Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Case_Your company bad driver Vehicle No.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\aut4F39.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut4F78.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut5498.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut54F6.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut5AD0.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut5B1F.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut8973.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut89A3.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hepatoduodenostomy
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\phytographical
|
ASCII text, with very long lines (29744), with no line terminators
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Case_Your company bad driver Vehicle No.exe
|
"C:\Users\user\Desktop\Case_Your company bad driver Vehicle No.exe"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\Desktop\Case_Your company bad driver Vehicle No.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\Case_Your company bad driver Vehicle No.exe"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://account.dyn.com/
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot7166327996:AAGPihVNd1ShcG_CmE24Dqt8T2_CJLtBA7k/sendDocument
|
149.154.167.220
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://api.telegram.org/bot7166327996:AAGPihVNd1ShcG_CmE24Dqt8T2_CJLtBA7k/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.telegram.org
|
149.154.167.220
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
51D0000
|
trusted library section
|
page read and write
|
|
|
|
3710000
|
direct allocation
|
page read and write
|
|
|
|
33A0000
|
direct allocation
|
page read and write
|
|
|
|
32B8000
|
trusted library allocation
|
page read and write
|
|
|
|
2CB1000
|
trusted library allocation
|
page read and write
|
|
|
|
330C000
|
trusted library allocation
|
page read and write
|
|
|
|
3CCD000
|
trusted library allocation
|
page read and write
|
|
|
|
29B0000
|
heap
|
page read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
3C50000
|
direct allocation
|
page read and write
|
|
|
|
2D19000
|
trusted library allocation
|
page read and write
|
|
|
|
328E000
|
trusted library allocation
|
page read and write
|
|
|
|
2D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
32E9000
|
trusted library allocation
|
page read and write
|
|
|
|
32CF000
|
trusted library allocation
|
page read and write
|
|
|
|
2CFF000
|
trusted library allocation
|
page read and write
|
|
|
|
5490000
|
trusted library section
|
page read and write
|
|
|
|
5386000
|
heap
|
page read and write
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
339D000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
63F0000
|
heap
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
1682000
|
heap
|
page read and write
|
||
|
3AF9000
|
direct allocation
|
page read and write
|
||
|
3953000
|
direct allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
34F8000
|
trusted library allocation
|
page read and write
|
||
|
6F2F000
|
heap
|
page read and write
|
||
|
4302DFF000
|
stack
|
page read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
1692000
|
heap
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
1797000
|
heap
|
page read and write
|
||
|
A7F000
|
unkown
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
1D484340000
|
heap
|
page read and write
|
||
|
333F000
|
trusted library allocation
|
page read and write
|
||
|
70AE000
|
stack
|
page read and write
|
||
|
A7F000
|
unkown
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
3416000
|
trusted library allocation
|
page read and write
|
||
|
33DF000
|
trusted library allocation
|
page read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
39D0000
|
direct allocation
|
page read and write
|
||
|
67A2000
|
trusted library allocation
|
page read and write
|
||
|
1D4829A0000
|
heap
|
page read and write
|
||
|
1568000
|
heap
|
page read and write
|
||
|
DF0000
|
trusted library section
|
page read and write
|
||
|
105A000
|
heap
|
page read and write
|
||
|
1D482A85000
|
heap
|
page read and write
|
||
|
16B1000
|
heap
|
page read and write
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
F6F000
|
heap
|
page read and write
|
||
|
A7F000
|
unkown
|
page write copy
|
||
|
171E000
|
heap
|
page read and write
|
||
|
10F8000
|
stack
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
6420000
|
trusted library allocation
|
page execute and read and write
|
||
|
1658000
|
heap
|
page read and write
|
||
|
1692000
|
heap
|
page read and write
|
||
|
5A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
1674000
|
heap
|
page read and write
|
||
|
33CC000
|
trusted library allocation
|
page read and write
|
||
|
171E000
|
stack
|
page read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
5256000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
heap
|
page read and write
|
||
|
3412000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
58D2000
|
trusted library allocation
|
page read and write
|
||
|
7150000
|
heap
|
page read and write
|
||
|
6CCE000
|
stack
|
page read and write
|
||
|
4381000
|
trusted library allocation
|
page read and write
|
||
|
2D2A000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
2D03000
|
trusted library allocation
|
page read and write
|
||
|
15B4000
|
heap
|
page read and write
|
||
|
15EF000
|
heap
|
page read and write
|
||
|
3478000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
32D3000
|
trusted library allocation
|
page read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
2F1E000
|
trusted library allocation
|
page read and write
|
||
|
5A8C000
|
stack
|
page read and write
|
||
|
6D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
38D3000
|
direct allocation
|
page read and write
|
||
|
2FDE000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
A7F000
|
unkown
|
page write copy
|
||
|
A88000
|
unkown
|
page readonly
|
||
|
3303000
|
trusted library allocation
|
page read and write
|
||
|
A75000
|
unkown
|
page readonly
|
||
|
523E000
|
trusted library allocation
|
page read and write
|
||
|
FFC000
|
heap
|
page read and write
|
||
|
433E000
|
trusted library allocation
|
page read and write
|
||
|
1CC0000
|
heap
|
page read and write
|
||
|
15A3000
|
heap
|
page read and write
|
||
|
2F34000
|
trusted library allocation
|
page read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
1046000
|
heap
|
page read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
4CB8000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
4D9000
|
stack
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
3432000
|
trusted library allocation
|
page read and write
|
||
|
33EB000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
347F000
|
trusted library allocation
|
page read and write
|
||
|
344D000
|
trusted library allocation
|
page read and write
|
||
|
3AF9000
|
direct allocation
|
page read and write
|
||
|
A7F000
|
unkown
|
page write copy
|
||
|
F6F000
|
heap
|
page read and write
|
||
|
C78000
|
unkown
|
page readonly
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
1681000
|
heap
|
page read and write
|
||
|
341A000
|
trusted library allocation
|
page read and write
|
||
|
4348000
|
trusted library allocation
|
page read and write
|
||
|
39D0000
|
direct allocation
|
page read and write
|
||
|
3A29000
|
direct allocation
|
page read and write
|
||
|
69BE000
|
unkown
|
page read and write
|
||
|
2FF0000
|
heap
|
page execute and read and write
|
||
|
7A63000
|
direct allocation
|
page read and write
|
||
|
3436000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page read and write
|
||
|
59FE000
|
stack
|
page read and write
|
||
|
A75000
|
unkown
|
page readonly
|
||
|
FB9000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
C65000
|
unkown
|
page readonly
|
||
|
345E000
|
trusted library allocation
|
page read and write
|
||
|
6E8E000
|
stack
|
page read and write
|
||
|
2F16000
|
trusted library allocation
|
page read and write
|
||
|
6ABE000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
615E000
|
stack
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
58BE000
|
stack
|
page read and write
|
||
|
6D4E000
|
unkown
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
F7F000
|
heap
|
page read and write
|
||
|
32D7000
|
trusted library allocation
|
page read and write
|
||
|
3250000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A7D000
|
direct allocation
|
page read and write
|
||
|
BB1000
|
unkown
|
page execute read
|
||
|
3830000
|
direct allocation
|
page read and write
|
||
|
58DE000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
direct allocation
|
page execute and read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
4329000
|
direct allocation
|
page read and write
|
||
|
F00000
|
direct allocation
|
page execute and read and write
|
||
|
1691000
|
heap
|
page read and write
|
||
|
57A000
|
stack
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
1074000
|
heap
|
page read and write
|
||
|
FF9000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
3A50000
|
heap
|
page read and write
|
||
|
33F7000
|
trusted library allocation
|
page read and write
|
||
|
31A8000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
67E0000
|
heap
|
page read and write
|
||
|
33FF000
|
trusted library allocation
|
page read and write
|
||
|
103A000
|
heap
|
page read and write
|
||
|
332B000
|
trusted library allocation
|
page read and write
|
||
|
A88000
|
unkown
|
page readonly
|
||
|
4281000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
58BE000
|
stack
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
2962000
|
trusted library allocation
|
page read and write
|
||
|
43029FF000
|
stack
|
page read and write
|
||
|
67AC000
|
trusted library allocation
|
page read and write
|
||
|
1046000
|
heap
|
page read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
3426000
|
trusted library allocation
|
page read and write
|
||
|
15DF000
|
heap
|
page read and write
|
||
|
38D3000
|
direct allocation
|
page read and write
|
||
|
F72000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
67FE000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
16B1000
|
heap
|
page read and write
|
||
|
15DB000
|
stack
|
page read and write
|
||
|
16BE000
|
heap
|
page read and write
|
||
|
7170000
|
trusted library allocation
|
page execute and read and write
|
||
|
4329000
|
direct allocation
|
page read and write
|
||
|
1018000
|
heap
|
page read and write
|
||
|
33A5000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
5C63000
|
direct allocation
|
page read and write
|
||
|
33D4000
|
trusted library allocation
|
page read and write
|
||
|
1595000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
F62000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
C73000
|
unkown
|
page write copy
|
||
|
3372000
|
trusted library allocation
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
37B0000
|
direct allocation
|
page read and write
|
||
|
120C000
|
heap
|
page read and write
|
||
|
6500000
|
trusted library allocation
|
page execute and read and write
|
||
|
655E000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
6ECE000
|
stack
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
15DF000
|
heap
|
page read and write
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
A4F000
|
unkown
|
page readonly
|
||
|
679E000
|
stack
|
page read and write
|
||
|
43028FE000
|
stack
|
page read and write
|
||
|
BB1000
|
unkown
|
page execute read
|
||
|
16B1000
|
heap
|
page read and write
|
||
|
3094000
|
heap
|
page read and write
|
||
|
3324000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
338D000
|
trusted library allocation
|
page read and write
|
||
|
167C000
|
heap
|
page read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
2EBC000
|
trusted library allocation
|
page read and write
|
||
|
3470000
|
trusted library allocation
|
page read and write
|
||
|
FC1000
|
heap
|
page read and write
|
||
|
3A9E000
|
direct allocation
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
67B7000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
6F0E000
|
stack
|
page read and write
|
||
|
347B000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
122F000
|
heap
|
page read and write
|
||
|
16D3000
|
heap
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
5D0D000
|
stack
|
page read and write
|
||
|
53AE000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1648000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
308D000
|
trusted library allocation
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
159C000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
3A2D000
|
direct allocation
|
page read and write
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
9C1000
|
unkown
|
page execute read
|
||
|
C3F000
|
unkown
|
page readonly
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
2CF2000
|
trusted library allocation
|
page read and write
|
||
|
6417000
|
trusted library allocation
|
page read and write
|
||
|
15EF000
|
stack
|
page read and write
|
||
|
5723000
|
heap
|
page read and write
|
||
|
3407000
|
trusted library allocation
|
page read and write
|
||
|
15D3000
|
heap
|
page read and write
|
||
|
15A3000
|
heap
|
page read and write
|
||
|
3A2D000
|
direct allocation
|
page read and write
|
||
|
3474000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
trusted library allocation
|
page read and write
|
||
|
6410000
|
trusted library allocation
|
page read and write
|
||
|
9C1000
|
unkown
|
page execute read
|
||
|
2CD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1E000
|
stack
|
page read and write
|
||
|
1691000
|
heap
|
page read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
5270000
|
heap
|
page execute and read and write
|
||
|
422000
|
system
|
page execute and read and write
|
||
|
33C8000
|
trusted library allocation
|
page read and write
|
||
|
523B000
|
trusted library allocation
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
172C000
|
heap
|
page read and write
|
||
|
4329000
|
direct allocation
|
page read and write
|
||
|
D95000
|
heap
|
page read and write
|
||
|
5E4E000
|
stack
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
5382000
|
heap
|
page read and write
|
||
|
43025FF000
|
stack
|
page read and write
|
||
|
FAD000
|
stack
|
page read and write
|
||
|
16A2000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
3449000
|
trusted library allocation
|
page read and write
|
||
|
15F2000
|
heap
|
page read and write
|
||
|
A88000
|
unkown
|
page readonly
|
||
|
2D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
33BC000
|
trusted library allocation
|
page read and write
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
6DC0000
|
heap
|
page read and write
|
||
|
3950000
|
direct allocation
|
page read and write
|
||
|
122B000
|
heap
|
page read and write
|
||
|
337D000
|
trusted library allocation
|
page read and write
|
||
|
37B0000
|
direct allocation
|
page read and write
|
||
|
3356000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
3AFD000
|
direct allocation
|
page read and write
|
||
|
629E000
|
stack
|
page read and write
|
||
|
42D5000
|
trusted library allocation
|
page read and write
|
||
|
33A1000
|
trusted library allocation
|
page read and write
|
||
|
3244000
|
trusted library allocation
|
page read and write
|
||
|
64BD000
|
stack
|
page read and write
|
||
|
3E55000
|
direct allocation
|
page read and write
|
||
|
A88000
|
unkown
|
page readonly
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
F7F000
|
heap
|
page read and write
|
||
|
67F0000
|
trusted library allocation
|
page read and write
|
||
|
3883000
|
direct allocation
|
page read and write
|
||
|
1026000
|
heap
|
page read and write
|
||
|
2CD4000
|
trusted library allocation
|
page read and write
|
||
|
33B4000
|
trusted library allocation
|
page read and write
|
||
|
15B3000
|
heap
|
page read and write
|
||
|
3366000
|
trusted library allocation
|
page read and write
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
127F000
|
heap
|
page read and write
|
||
|
C6F000
|
unkown
|
page write copy
|
||
|
348C000
|
trusted library allocation
|
page read and write
|
||
|
2977000
|
trusted library allocation
|
page execute and read and write
|
||
|
D0A000
|
stack
|
page read and write
|
||
|
6D70000
|
heap
|
page read and write
|
||
|
A88000
|
unkown
|
page readonly
|
||
|
2F36000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
537F000
|
stack
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
3950000
|
direct allocation
|
page read and write
|
||
|
2975000
|
trusted library allocation
|
page execute and read and write
|
||
|
601E000
|
stack
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
16BE000
|
heap
|
page read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
639D000
|
stack
|
page read and write
|
||
|
53E3000
|
heap
|
page read and write
|
||
|
4329000
|
direct allocation
|
page read and write
|
||
|
697E000
|
unkown
|
page read and write
|
||
|
58ED000
|
trusted library allocation
|
page read and write
|
||
|
2D07000
|
trusted library allocation
|
page read and write
|
||
|
2ED1000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
63C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
105A000
|
heap
|
page read and write
|
||
|
6510000
|
trusted library allocation
|
page read and write
|
||
|
37B0000
|
direct allocation
|
page read and write
|
||
|
15F2000
|
heap
|
page read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
3281000
|
trusted library allocation
|
page read and write
|
||
|
297B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
15EF000
|
heap
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
752E000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
15C3000
|
heap
|
page read and write
|
||
|
A4F000
|
unkown
|
page readonly
|
||
|
34A1000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
F20000
|
direct allocation
|
page read and write
|
||
|
2B0E000
|
stack
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
1555000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1691000
|
heap
|
page read and write
|
||
|
5242000
|
trusted library allocation
|
page read and write
|
||
|
106A000
|
heap
|
page read and write
|
||
|
3CBD000
|
trusted library allocation
|
page read and write
|
||
|
3337000
|
trusted library allocation
|
page read and write
|
||
|
2E8E000
|
trusted library allocation
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
15FC000
|
stack
|
page read and write
|
||
|
3AFD000
|
direct allocation
|
page read and write
|
||
|
F5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
2CFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
524E000
|
trusted library allocation
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
15D3000
|
heap
|
page read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
625C000
|
stack
|
page read and write
|
||
|
32CD000
|
trusted library allocation
|
page read and write
|
||
|
15F2000
|
heap
|
page read and write
|
||
|
33C4000
|
trusted library allocation
|
page read and write
|
||
|
2987000
|
heap
|
page read and write
|
||
|
56C8000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
3AEE000
|
direct allocation
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
67A8000
|
trusted library allocation
|
page read and write
|
||
|
3A79000
|
direct allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
67F7000
|
trusted library allocation
|
page read and write
|
||
|
34E6000
|
trusted library allocation
|
page read and write
|
||
|
102B000
|
heap
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
103B000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
13DB000
|
stack
|
page read and write
|
||
|
106D000
|
heap
|
page read and write
|
||
|
2972000
|
trusted library allocation
|
page read and write
|
||
|
33EF000
|
trusted library allocation
|
page read and write
|
||
|
33D8000
|
trusted library allocation
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
2D33000
|
trusted library allocation
|
page read and write
|
||
|
5262000
|
trusted library allocation
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
2D05000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
58CB000
|
trusted library allocation
|
page read and write
|
||
|
F53000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
67C0000
|
heap
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
611E000
|
stack
|
page read and write
|
||
|
6B45000
|
heap
|
page read and write
|
||
|
3830000
|
direct allocation
|
page read and write
|
||
|
1D4827E6000
|
heap
|
page read and write
|
||
|
A75000
|
unkown
|
page readonly
|
||
|
9C1000
|
unkown
|
page execute read
|
||
|
15B3000
|
heap
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
6663000
|
direct allocation
|
page read and write
|
||
|
5251000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
trusted library section
|
page read and write
|
||
|
6D0E000
|
stack
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
6FAE000
|
stack
|
page read and write
|
||
|
1D4828C0000
|
heap
|
page read and write
|
||
|
A75000
|
unkown
|
page readonly
|
||
|
F80000
|
heap
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library section
|
page read and write
|
||
|
150F000
|
stack
|
page read and write
|
||
|
3B6E000
|
direct allocation
|
page read and write
|
||
|
1D4827DB000
|
heap
|
page read and write
|
||
|
9C1000
|
unkown
|
page execute read
|
||
|
EBA000
|
stack
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
33AC000
|
trusted library allocation
|
page read and write
|
||
|
3445000
|
trusted library allocation
|
page read and write
|
||
|
343A000
|
trusted library allocation
|
page read and write
|
||
|
33B8000
|
trusted library allocation
|
page read and write
|
||
|
F81000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
3AFD000
|
direct allocation
|
page read and write
|
||
|
33FB000
|
trusted library allocation
|
page read and write
|
||
|
1027000
|
heap
|
page read and write
|
||
|
1D4829C0000
|
heap
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
34F2000
|
trusted library allocation
|
page read and write
|
||
|
93A000
|
stack
|
page read and write
|
||
|
3317000
|
trusted library allocation
|
page read and write
|
||
|
68FE000
|
stack
|
page read and write
|
||
|
9863000
|
direct allocation
|
page read and write
|
||
|
F63000
|
heap
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
4329000
|
direct allocation
|
page read and write
|
||
|
4302EFB000
|
stack
|
page read and write
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
95D000
|
stack
|
page read and write
|
||
|
15F2000
|
heap
|
page read and write
|
||
|
2D0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A9E000
|
direct allocation
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
1681000
|
heap
|
page read and write
|
||
|
3395000
|
trusted library allocation
|
page read and write
|
||
|
68E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
4302BFD000
|
stack
|
page read and write
|
||
|
3399000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
3362000
|
trusted library allocation
|
page read and write
|
||
|
3A29000
|
direct allocation
|
page read and write
|
||
|
16B2000
|
heap
|
page read and write
|
||
|
538C000
|
heap
|
page read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
EEC000
|
stack
|
page read and write
|
||
|
C78000
|
unkown
|
page readonly
|
||
|
F3F000
|
stack
|
page read and write
|
||
|
ECB000
|
stack
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
3953000
|
direct allocation
|
page read and write
|
||
|
525D000
|
trusted library allocation
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
446000
|
system
|
page execute and read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
C65000
|
unkown
|
page readonly
|
||
|
F38000
|
heap
|
page read and write
|
||
|
102E000
|
heap
|
page read and write
|
||
|
5A14000
|
trusted library allocation
|
page read and write
|
||
|
63D0000
|
trusted library allocation
|
page read and write
|
||
|
2B4C000
|
stack
|
page read and write
|
||
|
5E0E000
|
stack
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
159C000
|
heap
|
page read and write
|
||
|
68CE000
|
stack
|
page read and write
|
||
|
3A79000
|
direct allocation
|
page read and write
|
||
|
337A000
|
trusted library allocation
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
3D14000
|
heap
|
page read and write
|
||
|
33B0000
|
trusted library allocation
|
page read and write
|
||
|
4302CFE000
|
stack
|
page read and write
|
||
|
3307000
|
trusted library allocation
|
page read and write
|
||
|
3A2D000
|
direct allocation
|
page read and write
|
||
|
3A9E000
|
direct allocation
|
page read and write
|
||
|
5A10000
|
trusted library allocation
|
page read and write
|
||
|
3A79000
|
direct allocation
|
page read and write
|
||
|
F8E000
|
heap
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
5B8C000
|
stack
|
page read and write
|
||
|
3385000
|
trusted library allocation
|
page read and write
|
||
|
9C1000
|
unkown
|
page execute read
|
||
|
3466000
|
trusted library allocation
|
page read and write
|
||
|
335A000
|
trusted library allocation
|
page read and write
|
||
|
A4F000
|
unkown
|
page readonly
|
||
|
1D482816000
|
heap
|
page read and write
|
||
|
3381000
|
trusted library allocation
|
page read and write
|
||
|
33E3000
|
trusted library allocation
|
page read and write
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
3B6E000
|
direct allocation
|
page read and write
|
||
|
A83000
|
unkown
|
page write copy
|
||
|
6D8E000
|
unkown
|
page read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
11D8000
|
heap
|
page read and write
|
||
|
6F10000
|
heap
|
page read and write
|
||
|
FB3000
|
trusted library allocation
|
page read and write
|
||
|
3490000
|
trusted library allocation
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1026000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
665B000
|
stack
|
page read and write
|
||
|
335E000
|
trusted library allocation
|
page read and write
|
||
|
32AD000
|
trusted library allocation
|
page read and write
|
||
|
A7F000
|
unkown
|
page read and write
|
||
|
32E7000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
3403000
|
trusted library allocation
|
page read and write
|
||
|
1D4827B8000
|
heap
|
page read and write
|
||
|
AFA000
|
stack
|
page read and write
|
||
|
343D000
|
trusted library allocation
|
page read and write
|
||
|
16BE000
|
heap
|
page read and write
|
||
|
1658000
|
heap
|
page read and write
|
||
|
ECB000
|
stack
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
16B1000
|
heap
|
page read and write
|
||
|
F52000
|
heap
|
page read and write
|
||
|
7F820000
|
trusted library allocation
|
page execute and read and write
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
106A000
|
heap
|
page read and write
|
||
|
2F28000
|
trusted library allocation
|
page read and write
|
||
|
A4F000
|
unkown
|
page readonly
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
2ED7000
|
heap
|
page read and write
|
||
|
33DB000
|
trusted library allocation
|
page read and write
|
||
|
43026FF000
|
stack
|
page read and write
|
||
|
333B000
|
trusted library allocation
|
page read and write
|
||
|
3CB1000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
429D000
|
trusted library allocation
|
page read and write
|
||
|
F54000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1074000
|
heap
|
page read and write
|
||
|
6B40000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
4329000
|
direct allocation
|
page read and write
|
||
|
3A54000
|
heap
|
page read and write
|
||
|
2CAF000
|
stack
|
page read and write
|
||
|
346C000
|
trusted library allocation
|
page read and write
|
||
|
E35000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
CF8000
|
stack
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
3D10000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
3A7D000
|
direct allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
693E000
|
stack
|
page read and write
|
||
|
A75000
|
unkown
|
page readonly
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
F70000
|
heap
|
page read and write
|
||
|
15B2000
|
heap
|
page read and write
|
||
|
F62000
|
heap
|
page read and write
|
||
|
2F4F000
|
trusted library allocation
|
page read and write
|
||
|
565C000
|
stack
|
page read and write
|
||
|
2CED000
|
trusted library allocation
|
page execute and read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
39D0000
|
direct allocation
|
page read and write
|
||
|
53FF000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
15B4000
|
heap
|
page read and write
|
||
|
3B6E000
|
direct allocation
|
page read and write
|
||
|
3A29000
|
direct allocation
|
page read and write
|
||
|
1788000
|
heap
|
page read and write
|
||
|
2CDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CB0000
|
trusted library section
|
page read and write
|
||
|
3AEE000
|
direct allocation
|
page read and write
|
||
|
342E000
|
trusted library allocation
|
page read and write
|
||
|
15F2000
|
heap
|
page read and write
|
||
|
341E000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
2CF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
A83000
|
unkown
|
page write copy
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
15F3000
|
heap
|
page read and write
|
||
|
3AF9000
|
direct allocation
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
16CD000
|
heap
|
page read and write
|
||
|
9C1000
|
unkown
|
page execute read
|
||
|
336E000
|
trusted library allocation
|
page read and write
|
||
|
3389000
|
trusted library allocation
|
page read and write
|
||
|
1017000
|
heap
|
page read and write
|
||
|
33E7000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
342A000
|
trusted library allocation
|
page read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
15B4000
|
heap
|
page read and write
|
||
|
336A000
|
trusted library allocation
|
page read and write
|
||
|
16B2000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page execute and read and write
|
||
|
688D000
|
stack
|
page read and write
|
||
|
2D07000
|
trusted library allocation
|
page execute and read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
2F22000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
A88000
|
unkown
|
page readonly
|
||
|
7F130000
|
trusted library allocation
|
page execute and read and write
|
||
|
EEC000
|
stack
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page read and write
|
||
|
7420000
|
heap
|
page read and write
|
||
|
A75000
|
unkown
|
page readonly
|
||
|
2CFD000
|
trusted library allocation
|
page read and write
|
||
|
11FF000
|
heap
|
page read and write
|
||
|
15B2000
|
heap
|
page read and write
|
||
|
38D3000
|
direct allocation
|
page read and write
|
||
|
1594000
|
heap
|
page read and write
|
||
|
334A000
|
trusted library allocation
|
page read and write
|
||
|
5263000
|
direct allocation
|
page read and write
|
||
|
3347000
|
trusted library allocation
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
FBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3391000
|
trusted library allocation
|
page read and write
|
||
|
334E000
|
trusted library allocation
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
1693000
|
heap
|
page read and write
|
||
|
3D78000
|
trusted library allocation
|
page read and write
|
||
|
F53000
|
trusted library allocation
|
page execute and read and write
|
||
|
34EC000
|
trusted library allocation
|
page read and write
|
||
|
23A0000
|
direct allocation
|
page execute and read and write
|
||
|
575C000
|
stack
|
page read and write
|
||
|
3E63000
|
direct allocation
|
page read and write
|
||
|
15F2000
|
heap
|
page read and write
|
||
|
1D482A8E000
|
heap
|
page read and write
|
||
|
16B1000
|
heap
|
page read and write
|
||
|
230E000
|
stack
|
page read and write
|
||
|
1510000
|
direct allocation
|
page execute and read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
2EAF000
|
trusted library allocation
|
page read and write
|
||
|
2D17000
|
trusted library allocation
|
page read and write
|
||
|
15DF000
|
heap
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
A4F000
|
unkown
|
page readonly
|
||
|
F64000
|
heap
|
page read and write
|
||
|
1797000
|
heap
|
page read and write
|
||
|
5A0D000
|
trusted library allocation
|
page read and write
|
||
|
15B2000
|
heap
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
63E0000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
1692000
|
heap
|
page read and write
|
||
|
2D02000
|
trusted library allocation
|
page read and write
|
||
|
332F000
|
trusted library allocation
|
page read and write
|
||
|
3950000
|
direct allocation
|
page read and write
|
||
|
4863000
|
direct allocation
|
page read and write
|
||
|
EAF000
|
stack
|
page read and write
|
||
|
3A7D000
|
direct allocation
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
58E6000
|
trusted library allocation
|
page read and write
|
||
|
1692000
|
heap
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
910000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
8E63000
|
direct allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
13FC000
|
stack
|
page read and write
|
||
|
1692000
|
heap
|
page read and write
|
||
|
3422000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
C3F000
|
unkown
|
page readonly
|
||
|
58C0000
|
trusted library allocation
|
page read and write
|
||
|
8463000
|
direct allocation
|
page read and write
|
||
|
AC63000
|
direct allocation
|
page read and write
|
||
|
2D46000
|
trusted library allocation
|
page read and write
|
||
|
4E4D000
|
stack
|
page read and write
|
||
|
537D000
|
stack
|
page read and write
|
||
|
C6F000
|
unkown
|
page read and write
|
||
|
33F3000
|
trusted library allocation
|
page read and write
|
||
|
15B4000
|
heap
|
page read and write
|
||
|
3883000
|
direct allocation
|
page read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
32FA000
|
trusted library allocation
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
5520000
|
heap
|
page read and write
|
||
|
58E1000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
3AEE000
|
direct allocation
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
1F0D000
|
stack
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
A83000
|
unkown
|
page write copy
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page execute and read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
2966000
|
trusted library allocation
|
page execute and read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
6B3F000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
2CE3000
|
trusted library allocation
|
page read and write
|
||
|
15F2000
|
heap
|
page read and write
|
||
|
F7F000
|
heap
|
page read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
3376000
|
trusted library allocation
|
page read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
3451000
|
trusted library allocation
|
page read and write
|
||
|
A4F000
|
unkown
|
page readonly
|
||
|
43024FA000
|
stack
|
page read and write
|
||
|
A263000
|
direct allocation
|
page read and write
|
||
|
33F4000
|
heap
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
2F26000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
3DA0000
|
direct allocation
|
page read and write
|
||
|
123F000
|
heap
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
340E000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
39F0000
|
direct allocation
|
page read and write
|
||
|
3276000
|
heap
|
page read and write
|
||
|
1B2E000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2F1C000
|
stack
|
page read and write
|
||
|
102B000
|
heap
|
page read and write
|
||
|
1041000
|
heap
|
page read and write
|
||
|
296A000
|
trusted library allocation
|
page execute and read and write
|
||
|
33D0000
|
trusted library allocation
|
page read and write
|
||
|
3830000
|
direct allocation
|
page read and write
|
||
|
1675000
|
heap
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
63D8000
|
trusted library allocation
|
page read and write
|
||
|
EBF000
|
stack
|
page read and write
|
||
|
3DB0000
|
trusted library allocation
|
page read and write
|
||
|
58CE000
|
trusted library allocation
|
page read and write
|
||
|
1D00000
|
heap
|
page read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
3883000
|
direct allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
172E000
|
stack
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
1D482A80000
|
heap
|
page read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
2D37000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
3441000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
7063000
|
direct allocation
|
page read and write
|
||
|
34EE000
|
trusted library allocation
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
4324000
|
trusted library allocation
|
page read and write
|
||
|
3953000
|
direct allocation
|
page read and write
|
||
|
1D4827B0000
|
heap
|
page read and write
|
||
|
340B000
|
trusted library allocation
|
page read and write
|
There are 824 hidden memdumps, click here to show them.