Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Urgent Quotation documents One Pdf.vbs
|
ASCII text, with very long lines (18194)
|
initial sample
|
 |
|
|
C:\ProgramData\sihem.vbe
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\RbxGzzRCxRnUYYz.vbs
|
ISO-8859 text
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Critical_powershell.exe_6dcd90a0cfadcd56d98897fd4ad3469a57ab5cb_00000000_f0abb7fe-856e-4399-ab31-4af1fb3076f1\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Critical_powershell.exe_b4b21b9272f0623778607a435112f88140f556cc_00000000_aaf32bbd-49e5-46f6-aef9-a1c3df2349d6\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6EB.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER71A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER71B.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER788.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0n2dxoqu.jva.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3xtc2uo1.fh5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_c2vqsqun.fv5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yzkrjl5v.1sc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\3N81UEG5J6GESUM0YPYQ.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF50f98d.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\JTFWOQESOJPQ2M217AQN.temp
|
data
|
dropped
|
||
|
\Device\ConDrv
|
Non-ISO extended-ASCII text, with very long lines (987), with CRLF line terminators, with escape sequences
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Urgent Quotation documents One Pdf.vbs"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\sihem.vbe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\AppData\Roaming\RbxGzzRCxRnUYYz.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wermgr.exe
|
"C:\Windows\system32\wermgr.exe" "-outproc" "0" "7488" "2720" "2688" "2716" "0" "0" "2712" "0" "0" "0" "0" "0"
|
||
|
C:\Windows\System32\wermgr.exe
|
"C:\Windows\system32\wermgr.exe" "-outproc" "0" "8132" "2728" "2856" "2692" "0" "0" "2872" "0" "0" "0" "0" "0"
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.12.205
|
|
|
|
http://144.91.79.54/2210/rk
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://144.91.79.54/2210/BJcAJ8AorkdqBSqQYRDA.txt
|
unknown
|
||
|
http://144.91.79.54/2210/v
|
unknown
|
||
|
http://144.91.79.54/g
|
unknown
|
||
|
http://144.91.79.54/2210/file
|
unknown
|
||
|
http://144.91.79.54/
|
unknown
|
||
|
http://144.91.79.54/K
|
unknown
|
||
|
http://144.91.79.54/2210/s
|
unknown
|
||
|
http://144.91.79.54/2210/rw
|
unknown
|
||
|
http://144.91.79.54/2210/r
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://144.91.79.54:80/2210/file
|
unknown
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.ipify.org
|
104.26.12.205
|
|
|
|
s-part-0017.t-0009.fb-t-msedge.net
|
13.107.253.45
|
||
|
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
84.201.210.36
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
144.91.79.54
|
unknown
|
Germany
|
|
|
|
104.26.12.205
|
api.ipify.org
|
United States
|
|
|
|
162.254.34.31
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part6
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part7
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part9
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part10
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part11
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part13
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part14
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part15
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part16
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part17
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part18
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part19
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part20
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part21
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part22
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part23
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part24
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz\donn
|
Part25
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz
|
cn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz
|
i
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz
|
s
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz
|
r
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz
|
Path
|
||
|
HKEY_CURRENT_USER\SOFTWARE\RbxGzzRCxRnUYYz
|
v
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileDirectory
|
There are 39 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
D42000
|
remote allocation
|
page execute and read and write
|
|
|
|
2D24000
|
trusted library allocation
|
page read and write
|
|
|
|
2CF1000
|
trusted library allocation
|
page read and write
|
|
|
|
2D1C000
|
trusted library allocation
|
page read and write
|
|
|
|
1232E246000
|
heap
|
page read and write
|
||
|
1BE489E8000
|
heap
|
page read and write
|
||
|
1DDE480E000
|
heap
|
page read and write
|
||
|
1DDE477F000
|
heap
|
page read and write
|
||
|
1DDE684C000
|
heap
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page execute and read and write
|
||
|
1232E24F000
|
heap
|
page read and write
|
||
|
1DDE6895000
|
heap
|
page read and write
|
||
|
1232E252000
|
heap
|
page read and write
|
||
|
F39000
|
heap
|
page read and write
|
||
|
1232E299000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE61A9000
|
heap
|
page read and write
|
||
|
5290000
|
heap
|
page read and write
|
||
|
1DDE47AE000
|
heap
|
page read and write
|
||
|
1DDE480E000
|
heap
|
page read and write
|
||
|
1DDE6A65000
|
heap
|
page read and write
|
||
|
D678CFC000
|
stack
|
page read and write
|
||
|
1BE48A04000
|
heap
|
page read and write
|
||
|
12D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1232E241000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE6890000
|
heap
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
1DDE67A4000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
1DDE4751000
|
heap
|
page read and write
|
||
|
23040FB1000
|
heap
|
page read and write
|
||
|
646E000
|
stack
|
page read and write
|
||
|
1E9DDF58000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
40D167C000
|
stack
|
page read and write
|
||
|
1232E252000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1DDE47A5000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1232E25E000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1232E23C000
|
heap
|
page read and write
|
||
|
B9F90F8000
|
stack
|
page read and write
|
||
|
1BE489E2000
|
heap
|
page read and write
|
||
|
D678DFD000
|
stack
|
page read and write
|
||
|
12CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
51AD000
|
trusted library allocation
|
page read and write
|
||
|
1DDE47CF000
|
heap
|
page read and write
|
||
|
1DDE4751000
|
heap
|
page read and write
|
||
|
1BE4A7D0000
|
heap
|
page read and write
|
||
|
1DDE47ED000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
54CE000
|
stack
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1BE489AB000
|
heap
|
page read and write
|
||
|
1BE489F6000
|
heap
|
page read and write
|
||
|
1BE489DF000
|
heap
|
page read and write
|
||
|
23042900000
|
heap
|
page read and write
|
||
|
23041030000
|
heap
|
page read and write
|
||
|
23040F78000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE684A000
|
heap
|
page read and write
|
||
|
B9F97FD000
|
stack
|
page read and write
|
||
|
1DDE6A65000
|
heap
|
page read and write
|
||
|
1DDE61A9000
|
heap
|
page read and write
|
||
|
1DDE6891000
|
heap
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
917BEFE000
|
stack
|
page read and write
|
||
|
F27000
|
heap
|
page read and write
|
||
|
5280000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE61A2000
|
heap
|
page read and write
|
||
|
1232E020000
|
heap
|
page read and write
|
||
|
1DDE61A1000
|
heap
|
page read and write
|
||
|
1BE48A04000
|
heap
|
page read and write
|
||
|
1DDE61A9000
|
heap
|
page read and write
|
||
|
1BE489F1000
|
heap
|
page read and write
|
||
|
4E3E000
|
stack
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
1DDE684C000
|
heap
|
page read and write
|
||
|
1DDE4811000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
1232E264000
|
heap
|
page read and write
|
||
|
1DDE4826000
|
heap
|
page read and write
|
||
|
2D2A000
|
trusted library allocation
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
519A000
|
trusted library allocation
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
23040FBC000
|
heap
|
page read and write
|
||
|
1DDE68AA000
|
heap
|
page read and write
|
||
|
2304101E000
|
heap
|
page read and write
|
||
|
1DDE476F000
|
heap
|
page read and write
|
||
|
5283000
|
heap
|
page read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
1DDE67A3000
|
heap
|
page read and write
|
||
|
1DDE4788000
|
heap
|
page read and write
|
||
|
1BE489E8000
|
heap
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
1DDE47F1000
|
heap
|
page read and write
|
||
|
31F99E000
|
unkown
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1DDE6A8E000
|
heap
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
23041228000
|
heap
|
page read and write
|
||
|
1232E24F000
|
heap
|
page read and write
|
||
|
1232E23C000
|
heap
|
page read and write
|
||
|
23040FE6000
|
heap
|
page read and write
|
||
|
65AE000
|
stack
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1BE48BF0000
|
heap
|
page read and write
|
||
|
1DDE482E000
|
heap
|
page read and write
|
||
|
1232E221000
|
heap
|
page read and write
|
||
|
1232E236000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
2CE1000
|
trusted library allocation
|
page read and write
|
||
|
1DDE62F0000
|
remote allocation
|
page read and write
|
||
|
1BE48A03000
|
heap
|
page read and write
|
||
|
1DDE479F000
|
heap
|
page read and write
|
||
|
1BE48A12000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
23040F6F000
|
heap
|
page read and write
|
||
|
1DDE6891000
|
heap
|
page read and write
|
||
|
519E000
|
trusted library allocation
|
page read and write
|
||
|
1BE48A04000
|
heap
|
page read and write
|
||
|
1DDE478B000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
917BCFD000
|
stack
|
page read and write
|
||
|
23042D40000
|
heap
|
page read and write
|
||
|
1DDE479F000
|
heap
|
page read and write
|
||
|
1DDE47E9000
|
heap
|
page read and write
|
||
|
12D2000
|
trusted library allocation
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1DDE47D5000
|
heap
|
page read and write
|
||
|
1DDE61A6000
|
heap
|
page read and write
|
||
|
31FE7D000
|
stack
|
page read and write
|
||
|
31FDFE000
|
stack
|
page read and write
|
||
|
2CD7000
|
trusted library allocation
|
page read and write
|
||
|
1DDE480F000
|
heap
|
page read and write
|
||
|
1DDE47CF000
|
heap
|
page read and write
|
||
|
1DDE67FA000
|
heap
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
23041225000
|
heap
|
page read and write
|
||
|
1BE489E8000
|
heap
|
page read and write
|
||
|
1BE48A04000
|
heap
|
page read and write
|
||
|
B9F93FD000
|
stack
|
page read and write
|
||
|
1DDE6891000
|
heap
|
page read and write
|
||
|
2D16000
|
trusted library allocation
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1BE489B1000
|
heap
|
page read and write
|
||
|
1DDE47EB000
|
heap
|
page read and write
|
||
|
6A27000
|
trusted library allocation
|
page read and write
|
||
|
1DDE61A9000
|
heap
|
page read and write
|
||
|
1DDE61B9000
|
heap
|
page read and write
|
||
|
1DDE6804000
|
heap
|
page read and write
|
||
|
1232E1C0000
|
heap
|
page read and write
|
||
|
EEA000
|
heap
|
page read and write
|
||
|
1BE489DF000
|
heap
|
page read and write
|
||
|
1DDE47AE000
|
heap
|
page read and write
|
||
|
1DDE47A5000
|
heap
|
page read and write
|
||
|
1BE489F0000
|
heap
|
page read and write
|
||
|
D678BFF000
|
stack
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1BE48A12000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
66C0000
|
trusted library allocation
|
page read and write
|
||
|
1DDE49F5000
|
heap
|
page read and write
|
||
|
1DDE47D7000
|
heap
|
page read and write
|
||
|
1BE489B1000
|
heap
|
page read and write
|
||
|
1DDE6A8E000
|
heap
|
page read and write
|
||
|
12A4000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
1DDE4738000
|
heap
|
page read and write
|
||
|
5192000
|
trusted library allocation
|
page read and write
|
||
|
1DDE4770000
|
heap
|
page read and write
|
||
|
23040FBC000
|
heap
|
page read and write
|
||
|
1DDE480E000
|
heap
|
page read and write
|
||
|
12E7000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
1DDE49F9000
|
heap
|
page read and write
|
||
|
D6787FE000
|
stack
|
page read and write
|
||
|
66AF000
|
stack
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
D678AFF000
|
stack
|
page read and write
|
||
|
560E000
|
stack
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
6A50000
|
heap
|
page read and write
|
||
|
1232E220000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1BE489DF000
|
heap
|
page read and write
|
||
|
1BE48A12000
|
heap
|
page read and write
|
||
|
917BDFE000
|
stack
|
page read and write
|
||
|
1DDE47D5000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE4786000
|
heap
|
page read and write
|
||
|
1DDE4759000
|
heap
|
page read and write
|
||
|
1232E21B000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
1DDE47F1000
|
heap
|
page read and write
|
||
|
1DDE6997000
|
heap
|
page read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
1DDE4781000
|
heap
|
page read and write
|
||
|
1232E170000
|
heap
|
page read and write
|
||
|
1DDE4786000
|
heap
|
page read and write
|
||
|
1BE48A04000
|
heap
|
page read and write
|
||
|
1BE489E4000
|
heap
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page read and write
|
||
|
1232E21B000
|
heap
|
page read and write
|
||
|
F77000
|
heap
|
page read and write
|
||
|
1BE48A10000
|
heap
|
page read and write
|
||
|
1BE48A03000
|
heap
|
page read and write
|
||
|
D6788FE000
|
stack
|
page read and write
|
||
|
1BE489EA000
|
heap
|
page read and write
|
||
|
1DDE49F8000
|
heap
|
page read and write
|
||
|
12C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DDE47F8000
|
heap
|
page read and write
|
||
|
12330170000
|
remote allocation
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
1DDE6A8D000
|
heap
|
page read and write
|
||
|
1BE489DF000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
23042F93000
|
heap
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page read and write
|
||
|
23040FBC000
|
heap
|
page read and write
|
||
|
917B7FE000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
3D0A000
|
trusted library allocation
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
1DDE479F000
|
heap
|
page read and write
|
||
|
1DDE47FF000
|
heap
|
page read and write
|
||
|
1BE48A03000
|
heap
|
page read and write
|
||
|
642F000
|
stack
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
1232E299000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE6790000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1232E219000
|
heap
|
page read and write
|
||
|
1DDE61A1000
|
heap
|
page read and write
|
||
|
F45000
|
heap
|
page read and write
|
||
|
1BE489DD000
|
heap
|
page read and write
|
||
|
12330070000
|
heap
|
page read and write
|
||
|
1DDE4759000
|
heap
|
page read and write
|
||
|
1DDE47AE000
|
heap
|
page read and write
|
||
|
1232E297000
|
heap
|
page read and write
|
||
|
1BE489F1000
|
heap
|
page read and write
|
||
|
1DDE697A000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE479D000
|
heap
|
page read and write
|
||
|
23042F90000
|
heap
|
page read and write
|
||
|
2CA1000
|
trusted library allocation
|
page read and write
|
||
|
1DDE478E000
|
heap
|
page read and write
|
||
|
1BE489DB000
|
heap
|
page read and write
|
||
|
917BAFF000
|
stack
|
page read and write
|
||
|
1DDE61A1000
|
heap
|
page read and write
|
||
|
1DDE481B000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1DDE47CF000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
23041220000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE47D5000
|
heap
|
page read and write
|
||
|
1DDE49F9000
|
heap
|
page read and write
|
||
|
1DDE61A0000
|
heap
|
page read and write
|
||
|
23040F8D000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
5186000
|
trusted library allocation
|
page read and write
|
||
|
1BE48A12000
|
heap
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
40D16FF000
|
stack
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1BE489F6000
|
heap
|
page read and write
|
||
|
1DDE474C000
|
heap
|
page read and write
|
||
|
917B9FE000
|
stack
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1BE48A03000
|
heap
|
page read and write
|
||
|
1232E242000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1DDE6893000
|
heap
|
page read and write
|
||
|
1E9DDF50000
|
heap
|
page read and write
|
||
|
31FD7B000
|
stack
|
page read and write
|
||
|
1BE489E8000
|
heap
|
page read and write
|
||
|
D6786F1000
|
stack
|
page read and write
|
||
|
1BE489EA000
|
heap
|
page read and write
|
||
|
C39000
|
stack
|
page read and write
|
||
|
1DDE68DE000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1BE489EA000
|
heap
|
page read and write
|
||
|
1DDE4758000
|
heap
|
page read and write
|
||
|
1BE489F4000
|
heap
|
page read and write
|
||
|
51A6000
|
trusted library allocation
|
page read and write
|
||
|
51A1000
|
trusted library allocation
|
page read and write
|
||
|
518E000
|
trusted library allocation
|
page read and write
|
||
|
1DDE68E7000
|
heap
|
page read and write
|
||
|
1DDE49F0000
|
heap
|
page read and write
|
||
|
1232FB90000
|
heap
|
page read and write
|
||
|
1BE48A12000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1BE48A04000
|
heap
|
page read and write
|
||
|
12BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1232E246000
|
heap
|
page read and write
|
||
|
1DDE47F1000
|
heap
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
1232E252000
|
heap
|
page read and write
|
||
|
1DDE47F8000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1BE489E3000
|
heap
|
page read and write
|
||
|
1DDE683F000
|
heap
|
page read and write
|
||
|
2304101C000
|
heap
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
1DDE4759000
|
heap
|
page read and write
|
||
|
1BE489F1000
|
heap
|
page read and write
|
||
|
12DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
23041228000
|
heap
|
page read and write
|
||
|
1DDE479D000
|
heap
|
page read and write
|
||
|
518B000
|
trusted library allocation
|
page read and write
|
||
|
1232E174000
|
heap
|
page read and write
|
||
|
1BE489F6000
|
heap
|
page read and write
|
||
|
5260000
|
heap
|
page execute and read and write
|
||
|
1BE489B1000
|
heap
|
page read and write
|
||
|
12A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DDE481C000
|
heap
|
page read and write
|
||
|
1DDE6922000
|
heap
|
page read and write
|
||
|
1BE489EA000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
12D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
51B2000
|
trusted library allocation
|
page read and write
|
||
|
23040F84000
|
heap
|
page read and write
|
||
|
31FF7B000
|
stack
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
1DDE47E9000
|
heap
|
page read and write
|
||
|
3CC9000
|
trusted library allocation
|
page read and write
|
||
|
1DDE49F9000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE478C000
|
heap
|
page read and write
|
||
|
2C2C000
|
stack
|
page read and write
|
||
|
1DDE61A9000
|
heap
|
page read and write
|
||
|
1DDE482A000
|
heap
|
page read and write
|
||
|
1232E100000
|
heap
|
page read and write
|
||
|
1E9DE2F5000
|
heap
|
page read and write
|
||
|
1DDE4792000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE62F0000
|
remote allocation
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page read and write
|
||
|
1BE489AD000
|
heap
|
page read and write
|
||
|
1E9DE120000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
23040E30000
|
heap
|
page read and write
|
||
|
23040FB5000
|
heap
|
page read and write
|
||
|
1BE489E8000
|
heap
|
page read and write
|
||
|
1BE488F0000
|
heap
|
page read and write
|
||
|
EED000
|
heap
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page read and write
|
||
|
23040F78000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
1232E24F000
|
heap
|
page read and write
|
||
|
1E9DDF10000
|
heap
|
page read and write
|
||
|
1DDE479D000
|
heap
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
1DDE697B000
|
heap
|
page read and write
|
||
|
1232E246000
|
heap
|
page read and write
|
||
|
1232E190000
|
heap
|
page read and write
|
||
|
1DDE61A9000
|
heap
|
page read and write
|
||
|
2D1A000
|
trusted library allocation
|
page read and write
|
||
|
5EEE000
|
stack
|
page read and write
|
||
|
40D177F000
|
stack
|
page read and write
|
||
|
917B6FE000
|
stack
|
page read and write
|
||
|
12330170000
|
remote allocation
|
page read and write
|
||
|
1DDE476C000
|
heap
|
page read and write
|
||
|
F41000
|
heap
|
page read and write
|
||
|
548C000
|
stack
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1DDE47D7000
|
heap
|
page read and write
|
||
|
1DDE47D5000
|
heap
|
page read and write
|
||
|
1BE48BD0000
|
heap
|
page read and write
|
||
|
1DDE68A5000
|
heap
|
page read and write
|
||
|
1232E236000
|
heap
|
page read and write
|
||
|
1DDE4730000
|
heap
|
page read and write
|
||
|
3CA1000
|
trusted library allocation
|
page read and write
|
||
|
1DDE479D000
|
heap
|
page read and write
|
||
|
1232E25F000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1BE489E1000
|
heap
|
page read and write
|
||
|
1DDE67C0000
|
heap
|
page read and write
|
||
|
23040FA7000
|
heap
|
page read and write
|
||
|
55CE000
|
stack
|
page read and write
|
||
|
1DDE479F000
|
heap
|
page read and write
|
||
|
23040F10000
|
heap
|
page read and write
|
||
|
1DDE4850000
|
heap
|
page read and write
|
||
|
B9F98FE000
|
stack
|
page read and write
|
||
|
1DDE6984000
|
heap
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
1232E264000
|
heap
|
page read and write
|
||
|
D678FFE000
|
stack
|
page read and write
|
||
|
1232E264000
|
heap
|
page read and write
|
||
|
520C000
|
stack
|
page read and write
|
||
|
1DDE689E000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1232E297000
|
heap
|
page read and write
|
||
|
1DDE68AA000
|
heap
|
page read and write
|
||
|
B9F96FF000
|
stack
|
page read and write
|
||
|
917BFFB000
|
stack
|
page read and write
|
||
|
12AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE48910000
|
heap
|
page read and write
|
||
|
31F917000
|
stack
|
page read and write
|
||
|
1DDE67CA000
|
heap
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
D39000
|
stack
|
page read and write
|
||
|
1DDE6891000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE477D000
|
heap
|
page read and write
|
||
|
1DDE47D2000
|
heap
|
page read and write
|
||
|
1DDE62F0000
|
remote allocation
|
page read and write
|
||
|
1DDE49F8000
|
heap
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
23040FAC000
|
heap
|
page read and write
|
||
|
1DDE478B000
|
heap
|
page read and write
|
||
|
1DDE4815000
|
heap
|
page read and write
|
||
|
1DDE49FB000
|
heap
|
page read and write
|
||
|
1E9DF9F0000
|
heap
|
page read and write
|
||
|
1DDE482E000
|
heap
|
page read and write
|
||
|
1232E221000
|
heap
|
page read and write
|
||
|
EE8000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1232E297000
|
heap
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
66B0000
|
trusted library allocation
|
page read and write
|
||
|
1DDE6953000
|
heap
|
page read and write
|
||
|
1BE48A12000
|
heap
|
page read and write
|
||
|
12C2000
|
trusted library allocation
|
page read and write
|
||
|
1DDE68AA000
|
heap
|
page read and write
|
||
|
1DDE697A000
|
heap
|
page read and write
|
||
|
66C7000
|
trusted library allocation
|
page read and write
|
||
|
4CA8000
|
trusted library allocation
|
page read and write
|
||
|
67F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DDE482E000
|
heap
|
page read and write
|
||
|
23042D41000
|
heap
|
page read and write
|
||
|
1DDE61A9000
|
heap
|
page read and write
|
||
|
23040FBC000
|
heap
|
page read and write
|
||
|
1DDE67AC000
|
heap
|
page read and write
|
||
|
1BE488E0000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1232E299000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1BE48A04000
|
heap
|
page read and write
|
||
|
D678EFD000
|
stack
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE61AE000
|
heap
|
page read and write
|
||
|
1DDE6896000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
1DDE6819000
|
heap
|
page read and write
|
||
|
1DDE482E000
|
heap
|
page read and write
|
||
|
23040F9F000
|
heap
|
page read and write
|
||
|
1E9DE2F0000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
570F000
|
stack
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1232E3E0000
|
heap
|
page read and write
|
||
|
1DDE4827000
|
heap
|
page read and write
|
||
|
1BE489DF000
|
heap
|
page read and write
|
||
|
1232E3E5000
|
heap
|
page read and write
|
||
|
2CED000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
6A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE489E2000
|
heap
|
page read and write
|
||
|
1BE48BF5000
|
heap
|
page read and write
|
||
|
1E9DDF20000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
EDC000
|
heap
|
page read and write
|
||
|
F7F000
|
heap
|
page read and write
|
||
|
1DDE47D8000
|
heap
|
page read and write
|
||
|
1DDE68AD000
|
heap
|
page read and write
|
||
|
1DDE4794000
|
heap
|
page read and write
|
||
|
6108000
|
heap
|
page read and write
|
||
|
1DDE47ED000
|
heap
|
page read and write
|
||
|
1DDE68AB000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE47A5000
|
heap
|
page read and write
|
||
|
1DDE480F000
|
heap
|
page read and write
|
||
|
1232E120000
|
heap
|
page read and write
|
||
|
1DDE4811000
|
heap
|
page read and write
|
||
|
1DDE4789000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
66BD000
|
trusted library allocation
|
page read and write
|
||
|
1DDE4830000
|
heap
|
page read and write
|
||
|
1BE48930000
|
heap
|
page read and write
|
||
|
1BE489EB000
|
heap
|
page read and write
|
||
|
23042D57000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
1BE48A03000
|
heap
|
page read and write
|
||
|
1DDE4650000
|
heap
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE684C000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
23040FB4000
|
heap
|
page read and write
|
||
|
917B35A000
|
stack
|
page read and write
|
||
|
1DDE479F000
|
heap
|
page read and write
|
||
|
1BE489E8000
|
heap
|
page read and write
|
||
|
1DDE477C000
|
heap
|
page read and write
|
||
|
23040F30000
|
heap
|
page read and write
|
||
|
1DDE6791000
|
heap
|
page read and write
|
||
|
1DDE47ED000
|
heap
|
page read and write
|
||
|
1DDE479D000
|
heap
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE48A04000
|
heap
|
page read and write
|
||
|
31FFFF000
|
stack
|
page read and write
|
||
|
1DDE47CF000
|
heap
|
page read and write
|
||
|
2D18000
|
trusted library allocation
|
page read and write
|
||
|
1BE489DF000
|
heap
|
page read and write
|
||
|
1DDE47AE000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1DDE47E9000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1DDE480F000
|
heap
|
page read and write
|
||
|
2CDF000
|
trusted library allocation
|
page read and write
|
||
|
1BE489F0000
|
heap
|
page read and write
|
||
|
1DDE47F7000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
D40000
|
remote allocation
|
page execute and read and write
|
||
|
1DDE4800000
|
heap
|
page read and write
|
||
|
580D000
|
stack
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
ED2000
|
heap
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
31FCFF000
|
stack
|
page read and write
|
||
|
1DDE6320000
|
heap
|
page read and write
|
||
|
1DDE67A4000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE47E2000
|
heap
|
page read and write
|
||
|
B9F94FF000
|
stack
|
page read and write
|
||
|
6A80000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
FEF90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DDE47FF000
|
heap
|
page read and write
|
||
|
670D000
|
stack
|
page read and write
|
||
|
12330170000
|
remote allocation
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
5819000
|
trusted library allocation
|
page read and write
|
||
|
1BE489A4000
|
heap
|
page read and write
|
||
|
1DDE68D1000
|
heap
|
page read and write
|
||
|
23040FA9000
|
heap
|
page read and write
|
||
|
23042D60000
|
heap
|
page read and write
|
||
|
1BE489DF000
|
heap
|
page read and write
|
||
|
1BE48A12000
|
heap
|
page read and write
|
||
|
1DDE67E7000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE47CF000
|
heap
|
page read and write
|
||
|
31FC7E000
|
stack
|
page read and write
|
||
|
1DDE61AD000
|
heap
|
page read and write
|
||
|
1232FCC0000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
1DDE476B000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
1DDE47A5000
|
heap
|
page read and write
|
||
|
1DDE61B0000
|
heap
|
page read and write
|
||
|
2304101D000
|
heap
|
page read and write
|
||
|
1BE489E6000
|
heap
|
page read and write
|
||
|
1BE48A0F000
|
heap
|
page read and write
|
||
|
23040FA7000
|
heap
|
page read and write
|
||
|
1232FB9B000
|
heap
|
page read and write
|
||
|
1DDE47AE000
|
heap
|
page read and write
|
||
|
1DDE68B4000
|
heap
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
||
|
1DDE4786000
|
heap
|
page read and write
|
||
|
1DDE49FE000
|
heap
|
page read and write
|
There are 576 hidden memdumps, click here to show them.