Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
IMG 003.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\IMG 003.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpFDAB.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\aBYKwaZ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\aBYKwaZ.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\aBYKwaZ.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3vem45lg.t4g.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dwpm1dt0.imr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ebl22nai.0ne.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ld2svign.kwg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nxg52aaw.l3b.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qvak2ews.kq2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sdcq5x5s.e4t.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ttongutp.2v3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp170F.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\IMG 003.exe
|
"C:\Users\user\Desktop\IMG 003.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\IMG 003.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\aBYKwaZ.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\aBYKwaZ" /XML "C:\Users\user\AppData\Local\Temp\tmpFDAB.tmp"
|
|
|
|
C:\Users\user\Desktop\IMG 003.exe
|
"C:\Users\user\Desktop\IMG 003.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\aBYKwaZ.exe
|
C:\Users\user\AppData\Roaming\aBYKwaZ.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\aBYKwaZ" /XML "C:\Users\user\AppData\Local\Temp\tmp170F.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\aBYKwaZ.exe
|
"C:\Users\user\AppData\Roaming\aBYKwaZ.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://smtp.yandex.com
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://crl.gl
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 23 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
smtp.yandex.com
|
unknown
|
|
|
|
smtp.yandex.ru
|
77.88.21.158
|
||
|
api.ipify.org
|
172.67.74.152
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
77.88.21.158
|
smtp.yandex.ru
|
Russian Federation
|
||
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\IMG 003_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aBYKwaZ_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
439E000
|
trusted library allocation
|
page read and write
|
|
|
|
2AC1000
|
trusted library allocation
|
page read and write
|
|
|
|
4564000
|
trusted library allocation
|
page read and write
|
|
|
|
307B000
|
trusted library allocation
|
page read and write
|
|
|
|
2AEB000
|
trusted library allocation
|
page read and write
|
|
|
|
3083000
|
trusted library allocation
|
page read and write
|
|
|
|
3090000
|
trusted library allocation
|
page read and write
|
|
|
|
3051000
|
trusted library allocation
|
page read and write
|
|
|
|
2B00000
|
trusted library allocation
|
page read and write
|
|
|
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
5634000
|
heap
|
page read and write
|
||
|
6EDD000
|
trusted library allocation
|
page read and write
|
||
|
6B50000
|
trusted library allocation
|
page execute and read and write
|
||
|
555A000
|
heap
|
page read and write
|
||
|
6640000
|
trusted library allocation
|
page read and write
|
||
|
11F02000
|
trusted library allocation
|
page read and write
|
||
|
2B06000
|
trusted library allocation
|
page read and write
|
||
|
5008000
|
trusted library allocation
|
page read and write
|
||
|
1134000
|
trusted library allocation
|
page read and write
|
||
|
76F8000
|
trusted library allocation
|
page read and write
|
||
|
5D2C000
|
stack
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5090000
|
heap
|
page execute and read and write
|
||
|
E6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6405000
|
heap
|
page read and write
|
||
|
933E000
|
stack
|
page read and write
|
||
|
CCD000
|
stack
|
page read and write
|
||
|
7206000
|
trusted library allocation
|
page read and write
|
||
|
CE8E000
|
stack
|
page read and write
|
||
|
77F7000
|
trusted library allocation
|
page read and write
|
||
|
1092000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
7088000
|
trusted library allocation
|
page read and write
|
||
|
12A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
D3C3000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
410A000
|
trusted library allocation
|
page read and write
|
||
|
3045000
|
trusted library allocation
|
page read and write
|
||
|
414A000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
7039000
|
trusted library allocation
|
page read and write
|
||
|
5012000
|
trusted library allocation
|
page read and write
|
||
|
7B6D000
|
stack
|
page read and write
|
||
|
12AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
32BC000
|
trusted library allocation
|
page read and write
|
||
|
94FF000
|
stack
|
page read and write
|
||
|
69C0000
|
heap
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
771E000
|
trusted library allocation
|
page read and write
|
||
|
587C000
|
stack
|
page read and write
|
||
|
2E8E000
|
trusted library allocation
|
page read and write
|
||
|
2D49000
|
trusted library allocation
|
page read and write
|
||
|
3077000
|
trusted library allocation
|
page read and write
|
||
|
2AA6000
|
trusted library allocation
|
page read and write
|
||
|
10E2000
|
trusted library allocation
|
page read and write
|
||
|
2ABD000
|
trusted library allocation
|
page read and write
|
||
|
5D0E000
|
stack
|
page read and write
|
||
|
7881000
|
trusted library allocation
|
page read and write
|
||
|
6FBF000
|
trusted library allocation
|
page read and write
|
||
|
77C4000
|
trusted library allocation
|
page read and write
|
||
|
1750000
|
trusted library allocation
|
page execute and read and write
|
||
|
19B0000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
remote allocation
|
page execute and read and write
|
||
|
235E000
|
stack
|
page read and write
|
||
|
4B3E000
|
stack
|
page read and write
|
||
|
447E000
|
trusted library allocation
|
page read and write
|
||
|
2DEE000
|
unkown
|
page read and write
|
||
|
647F000
|
heap
|
page read and write
|
||
|
5B60000
|
trusted library allocation
|
page read and write
|
||
|
6FD4000
|
trusted library allocation
|
page read and write
|
||
|
FB7000
|
heap
|
page read and write
|
||
|
7086000
|
trusted library allocation
|
page read and write
|
||
|
6ECC000
|
trusted library allocation
|
page read and write
|
||
|
7239000
|
trusted library allocation
|
page read and write
|
||
|
770D000
|
trusted library allocation
|
page read and write
|
||
|
DD5D000
|
stack
|
page read and write
|
||
|
120C000
|
stack
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF0000
|
heap
|
page execute and read and write
|
||
|
76AA000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
6EAA000
|
trusted library allocation
|
page read and write
|
||
|
2FA6000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
43C000
|
remote allocation
|
page execute and read and write
|
||
|
DE9E000
|
stack
|
page read and write
|
||
|
9B3E000
|
stack
|
page read and write
|
||
|
75AA000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
6C30000
|
trusted library allocation
|
page read and write
|
||
|
784E000
|
trusted library allocation
|
page read and write
|
||
|
303F000
|
unkown
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
6CA0000
|
trusted library allocation
|
page read and write
|
||
|
7691000
|
trusted library allocation
|
page read and write
|
||
|
2C59000
|
trusted library allocation
|
page read and write
|
||
|
32AF000
|
stack
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
6C38000
|
trusted library allocation
|
page read and write
|
||
|
77B3000
|
trusted library allocation
|
page read and write
|
||
|
352D000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
41E000
|
remote allocation
|
page execute and read and write
|
||
|
5080000
|
trusted library section
|
page readonly
|
||
|
6CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1905000
|
trusted library allocation
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
7654000
|
trusted library allocation
|
page read and write
|
||
|
95EE000
|
stack
|
page read and write
|
||
|
7892000
|
trusted library allocation
|
page read and write
|
||
|
503C000
|
stack
|
page read and write
|
||
|
8F3C000
|
stack
|
page read and write
|
||
|
2AE9000
|
trusted library allocation
|
page read and write
|
||
|
1A00000
|
heap
|
page read and write
|
||
|
6FBB000
|
trusted library allocation
|
page read and write
|
||
|
943E000
|
stack
|
page read and write
|
||
|
A5B0000
|
trusted library allocation
|
page read and write
|
||
|
2E3C000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
2F9E000
|
trusted library allocation
|
page read and write
|
||
|
3195000
|
trusted library allocation
|
page read and write
|
||
|
6F97000
|
trusted library allocation
|
page read and write
|
||
|
78A3000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
3BFA000
|
trusted library allocation
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
6B70000
|
heap
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
78D6000
|
trusted library allocation
|
page read and write
|
||
|
D26C000
|
stack
|
page read and write
|
||
|
78C5000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
435F000
|
trusted library allocation
|
page read and write
|
||
|
6F8E000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
DD0D000
|
stack
|
page read and write
|
||
|
5BE9000
|
heap
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
5EDD000
|
stack
|
page read and write
|
||
|
7131000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
E63000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE5E000
|
stack
|
page read and write
|
||
|
5780000
|
trusted library section
|
page readonly
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
3B7A000
|
trusted library allocation
|
page read and write
|
||
|
11EEC000
|
stack
|
page read and write
|
||
|
783D000
|
stack
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
93FE000
|
stack
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
6B60000
|
heap
|
page read and write
|
||
|
66A6000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
69D0000
|
heap
|
page read and write
|
||
|
767E000
|
trusted library allocation
|
page read and write
|
||
|
DA9000
|
heap
|
page read and write
|
||
|
6B0B000
|
stack
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
10BC000
|
stack
|
page read and write
|
||
|
6AD9000
|
trusted library allocation
|
page read and write
|
||
|
645A000
|
heap
|
page read and write
|
||
|
63DB000
|
heap
|
page read and write
|
||
|
7116000
|
trusted library allocation
|
page read and write
|
||
|
76BF000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
5FDF000
|
stack
|
page read and write
|
||
|
12A2000
|
trusted library allocation
|
page read and write
|
||
|
127B000
|
stack
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
76E7000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
4F9E000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
716B000
|
trusted library allocation
|
page read and write
|
||
|
3414000
|
trusted library allocation
|
page read and write
|
||
|
3412000
|
trusted library allocation
|
page read and write
|
||
|
1136000
|
trusted library allocation
|
page read and write
|
||
|
6450000
|
heap
|
page read and write
|
||
|
2F92000
|
trusted library allocation
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
9ED9000
|
trusted library allocation
|
page read and write
|
||
|
6BA0000
|
heap
|
page read and write
|
||
|
9833000
|
heap
|
page read and write
|
||
|
2AA1000
|
trusted library allocation
|
page read and write
|
||
|
7665000
|
trusted library allocation
|
page read and write
|
||
|
685E000
|
stack
|
page read and write
|
||
|
76FA000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
71D3000
|
trusted library allocation
|
page read and write
|
||
|
5BEB000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
41C000
|
remote allocation
|
page execute and read and write
|
||
|
782A000
|
trusted library allocation
|
page read and write
|
||
|
76A8000
|
trusted library allocation
|
page read and write
|
||
|
129D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E86000
|
trusted library allocation
|
page execute and read and write
|
||
|
4001000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
1900000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
64C0000
|
heap
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
7188000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
705F000
|
trusted library allocation
|
page read and write
|
||
|
73F0000
|
heap
|
page read and write
|
||
|
770B000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
6463000
|
heap
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
75A000
|
stack
|
page read and write
|
||
|
5BC0000
|
heap
|
page read and write
|
||
|
D2AD000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
64DE000
|
stack
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
6FED000
|
trusted library allocation
|
page read and write
|
||
|
772F000
|
trusted library allocation
|
page read and write
|
||
|
96FF000
|
stack
|
page read and write
|
||
|
109B000
|
trusted library allocation
|
page execute and read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
7808000
|
trusted library allocation
|
page read and write
|
||
|
674F000
|
stack
|
page read and write
|
||
|
700C000
|
stack
|
page read and write
|
||
|
661E000
|
stack
|
page read and write
|
||
|
6647000
|
trusted library allocation
|
page read and write
|
||
|
70E1000
|
trusted library allocation
|
page read and write
|
||
|
DD2000
|
unkown
|
page readonly
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
1097000
|
trusted library allocation
|
page execute and read and write
|
||
|
8310000
|
heap
|
page read and write
|
||
|
BD80000
|
trusted library section
|
page read and write
|
||
|
71E4000
|
trusted library allocation
|
page read and write
|
||
|
D3C0000
|
trusted library allocation
|
page read and write
|
||
|
648F000
|
heap
|
page read and write
|
||
|
6A12000
|
heap
|
page read and write
|
||
|
5084000
|
trusted library section
|
page readonly
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
6F2B000
|
trusted library allocation
|
page read and write
|
||
|
7207000
|
heap
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
4BA3000
|
trusted library allocation
|
page read and write
|
||
|
5C20000
|
heap
|
page read and write
|
||
|
CD2000
|
trusted library allocation
|
page read and write
|
||
|
E7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
31E6000
|
trusted library allocation
|
page read and write
|
||
|
71F5000
|
trusted library allocation
|
page read and write
|
||
|
12B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
B99A000
|
trusted library allocation
|
page read and write
|
||
|
6D4E000
|
stack
|
page read and write
|
||
|
59AB000
|
stack
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
5B80000
|
trusted library allocation
|
page read and write
|
||
|
3C3A000
|
trusted library allocation
|
page read and write
|
||
|
6448000
|
heap
|
page read and write
|
||
|
304D000
|
trusted library allocation
|
page read and write
|
||
|
8740000
|
heap
|
page read and write
|
||
|
5019000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
663D000
|
trusted library allocation
|
page read and write
|
||
|
78B4000
|
trusted library allocation
|
page read and write
|
||
|
2B0E000
|
trusted library allocation
|
page read and write
|
||
|
7017000
|
trusted library allocation
|
page read and write
|
||
|
615E000
|
stack
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
trusted library allocation
|
page read and write
|
||
|
675D000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
D18000
|
heap
|
page read and write
|
||
|
793D000
|
stack
|
page read and write
|
||
|
1384000
|
trusted library allocation
|
page read and write
|
||
|
C45000
|
heap
|
page read and write
|
||
|
19A5000
|
trusted library allocation
|
page read and write
|
||
|
7004000
|
trusted library allocation
|
page read and write
|
||
|
7758000
|
trusted library allocation
|
page read and write
|
||
|
7656000
|
trusted library allocation
|
page read and write
|
||
|
7DF0000
|
heap
|
page read and write
|
||
|
1951000
|
trusted library allocation
|
page read and write
|
||
|
4FA6000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
6FE7000
|
trusted library allocation
|
page read and write
|
||
|
668E000
|
stack
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
94EE000
|
stack
|
page read and write
|
||
|
1402000
|
heap
|
page read and write
|
||
|
5790000
|
heap
|
page read and write
|
||
|
6FE5000
|
trusted library allocation
|
page read and write
|
||
|
6F60000
|
trusted library allocation
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
3B9A000
|
trusted library allocation
|
page read and write
|
||
|
70DF000
|
trusted library allocation
|
page read and write
|
||
|
5A6E000
|
stack
|
page read and write
|
||
|
D3A000
|
heap
|
page read and write
|
||
|
10F8000
|
stack
|
page read and write
|
||
|
4EB6000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
heap
|
page execute and read and write
|
||
|
7DEC000
|
heap
|
page read and write
|
||
|
CC2000
|
trusted library allocation
|
page read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
7150000
|
trusted library allocation
|
page read and write
|
||
|
13AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA000
|
stack
|
page read and write
|
||
|
2C35000
|
trusted library allocation
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
4029000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
1970000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
1962000
|
trusted library allocation
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
76A6000
|
trusted library allocation
|
page read and write
|
||
|
5003000
|
heap
|
page read and write
|
||
|
7769000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
7569000
|
trusted library allocation
|
page read and write
|
||
|
DF9E000
|
stack
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
75FD000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
71D8000
|
heap
|
page read and write
|
||
|
4B55000
|
trusted library allocation
|
page read and write
|
||
|
1283000
|
trusted library allocation
|
page execute and read and write
|
||
|
9805000
|
heap
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
heap
|
page read and write
|
||
|
40CA000
|
trusted library allocation
|
page read and write
|
||
|
2D3A000
|
stack
|
page read and write
|
||
|
710C000
|
stack
|
page read and write
|
||
|
10DB000
|
trusted library allocation
|
page read and write
|
||
|
16EE000
|
stack
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
F0D000
|
stack
|
page read and write
|
||
|
4F84000
|
trusted library allocation
|
page read and write
|
||
|
70CE000
|
trusted library allocation
|
page read and write
|
||
|
6F1A000
|
trusted library allocation
|
page read and write
|
||
|
4C3B000
|
stack
|
page read and write
|
||
|
3AA1000
|
trusted library allocation
|
page read and write
|
||
|
513B000
|
stack
|
page read and write
|
||
|
9826000
|
heap
|
page read and write
|
||
|
13A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
138C000
|
stack
|
page read and write
|
||
|
77E6000
|
trusted library allocation
|
page read and write
|
||
|
601E000
|
stack
|
page read and write
|
||
|
561C000
|
stack
|
page read and write
|
||
|
3C1A000
|
trusted library allocation
|
page read and write
|
||
|
7676000
|
trusted library allocation
|
page read and write
|
||
|
5B90000
|
trusted library allocation
|
page read and write
|
||
|
678E000
|
stack
|
page read and write
|
||
|
9ED6000
|
trusted library allocation
|
page read and write
|
||
|
7150000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
E8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
982F000
|
heap
|
page read and write
|
||
|
26FB000
|
heap
|
page read and write
|
||
|
E9E000
|
heap
|
page read and write
|
||
|
4393000
|
trusted library allocation
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
7E63000
|
heap
|
page read and write
|
||
|
7AB0000
|
trusted library section
|
page read and write
|
||
|
D3B0000
|
trusted library allocation
|
page read and write
|
||
|
779E000
|
trusted library allocation
|
page read and write
|
||
|
18A0000
|
trusted library section
|
page read and write
|
||
|
767C000
|
trusted library allocation
|
page read and write
|
||
|
2E68000
|
trusted library allocation
|
page read and write
|
||
|
6F95000
|
trusted library allocation
|
page read and write
|
||
|
7178000
|
heap
|
page read and write
|
||
|
923E000
|
stack
|
page read and write
|
||
|
718F000
|
trusted library allocation
|
page read and write
|
||
|
13F8000
|
heap
|
page read and write
|
||
|
625E000
|
stack
|
page read and write
|
||
|
10EE000
|
trusted library allocation
|
page read and write
|
||
|
15CC000
|
stack
|
page read and write
|
||
|
6D8C000
|
stack
|
page read and write
|
||
|
7641000
|
trusted library allocation
|
page read and write
|
||
|
7745000
|
trusted library allocation
|
page read and write
|
||
|
1406000
|
heap
|
page read and write
|
||
|
6F99000
|
trusted library allocation
|
page read and write
|
||
|
5793000
|
heap
|
page read and write
|
||
|
F17000
|
heap
|
page read and write
|
||
|
12B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7678000
|
trusted library allocation
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page read and write
|
||
|
7081000
|
trusted library allocation
|
page read and write
|
||
|
6FFE000
|
trusted library allocation
|
page read and write
|
||
|
12D7000
|
heap
|
page read and write
|
||
|
D7F000
|
heap
|
page read and write
|
||
|
4FA1000
|
trusted library allocation
|
page read and write
|
||
|
5CEF000
|
stack
|
page read and write
|
||
|
77B1000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
541E000
|
stack
|
page read and write
|
||
|
7070000
|
trusted library allocation
|
page read and write
|
||
|
303D000
|
trusted library allocation
|
page read and write
|
||
|
75D9000
|
trusted library allocation
|
page read and write
|
||
|
4FF4000
|
heap
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C0E000
|
stack
|
page read and write
|
||
|
6D6E000
|
stack
|
page read and write
|
||
|
7E22000
|
heap
|
page read and write
|
||
|
694D000
|
stack
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
309E000
|
trusted library allocation
|
page read and write
|
||
|
95FF000
|
stack
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
32A9000
|
trusted library allocation
|
page read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
6F0F000
|
trusted library allocation
|
page read and write
|
||
|
7127000
|
trusted library allocation
|
page read and write
|
||
|
903D000
|
stack
|
page read and write
|
||
|
7E33000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B3A000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
188E000
|
stack
|
page read and write
|
||
|
760E000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page execute and read and write
|
||
|
310F000
|
stack
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
70F4000
|
trusted library allocation
|
page read and write
|
||
|
95F0000
|
trusted library section
|
page read and write
|
||
|
2AE5000
|
trusted library allocation
|
page read and write
|
||
|
CF8E000
|
stack
|
page read and write
|
||
|
5BC5000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
53F5000
|
heap
|
page read and write
|
||
|
12BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
689E000
|
stack
|
page read and write
|
||
|
5719000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
43A000
|
remote allocation
|
page execute and read and write
|
||
|
2CF7000
|
trusted library allocation
|
page read and write
|
||
|
120000
|
heap
|
page read and write
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
D2E000
|
heap
|
page read and write
|
||
|
3AD9000
|
trusted library allocation
|
page read and write
|
||
|
431000
|
remote allocation
|
page execute and read and write
|
||
|
77D5000
|
trusted library allocation
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
2E34000
|
trusted library allocation
|
page read and write
|
||
|
D3AE000
|
stack
|
page read and write
|
||
|
C8C000
|
stack
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
11A0D000
|
stack
|
page read and write
|
||
|
1890000
|
trusted library allocation
|
page read and write
|
||
|
3049000
|
trusted library allocation
|
page read and write
|
||
|
2D47000
|
trusted library allocation
|
page read and write
|
||
|
7C40000
|
heap
|
page read and write
|
||
|
42B9000
|
trusted library allocation
|
page read and write
|
||
|
758B000
|
trusted library allocation
|
page read and write
|
||
|
B37000
|
stack
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
6F4F000
|
trusted library allocation
|
page read and write
|
||
|
6C33000
|
trusted library allocation
|
page read and write
|
||
|
715A000
|
trusted library allocation
|
page read and write
|
||
|
7747000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
7170000
|
heap
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
75FB000
|
trusted library allocation
|
page read and write
|
||
|
6EEE000
|
stack
|
page read and write
|
||
|
64D0000
|
trusted library allocation
|
page read and write
|
||
|
32AB000
|
trusted library allocation
|
page read and write
|
||
|
76D6000
|
trusted library allocation
|
page read and write
|
||
|
10F6000
|
trusted library allocation
|
page read and write
|
||
|
629E000
|
stack
|
page read and write
|
||
|
611F000
|
stack
|
page read and write
|
||
|
4EB4000
|
trusted library allocation
|
page read and write
|
||
|
1403000
|
heap
|
page read and write
|
||
|
7F890000
|
trusted library allocation
|
page execute and read and write
|
||
|
12CB000
|
stack
|
page read and write
|
||
|
3A99000
|
trusted library allocation
|
page read and write
|
||
|
7228000
|
trusted library allocation
|
page read and write
|
||
|
D5A000
|
stack
|
page read and write
|
||
|
CD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1492000
|
heap
|
page read and write
|
||
|
648A000
|
heap
|
page read and write
|
||
|
EDA000
|
heap
|
page read and write
|
||
|
759C000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
2FC4000
|
trusted library allocation
|
page read and write
|
||
|
1956000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
6A5A000
|
heap
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
70BB000
|
trusted library allocation
|
page read and write
|
||
|
71B2000
|
heap
|
page read and write
|
||
|
40AA000
|
trusted library allocation
|
page read and write
|
||
|
1155000
|
trusted library allocation
|
page read and write
|
||
|
7F220000
|
trusted library allocation
|
page execute and read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
2D23000
|
trusted library allocation
|
page read and write
|
||
|
518C000
|
stack
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
5D4E000
|
stack
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
11DEB000
|
stack
|
page read and write
|
||
|
13F5000
|
heap
|
page read and write
|
||
|
53AB000
|
stack
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
3C7A000
|
trusted library allocation
|
page read and write
|
||
|
2FA1000
|
trusted library allocation
|
page read and write
|
||
|
DFA0000
|
trusted library allocation
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
778B000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
7E4F000
|
heap
|
page read and write
|
||
|
412A000
|
trusted library allocation
|
page read and write
|
||
|
32CF000
|
trusted library allocation
|
page read and write
|
||
|
408A000
|
trusted library allocation
|
page read and write
|
||
|
1102000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
5B9D000
|
stack
|
page read and write
|
||
|
AF8000
|
stack
|
page read and write
|
||
|
10F1000
|
trusted library allocation
|
page read and write
|
||
|
6FBD000
|
trusted library allocation
|
page read and write
|
||
|
6F71000
|
trusted library allocation
|
page read and write
|
||
|
7693000
|
trusted library allocation
|
page read and write
|
||
|
415000
|
remote allocation
|
page execute and read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
6F82000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
2C5B000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
41F000
|
remote allocation
|
page execute and read and write
|
||
|
6CA6000
|
trusted library allocation
|
page read and write
|
||
|
CA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
71C2000
|
trusted library allocation
|
page read and write
|
||
|
63C0000
|
heap
|
page read and write
|
||
|
5620000
|
heap
|
page execute and read and write
|
||
|
19A0000
|
trusted library allocation
|
page read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
1109C000
|
trusted library allocation
|
page read and write
|
||
|
128D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
6C8D000
|
stack
|
page read and write
|
||
|
7160000
|
heap
|
page read and write
|
||
|
13A2000
|
trusted library allocation
|
page read and write
|
||
|
3AA9000
|
trusted library allocation
|
page read and write
|
||
|
2B5E000
|
trusted library allocation
|
page read and write
|
||
|
78F8000
|
trusted library allocation
|
page read and write
|
||
|
3BDA000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
69E8000
|
heap
|
page read and write
|
||
|
149C000
|
heap
|
page read and write
|
||
|
239F000
|
stack
|
page read and write
|
||
|
7DE0000
|
heap
|
page read and write
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page execute and read and write
|
||
|
7028000
|
trusted library allocation
|
page read and write
|
||
|
757A000
|
trusted library allocation
|
page read and write
|
||
|
CD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AD0000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page execute and read and write
|
||
|
13BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
6C47000
|
trusted library allocation
|
page read and write
|
||
|
327F000
|
trusted library allocation
|
page read and write
|
||
|
964E000
|
stack
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FE9000
|
trusted library allocation
|
page read and write
|
||
|
698D000
|
stack
|
page read and write
|
||
|
7015000
|
trusted library allocation
|
page read and write
|
||
|
32B1000
|
trusted library allocation
|
page read and write
|
||
|
7002000
|
trusted library allocation
|
page read and write
|
||
|
6FB9000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page execute and read and write
|
||
|
76A4000
|
trusted library allocation
|
page read and write
|
||
|
717C000
|
trusted library allocation
|
page read and write
|
||
|
33C4000
|
trusted library allocation
|
page read and write
|
||
|
7A7E000
|
stack
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
416A000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
6FCF000
|
stack
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
5B5E000
|
stack
|
page read and write
|
||
|
70CC000
|
trusted library allocation
|
page read and write
|
||
|
2BB1000
|
trusted library allocation
|
page read and write
|
||
|
699E000
|
stack
|
page read and write
|
||
|
7205000
|
heap
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
2D53000
|
trusted library allocation
|
page read and write
|
||
|
4B07000
|
trusted library allocation
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
26E000
|
unkown
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
85CE000
|
stack
|
page read and write
|
||
|
13B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1934000
|
trusted library allocation
|
page read and write
|
||
|
78E7000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
172C000
|
stack
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
784C000
|
trusted library allocation
|
page read and write
|
||
|
778D000
|
trusted library allocation
|
page read and write
|
||
|
7322000
|
trusted library allocation
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
7217000
|
trusted library allocation
|
page read and write
|
||
|
974F000
|
stack
|
page read and write
|
||
|
194E000
|
trusted library allocation
|
page read and write
|
||
|
436000
|
remote allocation
|
page execute and read and write
|
||
|
311A000
|
heap
|
page read and write
|
||
|
1383000
|
trusted library allocation
|
page execute and read and write
|
||
|
1990000
|
trusted library allocation
|
page read and write
|
||
|
30EE000
|
trusted library allocation
|
page read and write
|
||
|
5712000
|
trusted library allocation
|
page read and write
|
||
|
DCC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1284000
|
trusted library allocation
|
page read and write
|
||
|
6A0B000
|
stack
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
6F3C000
|
trusted library allocation
|
page read and write
|
||
|
715F000
|
trusted library allocation
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
||
|
703B000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
7105000
|
trusted library allocation
|
page read and write
|
||
|
6F18000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1117000
|
heap
|
page read and write
|
||
|
7099000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
F2A000
|
stack
|
page read and write
|
||
|
75BD000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
2CFD000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
76AC000
|
trusted library allocation
|
page read and write
|
||
|
41B000
|
remote allocation
|
page execute and read and write
|
||
|
CC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EED000
|
trusted library allocation
|
page read and write
|
||
|
71B1000
|
trusted library allocation
|
page read and write
|
||
|
13EE000
|
heap
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
1A07000
|
heap
|
page read and write
|
||
|
3B1A000
|
trusted library allocation
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
86CF000
|
stack
|
page read and write
|
||
|
6EBB000
|
trusted library allocation
|
page read and write
|
||
|
3079000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
2CAA000
|
trusted library allocation
|
page read and write
|
||
|
5960000
|
heap
|
page execute and read and write
|
||
|
CA4000
|
trusted library allocation
|
page read and write
|
||
|
70AA000
|
trusted library allocation
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
76D4000
|
trusted library allocation
|
page read and write
|
||
|
75AC000
|
trusted library allocation
|
page read and write
|
||
|
661D000
|
stack
|
page read and write
|
||
|
18C0000
|
trusted library allocation
|
page read and write
|
||
|
8300000
|
heap
|
page read and write
|
||
|
168F000
|
stack
|
page read and write
|
||
|
76AE000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
406A000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
195D000
|
trusted library allocation
|
page read and write
|
||
|
2A71000
|
trusted library allocation
|
page read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
CAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
51C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F8E000
|
trusted library allocation
|
page read and write
|
||
|
416000
|
remote allocation
|
page execute and read and write
|
||
|
C0B000
|
stack
|
page read and write
|
||
|
1980000
|
heap
|
page execute and read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
11D0F000
|
stack
|
page read and write
|
||
|
12B2000
|
trusted library allocation
|
page read and write
|
||
|
50A0000
|
heap
|
page read and write
|
||
|
3BBA000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
6EFE000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page execute and read and write
|
||
|
3B5A000
|
trusted library allocation
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
75EA000
|
trusted library allocation
|
page read and write
|
||
|
629E000
|
stack
|
page read and write
|
||
|
76C1000
|
trusted library allocation
|
page read and write
|
||
|
551F000
|
stack
|
page read and write
|
||
|
713D000
|
trusted library allocation
|
page read and write
|
||
|
6FB7000
|
trusted library allocation
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
9800000
|
heap
|
page read and write
|
||
|
11F00000
|
trusted library allocation
|
page read and write
|
||
|
F48000
|
heap
|
page read and write
|
||
|
705D000
|
trusted library allocation
|
page read and write
|
||
|
6456000
|
heap
|
page read and write
|
||
|
418A000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
9EDE000
|
trusted library allocation
|
page read and write
|
||
|
11A10000
|
heap
|
page read and write
|
||
|
1397000
|
heap
|
page read and write
|
||
|
783B000
|
trusted library allocation
|
page read and write
|
||
|
70F2000
|
trusted library allocation
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
E9A000
|
unkown
|
page readonly
|
||
|
2BB7000
|
trusted library allocation
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
7149000
|
trusted library allocation
|
page read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
4B6E000
|
stack
|
page read and write
|
||
|
5C5E000
|
stack
|
page read and write
|
||
|
2AAD000
|
trusted library allocation
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
6FB5000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
heap
|
page read and write
|
||
|
2F8B000
|
trusted library allocation
|
page read and write
|
||
|
2AB9000
|
trusted library allocation
|
page read and write
|
||
|
4524000
|
trusted library allocation
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
777A000
|
trusted library allocation
|
page read and write
|
||
|
13B2000
|
trusted library allocation
|
page read and write
|
||
|
138D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8790000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
6EEB000
|
trusted library allocation
|
page read and write
|
||
|
785F000
|
trusted library allocation
|
page read and write
|
||
|
7138000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
6C90000
|
heap
|
page read and write
|
||
|
76C3000
|
trusted library allocation
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
2C09000
|
trusted library allocation
|
page read and write
|
||
|
501D000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
41A000
|
remote allocation
|
page execute and read and write
|
||
|
438000
|
remote allocation
|
page execute and read and write
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
718D000
|
trusted library allocation
|
page read and write
|
||
|
1920000
|
trusted library allocation
|
page execute and read and write
|
||
|
7700000
|
heap
|
page read and write
|
||
|
5C0E000
|
heap
|
page read and write
|
||
|
5C60000
|
trusted library allocation
|
page read and write
|
||
|
7CEE000
|
stack
|
page read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
7174000
|
heap
|
page read and write
|
||
|
2AB5000
|
trusted library allocation
|
page read and write
|
||
|
4FB2000
|
trusted library allocation
|
page read and write
|
||
|
10DE000
|
trusted library allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
CCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C5A000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
7155000
|
trusted library allocation
|
page read and write
|
||
|
4ECE000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
C10000
|
heap
|
page read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
CDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FEB000
|
trusted library allocation
|
page read and write
|
||
|
7819000
|
trusted library allocation
|
page read and write
|
||
|
6F93000
|
trusted library allocation
|
page read and write
|
||
|
3036000
|
trusted library allocation
|
page read and write
|
||
|
6FD2000
|
trusted library allocation
|
page read and write
|
||
|
42B1000
|
trusted library allocation
|
page read and write
|
||
|
D16C000
|
stack
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
59DF000
|
stack
|
page read and write
|
||
|
64D9000
|
trusted library allocation
|
page read and write
|
||
|
7652000
|
trusted library allocation
|
page read and write
|
||
|
F5C000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
7658000
|
trusted library allocation
|
page read and write
|
||
|
18B1000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
767A000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
1770000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
7940000
|
heap
|
page read and write
|
||
|
55AB000
|
stack
|
page read and write
|
||
|
29C8000
|
trusted library allocation
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
6630000
|
trusted library allocation
|
page read and write
|
||
|
65DE000
|
stack
|
page read and write
|
||
|
19D0000
|
trusted library allocation
|
page read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
2D98000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AFA000
|
trusted library allocation
|
page read and write
|
||
|
12F7000
|
heap
|
page read and write
|
||
|
6F4C000
|
stack
|
page read and write
|
||
|
2DF2000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
10FD000
|
trusted library allocation
|
page read and write
|
||
|
761F000
|
trusted library allocation
|
page read and write
|
||
|
CBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1441000
|
heap
|
page read and write
|
||
|
704C000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
43B000
|
remote allocation
|
page execute and read and write
|
||
|
6C3D000
|
trusted library allocation
|
page read and write
|
||
|
6FEF000
|
stack
|
page read and write
|
||
|
E82000
|
trusted library allocation
|
page read and write
|
||
|
139D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EAF000
|
stack
|
page read and write
|
||
|
671F000
|
stack
|
page read and write
|
||
|
6F3E000
|
trusted library allocation
|
page read and write
|
||
|
7C50000
|
heap
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
231E000
|
unkown
|
page read and write
|
||
|
E64000
|
trusted library allocation
|
page read and write
|
||
|
D12E000
|
stack
|
page read and write
|
||
|
40EA000
|
trusted library allocation
|
page read and write
|
||
|
16CD000
|
stack
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
4FAD000
|
trusted library allocation
|
page read and write
|
There are 850 hidden memdumps, click here to show them.