Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
hDKY4f6gEA.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Internet Explorer\RCXB6AF.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Internet Explorer\services.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Internet Explorer\services.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Java\jre-1.8\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Java\jre-1.8\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Java\jre-1.8\RCXA65D.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft Office\RCXB219.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft Office\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft Office\RuntimeBroker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\WindowsPowerShell\RCX9FD4.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\WindowsPowerShell\dllhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\WindowsPowerShell\dllhost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\internet explorer\services.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\java\jre-1.8\IfYiMMRuvSUMKHkp.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\microsoft office\RuntimeBroker.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\windowspowershell\dllhost.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Microsoft\OneDrive\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Microsoft\OneDrive\RCXC626.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Uninstall Information\RCXB8D3.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Uninstall Information\wininit.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Uninstall Information\wininit.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files\Windows Defender\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Defender\RCXA207.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Multimedia Platform\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
modified
|
|
|
|
C:\Program Files\Windows Multimedia Platform\RCXAA37.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\MapData\RCXB47C.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\MapData\SystemSettings.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\MapData\SystemSettings.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Recovery\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\RCX9764.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\RCXC0C5.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\smss.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\All Users\Desktop\IfYiMMRuvSUMKHkp.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\All Users\Microsoft\MapData\SystemSettings.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\RCXBE25.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\Application Data\Microsoft\IfYiMMRuvSUMKHkp.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Desktop\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Desktop\RCXC366.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Videos\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Videos\RCX99B7.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Videos\RCXBB84.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Videos\dasHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\hDKY4f6gEA.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\Desktop\RCX9531.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\hDKY4f6gEA.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\RCXAF2A.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\LiveKernelReports\RCXAD07.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\LiveKernelReports\System.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Registration\CRMLog\IfYiMMRuvSUMKHkp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Registration\CRMLog\RCX9C96.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Internet Explorer\c5b4cb5e9653cc
|
ASCII text, with very long lines (495), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Java\jre-1.8\047efad0ccc033
|
ASCII text, with very long lines (568), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Microsoft Office\9e8d7a4ca61bd9
|
ASCII text, with very long lines (588), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\WindowsPowerShell\5940a34987c991
|
ASCII text, with very long lines (754), with no line terminators
|
dropped
|
||
|
C:\Program Files\Microsoft\OneDrive\047efad0ccc033
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Microsoft\OneDrive\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Uninstall Information\56085415360792
|
ASCII text, with very long lines (531), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Defender\047efad0ccc033
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Defender\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows Multimedia Platform\047efad0ccc033
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Multimedia Platform\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\MapData\9e60a5f7a3bd80
|
ASCII text, with very long lines (532), with no line terminators
|
dropped
|
||
|
C:\Recovery\047efad0ccc033
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\69ddcba757bf72
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\smss.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\047efad0ccc033
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Desktop\047efad0ccc033
|
ASCII text, with very long lines (610), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Desktop\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Videos\047efad0ccc033
|
ASCII text, with very long lines (914), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Videos\21b1a557fd31cc
|
ASCII text, with very long lines (871), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Videos\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Videos\dasHost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\047efad0ccc033
|
ASCII text, with very long lines (668), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\IfYiMMRuvSUMKHkp.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\dllhost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\LiveKernelReports\27d1bcfc3c54e0
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\LiveKernelReports\System.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Registration\CRMLog\047efad0ccc033
|
ASCII text, with very long lines (444), with no line terminators
|
dropped
|
||
|
C:\Windows\Registration\CRMLog\IfYiMMRuvSUMKHkp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 75 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\hDKY4f6gEA.exe
|
"C:\Users\user\Desktop\hDKY4f6gEA.exe"
|
|
|
|
C:\Program Files (x86)\WindowsPowerShell\dllhost.exe
|
"C:\Program Files (x86)\windowspowershell\dllhost.exe"
|
|
|
|
C:\Program Files (x86)\WindowsPowerShell\dllhost.exe
|
"C:\Program Files (x86)\windowspowershell\dllhost.exe"
|
|
|
|
C:\Program Files\Windows Defender\IfYiMMRuvSUMKHkp.exe
|
"C:\Program Files\Windows Defender\IfYiMMRuvSUMKHkp.exe"
|
|
|
|
C:\Recovery\IfYiMMRuvSUMKHkp.exe
|
C:\Recovery\IfYiMMRuvSUMKHkp.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://aka.ms/odirm2
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://aka.ms/Vh5j3k
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLUA
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
PromptOnSecureDesktop
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\5c97d66f5cebe7b0b47219d523e1adfb8abf6a85
|
e60affd00b14bb3a40123231ef4a4edccba38267
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E81000
|
trusted library allocation
|
page read and write
|
|
|
|
32B1000
|
trusted library allocation
|
page read and write
|
|
|
|
12B81000
|
trusted library allocation
|
page read and write
|
|
|
|
27F1000
|
trusted library allocation
|
page read and write
|
|
|
|
2361000
|
trusted library allocation
|
page read and write
|
|
|
|
2BAF000
|
trusted library allocation
|
page read and write
|
|
|
|
2B71000
|
trusted library allocation
|
page read and write
|
|
|
|
132B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
105A000
|
heap
|
page read and write
|
||
|
37D1000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1B35E000
|
stack
|
page read and write
|
||
|
3180000
|
trusted library section
|
page read and write
|
||
|
3EC6000
|
trusted library allocation
|
page read and write
|
||
|
1C690000
|
heap
|
page read and write
|
||
|
3BEF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B777000
|
trusted library allocation
|
page read and write
|
||
|
58A000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1C6A0000
|
heap
|
page read and write
|
||
|
1C1CD000
|
heap
|
page read and write
|
||
|
3BE7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
38F3000
|
trusted library allocation
|
page read and write
|
||
|
1B65E000
|
stack
|
page read and write
|
||
|
12801000
|
trusted library allocation
|
page read and write
|
||
|
35F6000
|
trusted library allocation
|
page read and write
|
||
|
3A74000
|
trusted library allocation
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
1C72A000
|
heap
|
page read and write
|
||
|
357D000
|
trusted library allocation
|
page read and write
|
||
|
1B840000
|
heap
|
page read and write
|
||
|
3C75000
|
trusted library allocation
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
1790000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
1BE0E000
|
stack
|
page read and write
|
||
|
127F3000
|
trusted library allocation
|
page read and write
|
||
|
38F7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B94F000
|
stack
|
page read and write
|
||
|
1BC90000
|
trusted library section
|
page read and write
|
||
|
12E91000
|
trusted library allocation
|
page read and write
|
||
|
13569000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1C626000
|
heap
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
128AC000
|
trusted library allocation
|
page read and write
|
||
|
1AC6D000
|
stack
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
3809000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
F8E000
|
unkown
|
page readonly
|
||
|
132BD000
|
trusted library allocation
|
page read and write
|
||
|
2C2D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1A820000
|
trusted library allocation
|
page read and write
|
||
|
1BD4E000
|
stack
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D0E000
|
trusted library allocation
|
page read and write
|
||
|
35BC000
|
trusted library allocation
|
page read and write
|
||
|
1ED34000
|
heap
|
page read and write
|
||
|
3470000
|
trusted library allocation
|
page read and write
|
||
|
38BF000
|
trusted library allocation
|
page read and write
|
||
|
28AF000
|
trusted library allocation
|
page read and write
|
||
|
3D09000
|
trusted library allocation
|
page read and write
|
||
|
1C58F000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
5A1000
|
heap
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1343000
|
heap
|
page read and write
|
||
|
7FFD9B90C000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
3E25000
|
trusted library allocation
|
page read and write
|
||
|
35BA000
|
trusted library allocation
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
1C5F0000
|
heap
|
page read and write
|
||
|
3D01000
|
trusted library allocation
|
page read and write
|
||
|
2A9F000
|
stack
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
1341000
|
heap
|
page read and write
|
||
|
1AE2E000
|
stack
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1C65E000
|
heap
|
page read and write
|
||
|
1B0FD000
|
stack
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
1BC80000
|
heap
|
page execute and read and write
|
||
|
7FFD9B941000
|
trusted library allocation
|
page read and write
|
||
|
1336C000
|
trusted library allocation
|
page read and write
|
||
|
36E6000
|
trusted library allocation
|
page read and write
|
||
|
1C173000
|
heap
|
page read and write
|
||
|
1BCC0000
|
trusted library section
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B8AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1E2000
|
heap
|
page read and write
|
||
|
82F000
|
stack
|
page read and write
|
||
|
8D0000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B150000
|
heap
|
page execute and read and write
|
||
|
3B62000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
1A8ED000
|
stack
|
page read and write
|
||
|
21BF000
|
stack
|
page read and write
|
||
|
353A000
|
trusted library allocation
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
1C754000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
34B8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
3639000
|
trusted library allocation
|
page read and write
|
||
|
392E000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
1C202000
|
heap
|
page read and write
|
||
|
7FFD9B93B000
|
trusted library allocation
|
page read and write
|
||
|
1C133000
|
heap
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
5CC000
|
heap
|
page read and write
|
||
|
38F9000
|
trusted library allocation
|
page read and write
|
||
|
1B17A000
|
stack
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
8E9000
|
heap
|
page read and write
|
||
|
1C770000
|
heap
|
page read and write
|
||
|
1C7AE000
|
heap
|
page read and write
|
||
|
3B68000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C61B000
|
heap
|
page read and write
|
||
|
8A0000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
3AEA000
|
trusted library allocation
|
page read and write
|
||
|
3A6B000
|
trusted library allocation
|
page read and write
|
||
|
28B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B786000
|
trusted library allocation
|
page read and write
|
||
|
3E27000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B1000
|
trusted library allocation
|
page execute and read and write
|
||
|
375A000
|
trusted library allocation
|
page read and write
|
||
|
1AF2E000
|
stack
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
39ED000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
3884000
|
trusted library allocation
|
page read and write
|
||
|
12B78000
|
trusted library allocation
|
page read and write
|
||
|
5CF000
|
heap
|
page read and write
|
||
|
35B4000
|
trusted library allocation
|
page read and write
|
||
|
CCD000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B916000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
13AD000
|
heap
|
page read and write
|
||
|
56C000
|
heap
|
page read and write
|
||
|
102F000
|
heap
|
page read and write
|
||
|
368B000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
3760000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9FD000
|
trusted library allocation
|
page read and write
|
||
|
34B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C712000
|
heap
|
page read and write
|
||
|
384A000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
unkown
|
page readonly
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
3D03000
|
trusted library allocation
|
page read and write
|
||
|
1B632000
|
heap
|
page read and write
|
||
|
7FFD9B943000
|
trusted library allocation
|
page read and write
|
||
|
3AE6000
|
trusted library allocation
|
page read and write
|
||
|
1C589000
|
heap
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
1E92E000
|
stack
|
page read and write
|
||
|
1BCF0000
|
trusted library section
|
page read and write
|
||
|
1565000
|
heap
|
page read and write
|
||
|
7FFD9B943000
|
trusted library allocation
|
page read and write
|
||
|
1B8F4000
|
stack
|
page read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
870000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B897000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C5D9000
|
heap
|
page read and write
|
||
|
39EB000
|
trusted library allocation
|
page read and write
|
||
|
3813000
|
trusted library allocation
|
page read and write
|
||
|
1BC7F000
|
stack
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
3E29000
|
trusted library allocation
|
page read and write
|
||
|
85B000
|
heap
|
page read and write
|
||
|
1241C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B73000
|
trusted library allocation
|
page read and write
|
||
|
127FD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
39F3000
|
trusted library allocation
|
page read and write
|
||
|
28A6000
|
trusted library allocation
|
page read and write
|
||
|
3D97000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
3936000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
12E83000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
35B2000
|
trusted library allocation
|
page read and write
|
||
|
3474000
|
trusted library allocation
|
page read and write
|
||
|
146F000
|
stack
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
22F0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B947000
|
trusted library allocation
|
page read and write
|
||
|
9D6000
|
stack
|
page read and write
|
||
|
12B7D000
|
trusted library allocation
|
page read and write
|
||
|
1C5AE000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
375E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A2000
|
trusted library allocation
|
page read and write
|
||
|
3636000
|
trusted library allocation
|
page read and write
|
||
|
3C7F000
|
trusted library allocation
|
page read and write
|
||
|
2340000
|
heap
|
page execute and read and write
|
||
|
1AD2E000
|
stack
|
page read and write
|
||
|
7FFD9B94B000
|
trusted library allocation
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
5CA000
|
heap
|
page read and write
|
||
|
3BED000
|
trusted library allocation
|
page read and write
|
||
|
1C69C000
|
heap
|
page read and write
|
||
|
1ED30000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E8D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1C5E6000
|
heap
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
1B6FE000
|
stack
|
page read and write
|
||
|
7FFD9B9F9000
|
trusted library allocation
|
page read and write
|
||
|
3886000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
3796000
|
trusted library allocation
|
page read and write
|
||
|
3E2B000
|
trusted library allocation
|
page read and write
|
||
|
25CF000
|
stack
|
page read and write
|
||
|
1BB4A000
|
stack
|
page read and write
|
||
|
36E8000
|
trusted library allocation
|
page read and write
|
||
|
1BA4F000
|
stack
|
page read and write
|
||
|
3532000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B93C000
|
trusted library allocation
|
page read and write
|
||
|
1BCA0000
|
trusted library section
|
page read and write
|
||
|
3B60000
|
trusted library allocation
|
page read and write
|
||
|
3882000
|
trusted library allocation
|
page read and write
|
||
|
3798000
|
trusted library allocation
|
page read and write
|
||
|
39F1000
|
trusted library allocation
|
page read and write
|
||
|
3932000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B891000
|
trusted library allocation
|
page execute and read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
35F8000
|
trusted library allocation
|
page read and write
|
||
|
7FF470A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
36E4000
|
trusted library allocation
|
page read and write
|
||
|
1C12C000
|
heap
|
page read and write
|
||
|
38BB000
|
trusted library allocation
|
page read and write
|
||
|
83C000
|
heap
|
page read and write
|
||
|
1031000
|
heap
|
page read and write
|
||
|
7FFD9B88D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AE8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
357B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
132B8000
|
trusted library allocation
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
3D95000
|
trusted library allocation
|
page read and write
|
||
|
34B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
||
|
1306000
|
heap
|
page read and write
|
||
|
35F4000
|
trusted library allocation
|
page read and write
|
||
|
3C77000
|
trusted library allocation
|
page read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
38BD000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
7FFD9B9A9000
|
trusted library allocation
|
page read and write
|
||
|
2F41000
|
trusted library allocation
|
page read and write
|
||
|
3888000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
1C5E4000
|
heap
|
page read and write
|
||
|
380B000
|
trusted library allocation
|
page read and write
|
||
|
35B6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B75E000
|
stack
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
12361000
|
trusted library allocation
|
page read and write
|
||
|
3D05000
|
trusted library allocation
|
page read and write
|
||
|
1BD00000
|
heap
|
page read and write
|
||
|
566000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
3F56000
|
trusted library allocation
|
page read and write
|
||
|
3472000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
3848000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CC6E000
|
stack
|
page read and write
|
||
|
37D3000
|
trusted library allocation
|
page read and write
|
||
|
12BF000
|
stack
|
page read and write
|
||
|
F92000
|
unkown
|
page readonly
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
10A1000
|
heap
|
page read and write
|
||
|
1C1A4000
|
heap
|
page read and write
|
||
|
1C103000
|
stack
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
353C000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
7FFD9B903000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92C000
|
trusted library allocation
|
page read and write
|
||
|
3632000
|
trusted library allocation
|
page read and write
|
||
|
195F000
|
stack
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
3725000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
3575000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
3D0B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
380D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1365000
|
heap
|
page read and write
|
||
|
37D5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1F6000
|
heap
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
1C1E4000
|
heap
|
page read and write
|
||
|
38FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3794000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
E22000
|
unkown
|
page readonly
|
||
|
37CF000
|
trusted library allocation
|
page read and write
|
||
|
3673000
|
trusted library allocation
|
page read and write
|
||
|
3811000
|
trusted library allocation
|
page read and write
|
||
|
3972000
|
trusted library allocation
|
page read and write
|
||
|
1BF0E000
|
stack
|
page read and write
|
||
|
CF9000
|
heap
|
page read and write
|
||
|
1C64A000
|
heap
|
page read and write
|
||
|
3844000
|
trusted library allocation
|
page read and write
|
||
|
1B2FD000
|
stack
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
3930000
|
trusted library allocation
|
page read and write
|
||
|
D25000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B797000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3160000
|
trusted library section
|
page read and write
|
||
|
1C1B3000
|
heap
|
page read and write
|
||
|
3758000
|
trusted library allocation
|
page read and write
|
||
|
38C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
1C7D3000
|
heap
|
page read and write
|
||
|
1D35B000
|
stack
|
page read and write
|
||
|
1855000
|
heap
|
page read and write
|
||
|
1B453000
|
stack
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAFA000
|
stack
|
page read and write
|
||
|
3BE9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E40000
|
heap
|
page execute and read and write
|
||
|
384E000
|
trusted library allocation
|
page read and write
|
||
|
612000
|
heap
|
page read and write
|
||
|
12F3C000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
3AE2000
|
trusted library allocation
|
page read and write
|
||
|
3573000
|
trusted library allocation
|
page read and write
|
||
|
1B9F3000
|
stack
|
page read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B911000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3577000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B777000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
CAB000
|
heap
|
page read and write
|
||
|
7FFD9B98D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
3792000
|
trusted library allocation
|
page read and write
|
||
|
1C004000
|
stack
|
page read and write
|
||
|
12368000
|
trusted library allocation
|
page read and write
|
||
|
1B273000
|
stack
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
1C59B000
|
heap
|
page read and write
|
||
|
3BF3000
|
trusted library allocation
|
page read and write
|
||
|
38B9000
|
trusted library allocation
|
page read and write
|
||
|
3C73000
|
trusted library allocation
|
page read and write
|
||
|
35F2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3727000
|
trusted library allocation
|
page read and write
|
||
|
38FD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
1BBFE000
|
stack
|
page read and write
|
||
|
136D000
|
heap
|
page read and write
|
||
|
7FFD9B944000
|
trusted library allocation
|
page read and write
|
||
|
3534000
|
trusted library allocation
|
page read and write
|
||
|
36EA000
|
trusted library allocation
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
3938000
|
trusted library allocation
|
page read and write
|
||
|
3D07000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
3C79000
|
trusted library allocation
|
page read and write
|
||
|
22BE000
|
stack
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
3677000
|
trusted library allocation
|
page read and write
|
||
|
1BE4E000
|
stack
|
page read and write
|
||
|
1B5F0000
|
heap
|
page read and write
|
||
|
7FFD9B77C000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
3978000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1C1D6000
|
heap
|
page read and write
|
||
|
1C42D000
|
stack
|
page read and write
|
||
|
34BA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1E8000
|
heap
|
page read and write
|
||
|
39F5000
|
trusted library allocation
|
page read and write
|
||
|
12E81000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B94B000
|
trusted library allocation
|
page read and write
|
||
|
1C1EA000
|
heap
|
page read and write
|
||
|
3BEB000
|
trusted library allocation
|
page read and write
|
||
|
1B37F000
|
stack
|
page read and write
|
||
|
3A6F000
|
trusted library allocation
|
page read and write
|
||
|
1C6C7000
|
heap
|
page read and write
|
||
|
872000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B964000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B953000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
1236D000
|
trusted library allocation
|
page read and write
|
||
|
3C81000
|
trusted library allocation
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
3150000
|
trusted library section
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
289D000
|
trusted library allocation
|
page read and write
|
||
|
3BF1000
|
trusted library allocation
|
page read and write
|
||
|
1C675000
|
heap
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
3579000
|
trusted library allocation
|
page read and write
|
||
|
3B64000
|
trusted library allocation
|
page read and write
|
||
|
3B5E000
|
trusted library allocation
|
page read and write
|
||
|
CCB000
|
heap
|
page read and write
|
||
|
1B83F000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
12E88000
|
trusted library allocation
|
page read and write
|
||
|
3C7B000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
1C607000
|
heap
|
page read and write
|
||
|
12363000
|
trusted library allocation
|
page read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1C310000
|
trusted library section
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
59F000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page execute and read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
1C6E5000
|
heap
|
page read and write
|
||
|
109A000
|
heap
|
page read and write
|
||
|
397C000
|
trusted library allocation
|
page read and write
|
||
|
371D000
|
trusted library allocation
|
page read and write
|
||
|
1C52A000
|
stack
|
page read and write
|
||
|
27E0000
|
heap
|
page execute and read and write
|
||
|
1B83D000
|
stack
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
13B5000
|
heap
|
page read and write
|
||
|
1C6F4000
|
heap
|
page read and write
|
||
|
1ABA0000
|
trusted library allocation
|
page read and write
|
||
|
1B074000
|
stack
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
35FA000
|
trusted library allocation
|
page read and write
|
||
|
1BC43000
|
stack
|
page read and write
|
||
|
586000
|
stack
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
176E000
|
stack
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
166E000
|
stack
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
241C000
|
trusted library allocation
|
page read and write
|
||
|
1BCB0000
|
trusted library section
|
page read and write
|
||
|
380F000
|
trusted library allocation
|
page read and write
|
||
|
3976000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page read and write
|
||
|
38C1000
|
trusted library allocation
|
page read and write
|
||
|
379C000
|
trusted library allocation
|
page read and write
|
||
|
1D45B000
|
stack
|
page read and write
|
||
|
7FFD9B797000
|
trusted library allocation
|
page read and write
|
||
|
28A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B88A000
|
trusted library allocation
|
page execute and read and write
|
||
|
720000
|
unkown
|
page readonly
|
||
|
910000
|
heap
|
page read and write
|
||
|
3974000
|
trusted library allocation
|
page read and write
|
||
|
34F9000
|
trusted library allocation
|
page read and write
|
||
|
127F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
3D93000
|
trusted library allocation
|
page read and write
|
||
|
1C77A000
|
heap
|
page read and write
|
||
|
3DA0000
|
trusted library allocation
|
page read and write
|
||
|
3880000
|
trusted library allocation
|
page read and write
|
||
|
1335A000
|
trusted library allocation
|
page read and write
|
||
|
387E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
1C110000
|
heap
|
page read and write
|
||
|
1C30A000
|
stack
|
page read and write
|
||
|
1C570000
|
heap
|
page read and write
|
||
|
3723000
|
trusted library allocation
|
page read and write
|
||
|
3634000
|
trusted library allocation
|
page read and write
|
||
|
34FB000
|
trusted library allocation
|
page read and write
|
||
|
384C000
|
trusted library allocation
|
page read and write
|
||
|
28A9000
|
trusted library allocation
|
page read and write
|
||
|
1C180000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
3A69000
|
trusted library allocation
|
page read and write
|
||
|
3E2D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90C000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C666000
|
heap
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
7FFD9B936000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
3AE0000
|
trusted library allocation
|
page read and write
|
||
|
38F5000
|
trusted library allocation
|
page read and write
|
||
|
397A000
|
trusted library allocation
|
page read and write
|
||
|
1BCD0000
|
trusted library section
|
page read and write
|
||
|
1C320000
|
trusted library section
|
page read and write
|
||
|
35B8000
|
trusted library allocation
|
page read and write
|
||
|
FFC000
|
heap
|
page read and write
|
||
|
39EF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
1B380000
|
heap
|
page read and write
|
||
|
1C63B000
|
heap
|
page read and write
|
||
|
7FFD9B8AF000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C7D000
|
trusted library allocation
|
page read and write
|
||
|
1C160000
|
heap
|
page read and write
|
||
|
1C7A2000
|
heap
|
page read and write
|
||
|
3846000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
13A73000
|
trusted library allocation
|
page read and write
|
||
|
13416000
|
trusted library allocation
|
page read and write
|
||
|
1C7B3000
|
heap
|
page read and write
|
||
|
28A0000
|
trusted library allocation
|
page read and write
|
||
|
1B2E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
36B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
3AE4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
37D7000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
1C171000
|
heap
|
page read and write
|
||
|
346E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
1C530000
|
trusted library section
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
876000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
1BCE0000
|
trusted library section
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
7FFD9B9C1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
3571000
|
trusted library allocation
|
page read and write
|
||
|
C65000
|
heap
|
page read and write
|
||
|
7FFD9B887000
|
trusted library allocation
|
page execute and read and write
|
||
|
35FC000
|
trusted library allocation
|
page read and write
|
||
|
594000
|
heap
|
page read and write
|
||
|
1A390000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
12371000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B88F000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7FF000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
3F58000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
3934000
|
trusted library allocation
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
1B540000
|
heap
|
page execute and read and write
|
||
|
13F9000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B77C000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
heap
|
page execute and read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
3762000
|
trusted library allocation
|
page read and write
|
||
|
3B66000
|
trusted library allocation
|
page read and write
|
||
|
3675000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
trusted library section
|
page read and write
|
||
|
1C613000
|
heap
|
page read and write
|
||
|
375C000
|
trusted library allocation
|
page read and write
|
||
|
363B000
|
trusted library allocation
|
page read and write
|
||
|
3E2F000
|
trusted library allocation
|
page read and write
|
||
|
1D22D000
|
stack
|
page read and write
|
||
|
7FFD9B90A000
|
trusted library allocation
|
page read and write
|
||
|
3E32000
|
trusted library allocation
|
page read and write
|
||
|
1C20C000
|
heap
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
1C1BA000
|
heap
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
1B53E000
|
stack
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A6D000
|
trusted library allocation
|
page read and write
|
||
|
1AEB0000
|
trusted library allocation
|
page read and write
|
||
|
127F8000
|
trusted library allocation
|
page read and write
|
||
|
3671000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page execute and read and write
|
||
|
37D9000
|
trusted library allocation
|
page read and write
|
||
|
14D5000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
1B73F000
|
stack
|
page read and write
|
||
|
1B0AF000
|
stack
|
page read and write
|
||
|
1B554000
|
stack
|
page read and write
|
||
|
1B25E000
|
stack
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
12B71000
|
trusted library allocation
|
page read and write
|
||
|
2F32000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90E000
|
trusted library allocation
|
page read and write
|
There are 657 hidden memdumps, click here to show them.