Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
oxi.ps1
|
ASCII text, with very long lines (717)
|
initial sample
|
 |
|
|
C:\downloads\Autoit3.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\kkdbffb\cehaheb
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_agh0ij5h.omq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_czenej3t.2ah.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hkertzrr.42t.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mgbdsv5s.xjw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\HdaEKeA
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\QKOJIP9LS64FACZEJGLE.temp
|
data
|
dropped
|
||
|
C:\downloads\TU.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\downloads\script.a3x
|
data
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\oxi.ps1"
|
|
|
|
C:\Windows\System32\ipconfig.exe
|
"C:\Windows\system32\ipconfig.exe" /flushdns
|
|
|
|
C:\downloads\Autoit3.exe
|
"C:\downloads\Autoit3.exe" c:\\downloads\script.a3x
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"c:\windows\system32\cmd.exe" /c wmic ComputerSystem get domain > C:\ProgramData\kkdbffb\cehaheb
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\wbem\WMIC.exe
|
wmic ComputerSystem get domain
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
http://kostumn1.ilabserver.com
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelpX
|
unknown
|
||
|
https://kostumn1.ilabsX
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://kostumn1.ilabserver.com
|
unknown
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://kostumn1.ilabserver.com/1.zip
|
167.235.238.203
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
kostumn1.ilabserver.com
|
167.235.238.203
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
167.235.238.203
|
kostumn1.ilabserver.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3919000
|
direct allocation
|
page read and write
|
|
|
|
38A8000
|
direct allocation
|
page read and write
|
|
|
|
3D2E000
|
direct allocation
|
page execute and read and write
|
|
|
|
3CC1000
|
direct allocation
|
page execute and read and write
|
|
|
|
379C000
|
direct allocation
|
page read and write
|
|
|
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DCB69A000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DCA1D7000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
24DC9C63000
|
heap
|
page read and write
|
||
|
24DC9AD0000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
81671DD000
|
stack
|
page read and write
|
||
|
52E000
|
stack
|
page read and write
|
||
|
24DE24BC000
|
heap
|
page read and write
|
||
|
7FFD9BC30000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
CAD000
|
stack
|
page read and write
|
||
|
1CB4C714000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
11D1000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
24DCB652000
|
trusted library allocation
|
page read and write
|
||
|
3828000
|
direct allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
4050000
|
direct allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
F4B000
|
heap
|
page read and write
|
||
|
8C4000
|
unkown
|
page write copy
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE24D0000
|
heap
|
page read and write
|
||
|
24DE2230000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7DF4D6BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DE2430000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC9C50000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
24DE1FB0000
|
heap
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
24DCA6A8000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE2894000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DDA2B1000
|
trusted library allocation
|
page read and write
|
||
|
24DCA037000
|
trusted library allocation
|
page read and write
|
||
|
11CE000
|
heap
|
page read and write
|
||
|
81687CF000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
11E7000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
24DCB69F000
|
trusted library allocation
|
page read and write
|
||
|
F21000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
84D000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
890000
|
unkown
|
page readonly
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
24DE2330000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE234C000
|
heap
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
1144000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
24DCB467000
|
trusted library allocation
|
page read and write
|
||
|
24DC8010000
|
heap
|
page read and write
|
||
|
24DE2890000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DCA439000
|
trusted library allocation
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
EFE000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
4151000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
4BB8000
|
heap
|
page read and write
|
||
|
8B6000
|
unkown
|
page readonly
|
||
|
ECC000
|
heap
|
page read and write
|
||
|
347C97E000
|
stack
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
24DC7FD0000
|
heap
|
page read and write
|
||
|
816767E000
|
stack
|
page read and write
|
||
|
4AAF000
|
stack
|
page read and write
|
||
|
66B000
|
stack
|
page read and write
|
||
|
816757B000
|
stack
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
1CB4C410000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DE225D000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
F24000
|
heap
|
page read and write
|
||
|
81678B7000
|
stack
|
page read and write
|
||
|
24DE2144000
|
heap
|
page read and write
|
||
|
ED2000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
24DCBB06000
|
trusted library allocation
|
page read and write
|
||
|
24DE24CD000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
1187000
|
heap
|
page read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
6A8000
|
stack
|
page read and write
|
||
|
EF3000
|
heap
|
page read and write
|
||
|
3828000
|
direct allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
10C1000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
816747D000
|
stack
|
page read and write
|
||
|
974000
|
heap
|
page read and write
|
||
|
816894C000
|
stack
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
3824000
|
direct allocation
|
page read and write
|
||
|
7FFD9B911000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
319D000
|
heap
|
page read and write
|
||
|
24DCA454000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
24DCBC11000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DC80DC000
|
heap
|
page read and write
|
||
|
EE1000
|
heap
|
page read and write
|
||
|
3199000
|
heap
|
page read and write
|
||
|
304C000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE2458000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
11ED000
|
heap
|
page read and write
|
||
|
24DE244B000
|
heap
|
page read and write
|
||
|
319F000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DCA6E0000
|
trusted library allocation
|
page read and write
|
||
|
EDB000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DDA29E000
|
trusted library allocation
|
page read and write
|
||
|
24DCB6C3000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
3890000
|
direct allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
EFC000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
81676FF000
|
stack
|
page read and write
|
||
|
3047000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC9AE0000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DCAAE6000
|
trusted library allocation
|
page read and write
|
||
|
81670D5000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
3042000
|
heap
|
page read and write
|
||
|
347C87D000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC7FB0000
|
heap
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
24DE23C7000
|
heap
|
page read and write
|
||
|
7DF4D6BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB4000
|
heap
|
page read and write
|
||
|
F33000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
24DC83E5000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
92A000
|
heap
|
page read and write
|
||
|
2E0F000
|
unkown
|
page read and write
|
||
|
24DCBB14000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
3196000
|
heap
|
page read and write
|
||
|
941000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
F0A000
|
heap
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
24DE23FB000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
3199000
|
heap
|
page read and write
|
||
|
24DCBB18000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
9EB000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
81675FF000
|
stack
|
page read and write
|
||
|
37B8000
|
direct allocation
|
page read and write
|
||
|
24DC9A70000
|
heap
|
page readonly
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
804000
|
heap
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
24DE243B000
|
heap
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
F32000
|
heap
|
page read and write
|
||
|
97E000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
7FFD9BB77000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DDA2AD000
|
trusted library allocation
|
page read and write
|
||
|
2E43000
|
heap
|
page read and write
|
||
|
EFF000
|
heap
|
page read and write
|
||
|
24DCBAEC000
|
trusted library allocation
|
page read and write
|
||
|
24DCB02D000
|
trusted library allocation
|
page read and write
|
||
|
3844000
|
direct allocation
|
page read and write
|
||
|
93F000
|
heap
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
3460000
|
direct allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
EF6000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
EFD000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
4054000
|
direct allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
3043000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
816870D000
|
stack
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DE2357000
|
heap
|
page read and write
|
||
|
24DC9B70000
|
heap
|
page execute and read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
8DD000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
93A000
|
heap
|
page read and write
|
||
|
24DC9AD5000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
119D000
|
heap
|
page read and write
|
||
|
EFD000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
300F000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
3043000
|
heap
|
page read and write
|
||
|
24DCA450000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
1CB4C710000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
24DE2351000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
983000
|
heap
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE2394000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
24DE2361000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
24DE250A000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DCBAE8000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
24DC811C000
|
heap
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
319E000
|
heap
|
page read and write
|
||
|
117A000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7FFD9B91A000
|
trusted library allocation
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
24DE20C0000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
EF3000
|
heap
|
page read and write
|
||
|
24DC8122000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
8167B3E000
|
stack
|
page read and write
|
||
|
CDC000
|
stack
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
3046000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC80DE000
|
heap
|
page read and write
|
||
|
24DDA15D000
|
trusted library allocation
|
page read and write
|
||
|
3844000
|
direct allocation
|
page read and write
|
||
|
24DCBB08000
|
trusted library allocation
|
page read and write
|
||
|
24DD9FD2000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
1CB4C600000
|
heap
|
page read and write
|
||
|
24DC9BC0000
|
heap
|
page execute and read and write
|
||
|
81679B7000
|
stack
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DC80E2000
|
heap
|
page read and write
|
||
|
949000
|
heap
|
page read and write
|
||
|
EED000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
1CB4C439000
|
heap
|
page read and write
|
||
|
24DCA434000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
4BB8000
|
heap
|
page read and write
|
||
|
2E42000
|
heap
|
page read and write
|
||
|
4B2F000
|
stack
|
page read and write
|
||
|
816860E000
|
stack
|
page read and write
|
||
|
EEA000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
EDD000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
F32000
|
heap
|
page read and write
|
||
|
24DD9FB1000
|
trusted library allocation
|
page read and write
|
||
|
1CB4C620000
|
heap
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
24DE24EE000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
319A000
|
heap
|
page read and write
|
||
|
816874F000
|
stack
|
page read and write
|
||
|
24DC9A60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
8B6000
|
unkown
|
page readonly
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
34F0000
|
direct allocation
|
page read and write
|
||
|
CBC000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
F24000
|
heap
|
page read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
11E3000
|
heap
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
3047000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
4BB4000
|
heap
|
page read and write
|
||
|
ED8000
|
heap
|
page read and write
|
||
|
8167939000
|
stack
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
7FFD9BB18000
|
trusted library allocation
|
page read and write
|
||
|
93F000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
1CB4C430000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
F21000
|
heap
|
page read and write
|
||
|
7FFD9BB72000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
81674FE000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
11E1000
|
heap
|
page read and write
|
||
|
7FFD9BB4E000
|
trusted library allocation
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
8167ABE000
|
stack
|
page read and write
|
||
|
921000
|
heap
|
page read and write
|
||
|
3B4F000
|
direct allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DE2407000
|
heap
|
page read and write
|
||
|
EE1000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE24B9000
|
heap
|
page read and write
|
||
|
3198000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2BCE000
|
unkown
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC9B90000
|
heap
|
page execute and read and write
|
||
|
F24000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
81677F8000
|
stack
|
page read and write
|
||
|
816777A000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
8C2000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DD9FD9000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
816884D000
|
stack
|
page read and write
|
||
|
C9F000
|
stack
|
page read and write
|
||
|
ED8000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
81688CD000
|
stack
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DC80D4000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DE252A000
|
heap
|
page read and write
|
||
|
8C9000
|
unkown
|
page readonly
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BB1C000
|
trusted library allocation
|
page read and write
|
||
|
F32000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
356C000
|
direct allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC9B97000
|
heap
|
page execute and read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
3BC0000
|
direct allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
347C8FE000
|
unkown
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC9B10000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BBA3000
|
trusted library allocation
|
page read and write
|
||
|
24DCB68C000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
168F000
|
stack
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DCB4AC000
|
trusted library allocation
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
ECD000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
93F000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DE2250000
|
heap
|
page read and write
|
||
|
7FFD9BAAA000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
8C0000
|
unkown
|
page read and write
|
||
|
24DE20FE000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC9AA0000
|
heap
|
page read and write
|
||
|
F24000
|
heap
|
page read and write
|
||
|
24DE21A1000
|
heap
|
page read and write
|
||
|
24DC9A80000
|
trusted library allocation
|
page read and write
|
||
|
11B6000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
37B8000
|
direct allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
8BB000
|
heap
|
page read and write
|
||
|
24DCBB1A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2E43000
|
heap
|
page read and write
|
||
|
F32000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
8167A3E000
|
stack
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
8167BBB000
|
stack
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
11CD000
|
heap
|
page execute and read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
2E2B000
|
heap
|
page read and write
|
||
|
EDB000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
11DD000
|
heap
|
page execute and read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
1156000
|
heap
|
page read and write
|
||
|
7FFD9BB7F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
890000
|
unkown
|
page readonly
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
97B000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
3194000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
8C0000
|
unkown
|
page write copy
|
||
|
24DCB14D000
|
trusted library allocation
|
page read and write
|
||
|
24DE2365000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
4250000
|
trusted library allocation
|
page read and write
|
||
|
11C2000
|
heap
|
page read and write
|
||
|
10F4000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
7FFD9BAE3000
|
trusted library allocation
|
page read and write
|
||
|
24DC83E0000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC9A30000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DDA024000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7DF4D6BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
37B8000
|
direct allocation
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24DC7FA0000
|
heap
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB09000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page execute and read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE248F000
|
heap
|
page read and write
|
||
|
3560000
|
direct allocation
|
page read and write
|
||
|
97C000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
816715E000
|
stack
|
page read and write
|
||
|
97F000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
816868F000
|
stack
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
11A3000
|
heap
|
page read and write
|
||
|
24DC9FB1000
|
trusted library allocation
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
ECC000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
FFE000
|
heap
|
page read and write
|
||
|
24DC80D8000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
F21000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
3049000
|
heap
|
page read and write
|
||
|
24DCB76C000
|
trusted library allocation
|
page read and write
|
||
|
3D2A000
|
direct allocation
|
page execute and read and write
|
||
|
24DE251E000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE28A0000
|
heap
|
page read and write
|
||
|
7FFD9BB04000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
F21000
|
heap
|
page read and write
|
||
|
801000
|
unkown
|
page execute read
|
||
|
4AEE000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
8C9000
|
unkown
|
page readonly
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE4580000
|
heap
|
page read and write
|
||
|
24DC80F4000
|
heap
|
page read and write
|
||
|
8167C3B000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B3D000
|
stack
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
801000
|
unkown
|
page execute read
|
||
|
4BB8000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
4A6E000
|
stack
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
4150000
|
heap
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DE23BD000
|
heap
|
page read and write
|
||
|
24DE2105000
|
heap
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
93F000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
24DCBF26000
|
trusted library allocation
|
page read and write
|
||
|
537000
|
heap
|
page read and write
|
||
|
24DCA442000
|
trusted library allocation
|
page read and write
|
||
|
24DE23F7000
|
heap
|
page read and write
|
||
|
24DC8030000
|
heap
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
977000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
heap
|
page read and write
|
||
|
24DC9C60000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
There are 692 hidden memdumps, click here to show them.