Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
FGGx944Qu7.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp1454.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\TBsjWljiCpR.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\FGGx944Qu7.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\TBsjWljiCpR.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\20291vC
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1k4wtsks.qys.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1rfx4p55.jzt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2odq22e3.wb2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uya4cokv.3zx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wftn1kob.rrm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wms5kunf.vwh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ys2tmhij.gni.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zuw0b1st.zey.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp350B.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\TBsjWljiCpR.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\FGGx944Qu7.exe
|
"C:\Users\user\Desktop\FGGx944Qu7.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\FGGx944Qu7.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\TBsjWljiCpR.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\TBsjWljiCpR" /XML "C:\Users\user\AppData\Local\Temp\tmp1454.tmp"
|
|
|
|
C:\Users\user\Desktop\FGGx944Qu7.exe
|
"C:\Users\user\Desktop\FGGx944Qu7.exe"
|
|
|
|
C:\Users\user\Desktop\FGGx944Qu7.exe
|
"C:\Users\user\Desktop\FGGx944Qu7.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\TBsjWljiCpR.exe
|
C:\Users\user\AppData\Roaming\TBsjWljiCpR.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\TBsjWljiCpR" /XML "C:\Users\user\AppData\Local\Temp\tmp350B.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\TBsjWljiCpR.exe
|
"C:\Users\user\AppData\Roaming\TBsjWljiCpR.exe"
|
|
|
|
C:\Program Files (x86)\ATqfrwJeiSEkHpSwLmQcLcKjItaMjYnOwempnyfloVJBHkJly\usFxdnRPYjnb.exe
|
"C:\Program Files (x86)\ATqfrwJeiSEkHpSwLmQcLcKjItaMjYnOwempnyfloVJBHkJly\usFxdnRPYjnb.exe"
|
|
|
|
C:\Windows\SysWOW64\SearchProtocolHost.exe
|
"C:\Windows\SysWOW64\SearchProtocolHost.exe"
|
|
|
|
C:\Program Files (x86)\ATqfrwJeiSEkHpSwLmQcLcKjItaMjYnOwempnyfloVJBHkJly\usFxdnRPYjnb.exe
|
"C:\Program Files (x86)\ATqfrwJeiSEkHpSwLmQcLcKjItaMjYnOwempnyfloVJBHkJly\usFxdnRPYjnb.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://www.oobzxod2xn.cc/q0r6/?uZgP=5pyvScKx6ZbOO2uX774/2f03V4PpvoLdLg/OCd1FMvXsxJY7YeHi6SxOzHnr25kvmJZHa8XXHydHc3e54xwdxF+eQrhYMnjeuarocBe7v18XiUqzaWXVlPw=&a6m=8Rw4HDhPzbgPS
|
172.67.140.176
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://www.drapples.club/q0r6/
|
199.59.243.225
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.drapples.club
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.birthingwitht.com
|
unknown
|
|
|
|
www.drapples.club
|
unknown
|
|
|
|
www.oobzxod2xn.cc
|
172.67.140.176
|
||
|
94950.bodis.com
|
199.59.243.225
|
||
|
td-ccm-neg-87-45.wixdns.net
|
34.149.87.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.140.176
|
www.oobzxod2xn.cc
|
United States
|
||
|
34.149.87.45
|
td-ccm-neg-87-45.wixdns.net
|
United States
|
||
|
199.59.243.225
|
94950.bodis.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
|
Blob
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4760000
|
unkown
|
page execute and read and write
|
|
|
|
3070000
|
trusted library allocation
|
page read and write
|
|
|
|
2A20000
|
system
|
page execute and read and write
|
|
|
|
1510000
|
unclassified section
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3030000
|
trusted library allocation
|
page read and write
|
|
|
|
3810000
|
unclassified section
|
page execute and read and write
|
|
|
|
CEA000
|
stack
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
2FAB000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
329C000
|
unkown
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2E65000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
7A46000
|
heap
|
page read and write
|
||
|
2FD2000
|
trusted library allocation
|
page read and write
|
||
|
4019000
|
trusted library allocation
|
page read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
unkown
|
page readonly
|
||
|
DB5000
|
heap
|
page read and write
|
||
|
282D4360000
|
heap
|
page read and write
|
||
|
1650000
|
unkown
|
page readonly
|
||
|
144EC000
|
system
|
page read and write
|
||
|
FAE000
|
unkown
|
page readonly
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
2D11000
|
heap
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
1871000
|
direct allocation
|
page execute and read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
B662000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
9CD61FF000
|
stack
|
page read and write
|
||
|
5731000
|
system
|
page execute and read and write
|
||
|
11BE000
|
stack
|
page read and write
|
||
|
56E0000
|
trusted library section
|
page read and write
|
||
|
4D96000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
56D0000
|
system
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2CC2000
|
heap
|
page read and write
|
||
|
2D07000
|
heap
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
7A12000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
F90000
|
unkown
|
page read and write
|
||
|
FA1000
|
unkown
|
page execute read
|
||
|
128E000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2D28000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
803E000
|
stack
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
6DA000
|
stack
|
page read and write
|
||
|
FA1000
|
unkown
|
page execute read
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7F7D000
|
stack
|
page read and write
|
||
|
C10000
|
unkown
|
page read and write
|
||
|
2410000
|
unclassified section
|
page execute and read and write
|
||
|
15CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
F90000
|
unkown
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
282D4390000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
282D4340000
|
heap
|
page read and write
|
||
|
6DB0000
|
heap
|
page read and write
|
||
|
E60000
|
unkown
|
page readonly
|
||
|
FAE000
|
unkown
|
page readonly
|
||
|
4920000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
4011000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
unkown
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
333F000
|
trusted library allocation
|
page read and write
|
||
|
FAE000
|
unkown
|
page readonly
|
||
|
2FCD000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
FA1000
|
unkown
|
page execute read
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
155A000
|
trusted library allocation
|
page execute and read and write
|
||
|
139B000
|
heap
|
page read and write
|
||
|
A20000
|
unkown
|
page readonly
|
||
|
3216000
|
heap
|
page read and write
|
||
|
2F66000
|
trusted library allocation
|
page read and write
|
||
|
282D43E0000
|
heap
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
2CC8000
|
heap
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
4B18000
|
trusted library allocation
|
page read and write
|
||
|
40B5000
|
trusted library allocation
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
1090000
|
direct allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1567000
|
trusted library allocation
|
page execute and read and write
|
||
|
1317000
|
heap
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page read and write
|
||
|
2D14000
|
heap
|
page read and write
|
||
|
E80000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page execute and read and write
|
||
|
FAEC000
|
stack
|
page read and write
|
||
|
CB0000
|
unkown
|
page readonly
|
||
|
127E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
DE7000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
12DE000
|
stack
|
page read and write
|
||
|
15EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
510C000
|
stack
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
282D61AD000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
660000
|
unkown
|
page readonly
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
3337000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
68ED000
|
stack
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
55A8000
|
trusted library allocation
|
page read and write
|
||
|
2AEB000
|
heap
|
page read and write
|
||
|
F76E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
282D5F00000
|
trusted library allocation
|
page read and write
|
||
|
286F000
|
stack
|
page read and write
|
||
|
9CD59FD000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
56F0000
|
trusted library section
|
page read and write
|
||
|
2F61000
|
trusted library allocation
|
page read and write
|
||
|
426C000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2CC2000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
163A000
|
heap
|
page read and write
|
||
|
42AC000
|
trusted library allocation
|
page read and write
|
||
|
2E64000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
5741000
|
system
|
page execute and read and write
|
||
|
332B000
|
trusted library allocation
|
page read and write
|
||
|
282D6021000
|
trusted library allocation
|
page read and write
|
||
|
FAE000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2870000
|
unkown
|
page readonly
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
282D42AA000
|
system
|
page execute and read and write
|
||
|
2CB9000
|
heap
|
page read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
282D5C90000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
30E9000
|
heap
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
5550000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
1A0F000
|
stack
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
342E000
|
direct allocation
|
page execute and read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
BF80000
|
heap
|
page read and write
|
||
|
7A39000
|
heap
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
650000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
188D000
|
direct allocation
|
page execute and read and write
|
||
|
2FC1000
|
trusted library allocation
|
page read and write
|
||
|
355D000
|
direct allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1908000
|
direct allocation
|
page execute and read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
308F000
|
stack
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
322C000
|
stack
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
2CBD000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page execute and read and write
|
||
|
2F32000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2D7A000
|
heap
|
page read and write
|
||
|
2F31000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
EA0000
|
unkown
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
16E9000
|
direct allocation
|
page execute and read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
F3AD000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7FBE000
|
stack
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
282D5C90000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A06000
|
heap
|
page read and write
|
||
|
F72E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2D16000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
1096000
|
direct allocation
|
page execute and read and write
|
||
|
1534000
|
trusted library allocation
|
page read and write
|
||
|
2D1B000
|
heap
|
page read and write
|
||
|
2CD8000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
80BE000
|
stack
|
page read and write
|
||
|
16ED000
|
direct allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
33BD000
|
direct allocation
|
page execute and read and write
|
||
|
34DA000
|
trusted library allocation
|
page read and write
|
||
|
2CB7000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
4A8A000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
333B000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
35D2000
|
direct allocation
|
page execute and read and write
|
||
|
1360000
|
unkown
|
page readonly
|
||
|
F3B0000
|
heap
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
282D6003000
|
trusted library allocation
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
2D02000
|
heap
|
page read and write
|
||
|
282D61CE000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
130E000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
27E8000
|
stack
|
page read and write
|
||
|
2D8C000
|
heap
|
page read and write
|
||
|
19E1000
|
unkown
|
page readonly
|
||
|
7042000
|
trusted library allocation
|
page read and write
|
||
|
4A0A000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
66AD000
|
stack
|
page read and write
|
||
|
E2C000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1650000
|
unkown
|
page readonly
|
||
|
282D6101000
|
trusted library allocation
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2D14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
282D61BE000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
12A9000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
FE0000
|
unkown
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
2F5E000
|
trusted library allocation
|
page read and write
|
||
|
9CD69FE000
|
stack
|
page read and write
|
||
|
19E0000
|
unkown
|
page readonly
|
||
|
F4E0000
|
trusted library allocation
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2D31000
|
heap
|
page read and write
|
||
|
2CC9000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
69EE000
|
stack
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
C10000
|
unkown
|
page read and write
|
||
|
BCCE000
|
stack
|
page read and write
|
||
|
55A4000
|
trusted library allocation
|
page read and write
|
||
|
2E85000
|
trusted library allocation
|
page read and write
|
||
|
E6F000
|
stack
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
7A41000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
13C7000
|
heap
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
618B000
|
stack
|
page read and write
|
||
|
2960000
|
unkown
|
page execute and read and write
|
||
|
1886000
|
direct allocation
|
page execute and read and write
|
||
|
4099000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
unkown
|
page read and write
|
||
|
2D43000
|
heap
|
page read and write
|
||
|
15E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
11D5000
|
heap
|
page read and write
|
||
|
2CC2000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
574D000
|
system
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
283F000
|
unkown
|
page read and write
|
||
|
345A000
|
trusted library allocation
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
6DFE000
|
stack
|
page read and write
|
||
|
10D2000
|
direct allocation
|
page execute and read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2D74000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
164F000
|
stack
|
page read and write
|
||
|
2F80000
|
heap
|
page execute and read and write
|
||
|
A810000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
122B000
|
heap
|
page read and write
|
||
|
2CC2000
|
heap
|
page read and write
|
||
|
5A93000
|
heap
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
F2AD000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A3C000
|
heap
|
page read and write
|
||
|
FD0000
|
unkown
|
page readonly
|
||
|
7A10000
|
heap
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
2D16000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
D7A000
|
stack
|
page read and write
|
||
|
15C3000
|
trusted library allocation
|
page read and write
|
||
|
156B000
|
trusted library allocation
|
page execute and read and write
|
||
|
157F000
|
stack
|
page read and write
|
||
|
D35000
|
unkown
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
A82F000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1342000
|
heap
|
page read and write
|
||
|
15DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D41000
|
heap
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB5000
|
unkown
|
page read and write
|
||
|
10E4000
|
unkown
|
page read and write
|
||
|
574F000
|
system
|
page execute and read and write
|
||
|
FC0E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
E70000
|
unkown
|
page readonly
|
||
|
EF1000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1017000
|
direct allocation
|
page execute and read and write
|
||
|
15FA000
|
heap
|
page read and write
|
||
|
2D48000
|
heap
|
page read and write
|
||
|
55A2000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
154F000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
2CB7000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
6B6D000
|
stack
|
page read and write
|
||
|
A817000
|
heap
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
10E1000
|
unkown
|
page read and write
|
||
|
2D4B000
|
heap
|
page read and write
|
||
|
7A1A000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
BBCF000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
F62D000
|
stack
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
82A0000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
2FC6000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
6DAC000
|
stack
|
page read and write
|
||
|
BD0E000
|
stack
|
page read and write
|
||
|
E70000
|
unkown
|
page readonly
|
||
|
3360000
|
unkown
|
page execute and read and write
|
||
|
FD0E000
|
stack
|
page read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
304E000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
CB0000
|
unkown
|
page readonly
|
||
|
BA2000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
282D5E40000
|
heap
|
page read and write
|
||
|
2D2C000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
1250000
|
direct allocation
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
3561000
|
direct allocation
|
page execute and read and write
|
||
|
31A6000
|
trusted library allocation
|
page read and write
|
||
|
282D600F000
|
trusted library allocation
|
page read and write
|
||
|
67AD000
|
stack
|
page read and write
|
||
|
333D000
|
trusted library allocation
|
page read and write
|
||
|
5542000
|
trusted library allocation
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
2E5B000
|
stack
|
page read and write
|
||
|
123C000
|
unkown
|
page read and write
|
||
|
282D4411000
|
heap
|
page read and write
|
||
|
BE0F000
|
stack
|
page read and write
|
||
|
F86E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1133000
|
direct allocation
|
page execute and read and write
|
||
|
2F31000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
35E2000
|
unclassified section
|
page read and write
|
||
|
282D5C90000
|
trusted library allocation
|
page read and write
|
||
|
62F0000
|
heap
|
page read and write
|
||
|
A61000
|
unkown
|
page readonly
|
||
|
2F31000
|
heap
|
page read and write
|
||
|
3124000
|
trusted library allocation
|
page read and write
|
||
|
A814000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page execute and read and write
|
||
|
256A000
|
stack
|
page read and write
|
||
|
2FC2000
|
unkown
|
page read and write
|
||
|
A5CE000
|
stack
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1A10000
|
unclassified section
|
page execute and read and write
|
||
|
7A50000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
E80000
|
unkown
|
page readonly
|
||
|
2CC2000
|
heap
|
page read and write
|
||
|
EF1000
|
unkown
|
page readonly
|
||
|
660000
|
unkown
|
page readonly
|
||
|
175E000
|
direct allocation
|
page execute and read and write
|
||
|
FB7000
|
unkown
|
page readonly
|
||
|
56A0000
|
trusted library section
|
page read and write
|
||
|
A61000
|
unkown
|
page readonly
|
||
|
D2A000
|
stack
|
page read and write
|
||
|
282D440E000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
C8B000
|
unkown
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
282D440A000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
1164000
|
heap
|
page read and write
|
||
|
F9EB000
|
stack
|
page read and write
|
||
|
A10000
|
unkown
|
page readonly
|
||
|
117E000
|
stack
|
page read and write
|
||
|
650000
|
unkown
|
page readonly
|
||
|
7A15000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
282D61C4000
|
trusted library allocation
|
page read and write
|
||
|
329C000
|
unkown
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
3FD000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
FB7000
|
unkown
|
page readonly
|
||
|
38BC000
|
unclassified section
|
page read and write
|
||
|
7A32000
|
heap
|
page read and write
|
||
|
CC0000
|
unkown
|
page readonly
|
||
|
7A45000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
5654000
|
trusted library allocation
|
page read and write
|
||
|
282D43EA000
|
heap
|
page read and write
|
||
|
57A4000
|
system
|
page execute and read and write
|
||
|
628E000
|
stack
|
page read and write
|
||
|
5A70000
|
heap
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
36FC000
|
unclassified section
|
page read and write
|
||
|
282D440A000
|
heap
|
page read and write
|
||
|
518C000
|
stack
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
128A000
|
heap
|
page read and write
|
||
|
F52D000
|
stack
|
page read and write
|
||
|
57EB000
|
trusted library allocation
|
page read and write
|
||
|
5455000
|
trusted library allocation
|
page read and write
|
||
|
4D05000
|
unkown
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
79F0000
|
trusted library allocation
|
page read and write
|
||
|
5A7E000
|
stack
|
page read and write
|
||
|
628E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7DC000
|
stack
|
page read and write
|
||
|
36A2000
|
unclassified section
|
page read and write
|
||
|
A822000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
A10000
|
unkown
|
page readonly
|
||
|
114F000
|
heap
|
page read and write
|
||
|
1139000
|
direct allocation
|
page execute and read and write
|
||
|
BF4E000
|
stack
|
page read and write
|
||
|
7BC000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
145F000
|
stack
|
page read and write
|
||
|
F5F000
|
stack
|
page read and write
|
||
|
12C1000
|
direct allocation
|
page execute and read and write
|
||
|
7A24000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
6DA000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
FA1000
|
unkown
|
page execute read
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
282D600A000
|
trusted library allocation
|
page read and write
|
||
|
58C0000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
153D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
150F000
|
stack
|
page read and write
|
||
|
7DC000
|
stack
|
page read and write
|
||
|
164F000
|
stack
|
page read and write
|
||
|
15C0000
|
direct allocation
|
page execute and read and write
|
||
|
57F0000
|
heap
|
page execute and read and write
|
||
|
2CC8000
|
heap
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
2D28000
|
heap
|
page read and write
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
F7A000
|
stack
|
page read and write
|
||
|
1360000
|
unkown
|
page readonly
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
3082000
|
unkown
|
page read and write
|
||
|
282D4411000
|
heap
|
page read and write
|
||
|
A70E000
|
stack
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
7A2D000
|
heap
|
page read and write
|
||
|
7A0B000
|
heap
|
page read and write
|
||
|
58AC000
|
unkown
|
page read and write
|
||
|
1010000
|
direct allocation
|
page execute and read and write
|
||
|
F56E000
|
stack
|
page read and write
|
||
|
2D1B000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
3DB5000
|
unclassified section
|
page execute and read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
A834000
|
heap
|
page read and write
|
||
|
5A9C000
|
heap
|
page read and write
|
||
|
1173000
|
heap
|
page read and write
|
||
|
15BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2E7B000
|
stack
|
page read and write
|
||
|
5548000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
143F000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library section
|
page read and write
|
||
|
2DF0000
|
unkown
|
page readonly
|
||
|
67B0000
|
heap
|
page read and write
|
||
|
15B4000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2A3A000
|
heap
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
7A3E000
|
heap
|
page read and write
|
||
|
3091000
|
trusted library allocation
|
page read and write
|
||
|
807F000
|
stack
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
55E3000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
FB7000
|
unkown
|
page readonly
|
||
|
2E10000
|
unclassified section
|
page execute and read and write
|
||
|
1036000
|
direct allocation
|
page execute and read and write
|
||
|
142D2000
|
system
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
1533000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CC2000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2D56000
|
heap
|
page read and write
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
2FA4000
|
trusted library allocation
|
page read and write
|
||
|
282D6015000
|
trusted library allocation
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
14212000
|
system
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
5B80000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
A70000
|
unkown
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A18000
|
heap
|
page read and write
|
||
|
15E2000
|
trusted library allocation
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2E7F000
|
trusted library allocation
|
page read and write
|
||
|
3508000
|
trusted library allocation
|
page read and write
|
||
|
1562000
|
trusted library allocation
|
page read and write
|
||
|
12DD000
|
direct allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
FAF0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
3287000
|
heap
|
page read and write
|
||
|
B6A5000
|
trusted library allocation
|
page read and write
|
||
|
33B9000
|
direct allocation
|
page execute and read and write
|
||
|
5730000
|
heap
|
page execute and read and write
|
||
|
154D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CA8000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
4D56000
|
trusted library allocation
|
page read and write
|
||
|
31AA000
|
trusted library allocation
|
page read and write
|
||
|
294F000
|
unkown
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
15B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD0000
|
unkown
|
page read and write
|
||
|
6BD000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
282D42A8000
|
system
|
page execute and read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
42C000
|
remote allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
2D5F000
|
heap
|
page read and write
|
||
|
FB5000
|
unkown
|
page read and write
|
||
|
2D69000
|
heap
|
page read and write
|
||
|
128A000
|
heap
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
7A00000
|
heap
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
3339000
|
trusted library allocation
|
page read and write
|
||
|
10DE000
|
unkown
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
D2A000
|
stack
|
page read and write
|
||
|
A6CF000
|
stack
|
page read and write
|
||
|
15D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
2FFF000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
417000
|
remote allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
80FF000
|
stack
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
59AF000
|
stack
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
7FFF000
|
stack
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page execute and read and write
|
||
|
27AB000
|
stack
|
page read and write
|
||
|
E60000
|
unkown
|
page readonly
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
FB5000
|
unkown
|
page read and write
|
||
|
3290000
|
direct allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
7A3E000
|
heap
|
page read and write
|
||
|
12D6000
|
direct allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
282D42A6000
|
system
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
3D60000
|
unkown
|
page execute and read and write
|
||
|
2D11000
|
heap
|
page read and write
|
||
|
FB7000
|
unkown
|
page readonly
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
326F000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
4091000
|
trusted library allocation
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
2FC2000
|
unkown
|
page read and write
|
||
|
A50000
|
unkown
|
page read and write
|
||
|
48D2000
|
trusted library allocation
|
page read and write
|
||
|
5623000
|
heap
|
page read and write
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
252D000
|
stack
|
page read and write
|
||
|
31F6000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
1543000
|
trusted library allocation
|
page read and write
|
||
|
282D43FB000
|
heap
|
page read and write
|
||
|
624E000
|
stack
|
page read and write
|
||
|
BE4B000
|
stack
|
page read and write
|
||
|
2F6D000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
5546000
|
trusted library allocation
|
page read and write
|
||
|
3341000
|
trusted library allocation
|
page read and write
|
||
|
25FE000
|
unkown
|
page read and write
|
||
|
11E7000
|
heap
|
page read and write
|
||
|
9CD51FB000
|
stack
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
F00000
|
unkown
|
page read and write
|
||
|
5A3E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
FB00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
2D3E000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
5880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
5A6E000
|
stack
|
page read and write
|
||
|
79FB000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
54D2000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
2F4B000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
unkown
|
page readonly
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
A20000
|
unkown
|
page readonly
|
||
|
2F44000
|
trusted library allocation
|
page read and write
|
||
|
6CAC000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
30DC000
|
unkown
|
page read and write
|
||
|
290E000
|
unkown
|
page read and write
|
||
|
6C6F000
|
stack
|
page read and write
|
||
|
2CBD000
|
heap
|
page read and write
|
||
|
1556000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
E2C000
|
stack
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
A80E000
|
stack
|
page read and write
|
||
|
282D6000000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
unkown
|
page readonly
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
282D4280000
|
system
|
page execute and read and write
|
||
|
FB5000
|
unkown
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
2E66000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
5B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
||
|
2B14000
|
heap
|
page read and write
|
There are 882 hidden memdumps, click here to show them.