Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQPO3D93876738.scr.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RFQPO3D93876738._69117b6fa6abf2ab552dc9e9e6eebfb7cefe11e1_bcac15c1_27a11465-d65d-4af1-9f91-68ca1f60d89f\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCA61.tmp.dmp
|
Mini DuMP crash report, 16 streams, Mon Jul 22 15:52:09 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCC46.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCC76.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AddInProcess32.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_13w5zsur.1xi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4nqchips.teg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_d03rotq0.ztr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ppdfzt4y.u2z.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RFQPO3D93876738.scr.exe
|
"C:\Users\user\Desktop\RFQPO3D93876738.scr.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\RFQPO3D93876738.scr.exe"
-Force
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7368 -s 1044
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/faultp9
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://r10.o.lencr.org0#
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://r10.i.lencr.org/0
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s82.gocheapweb.com
|
51.195.88.199
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
api.ipify.org
|
104.26.12.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
212.162.149.48
|
unknown
|
Netherlands
|
|
|
|
51.195.88.199
|
s82.gocheapweb.com
|
France
|
|
|
|
104.26.12.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLUA
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.SecurityAndMaintenance
|
Enabled
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AddInProcess32_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
ProgramId
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
FileId
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
LongPathHash
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
Name
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
OriginalFileName
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
Publisher
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
Version
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
BinFileVersion
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
BinaryType
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
ProductName
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
ProductVersion
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
LinkDate
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
BinProductVersion
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
Size
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
Language
|
||
|
\REGISTRY\A\{4ca10891-862f-464f-86f9-d59d88798a79}\Root\InventoryApplicationFile\rfqpo3d93876738.|ea480d527b81cb2d
|
Usn
|
There are 31 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2422D352000
|
trusted library allocation
|
page read and write
|
|
|
|
2F35000
|
trusted library allocation
|
page read and write
|
|
|
|
7860000
|
trusted library section
|
page read and write
|
|
|
|
7200000
|
trusted library section
|
page read and write
|
|
|
|
2E61000
|
trusted library allocation
|
page read and write
|
|
|
|
2422D096000
|
trusted library allocation
|
page read and write
|
|
|
|
7BB3000
|
heap
|
page read and write
|
||
|
7C6A000
|
heap
|
page read and write
|
||
|
310B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC580000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC446000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C62000
|
heap
|
page read and write
|
||
|
7BF8000
|
heap
|
page read and write
|
||
|
2422B439000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
2F25000
|
trusted library allocation
|
page read and write
|
||
|
2422B3D0000
|
heap
|
page read and write
|
||
|
242457C5000
|
heap
|
page read and write
|
||
|
33C1000
|
trusted library allocation
|
page read and write
|
||
|
6CCE000
|
stack
|
page read and write
|
||
|
71FE000
|
stack
|
page read and write
|
||
|
2423D59D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB07390000
|
unkown
|
page readonly
|
||
|
7DF0000
|
trusted library allocation
|
page read and write
|
||
|
7C02000
|
heap
|
page read and write
|
||
|
7F19000
|
trusted library allocation
|
page read and write
|
||
|
138E000
|
stack
|
page read and write
|
||
|
58A9000
|
stack
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
7B9D000
|
heap
|
page read and write
|
||
|
7857000
|
stack
|
page read and write
|
||
|
5A6E000
|
stack
|
page read and write
|
||
|
2422D011000
|
trusted library allocation
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
32A6000
|
trusted library allocation
|
page read and write
|
||
|
3F23000
|
trusted library allocation
|
page read and write
|
||
|
3357000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
7BAA000
|
heap
|
page read and write
|
||
|
6E0F000
|
stack
|
page read and write
|
||
|
7FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
7FFAAC504000
|
trusted library allocation
|
page read and write
|
||
|
132B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FA5000
|
trusted library allocation
|
page read and write
|
||
|
8020000
|
trusted library allocation
|
page read and write
|
||
|
1023000
|
trusted library allocation
|
page execute and read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
7C3A000
|
heap
|
page read and write
|
||
|
7F3F000
|
trusted library allocation
|
page read and write
|
||
|
7C20000
|
heap
|
page read and write
|
||
|
79C0000
|
trusted library allocation
|
page read and write
|
||
|
2423D198000
|
trusted library allocation
|
page read and write
|
||
|
4136000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC360000
|
trusted library allocation
|
page read and write
|
||
|
409B000
|
trusted library allocation
|
page read and write
|
||
|
B9B000
|
stack
|
page read and write
|
||
|
65DB000
|
heap
|
page read and write
|
||
|
3ECF000
|
trusted library allocation
|
page read and write
|
||
|
7BCE000
|
heap
|
page read and write
|
||
|
2422B710000
|
heap
|
page read and write
|
||
|
7FFAAC41C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DC0000
|
trusted library allocation
|
page read and write
|
||
|
336E000
|
trusted library allocation
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
CCC3DFF000
|
stack
|
page read and write
|
||
|
3427000
|
trusted library allocation
|
page read and write
|
||
|
7D70000
|
trusted library allocation
|
page read and write
|
||
|
78B0000
|
trusted library allocation
|
page read and write
|
||
|
3EA3000
|
trusted library allocation
|
page read and write
|
||
|
2F9D000
|
trusted library allocation
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
2422D01C000
|
trusted library allocation
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
7F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
400C000
|
trusted library allocation
|
page read and write
|
||
|
3439000
|
trusted library allocation
|
page read and write
|
||
|
6F4E000
|
stack
|
page read and write
|
||
|
79A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2422B5F8000
|
heap
|
page read and write
|
||
|
10D5000
|
heap
|
page read and write
|
||
|
7FFAAC372000
|
trusted library allocation
|
page read and write
|
||
|
78A2000
|
trusted library section
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
78E1000
|
trusted library allocation
|
page read and write
|
||
|
6D0E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
7B7A000
|
heap
|
page read and write
|
||
|
24245790000
|
heap
|
page read and write
|
||
|
7BB0000
|
heap
|
page read and write
|
||
|
3328000
|
trusted library allocation
|
page read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
33F0000
|
trusted library allocation
|
page read and write
|
||
|
32B1000
|
trusted library allocation
|
page read and write
|
||
|
7C24000
|
heap
|
page read and write
|
||
|
24245880000
|
heap
|
page read and write
|
||
|
7F58000
|
trusted library allocation
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
2422B600000
|
trusted library section
|
page read and write
|
||
|
76FE000
|
stack
|
page read and write
|
||
|
563B000
|
trusted library allocation
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
7C19000
|
heap
|
page read and write
|
||
|
7FFB073B2000
|
unkown
|
page readonly
|
||
|
3472000
|
trusted library allocation
|
page read and write
|
||
|
7DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E70000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page read and write
|
||
|
40F5000
|
trusted library allocation
|
page read and write
|
||
|
78F5000
|
trusted library allocation
|
page read and write
|
||
|
4F5C000
|
stack
|
page read and write
|
||
|
78FA000
|
trusted library allocation
|
page read and write
|
||
|
3EAF000
|
trusted library allocation
|
page read and write
|
||
|
4119000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC38D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC55C000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page read and write
|
||
|
CCC42FB000
|
stack
|
page read and write
|
||
|
CCC40FE000
|
stack
|
page read and write
|
||
|
7BE6000
|
heap
|
page read and write
|
||
|
7970000
|
trusted library allocation
|
page read and write
|
||
|
2422B310000
|
heap
|
page read and write
|
||
|
7F2F000
|
trusted library allocation
|
page read and write
|
||
|
83AE000
|
stack
|
page read and write
|
||
|
7FFAAC52A000
|
trusted library allocation
|
page read and write
|
||
|
54E8000
|
stack
|
page read and write
|
||
|
6537000
|
heap
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
1129000
|
heap
|
page read and write
|
||
|
2423D01D000
|
trusted library allocation
|
page read and write
|
||
|
5651000
|
trusted library allocation
|
page read and write
|
||
|
2422B49A000
|
heap
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
7BC2000
|
heap
|
page read and write
|
||
|
13E6000
|
heap
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
8060000
|
heap
|
page read and write
|
||
|
2422B3A0000
|
trusted library allocation
|
page read and write
|
||
|
7F15000
|
trusted library allocation
|
page read and write
|
||
|
7FD0000
|
trusted library allocation
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
6504000
|
heap
|
page read and write
|
||
|
2423D484000
|
trusted library allocation
|
page read and write
|
||
|
564E000
|
trusted library allocation
|
page read and write
|
||
|
7C2F000
|
heap
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
CCC34F3000
|
stack
|
page read and write
|
||
|
8EC9000
|
heap
|
page read and write
|
||
|
2422B4C7000
|
heap
|
page read and write
|
||
|
7FB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB07391000
|
unkown
|
page execute read
|
||
|
2422B6A5000
|
heap
|
page read and write
|
||
|
78C6000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
trusted library allocation
|
page read and write
|
||
|
7DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC37D000
|
trusted library allocation
|
page execute and read and write
|
||
|
319D000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC370000
|
trusted library allocation
|
page read and write
|
||
|
7E75000
|
trusted library allocation
|
page read and write
|
||
|
6380000
|
heap
|
page read and write
|
||
|
7A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC570000
|
trusted library allocation
|
page read and write
|
||
|
2422B6A0000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB073B0000
|
unkown
|
page read and write
|
||
|
7EB0000
|
trusted library allocation
|
page read and write
|
||
|
65A1000
|
heap
|
page read and write
|
||
|
CCC35FF000
|
stack
|
page read and write
|
||
|
2422B411000
|
heap
|
page read and write
|
||
|
3467000
|
trusted library allocation
|
page read and write
|
||
|
7C12000
|
heap
|
page read and write
|
||
|
6B8D000
|
stack
|
page read and write
|
||
|
75FE000
|
stack
|
page read and write
|
||
|
24245740000
|
heap
|
page read and write
|
||
|
5A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
13EE000
|
heap
|
page read and write
|
||
|
3ECA000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC420000
|
trusted library allocation
|
page execute and read and write
|
||
|
78DE000
|
trusted library allocation
|
page read and write
|
||
|
105E000
|
heap
|
page read and write
|
||
|
680D000
|
stack
|
page read and write
|
||
|
7FFAAC364000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5335000
|
trusted library allocation
|
page read and write
|
||
|
7DAB000
|
trusted library allocation
|
page read and write
|
||
|
33BD000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
heap
|
page execute and read and write
|
||
|
13D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
24245040000
|
trusted library allocation
|
page read and write
|
||
|
1322000
|
trusted library allocation
|
page read and write
|
||
|
2422B3DC000
|
heap
|
page read and write
|
||
|
1033000
|
trusted library allocation
|
page read and write
|
||
|
8040000
|
trusted library allocation
|
page execute and read and write
|
||
|
328A000
|
trusted library allocation
|
page read and write
|
||
|
7F12000
|
trusted library allocation
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C8000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
CCC3BFF000
|
stack
|
page read and write
|
||
|
7B91000
|
heap
|
page read and write
|
||
|
329B000
|
trusted library allocation
|
page read and write
|
||
|
694D000
|
stack
|
page read and write
|
||
|
2422B5A0000
|
trusted library allocation
|
page read and write
|
||
|
3373000
|
trusted library allocation
|
page read and write
|
||
|
3E61000
|
trusted library allocation
|
page read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
5662000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
410F000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC410000
|
trusted library allocation
|
page read and write
|
||
|
624E000
|
stack
|
page read and write
|
||
|
2FBA000
|
trusted library allocation
|
page read and write
|
||
|
7BD2000
|
heap
|
page read and write
|
||
|
78D2000
|
trusted library allocation
|
page read and write
|
||
|
7940000
|
trusted library allocation
|
page execute and read and write
|
||
|
3431000
|
trusted library allocation
|
page read and write
|
||
|
2422B40F000
|
heap
|
page read and write
|
||
|
F97000
|
heap
|
page read and write
|
||
|
7E78000
|
trusted library allocation
|
page read and write
|
||
|
106A000
|
heap
|
page read and write
|
||
|
3296000
|
trusted library allocation
|
page read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
337E000
|
trusted library allocation
|
page read and write
|
||
|
CCC39FC000
|
stack
|
page read and write
|
||
|
EF8000
|
stack
|
page read and write
|
||
|
7FFAAC3BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
A50E000
|
stack
|
page read and write
|
||
|
7F2A000
|
trusted library allocation
|
page read and write
|
||
|
3479000
|
trusted library allocation
|
page read and write
|
||
|
13CB000
|
stack
|
page read and write
|
||
|
40C000
|
remote allocation
|
page execute and read and write
|
||
|
1327000
|
trusted library allocation
|
page execute and read and write
|
||
|
347F000
|
trusted library allocation
|
page read and write
|
||
|
3EC0000
|
trusted library allocation
|
page read and write
|
||
|
68CE000
|
stack
|
page read and write
|
||
|
2423D021000
|
trusted library allocation
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page read and write
|
||
|
4006000
|
trusted library allocation
|
page read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
7F4B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
310F000
|
trusted library allocation
|
page read and write
|
||
|
7BCB000
|
heap
|
page read and write
|
||
|
40AD000
|
trusted library allocation
|
page read and write
|
||
|
7B8F000
|
heap
|
page read and write
|
||
|
8030000
|
trusted library allocation
|
page execute and read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
2F9F000
|
trusted library allocation
|
page read and write
|
||
|
5634000
|
trusted library allocation
|
page read and write
|
||
|
4106000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
75BE000
|
stack
|
page read and write
|
||
|
4023000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
348F000
|
trusted library allocation
|
page read and write
|
||
|
7F3A000
|
trusted library allocation
|
page read and write
|
||
|
792E000
|
trusted library allocation
|
page read and write
|
||
|
CCC3CFE000
|
stack
|
page read and write
|
||
|
2422D000000
|
heap
|
page execute and read and write
|
||
|
7E0A000
|
trusted library allocation
|
page read and write
|
||
|
7F50000
|
trusted library allocation
|
page read and write
|
||
|
2423D011000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
3ED5000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
792B000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
4015000
|
trusted library allocation
|
page read and write
|
||
|
2422B5D0000
|
heap
|
page execute and read and write
|
||
|
6600000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC480000
|
trusted library allocation
|
page execute and read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC510000
|
trusted library allocation
|
page read and write
|
||
|
40FC000
|
trusted library allocation
|
page read and write
|
||
|
3453000
|
trusted library allocation
|
page read and write
|
||
|
7925000
|
trusted library allocation
|
page read and write
|
||
|
8EC1000
|
heap
|
page read and write
|
||
|
3317000
|
trusted library allocation
|
page read and write
|
||
|
6F50000
|
heap
|
page read and write
|
||
|
24245860000
|
heap
|
page read and write
|
||
|
CCC37FF000
|
stack
|
page read and write
|
||
|
6F9A000
|
stack
|
page read and write
|
||
|
2422B272000
|
unkown
|
page readonly
|
||
|
7905000
|
trusted library allocation
|
page read and write
|
||
|
1077000
|
heap
|
page read and write
|
||
|
7FFAAC524000
|
trusted library allocation
|
page read and write
|
||
|
7BB9000
|
heap
|
page read and write
|
||
|
79D0000
|
trusted library allocation
|
page read and write
|
||
|
2422B6C8000
|
trusted library section
|
page read and write
|
||
|
7FFAAC379000
|
trusted library allocation
|
page read and write
|
||
|
70FE000
|
stack
|
page read and write
|
||
|
5323000
|
heap
|
page execute and read and write
|
||
|
3484000
|
trusted library allocation
|
page read and write
|
||
|
CCC38FE000
|
stack
|
page read and write
|
||
|
1325000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E98000
|
trusted library allocation
|
page read and write
|
||
|
3EB4000
|
trusted library allocation
|
page read and write
|
||
|
4095000
|
trusted library allocation
|
page read and write
|
||
|
7C4A000
|
heap
|
page read and write
|
||
|
338A000
|
trusted library allocation
|
page read and write
|
||
|
309D000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC554000
|
trusted library allocation
|
page read and write
|
||
|
53E3000
|
heap
|
page read and write
|
||
|
7D80000
|
heap
|
page execute and read and write
|
||
|
3035000
|
trusted library allocation
|
page read and write
|
||
|
80D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB073B5000
|
unkown
|
page readonly
|
||
|
562D000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7F40000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
3F02000
|
trusted library allocation
|
page read and write
|
||
|
410B000
|
trusted library allocation
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
1316000
|
trusted library allocation
|
page execute and read and write
|
||
|
52EA000
|
stack
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
CCC41FE000
|
stack
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
2423D36B000
|
trusted library allocation
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1024000
|
trusted library allocation
|
page read and write
|
||
|
7099000
|
stack
|
page read and write
|
||
|
3336000
|
trusted library allocation
|
page read and write
|
||
|
6A8C000
|
stack
|
page read and write
|
||
|
7FFB073A6000
|
unkown
|
page readonly
|
||
|
2423D018000
|
trusted library allocation
|
page read and write
|
||
|
7E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
56CC000
|
stack
|
page read and write
|
||
|
6500000
|
heap
|
page read and write
|
||
|
7FFAAC363000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCC36FE000
|
stack
|
page read and write
|
||
|
2422B300000
|
heap
|
page read and write
|
||
|
70B7000
|
trusted library allocation
|
page read and write
|
||
|
2422B43B000
|
heap
|
page read and write
|
||
|
2422D053000
|
trusted library allocation
|
page read and write
|
||
|
10FF000
|
heap
|
page read and write
|
||
|
565D000
|
trusted library allocation
|
page read and write
|
||
|
7B88000
|
heap
|
page read and write
|
||
|
6555000
|
heap
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
349A000
|
trusted library allocation
|
page read and write
|
||
|
2422B6B0000
|
trusted library section
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
7A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC560000
|
trusted library allocation
|
page execute and read and write
|
||
|
74BD000
|
stack
|
page read and write
|
||
|
2422B350000
|
heap
|
page read and write
|
||
|
2C98000
|
trusted library allocation
|
page read and write
|
||
|
7DA0000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
332A000
|
trusted library allocation
|
page read and write
|
||
|
306B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC38B000
|
trusted library allocation
|
page execute and read and write
|
||
|
401B000
|
trusted library allocation
|
page read and write
|
||
|
2422B5F0000
|
heap
|
page read and write
|
||
|
2423D13A000
|
trusted library allocation
|
page read and write
|
||
|
7BF4000
|
heap
|
page read and write
|
||
|
4126000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
2422B330000
|
heap
|
page read and write
|
||
|
7FF481D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
33CC000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
4010000
|
trusted library allocation
|
page read and write
|
||
|
30C1000
|
trusted library allocation
|
page read and write
|
||
|
4111000
|
trusted library allocation
|
page read and write
|
||
|
4102000
|
trusted library allocation
|
page read and write
|
||
|
8AB0000
|
heap
|
page read and write
|
||
|
6514000
|
heap
|
page read and write
|
||
|
43E4000
|
trusted library allocation
|
page read and write
|
||
|
659F000
|
heap
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
6510000
|
heap
|
page read and write
|
||
|
6A4C000
|
stack
|
page read and write
|
||
|
2422B715000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC380000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page execute and read and write
|
||
|
3277000
|
trusted library allocation
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
7BDB000
|
heap
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
3E77000
|
trusted library allocation
|
page read and write
|
||
|
7E00000
|
trusted library allocation
|
page read and write
|
||
|
79B0000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
103D000
|
trusted library allocation
|
page execute and read and write
|
||
|
52F9000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
2EAB000
|
trusted library allocation
|
page read and write
|
||
|
7F10000
|
trusted library allocation
|
page read and write
|
||
|
2422B3FA000
|
heap
|
page read and write
|
||
|
7FFAAC36D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
7907000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC384000
|
trusted library allocation
|
page read and write
|
||
|
7BDE000
|
heap
|
page read and write
|
||
|
8EB0000
|
heap
|
page read and write
|
||
|
78C1000
|
trusted library allocation
|
page read and write
|
||
|
3E84000
|
trusted library allocation
|
page read and write
|
||
|
78F8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC520000
|
trusted library allocation
|
page read and write
|
||
|
102D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F60000
|
trusted library allocation
|
page read and write
|
||
|
80AE000
|
stack
|
page read and write
|
||
|
3E6B000
|
trusted library allocation
|
page read and write
|
||
|
2FB5000
|
trusted library allocation
|
page read and write
|
||
|
7F28000
|
trusted library allocation
|
page read and write
|
||
|
2422D01A000
|
trusted library allocation
|
page read and write
|
||
|
2422B5A3000
|
trusted library allocation
|
page read and write
|
||
|
423B000
|
trusted library allocation
|
page read and write
|
||
|
670E000
|
stack
|
page read and write
|
||
|
3291000
|
trusted library allocation
|
page read and write
|
||
|
327F000
|
trusted library allocation
|
page read and write
|
||
|
34C9000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC550000
|
trusted library allocation
|
page read and write
|
||
|
3362000
|
trusted library allocation
|
page read and write
|
||
|
7909000
|
trusted library allocation
|
page read and write
|
||
|
401E000
|
trusted library allocation
|
page read and write
|
||
|
3446000
|
trusted library allocation
|
page read and write
|
||
|
2422B270000
|
unkown
|
page readonly
|
||
|
33C6000
|
trusted library allocation
|
page read and write
|
||
|
2F23000
|
trusted library allocation
|
page read and write
|
||
|
4028000
|
trusted library allocation
|
page read and write
|
||
|
2422B442000
|
heap
|
page read and write
|
||
|
5656000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
78BB000
|
trusted library allocation
|
page read and write
|
||
|
7F35000
|
trusted library allocation
|
page read and write
|
||
|
6542000
|
heap
|
page read and write
|
||
|
59EF000
|
stack
|
page read and write
|
||
|
64E0000
|
trusted library allocation
|
page read and write
|
||
|
2422B3C0000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
2422B48E000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
7B99000
|
heap
|
page read and write
|
||
|
7B93000
|
heap
|
page read and write
|
||
|
5A2D000
|
stack
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3121000
|
trusted library allocation
|
page read and write
|
||
|
7F44000
|
trusted library allocation
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
7FFAAC540000
|
trusted library allocation
|
page read and write
|
||
|
7C50000
|
heap
|
page read and write
|
||
|
801B000
|
stack
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC416000
|
trusted library allocation
|
page read and write
|
||
|
7B50000
|
heap
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
310D000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC362000
|
trusted library allocation
|
page read and write
|
||
|
775A000
|
stack
|
page read and write
|
||
|
3EAA000
|
trusted library allocation
|
page read and write
|
||
|
32E0000
|
trusted library allocation
|
page read and write
|
||
|
4114000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
7C35000
|
heap
|
page read and write
|
||
|
4019000
|
trusted library allocation
|
page read and write
|
There are 469 hidden memdumps, click here to show them.