Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
purchase order - PO-011024-201.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\purchase order - PO-011024-201.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpA55D.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\jDCErdK.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\jDCErdK.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\jDCErdK.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1ydipv32.rch.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a4hijodc.ge5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_buvsfm2e.pk3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hywbxmih.pi5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qv1b5osh.meo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uo2lwk0v.0hh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vcpniucf.tvs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z5iets4r.baj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp981A.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Windows\INF\WmiApRpl\WmiApRpl.h
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\INF\WmiApRpl\WmiApRpl.ini
|
Unicode text, UTF-16, little-endian text, with very long lines (405), with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\PerfStringBackup.INI
|
data
|
dropped
|
||
|
C:\Windows\System32\PerfStringBackup.TMP
|
data
|
dropped
|
||
|
C:\Windows\System32\perfc009.dat
|
data
|
dropped
|
||
|
C:\Windows\System32\perfh009.dat
|
data
|
dropped
|
||
|
C:\Windows\System32\wbem\Performance\WmiApRpl_new.h
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\wbem\Performance\WmiApRpl_new.ini
|
Unicode text, UTF-16, little-endian text, with very long lines (405), with CRLF line terminators
|
dropped
|
||
|
C:\Windows\system32\wbem\Performance\WmiApRpl.h (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\system32\wbem\Performance\WmiApRpl.ini (copy)
|
Unicode text, UTF-16, little-endian text, with very long lines (405), with CRLF line terminators
|
dropped
|
There are 16 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\purchase order - PO-011024-201.exe
|
"C:\Users\user\Desktop\purchase order - PO-011024-201.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\purchase
order - PO-011024-201.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\jDCErdK.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\jDCErdK" /XML "C:\Users\user\AppData\Local\Temp\tmpA55D.tmp"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\jDCErdK.exe
|
C:\Users\user\AppData\Roaming\jDCErdK.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\jDCErdK" /XML "C:\Users\user\AppData\Local\Temp\tmp981A.tmp"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\wbem\WMIADAP.exe
|
wmiadap.exe /F /T /R
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mail.iaa-airferight.com
|
unknown
|
|
|
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 21 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.iaa-airferight.com
|
46.175.148.58
|
|
|
|
api.ipify.org
|
172.67.74.152
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.175.148.58
|
mail.iaa-airferight.com
|
Ukraine
|
|
|
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Updating
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Updating
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
Last Counter
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
Last Help
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
First Counter
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
First Help
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
Object List
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\system32\kernelbase.dll[MofResourceName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\system32\en-US\kernelbase.dll.mui[MofResourceName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\ACPI.sys[ACPIMOFResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\en-US\ACPI.sys.mui[ACPIMOFResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\lsi_sas.sys[MofResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\processr.sys[PROCESSORWMI]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\en-US\processr.sys.mui[PROCESSORWMI]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\mssmbios.sys[MofResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\en-US\mssmbios.sys.mui[MofResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\system32\drivers\ndis.sys[MofResourceName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\system32\drivers\en-US\ndis.sys.mui[MofResourceName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\HDAudBus.sys[HDAudioMofName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\Drivers\portcls.SYS[PortclsMof]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Last Counter
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Last Help
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Last Counter
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Last Help
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\PROVIDERS\Performance
|
Performance Data
|
There are 30 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
284C000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2EE1000
|
trusted library allocation
|
page read and write
|
|
|
|
3DA9000
|
trusted library allocation
|
page read and write
|
|
|
|
2821000
|
trusted library allocation
|
page read and write
|
|
|
|
2F0B000
|
trusted library allocation
|
page read and write
|
|
|
|
3FF1000
|
trusted library allocation
|
page read and write
|
|
|
|
1366000
|
heap
|
page read and write
|
||
|
763000
|
trusted library allocation
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
85E000
|
heap
|
page read and write
|
||
|
127D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
106D9000
|
trusted library allocation
|
page read and write
|
||
|
281D000
|
trusted library allocation
|
page read and write
|
||
|
6990000
|
trusted library allocation
|
page read and write
|
||
|
6370000
|
heap
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
27AC000
|
stack
|
page read and write
|
||
|
4C3D000
|
trusted library allocation
|
page read and write
|
||
|
2F07000
|
trusted library allocation
|
page read and write
|
||
|
804E000
|
stack
|
page read and write
|
||
|
5512000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
A24000
|
trusted library allocation
|
page read and write
|
||
|
69D000
|
stack
|
page read and write
|
||
|
682E000
|
stack
|
page read and write
|
||
|
501E000
|
unkown
|
page read and write
|
||
|
2421000
|
trusted library allocation
|
page read and write
|
||
|
5EBF000
|
stack
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
59CE000
|
stack
|
page read and write
|
||
|
5528000
|
trusted library allocation
|
page read and write
|
||
|
660B000
|
trusted library allocation
|
page read and write
|
||
|
6153000
|
trusted library allocation
|
page read and write
|
||
|
6A0E000
|
stack
|
page read and write
|
||
|
105A000
|
trusted library allocation
|
page execute and read and write
|
||
|
697E000
|
stack
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
10E0E000
|
stack
|
page read and write
|
||
|
27B4000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
trusted library allocation
|
page read and write
|
||
|
4A68000
|
trusted library allocation
|
page read and write
|
||
|
5E40000
|
heap
|
page read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page read and write
|
||
|
1273000
|
trusted library allocation
|
page execute and read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
12B2000
|
heap
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page read and write
|
||
|
6287000
|
trusted library allocation
|
page read and write
|
||
|
1043000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
4F1E000
|
heap
|
page read and write
|
||
|
4E09000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
753000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F00000
|
trusted library allocation
|
page read and write
|
||
|
127A000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
5B40000
|
trusted library section
|
page read and write
|
||
|
5519000
|
trusted library allocation
|
page read and write
|
||
|
B5C000
|
heap
|
page read and write
|
||
|
76AE000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
1062000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
2426000
|
trusted library allocation
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
5FE0000
|
heap
|
page read and write
|
||
|
A57000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D04000
|
heap
|
page read and write
|
||
|
5B4A000
|
heap
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
636C000
|
stack
|
page read and write
|
||
|
242D000
|
trusted library allocation
|
page read and write
|
||
|
4A7A000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
86AE000
|
stack
|
page read and write
|
||
|
6E5F000
|
stack
|
page read and write
|
||
|
2807000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
81AE000
|
stack
|
page read and write
|
||
|
10CCE000
|
stack
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
4C36000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
26CF000
|
stack
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
623F000
|
stack
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
25E8000
|
trusted library allocation
|
page read and write
|
||
|
A42000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
heap
|
page execute and read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
5F9E000
|
stack
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
61AD000
|
stack
|
page read and write
|
||
|
4A59000
|
trusted library allocation
|
page read and write
|
||
|
11D4000
|
trusted library allocation
|
page read and write
|
||
|
CD20000
|
trusted library allocation
|
page read and write
|
||
|
1056000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
893000
|
heap
|
page read and write
|
||
|
75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
852E000
|
stack
|
page read and write
|
||
|
4A34000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
27D1000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
4C60000
|
trusted library section
|
page readonly
|
||
|
6640000
|
trusted library allocation
|
page read and write
|
||
|
69C7000
|
trusted library allocation
|
page read and write
|
||
|
5A0D000
|
stack
|
page read and write
|
||
|
6167000
|
trusted library allocation
|
page read and write
|
||
|
129A000
|
trusted library allocation
|
page execute and read and write
|
||
|
241E000
|
trusted library allocation
|
page read and write
|
||
|
4C5E000
|
trusted library allocation
|
page read and write
|
||
|
552F000
|
trusted library allocation
|
page read and write
|
||
|
76E6000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
7FD30000
|
trusted library allocation
|
page execute and read and write
|
||
|
104D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7663000
|
heap
|
page read and write
|
||
|
A23000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F06000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
trusted library allocation
|
page read and write
|
||
|
A5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
7530000
|
trusted library section
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6069000
|
heap
|
page read and write
|
||
|
82C000
|
stack
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
4E98000
|
trusted library allocation
|
page read and write
|
||
|
2E74000
|
trusted library allocation
|
page read and write
|
||
|
6A9F000
|
stack
|
page read and write
|
||
|
4A52000
|
trusted library allocation
|
page read and write
|
||
|
6158000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
66EF000
|
stack
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
840000
|
trusted library allocation
|
page execute and read and write
|
||
|
760000
|
trusted library allocation
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page read and write
|
||
|
551C000
|
stack
|
page read and write
|
||
|
1274000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
76CA000
|
heap
|
page read and write
|
||
|
A4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
611E000
|
stack
|
page read and write
|
||
|
57CC000
|
stack
|
page read and write
|
||
|
5254000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
A2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
4C42000
|
trusted library allocation
|
page read and write
|
||
|
613F000
|
stack
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
2EC6000
|
trusted library allocation
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
5499000
|
trusted library allocation
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
27DC000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
14AB000
|
stack
|
page read and write
|
||
|
82EE000
|
stack
|
page read and write
|
||
|
1185000
|
heap
|
page read and write
|
||
|
76FB000
|
heap
|
page read and write
|
||
|
5B34000
|
heap
|
page read and write
|
||
|
10F4E000
|
stack
|
page read and write
|
||
|
1354000
|
heap
|
page read and write
|
||
|
37F9000
|
trusted library allocation
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
6066000
|
heap
|
page read and write
|
||
|
5590000
|
trusted library section
|
page readonly
|
||
|
1356000
|
heap
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A12000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
trusted library allocation
|
page read and write
|
||
|
B1A000
|
stack
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
5535000
|
trusted library allocation
|
page read and write
|
||
|
4E9000
|
stack
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
B09000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
134A000
|
heap
|
page read and write
|
||
|
5474000
|
trusted library allocation
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
5271000
|
trusted library allocation
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
65FD000
|
stack
|
page read and write
|
||
|
2DBF000
|
trusted library allocation
|
page read and write
|
||
|
F041000
|
trusted library allocation
|
page read and write
|
||
|
2864000
|
trusted library allocation
|
page read and write
|
||
|
1034000
|
trusted library allocation
|
page read and write
|
||
|
2854000
|
trusted library allocation
|
page read and write
|
||
|
525B000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
heap
|
page execute and read and write
|
||
|
4CAC000
|
stack
|
page read and write
|
||
|
63E6000
|
heap
|
page read and write
|
||
|
71FE000
|
stack
|
page read and write
|
||
|
551D000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
106F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2846000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
6610000
|
trusted library allocation
|
page execute and read and write
|
||
|
257F000
|
stack
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
4693000
|
trusted library allocation
|
page read and write
|
||
|
12A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
DC7000
|
heap
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
12AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
133E000
|
heap
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
103D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
55C0000
|
heap
|
page execute and read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
6DA000
|
stack
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
82AF000
|
stack
|
page read and write
|
||
|
2D6B000
|
heap
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
6160000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
86E000
|
unkown
|
page read and write
|
||
|
110CC000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
2FBC000
|
trusted library allocation
|
page read and write
|
||
|
A2000
|
unkown
|
page readonly
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
2450000
|
trusted library allocation
|
page read and write
|
||
|
1292000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
3EB9000
|
trusted library allocation
|
page read and write
|
||
|
26D8000
|
trusted library allocation
|
page read and write
|
||
|
6998000
|
trusted library allocation
|
page read and write
|
||
|
53C8000
|
trusted library allocation
|
page read and write
|
||
|
13E1000
|
heap
|
page read and write
|
||
|
604B000
|
heap
|
page read and write
|
||
|
5A20000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
477D000
|
trusted library allocation
|
page read and write
|
||
|
111CC000
|
stack
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
4C31000
|
trusted library allocation
|
page read and write
|
||
|
5642000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
A3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
5594000
|
trusted library section
|
page readonly
|
||
|
1033000
|
trusted library allocation
|
page execute and read and write
|
||
|
1391000
|
heap
|
page read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
7D0E000
|
stack
|
page read and write
|
||
|
69C0000
|
heap
|
page read and write
|
||
|
643F000
|
stack
|
page read and write
|
||
|
10BCE000
|
stack
|
page read and write
|
||
|
59E000
|
unkown
|
page read and write
|
||
|
5FDF000
|
stack
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
14C7000
|
heap
|
page read and write
|
||
|
8AF000
|
unkown
|
page read and write
|
||
|
106B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
4F1C000
|
stack
|
page read and write
|
||
|
E26000
|
heap
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6409000
|
heap
|
page read and write
|
||
|
534A000
|
trusted library allocation
|
page read and write
|
||
|
627E000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
622E000
|
stack
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
240B000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
7AD9000
|
trusted library allocation
|
page read and write
|
||
|
63F2000
|
heap
|
page read and write
|
||
|
4C1B000
|
trusted library allocation
|
page read and write
|
||
|
526E000
|
trusted library allocation
|
page read and write
|
||
|
4C2E000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
heap
|
page read and write
|
||
|
7FA00000
|
trusted library allocation
|
page execute and read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
5290000
|
heap
|
page execute and read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
4AA0000
|
trusted library allocation
|
page read and write
|
||
|
76A2000
|
heap
|
page read and write
|
||
|
196000
|
unkown
|
page readonly
|
||
|
2811000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
78B000
|
trusted library allocation
|
page execute and read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
12A2000
|
trusted library allocation
|
page read and write
|
||
|
2848000
|
trusted library allocation
|
page read and write
|
||
|
A46000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
54A5000
|
trusted library allocation
|
page read and write
|
||
|
25A0000
|
trusted library allocation
|
page read and write
|
||
|
672E000
|
stack
|
page read and write
|
||
|
6290000
|
trusted library allocation
|
page read and write
|
||
|
4A55000
|
trusted library allocation
|
page read and write
|
||
|
776000
|
trusted library allocation
|
page execute and read and write
|
||
|
7660000
|
heap
|
page read and write
|
||
|
6140000
|
trusted library allocation
|
page execute and read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
4D45000
|
heap
|
page read and write
|
||
|
782000
|
trusted library allocation
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
10A6000
|
heap
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
7D4E000
|
stack
|
page read and write
|
||
|
467C000
|
stack
|
page read and write
|
||
|
62DE000
|
stack
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
625E000
|
stack
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
754000
|
trusted library allocation
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
4A75000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
trusted library section
|
page read and write
|
||
|
CD30000
|
trusted library allocation
|
page read and write
|
||
|
2440000
|
heap
|
page execute and read and write
|
||
|
76AB000
|
heap
|
page read and write
|
||
|
2EDD000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
4A88000
|
trusted library allocation
|
page read and write
|
||
|
6660000
|
heap
|
page read and write
|
||
|
4EDD000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
2ECF000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
130D000
|
heap
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page execute and read and write
|
||
|
13A7000
|
heap
|
page read and write
|
||
|
4DD0000
|
heap
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
B16000
|
heap
|
page read and write
|
||
|
63CB000
|
heap
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
11D6000
|
trusted library allocation
|
page read and write
|
||
|
1073E000
|
stack
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
5B4E000
|
stack
|
page read and write
|
||
|
4F0C000
|
stack
|
page read and write
|
||
|
3E97000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
1324000
|
heap
|
page read and write
|
||
|
537000
|
stack
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page read and write
|
||
|
799F000
|
stack
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
6340000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
106D0000
|
trusted library allocation
|
page read and write
|
||
|
B4F000
|
stack
|
page read and write
|
||
|
2432000
|
trusted library allocation
|
page read and write
|
||
|
CE3E000
|
stack
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
7F910000
|
trusted library allocation
|
page execute and read and write
|
||
|
55A0000
|
heap
|
page read and write
|
||
|
8C7000
|
heap
|
page read and write
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
A52000
|
trusted library allocation
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
787000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E4E000
|
stack
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
11F5000
|
trusted library allocation
|
page read and write
|
||
|
9C7E000
|
trusted library allocation
|
page read and write
|
||
|
4EA000
|
stack
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
1090E000
|
stack
|
page read and write
|
||
|
5870000
|
trusted library allocation
|
page read and write
|
||
|
6CDE000
|
stack
|
page read and write
|
||
|
2E76000
|
trusted library allocation
|
page read and write
|
||
|
72FF000
|
stack
|
page read and write
|
||
|
CF60000
|
trusted library section
|
page read and write
|
||
|
7729000
|
heap
|
page read and write
|
||
|
91E000
|
heap
|
page read and write
|
||
|
633E000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
615D000
|
trusted library allocation
|
page read and write
|
||
|
56AD000
|
stack
|
page read and write
|
||
|
7EEE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
4A5D000
|
trusted library allocation
|
page read and write
|
||
|
2DF6000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
7703000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
1094E000
|
stack
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
281F000
|
trusted library allocation
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1108E000
|
stack
|
page read and write
|
||
|
B5E000
|
heap
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
trusted library allocation
|
page read and write
|
||
|
76E1000
|
heap
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
3D71000
|
trusted library allocation
|
page read and write
|
||
|
87AF000
|
stack
|
page read and write
|
||
|
5DF000
|
unkown
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
4AD000
|
stack
|
page read and write
|
||
|
5B3D000
|
heap
|
page read and write
|
||
|
1067000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F13000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
258B000
|
trusted library allocation
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
CD2E000
|
trusted library allocation
|
page read and write
|
||
|
4CBB000
|
stack
|
page read and write
|
||
|
5484000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
D4B000
|
stack
|
page read and write
|
||
|
6150000
|
trusted library allocation
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
4EF9000
|
heap
|
page read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
69A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
6080000
|
heap
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
69C0000
|
trusted library allocation
|
page read and write
|
||
|
10D0E000
|
stack
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
D35000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
7D8E000
|
stack
|
page read and write
|
||
|
77A000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
69B0000
|
trusted library allocation
|
page read and write
|
||
|
868000
|
heap
|
page read and write
|
||
|
284A000
|
trusted library allocation
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
7B2E000
|
stack
|
page read and write
|
||
|
6650000
|
trusted library allocation
|
page execute and read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
A55000
|
trusted library allocation
|
page execute and read and write
|
||
|
5324000
|
trusted library allocation
|
page read and write
|
||
|
2B3A000
|
heap
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
7F4E000
|
stack
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
730000
|
trusted library allocation
|
page read and write
|
||
|
558B000
|
stack
|
page read and write
|
||
|
10A4E000
|
stack
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page execute and read and write
|
||
|
527D000
|
trusted library allocation
|
page read and write
|
||
|
12A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A00000
|
heap
|
page read and write
|
||
|
AB4000
|
heap
|
page read and write
|
||
|
553A000
|
trusted library allocation
|
page read and write
|
||
|
7A9E000
|
stack
|
page read and write
|
||
|
65ED000
|
stack
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
4C22000
|
trusted library allocation
|
page read and write
|
||
|
383F000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page execute and read and write
|
||
|
5302000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
7B50000
|
heap
|
page read and write
|
||
|
626E000
|
stack
|
page read and write
|
||
|
BBE000
|
unkown
|
page read and write
|
||
|
239E000
|
stack
|
page read and write
|
||
|
69BD000
|
trusted library allocation
|
page read and write
|
||
|
AB7000
|
heap
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2581000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
6D1F000
|
stack
|
page read and write
|
||
|
4C1E000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
842E000
|
stack
|
page read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
553F000
|
trusted library allocation
|
page read and write
|
||
|
76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
63E9000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page execute and read and write
|
||
|
772000
|
trusted library allocation
|
page read and write
|
||
|
2860000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
5E9000
|
stack
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
48CD000
|
stack
|
page read and write
|
||
|
83EE000
|
stack
|
page read and write
|
||
|
151F000
|
stack
|
page read and write
|
||
|
10F8E000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
5515000
|
trusted library allocation
|
page read and write
|
||
|
55A5000
|
heap
|
page read and write
|
||
|
280F000
|
trusted library allocation
|
page read and write
|
||
|
4AB3000
|
heap
|
page read and write
|
||
|
52D3000
|
heap
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
6280000
|
trusted library allocation
|
page read and write
|
||
|
1296000
|
trusted library allocation
|
page execute and read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
856B000
|
stack
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
5FF3000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
4D00000
|
heap
|
page read and write
|
||
|
4E10000
|
heap
|
page execute and read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
7726000
|
heap
|
page read and write
|
||
|
866C000
|
stack
|
page read and write
|
||
|
5EFE000
|
stack
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
13FA000
|
heap
|
page read and write
|
||
|
73BE000
|
stack
|
page read and write
|
||
|
5276000
|
trusted library allocation
|
page read and write
|
||
|
1052000
|
trusted library allocation
|
page read and write
|
||
|
5B21000
|
heap
|
page read and write
|
||
|
37D1000
|
trusted library allocation
|
page read and write
|
||
|
5A2E000
|
heap
|
page read and write
|
||
|
6830000
|
heap
|
page read and write
|
||
|
3581000
|
trusted library allocation
|
page read and write
|
||
|
4A7F000
|
trusted library allocation
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
285A000
|
trusted library allocation
|
page read and write
|
||
|
4AB0000
|
heap
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
629F000
|
stack
|
page read and write
|
There are 582 hidden memdumps, click here to show them.