Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LisectAVT_2403002A_133.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\LisectAVT_2403002A_133.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpCD6C.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\GlIToApjgGEL.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bolbem2p.ywk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_edkdearx.j4a.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gzobwmys.b1z.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j5qnhrc5.din.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_keacwpii.npm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mfvtdh0q.nwy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sou4er2x.uuf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xwftd0m5.fpn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpE6EF.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LisectAVT_2403002A_133.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_133.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\LisectAVT_2403002A_133.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\GlIToApjgGEL" /XML "C:\Users\user\AppData\Local\Temp\tmpCD6C.tmp"
|
|
|
|
C:\Users\user\Desktop\LisectAVT_2403002A_133.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_133.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe
|
C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\GlIToApjgGEL" /XML "C:\Users\user\AppData\Local\Temp\tmpE6EF.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe
|
"C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe
|
"C:\Users\user\AppData\Roaming\GlIToApjgGEL.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://r10.o.lencr.org0#
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://kabeercommodities.com
|
unknown
|
||
|
http://mail.kabeercommodities.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
http://crl.micros;
|
unknown
|
||
|
http://r10.i.lencr.org/09
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
kabeercommodities.com
|
45.91.139.1
|
|
|
|
mail.kabeercommodities.com
|
unknown
|
|
|
|
api.ipify.org
|
172.67.74.152
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.91.139.1
|
kabeercommodities.com
|
Lithuania
|
|
|
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\LisectAVT_2403002A_133_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GlIToApjgGEL_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8
|
Blob
|
There are 23 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3181000
|
trusted library allocation
|
page read and write
|
|
|
|
307C000
|
trusted library allocation
|
page read and write
|
|
|
|
31AC000
|
trusted library allocation
|
page read and write
|
|
|
|
3051000
|
trusted library allocation
|
page read and write
|
|
|
|
4000000
|
trusted library allocation
|
page read and write
|
|
|
|
3AE1000
|
trusted library allocation
|
page read and write
|
|
|
|
4921000
|
trusted library allocation
|
page read and write
|
|
|
|
415000
|
remote allocation
|
page execute and read and write
|
|
|
|
3C01000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
heap
|
page execute and read and write
|
||
|
5470000
|
heap
|
page read and write
|
||
|
316F000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
641F000
|
stack
|
page read and write
|
||
|
4C90000
|
heap
|
page read and write
|
||
|
1168000
|
heap
|
page read and write
|
||
|
3B85000
|
trusted library allocation
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
145B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D17000
|
trusted library allocation
|
page read and write
|
||
|
5AFC000
|
stack
|
page read and write
|
||
|
251E000
|
stack
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
1684000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
2DD9000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
heap
|
page read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
50E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
B8FB000
|
stack
|
page read and write
|
||
|
1214000
|
heap
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
6AEF000
|
stack
|
page read and write
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
1666000
|
trusted library allocation
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
AB9F000
|
stack
|
page read and write
|
||
|
2F3C000
|
stack
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
6B5E000
|
stack
|
page read and write
|
||
|
567E000
|
heap
|
page read and write
|
||
|
6DD0000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
5B0F000
|
stack
|
page read and write
|
||
|
3E9E000
|
trusted library allocation
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
4AA000
|
stack
|
page read and write
|
||
|
187C000
|
stack
|
page read and write
|
||
|
37A1000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
2903000
|
trusted library allocation
|
page read and write
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
166D000
|
trusted library allocation
|
page read and write
|
||
|
85A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF7E000
|
stack
|
page read and write
|
||
|
188A000
|
heap
|
page read and write
|
||
|
397E000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
10FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
679F000
|
stack
|
page read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
6E34000
|
trusted library allocation
|
page read and write
|
||
|
4C06000
|
trusted library allocation
|
page read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
672D000
|
stack
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
69EE000
|
stack
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
1122000
|
trusted library allocation
|
page read and write
|
||
|
1112000
|
trusted library allocation
|
page read and write
|
||
|
112B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1887000
|
heap
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
53AB000
|
stack
|
page read and write
|
||
|
6B30000
|
trusted library allocation
|
page read and write
|
||
|
1424000
|
trusted library allocation
|
page read and write
|
||
|
1249000
|
heap
|
page read and write
|
||
|
6DCD000
|
trusted library allocation
|
page read and write
|
||
|
6DC8000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
heap
|
page read and write
|
||
|
16D000
|
stack
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
50FE000
|
stack
|
page read and write
|
||
|
3092000
|
trusted library allocation
|
page read and write
|
||
|
6FFE000
|
stack
|
page read and write
|
||
|
3A81000
|
trusted library allocation
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
6DB8000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
E24000
|
trusted library allocation
|
page read and write
|
||
|
6DB0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
8121000
|
heap
|
page read and write
|
||
|
57C0000
|
heap
|
page read and write
|
||
|
ACD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EDC000
|
stack
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
5AF000
|
unkown
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
6B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
B4FE000
|
stack
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
B19000
|
stack
|
page read and write
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
7010000
|
trusted library section
|
page read and write
|
||
|
3DB3000
|
trusted library allocation
|
page read and write
|
||
|
6AB7000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
heap
|
page execute and read and write
|
||
|
AF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C0D000
|
trusted library allocation
|
page read and write
|
||
|
165E000
|
trusted library allocation
|
page read and write
|
||
|
2E27000
|
trusted library allocation
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
AE2000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
F6E000
|
heap
|
page read and write
|
||
|
304D000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
5622000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
trusted library section
|
page readonly
|
||
|
EA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
27F1000
|
trusted library allocation
|
page read and write
|
||
|
16DD000
|
heap
|
page read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
5BE0000
|
trusted library allocation
|
page read and write
|
||
|
AE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
3AA1000
|
trusted library allocation
|
page read and write
|
||
|
3CC8000
|
trusted library allocation
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
AE30000
|
heap
|
page read and write
|
||
|
B53E000
|
stack
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
B63E000
|
stack
|
page read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
52E000
|
unkown
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
16E1000
|
heap
|
page read and write
|
||
|
66B000
|
heap
|
page read and write
|
||
|
5BFE000
|
stack
|
page read and write
|
||
|
6AFD000
|
stack
|
page read and write
|
||
|
50F4000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
ADD000
|
stack
|
page read and write
|
||
|
B32C000
|
stack
|
page read and write
|
||
|
B6AF000
|
stack
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
563C000
|
stack
|
page read and write
|
||
|
65EE000
|
stack
|
page read and write
|
||
|
7550000
|
heap
|
page read and write
|
||
|
5465000
|
heap
|
page read and write
|
||
|
8503000
|
heap
|
page read and write
|
||
|
F1A000
|
stack
|
page read and write
|
||
|
6E1D000
|
stack
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
31A6000
|
trusted library allocation
|
page read and write
|
||
|
84A2000
|
heap
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
B3FE000
|
stack
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page execute and read and write
|
||
|
4401000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2584000
|
trusted library allocation
|
page read and write
|
||
|
1446000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
B8BE000
|
stack
|
page read and write
|
||
|
4C20000
|
heap
|
page execute and read and write
|
||
|
E33000
|
trusted library allocation
|
page read and write
|
||
|
6B7E000
|
stack
|
page read and write
|
||
|
5631000
|
trusted library allocation
|
page read and write
|
||
|
1634000
|
trusted library allocation
|
page read and write
|
||
|
307A000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
AC4000
|
trusted library allocation
|
page read and write
|
||
|
4DBC000
|
stack
|
page read and write
|
||
|
E92000
|
trusted library allocation
|
page read and write
|
||
|
3167000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
95A000
|
stack
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
B19F000
|
stack
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
57B0000
|
heap
|
page read and write
|
||
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
3036000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
EAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
B7BD000
|
stack
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
4029000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
65AE000
|
stack
|
page read and write
|
||
|
275E000
|
stack
|
page read and write
|
||
|
562A000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
2B3D000
|
trusted library allocation
|
page read and write
|
||
|
1125000
|
trusted library allocation
|
page execute and read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
1648000
|
heap
|
page read and write
|
||
|
80AB000
|
heap
|
page read and write
|
||
|
3A05000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
919000
|
heap
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page execute and read and write
|
||
|
165A000
|
trusted library allocation
|
page read and write
|
||
|
5100000
|
trusted library allocation
|
page read and write
|
||
|
6969000
|
heap
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
5642000
|
trusted library allocation
|
page read and write
|
||
|
59CE000
|
stack
|
page read and write
|
||
|
7F390000
|
trusted library allocation
|
page execute and read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
4BEB000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
trusted library allocation
|
page execute and read and write
|
||
|
7260000
|
heap
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
100B000
|
heap
|
page read and write
|
||
|
92FA000
|
trusted library allocation
|
page read and write
|
||
|
95CE000
|
stack
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
317D000
|
trusted library allocation
|
page read and write
|
||
|
B2C0000
|
heap
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
25A0000
|
trusted library allocation
|
page read and write
|
||
|
51B0000
|
trusted library section
|
page readonly
|
||
|
25B9000
|
heap
|
page read and write
|
||
|
1116000
|
trusted library allocation
|
page execute and read and write
|
||
|
B17E000
|
stack
|
page read and write
|
||
|
164B000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
heap
|
page execute and read and write
|
||
|
BA3D000
|
stack
|
page read and write
|
||
|
5138000
|
trusted library allocation
|
page read and write
|
||
|
1153000
|
heap
|
page read and write
|
||
|
80A0000
|
heap
|
page read and write
|
||
|
2D7F000
|
unkown
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1711000
|
heap
|
page read and write
|
||
|
2560000
|
trusted library allocation
|
page execute and read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
1452000
|
trusted library allocation
|
page read and write
|
||
|
80C4000
|
heap
|
page read and write
|
||
|
5640000
|
heap
|
page execute and read and write
|
||
|
6DD7000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
556E000
|
stack
|
page read and write
|
||
|
6E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
68DF000
|
stack
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
695E000
|
heap
|
page read and write
|
||
|
85E000
|
heap
|
page read and write
|
||
|
2CC1000
|
trusted library allocation
|
page read and write
|
||
|
162E000
|
stack
|
page read and write
|
||
|
255B000
|
stack
|
page read and write
|
||
|
AE1D000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
105C000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page execute and read and write
|
||
|
6F30000
|
trusted library allocation
|
page read and write
|
||
|
67D000
|
heap
|
page read and write
|
||
|
1455000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
E96000
|
trusted library allocation
|
page execute and read and write
|
||
|
565E000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
1423000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FC5000
|
heap
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
27A1000
|
trusted library allocation
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
E8D000
|
stack
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
5616000
|
trusted library allocation
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
6840000
|
heap
|
page read and write
|
||
|
2B36000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
94B000
|
heap
|
page read and write
|
||
|
B56E000
|
stack
|
page read and write
|
||
|
8C8000
|
unkown
|
page readonly
|
||
|
10F4000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
B09E000
|
stack
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
AD3000
|
trusted library allocation
|
page read and write
|
||
|
6E30000
|
trusted library allocation
|
page read and write
|
||
|
562E000
|
trusted library allocation
|
page read and write
|
||
|
6DC0000
|
trusted library allocation
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
8126000
|
heap
|
page read and write
|
||
|
6D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BCD000
|
stack
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
1708000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page execute and read and write
|
||
|
6EDE000
|
stack
|
page read and write
|
||
|
164E000
|
trusted library allocation
|
page read and write
|
||
|
697A000
|
heap
|
page read and write
|
||
|
56AC000
|
stack
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
4131000
|
trusted library allocation
|
page read and write
|
||
|
3078000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
B2BD000
|
stack
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9AAE000
|
stack
|
page read and write
|
||
|
31A8000
|
trusted library allocation
|
page read and write
|
||
|
696E000
|
stack
|
page read and write
|
||
|
10F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
5CFE000
|
stack
|
page read and write
|
||
|
4069000
|
trusted library allocation
|
page read and write
|
||
|
AF2000
|
trusted library allocation
|
page read and write
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
6BBE000
|
stack
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
2D12000
|
trusted library allocation
|
page read and write
|
||
|
27AB000
|
trusted library allocation
|
page read and write
|
||
|
63CB000
|
heap
|
page read and write
|
||
|
2CCB000
|
trusted library allocation
|
page read and write
|
||
|
2760000
|
trusted library allocation
|
page read and write
|
||
|
682E000
|
stack
|
page read and write
|
||
|
6927000
|
heap
|
page read and write
|
||
|
4001000
|
trusted library allocation
|
page read and write
|
||
|
2765000
|
trusted library allocation
|
page read and write
|
||
|
6DE0000
|
trusted library section
|
page read and write
|
||
|
6E20000
|
heap
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
31C2000
|
trusted library allocation
|
page read and write
|
||
|
3084000
|
trusted library allocation
|
page read and write
|
||
|
31AA000
|
trusted library allocation
|
page read and write
|
||
|
6DC3000
|
trusted library allocation
|
page read and write
|
||
|
6FC0000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page execute and read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
6F37000
|
trusted library allocation
|
page read and write
|
||
|
303F000
|
trusted library allocation
|
page read and write
|
||
|
892000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page execute and read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
563D000
|
trusted library allocation
|
page read and write
|
||
|
6C17000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
8220000
|
heap
|
page read and write
|
||
|
1457000
|
trusted library allocation
|
page execute and read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
B07E000
|
stack
|
page read and write
|
||
|
1AA000
|
stack
|
page read and write
|
||
|
111A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6449000
|
heap
|
page read and write
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
B46E000
|
stack
|
page read and write
|
||
|
1676000
|
heap
|
page read and write
|
||
|
3FC1000
|
trusted library allocation
|
page read and write
|
||
|
2DCB000
|
trusted library allocation
|
page read and write
|
||
|
5450000
|
heap
|
page read and write
|
||
|
312F000
|
stack
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
11B6000
|
heap
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
AFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
trusted library allocation
|
page read and write
|
||
|
1189000
|
heap
|
page read and write
|
||
|
B42C000
|
stack
|
page read and write
|
||
|
1236000
|
heap
|
page read and write
|
||
|
B1BD000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
63B0000
|
heap
|
page read and write
|
||
|
1686000
|
trusted library allocation
|
page read and write
|
||
|
AF5D000
|
stack
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
1673000
|
heap
|
page read and write
|
||
|
B05E000
|
stack
|
page read and write
|
||
|
6454000
|
heap
|
page read and write
|
||
|
3076000
|
trusted library allocation
|
page read and write
|
||
|
50F9000
|
trusted library allocation
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
123A000
|
heap
|
page read and write
|
||
|
AEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E25000
|
trusted library allocation
|
page read and write
|
||
|
AC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2B2E000
|
trusted library allocation
|
page read and write
|
||
|
3171000
|
trusted library allocation
|
page read and write
|
||
|
110D000
|
trusted library allocation
|
page execute and read and write
|
||
|
143D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D65000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
2AB5000
|
trusted library allocation
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
313A000
|
heap
|
page read and write
|
||
|
31B4000
|
trusted library allocation
|
page read and write
|
||
|
BDA000
|
stack
|
page read and write
|
||
|
2593000
|
heap
|
page read and write
|
||
|
EA2000
|
trusted library allocation
|
page read and write
|
||
|
4E54000
|
trusted library allocation
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
ACDE000
|
stack
|
page read and write
|
||
|
6F80000
|
trusted library allocation
|
page read and write
|
||
|
1646000
|
trusted library allocation
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
66EE000
|
stack
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
70AE000
|
stack
|
page read and write
|
||
|
97DA000
|
trusted library allocation
|
page read and write
|
||
|
11E6000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page execute and read and write
|
||
|
80B5000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
5BFD000
|
trusted library allocation
|
page read and write
|
||
|
3CC1000
|
trusted library allocation
|
page read and write
|
||
|
2580000
|
trusted library allocation
|
page read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
B80000
|
heap
|
page read and write
|
||
|
6DDE000
|
stack
|
page read and write
|
||
|
1697000
|
heap
|
page read and write
|
||
|
2570000
|
trusted library allocation
|
page read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
4159000
|
trusted library allocation
|
page read and write
|
||
|
4C01000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
AA9F000
|
stack
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page read and write
|
||
|
57B3000
|
heap
|
page read and write
|
||
|
5BE8000
|
trusted library allocation
|
page read and write
|
||
|
5636000
|
trusted library allocation
|
page read and write
|
||
|
6C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
50CD000
|
stack
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page execute and read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
561B000
|
trusted library allocation
|
page read and write
|
||
|
91D000
|
heap
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
1028000
|
heap
|
page read and write
|
||
|
2BB9000
|
heap
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B0C000
|
stack
|
page read and write
|
||
|
2E48000
|
trusted library allocation
|
page read and write
|
||
|
ADD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
AD1D000
|
stack
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
7F7C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
51D3000
|
heap
|
page read and write
|
||
|
102C000
|
heap
|
page read and write
|
||
|
5A7000
|
stack
|
page read and write
|
||
|
37A8000
|
trusted library allocation
|
page read and write
|
||
|
16D4000
|
heap
|
page read and write
|
||
|
AE20000
|
heap
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
2B1B000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
B9FC000
|
stack
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
6A1D000
|
stack
|
page read and write
|
||
|
4BFE000
|
trusted library allocation
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
E9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3893000
|
trusted library allocation
|
page read and write
|
||
|
327D000
|
trusted library allocation
|
page read and write
|
||
|
1652000
|
trusted library allocation
|
page read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
12F8000
|
stack
|
page read and write
|
||
|
684E000
|
heap
|
page read and write
|
||
|
1661000
|
trusted library allocation
|
page read and write
|
||
|
2710000
|
trusted library allocation
|
page execute and read and write
|
||
|
419A000
|
trusted library allocation
|
page read and write
|
||
|
1127000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
5154000
|
trusted library allocation
|
page read and write
|
||
|
6D9F000
|
stack
|
page read and write
|
||
|
FD7000
|
heap
|
page read and write
|
||
|
123F000
|
heap
|
page read and write
|
||
|
105A000
|
heap
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
5140000
|
trusted library allocation
|
page execute and read and write
|
||
|
F94000
|
heap
|
page read and write
|
||
|
921000
|
heap
|
page read and write
|
||
|
144A000
|
trusted library allocation
|
page execute and read and write
|
||
|
ABDE000
|
stack
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
13DC000
|
stack
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB3E000
|
stack
|
page read and write
|
||
|
489C000
|
stack
|
page read and write
|
||
|
62F000
|
stack
|
page read and write
|
||
|
812000
|
unkown
|
page readonly
|
||
|
68F6000
|
heap
|
page read and write
|
||
|
8740000
|
trusted library section
|
page read and write
|
||
|
BCE000
|
unkown
|
page read and write
|
||
|
68E0000
|
heap
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
2586000
|
trusted library allocation
|
page read and write
|
||
|
561E000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
remote allocation
|
page execute and read and write
|
||
|
84A0000
|
heap
|
page read and write
|
||
|
1194000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
FA4000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
There are 590 hidden memdumps, click here to show them.