Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QIKiV83Pkl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\winlogon.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Photo Viewer\en-GB\HuzhgkcqwYiFfxvhdfMUs.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\HuzhgkcqwYiFfxvhdfMUs.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\conhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\TpLSZl35nU.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\jones\HuzhgkcqwYiFfxvhdfMUs.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Downloaded Program Files\HuzhgkcqwYiFfxvhdfMUs.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\brokermonitordhcp\HuzhgkcqwYiFfxvhdfMUs.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\brokermonitordhcp\NKrhHlHeQ28n8tUMpitEGWra.vbe
|
data
|
dropped
|
|
|
|
C:\brokermonitordhcp\portruntime.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\cc11b995f2a76d
|
ASCII text, with very long lines (789), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Photo Viewer\en-GB\be621495aa6c7b
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Default\088424020bedd6
|
ASCII text, with very long lines (736), with no line terminators
|
dropped
|
||
|
C:\Users\Default\be621495aa6c7b
|
ASCII text, with very long lines (679), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\HuzhgkcqwYiFfxvhdfMUs.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\portruntime.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\kxib6YnpdJ
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\jones\be621495aa6c7b
|
ASCII text, with very long lines (517), with no line terminators
|
dropped
|
||
|
C:\Windows\Downloaded Program Files\be621495aa6c7b
|
ASCII text, with very long lines (301), with no line terminators
|
dropped
|
||
|
C:\brokermonitordhcp\2sqRykCed6LZLP.bat
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\brokermonitordhcp\be621495aa6c7b
|
ASCII text, with very long lines (467), with no line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\QIKiV83Pkl.exe
|
"C:\Users\user\Desktop\QIKiV83Pkl.exe"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\brokermonitordhcp\NKrhHlHeQ28n8tUMpitEGWra.vbe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\brokermonitordhcp\portruntime.exe
|
"C:\brokermonitordhcp\portruntime.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhostc" /sc MINUTE /mo 11 /tr "'C:\Users\Default\conhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhost" /sc ONLOGON /tr "'C:\Users\Default\conhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhostc" /sc MINUTE /mo 8 /tr "'C:\Users\Default\conhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 14 /tr "'C:\Program Files\Windows Photo Viewer\en-GB\HuzhgkcqwYiFfxvhdfMUs.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUs" /sc ONLOGON /tr "'C:\Program Files\Windows Photo Viewer\en-GB\HuzhgkcqwYiFfxvhdfMUs.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 14 /tr "'C:\Program Files\Windows Photo Viewer\en-GB\HuzhgkcqwYiFfxvhdfMUs.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 11 /tr "'C:\Users\jones\HuzhgkcqwYiFfxvhdfMUs.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUs" /sc ONLOGON /tr "'C:\Users\jones\HuzhgkcqwYiFfxvhdfMUs.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 10 /tr "'C:\Users\jones\HuzhgkcqwYiFfxvhdfMUs.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 7 /tr "'C:\Users\Default User\HuzhgkcqwYiFfxvhdfMUs.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUs" /sc ONLOGON /tr "'C:\Users\Default User\HuzhgkcqwYiFfxvhdfMUs.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 11 /tr "'C:\Users\Default User\HuzhgkcqwYiFfxvhdfMUs.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Users\Default\HuzhgkcqwYiFfxvhdfMUs.exe
|
"C:\Users\Default User\HuzhgkcqwYiFfxvhdfMUs.exe"
|
|
|
|
C:\Users\Default\HuzhgkcqwYiFfxvhdfMUs.exe
|
"C:\Users\Default User\HuzhgkcqwYiFfxvhdfMUs.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 5 /tr "'C:\brokermonitordhcp\HuzhgkcqwYiFfxvhdfMUs.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUs" /sc ONLOGON /tr "'C:\brokermonitordhcp\HuzhgkcqwYiFfxvhdfMUs.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 9 /tr "'C:\brokermonitordhcp\HuzhgkcqwYiFfxvhdfMUs.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "winlogonw" /sc MINUTE /mo 13 /tr "'C:\Program Files\Adobe\Acrobat DC\Acrobat\winlogon.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "winlogon" /sc ONLOGON /tr "'C:\Program Files\Adobe\Acrobat DC\Acrobat\winlogon.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "winlogonw" /sc MINUTE /mo 7 /tr "'C:\Program Files\Adobe\Acrobat DC\Acrobat\winlogon.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 10 /tr "'C:\Windows\Downloaded Program Files\HuzhgkcqwYiFfxvhdfMUs.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUs" /sc ONLOGON /tr "'C:\Windows\Downloaded Program Files\HuzhgkcqwYiFfxvhdfMUs.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "HuzhgkcqwYiFfxvhdfMUsH" /sc MINUTE /mo 10 /tr "'C:\Windows\Downloaded Program Files\HuzhgkcqwYiFfxvhdfMUs.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\brokermonitordhcp\HuzhgkcqwYiFfxvhdfMUs.exe
|
"C:\brokermonitordhcp\HuzhgkcqwYiFfxvhdfMUs.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\brokermonitordhcp\2sqRykCed6LZLP.bat" "
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C "C:\Users\user\AppData\Local\Temp\TpLSZl35nU.bat"
|
||
|
C:\Windows\System32\w32tm.exe
|
w32tm /stripchart /computer:localhost /period:5 /dataonly /samples:2
|
There are 22 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://pastebin.com/raw/i8wetBiv
|
172.67.19.24
|
|
|
|
https://pastebin.com
|
unknown
|
|
|
|
http://romangw5.beget.tech/
|
unknown
|
||
|
http://romangw5.beget.tech
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://pastebin.com
|
unknown
|
||
|
http://romangw5.beget.tech/L1nc0In.php?70qtQaeMHcDQCRT7QXgceCi=AOtJD6&adfdd2a97725e2297c7729eabf3b0f
|
unknown
|
||
|
http://romangw5.beget.tech/L1nc0In.php?70qtQaeMHcDQCRT7QXgceCi=AOtJD6&adfdd2a97725e2297c7729eabf3b0f6c=2294d62f1ddc0f5e58e782c9a89a4ec0&69876eca3183c1643eda5600faec3e2b=QNzcDO5UjZygDZkRWYiRWMwUTZ1IjNhJDNmFTYjJWZ5MzMwEWO3kjZ&70qtQaeMHcDQCRT7QXgceCi=AOtJD6
|
5.101.153.57
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pastebin.com
|
172.67.19.24
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
romangw5.beget.tech
|
5.101.153.57
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.19.24
|
pastebin.com
|
United States
|
|
|
|
5.101.153.57
|
romangw5.beget.tech
|
Russian Federation
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\882a3231b2715c313dc6a02970062c3459c3fc5f
|
0c1a690641b155cdbd439d60d335962ed336127e
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\HuzhgkcqwYiFfxvhdfMUs_RASMANCS
|
FileDirectory
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
12CDF000
|
trusted library allocation
|
page read and write
|
|
|
|
2861000
|
trusted library allocation
|
page read and write
|
|
|
|
2FEC000
|
trusted library allocation
|
page read and write
|
|
|
|
2AF1000
|
trusted library allocation
|
page read and write
|
|
|
|
356D000
|
trusted library allocation
|
page read and write
|
|
|
|
2CD1000
|
trusted library allocation
|
page read and write
|
|
|
|
3531000
|
trusted library allocation
|
page read and write
|
|
|
|
289C000
|
trusted library allocation
|
page read and write
|
|
|
|
275E000
|
stack
|
page read and write
|
||
|
34B3000
|
heap
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC360000
|
trusted library allocation
|
page read and write
|
||
|
56EF000
|
stack
|
page read and write
|
||
|
7FFAAC660000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC652000
|
trusted library allocation
|
page read and write
|
||
|
3428000
|
heap
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC503000
|
trusted library allocation
|
page read and write
|
||
|
1BF57000
|
heap
|
page read and write
|
||
|
1B65E000
|
stack
|
page read and write
|
||
|
7FFAAC352000
|
trusted library allocation
|
page read and write
|
||
|
1BA4A000
|
stack
|
page read and write
|
||
|
7FFAAC343000
|
trusted library allocation
|
page execute and read and write
|
||
|
16FC000
|
heap
|
page read and write
|
||
|
570000
|
unkown
|
page readonly
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
7FFAAC4FA000
|
trusted library allocation
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
5AE0000
|
heap
|
page read and write
|
||
|
7FFAAC4EE000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC580000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC510000
|
trusted library allocation
|
page read and write
|
||
|
3457000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
1BEF8000
|
heap
|
page read and write
|
||
|
1A890000
|
trusted library allocation
|
page read and write
|
||
|
D4E000
|
heap
|
page read and write
|
||
|
7FFAAC680000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC364000
|
trusted library allocation
|
page read and write
|
||
|
35EF000
|
heap
|
page read and write
|
||
|
1BD1B000
|
heap
|
page read and write
|
||
|
7FFAAC50B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC46F000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
34CF000
|
heap
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
35EE000
|
stack
|
page read and write
|
||
|
7C6000
|
stack
|
page read and write
|
||
|
360F000
|
heap
|
page read and write
|
||
|
3447000
|
heap
|
page read and write
|
||
|
8E7000
|
unkown
|
page readonly
|
||
|
1396A000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC50B000
|
trusted library allocation
|
page read and write
|
||
|
3431000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7FFAAC570000
|
trusted library allocation
|
page read and write
|
||
|
3602000
|
heap
|
page read and write
|
||
|
5ECB000
|
stack
|
page read and write
|
||
|
7FFAAC400000
|
trusted library allocation
|
page execute and read and write
|
||
|
532F000
|
stack
|
page read and write
|
||
|
7FFAAC35C000
|
trusted library allocation
|
page read and write
|
||
|
2DC4000
|
trusted library allocation
|
page read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
7FFAAC503000
|
trusted library allocation
|
page read and write
|
||
|
3601000
|
heap
|
page read and write
|
||
|
CE2092C000
|
stack
|
page read and write
|
||
|
7FFAAC5BB000
|
trusted library allocation
|
page read and write
|
||
|
16F6000
|
heap
|
page read and write
|
||
|
7FFAAC520000
|
trusted library allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
7FFAAC4F6000
|
trusted library allocation
|
page read and write
|
||
|
75DE000
|
stack
|
page read and write
|
||
|
1C28D000
|
stack
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
1364B000
|
trusted library allocation
|
page read and write
|
||
|
1C58E000
|
stack
|
page read and write
|
||
|
1A7F000
|
stack
|
page read and write
|
||
|
1364E000
|
trusted library allocation
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
1BE3E000
|
stack
|
page read and write
|
||
|
13976000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
7FFAAC3F6000
|
trusted library allocation
|
page read and write
|
||
|
3431000
|
heap
|
page read and write
|
||
|
135E6000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4EC000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
2EA2000
|
trusted library allocation
|
page read and write
|
||
|
C04000
|
heap
|
page read and write
|
||
|
7FFAAC406000
|
trusted library allocation
|
page read and write
|
||
|
35F2000
|
heap
|
page read and write
|
||
|
133CA000
|
trusted library allocation
|
page read and write
|
||
|
1C48E000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
B31000
|
heap
|
page read and write
|
||
|
34B1000
|
heap
|
page read and write
|
||
|
1BE9C000
|
heap
|
page read and write
|
||
|
363D000
|
heap
|
page read and write
|
||
|
2E54000
|
trusted library allocation
|
page read and write
|
||
|
1369B000
|
trusted library allocation
|
page read and write
|
||
|
360B000
|
heap
|
page read and write
|
||
|
135FC000
|
trusted library allocation
|
page read and write
|
||
|
34BA000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page read and write
|
||
|
B5F000
|
heap
|
page read and write
|
||
|
3456000
|
heap
|
page read and write
|
||
|
1BE67000
|
heap
|
page read and write
|
||
|
28A4000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
7FFAAC528000
|
trusted library allocation
|
page read and write
|
||
|
13662000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
1BF90000
|
heap
|
page read and write
|
||
|
1353D000
|
trusted library allocation
|
page read and write
|
||
|
29B28F20000
|
heap
|
page read and write
|
||
|
34CF000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
1BC50000
|
heap
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
7FFAAC551000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC670000
|
trusted library allocation
|
page read and write
|
||
|
55AF000
|
stack
|
page read and write
|
||
|
8D1000
|
unkown
|
page read and write
|
||
|
7FFAAC477000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AF1000
|
trusted library allocation
|
page read and write
|
||
|
3446000
|
heap
|
page read and write
|
||
|
7FFAAC670000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC5A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC47D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
342B000
|
heap
|
page read and write
|
||
|
7BC000
|
unkown
|
page readonly
|
||
|
7FFAAC4EA000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page execute and read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
7FFAAC370000
|
trusted library allocation
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
13849000
|
trusted library allocation
|
page read and write
|
||
|
1B9AD000
|
stack
|
page read and write
|
||
|
13541000
|
trusted library allocation
|
page read and write
|
||
|
8B4000
|
unkown
|
page read and write
|
||
|
2EBA000
|
trusted library allocation
|
page read and write
|
||
|
13649000
|
trusted library allocation
|
page read and write
|
||
|
172F000
|
heap
|
page read and write
|
||
|
C0D000
|
heap
|
page read and write
|
||
|
3415000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
34BA000
|
heap
|
page read and write
|
||
|
1CA60000
|
heap
|
page read and write
|
||
|
B68000
|
heap
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
1AB20000
|
trusted library allocation
|
page read and write
|
||
|
34D2000
|
heap
|
page read and write
|
||
|
7FFAAC540000
|
trusted library allocation
|
page read and write
|
||
|
1BD00000
|
heap
|
page read and write
|
||
|
35FB000
|
heap
|
page read and write
|
||
|
1BFA7000
|
heap
|
page read and write
|
||
|
341C000
|
heap
|
page read and write
|
||
|
7FFAAC344000
|
trusted library allocation
|
page read and write
|
||
|
1BD44000
|
heap
|
page read and write
|
||
|
2EC8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC46F000
|
trusted library allocation
|
page execute and read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
7FFAAC5A1000
|
trusted library allocation
|
page read and write
|
||
|
1BEEF000
|
heap
|
page read and write
|
||
|
1BB5E000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
34EE000
|
stack
|
page read and write
|
||
|
30D0000
|
stack
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
1AB0000
|
heap
|
page read and write
|
||
|
10F0000
|
trusted library section
|
page read and write
|
||
|
D4C000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1286D000
|
trusted library allocation
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
7FFAAC350000
|
trusted library allocation
|
page read and write
|
||
|
135E9000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
7FFAAC36D000
|
trusted library allocation
|
page execute and read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
35EF000
|
heap
|
page read and write
|
||
|
7FFAAC436000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD1D000
|
heap
|
page read and write
|
||
|
2DF6000
|
stack
|
page read and write
|
||
|
1BEE0000
|
heap
|
page read and write
|
||
|
35FB000
|
heap
|
page read and write
|
||
|
1110000
|
trusted library section
|
page read and write
|
||
|
7FFAAC36C000
|
trusted library allocation
|
page read and write
|
||
|
29B28F10000
|
heap
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
7FFAAC4E3000
|
trusted library allocation
|
page read and write
|
||
|
1BF8E000
|
stack
|
page read and write
|
||
|
7FFAAC655000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library section
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC640000
|
trusted library allocation
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
572F000
|
heap
|
page read and write
|
||
|
1362B000
|
trusted library allocation
|
page read and write
|
||
|
35E9000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
7FFAAC340000
|
trusted library allocation
|
page read and write
|
||
|
1B740000
|
heap
|
page read and write
|
||
|
7FFAAC4F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC34D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC558000
|
trusted library allocation
|
page read and write
|
||
|
35E4000
|
heap
|
page read and write
|
||
|
8A3000
|
unkown
|
page readonly
|
||
|
570000
|
unkown
|
page readonly
|
||
|
1BF0F000
|
heap
|
page read and write
|
||
|
871000
|
unkown
|
page execute read
|
||
|
1BF0A000
|
heap
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
35FE000
|
heap
|
page read and write
|
||
|
2ECC000
|
trusted library allocation
|
page read and write
|
||
|
13DCA000
|
trusted library allocation
|
page read and write
|
||
|
15451000
|
trusted library allocation
|
page read and write
|
||
|
12AFD000
|
trusted library allocation
|
page read and write
|
||
|
1B81E000
|
stack
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
7FFAAC353000
|
trusted library allocation
|
page read and write
|
||
|
1BC4E000
|
stack
|
page read and write
|
||
|
3427000
|
heap
|
page read and write
|
||
|
1B957000
|
stack
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
35EF000
|
heap
|
page read and write
|
||
|
1B560000
|
trusted library allocation
|
page read and write
|
||
|
1B94F000
|
stack
|
page read and write
|
||
|
135D9000
|
trusted library allocation
|
page read and write
|
||
|
35D1000
|
heap
|
page read and write
|
||
|
12868000
|
trusted library allocation
|
page read and write
|
||
|
514E000
|
stack
|
page read and write
|
||
|
5ADF000
|
stack
|
page read and write
|
||
|
7FFAAC34D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E63000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC55B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC551000
|
trusted library allocation
|
page read and write
|
||
|
1BCDF000
|
heap
|
page read and write
|
||
|
7FFAAC3AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF34000
|
heap
|
page read and write
|
||
|
1B4BF000
|
stack
|
page read and write
|
||
|
7FFAAC4F0000
|
trusted library allocation
|
page read and write
|
||
|
1B71B000
|
stack
|
page read and write
|
||
|
1BA5E000
|
stack
|
page read and write
|
||
|
7FFAAC35C000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC36B000
|
trusted library allocation
|
page execute and read and write
|
||
|
35A0000
|
heap
|
page read and write
|
||
|
7FFAAC680000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1CA5E000
|
stack
|
page read and write
|
||
|
7FFAAC532000
|
trusted library allocation
|
page read and write
|
||
|
1BE73000
|
heap
|
page read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
7FFAAC46A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EC6000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC540000
|
trusted library allocation
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
781F000
|
stack
|
page read and write
|
||
|
7FFAAC471000
|
trusted library allocation
|
page execute and read and write
|
||
|
5351000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
871000
|
unkown
|
page execute read
|
||
|
7FFAAC36D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8AE000
|
unkown
|
page read and write
|
||
|
1356B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC520000
|
trusted library allocation
|
page read and write
|
||
|
1CA92000
|
heap
|
page read and write
|
||
|
7FFAAC503000
|
trusted library allocation
|
page read and write
|
||
|
1B613000
|
stack
|
page read and write
|
||
|
1BC60000
|
heap
|
page read and write
|
||
|
D18000
|
heap
|
page read and write
|
||
|
34B3000
|
heap
|
page read and write
|
||
|
363D000
|
heap
|
page read and write
|
||
|
3604000
|
heap
|
page read and write
|
||
|
5FCD000
|
stack
|
page read and write
|
||
|
34BA000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
CBE000
|
heap
|
page read and write
|
||
|
1CA78000
|
heap
|
page read and write
|
||
|
1CA76000
|
heap
|
page read and write
|
||
|
1545E000
|
trusted library allocation
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
7FFAAC50B000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
B2E000
|
heap
|
page read and write
|
||
|
7FFAAC374000
|
trusted library allocation
|
page read and write
|
||
|
2ED4000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC64F000
|
trusted library allocation
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC39C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB1E870000
|
unkown
|
page read and write
|
||
|
13571000
|
trusted library allocation
|
page read and write
|
||
|
34B3000
|
heap
|
page read and write
|
||
|
572000
|
unkown
|
page readonly
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
1BD36000
|
heap
|
page read and write
|
||
|
2EAB000
|
stack
|
page read and write
|
||
|
1BEB1000
|
heap
|
page read and write
|
||
|
33F8000
|
heap
|
page read and write
|
||
|
7FFAAC46A000
|
trusted library allocation
|
page execute and read and write
|
||
|
572B000
|
heap
|
page read and write
|
||
|
18EF000
|
stack
|
page read and write
|
||
|
2DD2000
|
trusted library allocation
|
page read and write
|
||
|
13533000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
1B91E000
|
stack
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
131E2000
|
trusted library allocation
|
page read and write
|
||
|
34D2000
|
heap
|
page read and write
|
||
|
2D6C000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
2EBC000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC364000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC590000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC57B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3F6000
|
trusted library allocation
|
page read and write
|
||
|
135EF000
|
trusted library allocation
|
page read and write
|
||
|
6DFA000
|
heap
|
page read and write
|
||
|
8AE000
|
unkown
|
page write copy
|
||
|
135C5000
|
trusted library allocation
|
page read and write
|
||
|
1B210000
|
heap
|
page read and write
|
||
|
7FFAAC36D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
2AA0000
|
trusted library section
|
page read and write
|
||
|
1BCB3000
|
heap
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
2D02000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4E0000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
2EB6000
|
trusted library allocation
|
page read and write
|
||
|
1C38E000
|
stack
|
page read and write
|
||
|
3606000
|
heap
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
363D000
|
heap
|
page read and write
|
||
|
2F5F000
|
trusted library allocation
|
page read and write
|
||
|
13609000
|
trusted library allocation
|
page read and write
|
||
|
1BF7C000
|
heap
|
page read and write
|
||
|
5721000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
1BF68000
|
heap
|
page read and write
|
||
|
30C6000
|
stack
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
7FFAAC354000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC353000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B84E000
|
stack
|
page read and write
|
||
|
1B69F000
|
stack
|
page read and write
|
||
|
1C590000
|
heap
|
page read and write
|
||
|
345A000
|
heap
|
page read and write
|
||
|
34BA000
|
heap
|
page read and write
|
||
|
135F9000
|
trusted library allocation
|
page read and write
|
||
|
363D000
|
heap
|
page read and write
|
||
|
2F24000
|
trusted library allocation
|
page read and write
|
||
|
147CA000
|
trusted library allocation
|
page read and write
|
||
|
1362E000
|
trusted library allocation
|
page read and write
|
||
|
2EA3000
|
trusted library allocation
|
page read and write
|
||
|
3446000
|
heap
|
page read and write
|
||
|
5AF0000
|
heap
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
30E7000
|
stack
|
page read and write
|
||
|
2EC2000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
1BD1F000
|
heap
|
page read and write
|
||
|
13578000
|
trusted library allocation
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
29B28F79000
|
heap
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
3627000
|
heap
|
page read and write
|
||
|
1CBAC000
|
stack
|
page read and write
|
||
|
17D7000
|
heap
|
page read and write
|
||
|
35A8000
|
heap
|
page read and write
|
||
|
1144000
|
heap
|
page read and write
|
||
|
135F4000
|
trusted library allocation
|
page read and write
|
||
|
1BE80000
|
heap
|
page execute and read and write
|
||
|
1724000
|
heap
|
page read and write
|
||
|
1BF78000
|
heap
|
page read and write
|
||
|
7FFAAC37D000
|
trusted library allocation
|
page execute and read and write
|
||
|
30F9000
|
stack
|
page read and write
|
||
|
2E82000
|
trusted library allocation
|
page read and write
|
||
|
35E1000
|
heap
|
page read and write
|
||
|
1B550000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
175A000
|
heap
|
page read and write
|
||
|
7FFAAC5A3000
|
trusted library allocation
|
page read and write
|
||
|
1C18E000
|
stack
|
page read and write
|
||
|
29B28F70000
|
heap
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page read and write
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
7FFAAC652000
|
trusted library allocation
|
page read and write
|
||
|
34D2000
|
heap
|
page read and write
|
||
|
35EE000
|
heap
|
page read and write
|
||
|
35F1000
|
heap
|
page read and write
|
||
|
1C283000
|
stack
|
page read and write
|
||
|
7FFAAC4F1000
|
trusted library allocation
|
page read and write
|
||
|
1B51E000
|
stack
|
page read and write
|
||
|
363D000
|
heap
|
page read and write
|
||
|
7FFAAC5BD000
|
trusted library allocation
|
page read and write
|
||
|
34CF000
|
heap
|
page read and write
|
||
|
7FFAAC35D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CC2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5B0000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0000
|
heap
|
page execute and read and write
|
||
|
5D8E000
|
stack
|
page read and write
|
||
|
360F000
|
heap
|
page read and write
|
||
|
7FFAAC5A9000
|
trusted library allocation
|
page read and write
|
||
|
1BF76000
|
heap
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
7FFB1E866000
|
unkown
|
page readonly
|
||
|
363D000
|
heap
|
page read and write
|
||
|
7FFB1E872000
|
unkown
|
page readonly
|
||
|
6DA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
F55000
|
heap
|
page read and write
|
||
|
338A000
|
heap
|
page read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
7FFAAC4F6000
|
trusted library allocation
|
page read and write
|
||
|
35EE000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
7FFAAC342000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
1BCF3000
|
heap
|
page read and write
|
||
|
35F9000
|
heap
|
page read and write
|
||
|
34B1000
|
heap
|
page read and write
|
||
|
536A000
|
trusted library allocation
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
35FF000
|
heap
|
page read and write
|
||
|
6DA9000
|
heap
|
page read and write
|
||
|
300A000
|
trusted library allocation
|
page read and write
|
||
|
35C8000
|
heap
|
page read and write
|
||
|
5725000
|
heap
|
page read and write
|
||
|
7FFAAC357000
|
trusted library allocation
|
page read and write
|
||
|
14F6000
|
stack
|
page read and write
|
||
|
2EBE000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
1357E000
|
trusted library allocation
|
page read and write
|
||
|
135C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC460000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF62000
|
heap
|
page read and write
|
||
|
1BE50000
|
heap
|
page read and write
|
||
|
28AB000
|
trusted library allocation
|
page read and write
|
||
|
34BA000
|
heap
|
page read and write
|
||
|
3419000
|
heap
|
page read and write
|
||
|
1BF4E000
|
heap
|
page read and write
|
||
|
7FFAAC628000
|
trusted library allocation
|
page read and write
|
||
|
8D3000
|
unkown
|
page readonly
|
||
|
1B31E000
|
stack
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
7FFAAC5CD000
|
trusted library allocation
|
page read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
7FFAAC3F6000
|
trusted library allocation
|
page read and write
|
||
|
1C08E000
|
stack
|
page read and write
|
||
|
7FFAAC4FC000
|
trusted library allocation
|
page read and write
|
||
|
34B3000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page readonly
|
||
|
13719000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC35D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B920000
|
heap
|
page read and write
|
||
|
136C5000
|
trusted library allocation
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
34D2000
|
heap
|
page read and write
|
||
|
7FFAAC4EA000
|
trusted library allocation
|
page read and write
|
||
|
2A4F000
|
stack
|
page read and write
|
||
|
7FFAAC574000
|
trusted library allocation
|
page read and write
|
||
|
1BC92000
|
heap
|
page read and write
|
||
|
5E8F000
|
stack
|
page read and write
|
||
|
1BC64000
|
heap
|
page read and write
|
||
|
7FFB1E850000
|
unkown
|
page readonly
|
||
|
12E09000
|
trusted library allocation
|
page read and write
|
||
|
35E4000
|
heap
|
page read and write
|
||
|
7FFAAC4E0000
|
trusted library allocation
|
page read and write
|
||
|
1366F000
|
trusted library allocation
|
page read and write
|
||
|
3601000
|
heap
|
page read and write
|
||
|
7FFAAC590000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC55000
|
heap
|
page read and write
|
||
|
12CDD000
|
trusted library allocation
|
page read and write
|
||
|
1365B000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
trusted library section
|
page read and write
|
||
|
1C08E000
|
stack
|
page read and write
|
||
|
30BC000
|
stack
|
page read and write
|
||
|
1732000
|
heap
|
page read and write
|
||
|
13671000
|
trusted library allocation
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
7FFAAC510000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC580000
|
trusted library allocation
|
page read and write
|
||
|
2E38000
|
trusted library allocation
|
page read and write
|
||
|
CE209AF000
|
stack
|
page read and write
|
||
|
7FFAAC630000
|
trusted library allocation
|
page read and write
|
||
|
34CF000
|
heap
|
page read and write
|
||
|
35F5000
|
heap
|
page read and write
|
||
|
347F000
|
heap
|
page read and write
|
||
|
76DE000
|
stack
|
page read and write
|
||
|
136A1000
|
trusted library allocation
|
page read and write
|
||
|
13650000
|
trusted library allocation
|
page read and write
|
||
|
B5D000
|
heap
|
page read and write
|
||
|
35E4000
|
heap
|
page read and write
|
||
|
360A000
|
heap
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
7FFB1E875000
|
unkown
|
page readonly
|
||
|
1BFCE000
|
heap
|
page read and write
|
||
|
12C85000
|
trusted library allocation
|
page read and write
|
||
|
35E4000
|
heap
|
page read and write
|
||
|
7FFAAC346000
|
trusted library allocation
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
2EB2000
|
trusted library allocation
|
page read and write
|
||
|
8E7000
|
unkown
|
page readonly
|
||
|
363D000
|
heap
|
page read and write
|
||
|
7FFAAC555000
|
trusted library allocation
|
page read and write
|
||
|
34B1000
|
heap
|
page read and write
|
||
|
3446000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page execute and read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
136DF000
|
trusted library allocation
|
page read and write
|
||
|
30D6000
|
stack
|
page read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC507000
|
trusted library allocation
|
page read and write
|
||
|
B24000
|
heap
|
page read and write
|
||
|
14FA6000
|
trusted library allocation
|
page read and write
|
||
|
3606000
|
heap
|
page read and write
|
||
|
7FFAAC35D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC577000
|
trusted library allocation
|
page read and write
|
||
|
1BE4D000
|
stack
|
page read and write
|
||
|
35FF000
|
heap
|
page read and write
|
||
|
335E000
|
stack
|
page read and write
|
||
|
7FFAAC460000
|
trusted library allocation
|
page execute and read and write
|
||
|
3432000
|
heap
|
page read and write
|
||
|
7FFAAC4E3000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
2ECA000
|
trusted library allocation
|
page read and write
|
||
|
13665000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC52E000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC53D000
|
trusted library allocation
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
1CAAE000
|
stack
|
page read and write
|
||
|
35E0000
|
heap
|
page read and write
|
||
|
7FFAAC6A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
1BEB5000
|
heap
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
1AB5000
|
heap
|
page read and write
|
||
|
D36000
|
heap
|
page read and write
|
||
|
2DB6000
|
trusted library allocation
|
page read and write
|
||
|
1BD14000
|
heap
|
page read and write
|
||
|
7FFAAC426000
|
trusted library allocation
|
page execute and read and write
|
||
|
12861000
|
trusted library allocation
|
page read and write
|
||
|
1366D000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC34D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC344000
|
trusted library allocation
|
page read and write
|
||
|
35E5000
|
heap
|
page read and write
|
||
|
2EB4000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC39C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF3F000
|
heap
|
page read and write
|
||
|
2EC3000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC40C000
|
trusted library allocation
|
page execute and read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
2E16000
|
trusted library allocation
|
page read and write
|
||
|
1975000
|
heap
|
page read and write
|
||
|
7FFAAC477000
|
trusted library allocation
|
page execute and read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
7FFAAC353000
|
trusted library allocation
|
page read and write
|
||
|
C23000
|
heap
|
page read and write
|
||
|
7FFAAC4EC000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4EE000
|
trusted library allocation
|
page read and write
|
||
|
5224000
|
heap
|
page read and write
|
||
|
12871000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC513000
|
trusted library allocation
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
1B41E000
|
stack
|
page read and write
|
||
|
7FFAAC426000
|
trusted library allocation
|
page execute and read and write
|
||
|
3520000
|
heap
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
35C8000
|
heap
|
page read and write
|
||
|
34D2000
|
heap
|
page read and write
|
||
|
12863000
|
trusted library allocation
|
page read and write
|
||
|
2D36000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E870000
|
unkown
|
page read and write
|
||
|
7FFAAC364000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
1C95D000
|
stack
|
page read and write
|
||
|
1358D000
|
trusted library allocation
|
page read and write
|
||
|
8D2000
|
unkown
|
page readonly
|
||
|
13531000
|
trusted library allocation
|
page read and write
|
||
|
C4B000
|
heap
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page read and write
|
||
|
29B29334000
|
heap
|
page read and write
|
||
|
2EB8000
|
trusted library allocation
|
page read and write
|
||
|
12CD8000
|
trusted library allocation
|
page read and write
|
||
|
35EC000
|
heap
|
page read and write
|
||
|
35E8000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
7FFAAC367000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC35D000
|
trusted library allocation
|
page execute and read and write
|
||
|
795C000
|
stack
|
page read and write
|
||
|
7FFAAC471000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ADED000
|
stack
|
page read and write
|
||
|
CE20C7F000
|
stack
|
page read and write
|
||
|
7FFAAC340000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC521000
|
trusted library allocation
|
page read and write
|
||
|
35D2000
|
heap
|
page read and write
|
||
|
7FFAAC4F0000
|
trusted library allocation
|
page read and write
|
||
|
35F8000
|
heap
|
page read and write
|
||
|
29B28F40000
|
heap
|
page read and write
|
||
|
2FAB000
|
stack
|
page read and write
|
||
|
7FFAAC426000
|
trusted library allocation
|
page execute and read and write
|
||
|
3606000
|
heap
|
page read and write
|
||
|
7FFAAC460000
|
trusted library allocation
|
page execute and read and write
|
||
|
10AF000
|
stack
|
page read and write
|
||
|
2FB6000
|
trusted library allocation
|
page read and write
|
||
|
8D2000
|
unkown
|
page write copy
|
||
|
1BC5D000
|
stack
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
7FFAAC357000
|
trusted library allocation
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
785B000
|
stack
|
page read and write
|
||
|
7FFAAC357000
|
trusted library allocation
|
page read and write
|
||
|
1369E000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC353000
|
trusted library allocation
|
page read and write
|
||
|
1358B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC52A000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
7FFAAC3F0000
|
trusted library allocation
|
page read and write
|
||
|
2CF4000
|
trusted library allocation
|
page read and write
|
||
|
12C7A000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC510000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
1BE99000
|
heap
|
page read and write
|
||
|
7FF4EF5C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page execute and read and write
|
||
|
1BFBF000
|
heap
|
page read and write
|
||
|
1BDB0000
|
heap
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
1BCB7000
|
heap
|
page read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
2A90000
|
trusted library section
|
page read and write
|
||
|
1B25C000
|
stack
|
page read and write
|
||
|
12AFF000
|
trusted library allocation
|
page read and write
|
||
|
129F5000
|
trusted library allocation
|
page read and write
|
||
|
3607000
|
heap
|
page read and write
|
||
|
30E9000
|
stack
|
page read and write
|
||
|
1BEBD000
|
heap
|
page read and write
|
||
|
34CF000
|
heap
|
page read and write
|
||
|
1BC9D000
|
heap
|
page read and write
|
||
|
1B853000
|
stack
|
page read and write
|
||
|
29B29330000
|
heap
|
page read and write
|
||
|
1BEF4000
|
heap
|
page read and write
|
||
|
35E6000
|
heap
|
page read and write
|
||
|
12CD1000
|
trusted library allocation
|
page read and write
|
||
|
8A3000
|
unkown
|
page readonly
|
||
|
135F1000
|
trusted library allocation
|
page read and write
|
||
|
2E24000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
7FFAAC660000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
1BE5E000
|
heap
|
page read and write
|
||
|
1C9AD000
|
stack
|
page read and write
|
||
|
2830000
|
heap
|
page execute and read and write
|
||
|
7FFAAC690000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC343000
|
trusted library allocation
|
page execute and read and write
|
||
|
362B000
|
heap
|
page read and write
|
||
|
7FFAAC470000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC560000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
3609000
|
heap
|
page read and write
|
||
|
7FFAAC36B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
2EC4000
|
trusted library allocation
|
page read and write
|
||
|
C4D000
|
heap
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
13645000
|
trusted library allocation
|
page read and write
|
||
|
13625000
|
trusted library allocation
|
page read and write
|
||
|
D2F000
|
stack
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
7B8000
|
unkown
|
page readonly
|
||
|
13538000
|
trusted library allocation
|
page read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4EC000
|
trusted library allocation
|
page read and write
|
||
|
1BB43000
|
stack
|
page read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
1BCC9000
|
heap
|
page read and write
|
||
|
1C2DE000
|
stack
|
page read and write
|
||
|
3605000
|
heap
|
page read and write
|
||
|
E03000
|
heap
|
page read and write
|
||
|
7FFAAC521000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
7FFAAC400000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ECE000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC39C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC560000
|
trusted library allocation
|
page read and write
|
||
|
1B75E000
|
stack
|
page read and write
|
||
|
2E7E000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC363000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC572000
|
trusted library allocation
|
page read and write
|
||
|
E6F000
|
stack
|
page read and write
|
||
|
7FFAAC360000
|
trusted library allocation
|
page read and write
|
||
|
135DE000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4F3000
|
trusted library allocation
|
page read and write
|
||
|
30F1000
|
stack
|
page read and write
|
||
|
35E5000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
29B28F86000
|
heap
|
page read and write
|
||
|
1BD4E000
|
heap
|
page read and write
|
||
|
1C18E000
|
stack
|
page read and write
|
||
|
35EF000
|
heap
|
page read and write
|
||
|
7FFAAC35C000
|
trusted library allocation
|
page read and write
|
||
|
2E5D000
|
trusted library allocation
|
page read and write
|
||
|
34B3000
|
heap
|
page read and write
|
||
|
7FFAAC628000
|
trusted library allocation
|
page read and write
|
||
|
B63000
|
heap
|
page read and write
|
||
|
BA1000
|
heap
|
page read and write
|
||
|
7FFAAC53D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E851000
|
unkown
|
page execute read
|
||
|
7FFAAC343000
|
trusted library allocation
|
page execute and read and write
|
||
|
136A5000
|
trusted library allocation
|
page read and write
|
||
|
1B07D000
|
stack
|
page read and write
|
||
|
1AD00000
|
trusted library allocation
|
page read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
2D54000
|
trusted library allocation
|
page read and write
|
||
|
30E3000
|
stack
|
page read and write
|
||
|
2D5D000
|
trusted library allocation
|
page read and write
|
||
|
3295000
|
heap
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
35E9000
|
heap
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
7FFAAC53F000
|
trusted library allocation
|
page read and write
|
||
|
1BCB7000
|
heap
|
page read and write
|
||
|
13585000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
heap
|
page execute and read and write
|
||
|
399E000
|
stack
|
page read and write
|
||
|
13675000
|
trusted library allocation
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
2E93000
|
trusted library allocation
|
page read and write
|
There are 751 hidden memdumps, click here to show them.