Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
3SBlY301oa.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_3SBlY301oa.exe_5a1a519effa811292938bb68c3ebce597f77c4c_e88ba259_f039ff30-d749-46dd-a705-b4a398e35dde\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBDF.tmp.dmp
|
Mini DuMP crash report, 16 streams, Mon Jul 1 13:44:09 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD28.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD67.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\jsc.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_11e1mfol.1ae.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3skpmywg.xqi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b1plpdlj.gn3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cimcy0g0.dyj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_curbv2ia.4ov.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dujlpnt2.sre.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_i3nd3o5y.2rm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kf4ddzuz.3hi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_krauy1eb.wcv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_odurkfd4.yu5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qvshr32v.biy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ymemg2im.33a.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jsc.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Jul 1 14:28:10
2024, mtime=Mon Jul 1 14:28:11 2024, atime=Mon Jul 1 14:28:11 2024, length=47584, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\jsc.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 14 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\3SBlY301oa.exe
|
"C:\Users\user\Desktop\3SBlY301oa.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'jsc.exe'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\jsc.exe'
|
|
|
|
C:\Users\user\AppData\Roaming\jsc.exe
|
"C:\Users\user\AppData\Roaming\jsc.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\jsc.exe
|
"C:\Users\user\AppData\Roaming\jsc.exe"
|
|
|
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7544 -s 1000
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
rwanco.duckdns.org
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://go.micros
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.microsoft.co
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://crl.mi
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
rwanco.duckdns.org
|
78.159.112.6
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
78.159.112.6
|
rwanco.duckdns.org
|
Germany
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
jsc
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
ProgramId
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
FileId
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
LongPathHash
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
Name
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
OriginalFileName
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
Publisher
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
Version
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
BinFileVersion
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
BinaryType
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
ProductName
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
ProductVersion
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
LinkDate
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
BinProductVersion
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
Size
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
Language
|
||
|
\REGISTRY\A\{11bce2c9-2231-ef0b-6e5f-fe8c0aa11b35}\Root\InventoryApplicationFile\3sbly301oa.exe|b458307028c4a5d
|
Usn
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A9BF5B9000
|
trusted library allocation
|
page read and write
|
|
|
|
1A9CF43B000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
1A9BF28B000
|
trusted library allocation
|
page read and write
|
|
|
|
1A9BD7C8000
|
heap
|
page read and write
|
||
|
34F5000
|
trusted library allocation
|
page execute and read and write
|
||
|
600B000
|
trusted library allocation
|
page read and write
|
||
|
8820000
|
heap
|
page read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
4B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
5FE1000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB756000
|
trusted library allocation
|
page execute and read and write
|
||
|
77195FB000
|
stack
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AB0000
|
heap
|
page execute and read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
71B5000
|
heap
|
page execute and read and write
|
||
|
700C000
|
stack
|
page read and write
|
||
|
7FFAAB69B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
6E0E000
|
stack
|
page read and write
|
||
|
84C0000
|
heap
|
page read and write
|
||
|
83C0000
|
heap
|
page read and write
|
||
|
56B9000
|
trusted library allocation
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB673000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D5F000
|
stack
|
page read and write
|
||
|
1A9BD8F3000
|
trusted library allocation
|
page read and write
|
||
|
59DA000
|
trusted library allocation
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
6190000
|
trusted library allocation
|
page read and write
|
||
|
75A0000
|
heap
|
page read and write
|
||
|
9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
83AD000
|
trusted library allocation
|
page read and write
|
||
|
1A9CF5E0000
|
trusted library allocation
|
page read and write
|
||
|
3099000
|
trusted library allocation
|
page read and write
|
||
|
8840000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
heap
|
page execute and read and write
|
||
|
855F000
|
heap
|
page read and write
|
||
|
8760000
|
trusted library allocation
|
page read and write
|
||
|
8508000
|
heap
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
D25000
|
heap
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
9B2000
|
heap
|
page read and write
|
||
|
1A9BF251000
|
trusted library allocation
|
page read and write
|
||
|
998000
|
heap
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB68D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB0C025000
|
unkown
|
page readonly
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
1A9CF257000
|
trusted library allocation
|
page read and write
|
||
|
708F000
|
stack
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
2F8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C51000
|
trusted library allocation
|
page read and write
|
||
|
1A9BD5C2000
|
unkown
|
page readonly
|
||
|
5604000
|
trusted library allocation
|
page read and write
|
||
|
8F8C000
|
stack
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
8969000
|
heap
|
page read and write
|
||
|
8ABD000
|
stack
|
page read and write
|
||
|
2410000
|
trusted library allocation
|
page execute and read and write
|
||
|
8400000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
74A5000
|
heap
|
page execute and read and write
|
||
|
7FFAAB672000
|
trusted library allocation
|
page read and write
|
||
|
88FE000
|
stack
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
5C59000
|
trusted library allocation
|
page read and write
|
||
|
857D000
|
heap
|
page read and write
|
||
|
1A9BF220000
|
heap
|
page execute and read and write
|
||
|
5C81000
|
trusted library allocation
|
page read and write
|
||
|
601E000
|
trusted library allocation
|
page read and write
|
||
|
2FB6000
|
heap
|
page read and write
|
||
|
484E000
|
stack
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A77000
|
heap
|
page read and write
|
||
|
725D000
|
stack
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
75CC000
|
heap
|
page read and write
|
||
|
6040000
|
trusted library allocation
|
page read and write
|
||
|
6000000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
7631000
|
heap
|
page read and write
|
||
|
7F538000
|
trusted library allocation
|
page execute and read and write
|
||
|
E17000
|
heap
|
page read and write
|
||
|
4B30000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
7FFB0C016000
|
unkown
|
page readonly
|
||
|
83BE000
|
stack
|
page read and write
|
||
|
7FFAAB674000
|
trusted library allocation
|
page read and write
|
||
|
78B0000
|
trusted library allocation
|
page read and write
|
||
|
5463000
|
trusted library allocation
|
page read and write
|
||
|
513F000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB682000
|
trusted library allocation
|
page read and write
|
||
|
62D0000
|
trusted library allocation
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
4B8D000
|
stack
|
page read and write
|
||
|
8B4F000
|
stack
|
page read and write
|
||
|
328B000
|
heap
|
page read and write
|
||
|
2A22000
|
trusted library allocation
|
page read and write
|
||
|
8A4B000
|
stack
|
page read and write
|
||
|
52B7000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
trusted library allocation
|
page read and write
|
||
|
75D8000
|
heap
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
5C79000
|
trusted library allocation
|
page read and write
|
||
|
3611000
|
trusted library allocation
|
page read and write
|
||
|
70BA000
|
stack
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page read and write
|
||
|
3BC1000
|
trusted library allocation
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
8850000
|
trusted library allocation
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
4EA7000
|
heap
|
page read and write
|
||
|
70CD000
|
stack
|
page read and write
|
||
|
858C000
|
heap
|
page read and write
|
||
|
766E000
|
stack
|
page read and write
|
||
|
1A9D7280000
|
trusted library allocation
|
page read and write
|
||
|
A97000
|
trusted library allocation
|
page execute and read and write
|
||
|
62B0000
|
trusted library allocation
|
page read and write
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
5CA9000
|
trusted library allocation
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
71B0000
|
heap
|
page execute and read and write
|
||
|
75C8000
|
heap
|
page read and write
|
||
|
5FE9000
|
trusted library allocation
|
page read and write
|
||
|
88E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
490E000
|
stack
|
page read and write
|
||
|
254E000
|
stack
|
page read and write
|
||
|
76C0000
|
heap
|
page read and write
|
||
|
77194FE000
|
stack
|
page read and write
|
||
|
4B5E000
|
stack
|
page read and write
|
||
|
7FFAAB690000
|
trusted library allocation
|
page read and write
|
||
|
5296000
|
trusted library allocation
|
page read and write
|
||
|
7A62000
|
heap
|
page read and write
|
||
|
77192FE000
|
stack
|
page read and write
|
||
|
78C0000
|
trusted library allocation
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
8B3E000
|
stack
|
page read and write
|
||
|
53B4000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
7A26000
|
heap
|
page read and write
|
||
|
8853000
|
trusted library allocation
|
page read and write
|
||
|
4C13000
|
trusted library allocation
|
page read and write
|
||
|
838E000
|
stack
|
page read and write
|
||
|
240E000
|
stack
|
page read and write
|
||
|
8320000
|
trusted library allocation
|
page read and write
|
||
|
8A3B000
|
stack
|
page read and write
|
||
|
5190000
|
heap
|
page read and write
|
||
|
8541000
|
heap
|
page read and write
|
||
|
83E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
495C000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
4B59000
|
stack
|
page read and write
|
||
|
1A9BD792000
|
heap
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
9EB000
|
stack
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
2EC4000
|
trusted library allocation
|
page read and write
|
||
|
3615000
|
trusted library allocation
|
page read and write
|
||
|
E68000
|
stack
|
page read and write
|
||
|
8440000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
77193FE000
|
stack
|
page read and write
|
||
|
5E02000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
trusted library section
|
page read and write
|
||
|
2F64000
|
trusted library allocation
|
page read and write
|
||
|
8F0D000
|
stack
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
2C1E000
|
trusted library allocation
|
page read and write
|
||
|
6FCE000
|
stack
|
page read and write
|
||
|
56D7000
|
trusted library allocation
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page readonly
|
||
|
26B1000
|
trusted library allocation
|
page read and write
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
A9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
84A0000
|
heap
|
page read and write
|
||
|
7FFAAB829000
|
trusted library allocation
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
8527000
|
heap
|
page read and write
|
||
|
2A16000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
86E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
974000
|
trusted library allocation
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
762A000
|
stack
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8490000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
73AE000
|
stack
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
6321000
|
trusted library allocation
|
page read and write
|
||
|
6300000
|
trusted library allocation
|
page execute and read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
74A0000
|
heap
|
page execute and read and write
|
||
|
30AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
53BC000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
76F8000
|
heap
|
page read and write
|
||
|
56F9000
|
trusted library allocation
|
page read and write
|
||
|
770E000
|
heap
|
page read and write
|
||
|
89ED000
|
heap
|
page read and write
|
||
|
5100000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
48DE000
|
stack
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
86A2000
|
trusted library allocation
|
page read and write
|
||
|
E2C000
|
stack
|
page read and write
|
||
|
859A000
|
heap
|
page read and write
|
||
|
740B000
|
stack
|
page read and write
|
||
|
8750000
|
trusted library allocation
|
page execute and read and write
|
||
|
66C000
|
stack
|
page read and write
|
||
|
7A53000
|
heap
|
page read and write
|
||
|
4A70000
|
heap
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
88C0000
|
trusted library allocation
|
page read and write
|
||
|
7AAB000
|
heap
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
6340000
|
heap
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
3C2D000
|
trusted library allocation
|
page read and write
|
||
|
781D000
|
stack
|
page read and write
|
||
|
5407000
|
trusted library allocation
|
page read and write
|
||
|
34CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E19000
|
trusted library allocation
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
96D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2600000
|
heap
|
page execute and read and write
|
||
|
7FF481990000
|
trusted library allocation
|
page execute and read and write
|
||
|
89CA000
|
heap
|
page read and write
|
||
|
4C9C000
|
stack
|
page read and write
|
||
|
8993000
|
heap
|
page read and write
|
||
|
1A9BD7BB000
|
heap
|
page read and write
|
||
|
4A90000
|
heap
|
page read and write
|
||
|
896D000
|
heap
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
D6B000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
474E000
|
stack
|
page read and write
|
||
|
779E000
|
stack
|
page read and write
|
||
|
4A4F000
|
stack
|
page read and write
|
||
|
1A9BD790000
|
heap
|
page read and write
|
||
|
2DA000
|
unkown
|
page readonly
|
||
|
1A9BD930000
|
heap
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
4E20000
|
heap
|
page execute and read and write
|
||
|
5BAC000
|
stack
|
page read and write
|
||
|
7688000
|
heap
|
page read and write
|
||
|
83D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB680000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB72C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3570000
|
heap
|
page read and write
|
||
|
5378000
|
trusted library allocation
|
page read and write
|
||
|
7A58000
|
heap
|
page read and write
|
||
|
5B5E000
|
unkown
|
page read and write
|
||
|
7830000
|
trusted library allocation
|
page execute and read and write
|
||
|
895D000
|
heap
|
page read and write
|
||
|
8ACD000
|
stack
|
page read and write
|
||
|
309E000
|
heap
|
page read and write
|
||
|
4A0E000
|
stack
|
page read and write
|
||
|
4F2D000
|
stack
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
710B000
|
stack
|
page read and write
|
||
|
4FC1000
|
trusted library allocation
|
page read and write
|
||
|
83B0000
|
heap
|
page read and write
|
||
|
53C9000
|
trusted library allocation
|
page read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
F67000
|
heap
|
page read and write
|
||
|
77190F3000
|
stack
|
page read and write
|
||
|
1A9BD940000
|
heap
|
page read and write
|
||
|
30B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
77198FE000
|
stack
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB790000
|
trusted library allocation
|
page execute and read and write
|
||
|
83FA000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
4FB0000
|
heap
|
page execute and read and write
|
||
|
7482000
|
heap
|
page read and write
|
||
|
7FFB0C001000
|
unkown
|
page execute read
|
||
|
8930000
|
heap
|
page read and write
|
||
|
89B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3084000
|
trusted library allocation
|
page read and write
|
||
|
62C0000
|
trusted library allocation
|
page read and write
|
||
|
4EEF000
|
stack
|
page read and write
|
||
|
34E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB84E000
|
trusted library allocation
|
page read and write
|
||
|
5374000
|
trusted library allocation
|
page read and write
|
||
|
718B000
|
stack
|
page read and write
|
||
|
7FFAAB670000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
5DBA000
|
stack
|
page read and write
|
||
|
53DD000
|
stack
|
page read and write
|
||
|
4D68000
|
trusted library allocation
|
page read and write
|
||
|
8ECE000
|
stack
|
page read and write
|
||
|
7FAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F4E000
|
stack
|
page read and write
|
||
|
7BCE000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
7FFAAB730000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B8000
|
heap
|
page read and write
|
||
|
1A9BD650000
|
heap
|
page read and write
|
||
|
772D000
|
heap
|
page read and write
|
||
|
5CA1000
|
trusted library allocation
|
page read and write
|
||
|
84B8000
|
heap
|
page read and write
|
||
|
4910000
|
heap
|
page readonly
|
||
|
1A9BD77A000
|
heap
|
page read and write
|
||
|
77196FE000
|
stack
|
page read and write
|
||
|
78A0000
|
trusted library allocation
|
page read and write
|
||
|
6012000
|
trusted library allocation
|
page read and write
|
||
|
703F000
|
stack
|
page read and write
|
||
|
C37000
|
stack
|
page read and write
|
||
|
4B0E000
|
stack
|
page read and write
|
||
|
4B13000
|
trusted library allocation
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB830000
|
trusted library allocation
|
page read and write
|
||
|
5EFE000
|
stack
|
page read and write
|
||
|
1A9BD75C000
|
heap
|
page read and write
|
||
|
5DEA000
|
trusted library allocation
|
page read and write
|
||
|
1A9BD850000
|
heap
|
page read and write
|
||
|
71CE000
|
stack
|
page read and write
|
||
|
720B000
|
stack
|
page read and write
|
||
|
84A8000
|
heap
|
page read and write
|
||
|
83DD000
|
trusted library allocation
|
page read and write
|
||
|
8CFE000
|
stack
|
page read and write
|
||
|
4A60000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
7647000
|
heap
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
5627000
|
trusted library allocation
|
page read and write
|
||
|
8961000
|
heap
|
page read and write
|
||
|
7B80000
|
heap
|
page execute and read and write
|
||
|
8E4D000
|
stack
|
page read and write
|
||
|
5CED000
|
trusted library allocation
|
page read and write
|
||
|
78B0000
|
trusted library allocation
|
page read and write
|
||
|
7A5B000
|
heap
|
page read and write
|
||
|
8A02000
|
heap
|
page read and write
|
||
|
79C8000
|
heap
|
page read and write
|
||
|
8300000
|
heap
|
page read and write
|
||
|
75FD000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
1A9BD8F0000
|
trusted library allocation
|
page read and write
|
||
|
1A9D7B50000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
7B7E000
|
stack
|
page read and write
|
||
|
497C000
|
stack
|
page read and write
|
||
|
775E000
|
stack
|
page read and write
|
||
|
856C000
|
heap
|
page read and write
|
||
|
303B000
|
heap
|
page read and write
|
||
|
9C4000
|
heap
|
page read and write
|
||
|
84AC000
|
heap
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page read and write
|
||
|
7673000
|
heap
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
8A0E000
|
heap
|
page read and write
|
||
|
8880000
|
trusted library allocation
|
page read and write
|
||
|
36C000
|
stack
|
page read and write
|
||
|
541F000
|
trusted library allocation
|
page read and write
|
||
|
8549000
|
heap
|
page read and write
|
||
|
600E000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
84D4000
|
heap
|
page read and write
|
||
|
34C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
700A000
|
stack
|
page read and write
|
||
|
55E2000
|
trusted library allocation
|
page read and write
|
||
|
8370000
|
heap
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
862000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
9C0000
|
trusted library allocation
|
page read and write
|
||
|
561F000
|
trusted library allocation
|
page read and write
|
||
|
7696000
|
heap
|
page read and write
|
||
|
854C000
|
heap
|
page read and write
|
||
|
51BF000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
7FFAAB824000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
trusted library allocation
|
page read and write
|
||
|
1A9BD5C0000
|
unkown
|
page readonly
|
||
|
7CD0000
|
trusted library allocation
|
page read and write
|
||
|
9E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
7C0E000
|
stack
|
page read and write
|
||
|
77191FF000
|
stack
|
page read and write
|
||
|
2420000
|
trusted library allocation
|
page read and write
|
||
|
53C5000
|
trusted library allocation
|
page read and write
|
||
|
5389000
|
trusted library allocation
|
page read and write
|
||
|
29FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
FAE000
|
stack
|
page read and write
|
||
|
79E5000
|
heap
|
page read and write
|
||
|
7607000
|
heap
|
page read and write
|
||
|
7A82000
|
heap
|
page read and write
|
||
|
876B000
|
trusted library allocation
|
page read and write
|
||
|
4CCF000
|
stack
|
page read and write
|
||
|
77EE000
|
stack
|
page read and write
|
||
|
51B6000
|
trusted library allocation
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
8502000
|
heap
|
page read and write
|
||
|
4DA6000
|
trusted library allocation
|
page read and write
|
||
|
30B2000
|
trusted library allocation
|
page read and write
|
||
|
7CB0000
|
trusted library allocation
|
page read and write
|
||
|
5C89000
|
trusted library allocation
|
page read and write
|
||
|
D46000
|
heap
|
page read and write
|
||
|
5193000
|
heap
|
page read and write
|
||
|
6310000
|
heap
|
page read and write
|
||
|
4CE6000
|
trusted library allocation
|
page read and write
|
||
|
844E000
|
stack
|
page read and write
|
||
|
964000
|
trusted library allocation
|
page read and write
|
||
|
6F8000
|
stack
|
page read and write
|
||
|
8770000
|
trusted library allocation
|
page read and write
|
||
|
2A27000
|
trusted library allocation
|
page execute and read and write
|
||
|
86C2000
|
trusted library allocation
|
page read and write
|
||
|
4F6B000
|
trusted library allocation
|
page read and write
|
||
|
6189000
|
stack
|
page read and write
|
||
|
8A8E000
|
stack
|
page read and write
|
||
|
5EB9000
|
stack
|
page read and write
|
||
|
83A0000
|
trusted library allocation
|
page read and write
|
||
|
34D9000
|
trusted library allocation
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
1A9BD945000
|
heap
|
page read and write
|
||
|
89A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB810000
|
trusted library allocation
|
page read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page execute and read and write
|
||
|
7FFAAB850000
|
trusted library allocation
|
page read and write
|
||
|
2FD8000
|
heap
|
page read and write
|
||
|
4F69000
|
stack
|
page read and write
|
||
|
2D0000
|
unkown
|
page readonly
|
||
|
7669000
|
heap
|
page read and write
|
||
|
5525000
|
trusted library allocation
|
page read and write
|
||
|
4B10000
|
trusted library allocation
|
page read and write
|
||
|
7A37000
|
heap
|
page read and write
|
||
|
3008000
|
heap
|
page read and write
|
||
|
8CA0000
|
trusted library allocation
|
page read and write
|
||
|
7654000
|
heap
|
page read and write
|
||
|
884A000
|
trusted library allocation
|
page read and write
|
||
|
D88000
|
heap
|
page read and write
|
||
|
7FFAAB726000
|
trusted library allocation
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
7FAA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E2C000
|
stack
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
616A000
|
trusted library allocation
|
page read and write
|
||
|
76DE000
|
stack
|
page read and write
|
||
|
84DC000
|
heap
|
page read and write
|
||
|
2BFE000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
heap
|
page execute and read and write
|
||
|
5953000
|
trusted library allocation
|
page read and write
|
||
|
8B30000
|
trusted library allocation
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
84E2000
|
heap
|
page read and write
|
||
|
74ED000
|
stack
|
page read and write
|
||
|
8740000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
51B4000
|
trusted library allocation
|
page read and write
|
||
|
2F79000
|
trusted library allocation
|
page read and write
|
||
|
8965000
|
heap
|
page read and write
|
||
|
8300000
|
trusted library allocation
|
page read and write
|
||
|
2A0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAB6CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D10000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
heap
|
page read and write
|
||
|
1A9BD7BD000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
76AE000
|
stack
|
page read and write
|
||
|
56F7000
|
trusted library allocation
|
page read and write
|
||
|
8400000
|
trusted library allocation
|
page read and write
|
||
|
7FAE8000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page execute and read and write
|
||
|
8938000
|
heap
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
5214000
|
trusted library allocation
|
page read and write
|
||
|
7EF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
9CC000
|
stack
|
page read and write
|
||
|
4C6B000
|
stack
|
page read and write
|
||
|
6DCD000
|
stack
|
page read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
76B0000
|
heap
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
769E000
|
heap
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
4C8D000
|
stack
|
page read and write
|
||
|
7D00000
|
trusted library allocation
|
page read and write
|
||
|
5205000
|
trusted library allocation
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
9C4000
|
trusted library allocation
|
page read and write
|
||
|
7C4E000
|
stack
|
page read and write
|
||
|
2A12000
|
trusted library allocation
|
page read and write
|
||
|
848E000
|
stack
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
75ED000
|
stack
|
page read and write
|
||
|
704E000
|
stack
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
2611000
|
trusted library allocation
|
page read and write
|
||
|
4C51000
|
trusted library allocation
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page read and write
|
||
|
76EC000
|
heap
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page read and write
|
||
|
881F000
|
stack
|
page read and write
|
||
|
86F0000
|
trusted library allocation
|
page read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
83FE000
|
stack
|
page read and write
|
||
|
2F4C000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
308D000
|
trusted library allocation
|
page execute and read and write
|
||
|
782F000
|
stack
|
page read and write
|
||
|
85A5000
|
heap
|
page read and write
|
||
|
49BC000
|
stack
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
715C000
|
stack
|
page read and write
|
||
|
36B1000
|
trusted library allocation
|
page read and write
|
||
|
77197FE000
|
stack
|
page read and write
|
||
|
5B60000
|
trusted library allocation
|
page read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
7AA6000
|
heap
|
page read and write
|
||
|
88DE000
|
stack
|
page read and write
|
||
|
760A000
|
heap
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
7FFAAB840000
|
trusted library allocation
|
page read and write
|
||
|
2F92000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
heap
|
page read and write
|
||
|
7D30000
|
trusted library allocation
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
49B0000
|
trusted library allocation
|
page read and write
|
||
|
34C4000
|
trusted library allocation
|
page read and write
|
||
|
499C000
|
stack
|
page read and write
|
||
|
78C0000
|
trusted library allocation
|
page read and write
|
||
|
6B45000
|
heap
|
page read and write
|
||
|
602D000
|
trusted library allocation
|
page read and write
|
||
|
893A000
|
heap
|
page read and write
|
||
|
2D2000
|
unkown
|
page readonly
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
trusted library allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
7FFB0C020000
|
unkown
|
page read and write
|
||
|
3083000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
5FC1000
|
trusted library allocation
|
page read and write
|
||
|
83F7000
|
trusted library allocation
|
page read and write
|
||
|
263F000
|
stack
|
page read and write
|
||
|
5116000
|
trusted library allocation
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
1A9D7910000
|
trusted library section
|
page read and write
|
||
|
7FFB0C000000
|
unkown
|
page readonly
|
||
|
608C000
|
stack
|
page read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
876D000
|
trusted library allocation
|
page read and write
|
||
|
7684000
|
heap
|
page read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
856E000
|
heap
|
page read and write
|
||
|
1A9BD8C0000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
4D9D000
|
stack
|
page read and write
|
||
|
2F95000
|
trusted library allocation
|
page execute and read and write
|
||
|
C6F000
|
stack
|
page read and write
|
||
|
53CD000
|
trusted library allocation
|
page read and write
|
||
|
86D0000
|
trusted library allocation
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
32AE000
|
heap
|
page read and write
|
||
|
501B000
|
trusted library allocation
|
page read and write
|
||
|
7492000
|
heap
|
page read and write
|
||
|
6049000
|
trusted library allocation
|
page read and write
|
||
|
79C2000
|
heap
|
page read and write
|
||
|
1A9BD8E0000
|
trusted library allocation
|
page read and write
|
||
|
1A9BD7C4000
|
heap
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
8B0E000
|
stack
|
page read and write
|
||
|
8310000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCE000
|
heap
|
page read and write
|
||
|
6171000
|
trusted library allocation
|
page read and write
|
||
|
5E30000
|
trusted library allocation
|
page read and write
|
||
|
4CDB000
|
trusted library allocation
|
page read and write
|
||
|
76C0000
|
heap
|
page read and write
|
||
|
61A0000
|
heap
|
page read and write
|
||
|
77EE000
|
stack
|
page read and write
|
||
|
9B4000
|
trusted library allocation
|
page read and write
|
||
|
1A9BD935000
|
heap
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page read and write
|
||
|
8850000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
heap
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
82E0000
|
heap
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
50F1000
|
trusted library allocation
|
page read and write
|
||
|
3510000
|
trusted library allocation
|
page read and write
|
||
|
1A9BD730000
|
heap
|
page read and write
|
||
|
7C8D000
|
stack
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
8CB3000
|
trusted library allocation
|
page read and write
|
||
|
4A97000
|
heap
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
5E39000
|
trusted library allocation
|
page read and write
|
||
|
56D5000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
53B8000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
heap
|
page execute and read and write
|
||
|
84B4000
|
heap
|
page read and write
|
||
|
4C81000
|
trusted library allocation
|
page read and write
|
||
|
8A7E000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
8565000
|
heap
|
page read and write
|
||
|
4DD6000
|
trusted library allocation
|
page read and write
|
||
|
4B10000
|
heap
|
page execute and read and write
|
||
|
7FFAAB870000
|
trusted library allocation
|
page read and write
|
||
|
6021000
|
trusted library allocation
|
page read and write
|
||
|
59B7000
|
trusted library allocation
|
page read and write
|
||
|
8430000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
heap
|
page read and write
|
||
|
836E000
|
stack
|
page read and write
|
||
|
4CAB000
|
trusted library allocation
|
page read and write
|
||
|
2F63000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
34F2000
|
trusted library allocation
|
page read and write
|
||
|
4ACE000
|
stack
|
page read and write
|
||
|
86F0000
|
trusted library allocation
|
page read and write
|
||
|
77DE000
|
stack
|
page read and write
|
||
|
DB8000
|
heap
|
page read and write
|
||
|
89FD000
|
stack
|
page read and write
|
||
|
1A9BF270000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
3578000
|
heap
|
page read and write
|
||
|
6032000
|
trusted library allocation
|
page read and write
|
||
|
3560000
|
heap
|
page readonly
|
||
|
7A5F000
|
heap
|
page read and write
|
||
|
8892000
|
trusted library allocation
|
page read and write
|
||
|
7600000
|
heap
|
page execute and read and write
|
||
|
7FFAAB694000
|
trusted library allocation
|
page read and write
|
||
|
7AB3000
|
heap
|
page read and write
|
||
|
8950000
|
heap
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
7613000
|
heap
|
page read and write
|
||
|
7FFAAB720000
|
trusted library allocation
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
||
|
5367000
|
trusted library allocation
|
page read and write
|
||
|
9B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
78A0000
|
trusted library allocation
|
page read and write
|
||
|
537C000
|
trusted library allocation
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
3128000
|
heap
|
page read and write
|
||
|
752A000
|
stack
|
page read and write
|
||
|
6006000
|
trusted library allocation
|
page read and write
|
||
|
762D000
|
heap
|
page read and write
|
||
|
7FAB8000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CA0000
|
trusted library allocation
|
page read and write
|
||
|
4B15000
|
heap
|
page execute and read and write
|
||
|
5468000
|
trusted library allocation
|
page read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
84A0000
|
trusted library allocation
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BE6000
|
trusted library allocation
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
7FA98000
|
trusted library allocation
|
page execute and read and write
|
||
|
E31000
|
heap
|
page read and write
|
||
|
8830000
|
trusted library allocation
|
page execute and read and write
|
||
|
769A000
|
heap
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
7A4E000
|
heap
|
page read and write
|
||
|
4B20000
|
trusted library allocation
|
page read and write
|
||
|
88BE000
|
stack
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
5DFE000
|
trusted library allocation
|
page read and write
|
||
|
76F2000
|
heap
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
88A0000
|
heap
|
page read and write
|
||
|
8955000
|
heap
|
page read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
4B19000
|
stack
|
page read and write
|
||
|
51DC000
|
stack
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
51C7000
|
trusted library allocation
|
page read and write
|
||
|
4ABE000
|
stack
|
page read and write
|
||
|
D7C000
|
heap
|
page read and write
|
||
|
78D2000
|
heap
|
page read and write
|
||
|
889E000
|
stack
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
1A9BD83F000
|
heap
|
page read and write
|
||
|
1A9BF240000
|
heap
|
page read and write
|
||
|
C37000
|
stack
|
page read and write
|
||
|
7F030000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3D000
|
stack
|
page read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
73EF000
|
stack
|
page read and write
|
||
|
8E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F520000
|
trusted library allocation
|
page execute and read and write
|
||
|
B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
1A9CF251000
|
trusted library allocation
|
page read and write
|
||
|
7627000
|
heap
|
page read and write
|
||
|
84D0000
|
heap
|
page read and write
|
||
|
84A4000
|
heap
|
page read and write
|
||
|
8873000
|
trusted library allocation
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
D2D000
|
stack
|
page read and write
|
||
|
89C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
88B0000
|
trusted library allocation
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
7D20000
|
trusted library allocation
|
page read and write
|
||
|
1A9BD829000
|
heap
|
page read and write
|
||
|
8860000
|
trusted library allocation
|
page read and write
|
||
|
8870000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
8E8D000
|
stack
|
page read and write
|
||
|
302B000
|
heap
|
page read and write
|
||
|
5E0A000
|
trusted library allocation
|
page read and write
|
||
|
4C90000
|
heap
|
page execute and read and write
|
||
|
7FFB0C022000
|
unkown
|
page readonly
|
||
|
7FA80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7659000
|
heap
|
page read and write
|
||
|
70FE000
|
stack
|
page read and write
|
||
|
7F048000
|
trusted library allocation
|
page execute and read and write
|
||
|
7270000
|
heap
|
page read and write
|
||
|
3BE9000
|
trusted library allocation
|
page read and write
|
||
|
76B5000
|
heap
|
page read and write
|
||
|
84FE000
|
heap
|
page read and write
|
||
|
4BC8000
|
trusted library allocation
|
page read and write
|
||
|
8B50000
|
trusted library allocation
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
6B20000
|
heap
|
page read and write
|
||
|
6FFE000
|
stack
|
page read and write
|
||
|
1A9BD750000
|
heap
|
page read and write
|
||
|
4C70000
|
heap
|
page execute and read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
7FFAAB67D000
|
trusted library allocation
|
page execute and read and write
|
||
|
83DB000
|
trusted library allocation
|
page read and write
|
||
|
34F0000
|
trusted library allocation
|
page read and write
|
||
|
585E000
|
stack
|
page read and write
|
||
|
9AD000
|
heap
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
5409000
|
trusted library allocation
|
page read and write
|
||
|
8B40000
|
trusted library allocation
|
page read and write
|
||
|
36B5000
|
trusted library allocation
|
page read and write
|
||
|
8D3E000
|
stack
|
page read and write
|
||
|
8700000
|
trusted library allocation
|
page read and write
|
||
|
84B0000
|
heap
|
page read and write
|
||
|
8A0D000
|
stack
|
page read and write
|
||
|
89E7000
|
heap
|
page read and write
|
||
|
7FFAAB69D000
|
trusted library allocation
|
page execute and read and write
|
||
|
707E000
|
stack
|
page read and write
|
||
|
53C1000
|
trusted library allocation
|
page read and write
|
||
|
7110000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library section
|
page read and write
|
||
|
7210000
|
heap
|
page read and write
|
||
|
963000
|
trusted library allocation
|
page execute and read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
2FE8000
|
trusted library allocation
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
770A000
|
heap
|
page read and write
|
||
|
8584000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
8575000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
768000
|
stack
|
page read and write
|
||
|
4C2D000
|
stack
|
page read and write
|
||
|
7FFAAB860000
|
trusted library allocation
|
page execute and read and write
|
||
|
950000
|
trusted library allocation
|
page read and write
|
||
|
4C0F000
|
stack
|
page read and write
|
||
|
6159000
|
trusted library allocation
|
page read and write
|
||
|
766B000
|
heap
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
4928000
|
trusted library allocation
|
page read and write
|
||
|
76AD000
|
heap
|
page read and write
|
||
|
8FCE000
|
stack
|
page read and write
|
||
|
9EC000
|
stack
|
page read and write
|
||
|
8556000
|
heap
|
page read and write
|
||
|
8840000
|
trusted library allocation
|
page read and write
|
||
|
5FC9000
|
trusted library allocation
|
page read and write
|
||
|
464D000
|
stack
|
page read and write
|
||
|
4A2E000
|
stack
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
34EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A9D7A00000
|
heap
|
page execute and read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
5CBF000
|
trusted library allocation
|
page read and write
|
||
|
2BC1000
|
trusted library allocation
|
page read and write
|
||
|
3218000
|
heap
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D70000
|
heap
|
page read and write
|
||
|
742E000
|
stack
|
page read and write
|
||
|
84C8000
|
heap
|
page read and write
|
||
|
9EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
8AFE000
|
stack
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
710D000
|
stack
|
page read and write
|
||
|
8959000
|
heap
|
page read and write
|
||
|
8450000
|
trusted library allocation
|
page read and write
|
||
|
6D8E000
|
stack
|
page read and write
|
||
|
8847000
|
trusted library allocation
|
page read and write
|
||
|
8390000
|
heap
|
page read and write
|
||
|
5DFB000
|
trusted library allocation
|
page read and write
|
||
|
8CB0000
|
trusted library allocation
|
page read and write
|
||
|
75AB000
|
stack
|
page read and write
|
||
|
520B000
|
trusted library allocation
|
page read and write
|
||
|
743E000
|
stack
|
page read and write
|
||
|
849A000
|
trusted library allocation
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
7623000
|
heap
|
page read and write
|
||
|
50E0000
|
trusted library allocation
|
page read and write
|
||
|
83AB000
|
trusted library allocation
|
page read and write
|
||
|
B0F000
|
stack
|
page read and write
|
||
|
5421000
|
trusted library allocation
|
page read and write
|
||
|
602D000
|
trusted library allocation
|
page read and write
|
||
|
4DEC000
|
stack
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
79C0000
|
heap
|
page read and write
|
||
|
82F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAB820000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
546C000
|
trusted library allocation
|
page read and write
|
||
|
D57000
|
heap
|
page read and write
|
||
|
73CD000
|
stack
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
86E0000
|
trusted library allocation
|
page read and write
|
||
|
3246000
|
heap
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
1A9BD870000
|
heap
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
7687000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
84CC000
|
heap
|
page read and write
|
||
|
7EA000
|
heap
|
page read and write
|
||
|
900C000
|
stack
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
6004000
|
trusted library allocation
|
page read and write
|
||
|
6B51000
|
heap
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
85A0000
|
heap
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
87DD000
|
stack
|
page read and write
|
||
|
341E000
|
stack
|
page read and write
|
||
|
5647000
|
trusted library allocation
|
page read and write
|
||
|
713B000
|
stack
|
page read and write
|
||
|
559B000
|
trusted library allocation
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
7B3E000
|
stack
|
page read and write
|
||
|
782D000
|
stack
|
page read and write
|
||
|
5F6E000
|
trusted library allocation
|
page read and write
|
||
|
323A000
|
heap
|
page read and write
|
||
|
7A20000
|
heap
|
page read and write
|
||
|
5FFD000
|
stack
|
page read and write
|
||
|
53BB000
|
trusted library allocation
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
6179000
|
trusted library allocation
|
page read and write
|
||
|
6026000
|
trusted library allocation
|
page read and write
|
||
|
5E2A000
|
trusted library allocation
|
page read and write
|
||
|
8497000
|
trusted library allocation
|
page read and write
|
||
|
71FB000
|
stack
|
page read and write
|
There are 887 hidden memdumps, click here to show them.