Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
MicrosoftService.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0o2bzl5m.vov.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1lodb341.rb0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1yyzrnk4.4zs.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2ig5oaov.0rq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5fazmfqr.43u.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5jiipbik.fwv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hurbfl5u.scc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iw5qpwhw.izu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ja3zh3gf.t2o.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k03y04uj.vgq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kb1atu2k.e1k.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mgjozxag.4j1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t1uusbpa.maf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wu11mzd1.5ow.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yjv0uqg0.5am.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ylddzywl.her.ps1
|
ASCII text, with no line terminators
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\MicrosoftService.exe
|
"C:\Users\user\Desktop\MicrosoftService.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\MicrosoftService.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'MicrosoftService.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\ProgramData\Service
Host: Microsoft Service.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess ' Microsoft
Service.exe'
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
89.213.177.81
|
|
||
|
http://wwcrosoft.com/pki/certs/MicWinPCA_2010-07-06.crt0
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.t.com/pk
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.microsoft.co
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://crl.mic
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://crl.micft.cMicRosof
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://crl.micros
|
unknown
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
|
|
|
18.31.95.13.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
89.213.177.81
|
unknown
|
United Kingdom
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftService_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Microsoft Service
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
332000
|
unkown
|
page readonly
|
|
|
|
275A000
|
trusted library allocation
|
page read and write
|
|
|
|
2711000
|
trusted library allocation
|
page read and write
|
|
|
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
1E6D4565000
|
heap
|
page read and write
|
||
|
1B560000
|
heap
|
page read and write
|
||
|
C2D000
|
stack
|
page read and write
|
||
|
2061FF0E000
|
heap
|
page read and write
|
||
|
1E6D460D000
|
heap
|
page read and write
|
||
|
1A88D2E9000
|
heap
|
page read and write
|
||
|
1A89F069000
|
trusted library allocation
|
page read and write
|
||
|
6F1000
|
stack
|
page read and write
|
||
|
20607470000
|
heap
|
page execute and read and write
|
||
|
1271E000
|
trusted library allocation
|
page read and write
|
||
|
1B62A000
|
heap
|
page read and write
|
||
|
295041D0000
|
heap
|
page execute and read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A8A7730000
|
heap
|
page read and write
|
||
|
7FF849113000
|
trusted library allocation
|
page read and write
|
||
|
1A8A733F000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
29504260000
|
trusted library allocation
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
2951DFFF000
|
heap
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
1A89F06E000
|
trusted library allocation
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page execute and read and write
|
||
|
552A4FD000
|
stack
|
page read and write
|
||
|
1A88D2A7000
|
heap
|
page read and write
|
||
|
1E6EE783000
|
heap
|
page read and write
|
||
|
206082AB000
|
trusted library allocation
|
page read and write
|
||
|
29505FFE000
|
trusted library allocation
|
page read and write
|
||
|
7DF4ACFF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
29506BF5000
|
trusted library allocation
|
page read and write
|
||
|
1A8A7246000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
20605B70000
|
heap
|
page readonly
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
1E6EE81E000
|
heap
|
page read and write
|
||
|
29504180000
|
trusted library section
|
page read and write
|
||
|
1A8A733B000
|
heap
|
page read and write
|
||
|
2061FF10000
|
heap
|
page read and write
|
||
|
1E6D44E0000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
1E6D5EA0000
|
trusted library allocation
|
page read and write
|
||
|
1BA9E000
|
stack
|
page read and write
|
||
|
20608755000
|
trusted library allocation
|
page read and write
|
||
|
2951E3A9000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DFB000
|
trusted library allocation
|
page read and write
|
||
|
206074B0000
|
heap
|
page read and write
|
||
|
1E6EE4E9000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE823000
|
heap
|
page read and write
|
||
|
1E6D5F50000
|
heap
|
page execute and read and write
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
2061FA00000
|
heap
|
page read and write
|
||
|
1A8A757F000
|
heap
|
page read and write
|
||
|
7FF849159000
|
trusted library allocation
|
page read and write
|
||
|
C90F3E000
|
stack
|
page read and write
|
||
|
9C976FF000
|
stack
|
page read and write
|
||
|
1E6D6FF4000
|
trusted library allocation
|
page read and write
|
||
|
9C96DFE000
|
stack
|
page read and write
|
||
|
7FF8491DA000
|
trusted library allocation
|
page read and write
|
||
|
1C710000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
1A88F9E5000
|
trusted library allocation
|
page read and write
|
||
|
1B35E000
|
stack
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
1A8A7330000
|
heap
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849220000
|
trusted library allocation
|
page read and write
|
||
|
1E6D6D4D000
|
trusted library allocation
|
page read and write
|
||
|
1A88D390000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
552A477000
|
stack
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
29506AA9000
|
trusted library allocation
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
29506D11000
|
trusted library allocation
|
page read and write
|
||
|
7FF84914C000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
C90EB3000
|
stack
|
page read and write
|
||
|
1E6D5F61000
|
trusted library allocation
|
page read and write
|
||
|
1E6D5E9A000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
206059C0000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
1E6D4639000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
1E6D7790000
|
trusted library allocation
|
page read and write
|
||
|
29505B31000
|
trusted library allocation
|
page read and write
|
||
|
152337E000
|
stack
|
page read and write
|
||
|
1A88FD84000
|
trusted library allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
9C983CE000
|
stack
|
page read and write
|
||
|
20605A69000
|
heap
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
2060889D000
|
trusted library allocation
|
page read and write
|
||
|
1A88EBC0000
|
trusted library allocation
|
page read and write
|
||
|
29506DDF000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE7F5000
|
heap
|
page read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
2951E07A000
|
heap
|
page read and write
|
||
|
206087E5000
|
trusted library allocation
|
page read and write
|
||
|
9C97578000
|
stack
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
29506C59000
|
trusted library allocation
|
page read and write
|
||
|
1E6D7654000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
1A8A7660000
|
trusted library allocation
|
page read and write
|
||
|
8B6000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
152347E000
|
stack
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
1A89013F000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
2950795A000
|
trusted library allocation
|
page read and write
|
||
|
5529FDE000
|
stack
|
page read and write
|
||
|
1E6EE6FF000
|
heap
|
page read and write
|
||
|
1E6D76EA000
|
trusted library allocation
|
page read and write
|
||
|
1E6D4540000
|
heap
|
page read and write
|
||
|
1A88FEA2000
|
trusted library allocation
|
page read and write
|
||
|
7FF849256000
|
trusted library allocation
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
29515BA2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
552A27E000
|
stack
|
page read and write
|
||
|
29506D87000
|
trusted library allocation
|
page read and write
|
||
|
1E6D77CF000
|
trusted library allocation
|
page read and write
|
||
|
1E6D5E50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849230000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
2061FEFB000
|
heap
|
page read and write
|
||
|
C9177E000
|
stack
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1A8905B2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
1AC9C000
|
stack
|
page read and write
|
||
|
2061FE80000
|
heap
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page read and write
|
||
|
9C975FE000
|
stack
|
page read and write
|
||
|
7DF4ACFD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
890000
|
trusted library allocation
|
page read and write
|
||
|
152448B000
|
stack
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
152438F000
|
stack
|
page read and write
|
||
|
1A88D2E6000
|
heap
|
page read and write
|
||
|
2951E3C9000
|
heap
|
page read and write
|
||
|
9C9707E000
|
stack
|
page read and write
|
||
|
15234F7000
|
stack
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
206176C1000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE83C000
|
heap
|
page read and write
|
||
|
C924CE000
|
stack
|
page read and write
|
||
|
1E6EE6B0000
|
heap
|
page execute and read and write
|
||
|
552B50C000
|
stack
|
page read and write
|
||
|
7FF849200000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
20609015000
|
trusted library allocation
|
page read and write
|
||
|
1A88F9F5000
|
trusted library allocation
|
page read and write
|
||
|
1A8A728F000
|
heap
|
page read and write
|
||
|
1A8A7300000
|
heap
|
page execute and read and write
|
||
|
2061FB67000
|
heap
|
page execute and read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
29504290000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
C9234D000
|
stack
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6D7208000
|
trusted library allocation
|
page read and write
|
||
|
29506D4A000
|
trusted library allocation
|
page read and write
|
||
|
15236B7000
|
stack
|
page read and write
|
||
|
2061791E000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A000
|
stack
|
page read and write
|
||
|
20607B8D000
|
trusted library allocation
|
page read and write
|
||
|
20608969000
|
trusted library allocation
|
page read and write
|
||
|
1E6D45B0000
|
heap
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
1A88D410000
|
heap
|
page read and write
|
||
|
20608F2D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8491F0000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE7CD000
|
heap
|
page read and write
|
||
|
295073C2000
|
trusted library allocation
|
page read and write
|
||
|
1A88FF91000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
20605B20000
|
trusted library section
|
page read and write
|
||
|
7FF84916C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6EE900000
|
trusted library allocation
|
page read and write
|
||
|
1B5EF000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1A8A74A5000
|
heap
|
page read and write
|
||
|
2061FE38000
|
heap
|
page read and write
|
||
|
9C971FA000
|
stack
|
page read and write
|
||
|
1E6EE4FA000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
206094A1000
|
trusted library allocation
|
page read and write
|
||
|
1A8A75A0000
|
heap
|
page read and write
|
||
|
1A890026000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD8000
|
trusted library allocation
|
page read and write
|
||
|
1E6D45B8000
|
heap
|
page read and write
|
||
|
1A89EDA1000
|
trusted library allocation
|
page read and write
|
||
|
1A8A725E000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
1B110000
|
heap
|
page read and write
|
||
|
20605A28000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1C098000
|
stack
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
7FF84915C000
|
trusted library allocation
|
page read and write
|
||
|
2951E287000
|
heap
|
page read and write
|
||
|
1A8A6D8F000
|
heap
|
page read and write
|
||
|
1C70C000
|
stack
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6D7329000
|
trusted library allocation
|
page read and write
|
||
|
1CA0E000
|
stack
|
page read and write
|
||
|
206086C5000
|
trusted library allocation
|
page read and write
|
||
|
552A8BE000
|
stack
|
page read and write
|
||
|
1E6EE505000
|
heap
|
page read and write
|
||
|
1E6D45EC000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
206078E9000
|
trusted library allocation
|
page read and write
|
||
|
29506584000
|
trusted library allocation
|
page read and write
|
||
|
2951E100000
|
trusted library allocation
|
page read and write
|
||
|
1B150000
|
heap
|
page execute and read and write
|
||
|
7FF848FAA000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE5C0000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
2061FED5000
|
heap
|
page read and write
|
||
|
552A637000
|
stack
|
page read and write
|
||
|
1E6D7D69000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
1E6D7D44000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
20608F54000
|
trusted library allocation
|
page read and write
|
||
|
552A6BB000
|
stack
|
page read and write
|
||
|
1B55E000
|
stack
|
page read and write
|
||
|
C90FFF000
|
stack
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
206089CA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6D5E90000
|
heap
|
page read and write
|
||
|
1E6D6F65000
|
trusted library allocation
|
page read and write
|
||
|
552A5BE000
|
stack
|
page read and write
|
||
|
1A88D360000
|
heap
|
page read and write
|
||
|
20605AA8000
|
heap
|
page read and write
|
||
|
1A88FB63000
|
trusted library allocation
|
page read and write
|
||
|
1A88FDB0000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE7E7000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
29515E1F000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE717000
|
heap
|
page read and write
|
||
|
9C9737D000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
552A739000
|
stack
|
page read and write
|
||
|
7FF849188000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
1E6E6269000
|
trusted library allocation
|
page read and write
|
||
|
29505D5A000
|
trusted library allocation
|
page read and write
|
||
|
15237B9000
|
stack
|
page read and write
|
||
|
1A8A757B000
|
heap
|
page read and write
|
||
|
7DF49B270000
|
trusted library allocation
|
page execute and read and write
|
||
|
12711000
|
trusted library allocation
|
page read and write
|
||
|
1A89EDB1000
|
trusted library allocation
|
page read and write
|
||
|
1A8A721F000
|
heap
|
page read and write
|
||
|
1BD9C000
|
stack
|
page read and write
|
||
|
29505B20000
|
heap
|
page read and write
|
||
|
20605B40000
|
trusted library allocation
|
page read and write
|
||
|
1E6D618A000
|
trusted library allocation
|
page read and write
|
||
|
15238BE000
|
stack
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2951E0A0000
|
heap
|
page execute and read and write
|
||
|
552A7BF000
|
stack
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B093000
|
heap
|
page read and write
|
||
|
1E6D5E95000
|
heap
|
page read and write
|
||
|
552B30F000
|
stack
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
1A88D2E4000
|
heap
|
page read and write
|
||
|
1A8A7410000
|
heap
|
page execute and read and write
|
||
|
29503FE1000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849200000
|
trusted library allocation
|
page read and write
|
||
|
1E6D7020000
|
trusted library allocation
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
206083ED000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE54E000
|
heap
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
C913F9000
|
stack
|
page read and write
|
||
|
29515B51000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
29506BC9000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
1E6D713A000
|
trusted library allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
9C97477000
|
stack
|
page read and write
|
||
|
7DF49B260000
|
trusted library allocation
|
page execute and read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
29515E39000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
29515E27000
|
trusted library allocation
|
page read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page read and write
|
||
|
1E6D4633000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
1A88D150000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1A8A7248000
|
heap
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
1A89F1D6000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
9C9727E000
|
stack
|
page read and write
|
||
|
206176F1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
1C60A000
|
stack
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
152458C000
|
stack
|
page read and write
|
||
|
12718000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
15239BC000
|
stack
|
page read and write
|
||
|
29515B61000
|
trusted library allocation
|
page read and write
|
||
|
B25000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
9C970FF000
|
stack
|
page read and write
|
||
|
1E6D78B7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD4000
|
trusted library allocation
|
page read and write
|
||
|
206058C0000
|
heap
|
page read and write
|
||
|
9C9777B000
|
stack
|
page read and write
|
||
|
1E6D4500000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
7FF849246000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE4FC000
|
heap
|
page read and write
|
||
|
1524509000
|
stack
|
page read and write
|
||
|
7FF8491D0000
|
trusted library allocation
|
page read and write
|
||
|
1A8905F1000
|
trusted library allocation
|
page read and write
|
||
|
29503F20000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
29507935000
|
trusted library allocation
|
page read and write
|
||
|
C915F7000
|
stack
|
page read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
29506AA5000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
1E6E6259000
|
trusted library allocation
|
page read and write
|
||
|
152363E000
|
stack
|
page read and write
|
||
|
1A88ED81000
|
trusted library allocation
|
page read and write
|
||
|
15235F9000
|
stack
|
page read and write
|
||
|
1E6EE820000
|
heap
|
page read and write
|
||
|
9C9767E000
|
stack
|
page read and write
|
||
|
1A89050C000
|
trusted library allocation
|
page read and write
|
||
|
1E6D4635000
|
heap
|
page read and write
|
||
|
206086F0000
|
trusted library allocation
|
page read and write
|
||
|
2951E160000
|
heap
|
page execute and read and write
|
||
|
1E6D5E80000
|
trusted library allocation
|
page read and write
|
||
|
2951DFF5000
|
heap
|
page read and write
|
||
|
1E6D7D89000
|
trusted library allocation
|
page read and write
|
||
|
1E6D6F07000
|
trusted library allocation
|
page read and write
|
||
|
1A88D3F0000
|
trusted library allocation
|
page read and write
|
||
|
206073C0000
|
trusted library allocation
|
page read and write
|
||
|
1E6D45EF000
|
heap
|
page read and write
|
||
|
29503F80000
|
heap
|
page read and write
|
||
|
1A8906D9000
|
trusted library allocation
|
page read and write
|
||
|
1E6E5FD1000
|
trusted library allocation
|
page read and write
|
||
|
152460C000
|
stack
|
page read and write
|
||
|
1A890087000
|
trusted library allocation
|
page read and write
|
||
|
29507955000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
1A88FE3F000
|
trusted library allocation
|
page read and write
|
||
|
1E6D5E70000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F9A000
|
trusted library allocation
|
page read and write
|
||
|
206059A0000
|
heap
|
page read and write
|
||
|
552A3FE000
|
stack
|
page read and write
|
||
|
1E6EE542000
|
heap
|
page read and write
|
||
|
29506E40000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE817000
|
heap
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
2061FB90000
|
heap
|
page read and write
|
||
|
9C972F7000
|
stack
|
page read and write
|
||
|
C9137F000
|
stack
|
page read and write
|
||
|
552B58E000
|
stack
|
page read and write
|
||
|
1A88D268000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
1E6D6CD8000
|
trusted library allocation
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
7FF849179000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1E6D6F09000
|
trusted library allocation
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FDA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E0B000
|
trusted library allocation
|
page read and write
|
||
|
1A8A755D000
|
heap
|
page read and write
|
||
|
2061FAA7000
|
heap
|
page read and write
|
||
|
1E6D7D8E000
|
trusted library allocation
|
page read and write
|
||
|
2951E640000
|
heap
|
page read and write
|
||
|
9C974FA000
|
stack
|
page read and write
|
||
|
7FF8491F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849134000
|
trusted library allocation
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE2000
|
trusted library allocation
|
page read and write
|
||
|
1E6D6F91000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F92000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
20605A5F000
|
heap
|
page read and write
|
||
|
1A88EC45000
|
heap
|
page read and write
|
||
|
29506B98000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
893000
|
trusted library allocation
|
page read and write
|
||
|
1A89F087000
|
trusted library allocation
|
page read and write
|
||
|
7FF849162000
|
trusted library allocation
|
page read and write
|
||
|
20607390000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6D5E60000
|
heap
|
page readonly
|
||
|
2951DFBF000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6E5F81000
|
trusted library allocation
|
page read and write
|
||
|
20605B60000
|
trusted library allocation
|
page read and write
|
||
|
552A579000
|
stack
|
page read and write
|
||
|
1A88D2A9000
|
heap
|
page read and write
|
||
|
1A88F987000
|
trusted library allocation
|
page read and write
|
||
|
1A89EDF0000
|
trusted library allocation
|
page read and write
|
||
|
20608736000
|
trusted library allocation
|
page read and write
|
||
|
1A8A7596000
|
heap
|
page read and write
|
||
|
1A88FB65000
|
trusted library allocation
|
page read and write
|
||
|
7FF849133000
|
trusted library allocation
|
page read and write
|
||
|
29503FA8000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7FF849144000
|
trusted library allocation
|
page read and write
|
||
|
1A88ED70000
|
heap
|
page execute and read and write
|
||
|
1A740000
|
trusted library allocation
|
page read and write
|
||
|
206179AF000
|
trusted library allocation
|
page read and write
|
||
|
2061FEB4000
|
heap
|
page read and write
|
||
|
1A890BB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
206076C1000
|
trusted library allocation
|
page read and write
|
||
|
206082C1000
|
trusted library allocation
|
page read and write
|
||
|
1A88D2A3000
|
heap
|
page read and write
|
||
|
1A88EC80000
|
trusted library allocation
|
page read and write
|
||
|
2951E3BB000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
1E6E5F91000
|
trusted library allocation
|
page read and write
|
||
|
1A88D415000
|
heap
|
page read and write
|
||
|
7FF8491EA000
|
trusted library allocation
|
page read and write
|
||
|
20605A65000
|
heap
|
page read and write
|
||
|
1A88D270000
|
heap
|
page read and write
|
||
|
7FF849142000
|
trusted library allocation
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
7FF499BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849004000
|
trusted library allocation
|
page read and write
|
||
|
152357D000
|
stack
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
7FF8491E0000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
152327E000
|
stack
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
7FF849152000
|
trusted library allocation
|
page read and write
|
||
|
152460E000
|
stack
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
20605A5D000
|
heap
|
page read and write
|
||
|
7FF848E96000
|
trusted library allocation
|
page read and write
|
||
|
1A88D260000
|
heap
|
page read and write
|
||
|
C923C7000
|
stack
|
page read and write
|
||
|
C922CE000
|
stack
|
page read and write
|
||
|
1A88EBD0000
|
heap
|
page read and write
|
||
|
1A890B8B000
|
trusted library allocation
|
page read and write
|
||
|
2951DB33000
|
heap
|
page read and write
|
||
|
1BB9D000
|
stack
|
page read and write
|
||
|
1E6D5ED0000
|
trusted library allocation
|
page read and write
|
||
|
20617732000
|
trusted library allocation
|
page read and write
|
||
|
1E6D7083000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
9C981CC000
|
stack
|
page read and write
|
||
|
2951E166000
|
heap
|
page execute and read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
7FF849220000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
29504295000
|
heap
|
page read and write
|
||
|
1B99E000
|
stack
|
page read and write
|
||
|
7FF8491FC000
|
trusted library allocation
|
page read and write
|
||
|
C914F9000
|
stack
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
1C50A000
|
stack
|
page read and write
|
||
|
7FF849168000
|
trusted library allocation
|
page read and write
|
||
|
1A8A71E0000
|
heap
|
page read and write
|
||
|
552A37A000
|
stack
|
page read and write
|
||
|
1E6EE577000
|
heap
|
page read and write
|
||
|
29506EFA000
|
trusted library allocation
|
page read and write
|
||
|
330000
|
unkown
|
page readonly
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
20605A20000
|
heap
|
page read and write
|
||
|
1A88D400000
|
heap
|
page readonly
|
||
|
1A89F076000
|
trusted library allocation
|
page read and write
|
||
|
2060865D000
|
trusted library allocation
|
page read and write
|
||
|
152393F000
|
stack
|
page read and write
|
||
|
9AD000
|
heap
|
page read and write
|
||
|
7FF84920C000
|
trusted library allocation
|
page read and write
|
||
|
29507910000
|
trusted library allocation
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
9C9834C000
|
stack
|
page read and write
|
||
|
2061FDC0000
|
heap
|
page read and write
|
||
|
7FF849190000
|
trusted library allocation
|
page read and write
|
||
|
7FF849230000
|
trusted library allocation
|
page read and write
|
||
|
7DF4ACFE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FE2000
|
trusted library allocation
|
page read and write
|
||
|
C9187E000
|
stack
|
page read and write
|
||
|
20605BE0000
|
heap
|
page read and write
|
||
|
1E6D642F000
|
trusted library allocation
|
page read and write
|
||
|
5529F53000
|
stack
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
C91678000
|
stack
|
page read and write
|
||
|
2951E382000
|
heap
|
page read and write
|
||
|
29504220000
|
trusted library allocation
|
page read and write
|
||
|
1A8A7307000
|
heap
|
page execute and read and write
|
||
|
7FF84925D000
|
trusted library allocation
|
page read and write
|
||
|
1A88FE13000
|
trusted library allocation
|
page read and write
|
||
|
1523738000
|
stack
|
page read and write
|
||
|
1AA9C000
|
heap
|
page read and write
|
||
|
1B090000
|
heap
|
page read and write
|
||
|
1A890BAB000
|
trusted library allocation
|
page read and write
|
||
|
1E6D6D45000
|
trusted library allocation
|
page read and write
|
||
|
29504026000
|
heap
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
1A8A74CC000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
1A8A75A9000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
20605A63000
|
heap
|
page read and write
|
||
|
2061FAF6000
|
heap
|
page read and write
|
||
|
7FF848FD2000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
206094C6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page read and write
|
||
|
1A88EFAA000
|
trusted library allocation
|
page read and write
|
||
|
7FF849190000
|
trusted library allocation
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
7FF849002000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE497000
|
heap
|
page execute and read and write
|
||
|
2951DFB9000
|
heap
|
page read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20605A7D000
|
heap
|
page read and write
|
||
|
7DF4ABCC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F92000
|
trusted library allocation
|
page read and write
|
||
|
9C9717E000
|
stack
|
page read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
1E6E624F000
|
trusted library allocation
|
page read and write
|
||
|
1A8A7344000
|
heap
|
page read and write
|
||
|
1E6D45F5000
|
heap
|
page read and write
|
||
|
7FF849230000
|
trusted library allocation
|
page read and write
|
||
|
26DE000
|
stack
|
page read and write
|
||
|
206179C9000
|
trusted library allocation
|
page read and write
|
||
|
29503FFD000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
20605BE5000
|
heap
|
page read and write
|
||
|
29503F10000
|
heap
|
page read and write
|
||
|
295041E0000
|
heap
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
7FF849123000
|
trusted library allocation
|
page read and write
|
||
|
7FF84918C000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
206179B9000
|
trusted library allocation
|
page read and write
|
||
|
20605A00000
|
heap
|
page read and write
|
||
|
295041E5000
|
heap
|
page read and write
|
||
|
7FF848FC8000
|
trusted library allocation
|
page read and write
|
||
|
7FF849230000
|
trusted library allocation
|
page read and write
|
||
|
1B45E000
|
stack
|
page read and write
|
||
|
1A8A7456000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2951E3BE000
|
heap
|
page read and write
|
||
|
9C982C9000
|
stack
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE712000
|
heap
|
page read and write
|
||
|
2951DF80000
|
heap
|
page read and write
|
||
|
7FF848DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page read and write
|
||
|
29507483000
|
trusted library allocation
|
page read and write
|
||
|
2951DFF3000
|
heap
|
page read and write
|
||
|
C9244C000
|
stack
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
C90FBE000
|
stack
|
page read and write
|
||
|
1E6D726F000
|
trusted library allocation
|
page read and write
|
||
|
29503FE9000
|
heap
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
2951E317000
|
heap
|
page read and write
|
||
|
2950739C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
552A2FE000
|
stack
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
20605B30000
|
trusted library section
|
page read and write
|
||
|
295041B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849154000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
1A890A42000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
29503F40000
|
heap
|
page read and write
|
||
|
1A88D2BD000
|
heap
|
page read and write
|
||
|
7FF849174000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
C9127E000
|
stack
|
page read and write
|
||
|
1A88D230000
|
heap
|
page read and write
|
||
|
20607747000
|
trusted library allocation
|
page read and write
|
||
|
1522FC3000
|
stack
|
page read and write
|
||
|
1BC9D000
|
stack
|
page read and write
|
||
|
7FF848F91000
|
trusted library allocation
|
page read and write
|
||
|
552B489000
|
stack
|
page read and write
|
||
|
206085B3000
|
trusted library allocation
|
page read and write
|
||
|
2061FB60000
|
heap
|
page execute and read and write
|
||
|
C924CB000
|
stack
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE4A0000
|
heap
|
page read and write
|
||
|
2061FEF3000
|
heap
|
page read and write
|
||
|
1E6D4590000
|
trusted library allocation
|
page read and write
|
||
|
7FF849200000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE8000
|
trusted library allocation
|
page read and write
|
||
|
20608A85000
|
trusted library allocation
|
page read and write
|
||
|
1A88D29D000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
1E6E624A000
|
trusted library allocation
|
page read and write
|
||
|
2951E270000
|
heap
|
page read and write
|
||
|
7FF8492A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
206082B9000
|
trusted library allocation
|
page read and write
|
||
|
1E6D5FE7000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491EC000
|
trusted library allocation
|
page read and write
|
||
|
1E6D69B5000
|
trusted library allocation
|
page read and write
|
||
|
1B5E2000
|
heap
|
page read and write
|
||
|
9C9814E000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
1A8A72C3000
|
heap
|
page read and write
|
||
|
2061FA46000
|
heap
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page read and write
|
||
|
206074A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
15232FE000
|
stack
|
page read and write
|
||
|
29506AA1000
|
trusted library allocation
|
page read and write
|
||
|
1E6D45F7000
|
heap
|
page read and write
|
||
|
29515B40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A8A7599000
|
heap
|
page read and write
|
||
|
1A890143000
|
trusted library allocation
|
page read and write
|
||
|
C912F9000
|
stack
|
page read and write
|
||
|
9C9824E000
|
stack
|
page read and write
|
||
|
29515E1B000
|
trusted library allocation
|
page read and write
|
||
|
2951E3AE000
|
heap
|
page read and write
|
||
|
1E6EE715000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849148000
|
trusted library allocation
|
page read and write
|
||
|
7DF486180000
|
trusted library allocation
|
page execute and read and write
|
||
|
152440C000
|
stack
|
page read and write
|
||
|
7FF849220000
|
trusted library allocation
|
page read and write
|
||
|
1A88F24E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
91C000
|
heap
|
page read and write
|
||
|
29504170000
|
trusted library section
|
page read and write
|
||
|
206076B0000
|
heap
|
page read and write
|
||
|
1A8A71EB000
|
heap
|
page read and write
|
||
|
1A88D2AB000
|
heap
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491F0000
|
trusted library allocation
|
page read and write
|
||
|
1E6D723B000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
1A890B65000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC2000
|
trusted library allocation
|
page read and write
|
||
|
29515E21000
|
trusted library allocation
|
page read and write
|
||
|
1E6D4400000
|
heap
|
page read and write
|
||
|
2061FA86000
|
heap
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE490000
|
heap
|
page execute and read and write
|
||
|
C916FF000
|
stack
|
page read and write
|
||
|
1A88FAF4000
|
trusted library allocation
|
page read and write
|
||
|
20605A6B000
|
heap
|
page read and write
|
||
|
C91577000
|
stack
|
page read and write
|
||
|
29503FDD000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
29515B31000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE4000
|
trusted library allocation
|
page read and write
|
||
|
29505BB6000
|
trusted library allocation
|
page read and write
|
||
|
7FF849139000
|
trusted library allocation
|
page read and write
|
||
|
1C40E000
|
stack
|
page read and write
|
||
|
2700000
|
heap
|
page execute and read and write
|
||
|
7FF849236000
|
trusted library allocation
|
page read and write
|
||
|
2950691B000
|
trusted library allocation
|
page read and write
|
||
|
2774000
|
trusted library allocation
|
page read and write
|
||
|
2951E3B2000
|
heap
|
page read and write
|
||
|
1E6D45C2000
|
heap
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
29503FE5000
|
heap
|
page read and write
|
||
|
1A88D27E000
|
heap
|
page read and write
|
||
|
9A2000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
7FF849149000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
1B25A000
|
stack
|
page read and write
|
||
|
7FF848F82000
|
trusted library allocation
|
page read and write
|
||
|
1A88D3D0000
|
trusted library allocation
|
page read and write
|
||
|
1B634000
|
heap
|
page read and write
|
||
|
2061FA44000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
989000
|
heap
|
page read and write
|
||
|
29504190000
|
trusted library allocation
|
page read and write
|
||
|
7FF84924D000
|
trusted library allocation
|
page read and write
|
||
|
20608663000
|
trusted library allocation
|
page read and write
|
||
|
206074B5000
|
heap
|
page read and write
|
||
|
1A88FF58000
|
trusted library allocation
|
page read and write
|
||
|
552B38C000
|
stack
|
page read and write
|
||
|
7FF849008000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
1E6D6B5E000
|
trusted library allocation
|
page read and write
|
||
|
7FF849220000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
C9147D000
|
stack
|
page read and write
|
||
|
20605B80000
|
trusted library allocation
|
page read and write
|
||
|
C918FC000
|
stack
|
page read and write
|
||
|
206082C9000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
95F000
|
heap
|
page read and write
|
||
|
29506A9C000
|
trusted library allocation
|
page read and write
|
||
|
1E6D70BE000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1E6EE594000
|
heap
|
page read and write
|
||
|
1A88EDFE000
|
trusted library allocation
|
page read and write
|
||
|
552A93B000
|
stack
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
20608112000
|
trusted library allocation
|
page read and write
|
||
|
1A89ED81000
|
trusted library allocation
|
page read and write
|
||
|
C917FE000
|
stack
|
page read and write
|
||
|
206176E1000
|
trusted library allocation
|
page read and write
|
||
|
295072B6000
|
trusted library allocation
|
page read and write
|
||
|
2061FDB0000
|
heap
|
page read and write
|
||
|
1E6D6B6C000
|
trusted library allocation
|
page read and write
|
||
|
1A8A7440000
|
heap
|
page read and write
|
||
|
1A8A71E9000
|
heap
|
page read and write
|
||
|
1E6E5F61000
|
trusted library allocation
|
page read and write
|
||
|
1A88F7D3000
|
trusted library allocation
|
page read and write
|
||
|
1BE95000
|
stack
|
page read and write
|
||
|
1E6EE9B0000
|
heap
|
page read and write
|
||
|
206094E6000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
330000
|
unkown
|
page readonly
|
||
|
12722000
|
trusted library allocation
|
page read and write
|
||
|
29506A31000
|
trusted library allocation
|
page read and write
|
||
|
7FF849158000
|
trusted library allocation
|
page read and write
|
||
|
20607610000
|
heap
|
page execute and read and write
|
||
|
1A8A757D000
|
heap
|
page read and write
|
||
|
7FF8491E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
206094EB000
|
trusted library allocation
|
page read and write
|
||
|
29515E29000
|
trusted library allocation
|
page read and write
|
||
|
1E6D469F000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
29504024000
|
heap
|
page read and write
|
||
|
1A88EC40000
|
heap
|
page read and write
|
||
|
20608781000
|
trusted library allocation
|
page read and write
|
||
|
552B40E000
|
stack
|
page read and write
|
||
|
7DF486170000
|
trusted library allocation
|
page execute and read and write
|
||
|
206074CC000
|
heap
|
page read and write
|
||
|
1A8A7467000
|
heap
|
page read and write
|
||
|
1A890618000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
1E6D4560000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page read and write
|
||
|
29503FA0000
|
heap
|
page read and write
|
||
|
9C973F9000
|
stack
|
page read and write
|
||
|
7FF849280000
|
trusted library allocation
|
page read and write
|
||
|
1E6E6251000
|
trusted library allocation
|
page read and write
|
||
|
20605AA4000
|
heap
|
page read and write
|
||
|
1E6D77F6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF849153000
|
trusted library allocation
|
page read and write
|
||
|
15233FA000
|
stack
|
page read and write
|
||
|
20608E48000
|
trusted library allocation
|
page read and write
|
||
|
7FF849290000
|
trusted library allocation
|
page read and write
|
||
|
552A83E000
|
stack
|
page read and write
|
||
|
295068AE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA2000
|
trusted library allocation
|
page read and write
|
||
|
152383E000
|
stack
|
page read and write
|
||
|
7FF849213000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
1A8A71F1000
|
heap
|
page read and write
|
||
|
2951E190000
|
heap
|
page read and write
|
||
|
1E6EDF61000
|
heap
|
page read and write
|
||
|
1E6EE6E0000
|
heap
|
page read and write
|
||
|
2951E277000
|
heap
|
page read and write
|
||
|
1E6EE71F000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
9C96DB3000
|
stack
|
page read and write
|
||
|
7DF4ABCD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A8A72BA000
|
heap
|
page read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page read and write
|
||
|
2061FEBF000
|
heap
|
page read and write
|
||
|
29504029000
|
heap
|
page read and write
|
||
|
29506A98000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8491A0000
|
trusted library allocation
|
page read and write
|
||
|
206179AB000
|
trusted library allocation
|
page read and write
|
||
|
1C3CE000
|
stack
|
page read and write
|
||
|
1A8A750F000
|
heap
|
page read and write
|
||
|
7FF848FE4000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491B0000
|
trusted library allocation
|
page read and write
|
||
|
295041C0000
|
heap
|
page readonly
|
||
|
2951DFDF000
|
heap
|
page read and write
|
There are 854 hidden memdumps, click here to show them.