Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
invoice.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\HostData\logs.uce
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\RarSFX0\4usfliof.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\RarSFX0\yee9mbi69cm7.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_4usfliof.exe_12acea454c1da7fbcd72805cea394fe399172680_387adc58_f6ecaf97-1fdd-4c93-8466-2db9d9ef8072\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_yee9mbi69cm7.exe_48ca6ddca1152b88938c7c937c222df383051a_b588fa24_b755bcbb-81db-4dc2-9706-9ef5b4df1c83\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5D22.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Sep 4 23:45:33 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5DA0.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5DC1.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6689.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Sep 4 23:45:36 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6774.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6794.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RarSFX0\Setup.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4bihor1c.sep.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_l3himyz5.oau.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mweknpym.tig.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_svdgjqld.40r.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\logs.uce
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\logs.uce
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
\Device\ConDrv
|
ASCII text, with no line terminators
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\invoice.exe
|
"C:\Users\user\Desktop\invoice.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\RarSFX0\Setup.bat" "
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c dir /b "*.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\RarSFX0\4usfliof.exe
|
"4usfliof.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\RarSFX0\yee9mbi69cm7.exe
|
"yee9mbi69cm7.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"cmd.exe" /C powershell -EncodedCommand "PAAjADUASwBtAHMAOAAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAHcASAAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABAACgAJABlAG4AdgA6AFUAcwBlAHIAUAByAG8AZgBpAGwAZQAsACQAZQBuAHYAOgBTAHkAcwB0AGUAbQBEAHIAaQB2AGUAKQAgADwAIwBjAGwASgBhADgAYwBqADkAWgAjAD4AIAAtAEYAbwByAGMAZQAgADwAIwB0AFcAQwAjAD4A"
& powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg
/x -standby-timeout-dc 0 & powercfg /hibernate off
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -EncodedCommand "PAAjADUASwBtAHMAOAAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAHcASAAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABAACgAJABlAG4AdgA6AFUAcwBlAHIAUAByAG8AZgBpAGwAZQAsACQAZQBuAHYAOgBTAHkAcwB0AGUAbQBEAHIAaQB2AGUAKQAgADwAIwBjAGwASgBhADgAYwBqADkAWgAjAD4AIAAtAEYAbwByAGMAZQAgADwAIwB0AFcAQwAjAD4A"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"cmd.exe" /c SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "dllhost" /TR "C:\ProgramData\Dllhost\dllhost.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"cmd.exe" /c SCHTASKS /CREATE /SC HOURLY /TN "NvStray\NvStrayService_bk9049" /TR "C:\ProgramData\Dllhost\dllhost.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "dllhost" /TR "C:\ProgramData\Dllhost\dllhost.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
SCHTASKS /CREATE /SC HOURLY /TN "NvStray\NvStrayService_bk9049" /TR "C:\ProgramData\Dllhost\dllhost.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4520 -s 288
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5744 -s 224
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 13 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://gcc.gnu.org/bugs/):
|
unknown
|
||
|
https://github.com/solutions/industries/financial-services
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser
|
unknown
|
||
|
https://github.githubassets.com/assets/github-mark-57519b92ca4e.png
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_mo
|
unknown
|
||
|
https://github.com/S1lentHash/xmrig/raw/main/xmrig.exe
|
140.82.121.3
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
https://github.com/solutions/devsecops
|
unknown
|
||
|
https://github.githubassets.com/assets/light_colorblind-71cd4cc132ec.css
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
https://github.com/features/code-review
|
unknown
|
||
|
https://github.com/features
|
unknown
|
||
|
https://user-images.githubusercontent.com/
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_
|
unknown
|
||
|
https://github.com/solutions/industries/manufacturing
|
unknown
|
||
|
http://tempuri.org/Entity/Id13LR
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-po
|
unknown
|
||
|
https://api.github.com/_private/browser/stats
|
unknown
|
||
|
https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id5LR
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://github.com/S1lentHash/newwatch/raw/main/NewNewWatch.exe
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-89a69c248502.js
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://docs.github.com/get-started/accessibility/keyboard-shortcuts
|
unknown
|
||
|
https://github.githubassets.com/assets/element-registry-d1e61f0bd7b5.js
|
unknown
|
||
|
https://github.githubassets.com/assets/global-9e6d890d55ca.css
|
unknown
|
||
|
https://github.com/features/packages
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
https://github.githubassets.com/assets/site-6a145c5564e7.css
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modu
|
unknown
|
||
|
http://tempuri.org/Entity/Id14LR
|
unknown
|
||
|
http://tempuri.org/Entity/Id6LR
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
https://github.com/trending
|
unknown
|
||
|
https://github.com/S1lentHash/file_to_dwnld/raw/main/WinRing0x64.sys"
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://pastebin.com
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
https://api.github.com/_private/browser/errors
|
unknown
|
||
|
https://github.githubassets.com/assets/light-3e154969b9f9.css
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id22LR
|
unknown
|
||
|
https://github.com/features/discussions
|
unknown
|
||
|
https://partner.github.com
|
unknown
|
||
|
https://github.githubassets.com/favicons/favicon.png
|
unknown
|
||
|
https://github.githubassets.com/assets/github-elements-508a45ca23c6.js
|
unknown
|
||
|
https://github.com/S1lentHash/file_to_dwnld/raw/main/WinRing0x64.sysChttps://pastebin.com/raw/PTNbBX
|
unknown
|
||
|
http://tempuri.org/Entity/Id19LR
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-
|
unknown
|
||
|
http://tempuri.org/Entity/Id7LR
|
unknown
|
||
|
http://tempuri.org/Entity/Id11LR
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse
|
unknown
|
||
|
https://github.com/features/copilot
|
unknown
|
||
|
http://tempuri.org/Entity/Id13Response
|
unknown
|
||
|
https://github.githubassets.com/assets/light_tritanopia-31d17ba3e139.css
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty
|
unknown
|
||
|
https://github.comD
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-nod
|
unknown
|
||
|
https://github.githubassets.com/favicons/favicon.svg
|
unknown
|
||
|
https://github.githubassets.com/assets/ui_packages_onfocus_onfocus_ts-ui_packages_trusted-types-poli
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/SequenceAcknowledgement
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
|
unknown
|
||
|
https://github.githubassets.com/assets/github-e4eed26e112b.css
|
unknown
|
||
|
http://tempuri.org/Entity/Id22Response
|
unknown
|
||
|
https://github.com/features/codespaces
|
unknown
|
||
|
http://github.comd
|
unknown
|
||
|
https://github.githubassets.com/assets/environment-924e60bca7d2.js
|
unknown
|
||
|
https://github.githubassets.com
|
unknown
|
||
|
http://tempuri.org/Entity/Id8LR
|
unknown
|
||
|
https://github.com/collections
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_
|
unknown
|
||
|
http://tempuri.org/Entity/Id18Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id12LR
|
unknown
|
||
|
http://tempuri.org/X
|
unknown
|
||
|
http://tempuri.org/Entity/Id3Response
|
unknown
|
||
|
https://github.githubassets.com/assets/primer-ff8ec1db4f06.css
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_github_hotkey_dist_index_js-node_modules
|
unknown
|
||
|
https://resources.github.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequence
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/actor/next
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_j
|
unknown
|
||
|
http://tempuri.org/Entity/Id20LR
|
unknown
|
||
|
https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-85
|
unknown
|
||
|
https://github.com/customer-stories
|
unknown
|
||
|
https://github.com/readme
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pastebin.com
|
172.67.19.24
|
|
|
|
github.com
|
140.82.121.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.19.24
|
pastebin.com
|
United States
|
|
|
|
135.181.7.171
|
unknown
|
Germany
|
|
|
|
140.82.121.3
|
github.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
ProgramId
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
FileId
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
LongPathHash
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
Name
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
OriginalFileName
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
Publisher
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
Version
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
BinFileVersion
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
BinaryType
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
ProductName
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
ProductVersion
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
LinkDate
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
BinProductVersion
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
Size
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
Language
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\4usfliof.exe|8361cff150545a71
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
ProgramId
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
FileId
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
LongPathHash
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
Name
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
OriginalFileName
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
Publisher
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
Version
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
BinFileVersion
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
BinaryType
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
ProductName
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
ProductVersion
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
LinkDate
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
BinProductVersion
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
Size
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
Language
|
||
|
\REGISTRY\A\{cede9d6f-090f-dbd1-5b55-874e0860469f}\Root\InventoryApplicationFile\yee9mbi69cm7.exe|a55c3dd105b84719
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AppLaunch_RASMANCS
|
FileDirectory
|
There are 45 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1377000
|
stack
|
page read and write
|
|
|
|
1272000
|
direct allocation
|
page execute and read and write
|
|
|
|
9BD000
|
unkown
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute read
|
|
|
|
2401000
|
trusted library allocation
|
page read and write
|
|
|
|
6971000
|
trusted library allocation
|
page read and write
|
|
|
|
6841000
|
trusted library allocation
|
page read and write
|
|
|
|
5A2000
|
remote allocation
|
page execute read
|
|
|
|
2F2E000
|
stack
|
page read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
2B55000
|
heap
|
page read and write
|
||
|
991000
|
unkown
|
page execute read
|
||
|
30B2000
|
heap
|
page read and write
|
||
|
9F0000
|
trusted library allocation
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
710D000
|
stack
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
4D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
4ED1000
|
heap
|
page read and write
|
||
|
32FD000
|
stack
|
page read and write
|
||
|
8E40000
|
heap
|
page read and write
|
||
|
4920000
|
trusted library allocation
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
5E69000
|
trusted library allocation
|
page read and write
|
||
|
8350000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
14A8000
|
heap
|
page read and write
|
||
|
4EDA000
|
heap
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
8524000
|
heap
|
page read and write
|
||
|
78D000
|
unkown
|
page read and write
|
||
|
4D70000
|
heap
|
page readonly
|
||
|
4A11000
|
trusted library allocation
|
page read and write
|
||
|
2A2B000
|
heap
|
page read and write
|
||
|
A0A000
|
unkown
|
page readonly
|
||
|
2FCD000
|
stack
|
page read and write
|
||
|
4E30000
|
heap
|
page execute and read and write
|
||
|
5032000
|
heap
|
page read and write
|
||
|
6969000
|
trusted library allocation
|
page read and write
|
||
|
49E0000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
4ABC000
|
heap
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
8D70000
|
trusted library allocation
|
page read and write
|
||
|
7F830000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AD6000
|
heap
|
page read and write
|
||
|
263000
|
unkown
|
page readonly
|
||
|
200000
|
unkown
|
page readonly
|
||
|
783000
|
trusted library allocation
|
page execute and read and write
|
||
|
9BAE000
|
stack
|
page read and write
|
||
|
75A7000
|
heap
|
page read and write
|
||
|
9730000
|
heap
|
page read and write
|
||
|
B41000
|
trusted library allocation
|
page read and write
|
||
|
8750000
|
trusted library allocation
|
page read and write
|
||
|
97F6000
|
heap
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D32000
|
trusted library allocation
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
84A0000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
699A000
|
trusted library allocation
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
8514000
|
heap
|
page read and write
|
||
|
2A27000
|
heap
|
page read and write
|
||
|
2F99000
|
direct allocation
|
page execute and read and write
|
||
|
70CF000
|
stack
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
838B000
|
trusted library allocation
|
page read and write
|
||
|
7970000
|
trusted library allocation
|
page read and write
|
||
|
494E000
|
stack
|
page read and write
|
||
|
8730000
|
trusted library allocation
|
page execute and read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
89BE000
|
stack
|
page read and write
|
||
|
233000
|
unkown
|
page readonly
|
||
|
730000
|
heap
|
page read and write
|
||
|
9E3000
|
unkown
|
page read and write
|
||
|
28BD000
|
stack
|
page read and write
|
||
|
7869000
|
trusted library allocation
|
page read and write
|
||
|
4930000
|
heap
|
page read and write
|
||
|
262000
|
unkown
|
page read and write
|
||
|
4839000
|
stack
|
page read and write
|
||
|
CCC0000
|
heap
|
page read and write
|
||
|
4D4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8510000
|
heap
|
page read and write
|
||
|
89DE000
|
stack
|
page read and write
|
||
|
4D2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
305D000
|
heap
|
page read and write
|
||
|
8760000
|
trusted library allocation
|
page read and write
|
||
|
7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
89D000
|
heap
|
page read and write
|
||
|
7940000
|
trusted library allocation
|
page read and write
|
||
|
A4AE000
|
stack
|
page read and write
|
||
|
8D46000
|
trusted library allocation
|
page read and write
|
||
|
720E000
|
stack
|
page read and write
|
||
|
4AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8440000
|
heap
|
page read and write
|
||
|
8940000
|
trusted library allocation
|
page read and write
|
||
|
85D9000
|
heap
|
page read and write
|
||
|
263000
|
unkown
|
page write copy
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
892C000
|
stack
|
page read and write
|
||
|
7696000
|
heap
|
page read and write
|
||
|
846A000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page readonly
|
||
|
4A70000
|
trusted library allocation
|
page read and write
|
||
|
4B20000
|
trusted library allocation
|
page read and write
|
||
|
79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F63000
|
heap
|
page read and write
|
||
|
4AB3000
|
heap
|
page read and write
|
||
|
4B04000
|
heap
|
page read and write
|
||
|
68A2000
|
trusted library allocation
|
page read and write
|
||
|
78AD000
|
stack
|
page read and write
|
||
|
8BAE000
|
stack
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
2D4E000
|
unkown
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
9D38000
|
heap
|
page read and write
|
||
|
8DE0000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
49A0000
|
heap
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
7532000
|
heap
|
page read and write
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
4B30000
|
trusted library allocation
|
page read and write
|
||
|
838D000
|
trusted library allocation
|
page read and write
|
||
|
2AC9000
|
heap
|
page read and write
|
||
|
761000
|
unkown
|
page execute read
|
||
|
78AA000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
unkown
|
page readonly
|
||
|
6590000
|
trusted library allocation
|
page read and write
|
||
|
8740000
|
trusted library allocation
|
page read and write
|
||
|
6FAD000
|
stack
|
page read and write
|
||
|
28DA000
|
stack
|
page read and write
|
||
|
2A5B000
|
heap
|
page read and write
|
||
|
4AAE000
|
stack
|
page read and write
|
||
|
AB2C000
|
stack
|
page read and write
|
||
|
4CB000
|
remote allocation
|
page execute and read and write
|
||
|
5575000
|
trusted library allocation
|
page read and write
|
||
|
8E43000
|
heap
|
page read and write
|
||
|
2AD2000
|
heap
|
page read and write
|
||
|
5579000
|
trusted library allocation
|
page read and write
|
||
|
9EAD000
|
stack
|
page read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
8D52000
|
trusted library allocation
|
page read and write
|
||
|
76B8000
|
heap
|
page read and write
|
||
|
2E27000
|
heap
|
page read and write
|
||
|
84C0000
|
trusted library allocation
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
78D000
|
unkown
|
page write copy
|
||
|
9D10000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
8D75000
|
trusted library allocation
|
page read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
856E000
|
heap
|
page read and write
|
||
|
8970000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
2A1D000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
8D68000
|
trusted library allocation
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
4CC000
|
remote allocation
|
page read and write
|
||
|
991000
|
unkown
|
page execute read
|
||
|
4D14000
|
trusted library allocation
|
page read and write
|
||
|
128F000
|
direct allocation
|
page execute and read and write
|
||
|
724E000
|
stack
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
497E000
|
stack
|
page read and write
|
||
|
A72E000
|
stack
|
page read and write
|
||
|
5FE6000
|
trusted library allocation
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AD6000
|
heap
|
page read and write
|
||
|
25F6000
|
stack
|
page read and write
|
||
|
378F000
|
stack
|
page read and write
|
||
|
558A000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
9D55000
|
heap
|
page read and write
|
||
|
6A32000
|
trusted library allocation
|
page read and write
|
||
|
368E000
|
stack
|
page read and write
|
||
|
6948000
|
trusted library allocation
|
page read and write
|
||
|
127C000
|
stack
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
85E000
|
unkown
|
page read and write
|
||
|
76B1000
|
heap
|
page read and write
|
||
|
401000
|
remote allocation
|
page execute read
|
||
|
4A20000
|
trusted library allocation
|
page read and write
|
||
|
30B9000
|
heap
|
page read and write
|
||
|
7620000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
694C000
|
trusted library allocation
|
page read and write
|
||
|
25AA000
|
trusted library allocation
|
page read and write
|
||
|
264000
|
unkown
|
page readonly
|
||
|
6730000
|
heap
|
page execute and read and write
|
||
|
A6EF000
|
stack
|
page read and write
|
||
|
22DA0000
|
heap
|
page read and write
|
||
|
5032000
|
heap
|
page read and write
|
||
|
200000
|
unkown
|
page readonly
|
||
|
698C000
|
trusted library allocation
|
page read and write
|
||
|
4AC0000
|
trusted library allocation
|
page read and write
|
||
|
567000
|
stack
|
page read and write
|
||
|
A52E000
|
stack
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
7FC10000
|
trusted library allocation
|
page execute and read and write
|
||
|
23E000
|
unkown
|
page write copy
|
||
|
344E000
|
unkown
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
5FE9000
|
trusted library allocation
|
page read and write
|
||
|
4F32000
|
heap
|
page read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
8D26000
|
trusted library allocation
|
page read and write
|
||
|
A22E000
|
stack
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
A12D000
|
stack
|
page read and write
|
||
|
6E7D000
|
stack
|
page read and write
|
||
|
562A000
|
trusted library allocation
|
page read and write
|
||
|
8FD0000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
761000
|
unkown
|
page execute read
|
||
|
990000
|
unkown
|
page readonly
|
||
|
2A1D000
|
heap
|
page read and write
|
||
|
9AAE000
|
stack
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
76A3000
|
heap
|
page read and write
|
||
|
575E000
|
trusted library allocation
|
page read and write
|
||
|
4A38000
|
heap
|
page read and write
|
||
|
4B2A000
|
heap
|
page read and write
|
||
|
4A2E000
|
stack
|
page read and write
|
||
|
49BF000
|
stack
|
page read and write
|
||
|
683F000
|
stack
|
page read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
8528000
|
heap
|
page read and write
|
||
|
7841000
|
trusted library allocation
|
page read and write
|
||
|
7AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
159F000
|
stack
|
page read and write
|
||
|
7DFC000
|
heap
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
201000
|
unkown
|
page execute read
|
||
|
12CD000
|
stack
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
8D60000
|
trusted library allocation
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
843E000
|
stack
|
page read and write
|
||
|
7B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
28F1000
|
stack
|
page read and write
|
||
|
2508000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
8943000
|
trusted library allocation
|
page read and write
|
||
|
4900000
|
trusted library allocation
|
page read and write
|
||
|
4A40000
|
heap
|
page execute and read and write
|
||
|
8520000
|
heap
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
28F9000
|
stack
|
page read and write
|
||
|
340D000
|
trusted library allocation
|
page read and write
|
||
|
2FFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
68A0000
|
trusted library allocation
|
page read and write
|
||
|
14BE000
|
heap
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
229C0000
|
heap
|
page read and write
|
||
|
8DF2000
|
trusted library allocation
|
page read and write
|
||
|
4EDC000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
529000
|
remote allocation
|
page readonly
|
||
|
6720000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
9D5C000
|
heap
|
page read and write
|
||
|
8AEE000
|
stack
|
page read and write
|
||
|
5FED000
|
trusted library allocation
|
page read and write
|
||
|
4AD2000
|
heap
|
page read and write
|
||
|
9D3E000
|
heap
|
page read and write
|
||
|
4908000
|
trusted library allocation
|
page read and write
|
||
|
901E000
|
stack
|
page read and write
|
||
|
4A5A000
|
heap
|
page read and write
|
||
|
936F000
|
stack
|
page read and write
|
||
|
8D32000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
heap
|
page read and write
|
||
|
84B0000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
A9EF000
|
stack
|
page read and write
|
||
|
2AFD000
|
stack
|
page read and write
|
||
|
7A2000
|
trusted library allocation
|
page read and write
|
||
|
5E41000
|
trusted library allocation
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
8A9000
|
heap
|
page read and write
|
||
|
52FF000
|
trusted library allocation
|
page read and write
|
||
|
2FDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
354E000
|
unkown
|
page read and write
|
||
|
7642000
|
heap
|
page read and write
|
||
|
77EE000
|
stack
|
page read and write
|
||
|
9E2000
|
unkown
|
page execute and read and write
|
||
|
4FD1000
|
heap
|
page read and write
|
||
|
70EE000
|
stack
|
page read and write
|
||
|
70AE000
|
stack
|
page read and write
|
||
|
784000
|
trusted library allocation
|
page read and write
|
||
|
8D24000
|
trusted library allocation
|
page read and write
|
||
|
76B5000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
669F000
|
stack
|
page read and write
|
||
|
4A0E000
|
trusted library allocation
|
page read and write
|
||
|
35BE000
|
stack
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
heap
|
page read and write
|
||
|
2945000
|
heap
|
page read and write
|
||
|
2AC9000
|
heap
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
185F000
|
stack
|
page read and write
|
||
|
4D9C000
|
stack
|
page read and write
|
||
|
57A6000
|
trusted library allocation
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
233000
|
unkown
|
page readonly
|
||
|
659E000
|
heap
|
page read and write
|
||
|
49F1000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
A4B000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
8FAD000
|
stack
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
7692000
|
heap
|
page read and write
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
2AC9000
|
heap
|
page read and write
|
||
|
6D9E000
|
heap
|
page read and write
|
||
|
2A8E000
|
heap
|
page read and write
|
||
|
78B0000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
unkown
|
page readonly
|
||
|
4AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A82D000
|
stack
|
page read and write
|
||
|
14CF000
|
stack
|
page read and write
|
||
|
93AE000
|
stack
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
9E4000
|
unkown
|
page readonly
|
||
|
22A86000
|
heap
|
page read and write
|
||
|
3611000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
8467000
|
trusted library allocation
|
page read and write
|
||
|
2A19000
|
heap
|
page read and write
|
||
|
73D0000
|
heap
|
page read and write
|
||
|
A96D000
|
stack
|
page read and write
|
||
|
4A02000
|
trusted library allocation
|
page read and write
|
||
|
4F96000
|
trusted library allocation
|
page read and write
|
||
|
8F2C000
|
stack
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
6997000
|
trusted library allocation
|
page read and write
|
||
|
2A47000
|
heap
|
page read and write
|
||
|
A36E000
|
stack
|
page read and write
|
||
|
3880000
|
heap
|
page read and write
|
||
|
2AC9000
|
heap
|
page read and write
|
||
|
78C0000
|
trusted library allocation
|
page read and write
|
||
|
2E6D000
|
stack
|
page read and write
|
||
|
6591000
|
heap
|
page read and write
|
||
|
2A31000
|
heap
|
page read and write
|
||
|
2FD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D80000
|
trusted library allocation
|
page read and write
|
||
|
4A2E000
|
trusted library allocation
|
page read and write
|
||
|
7716000
|
heap
|
page read and write
|
||
|
700D000
|
stack
|
page read and write
|
||
|
85A0000
|
heap
|
page read and write
|
||
|
8460000
|
trusted library allocation
|
page read and write
|
||
|
4D42000
|
trusted library allocation
|
page read and write
|
||
|
768B000
|
heap
|
page read and write
|
||
|
2A8E000
|
heap
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
4AEA000
|
trusted library allocation
|
page read and write
|
||
|
905E000
|
stack
|
page read and write
|
||
|
8712000
|
trusted library allocation
|
page read and write
|
||
|
8D41000
|
trusted library allocation
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
A9AD000
|
stack
|
page read and write
|
||
|
3C2F000
|
stack
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
526000
|
remote allocation
|
page read and write
|
||
|
28D8000
|
stack
|
page read and write
|
||
|
149F000
|
stack
|
page read and write
|
||
|
8B2D000
|
stack
|
page read and write
|
||
|
74F0000
|
heap
|
page execute and read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
76F8000
|
heap
|
page read and write
|
||
|
770000
|
trusted library allocation
|
page read and write
|
||
|
28EB000
|
stack
|
page read and write
|
||
|
8450000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F7000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
heap
|
page read and write
|
||
|
9CB0000
|
heap
|
page read and write
|
||
|
786E000
|
stack
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
201000
|
unkown
|
page execute read
|
||
|
1980000
|
heap
|
page read and write
|
||
|
2D7D000
|
stack
|
page read and write
|
||
|
23E000
|
unkown
|
page read and write
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
8380000
|
trusted library allocation
|
page read and write
|
||
|
8DB0000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
heap
|
page read and write
|
||
|
AC6E000
|
stack
|
page read and write
|
||
|
32E8000
|
heap
|
page read and write
|
||
|
858D000
|
heap
|
page read and write
|
||
|
4FC4000
|
heap
|
page read and write
|
||
|
926C000
|
stack
|
page read and write
|
||
|
4F31000
|
heap
|
page read and write
|
||
|
9D50000
|
heap
|
page read and write
|
||
|
2FE9000
|
trusted library allocation
|
page read and write
|
||
|
2AD6000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page execute and read and write
|
||
|
68FB000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
722B000
|
stack
|
page read and write
|
||
|
4A2B000
|
trusted library allocation
|
page read and write
|
||
|
6916000
|
trusted library allocation
|
page read and write
|
||
|
85EC000
|
heap
|
page read and write
|
||
|
3401000
|
trusted library allocation
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
760000
|
unkown
|
page readonly
|
||
|
4D3000
|
remote allocation
|
page readonly
|
||
|
D8C000
|
stack
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
362E000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
1F500000
|
heap
|
page read and write
|
||
|
5001000
|
heap
|
page read and write
|
||
|
2AD3000
|
heap
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
6F75000
|
heap
|
page execute and read and write
|
||
|
DAC000
|
stack
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
BCF0000
|
heap
|
page read and write
|
||
|
4D73000
|
heap
|
page read and write
|
||
|
8D2E000
|
trusted library allocation
|
page read and write
|
||
|
5BF000
|
remote allocation
|
page readonly
|
||
|
49FC000
|
stack
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
9CAC000
|
stack
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
6EBB000
|
stack
|
page read and write
|
||
|
2E70000
|
direct allocation
|
page execute and read and write
|
||
|
2F9D000
|
stack
|
page read and write
|
||
|
2A1F000
|
heap
|
page read and write
|
||
|
66DE000
|
stack
|
page read and write
|
||
|
5C7000
|
remote allocation
|
page readonly
|
||
|
12DE000
|
heap
|
page read and write
|
||
|
4DF7000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
71EF000
|
stack
|
page read and write
|
||
|
2A92000
|
heap
|
page read and write
|
||
|
2A31000
|
heap
|
page read and write
|
||
|
732D000
|
stack
|
page read and write
|
||
|
23FE000
|
stack
|
page read and write
|
||
|
4F93000
|
heap
|
page read and write
|
||
|
3570000
|
heap
|
page read and write
|
||
|
35F0000
|
heap
|
page read and write
|
||
|
71CB000
|
stack
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
12DA000
|
heap
|
page read and write
|
||
|
7B2000
|
trusted library allocation
|
page read and write
|
||
|
A3AE000
|
stack
|
page read and write
|
||
|
A07000
|
unkown
|
page execute and read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
2AAC000
|
stack
|
page read and write
|
||
|
8370000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F6E000
|
stack
|
page read and write
|
||
|
408000
|
remote allocation
|
page readonly
|
||
|
4AE6000
|
heap
|
page read and write
|
||
|
364F000
|
unkown
|
page read and write
|
||
|
30CF000
|
heap
|
page read and write
|
||
|
4D13000
|
trusted library allocation
|
page execute and read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
2CBD000
|
stack
|
page read and write
|
||
|
2E7D000
|
stack
|
page read and write
|
||
|
730E000
|
stack
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
255E000
|
trusted library allocation
|
page read and write
|
||
|
851C000
|
heap
|
page read and write
|
||
|
2A8E000
|
heap
|
page read and write
|
||
|
852C000
|
heap
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
671D000
|
stack
|
page read and write
|
||
|
26200000
|
heap
|
page read and write
|
||
|
8470000
|
trusted library allocation
|
page read and write
|
||
|
8E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
3407000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
8AA9000
|
stack
|
page read and write
|
||
|
8587000
|
heap
|
page read and write
|
||
|
4AB0000
|
trusted library allocation
|
page read and write
|
||
|
2AD2000
|
heap
|
page read and write
|
||
|
4D3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page readonly
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
2A5F000
|
heap
|
page read and write
|
||
|
2E2B000
|
heap
|
page read and write
|
||
|
30D8000
|
heap
|
page read and write
|
||
|
FF770000
|
trusted library allocation
|
page execute and read and write
|
||
|
A45000
|
trusted library allocation
|
page read and write
|
||
|
49F6000
|
trusted library allocation
|
page read and write
|
||
|
9BD000
|
unkown
|
page write copy
|
||
|
690C000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
heap
|
page execute and read and write
|
||
|
7FA000
|
heap
|
page read and write
|
||
|
4E41000
|
trusted library allocation
|
page read and write
|
||
|
2A19000
|
heap
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
4A25000
|
trusted library allocation
|
page read and write
|
||
|
728E000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
4F94000
|
heap
|
page read and write
|
||
|
790000
|
trusted library allocation
|
page read and write
|
||
|
5032000
|
heap
|
page read and write
|
||
|
31180000
|
heap
|
page read and write
|
||
|
4AD1000
|
trusted library allocation
|
page read and write
|
||
|
6A88000
|
trusted library allocation
|
page read and write
|
||
|
DD56000
|
heap
|
page read and write
|
||
|
2A32000
|
heap
|
page read and write
|
||
|
DC90000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
AB6E000
|
stack
|
page read and write
|
||
|
2AE8000
|
stack
|
page read and write
|
||
|
A48000
|
trusted library allocation
|
page read and write
|
||
|
8F6E000
|
stack
|
page read and write
|
||
|
2A2D000
|
heap
|
page read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
119E000
|
stack
|
page read and write
|
||
|
6924000
|
trusted library allocation
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
24FC0000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
4DD0000
|
heap
|
page read and write
|
||
|
5FD5000
|
trusted library allocation
|
page read and write
|
||
|
49A4000
|
heap
|
page read and write
|
||
|
355F000
|
unkown
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
765E000
|
heap
|
page read and write
|
||
|
1297000
|
direct allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page readonly
|
||
|
4A17000
|
heap
|
page read and write
|
||
|
8360000
|
heap
|
page read and write
|
||
|
6570000
|
heap
|
page read and write
|
||
|
28C9000
|
stack
|
page read and write
|
||
|
2B3B000
|
heap
|
page read and write
|
||
|
6903000
|
trusted library allocation
|
page read and write
|
||
|
8D20000
|
trusted library allocation
|
page read and write
|
||
|
28E9000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
8DF0000
|
trusted library allocation
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
4F0F000
|
stack
|
page read and write
|
||
|
5A0000
|
remote allocation
|
page readonly
|
||
|
718E000
|
stack
|
page read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
4D47000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CFF000
|
stack
|
page read and write
|
||
|
708E000
|
stack
|
page read and write
|
||
|
49A7000
|
heap
|
page read and write
|
||
|
49A0000
|
heap
|
page read and write
|
||
|
1498000
|
heap
|
page read and write
|
||
|
4938000
|
stack
|
page read and write
|
||
|
5031000
|
heap
|
page read and write
|
||
|
3890000
|
heap
|
page read and write
|
||
|
251D0000
|
heap
|
page read and write
|
||
|
4ACE000
|
heap
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
4FC4000
|
heap
|
page read and write
|
||
|
4D23000
|
trusted library allocation
|
page read and write
|
||
|
49E6000
|
heap
|
page read and write
|
||
|
5FF6000
|
trusted library allocation
|
page read and write
|
||
|
85E0000
|
heap
|
page read and write
|
||
|
9E1000
|
unkown
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
A0A000
|
unkown
|
page readonly
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
83FD000
|
stack
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
93D0000
|
heap
|
page read and write
|
||
|
857C000
|
heap
|
page read and write
|
||
|
4D36000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FC4000
|
heap
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
3588000
|
heap
|
page read and write
|
||
|
3069000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
692B000
|
trusted library allocation
|
page read and write
|
||
|
4A30000
|
heap
|
page read and write
|
||
|
3409000
|
trusted library allocation
|
page read and write
|
||
|
A5EE000
|
stack
|
page read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
5586000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
4D55000
|
heap
|
page read and write
|
||
|
76A8000
|
heap
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
8518000
|
heap
|
page read and write
|
||
|
4F62000
|
heap
|
page read and write
|
||
|
79A000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
2F3B000
|
direct allocation
|
page execute and read and write
|
||
|
35FB000
|
heap
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
4EA2000
|
trusted library allocation
|
page read and write
|
||
|
9E4000
|
unkown
|
page readonly
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
4D52000
|
heap
|
page read and write
|
||
|
8552000
|
heap
|
page read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
6780000
|
heap
|
page read and write
|
||
|
A56D000
|
stack
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
2E4F000
|
unkown
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
332F000
|
stack
|
page read and write
|
||
|
7704000
|
heap
|
page read and write
|
||
|
780000
|
trusted library allocation
|
page read and write
|
||
|
2F42000
|
direct allocation
|
page execute and read and write
|
||
|
76E1000
|
heap
|
page read and write
|
||
|
32FD000
|
stack
|
page read and write
|
||
|
5EAA000
|
trusted library allocation
|
page read and write
|
||
|
76DF000
|
heap
|
page read and write
|
||
|
85B1000
|
heap
|
page read and write
|
||
|
8390000
|
trusted library allocation
|
page read and write
|
||
|
9EB0000
|
heap
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
6960000
|
trusted library allocation
|
page read and write
|
||
|
279D000
|
stack
|
page read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
2A84000
|
heap
|
page read and write
|
||
|
2F96000
|
direct allocation
|
page execute and read and write
|
||
|
55D000
|
remote allocation
|
page readonly
|
||
|
A4ED000
|
stack
|
page read and write
|
||
|
14440000
|
heap
|
page read and write
|
||
|
4FC4000
|
heap
|
page read and write
|
||
|
78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
557E000
|
trusted library allocation
|
page read and write
|
||
|
6944000
|
trusted library allocation
|
page read and write
|
||
|
14BA000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
714A000
|
stack
|
page read and write
|
||
|
512B000
|
trusted library allocation
|
page read and write
|
||
|
46C000
|
stack
|
page read and write
|
||
|
4F31000
|
heap
|
page read and write
|
||
|
2EE6000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
A5AF000
|
stack
|
page read and write
|
||
|
7686000
|
heap
|
page read and write
|
||
|
4A68000
|
heap
|
page read and write
|
||
|
49EB000
|
trusted library allocation
|
page read and write
|
||
|
4980000
|
heap
|
page read and write
|
||
|
2FD4000
|
trusted library allocation
|
page read and write
|
||
|
7D8000
|
heap
|
page read and write
|
||
|
2A16000
|
heap
|
page read and write
|
||
|
15CF000
|
stack
|
page read and write
|
||
|
3411000
|
trusted library allocation
|
page read and write
|
||
|
30A7000
|
heap
|
page read and write
|
||
|
49E0000
|
heap
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
8D4D000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page read and write
|
||
|
6A49000
|
trusted library allocation
|
page read and write
|
||
|
7A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E5000
|
stack
|
page read and write
|
||
|
2980000
|
heap
|
page readonly
|
||
|
189E000
|
stack
|
page read and write
|
||
|
8AC000
|
heap
|
page read and write
|
||
|
581F000
|
stack
|
page read and write
|
||
|
A09000
|
unkown
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
29F8000
|
heap
|
page read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
57A9000
|
trusted library allocation
|
page read and write
|
||
|
76FE000
|
heap
|
page read and write
|
||
|
6E6E000
|
stack
|
page read and write
|
||
|
2A4F000
|
heap
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
7830000
|
heap
|
page read and write
|
||
|
68EE000
|
trusted library allocation
|
page read and write
|
||
|
4A4E000
|
heap
|
page read and write
|
||
|
ADAE000
|
stack
|
page read and write
|
||
|
78BF000
|
trusted library allocation
|
page read and write
|
||
|
6939000
|
trusted library allocation
|
page read and write
|
||
|
55C6000
|
trusted library allocation
|
page read and write
|
||
|
2AD6000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
7690000
|
heap
|
page read and write
|
||
|
8FC0000
|
heap
|
page read and write
|
||
|
9070000
|
heap
|
page execute and read and write
|
||
|
4E1F000
|
stack
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
2A28000
|
heap
|
page read and write
|
||
|
1270000
|
direct allocation
|
page execute and read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
AA2C000
|
stack
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page read and write
|
||
|
2AD2000
|
heap
|
page read and write
|
||
|
2FCD000
|
direct allocation
|
page execute and read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
8D2B000
|
trusted library allocation
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
6A8C000
|
trusted library allocation
|
page read and write
|
||
|
A86C000
|
stack
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
459E000
|
stack
|
page read and write
|
||
|
341A000
|
heap
|
page read and write
|
||
|
704B000
|
stack
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
53D2000
|
trusted library allocation
|
page read and write
|
||
|
8930000
|
trusted library allocation
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
A26E000
|
stack
|
page read and write
|
||
|
4A1A000
|
trusted library allocation
|
page read and write
|
||
|
ACAE000
|
stack
|
page read and write
|
||
|
5582000
|
trusted library allocation
|
page read and write
|
||
|
8D3E000
|
trusted library allocation
|
page read and write
|
||
|
8B6E000
|
stack
|
page read and write
|
||
|
12AE000
|
heap
|
page read and write
|
||
|
7F848000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
3005000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
245000
|
unkown
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
There are 737 hidden memdumps, click here to show them.