Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQ-101432620247fl#U00e2#U00aexslx.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp9347.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\ywKDUBCUA.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RFQ-101432620247fl#U00e2#U00aexslx.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ywKDUBCUA.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2zrixhwo.o0a.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_53jam2fg.fk2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5d3wf5yg.gfv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cwdgkiem.2ke.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_d2ffljvw.hrm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rtht3cui.0l0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vr4bb4ry.n0g.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ze1cemh5.psb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpA374.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\ywKDUBCUA.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RFQ-101432620247fl#U00e2#U00aexslx.exe
|
"C:\Users\user\Desktop\RFQ-101432620247fl#U00e2#U00aexslx.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\RFQ-101432620247fl#U00e2#U00aexslx.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\ywKDUBCUA.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ywKDUBCUA" /XML "C:\Users\user\AppData\Local\Temp\tmp9347.tmp"
|
|
|
|
C:\Users\user\Desktop\RFQ-101432620247fl#U00e2#U00aexslx.exe
|
"C:\Users\user\Desktop\RFQ-101432620247fl#U00e2#U00aexslx.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\ywKDUBCUA.exe
|
C:\Users\user\AppData\Roaming\ywKDUBCUA.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ywKDUBCUA" /XML "C:\Users\user\AppData\Local\Temp\tmpA374.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\ywKDUBCUA.exe
|
"C:\Users\user\AppData\Roaming\ywKDUBCUA.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\ywKDUBCUA.exe
|
"C:\Users\user\AppData\Roaming\ywKDUBCUA.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\ywKDUBCUA.exe
|
"C:\Users\user\AppData\Roaming\ywKDUBCUA.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.telegram.org/bot7156462915:AAE3EIUy20eRSFdNZcqhQa0y1tAvt8IT_oY/sendDocument
|
149.154.167.220
|
|
|
|
https://api.telegram.org
|
unknown
|
|
|
|
https://api.telegram.org/bot7156462915:AAE3EIUy20eRSFdNZcqhQa0y1tAvt8IT_oY/
|
unknown
|
|
|
|
https://account.dyn.com/
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.telegram.org
|
149.154.167.220
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-101432620247fl#U00e2#U00aexslx_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ywKDUBCUA_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
43B1000
|
trusted library allocation
|
page read and write
|
|
|
|
3211000
|
trusted library allocation
|
page read and write
|
|
|
|
3BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
3262000
|
trusted library allocation
|
page read and write
|
|
|
|
2D1D000
|
trusted library allocation
|
page read and write
|
|
|
|
2D02000
|
trusted library allocation
|
page read and write
|
|
|
|
2CB1000
|
trusted library allocation
|
page read and write
|
|
|
|
327D000
|
trusted library allocation
|
page read and write
|
|
|
|
44C2000
|
trusted library allocation
|
page read and write
|
|
|
|
436000
|
remote allocation
|
page execute and read and write
|
|
|
|
12F9000
|
stack
|
page read and write
|
||
|
81B9000
|
heap
|
page read and write
|
||
|
27BF000
|
stack
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
3135000
|
trusted library allocation
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
313F000
|
unkown
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
1121000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
624F000
|
stack
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
B2AE000
|
stack
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
5C4F000
|
stack
|
page read and write
|
||
|
7F6E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
6807000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
6840000
|
heap
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
55A1000
|
trusted library allocation
|
page read and write
|
||
|
B3ED000
|
stack
|
page read and write
|
||
|
3183000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
BA6000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
5850000
|
heap
|
page execute and read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
5E97000
|
trusted library allocation
|
page read and write
|
||
|
6250000
|
heap
|
page read and write
|
||
|
6A00000
|
heap
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
5573000
|
heap
|
page read and write
|
||
|
A56E000
|
stack
|
page read and write
|
||
|
B26E000
|
stack
|
page read and write
|
||
|
66B0000
|
heap
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
60E0000
|
heap
|
page read and write
|
||
|
66A6000
|
trusted library allocation
|
page read and write
|
||
|
2C8C000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
heap
|
page read and write
|
||
|
150A000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
65E0000
|
trusted library allocation
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
166D000
|
trusted library allocation
|
page execute and read and write
|
||
|
71C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
998C000
|
trusted library allocation
|
page read and write
|
||
|
8190000
|
heap
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
BC3000
|
heap
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
trusted library section
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
66D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
30BB000
|
trusted library allocation
|
page read and write
|
||
|
179C000
|
stack
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page execute and read and write
|
||
|
503C000
|
stack
|
page read and write
|
||
|
73A0000
|
heap
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page execute and read and write
|
||
|
5997000
|
trusted library allocation
|
page read and write
|
||
|
7389000
|
heap
|
page read and write
|
||
|
142A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2826000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
161A000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
5EC8000
|
trusted library allocation
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
73DF000
|
stack
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
A430000
|
heap
|
page read and write
|
||
|
62A7000
|
heap
|
page read and write
|
||
|
6930000
|
heap
|
page read and write
|
||
|
6917000
|
heap
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
315D000
|
trusted library allocation
|
page read and write
|
||
|
1710000
|
heap
|
page execute and read and write
|
||
|
5ACD000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
6810000
|
trusted library allocation
|
page execute and read and write
|
||
|
5934000
|
heap
|
page read and write
|
||
|
17B4000
|
trusted library allocation
|
page read and write
|
||
|
88F0000
|
trusted library section
|
page read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
remote allocation
|
page execute and read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
4239000
|
trusted library allocation
|
page read and write
|
||
|
A0AE000
|
stack
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
15C6000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page read and write
|
||
|
169B000
|
trusted library allocation
|
page execute and read and write
|
||
|
C0D000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
BD1C000
|
stack
|
page read and write
|
||
|
1126000
|
trusted library allocation
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
68E1000
|
heap
|
page read and write
|
||
|
5AC0000
|
trusted library allocation
|
page read and write
|
||
|
5D50000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
BD5E000
|
stack
|
page read and write
|
||
|
587B000
|
stack
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
105A000
|
stack
|
page read and write
|
||
|
66C0000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
143B000
|
trusted library allocation
|
page execute and read and write
|
||
|
110E000
|
trusted library allocation
|
page read and write
|
||
|
140D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FD0000
|
heap
|
page read and write
|
||
|
6D6E000
|
stack
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
5365000
|
trusted library allocation
|
page read and write
|
||
|
A32D000
|
stack
|
page read and write
|
||
|
1437000
|
trusted library allocation
|
page execute and read and write
|
||
|
F1C000
|
stack
|
page read and write
|
||
|
6272000
|
heap
|
page read and write
|
||
|
AB5D000
|
stack
|
page read and write
|
||
|
5EA000
|
stack
|
page read and write
|
||
|
18A0000
|
heap
|
page read and write
|
||
|
6BB0000
|
trusted library allocation
|
page read and write
|
||
|
B72E000
|
stack
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
A6AD000
|
stack
|
page read and write
|
||
|
77CE000
|
stack
|
page read and write
|
||
|
604F000
|
stack
|
page read and write
|
||
|
44D2000
|
trusted library allocation
|
page read and write
|
||
|
E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DAD000
|
stack
|
page read and write
|
||
|
8392000
|
trusted library allocation
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
6BBF000
|
stack
|
page read and write
|
||
|
1697000
|
trusted library allocation
|
page execute and read and write
|
||
|
F3A000
|
stack
|
page read and write
|
||
|
43A000
|
remote allocation
|
page execute and read and write
|
||
|
4E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3868000
|
trusted library allocation
|
page read and write
|
||
|
62AB000
|
heap
|
page read and write
|
||
|
38B7000
|
trusted library allocation
|
page read and write
|
||
|
112D000
|
trusted library allocation
|
page read and write
|
||
|
B9AE000
|
stack
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
14EC000
|
stack
|
page read and write
|
||
|
1404000
|
trusted library allocation
|
page read and write
|
||
|
671D000
|
stack
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page execute and read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
328D000
|
trusted library allocation
|
page read and write
|
||
|
3A3E000
|
trusted library allocation
|
page read and write
|
||
|
1403000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
17B6000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
BF3000
|
heap
|
page read and write
|
||
|
42B000
|
remote allocation
|
page execute and read and write
|
||
|
280B000
|
trusted library allocation
|
page read and write
|
||
|
110B000
|
trusted library allocation
|
page read and write
|
||
|
6AC0000
|
trusted library allocation
|
page read and write
|
||
|
B4F0000
|
heap
|
page read and write
|
||
|
E56000
|
trusted library allocation
|
page execute and read and write
|
||
|
1157000
|
stack
|
page read and write
|
||
|
5D7F000
|
stack
|
page read and write
|
||
|
2EFE000
|
unkown
|
page read and write
|
||
|
5AB0000
|
trusted library allocation
|
page read and write
|
||
|
5880000
|
trusted library section
|
page readonly
|
||
|
6DFE000
|
stack
|
page read and write
|
||
|
559E000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
1503000
|
heap
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
554000
|
unkown
|
page readonly
|
||
|
2A60000
|
heap
|
page execute and read and write
|
||
|
B4ED000
|
stack
|
page read and write
|
||
|
4279000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
4D45000
|
trusted library allocation
|
page read and write
|
||
|
558B000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
remote allocation
|
page execute and read and write
|
||
|
BA3000
|
heap
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
trusted library allocation
|
page read and write
|
||
|
67BE000
|
stack
|
page read and write
|
||
|
3861000
|
trusted library allocation
|
page read and write
|
||
|
E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
28CA000
|
trusted library allocation
|
page read and write
|
||
|
313E000
|
trusted library allocation
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
6BC0000
|
trusted library section
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
65D0000
|
trusted library allocation
|
page read and write
|
||
|
B3AE000
|
stack
|
page read and write
|
||
|
424E000
|
trusted library allocation
|
page read and write
|
||
|
C82000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
4CD2000
|
trusted library allocation
|
page read and write
|
||
|
329E000
|
trusted library allocation
|
page read and write
|
||
|
6850000
|
trusted library allocation
|
page execute and read and write
|
||
|
1663000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B7C000
|
stack
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
6F40000
|
trusted library allocation
|
page read and write
|
||
|
5EC0000
|
trusted library allocation
|
page read and write
|
||
|
E62000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
unkown
|
page readonly
|
||
|
B86E000
|
stack
|
page read and write
|
||
|
693E000
|
heap
|
page read and write
|
||
|
C95000
|
trusted library allocation
|
page execute and read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
1146000
|
heap
|
page read and write
|
||
|
B16E000
|
stack
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A06F000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page execute and read and write
|
||
|
281E000
|
trusted library allocation
|
page read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
5935000
|
heap
|
page read and write
|
||
|
1673000
|
trusted library allocation
|
page read and write
|
||
|
3905000
|
trusted library allocation
|
page read and write
|
||
|
1664000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
A8DB000
|
stack
|
page read and write
|
||
|
5D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
314E000
|
trusted library allocation
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
72D0000
|
heap
|
page read and write
|
||
|
A42D000
|
stack
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
4DC3000
|
heap
|
page read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
520C000
|
stack
|
page read and write
|
||
|
2D3E000
|
trusted library allocation
|
page read and write
|
||
|
70A000
|
stack
|
page read and write
|
||
|
A66E000
|
stack
|
page read and write
|
||
|
2A5C000
|
stack
|
page read and write
|
||
|
1422000
|
trusted library allocation
|
page read and write
|
||
|
55A6000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
6FBD000
|
stack
|
page read and write
|
||
|
8217000
|
heap
|
page read and write
|
||
|
71AE000
|
stack
|
page read and write
|
||
|
143A000
|
heap
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
4E50000
|
trusted library section
|
page readonly
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
7395000
|
heap
|
page read and write
|
||
|
30DA000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
3098000
|
trusted library allocation
|
page read and write
|
||
|
1435000
|
trusted library allocation
|
page execute and read and write
|
||
|
143E000
|
heap
|
page read and write
|
||
|
1629000
|
heap
|
page read and write
|
||
|
1692000
|
trusted library allocation
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page execute and read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
B6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
589D000
|
stack
|
page read and write
|
||
|
1112000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
remote allocation
|
page execute and read and write
|
||
|
48C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
9C6E000
|
stack
|
page read and write
|
||
|
E67000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
6BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C13000
|
heap
|
page read and write
|
||
|
17A0000
|
trusted library allocation
|
page read and write
|
||
|
63E000
|
unkown
|
page read and write
|
||
|
C1E000
|
heap
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
2D2D000
|
trusted library allocation
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
||
|
B2E000
|
heap
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
BBDF000
|
stack
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
188F000
|
stack
|
page read and write
|
||
|
C92000
|
trusted library allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
E6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
17C7000
|
heap
|
page read and write
|
||
|
751E000
|
stack
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
E5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCB000
|
heap
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
175E000
|
stack
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
15BA000
|
heap
|
page read and write
|
||
|
152A000
|
heap
|
page read and write
|
||
|
C12000
|
heap
|
page read and write
|
||
|
9F6F000
|
stack
|
page read and write
|
||
|
6F5B000
|
trusted library allocation
|
page read and write
|
||
|
AF8000
|
stack
|
page read and write
|
||
|
4078000
|
trusted library allocation
|
page read and write
|
||
|
C8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2971000
|
trusted library allocation
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
A1EE000
|
stack
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
18E0000
|
heap
|
page read and write
|
||
|
3CD9000
|
trusted library allocation
|
page read and write
|
||
|
BFD000
|
heap
|
page read and write
|
||
|
2AA8000
|
trusted library allocation
|
page read and write
|
||
|
5EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
4351000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
B8D000
|
stack
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
5ECE000
|
trusted library allocation
|
page read and write
|
||
|
67F000
|
unkown
|
page read and write
|
||
|
27FC000
|
stack
|
page read and write
|
||
|
4A2000
|
unkown
|
page readonly
|
||
|
4163000
|
trusted library allocation
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B76D000
|
stack
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page execute and read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
5E8D000
|
stack
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
1686000
|
trusted library allocation
|
page execute and read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
B61000
|
heap
|
page read and write
|
||
|
3CB1000
|
trusted library allocation
|
page read and write
|
||
|
5565000
|
trusted library allocation
|
page read and write
|
||
|
15C4000
|
heap
|
page read and write
|
||
|
1890000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
36A000
|
stack
|
page read and write
|
||
|
51DD000
|
stack
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
5E4E000
|
stack
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
66A2000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
C7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A1AE000
|
stack
|
page read and write
|
||
|
62A9000
|
heap
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
6660000
|
heap
|
page read and write
|
||
|
1472000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
43C000
|
remote allocation
|
page execute and read and write
|
||
|
4456000
|
trusted library allocation
|
page read and write
|
||
|
5C7E000
|
stack
|
page read and write
|
||
|
721E000
|
stack
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page execute and read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
168A000
|
trusted library allocation
|
page execute and read and write
|
||
|
638E000
|
stack
|
page read and write
|
||
|
65CE000
|
stack
|
page read and write
|
||
|
6E3E000
|
stack
|
page read and write
|
||
|
E43000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
111E000
|
trusted library allocation
|
page read and write
|
||
|
A9DC000
|
stack
|
page read and write
|
||
|
6963000
|
heap
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
1894000
|
trusted library allocation
|
page read and write
|
||
|
31AC000
|
stack
|
page read and write
|
||
|
6650000
|
trusted library allocation
|
page read and write
|
||
|
532C000
|
stack
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
1507000
|
heap
|
page read and write
|
||
|
7330000
|
heap
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
2D1A000
|
trusted library allocation
|
page read and write
|
||
|
141E000
|
stack
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
1426000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC5E000
|
stack
|
page read and write
|
||
|
C9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
683E000
|
stack
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
B99000
|
heap
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
5287000
|
heap
|
page read and write
|
||
|
B64000
|
trusted library allocation
|
page read and write
|
||
|
68C0000
|
heap
|
page read and write
|
||
|
2D0A000
|
trusted library allocation
|
page read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
14D5000
|
heap
|
page read and write
|
||
|
167D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page execute and read and write
|
||
|
66C6000
|
trusted library allocation
|
page read and write
|
||
|
5D56000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
AA1D000
|
stack
|
page read and write
|
||
|
4372000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
2861000
|
trusted library allocation
|
page read and write
|
||
|
3266000
|
trusted library allocation
|
page read and write
|
||
|
2F38000
|
heap
|
page read and write
|
||
|
A2EE000
|
stack
|
page read and write
|
||
|
2973000
|
trusted library allocation
|
page read and write
|
||
|
329A000
|
trusted library allocation
|
page read and write
|
||
|
764E000
|
stack
|
page read and write
|
||
|
741E000
|
stack
|
page read and write
|
||
|
162E000
|
stack
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
B62E000
|
stack
|
page read and write
|
||
|
6F50000
|
trusted library allocation
|
page read and write
|
||
|
E52000
|
trusted library allocation
|
page read and write
|
||
|
28AB000
|
trusted library allocation
|
page read and write
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
1682000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
71EE000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
BC1C000
|
stack
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
8206000
|
heap
|
page read and write
|
||
|
50AE000
|
stack
|
page read and write
|
||
|
B5F000
|
heap
|
page read and write
|
||
|
A440000
|
heap
|
page read and write
|
||
|
1068000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page execute and read and write
|
||
|
327A000
|
trusted library allocation
|
page read and write
|
||
|
5B1F000
|
trusted library allocation
|
page read and write
|
||
|
81A5000
|
heap
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B8E000
|
stack
|
page read and write
|
||
|
32D000
|
stack
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
629F000
|
heap
|
page read and write
|
||
|
B63000
|
trusted library allocation
|
page execute and read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
3156000
|
trusted library allocation
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
C97000
|
trusted library allocation
|
page execute and read and write
|
||
|
69AD000
|
stack
|
page read and write
|
||
|
BBB000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
49FC000
|
stack
|
page read and write
|
||
|
14D9000
|
heap
|
page read and write
|
||
|
B29000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
42D5000
|
trusted library allocation
|
page read and write
|
||
|
AB1E000
|
stack
|
page read and write
|
||
|
66AC000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page read and write
|
||
|
68AE000
|
stack
|
page read and write
|
||
|
67FE000
|
stack
|
page read and write
|
||
|
E34000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
18B0000
|
trusted library allocation
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
1457000
|
heap
|
page read and write
|
||
|
2C94000
|
heap
|
page read and write
|
||
|
945000
|
heap
|
page read and write
|
||
|
65EB000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
3B62000
|
trusted library allocation
|
page read and write
|
||
|
306F000
|
stack
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page read and write
|
||
|
1616000
|
heap
|
page read and write
|
||
|
3953000
|
trusted library allocation
|
page read and write
|
||
|
9C9B000
|
trusted library allocation
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
1598000
|
heap
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D1000
|
heap
|
page read and write
|
||
|
55AD000
|
trusted library allocation
|
page read and write
|
||
|
282D000
|
trusted library allocation
|
page read and write
|
||
|
3D18000
|
trusted library allocation
|
page read and write
|
||
|
BE5E000
|
stack
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
heap
|
page execute and read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
71E0000
|
heap
|
page read and write
|
||
|
2821000
|
trusted library allocation
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
664D000
|
stack
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
42A000
|
remote allocation
|
page execute and read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
68C3000
|
heap
|
page read and write
|
||
|
5AC5000
|
trusted library allocation
|
page read and write
|
||
|
6985000
|
heap
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
C1D000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
heap
|
page read and write
|
||
|
BADE000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1507000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
BCF000
|
heap
|
page read and write
|
||
|
E33000
|
trusted library allocation
|
page execute and read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
BC9000
|
stack
|
page read and write
|
||
|
B8AE000
|
stack
|
page read and write
|
||
|
ED7000
|
heap
|
page read and write
|
||
|
2D06000
|
trusted library allocation
|
page read and write
|
||
|
6ABF000
|
stack
|
page read and write
|
||
|
5AAD000
|
stack
|
page read and write
|
||
|
3151000
|
trusted library allocation
|
page read and write
|
||
|
A7AE000
|
stack
|
page read and write
|
||
|
489E000
|
stack
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
18E6000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
BF9000
|
heap
|
page read and write
|
||
|
C86000
|
trusted library allocation
|
page execute and read and write
|
There are 589 hidden memdumps, click here to show them.