IOC Report
4TH HIRE SOA REMITTANCE_USD280,000.exe

loading gif

Files

File Path
Type
Category
Malicious
4TH HIRE SOA REMITTANCE_USD280,000.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Temp\tmp16FF.tmp
XML 1.0 document, ASCII text
dropped
 malicious
C:\Users\user\AppData\Roaming\GRogNEHvcL.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\4TH HIRE SOA REMITTANCE_USD280,000.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\GRogNEHvcL.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Temp\Y656-D6L1
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_azxhduxd.o4l.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gracnpwr.0gd.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_im3uef2p.bfq.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mld0gfds.vau.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_upwf1lj4.gxn.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vxzp5qwv.syp.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xff2mrt0.bys.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y551avhh.khe.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\tmp30FF.tmp
XML 1.0 document, ASCII text
dropped
C:\Users\user\AppData\Roaming\GRogNEHvcL.exe:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
There are 7 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\4TH HIRE SOA REMITTANCE_USD280,000.exe
"C:\Users\user\Desktop\4TH HIRE SOA REMITTANCE_USD280,000.exe"
 malicious
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\4TH HIRE SOA REMITTANCE_USD280,000.exe"
malicious
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\GRogNEHvcL.exe"
 malicious
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\GRogNEHvcL" /XML "C:\Users\user\AppData\Local\Temp\tmp16FF.tmp"
 malicious
C:\Users\user\Desktop\4TH HIRE SOA REMITTANCE_USD280,000.exe
"C:\Users\user\Desktop\4TH HIRE SOA REMITTANCE_USD280,000.exe"
 malicious
C:\Users\user\AppData\Roaming\GRogNEHvcL.exe
C:\Users\user\AppData\Roaming\GRogNEHvcL.exe
 malicious
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\GRogNEHvcL" /XML "C:\Users\user\AppData\Local\Temp\tmp30FF.tmp"
 malicious
C:\Users\user\AppData\Roaming\GRogNEHvcL.exe
"C:\Users\user\AppData\Roaming\GRogNEHvcL.exe"
 malicious
C:\Program Files (x86)\SsffkNIowRsReJBYlDZpsAqXDiYZSMDNIfLoWWAcjuRlhiYNTxfcNBJnSqzyGrAHTAT\vFRZZQiLgeOQDzGymvZVa.exe
"C:\Program Files (x86)\SsffkNIowRsReJBYlDZpsAqXDiYZSMDNIfLoWWAcjuRlhiYNTxfcNBJnSqzyGrAHTAT\vFRZZQiLgeOQDzGymvZVa.exe"
malicious
C:\Windows\SysWOW64\winver.exe
"C:\Windows\SysWOW64\winver.exe"
 malicious
C:\Program Files (x86)\SsffkNIowRsReJBYlDZpsAqXDiYZSMDNIfLoWWAcjuRlhiYNTxfcNBJnSqzyGrAHTAT\vFRZZQiLgeOQDzGymvZVa.exe
"C:\Program Files (x86)\SsffkNIowRsReJBYlDZpsAqXDiYZSMDNIfLoWWAcjuRlhiYNTxfcNBJnSqzyGrAHTAT\vFRZZQiLgeOQDzGymvZVa.exe"
malicious
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\Firefox.exe"
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 7 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://www.adylkerak.ru/1jr4/
51.195.44.77
 malicious
http://www.newmediamonday.com/f1h2/?4b34ht=o2w0OkdzOU7AeO8cST1vLwAMb2MVSZPok4SxmOvOEN/vFfcFf0cZDVwWJD0TY2twL06giNetwFt+I5xckOsROdTXbf+WwKvZ5D3dZkP4IlWKwwnosj8+1uAXlawkkcomhg==&UxF=2Nflznk0WJ3hjv
173.254.28.213
 malicious
http://www.btx937.top/gp7t/
199.59.243.225
 malicious
http://www.retrorocketmodels.com/vtm3/?4b34ht=kR7Fl86BSFGGM0PlM+jb3Z8U1XiTwr46KttiVv2q+FBEIB4NiNNJYHhFj5b5v2TtaYgnHWWiT/h6cxdEcVnMTV8uD5XBSlgGjz30dZ+o/GujFcx5HUknEw/XEJ5xYkmM6w==&UxF=2Nflznk0WJ3hjv
3.33.130.190
 malicious
http://www.cica-rank.com/fx5q/
183.181.79.111
 malicious
http://www.pilatovparts.ru/k2o4/
31.31.196.16
 malicious
http://www.adylkerak.ru/1jr4/?4b34ht=kGdd1iddr+mvgzlLI3SGjgxAabUOGsKw2bG4JPXV9hwIwsQyE7CLPYW2F+PDsbjHTDHawkku/URFrqQj7JM/kB2xKVcJ0yqZ4Q9OBe3AFA9XjQjtHcn6JNxir1+KynzC3w==&UxF=2Nflznk0WJ3hjv
51.195.44.77
 malicious
http://www.falldove.top/ewqf/
66.29.149.46
 malicious
http://www.retrorocketmodels.com/vtm3/
3.33.130.190
 malicious
http://www.btx937.top/gp7t/?4b34ht=rAqEu2gSv2s2Q34sajdUQRUadeB85tkFqSKdenQDQ2DGw2dO3uX5Zw6KDTM8IV3Tf+lQDmhmNxGX2EN4uh2PDjjxVn+OEzZBTy/UzpMaoQhQyJClBqNmt4mNfKWMNb1t7Q==&UxF=2Nflznk0WJ3hjv
199.59.243.225
 malicious
http://www.botcsllc.com/wouf/
216.40.34.41
 malicious
http://www.lesfleursdeceline.be/11y6/
3.125.172.46
 malicious
http://www.lesfleursdeceline.be/11y6/?4b34ht=Dwy6CWGja1kYD5j/NiyuAt+/fS8dx1oXABRd8IB5T1BIX3lRMt9N7dOmg29JYmKAoU96l3n9gZEsdf5amHP+judxC5mcbKzq6E6B/htT/kbgwKzkG09OKna/oGm6dpHmyw==&UxF=2Nflznk0WJ3hjv
3.125.172.46
 malicious
http://www.jl884.vip/viqu/?4b34ht=MVCyVDN3RwNEbgSUD+0xRye29v/XSHfdB7daKMb285I6uLH+in3mV6SqMrakijFPfITBXvDDRnIloAD3dOOGlBaUMS2RVppA4PBahCfW4PrIZhDLLp/ysGvZxQcLTJd5vQ==&UxF=2Nflznk0WJ3hjv
65.181.132.158
 malicious
http://www.jl884.vip/viqu/
65.181.132.158
 malicious
http://www.diplocity.org/l1oh/
78.142.211.199
 malicious
http://www.duhocvietanh.edu.vn/iqzp/?4b34ht=fu92k1NC4wJFnZcipX/XbPhVhBhXF83hEHBnQGjO4gCDEIQAPcvMGFbAeujwAxJrjpsvX+qRkMbJbRaZT89LHtus1xeGcvR3FY7l2IYkKTCFrV4doYlBH8GHezxeD3NhTg==&UxF=2Nflznk0WJ3hjv
103.138.88.50
 malicious
http://www.cica-rank.com/fx5q/?4b34ht=58zXcaw4QDLVkaL+G0qZOwfYBtfLZlBf9k0Qnw1Zv4bR0GQyFI5ORfMwVsCUT1zQejwif13gDfh0mdA+c9yRzCT9PqSg1LoC16c3+fSR0wz9mE2aSN+j+I+5sdCG7jTd0Q==&UxF=2Nflznk0WJ3hjv
183.181.79.111
 malicious
http://www.equi-sen.ca/oh6m/
199.59.243.225
 malicious
http://www.falldove.top/ewqf/?4b34ht=kYShQH1sa3Le60gDrsgCYGFyuVEpRJ0k4IW5QzbfeKprYk61XZyNmSsEdCDrGrgTxI+6jeCx+L1A4qHHQky9AsRR7ruU+KhrWGBfvU9SpfMi+rY6DVY8elzf7b7Bw6Cu6g==&UxF=2Nflznk0WJ3hjv
66.29.149.46
 malicious
http://www.diplocity.org/l1oh/?4b34ht=CLj62WE97PINjru9/2Ua0S4wJ+6clgTBZzFqYLe+Zb/mrkE/j+GqxKOEwyxDIhmnv5tawjcWYXQUR2YOfRR5ys/k8mvsQ8S8w9omXjrMO8RJvp8vgkkqsEYyw/rrHr7WOA==&UxF=2Nflznk0WJ3hjv
78.142.211.199
 malicious
http://www.newmediamonday.com/f1h2/
173.254.28.213
 malicious
http://www.botcsllc.com/wouf/?4b34ht=XRItmHXywGWVnqDngINAMvff3IpqjclEV1ySHuRZOTcLzBiyF5+l3MoobodW+p084j4Tu28tOugkX2LbOW2aRLZQ/Vv/K47AM9XykbCYypLB0HUyScM9sRvicmb0LC0c/g==&UxF=2Nflznk0WJ3hjv
216.40.34.41
 malicious
http://www.pilatovparts.ru/k2o4/?4b34ht=qS1OWRHNQ56Cw7+fPD172OEEUbCPY94RPpebPz6xreoqxXbgy7Cu/Z+GqTqWS2Pyzkow4Xyx1yLx23Wbx34O9asPPjW4w1AqTiokyKtl/e0W2Htu8J9pM1VOgBMsot7LIg==&UxF=2Nflznk0WJ3hjv
31.31.196.16
 malicious
http://www.duhocvietanh.edu.vn/iqzp/
103.138.88.50
 malicious
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://ogp.me/ns#
unknown
https://www.instagram.com/hover_domains
unknown
https://d1di2lzuh97fh2.cloudfront.net/client/js.polyfill/container-query-polyfill.modern.js
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/2v/2v4/2v414g.css?ph=8290e35a9b
unknown
https://d1di2lzuh97fh2.cloudfront.net/client/img/favicons/sb-favicon.ico?ph=8290e35a9b
unknown
https://events.webnode.com/projects/-/events/
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
http://www.tranivel.com
unknown
https://files.reg.ru/fonts/inter/Inter-SemiBold.woff2)
unknown
https://www.reg.ru/support/#request
unknown
https://newmediamonday.com
unknown
https://www.google.com
unknown
http://duhocvietanh.edu.vn/iqzp/?4b34ht=fu92k1NC4wJFnZcipX/XbPhVhBhXF83hEHBnQGjO4gCDEIQAPcvMGFbAeujw
unknown
https://files.reg.ru/fonts/inter/Inter-Regular.woff)
unknown
https://www.hover.com/domains/results
unknown
https://d1di2lzuh97fh2.cloudfront.net/client/img/favicons/sb-favicon-16.svg?ph=8290e35a9b
unknown
https://server27.hosting.reg.ru/manager
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/39/396/39634o.js?ph=8290e35a9b
unknown
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
unknown
http://feeds.soundcloud.com/users/soundcloud:users:38128127/sounds.rss
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://twitter.com/hover
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/19/19m/19mvcd.css?ph=8290e35a9b
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/2r/2rd/2rdzz2.css?ph=8290e35a9b
unknown
https://files.reg.ru/fonts/inter/Inter-Medium.woff2)
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/04/04p/04pi85.css?ph=8290e35a9b
unknown
https://2domains.ru
unknown
https://d1di2lzuh97fh2.cloudfront.net
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/17/178/178on3.css?ph=8290e35a9b
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://files.reg.ru/fonts/inter/Inter-SemiBold.woff)
unknown
https://www.ecosia.org/newtab/
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/2i/2iw/2iwzy5.css?ph=8290e35a9b
unknown
http://www.tranivel.com/fr5e/
217.70.184.50
https://ac.ecosia.org/autocomplete?q=
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/3c/3cw/3cwfrk.css?ph=8290e35a9b
unknown
https://files.reg.ru/fonts/inter/Inter-Medium.woff)
unknown
https://codepen.io/uzcho_/pens/popular/?grid_type=list
unknown
https://codepen.io/uzcho_/pen/eYdmdXw.css
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/49/49x/49xmuk.css?ph=8290e35a9b
unknown
https://www.lesfleursdeceline.be/page-not-found-404/
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/32/32i/32i65q.css?ph=8290e35a9b
unknown
https://files.reg.ru/fonts/inter/Inter-Regular.woff2)
unknown
https://www.reg.ru/support/hosting-i-servery/moy-sayt-ne-rabotaet/oshibka-404
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
unknown
https://d1di2lzuh97fh2.cloudfront.net/client/img/favicons/sb-favicon.svg?ph=8290e35a9b
unknown
https://d1di2lzuh97fh2.cloudfront.net/files/3f/3f9/3f9vvf.css?ph=8290e35a9b
unknown
https://reg.ru?target=_blank
unknown
There are 66 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
www.botcsllc.com
216.40.34.41
 malicious
www.pilatovparts.ru
31.31.196.16
 malicious
www.diplocity.org
78.142.211.199
 malicious
lb.webnode.io
3.125.172.46
 malicious
www.equi-sen.ca
199.59.243.225
 malicious
newmediamonday.com
173.254.28.213
 malicious
www.cica-rank.com
183.181.79.111
 malicious
www.adylkerak.ru
51.195.44.77
 malicious
94950.bodis.com
199.59.243.225
 malicious
www.falldove.top
66.29.149.46
 malicious
e6375a47.jl884.vip.cname.scname.com
65.181.132.158
 malicious
duhocvietanh.edu.vn
103.138.88.50
 malicious
retrorocketmodels.com
3.33.130.190
 malicious
www.duhocvietanh.edu.vn
unknown
 malicious
www.lesfleursdeceline.be
unknown
 malicious
www.retrorocketmodels.com
unknown
 malicious
www.btx937.top
unknown
 malicious
www.tranivel.com
unknown
 malicious
www.jl884.vip
unknown
 malicious
www.newmediamonday.com
unknown
 malicious
www.double.gay
unknown
 malicious
webredir.vip.gandi.net
217.70.184.50
There are 12 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
183.181.79.111
www.cica-rank.com
Japan
malicious
51.195.44.77
www.adylkerak.ru
France
malicious
65.181.132.158
e6375a47.jl884.vip.cname.scname.com
United States
malicious
199.59.243.225
www.equi-sen.ca
United States
malicious
66.29.149.46
www.falldove.top
United States
malicious
103.138.88.50
duhocvietanh.edu.vn
Viet Nam
malicious
78.142.211.199
www.diplocity.org
Turkey
malicious
31.31.196.16
www.pilatovparts.ru
Russian Federation
malicious
3.125.172.46
lb.webnode.io
United States
malicious
173.254.28.213
newmediamonday.com
United States
malicious
3.33.130.190
retrorocketmodels.com
United States
malicious
216.40.34.41
www.botcsllc.com
Canada
malicious
217.70.184.50
webredir.vip.gandi.net
France
There are 3 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
1C50000
unclassified section
page execute and read and write
 malicious
1AB0000
unclassified section
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
4C40000
trusted library allocation
page read and write
 malicious
26F0000
unkown
page execute and read and write
 malicious
5920000
system
page execute and read and write
 malicious
4C80000
trusted library allocation
page read and write
 malicious
2D20000
system
page execute and read and write
 malicious
26F0000
heap
page read and write
332C000
unkown
page read and write
10C1000
unkown
page readonly
2B87000
unkown
page execute and read and write
1C34E2F0000
trusted library allocation
page read and write
1C34CB3A000
heap
page read and write
1C34E701000
trusted library allocation
page read and write
4DA0000
trusted library section
page readonly
3D3E000
trusted library allocation
page read and write
2AAE000
stack
page read and write
E04000
heap
page read and write
58C4000
unclassified section
page read and write
2DE0000
heap
page read and write
E08000
heap
page read and write
4B41000
heap
page read and write
1530000
unkown
page readonly
25CF000
stack
page read and write
50C0000
heap
page read and write
EBB000
trusted library allocation
page read and write
5AFC000
unkown
page read and write
4B41000
heap
page read and write
F0E000
unkown
page readonly
BFD25FF000
stack
page read and write
9C0000
heap
page read and write
2F3E000
stack
page read and write
4D70000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
6D03000
heap
page read and write
1C34E612000
trusted library allocation
page read and write
1140000
trusted library allocation
page read and write
8000000
trusted library allocation
page read and write
3D7E000
trusted library allocation
page read and write
4B41000
heap
page read and write
32B1000
heap
page read and write
23A0000
heap
page read and write
2831000
trusted library allocation
page read and write
4B41000
heap
page read and write
8350000
heap
page read and write
4B41000
heap
page read and write
80C0000
heap
page read and write
66E6000
unclassified section
page read and write
C90000
trusted library allocation
page read and write
997000
stack
page read and write
C10000
heap
page read and write
80DA000
heap
page read and write
3270000
heap
page read and write
1400000
heap
page read and write
4B41000
heap
page read and write
3302000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
F17000
unkown
page readonly
32B6000
heap
page read and write
28EF000
stack
page read and write
1440000
heap
page read and write
C0E000
stack
page read and write
40AE000
unkown
page read and write
B60D000
stack
page read and write
C5E000
stack
page read and write
4B41000
heap
page read and write
CB0000
heap
page read and write
5D7A000
unclassified section
page read and write
8109000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
BFD15FE000
stack
page read and write
32F6000
heap
page read and write
1889000
direct allocation
page execute and read and write
5000000
heap
page read and write
7010000
trusted library allocation
page read and write
2A5E000
stack
page read and write
5020000
trusted library allocation
page read and write
119D000
stack
page read and write
813A000
heap
page read and write
DE0000
trusted library allocation
page read and write
2F00000
stack
page read and write
1B23000
direct allocation
page execute and read and write
4B41000
heap
page read and write
6AC0000
trusted library allocation
page read and write
4D20000
heap
page read and write
539000
stack
page read and write
F15000
unkown
page read and write
3337000
heap
page read and write
FF0000
unkown
page readonly
910000
unkown
page read and write
C80000
trusted library allocation
page read and write
517D000
direct allocation
page execute and read and write
4B41000
heap
page read and write
4E00000
trusted library allocation
page read and write
5F0000
unkown
page read and write
3314000
heap
page read and write
D2D000
trusted library allocation
page execute and read and write
6554000
unclassified section
page read and write
542E000
stack
page read and write
5F0C000
unclassified section
page read and write
F01000
unkown
page execute read
970000
heap
page read and write
4E00000
trusted library allocation
page read and write
32BC000
heap
page read and write
4B41000
heap
page read and write
2C55000
trusted library allocation
page read and write
46F6000
unkown
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
31B0000
trusted library allocation
page read and write
4B41000
heap
page read and write
1EB0000
heap
page read and write
13B0000
unkown
page readonly
4B41000
heap
page read and write
4CFC000
heap
page read and write
811F000
heap
page read and write
4FD9000
direct allocation
page execute and read and write
ED6000
trusted library allocation
page read and write
80CB000
heap
page read and write
27AA000
stack
page read and write
1560000
heap
page read and write
FF0000
unkown
page readonly
80B0000
trusted library allocation
page read and write
13A0000
unkown
page readonly
5003000
heap
page read and write
5EE000
stack
page read and write
CBF000
stack
page read and write
4B41000
heap
page read and write
1410000
unkown
page read and write
1430000
unkown
page read and write
18FE000
direct allocation
page execute and read and write
9B7F000
stack
page read and write
3A6E000
trusted library allocation
page read and write
C93000
trusted library allocation
page read and write
4B41000
heap
page read and write
50D0000
heap
page read and write
1C34CB41000
heap
page read and write
13C0000
heap
page read and write
2A9F000
unkown
page read and write
3010000
heap
page read and write
954D000
stack
page read and write
4B41000
heap
page read and write
8131000
heap
page read and write
4FCB000
trusted library allocation
page read and write
2C57000
trusted library allocation
page read and write
2600000
unkown
page readonly
F17000
unkown
page readonly
D70000
heap
page read and write
2AB9000
trusted library allocation
page read and write
5170000
trusted library allocation
page execute and read and write
5080000
heap
page read and write
4B41000
heap
page read and write
6CDC000
heap
page read and write
910000
unkown
page read and write
580000
unkown
page readonly
32B1000
heap
page read and write
1AF1000
unkown
page readonly
286F000
unkown
page read and write
6EFC000
heap
page read and write
1C34E600000
trusted library allocation
page read and write
1C40000
heap
page read and write
53A000
stack
page read and write
80D8000
heap
page read and write
875E000
stack
page read and write
4B41000
heap
page read and write
9A0000
unkown
page read and write
1C34E621000
trusted library allocation
page read and write
E40000
trusted library allocation
page read and write
4B41000
heap
page read and write
2AB0000
heap
page read and write
4B41000
heap
page read and write
80C6000
heap
page read and write
1127000
trusted library allocation
page execute and read and write
531C000
unclassified section
page read and write
1C34C8A7000
system
page execute and read and write
4B41000
heap
page read and write
1116000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
DCB000
trusted library allocation
page execute and read and write
25F4000
heap
page read and write
52C2000
unclassified section
page read and write
311F000
stack
page read and write
6C90000
heap
page read and write
4B41000
heap
page read and write
4BAC000
unkown
page read and write
980000
unkown
page readonly
6E2E000
stack
page read and write
4B41000
heap
page read and write
9F0000
heap
page read and write
3341000
heap
page read and write
5E0000
heap
page read and write
53A000
stack
page read and write
4B41000
heap
page read and write
2CC0000
heap
page read and write
D20000
trusted library allocation
page read and write
6FEE000
stack
page read and write
E2E000
stack
page read and write
812D000
heap
page read and write
4C0000
unkown
page readonly
14B8000
heap
page read and write
135C000
stack
page read and write
879F000
stack
page read and write
8133000
heap
page read and write
F17000
unkown
page readonly
EF0000
heap
page read and write
1690000
heap
page read and write
2C5B000
trusted library allocation
page read and write
32BC000
heap
page read and write
50A0000
trusted library allocation
page execute and read and write
32C2000
heap
page read and write
32A0000
heap
page read and write
4B41000
heap
page read and write
188D000
direct allocation
page execute and read and write
32C2000
heap
page read and write
1103000
trusted library allocation
page read and write
4B41000
heap
page read and write
F01000
unkown
page execute read
4B41000
heap
page read and write
1760000
unkown
page readonly
FFF000
stack
page read and write
C9D000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
1300000
heap
page read and write
4EC0000
heap
page read and write
6AD0000
trusted library allocation
page read and write
10FF000
stack
page read and write
4B41000
heap
page read and write
2BA9000
trusted library allocation
page read and write
4B41000
heap
page read and write
5200000
heap
page read and write
4B41000
heap
page read and write
32BC000
heap
page read and write
4B41000
heap
page read and write
970000
heap
page read and write
3887000
trusted library allocation
page read and write
B8AE000
stack
page read and write
4B41000
heap
page read and write
5220000
heap
page execute and read and write
2CE8000
stack
page read and write
111A000
trusted library allocation
page execute and read and write
32B3000
heap
page read and write
26FA000
heap
page read and write
FD0000
unkown
page readonly
3A66000
unkown
page read and write
4FE6000
trusted library allocation
page read and write
3010000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
6878000
unclassified section
page read and write
26A0000
trusted library allocation
page read and write
3331000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
3120000
unkown
page readonly
4FED000
trusted library allocation
page read and write
940000
heap
page read and write
6E8E000
stack
page read and write
1307000
heap
page read and write
F15000
unkown
page read and write
4B41000
heap
page read and write
4B7C000
stack
page read and write
AEDF000
stack
page read and write
3C33000
trusted library allocation
page read and write
51F5000
heap
page read and write
DCE000
heap
page read and write
1550000
unkown
page read and write
5C0000
heap
page read and write
28CE000
trusted library allocation
page read and write
4240000
unkown
page read and write
1AA8000
direct allocation
page execute and read and write
4B41000
heap
page read and write
4FDD000
direct allocation
page execute and read and write
5040000
trusted library allocation
page read and write
9C7D000
stack
page read and write
4B41000
heap
page read and write
336A000
heap
page read and write
4CC0000
trusted library allocation
page read and write
4B41000
heap
page read and write
28DC000
trusted library allocation
page read and write
8140000
heap
page read and write
109D000
stack
page read and write
4B41000
heap
page read and write
4880000
trusted library allocation
page read and write
4B41000
heap
page read and write
4B0000
unkown
page readonly
CA2000
trusted library allocation
page read and write
4B41000
heap
page read and write
282E000
stack
page read and write
32BC000
heap
page read and write
4B41000
heap
page read and write
8013000
heap
page read and write
94E000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
1C34C940000
heap
page read and write
B86C000
stack
page read and write
5971000
system
page execute and read and write
1140000
heap
page read and write
4EA0000
heap
page read and write
1C34E490000
heap
page read and write
570000
unkown
page readonly
7D40000
trusted library allocation
page read and write
3311000
heap
page read and write
4B41000
heap
page read and write
ECE000
trusted library allocation
page read and write
B0DF000
stack
page read and write
4A1A000
unkown
page read and write
51E0000
heap
page read and write
198F000
stack
page read and write
3354000
heap
page read and write
6CE0000
heap
page read and write
4B41000
heap
page read and write
B3DE000
stack
page read and write
4B41000
heap
page read and write
D23000
trusted library allocation
page execute and read and write
486E000
stack
page read and write
1190000
trusted library allocation
page execute and read and write
30C0000
heap
page read and write
4B41000
heap
page read and write
1AF1000
unkown
page readonly
50BE000
stack
page read and write
4D50000
trusted library allocation
page read and write
4B41000
heap
page read and write
175F000
stack
page read and write
4B41000
heap
page read and write
50F7000
heap
page read and write
5290000
trusted library allocation
page read and write
5A0000
heap
page read and write
1390000
unkown
page readonly
4E90000
heap
page read and write
4B41000
heap
page read and write
A05F000
stack
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
3307000
heap
page read and write
4B41000
heap
page read and write
80FA000
heap
page read and write
2A60000
heap
page execute and read and write
55B0000
trusted library allocation
page read and write
2B14000
trusted library allocation
page read and write
EAB000
stack
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
C7A2000
system
page read and write
8127000
heap
page read and write
1A11000
direct allocation
page execute and read and write
96E000
stack
page read and write
8342000
trusted library allocation
page read and write
6EE8000
heap
page read and write
4B41000
heap
page read and write
9A7E000
stack
page read and write
4B41000
heap
page read and write
6EE4000
heap
page read and write
D64000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
9C0000
heap
page read and write
6B00000
trusted library section
page read and write
2720000
heap
page execute and read and write
6E30000
trusted library allocation
page read and write
3375000
heap
page read and write
4B41000
heap
page read and write
2B16000
trusted library allocation
page read and write
F0E000
unkown
page readonly
4B41000
heap
page read and write
A41F000
stack
page read and write
80E4000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
1190000
heap
page read and write
4E00000
trusted library allocation
page read and write
590000
unkown
page readonly
30C4000
heap
page read and write
1CCD000
direct allocation
page execute and read and write
4B41000
heap
page read and write
3FC7000
trusted library allocation
page read and write
4D30000
trusted library allocation
page read and write
1CB1000
direct allocation
page execute and read and write
F01000
unkown
page execute read
20E7000
unclassified section
page execute and read and write
135C000
stack
page read and write
1760000
unkown
page readonly
9F0000
heap
page read and write
810B000
heap
page read and write
3327000
heap
page read and write
5210000
trusted library allocation
page read and write
1490000
heap
page read and write
2C5F000
trusted library allocation
page read and write
282E000
unkown
page read and write
1290000
direct allocation
page read and write
175F000
stack
page read and write
10FB000
stack
page read and write
4B41000
heap
page read and write
4E9A000
heap
page read and write
4B0000
unkown
page readonly
957A000
trusted library allocation
page read and write
5250000
trusted library allocation
page read and write
69AE000
stack
page read and write
4B41000
heap
page read and write
3B41000
trusted library allocation
page read and write
4B41000
heap
page read and write
7000000
trusted library allocation
page read and write
5A56000
unclassified section
page read and write
875E000
stack
page read and write
4B41000
heap
page read and write
1421000
unkown
page readonly
8136000
heap
page read and write
4B41000
heap
page read and write
2710000
heap
page read and write
157F000
heap
page read and write
4B41000
heap
page read and write
2B0E000
stack
page read and write
590000
unkown
page readonly
6EF0000
heap
page read and write
1AC2000
direct allocation
page execute and read and write
25F4000
heap
page read and write
5092000
trusted library allocation
page read and write
C862000
system
page read and write
1C34E2F0000
trusted library allocation
page read and write
11B0000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
B1DD000
stack
page read and write
1400000
heap
page read and write
1C34E60F000
trusted library allocation
page read and write
144E000
stack
page read and write
6B9C000
unclassified section
page read and write
3314000
heap
page read and write
2DDE000
stack
page read and write
981000
heap
page read and write
80D2000
heap
page read and write
C84000
trusted library allocation
page read and write
2B90000
heap
page read and write
32BC000
heap
page read and write
6EE0000
heap
page read and write
EDD000
trusted library allocation
page read and write
125A000
stack
page read and write
4B41000
heap
page read and write
DC6000
heap
page read and write
25F0000
heap
page read and write
5181000
direct allocation
page execute and read and write
232A000
stack
page read and write
5320000
heap
page read and write
118E000
stack
page read and write
6F37000
heap
page read and write
E30000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
9C80000
heap
page read and write
188F000
stack
page read and write
148E000
stack
page read and write
1C34CB2C000
heap
page read and write
4B41000
heap
page read and write
F00000
unkown
page readonly
4B41000
heap
page read and write
51D0000
trusted library section
page readonly
4B41000
heap
page read and write
3347000
heap
page read and write
DDC000
stack
page read and write
1A00000
direct allocation
page execute and read and write
4564000
unkown
page read and write
8014000
heap
page read and write
4B41000
heap
page read and write
B1E0000
heap
page read and write
333E000
heap
page read and write
879E000
stack
page read and write
F0E000
unkown
page readonly
4B41000
heap
page read and write
C70000
trusted library allocation
page read and write
FE0000
unkown
page readonly
F15000
unkown
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
59EC000
system
page execute and read and write
337A000
heap
page read and write
711E000
stack
page read and write
26E0000
trusted library allocation
page read and write
4870000
trusted library allocation
page read and write
4B41000
heap
page read and write
292A000
trusted library allocation
page read and write
4E8C000
stack
page read and write
6A0A000
unclassified section
page read and write
4B41000
heap
page read and write
32BD000
heap
page read and write
C80000
heap
page read and write
6870000
heap
page read and write
504E000
direct allocation
page execute and read and write
15B0000
heap
page read and write
4B41000
heap
page read and write
1112000
trusted library allocation
page read and write
DDA000
heap
page read and write
1C34E7C4000
trusted library allocation
page read and write
3BF8000
unkown
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
6D2E000
unclassified section
page read and write
4B41000
heap
page read and write
8FC000
stack
page read and write
2B10000
trusted library allocation
page read and write
7F480000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
4EB0000
heap
page read and write
2AC0000
trusted library allocation
page read and write
CC0000
unkown
page readonly
4B41000
heap
page read and write
7FFE000
stack
page read and write
D10000
trusted library allocation
page read and write
1550000
unkown
page read and write
3D8A000
unkown
page read and write
3A2E000
trusted library allocation
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
8490000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
3000000
heap
page read and write
2DBD000
trusted library allocation
page read and write
F00000
unkown
page readonly
4B41000
heap
page read and write
CAA000
trusted library allocation
page execute and read and write
38D5000
trusted library allocation
page read and write
4B41000
heap
page read and write
4B46000
heap
page read and write
26C0000
trusted library allocation
page read and write
2F40000
unkown
page read and write
15FF000
stack
page read and write
597A000
system
page execute and read and write
51F2000
direct allocation
page execute and read and write
2A5E000
unkown
page read and write
4B41000
heap
page read and write
1C34E603000
trusted library allocation
page read and write
6F22000
heap
page read and write
8470000
trusted library allocation
page read and write
8F7000
stack
page read and write
800E000
heap
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
2F8C000
unkown
page read and write
2C61000
trusted library allocation
page read and write
11A0000
trusted library allocation
page read and write
28AE000
stack
page read and write
11EE000
unkown
page read and write
2A30000
heap
page read and write
2D90000
heap
page read and write
4B41000
heap
page read and write
140D000
stack
page read and write
4B41000
heap
page read and write
F17000
unkown
page readonly
980000
unkown
page readonly
23C0000
heap
page read and write
4D0000
unkown
page readonly
14B0000
heap
page read and write
2B41000
trusted library allocation
page read and write
80C1000
heap
page read and write
4B41000
heap
page read and write
8100000
heap
page read and write
4EB5000
heap
page read and write
1A80000
direct allocation
page execute and read and write
6EEE000
stack
page read and write
2899000
trusted library allocation
page read and write
3370000
heap
page read and write
3311000
heap
page read and write
988000
heap
page read and write
51CB000
stack
page read and write
F15000
unkown
page read and write
3F43000
trusted library allocation
page read and write
6E3E000
trusted library allocation
page read and write
1B29000
direct allocation
page execute and read and write
B4DE000
stack
page read and write
CA0000
trusted library allocation
page read and write
3000000
heap
page read and write
F01000
unkown
page execute read
4B41000
heap
page read and write
4B41000
heap
page read and write
6B40000
trusted library section
page read and write
4B41000
heap
page read and write
2B20000
trusted library allocation
page read and write
4FF2000
trusted library allocation
page read and write
CC5000
heap
page read and write
949000
heap
page read and write
4C69000
heap
page read and write
6E40000
trusted library allocation
page execute and read and write
5B5000
heap
page read and write
4B41000
heap
page read and write
C83000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
A09C000
stack
page read and write
4D40000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
2E2B000
trusted library allocation
page read and write
1568000
heap
page read and write
3120000
unkown
page readonly
2A10000
heap
page read and write
52B0000
trusted library allocation
page execute and read and write
1120000
trusted library allocation
page read and write
1122000
trusted library allocation
page read and write
5015000
trusted library allocation
page read and write
5A0000
heap
page read and write
1C34CB1A000
heap
page read and write
5440000
heap
page read and write
4B41000
heap
page read and write
AFDF000
stack
page read and write
8105000
heap
page read and write
4B41000
heap
page read and write
6230000
unclassified section
page read and write
63C2000
unclassified section
page read and write
118E000
stack
page read and write
4B41000
heap
page read and write
5010000
trusted library allocation
page read and write
4B41000
heap
page read and write
FD0000
unkown
page readonly
DC2000
trusted library allocation
page read and write
48CE000
stack
page read and write
4B41000
heap
page read and write
1440000
heap
page read and write
4B41000
heap
page read and write
32B7000
heap
page read and write
A1DD000
stack
page read and write
4E29000
heap
page read and write
1C34CA60000
heap
page read and write
3839000
trusted library allocation
page read and write
4B41000
heap
page read and write
B76B000
stack
page read and write
A31D000
stack
page read and write
5996000
system
page execute and read and write
3212000
unkown
page read and write
6AAE000
stack
page read and write
1C34E2F0000
trusted library allocation
page read and write
6F6D000
heap
page read and write
4B41000
heap
page read and write
1C34E60D000
trusted library allocation
page read and write
4B41000
heap
page read and write
5280000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
A2DF000
stack
page read and write
5240000
trusted library allocation
page read and write
4B41000
heap
page read and write
8143000
heap
page read and write
ED1000
trusted library allocation
page read and write
5A0000
heap
page read and write
163E000
stack
page read and write
4C0000
unkown
page readonly
4B41000
heap
page read and write
CA7C000
system
page read and write
2390000
heap
page read and write
CE64000
system
page read and write
5BE8000
unclassified section
page read and write
570000
unkown
page readonly
1410000
unkown
page read and write
2AB0000
trusted library allocation
page read and write
303F000
stack
page read and write
3327000
heap
page read and write
2C59000
trusted library allocation
page read and write
32B8000
heap
page read and write
4B41000
heap
page read and write
80D5000
heap
page read and write
6E39000
trusted library allocation
page read and write
2AA0000
heap
page read and write
ACEE000
stack
page read and write
6CD9000
heap
page read and write
4B41000
heap
page read and write
F0E000
unkown
page readonly
110D000
trusted library allocation
page execute and read and write
901000
unkown
page readonly
5202000
unclassified section
page read and write
4FC4000
trusted library allocation
page read and write
25F0000
heap
page read and write
32B7000
heap
page read and write
3212000
unkown
page read and write
4B41000
heap
page read and write
4C7C000
stack
page read and write
6BE0000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
1C34E500000
trusted library allocation
page read and write
2AAE000
trusted library allocation
page read and write
331A000
heap
page read and write
4B41000
heap
page read and write
1A2D000
direct allocation
page execute and read and write
11B7000
heap
page read and write
7F870000
trusted library allocation
page execute and read and write
1A86000
direct allocation
page execute and read and write
13A0000
unkown
page readonly
2B30000
heap
page read and write
2CAB000
stack
page read and write
2B9B000
heap
page read and write
9A0000
unkown
page read and write
4B41000
heap
page read and write
26B5000
trusted library allocation
page read and write
DC7000
trusted library allocation
page execute and read and write
5150000
trusted library allocation
page read and write
C90000
heap
page read and write
338E000
heap
page read and write
5430000
heap
page read and write
3F1C000
unkown
page read and write
4B41000
heap
page read and write
173F000
stack
page read and write
112B000
trusted library allocation
page execute and read and write
1568000
heap
page read and write
34EC000
unkown
page read and write
D3E000
heap
page read and write
A19C000
stack
page read and write
D57000
heap
page read and write
3004000
heap
page read and write
F00000
unkown
page readonly
1A07000
direct allocation
page execute and read and write
4B41000
heap
page read and write
CC0000
unkown
page readonly
4B41000
heap
page read and write
4E7E000
stack
page read and write
9D7000
heap
page read and write
4EB0000
direct allocation
page execute and read and write
418000
remote allocation
page execute and read and write
D0E000
stack
page read and write
9EF000
heap
page read and write
4B41000
heap
page read and write
2C53000
trusted library allocation
page read and write
1430000
unkown
page read and write
140E000
stack
page read and write
1110000
trusted library allocation
page read and write
6F61000
heap
page read and write
1C34C810000
system
page execute and read and write
1390000
unkown
page readonly
1C34CA30000
heap
page read and write
D24000
trusted library allocation
page read and write
609E000
unclassified section
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
125A000
stack
page read and write
4D60000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
26B0000
trusted library allocation
page read and write
4D80000
heap
page execute and read and write
51F0000
heap
page read and write
97F000
heap
page read and write
4B41000
heap
page read and write
1C34E7BE000
trusted library allocation
page read and write
93E000
stack
page read and write
EB0000
trusted library allocation
page read and write
9E7E000
stack
page read and write
4D3E000
unkown
page read and write
6E6E000
stack
page read and write
1760000
direct allocation
page execute and read and write
1100000
trusted library allocation
page read and write
4B41000
heap
page read and write
1C34CB10000
heap
page read and write
4B41000
heap
page read and write
5B0000
heap
page read and write
4E25000
heap
page read and write
4B41000
heap
page read and write
1CC6000
direct allocation
page execute and read and write
3290000
heap
page read and write
43D2000
unkown
page read and write
4B41000
heap
page read and write
4B41000
heap
page read and write
F00000
unkown
page readonly
997E000
stack
page read and write
7200000
trusted library allocation
page execute and read and write
38D4000
unkown
page read and write
B9AE000
stack
page read and write
4B41000
heap
page read and write
3B49000
trusted library allocation
page read and write
400000
unkown
page readonly
402000
unkown
page readonly
BFD0DFC000
stack
page read and write
32D2000
unkown
page read and write
E60000
heap
page read and write
E50000
trusted library allocation
page read and write
4B41000
heap
page read and write
10C1000
unkown
page readonly
DBE000
stack
page read and write
6BDE000
trusted library allocation
page read and write
1C34E7B3000
trusted library allocation
page read and write
6B70000
heap
page read and write
32A8000
heap
page read and write
3004000
heap
page read and write
1560000
heap
page read and write
899000
stack
page read and write
1A26000
direct allocation
page execute and read and write
1A26000
direct allocation
page execute and read and write
4FDE000
trusted library allocation
page read and write
C4E000
stack
page read and write
32C8000
heap
page read and write
80D0000
heap
page read and write
31B6000
heap
page read and write
32BC000
heap
page read and write
4B41000
heap
page read and write
13C0000
heap
page read and write
EF7000
heap
page read and write
98AE000
stack
page read and write
30C4000
heap
page read and write
CA6000
trusted library allocation
page execute and read and write
598A000
system
page execute and read and write
BFD1DFE000
stack
page read and write
6BD0000
trusted library allocation
page read and write
4B41000
heap
page read and write
13B0000
unkown
page readonly
1421000
unkown
page readonly
4B41000
heap
page read and write
6C0B000
trusted library allocation
page read and write
2713000
heap
page read and write
4D32000
trusted library allocation
page read and write
4B41000
heap
page read and write
34EC000
unkown
page read and write
3EC0000
trusted library allocation
page read and write
1530000
unkown
page readonly
3831000
trusted library allocation
page read and write
42C000
remote allocation
page execute and read and write
4B41000
heap
page read and write
4FE1000
trusted library allocation
page read and write
4FC0000
trusted library allocation
page read and write
2C5D000
trusted library allocation
page read and write
D3A000
heap
page read and write
4B41000
heap
page read and write
2C50000
trusted library allocation
page read and write
9F8000
heap
page read and write
2600000
unkown
page readonly
4D0000
unkown
page readonly
4B41000
heap
page read and write
C00000
heap
page read and write
22ED000
stack
page read and write
4B40000
heap
page read and write
6AF0000
trusted library section
page read and write
5090000
trusted library allocation
page read and write
331A000
heap
page read and write
1C34C8AA000
system
page execute and read and write
30C4000
heap
page read and write
4B41000
heap
page read and write
C8D000
trusted library allocation
page execute and read and write
4B41000
heap
page read and write
4888000
unkown
page read and write
950D000
stack
page read and write
4B41000
heap
page read and write
D72000
heap
page read and write
4B41000
heap
page read and write
9F5E000
stack
page read and write
54DC000
unclassified section
page read and write
4B41000
heap
page read and write
8FC000
stack
page read and write
3923000
trusted library allocation
page read and write
580000
unkown
page readonly
4B41000
heap
page read and write
6AB0000
trusted library section
page read and write
2B1C000
trusted library allocation
page read and write
D30000
heap
page read and write
1C34E7CE000
trusted library allocation
page read and write
901000
unkown
page readonly
276D000
stack
page read and write
9F8000
heap
page read and write
B70E000
stack
page read and write
FE0000
unkown
page readonly
CC0000
heap
page read and write
715E000
stack
page read and write
4B41000
heap
page read and write
1C34CB3F000
heap
page read and write
687E000
heap
page read and write
4B41000
heap
page read and write
5F0000
unkown
page read and write
49CC000
stack
page read and write
11B0000
heap
page read and write
4B41000
heap
page read and write
There are 860 hidden memdumps, click here to show them.