library allocation
|
page read and write
|
||
|
567F000
|
stack
|
page read and write
|
||
|
11D0000
|
direct allocation
|
page read and write
|
||
|
11C000
|
heap
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
190000
|
direct allocation
|
page execute and read and write
|
||
|
10B2000
|
unkown
|
page readonly
|
||
|
3E0000
|
trusted library allocation
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
2E30000
|
direct allocation
|
page read and write
|
||
|
7ECD000
|
heap
|
page read and write
|
||
|
2DD0000
|
direct allocation
|
page read and write
|
||
|
236B000
|
trusted library allocation
|
page read and write
|
||
|
6210000
|
heap
|
page read and write
|
||
|
237B000
|
trusted library allocation
|
page read and write
|
||
|
1404000
|
unkown
|
page readonly
|
||
|
349E000
|
direct allocation
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
2DD0000
|
direct allocation
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
1AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
230000
|
trusted library section
|
page read and write
|
||
|
244B000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
38B000
|
heap
|
page read and write
|
||
|
2526000
|
trusted library allocation
|
page read and write
|
||
|
573F000
|
stack
|
page read and write
|
||
|
EED000
|
direct allocation
|
page read and write
|
||
|
1E1B000
|
heap
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
260000
|
trusted library allocation
|
page read and write
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
2443000
|
trusted library allocation
|
page read and write
|
||
|
E56000
|
heap
|
page read and write
|
||
|
38B000
|
heap
|
page read and write
|
||
|
2DC7000
|
direct allocation
|
page read and write
|
||
|
4518000
|
heap
|
page read and write
|
||
|
C71000
|
heap
|
page read and write
|
||
|
27D000
|
trusted library allocation
|
page execute and read and write
|
||
|
35C000
|
heap
|
page read and write
|
||
|
4410000
|
heap
|
page read and write
|
||
|
12AA000
|
direct allocation
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
2CC0000
|
direct allocation
|
page read and write
|
||
|
236D000
|
trusted library allocation
|
page read and write
|
||
|
33AF000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
direct allocation
|
page read and write
|
||
|
2475000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
33E000
|
heap
|
page read and write
|
||
|
28D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D6F000
|
stack
|
page read and write
|
||
|
1DE0000
|
heap
|
page read and write
|
||
|
2426000
|
trusted library allocation
|
page read and write
|
||
|
1FC0000
|
heap
|
page read and write
|
||
|
BE4000
|
unkown
|
page readonly
|
||
|
235A000
|
trusted library allocation
|
page read and write
|
||
|
C82000
|
heap
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
2411000
|
trusted library allocation
|
page read and write
|
||
|
60F000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
2458000
|
trusted library allocation
|
page read and write
|
||
|
2424000
|
trusted library allocation
|
page read and write
|
||
|
114000
|
heap
|
page read and write
|
||
|
24F2000
|
trusted library allocation
|
page read and write
|
||
|
C61000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
BE4000
|
unkown
|
page readonly
|
||
|
1331000
|
unkown
|
page execute read
|
||
|
33CF000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
43C000
|
system
|
page execute and read and write
|
||
|
426000
|
system
|
page execute and read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
386000
|
heap
|
page read and write
|
||
|
23B000
|
stack
|
page read and write
|
||
|
2E30000
|
direct allocation
|
page read and write
|
||
|
242E000
|
trusted library allocation
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
2392000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
direct allocation
|
page read and write
|
||
|
3D6F000
|
stack
|
page read and write
|
||
|
110000
|
direct allocation
|
page execute and read and write
|
||
|
60D000
|
stack
|
page read and write
|
||
|
784E000
|
stack
|
page read and write
|
||
|
1002000
|
heap
|
page read and write
|
||
|
3A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2390000
|
trusted library allocation
|
page read and write
|
||
|
3C8000
|
heap
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
E10000
|
direct allocation
|
page read and write
|
||
|
A5C000
|
heap
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
867000
|
heap
|
page read and write
|
||
|
6BF000
|
stack
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
2DC7000
|
direct allocation
|
page read and write
|
||
|
24F5000
|
trusted library allocation
|
page read and write
|
||
|
EED000
|
direct allocation
|
page read and write
|
||
|
C82000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
1A2000
|
trusted library allocation
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
5A40000
|
heap
|
page read and write
|
||
|
A4C000
|
heap
|
page read and write
|
||
|
29B4000
|
heap
|
page read and write
|
||
|
18D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
heap
|
page read and write
|
||
|
7B20000
|
remote allocation
|
page read and write
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
6DF000
|
stack
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page execute and read and write
|
||
|
2DC4000
|
direct allocation
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
24E4000
|
heap
|
page read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
550000
|
direct allocation
|
page execute and read and write
|
||
|
C82000
|
heap
|
page read and write
|
||
|
3C8000
|
heap
|
page read and write
|
||
|
11D0000
|
direct allocation
|
page read and write
|
||
|
2377000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
direct allocation
|
page read and write
|
||
|
68F000
|
stack
|
page read and write
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
3C6000
|
heap
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
5F1F000
|
stack
|
page read and write
|
||
|
436C000
|
trusted library allocation
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
52F000
|
stack
|
page read and write
|
||
|
2DC7000
|
direct allocation
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
307000
|
heap
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
514E000
|
stack
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
2534000
|
trusted library allocation
|
page read and write
|
||
|
2611000
|
trusted library allocation
|
page read and write
|
||
|
4ABF000
|
stack
|
page read and write
|
||
|
253F000
|
trusted library allocation
|
page read and write
|
||
|
C71000
|
heap
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
E2F000
|
stack
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
3C6000
|
heap
|
page read and write
|
||
|
34A000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
517000
|
heap
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
2365000
|
trusted library allocation
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2435000
|
trusted library allocation
|
page read and write
|
||
|
57F000
|
heap
|
page read and write
|
||
|
884000
|
heap
|
page read and write
|
||
|
89000
|
stack
|
page read and write
|
||
|
4A8F000
|
stack
|
page read and write
|
||
|
50E000
|
stack
|
page read and write
|
||
|
2DC1000
|
direct allocation
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
24B6000
|
heap
|
page read and write
|
||
|
BAC000
|
unkown
|
page readonly
|
||
|
3A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
816000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page execute and read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
108C000
|
unkown
|
page readonly
|
||
|
C71000
|
heap
|
page read and write
|
||
|
2C67000
|
direct allocation
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
73DF000
|
heap
|
page read and write
|
||
|
609E000
|
stack
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
25EC000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
unkown
|
page write copy
|
||
|
61D000
|
heap
|
page read and write
|
||
|
26E2000
|
heap
|
page read and write
|
||
|
E10000
|
direct allocation
|
page read and write
|
||
|
2C67000
|
direct allocation
|
page read and write
|
||
|
2358000
|
trusted library allocation
|
page read and write
|
||
|
5AC000
|
heap
|
page read and write
|
||
|
1012000
|
heap
|
page read and write
|
||
|
2484000
|
trusted library allocation
|
page read and write
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
2A91000
|
direct allocation
|
page read and write
|
||
|
254A000
|
trusted library allocation
|
page read and write
|
||
|
EEA000
|
direct allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
534000
|
heap
|
page read and write
|
||
|
23CD000
|
stack
|
page read and write
|
||
|
192000
|
trusted library allocation
|
page read and write
|
||
|
13A000
|
stack
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
73CF000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
2363000
|
trusted library allocation
|
page read and write
|
||
|
497E000
|
stack
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
3C1D000
|
stack
|
page read and write
|
||
|
2539000
|
trusted library allocation
|
page read and write
|
||
|
3C8000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
234C000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
direct allocation
|
page read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
82A000
|
heap
|
page read and write
|
||
|
2B70000
|
direct allocation
|
page read and write
|
||
|
573000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
2604000
|
trusted library allocation
|
page read and write
|
||
|
1F7F000
|
stack
|
page read and write
|
||
|
6AF000
|
stack
|
page read and write
|
||
|
E0D000
|
stack
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
2417000
|
trusted library allocation
|
page read and write
|
||
|
2347000
|
trusted library allocation
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
61AF000
|
stack
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
1FD0000
|
direct allocation
|
page read and write
|
||
|
12AA000
|
direct allocation
|
page read and write
|
||
|
2437000
|
trusted library allocation
|
page read and write
|
||
|
4EF000
|
stack
|
page read and write
|
||
|
2A9E000
|
direct allocation
|
page read and write
|
||
|
381000
|
heap
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
241C000
|
trusted library allocation
|
page read and write
|
||
|
3C6000
|
heap
|
page read and write
|
||
|
1331000
|
unkown
|
page execute read
|
||
|
2542000
|
trusted library allocation
|
page read and write
|
||
|
73E4000
|
heap
|
page read and write
|
||
|
3545000
|
heap
|
page read and write
|
There are 751 hidden memdumps, click here to show them.