Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQ 20726 - T5 7841.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RFQ 20726 - T5 7841.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp38C0.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\lmUupyodsah.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\lmUupyodsah.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\lmUupyodsah.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0pvpu1ot.3na.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ahtyuqxk.ef2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_f2jzvyep.ycr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pbikowt0.xcj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pybmno2u.qg2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tlhh25tk.00r.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_usu15wua.kxe.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v0vgcymd.mr0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp490C.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RFQ 20726 - T5 7841.exe
|
"C:\Users\user\Desktop\RFQ 20726 - T5 7841.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\RFQ 20726
- T5 7841.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\lmUupyodsah.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\lmUupyodsah" /XML "C:\Users\user\AppData\Local\Temp\tmp38C0.tmp"
|
|
|
|
C:\Users\user\Desktop\RFQ 20726 - T5 7841.exe
|
"C:\Users\user\Desktop\RFQ 20726 - T5 7841.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\lmUupyodsah.exe
|
C:\Users\user\AppData\Roaming\lmUupyodsah.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\lmUupyodsah" /XML "C:\Users\user\AppData\Local\Temp\tmp490C.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\lmUupyodsah.exe
|
"C:\Users\user\AppData\Roaming\lmUupyodsah.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\lmUupyodsah.exe
|
"C:\Users\user\AppData\Roaming\lmUupyodsah.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://checkip.dyndns.org/
|
193.122.130.0
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://checkip.dyndns.orgh
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://reallyfreegeoip.orgh
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.96.3
|
||
|
http://gorosoft.com/fwlin
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 3 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.96.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.130.0
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
193.122.130.0
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ 20726 - T5 7841_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lmUupyodsah_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
41B000
|
remote allocation
|
page execute and read and write
|
|
|
|
2B41000
|
trusted library allocation
|
page read and write
|
|
|
|
34DD000
|
trusted library allocation
|
page read and write
|
|
|
|
2DB1000
|
trusted library allocation
|
page read and write
|
|
|
|
353C000
|
trusted library allocation
|
page read and write
|
|
|
|
2F7F000
|
trusted library allocation
|
page read and write
|
|
|
|
2D14000
|
trusted library allocation
|
page read and write
|
|
|
|
23AD000
|
trusted library allocation
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
68E0000
|
trusted library allocation
|
page read and write
|
||
|
2691000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
4E2D000
|
stack
|
page read and write
|
||
|
69D4000
|
heap
|
page read and write
|
||
|
966C000
|
stack
|
page read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
3BCA000
|
trusted library allocation
|
page read and write
|
||
|
4930000
|
trusted library allocation
|
page read and write
|
||
|
25F7000
|
trusted library allocation
|
page read and write
|
||
|
4996000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
24DD000
|
trusted library allocation
|
page read and write
|
||
|
25EF000
|
trusted library allocation
|
page read and write
|
||
|
4AEC000
|
stack
|
page read and write
|
||
|
6A0F000
|
stack
|
page read and write
|
||
|
6A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2631000
|
trusted library allocation
|
page read and write
|
||
|
4AA0000
|
heap
|
page read and write
|
||
|
69CD000
|
heap
|
page read and write
|
||
|
22C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21C0000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
remote allocation
|
page execute and read and write
|
||
|
2C27000
|
trusted library allocation
|
page read and write
|
||
|
21B2000
|
trusted library allocation
|
page read and write
|
||
|
4B8E000
|
stack
|
page read and write
|
||
|
524A000
|
trusted library allocation
|
page read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
1208000
|
heap
|
page read and write
|
||
|
4F8E000
|
trusted library allocation
|
page read and write
|
||
|
3E1B000
|
trusted library allocation
|
page read and write
|
||
|
62FE000
|
stack
|
page read and write
|
||
|
4B30000
|
trusted library allocation
|
page read and write
|
||
|
4F7000
|
stack
|
page read and write
|
||
|
2659000
|
trusted library allocation
|
page read and write
|
||
|
26AF000
|
trusted library allocation
|
page read and write
|
||
|
2C91000
|
trusted library allocation
|
page read and write
|
||
|
44A0000
|
trusted library allocation
|
page read and write
|
||
|
3005000
|
trusted library allocation
|
page read and write
|
||
|
2934000
|
trusted library allocation
|
page read and write
|
||
|
2C89000
|
trusted library allocation
|
page read and write
|
||
|
243E000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
trusted library allocation
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
4F7000
|
stack
|
page read and write
|
||
|
523B000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
heap
|
page execute and read and write
|
||
|
460C000
|
stack
|
page read and write
|
||
|
2685000
|
trusted library allocation
|
page read and write
|
||
|
26B7000
|
trusted library allocation
|
page read and write
|
||
|
BF7000
|
stack
|
page read and write
|
||
|
22D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
2657000
|
trusted library allocation
|
page read and write
|
||
|
6E0E000
|
stack
|
page read and write
|
||
|
34D9000
|
trusted library allocation
|
page read and write
|
||
|
6A1E000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
4FD3000
|
heap
|
page read and write
|
||
|
265F000
|
trusted library allocation
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
673E000
|
stack
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
54A000
|
heap
|
page read and write
|
||
|
2FF2000
|
trusted library allocation
|
page read and write
|
||
|
8FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AC0000
|
heap
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
2695000
|
trusted library allocation
|
page read and write
|
||
|
7055000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
2CCE000
|
unkown
|
page read and write
|
||
|
25FF000
|
trusted library allocation
|
page read and write
|
||
|
2D7B000
|
trusted library allocation
|
page read and write
|
||
|
41A000
|
remote allocation
|
page execute and read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
95B0000
|
heap
|
page read and write
|
||
|
26B1000
|
trusted library allocation
|
page read and write
|
||
|
2E67000
|
trusted library allocation
|
page read and write
|
||
|
2346000
|
trusted library allocation
|
page read and write
|
||
|
6A80000
|
trusted library allocation
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
ADF000
|
stack
|
page read and write
|
||
|
1249000
|
heap
|
page read and write
|
||
|
2DCC000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
25F5000
|
trusted library allocation
|
page read and write
|
||
|
26FE000
|
trusted library allocation
|
page read and write
|
||
|
4B10000
|
heap
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page read and write
|
||
|
22D0000
|
trusted library allocation
|
page read and write
|
||
|
2305000
|
trusted library allocation
|
page read and write
|
||
|
6E10000
|
heap
|
page read and write
|
||
|
45CC000
|
stack
|
page read and write
|
||
|
3DC3000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
1162000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page read and write
|
||
|
8F3000
|
trusted library allocation
|
page read and write
|
||
|
26EF000
|
trusted library allocation
|
page read and write
|
||
|
6A10000
|
trusted library allocation
|
page read and write
|
||
|
F2A000
|
heap
|
page read and write
|
||
|
95C0000
|
heap
|
page read and write
|
||
|
2F43000
|
trusted library allocation
|
page read and write
|
||
|
2647000
|
trusted library allocation
|
page read and write
|
||
|
66BF000
|
stack
|
page read and write
|
||
|
499C000
|
trusted library allocation
|
page read and write
|
||
|
3BDF000
|
trusted library allocation
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
26EB000
|
trusted library allocation
|
page read and write
|
||
|
4003000
|
trusted library allocation
|
page read and write
|
||
|
2F5B000
|
heap
|
page read and write
|
||
|
E93000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
25BA000
|
trusted library allocation
|
page read and write
|
||
|
3039000
|
trusted library allocation
|
page read and write
|
||
|
25F9000
|
trusted library allocation
|
page read and write
|
||
|
EC2000
|
trusted library allocation
|
page read and write
|
||
|
41C000
|
remote allocation
|
page execute and read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
269B000
|
trusted library allocation
|
page read and write
|
||
|
5DF000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
4CE0000
|
heap
|
page read and write
|
||
|
241F000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
5256000
|
trusted library allocation
|
page read and write
|
||
|
2DA3000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
4910000
|
trusted library allocation
|
page read and write
|
||
|
2441000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
26C7000
|
trusted library allocation
|
page read and write
|
||
|
2629000
|
trusted library allocation
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
303D000
|
trusted library allocation
|
page read and write
|
||
|
2350000
|
trusted library allocation
|
page read and write
|
||
|
5203000
|
heap
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
2C0C000
|
trusted library allocation
|
page read and write
|
||
|
6890000
|
trusted library allocation
|
page read and write
|
||
|
24CE000
|
stack
|
page read and write
|
||
|
2E5F000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
49C6000
|
trusted library allocation
|
page read and write
|
||
|
2639000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
2CBC000
|
trusted library allocation
|
page read and write
|
||
|
4B00000
|
trusted library section
|
page readonly
|
||
|
6BFE000
|
stack
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
7FF000
|
heap
|
page read and write
|
||
|
4F8B000
|
trusted library allocation
|
page read and write
|
||
|
26E1000
|
trusted library allocation
|
page read and write
|
||
|
25DB000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
2614000
|
trusted library allocation
|
page read and write
|
||
|
2CEB000
|
heap
|
page read and write
|
||
|
6A28000
|
trusted library allocation
|
page read and write
|
||
|
31BF000
|
stack
|
page read and write
|
||
|
26DB000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
22BC000
|
stack
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
2637000
|
trusted library allocation
|
page read and write
|
||
|
3479000
|
trusted library allocation
|
page read and write
|
||
|
21CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E4E000
|
trusted library allocation
|
page read and write
|
||
|
2EEF000
|
unkown
|
page read and write
|
||
|
26AD000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
2C85000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
2EA7000
|
trusted library allocation
|
page read and write
|
||
|
2FEB000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
heap
|
page read and write
|
||
|
268D000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
3DB1000
|
trusted library allocation
|
page read and write
|
||
|
2567000
|
trusted library allocation
|
page read and write
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
4C30000
|
heap
|
page execute and read and write
|
||
|
25D7000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
remote allocation
|
page execute and read and write
|
||
|
1FA000
|
stack
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
4490000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F4000
|
trusted library allocation
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
25E3000
|
trusted library allocation
|
page read and write
|
||
|
2360000
|
trusted library allocation
|
page read and write
|
||
|
2F1F000
|
unkown
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
25B5000
|
trusted library allocation
|
page read and write
|
||
|
270A000
|
trusted library allocation
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
837E000
|
stack
|
page read and write
|
||
|
268F000
|
trusted library allocation
|
page read and write
|
||
|
2C95000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
5270000
|
heap
|
page execute and read and write
|
||
|
4CF5000
|
heap
|
page read and write
|
||
|
26F5000
|
trusted library allocation
|
page read and write
|
||
|
88F000
|
stack
|
page read and write
|
||
|
1156000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C9E000
|
stack
|
page read and write
|
||
|
658E000
|
stack
|
page read and write
|
||
|
6A14000
|
trusted library allocation
|
page read and write
|
||
|
6980000
|
trusted library allocation
|
page read and write
|
||
|
267F000
|
trusted library allocation
|
page read and write
|
||
|
57F000
|
heap
|
page read and write
|
||
|
5B6000
|
heap
|
page read and write
|
||
|
668E000
|
stack
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
265D000
|
trusted library allocation
|
page read and write
|
||
|
2F35000
|
trusted library allocation
|
page read and write
|
||
|
2641000
|
trusted library allocation
|
page read and write
|
||
|
24DF000
|
trusted library allocation
|
page read and write
|
||
|
26F7000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
6492000
|
heap
|
page read and write
|
||
|
26C5000
|
trusted library allocation
|
page read and write
|
||
|
69DE000
|
heap
|
page read and write
|
||
|
2663000
|
trusted library allocation
|
page read and write
|
||
|
68F0000
|
trusted library allocation
|
page read and write
|
||
|
2EB8000
|
trusted library allocation
|
page read and write
|
||
|
4A13000
|
heap
|
page read and write
|
||
|
4480000
|
trusted library allocation
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page read and write
|
||
|
26DD000
|
trusted library allocation
|
page read and write
|
||
|
934000
|
trusted library allocation
|
page read and write
|
||
|
6990000
|
trusted library section
|
page read and write
|
||
|
1063E000
|
stack
|
page read and write
|
||
|
21B0000
|
trusted library allocation
|
page read and write
|
||
|
3EAE000
|
trusted library allocation
|
page read and write
|
||
|
3DD9000
|
trusted library allocation
|
page read and write
|
||
|
3D15000
|
trusted library allocation
|
page read and write
|
||
|
2E64000
|
trusted library allocation
|
page read and write
|
||
|
6898000
|
trusted library allocation
|
page read and write
|
||
|
97AE000
|
stack
|
page read and write
|
||
|
26B5000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
6A2B000
|
trusted library allocation
|
page read and write
|
||
|
25D9000
|
trusted library allocation
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
2DCE000
|
trusted library allocation
|
page read and write
|
||
|
14F6000
|
trusted library allocation
|
page read and write
|
||
|
26F3000
|
trusted library allocation
|
page read and write
|
||
|
2567000
|
trusted library allocation
|
page read and write
|
||
|
4FA1000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
670F000
|
stack
|
page read and write
|
||
|
EBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
66FE000
|
stack
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
63FF000
|
stack
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
3031000
|
trusted library allocation
|
page read and write
|
||
|
2F5E000
|
trusted library allocation
|
page read and write
|
||
|
2C4D000
|
trusted library allocation
|
page read and write
|
||
|
EC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F58000
|
trusted library allocation
|
page read and write
|
||
|
CBA0000
|
trusted library section
|
page read and write
|
||
|
49E0000
|
trusted library allocation
|
page read and write
|
||
|
2665000
|
trusted library allocation
|
page read and write
|
||
|
262F000
|
trusted library allocation
|
page read and write
|
||
|
222E000
|
stack
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
6400000
|
heap
|
page read and write
|
||
|
976F000
|
stack
|
page read and write
|
||
|
93D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26A7000
|
trusted library allocation
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
4C3E000
|
stack
|
page read and write
|
||
|
6A26000
|
trusted library allocation
|
page read and write
|
||
|
29CD000
|
stack
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2513000
|
trusted library allocation
|
page read and write
|
||
|
94D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2611000
|
trusted library allocation
|
page read and write
|
||
|
25F3000
|
trusted library allocation
|
page read and write
|
||
|
2671000
|
trusted library allocation
|
page read and write
|
||
|
2687000
|
trusted library allocation
|
page read and write
|
||
|
2BDD000
|
stack
|
page read and write
|
||
|
264B000
|
trusted library allocation
|
page read and write
|
||
|
68A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
69A0000
|
heap
|
page read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
68B3000
|
trusted library allocation
|
page read and write
|
||
|
25E9000
|
trusted library allocation
|
page read and write
|
||
|
537000
|
heap
|
page read and write
|
||
|
8ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D5000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
2FE7000
|
trusted library allocation
|
page read and write
|
||
|
44ED000
|
stack
|
page read and write
|
||
|
FED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CA1000
|
trusted library allocation
|
page read and write
|
||
|
2699000
|
trusted library allocation
|
page read and write
|
||
|
2420000
|
trusted library allocation
|
page read and write
|
||
|
23C8000
|
heap
|
page read and write
|
||
|
22E0000
|
trusted library allocation
|
page read and write
|
||
|
6A1A000
|
trusted library allocation
|
page read and write
|
||
|
26CF000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
65BE000
|
stack
|
page read and write
|
||
|
2679000
|
trusted library allocation
|
page read and write
|
||
|
3BD3000
|
trusted library allocation
|
page read and write
|
||
|
25CB000
|
trusted library allocation
|
page read and write
|
||
|
6880000
|
trusted library allocation
|
page read and write
|
||
|
6A4A000
|
trusted library allocation
|
page read and write
|
||
|
26E9000
|
trusted library allocation
|
page read and write
|
||
|
2565000
|
trusted library allocation
|
page read and write
|
||
|
25E5000
|
trusted library allocation
|
page read and write
|
||
|
2CD8000
|
trusted library allocation
|
page read and write
|
||
|
7086000
|
heap
|
page read and write
|
||
|
2677000
|
trusted library allocation
|
page read and write
|
||
|
2F6F000
|
stack
|
page read and write
|
||
|
2260000
|
trusted library allocation
|
page read and write
|
||
|
57B4000
|
heap
|
page read and write
|
||
|
14ED000
|
stack
|
page read and write
|
||
|
6B10000
|
heap
|
page read and write
|
||
|
98A000
|
stack
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
26F1000
|
trusted library allocation
|
page read and write
|
||
|
933000
|
trusted library allocation
|
page execute and read and write
|
||
|
266B000
|
trusted library allocation
|
page read and write
|
||
|
4FA6000
|
trusted library allocation
|
page read and write
|
||
|
2625000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
6F82000
|
trusted library allocation
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
263D000
|
trusted library allocation
|
page read and write
|
||
|
3B69000
|
trusted library allocation
|
page read and write
|
||
|
21C2000
|
trusted library allocation
|
page read and write
|
||
|
25DF000
|
trusted library allocation
|
page read and write
|
||
|
2EF8000
|
trusted library allocation
|
page read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
3BAF000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
114D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2708000
|
trusted library allocation
|
page read and write
|
||
|
68C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
224E000
|
trusted library allocation
|
page read and write
|
||
|
98EB000
|
stack
|
page read and write
|
||
|
269D000
|
trusted library allocation
|
page read and write
|
||
|
525D000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
2683000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
EC5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F3F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
84FF000
|
stack
|
page read and write
|
||
|
EC9F000
|
trusted library allocation
|
page read and write
|
||
|
2300000
|
trusted library allocation
|
page read and write
|
||
|
4980000
|
heap
|
page read and write
|
||
|
95A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CFC000
|
heap
|
page read and write
|
||
|
233B000
|
stack
|
page read and write
|
||
|
2D06000
|
trusted library allocation
|
page read and write
|
||
|
7380000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C5E000
|
stack
|
page read and write
|
||
|
27F4000
|
trusted library allocation
|
page read and write
|
||
|
26D9000
|
trusted library allocation
|
page read and write
|
||
|
1214000
|
heap
|
page read and write
|
||
|
2460000
|
heap
|
page execute and read and write
|
||
|
26F9000
|
trusted library allocation
|
page read and write
|
||
|
25FD000
|
trusted library allocation
|
page read and write
|
||
|
8D0000
|
trusted library allocation
|
page read and write
|
||
|
653D000
|
stack
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
2675000
|
trusted library allocation
|
page read and write
|
||
|
2EDE000
|
unkown
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
2C3C000
|
trusted library allocation
|
page read and write
|
||
|
CA0D000
|
stack
|
page read and write
|
||
|
6870000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
64C5000
|
heap
|
page read and write
|
||
|
6950000
|
trusted library allocation
|
page read and write
|
||
|
52FD000
|
stack
|
page read and write
|
||
|
4F9A000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
2689000
|
trusted library allocation
|
page read and write
|
||
|
26ED000
|
trusted library allocation
|
page read and write
|
||
|
582000
|
heap
|
page read and write
|
||
|
2240000
|
trusted library allocation
|
page read and write
|
||
|
6AE0000
|
trusted library allocation
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
E94000
|
trusted library allocation
|
page read and write
|
||
|
6DCE000
|
stack
|
page read and write
|
||
|
244D000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
54E000
|
heap
|
page read and write
|
||
|
657E000
|
stack
|
page read and write
|
||
|
2E3A000
|
stack
|
page read and write
|
||
|
4B2B000
|
stack
|
page read and write
|
||
|
2B30000
|
heap
|
page execute and read and write
|
||
|
2655000
|
trusted library allocation
|
page read and write
|
||
|
6ABD000
|
stack
|
page read and write
|
||
|
49D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CC7000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1167000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E7A000
|
trusted library allocation
|
page read and write
|
||
|
6980000
|
heap
|
page read and write
|
||
|
64CB000
|
heap
|
page read and write
|
||
|
4AD0000
|
trusted library allocation
|
page read and write
|
||
|
F36000
|
heap
|
page read and write
|
||
|
6B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
6455000
|
heap
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
2373000
|
heap
|
page read and write
|
||
|
3E4C000
|
trusted library allocation
|
page read and write
|
||
|
2622000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
trusted library allocation
|
page read and write
|
||
|
2661000
|
trusted library allocation
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
E7ED000
|
trusted library allocation
|
page read and write
|
||
|
25B1000
|
trusted library allocation
|
page read and write
|
||
|
25D1000
|
trusted library allocation
|
page read and write
|
||
|
1152000
|
trusted library allocation
|
page read and write
|
||
|
2F1A000
|
trusted library allocation
|
page read and write
|
||
|
25DD000
|
trusted library allocation
|
page read and write
|
||
|
25CF000
|
trusted library allocation
|
page read and write
|
||
|
63C000
|
heap
|
page read and write
|
||
|
7051000
|
heap
|
page read and write
|
||
|
3E36000
|
trusted library allocation
|
page read and write
|
||
|
8E4000
|
trusted library allocation
|
page read and write
|
||
|
26D3000
|
trusted library allocation
|
page read and write
|
||
|
6A43000
|
trusted library allocation
|
page read and write
|
||
|
7F0F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CCA000
|
trusted library allocation
|
page read and write
|
||
|
2365000
|
trusted library allocation
|
page read and write
|
||
|
3B41000
|
trusted library allocation
|
page read and write
|
||
|
EB2000
|
trusted library allocation
|
page read and write
|
||
|
4F86000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
4DFE000
|
stack
|
page read and write
|
||
|
3D63000
|
trusted library allocation
|
page read and write
|
||
|
26E3000
|
trusted library allocation
|
page read and write
|
||
|
26D5000
|
trusted library allocation
|
page read and write
|
||
|
2EB4000
|
trusted library allocation
|
page read and write
|
||
|
684F000
|
stack
|
page read and write
|
||
|
2344000
|
trusted library allocation
|
page read and write
|
||
|
1006E000
|
stack
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
8E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E0000
|
trusted library allocation
|
page read and write
|
||
|
4B20000
|
heap
|
page execute and read and write
|
||
|
2643000
|
trusted library allocation
|
page read and write
|
||
|
250F000
|
trusted library allocation
|
page read and write
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
2C3A000
|
stack
|
page read and write
|
||
|
69A0000
|
heap
|
page read and write
|
||
|
515D000
|
stack
|
page read and write
|
||
|
68BA000
|
trusted library allocation
|
page read and write
|
||
|
ECB000
|
trusted library allocation
|
page execute and read and write
|
||
|
26FC000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
6896000
|
trusted library allocation
|
page read and write
|
||
|
524E000
|
trusted library allocation
|
page read and write
|
||
|
688E000
|
heap
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
40A000
|
remote allocation
|
page execute and read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
262D000
|
trusted library allocation
|
page read and write
|
||
|
956000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F1E000
|
stack
|
page read and write
|
||
|
2601000
|
trusted library allocation
|
page read and write
|
||
|
267B000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
21B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
26A1000
|
trusted library allocation
|
page read and write
|
||
|
2633000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
25E1000
|
trusted library allocation
|
page read and write
|
||
|
22F0000
|
heap
|
page execute and read and write
|
||
|
2635000
|
trusted library allocation
|
page read and write
|
||
|
2627000
|
trusted library allocation
|
page read and write
|
||
|
6A4F000
|
trusted library allocation
|
page read and write
|
||
|
2F27000
|
trusted library allocation
|
page read and write
|
||
|
26C3000
|
trusted library allocation
|
page read and write
|
||
|
5236000
|
trusted library allocation
|
page read and write
|
||
|
68BF000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
264F000
|
trusted library allocation
|
page read and write
|
||
|
2667000
|
trusted library allocation
|
page read and write
|
||
|
25CD000
|
trusted library allocation
|
page read and write
|
||
|
34D1000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
1053C000
|
stack
|
page read and write
|
||
|
23A6000
|
trusted library allocation
|
page read and write
|
||
|
98AE000
|
stack
|
page read and write
|
||
|
523E000
|
trusted library allocation
|
page read and write
|
||
|
2704000
|
trusted library allocation
|
page read and write
|
||
|
26BB000
|
trusted library allocation
|
page read and write
|
||
|
10FF000
|
stack
|
page read and write
|
||
|
4FAD000
|
trusted library allocation
|
page read and write
|
||
|
943000
|
trusted library allocation
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
6D4E000
|
stack
|
page read and write
|
||
|
2CF4000
|
trusted library allocation
|
page read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
25ED000
|
trusted library allocation
|
page read and write
|
||
|
22AD000
|
stack
|
page read and write
|
||
|
116B000
|
trusted library allocation
|
page execute and read and write
|
||
|
25EB000
|
trusted library allocation
|
page read and write
|
||
|
4F9E000
|
trusted library allocation
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page read and write
|
||
|
2C9D000
|
trusted library allocation
|
page read and write
|
||
|
2702000
|
trusted library allocation
|
page read and write
|
||
|
267D000
|
trusted library allocation
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
2250000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BD0000
|
trusted library section
|
page readonly
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
26B9000
|
trusted library allocation
|
page read and write
|
||
|
21C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3037000
|
trusted library allocation
|
page read and write
|
||
|
26CD000
|
trusted library allocation
|
page read and write
|
||
|
268B000
|
trusted library allocation
|
page read and write
|
||
|
2EFC000
|
trusted library allocation
|
page read and write
|
||
|
2F63000
|
trusted library allocation
|
page read and write
|
||
|
2CF8000
|
trusted library allocation
|
page read and write
|
||
|
6880000
|
heap
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2446000
|
trusted library allocation
|
page read and write
|
||
|
2C8D000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
trusted library allocation
|
page read and write
|
||
|
5251000
|
trusted library allocation
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
26AB000
|
trusted library allocation
|
page read and write
|
||
|
2DD8000
|
trusted library allocation
|
page read and write
|
||
|
688E000
|
trusted library allocation
|
page read and write
|
||
|
25B7000
|
trusted library allocation
|
page read and write
|
||
|
3E40000
|
trusted library allocation
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
2651000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
950000
|
trusted library allocation
|
page read and write
|
||
|
689B000
|
trusted library allocation
|
page read and write
|
||
|
1AA000
|
stack
|
page read and write
|
||
|
EAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6463000
|
heap
|
page read and write
|
||
|
2673000
|
trusted library allocation
|
page read and write
|
||
|
26CB000
|
trusted library allocation
|
page read and write
|
||
|
962000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
26E5000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
3471000
|
trusted library allocation
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
2E09000
|
trusted library allocation
|
page read and write
|
||
|
2318000
|
heap
|
page read and write
|
||
|
263F000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
69CB000
|
heap
|
page read and write
|
||
|
2653000
|
trusted library allocation
|
page read and write
|
||
|
26C9000
|
trusted library allocation
|
page read and write
|
||
|
FE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2697000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
CAEE000
|
stack
|
page read and write
|
||
|
4AF0000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
34F9000
|
trusted library allocation
|
page read and write
|
||
|
6BDE000
|
stack
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
22E0000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page read and write
|
||
|
762000
|
heap
|
page read and write
|
||
|
2E92000
|
trusted library allocation
|
page read and write
|
||
|
22F0000
|
trusted library allocation
|
page read and write
|
||
|
23A1000
|
trusted library allocation
|
page read and write
|
||
|
49C2000
|
trusted library allocation
|
page read and write
|
||
|
6D0E000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
41E1000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
4990000
|
trusted library allocation
|
page read and write
|
||
|
270C000
|
trusted library allocation
|
page read and write
|
||
|
956B000
|
stack
|
page read and write
|
||
|
40A3000
|
trusted library allocation
|
page read and write
|
||
|
26DF000
|
trusted library allocation
|
page read and write
|
||
|
66CD000
|
stack
|
page read and write
|
||
|
677E000
|
stack
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
952E000
|
stack
|
page read and write
|
||
|
5400000
|
heap
|
page execute and read and write
|
||
|
21BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
266D000
|
trusted library allocation
|
page read and write
|
||
|
727E000
|
stack
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
27E8000
|
trusted library allocation
|
page read and write
|
||
|
2F04000
|
trusted library allocation
|
page read and write
|
||
|
25D3000
|
trusted library allocation
|
page read and write
|
||
|
26BF000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3043000
|
trusted library allocation
|
page read and write
|
||
|
3499000
|
trusted library allocation
|
page read and write
|
||
|
25E7000
|
trusted library allocation
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
239E000
|
trusted library allocation
|
page read and write
|
||
|
6BE0000
|
trusted library section
|
page read and write
|
||
|
26E7000
|
trusted library allocation
|
page read and write
|
||
|
2C49000
|
trusted library allocation
|
page read and write
|
||
|
6450000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
92000
|
unkown
|
page readonly
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
27E5000
|
trusted library allocation
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
269F000
|
trusted library allocation
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
967000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
26B3000
|
trusted library allocation
|
page read and write
|
||
|
577F000
|
stack
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D3F000
|
stack
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
645B000
|
heap
|
page read and write
|
||
|
266F000
|
trusted library allocation
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2471000
|
trusted library allocation
|
page read and write
|
||
|
2649000
|
trusted library allocation
|
page read and write
|
||
|
4992000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
11E8000
|
heap
|
page read and write
|
||
|
68CF000
|
stack
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
6B20000
|
heap
|
page read and write
|
||
|
556E000
|
stack
|
page read and write
|
||
|
68B0000
|
trusted library allocation
|
page read and write
|
||
|
6E7D000
|
stack
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
115A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4970000
|
trusted library allocation
|
page read and write
|
||
|
3074000
|
trusted library allocation
|
page read and write
|
||
|
645C000
|
heap
|
page read and write
|
||
|
4142000
|
trusted library allocation
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EF4000
|
trusted library allocation
|
page read and write
|
||
|
646E000
|
heap
|
page read and write
|
||
|
90000
|
unkown
|
page readonly
|
||
|
FE4000
|
trusted library allocation
|
page read and write
|
||
|
2C45000
|
trusted library allocation
|
page read and write
|
||
|
2380000
|
trusted library allocation
|
page read and write
|
||
|
2C99000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
heap
|
page read and write
|
||
|
26C1000
|
trusted library allocation
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
2645000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library section
|
page read and write
|
||
|
4470000
|
trusted library allocation
|
page read and write
|
||
|
2669000
|
trusted library allocation
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
265B000
|
trusted library allocation
|
page read and write
|
||
|
2C51000
|
trusted library allocation
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page read and write
|
||
|
26A9000
|
trusted library allocation
|
page read and write
|
||
|
26BD000
|
trusted library allocation
|
page read and write
|
||
|
26D1000
|
trusted library allocation
|
page read and write
|
||
|
952000
|
trusted library allocation
|
page read and write
|
||
|
24D1000
|
trusted library allocation
|
page read and write
|
||
|
6D8000
|
heap
|
page read and write
|
||
|
2693000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
44AA000
|
trusted library allocation
|
page read and write
|
||
|
2F0C000
|
trusted library allocation
|
page read and write
|
||
|
2CAF000
|
trusted library allocation
|
page read and write
|
||
|
26D7000
|
trusted library allocation
|
page read and write
|
||
|
262B000
|
trusted library allocation
|
page read and write
|
||
|
2340000
|
trusted library allocation
|
page read and write
|
||
|
1165000
|
trusted library allocation
|
page execute and read and write
|
||
|
F08000
|
heap
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
2681000
|
trusted library allocation
|
page read and write
|
||
|
96B000
|
trusted library allocation
|
page execute and read and write
|
||
|
26A5000
|
trusted library allocation
|
page read and write
|
||
|
3009000
|
trusted library allocation
|
page read and write
|
||
|
2F71000
|
trusted library allocation
|
page read and write
|
||
|
2DD2000
|
trusted library allocation
|
page read and write
|
||
|
25FB000
|
trusted library allocation
|
page read and write
|
||
|
5262000
|
trusted library allocation
|
page read and write
|
||
|
15C000
|
unkown
|
page readonly
|
||
|
2C0E000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
4FB2000
|
trusted library allocation
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
263B000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
2FFB000
|
trusted library allocation
|
page read and write
|
||
|
26A3000
|
trusted library allocation
|
page read and write
|
||
|
264D000
|
trusted library allocation
|
page read and write
|
||
|
49CC000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
25C9000
|
trusted library allocation
|
page read and write
|
||
|
2706000
|
trusted library allocation
|
page read and write
|
||
|
25F1000
|
trusted library allocation
|
page read and write
|
There are 746 hidden memdumps, click here to show them.