Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Us051y7j25.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nxmr[1].exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\tdrpl[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1082429028.exe
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1091722296.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1239611256.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\146916724.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1881231804.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\21324.scr
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2314627202.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3336719498.exe
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\jacrzswcvuml.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Google\Libs\WR64.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Windows\sysppvrdnvs.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\1881231804.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\1[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\3[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\5[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\2[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\4[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_14qh4nm0.p5f.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1sz3rpw4.dzv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2c3hm42o.ld0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2hl3jjxm.oha.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4uadpr33.h0x.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4ugba5jg.bxw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4xipuaab.g34.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5cehqxf4.krl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bxt42d4i.nfe.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fjk0g44u.olh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gjfslgz4.1gf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_grqjuq4n.irv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kxt4kdf2.1of.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lbufvkp0.djc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lgkljmwu.uco.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s3iti3fc.eur.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_soq3332j.kzj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_unya5ro4.1rs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vh0o1iq4.kfw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yk2gyel2.4uu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\tbtnds.dat
|
OpenPGP Public Key
|
dropped
|
There are 33 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Us051y7j25.exe
|
"C:\Users\user\Desktop\Us051y7j25.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\21324.scr
|
"C:\Users\user\AppData\Local\Temp\21324.scr" /S
|
|
|
|
C:\Windows\sysppvrdnvs.exe
|
C:\Windows\sysppvrdnvs.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c powershell -Command "Add-MpPreference -ExclusionPath $env:windir; Add-MpPreference -ExclusionPath
$env:TEMP; Add-MpPreference -ExclusionPath $env:USERPROFILE"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop DoSvc & sc stop BITS /wait
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop UsoSvc
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "Add-MpPreference -ExclusionPath $env:windir; Add-MpPreference -ExclusionPath $env:TEMP; Add-MpPreference
-ExclusionPath $env:USERPROFILE"
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop WaaSMedicSvc
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop wuauserv
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop DoSvc
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop BITS /wait
|
|
|
|
C:\Windows\sysppvrdnvs.exe
|
"C:\Windows\sysppvrdnvs.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\1881231804.exe
|
C:\Users\user\AppData\Local\Temp\1881231804.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Windows Upgrade Manager"
/f
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c schtasks /delete /f /tn "Windows Upgrade Manager"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /delete /f /tn "Windows Upgrade Manager"
|
|
|
|
C:\Users\user\AppData\Local\Temp\2314627202.exe
|
C:\Users\user\AppData\Local\Temp\2314627202.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\1091722296.exe
|
C:\Users\user\AppData\Local\Temp\1091722296.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\1239611256.exe
|
C:\Users\user\AppData\Local\Temp\1239611256.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\146916724.exe
|
C:\Users\user\AppData\Local\Temp\146916724.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#evrkcgqew#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /tn 'Microsoft Windows Security' /tr '''C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe'''
} Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe')
-Trigger (New-ScheduledTaskTrigger -AtLogOn) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate
-DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'Microsoft Windows
Security' -RunLevel 'Highest' -Force; }
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe
|
"C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#evrkcgqew#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /tn 'Microsoft Windows Security' /tr '''C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe'''
} Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe')
-Trigger (New-ScheduledTaskTrigger -AtLogOn) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate
-DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'Microsoft Windows
Security' -RunLevel 'Highest' -Force; }
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\System32\conhost.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#ydcfdz#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /tn 'Microsoft Windows Security' /tr '''C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe'''
} Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe')
-Trigger (New-ScheduledTaskTrigger -AtLogOn) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate
-DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'Microsoft Windows
Security' -RunLevel 'Highest' -Force; }
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\dwm.exe
|
C:\Windows\System32\dwm.exe
|
|
|
|
C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe
|
"C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#evrkcgqew#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /tn 'Microsoft Windows Security' /tr '''C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe'''
} Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe')
-Trigger (New-ScheduledTaskTrigger -AtLogOn) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate
-DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'Microsoft Windows
Security' -RunLevel 'Highest' -Force; }
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\reg.exe
|
reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Windows Upgrade Manager" /f
|
There are 27 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://91.202.233.141/
|
unknown
|
|
|
|
http://185.215.113.66/
|
unknown
|
|
|
|
http://185.215.113.66/tdrpl.exe
|
185.215.113.66
|
|
|
|
http://185.215.113.66/reg.php?s=%s
|
unknown
|
||
|
http://www.t.com/pk
|
unknown
|
||
|
http://185.215.113.84/nxmr.exe
|
unknown
|
||
|
http://185.215.113.84/nxmr.exep
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASDMozilla/5.0
|
unknown
|
||
|
http://185.215.113.66/tdrpl.exeystem32
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://185.215.113.66/1E
|
unknown
|
||
|
http://185.215.113.66/tdrpl.exeUUC:
|
unknown
|
||
|
http://91.202.233.141/der
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://185.215.113.84/nxmr.exeP0
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://91.202.233.141/1
|
unknown
|
||
|
http://185.215.113.66/5hR&
|
unknown
|
||
|
http://91.202.233.141/2
|
unknown
|
||
|
http://185.215.113.66/1zR
|
unknown
|
||
|
http://91.202.233.141/5
|
unknown
|
||
|
http://91.202.233.141/3
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASDO
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASDH
|
unknown
|
||
|
http://185.215.113.66/4C:
|
unknown
|
||
|
http://185.215.113.66/1MR
|
unknown
|
||
|
http://crl.m5
|
unknown
|
||
|
http://185.215.113.66/17.36C:
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASD?
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASD
|
unknown
|
||
|
http://91.202.233.141/4#
|
unknown
|
||
|
http://www.microsoft.c
|
unknown
|
||
|
http://91.202.233.141/TLOADEDBROMozilla/5.0
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://185.215.113.66/tdrpl.exe2
|
unknown
|
||
|
http://185.215.113.84/U
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASD1
|
unknown
|
||
|
http://185.215.113.66/tdrpl.exeLMEM
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
http://185.215.113.66/1x
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://185.215.113.66/http://91.202.233.141/12345%s%s%s:Zone.Identifier%userprofile%%windir%%s
|
unknown
|
||
|
http://91.202.233.141/2MR
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://185.215.113.66/5
|
unknown
|
||
|
http://185.215.113.66/4
|
unknown
|
||
|
http://185.215.113.66/5aR-
|
unknown
|
||
|
http://185.215.113.66/3
|
unknown
|
||
|
http://185.215.113.66/2
|
unknown
|
||
|
http://185.215.113.66/ws
|
unknown
|
||
|
http://185.215.113.66/1FR
|
unknown
|
||
|
http://185.215.113.66/1C:
|
unknown
|
||
|
http://185.215.113.66/3_R
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://185.215.113.66/1
|
unknown
|
||
|
http://185.215.113.66/1_R
|
unknown
|
||
|
http://185.215.113.66/reg.php?s=%sMozilla/5.0
|
unknown
|
||
|
http://91.202.233.141//Rg
|
unknown
|
||
|
http://185.215.113.66/1t
|
unknown
|
||
|
http://91.202.233.141/4r
|
unknown
|
||
|
http://185.215.113.66/tdrp.exe%s:Zone.Identifier/c
|
unknown
|
||
|
http://185.215.113.66/1tR
|
unknown
|
||
|
http://185.215.113.66/5C:
|
unknown
|
||
|
http://185.215.113.84/nxmr.exeM
|
unknown
|
||
|
http://185.215.113.66/2zR
|
unknown
|
||
|
http://185.215.113.84/
|
unknown
|
||
|
http://185.215.113.84/nxmr.exeF
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://185.215.113.84/nxmr.exeH
|
unknown
|
||
|
http://185.215.113.66/1$
|
unknown
|
||
|
https://xmrig.com/docs/algorithms
|
unknown
|
||
|
http://91.202.233.141/tography
|
unknown
|
||
|
http://185.215.113.66/tdrpl.exel
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://185.215.113.66/tdrpl.exeC:
|
unknown
|
||
|
http://185.215.113.66/tdrpl.exen
|
unknown
|
||
|
http://185.215.113.66/tdrp.exe
|
unknown
|
||
|
http://185.215.113.66/4MMC:
|
unknown
|
||
|
http://185.215.113.66/3405117-2476756634-1003$
|
unknown
|
||
|
http://185.215.113.66/2t
|
unknown
|
There are 75 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
twizthash.net
|
185.215.113.66
|
|
|
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.215.113.66
|
twizthash.net
|
Portugal
|
|
|
|
91.202.233.141
|
unknown
|
Russian Federation
|
|
|
|
91.246.92.22
|
unknown
|
Russian Federation
|
|
|
|
85.233.153.109
|
unknown
|
Russian Federation
|
|
|
|
93.188.83.238
|
unknown
|
Russian Federation
|
|
|
|
151.243.242.97
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
85.173.115.180
|
unknown
|
Russian Federation
|
|
|
|
178.91.91.225
|
unknown
|
Kazakhstan
|
|
|
|
90.156.163.121
|
unknown
|
Russian Federation
|
|
|
|
94.158.52.97
|
unknown
|
Uzbekistan
|
|
|
|
90.156.163.55
|
unknown
|
Russian Federation
|
|
|
|
213.230.97.241
|
unknown
|
Uzbekistan
|
|
|
|
46.100.164.239
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
77.240.41.3
|
unknown
|
Kazakhstan
|
|
|
|
90.156.160.66
|
unknown
|
Russian Federation
|
|
|
|
213.206.45.227
|
unknown
|
Uzbekistan
|
|
|
|
78.39.234.9
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
62.209.135.143
|
unknown
|
Uzbekistan
|
|
|
|
2.181.31.167
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
80.191.218.209
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
188.212.80.105
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
198.163.192.16
|
unknown
|
United States
|
||
|
90.156.162.125
|
unknown
|
Russian Federation
|
||
|
78.37.229.249
|
unknown
|
Russian Federation
|
||
|
89.218.239.82
|
unknown
|
Kazakhstan
|
||
|
95.58.216.162
|
unknown
|
Kazakhstan
|
||
|
37.151.113.156
|
unknown
|
Kazakhstan
|
||
|
5.237.148.223
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
92.47.47.166
|
unknown
|
Kazakhstan
|
||
|
59.91.192.122
|
unknown
|
India
|
||
|
185.215.113.84
|
unknown
|
Portugal
|
||
|
2.178.164.63
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
197.165.192.61
|
unknown
|
Egypt
|
||
|
94.183.35.46
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
5.239.153.192
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
178.22.171.158
|
unknown
|
Kazakhstan
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
94.230.230.211
|
unknown
|
Uzbekistan
|
||
|
88.151.180.214
|
unknown
|
Kazakhstan
|
||
|
88.204.242.226
|
unknown
|
Kazakhstan
|
There are 30 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
FirewallOverride
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
FirewallDisableNotify
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
AntiSpywareOverride
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
AntiVirusOverride
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
AntiVirusDisableNotify
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
UpdatesOverride
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
UpdatesDisableNotify
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
Windows Settings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
|
DisableWindowsUpdate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
|
AlwaysAutoUpdate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
|
OverrideNotice
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS
|
Start
|
There are 2 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
7FF7AD1CB000
|
unkown
|
page read and write
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
7C7000
|
heap
|
page read and write
|
|
|
|
2640F711000
|
heap
|
page read and write
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
F6F000
|
stack
|
page read and write
|
||
|
7DF4E0D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AE000
|
heap
|
page read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DF0CE0000
|
heap
|
page read and write
|
||
|
D1C3D46000
|
stack
|
page read and write
|
||
|
FAE000
|
stack
|
page read and write
|
||
|
25207885000
|
heap
|
page read and write
|
||
|
EE7137F000
|
stack
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E265EF000
|
heap
|
page read and write
|
||
|
65C000
|
stack
|
page read and write
|
||
|
7FF7AD1B0000
|
unkown
|
page readonly
|
||
|
7FFD34847000
|
trusted library allocation
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
25207790000
|
heap
|
page read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
872000
|
unkown
|
page readonly
|
||
|
7FFD34694000
|
trusted library allocation
|
page read and write
|
||
|
15D90021000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
25E0DBD5000
|
heap
|
page read and write
|
||
|
25E0EC79000
|
trusted library allocation
|
page read and write
|
||
|
EE711F7000
|
stack
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
25E2658E000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
163E000
|
stack
|
page read and write
|
||
|
26411110000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
25221815000
|
heap
|
page read and write
|
||
|
15DF0F90000
|
heap
|
page readonly
|
||
|
43BF000
|
stack
|
page read and write
|
||
|
7FFD34ACD000
|
trusted library allocation
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
7FFD34970000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3467B000
|
trusted library allocation
|
page read and write
|
||
|
2F44A77000
|
stack
|
page read and write
|
||
|
7FFD34A00000
|
trusted library allocation
|
page read and write
|
||
|
252217CE000
|
heap
|
page read and write
|
||
|
25207809000
|
heap
|
page read and write
|
||
|
15DF3504000
|
heap
|
page read and write
|
||
|
25E26582000
|
heap
|
page read and write
|
||
|
7FFD349DC000
|
trusted library allocation
|
page read and write
|
||
|
84EBDFF000
|
stack
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
7FF7AD1CB000
|
unkown
|
page write copy
|
||
|
57E000
|
stack
|
page read and write
|
||
|
2641205C000
|
heap
|
page read and write
|
||
|
7FFD34A6A000
|
trusted library allocation
|
page read and write
|
||
|
25E0C153000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page execute and read and write
|
||
|
604000
|
unkown
|
page readonly
|
||
|
199000
|
stack
|
page read and write
|
||
|
25219441000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
7FFD34AA0000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
unkown
|
page readonly
|
||
|
7FF690A79000
|
unkown
|
page readonly
|
||
|
414000
|
unkown
|
page write copy
|
||
|
25E0DB70000
|
heap
|
page execute and read and write
|
||
|
7FFD34A60000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
120A000
|
heap
|
page read and write
|
||
|
7FF7AD745000
|
unkown
|
page write copy
|
||
|
26410F70000
|
heap
|
page read and write
|
||
|
25E0DBEA000
|
heap
|
page read and write
|
||
|
75B000
|
stack
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
7FFD34A70000
|
trusted library allocation
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
90E000
|
heap
|
page read and write
|
||
|
871000
|
unkown
|
page execute read
|
||
|
7FFD34756000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F448FB000
|
stack
|
page read and write
|
||
|
7FF4877D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34940000
|
trusted library allocation
|
page read and write
|
||
|
37B000
|
stack
|
page read and write
|
||
|
7FFD34A50000
|
trusted library allocation
|
page read and write
|
||
|
15DF2AA1000
|
heap
|
page read and write
|
||
|
2520AF90000
|
trusted library allocation
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
BF5000
|
stack
|
page read and write
|
||
|
7FF690A85000
|
unkown
|
page write copy
|
||
|
15D81A68000
|
trusted library allocation
|
page read and write
|
||
|
25E0FAFE000
|
trusted library allocation
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
26411020000
|
direct allocation
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
84EBE7F000
|
stack
|
page read and write
|
||
|
7FFD34664000
|
trusted library allocation
|
page read and write
|
||
|
D1C3DCA000
|
stack
|
page read and write
|
||
|
31A8000
|
heap
|
page read and write
|
||
|
25219451000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
2E3F000
|
stack
|
page read and write
|
||
|
26411300000
|
heap
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
49FF000
|
stack
|
page read and write
|
||
|
389E000
|
stack
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
84EC2FF000
|
stack
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349E0000
|
trusted library allocation
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
25E0DD50000
|
heap
|
page read and write
|
||
|
15DF0CF0000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
1E7E0C50000
|
heap
|
page read and write
|
||
|
141000
|
unkown
|
page execute read
|
||
|
2F9C000
|
stack
|
page read and write
|
||
|
25209421000
|
trusted library allocation
|
page read and write
|
||
|
143D000
|
stack
|
page read and write
|
||
|
22AD000
|
stack
|
page read and write
|
||
|
15DF3182000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
25221B6E000
|
heap
|
page read and write
|
||
|
403E000
|
stack
|
page read and write
|
||
|
7FFD34AC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3468D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF7AD742000
|
unkown
|
page read and write
|
||
|
15DF2A67000
|
heap
|
page execute and read and write
|
||
|
90E000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
25E268C9000
|
heap
|
page read and write
|
||
|
25E0EEAA000
|
trusted library allocation
|
page read and write
|
||
|
3650000
|
heap
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
1851D1D0000
|
unkown
|
page read and write
|
||
|
25E0C180000
|
heap
|
page read and write
|
||
|
15DF0DA8000
|
heap
|
page read and write
|
||
|
2F4584A000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FFD3466B000
|
trusted library allocation
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
7AA000
|
heap
|
page read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
7FFD34716000
|
trusted library allocation
|
page read and write
|
||
|
139B7000
|
trusted library allocation
|
page read and write
|
||
|
7FF69050B000
|
unkown
|
page read and write
|
||
|
3549000
|
heap
|
page read and write
|
||
|
7FFD3481A000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
18AE000
|
stack
|
page read and write
|
||
|
299D000
|
stack
|
page read and write
|
||
|
25E0C149000
|
heap
|
page read and write
|
||
|
7FFD3465D000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DF0D6B000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
7FF6904F1000
|
unkown
|
page execute read
|
||
|
1DE7A350000
|
heap
|
page read and write
|
||
|
436F9FE000
|
stack
|
page read and write
|
||
|
CA3000
|
heap
|
page read and write
|
||
|
15D80229000
|
trusted library allocation
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
3547000
|
heap
|
page read and write
|
||
|
875000
|
unkown
|
page readonly
|
||
|
697000
|
heap
|
page read and write
|
||
|
7FF7AD1CC000
|
unkown
|
page write copy
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
25E0DF40000
|
heap
|
page execute and read and write
|
||
|
252219A0000
|
heap
|
page read and write
|
||
|
C92000
|
unkown
|
page readonly
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
7FFD3482A000
|
trusted library allocation
|
page read and write
|
||
|
7FF7B89C8000
|
unkown
|
page readonly
|
||
|
2520A5C7000
|
trusted library allocation
|
page read and write
|
||
|
1D4BF190000
|
heap
|
page read and write
|
||
|
25E265C8000
|
heap
|
page read and write
|
||
|
726000
|
heap
|
page read and write
|
||
|
601000
|
unkown
|
page execute read
|
||
|
7FFD349D8000
|
trusted library allocation
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
1C9E0000
|
heap
|
page read and write
|
||
|
7FF7AD740000
|
unkown
|
page read and write
|
||
|
15DF2A9C000
|
heap
|
page read and write
|
||
|
7FFD34654000
|
trusted library allocation
|
page read and write
|
||
|
15D8119D000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
D1C3C4E000
|
stack
|
page read and write
|
||
|
25E1E238000
|
trusted library allocation
|
page read and write
|
||
|
2FDB000
|
stack
|
page read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
354A000
|
heap
|
page read and write
|
||
|
D4B000
|
heap
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
84EB969000
|
stack
|
page read and write
|
||
|
15DF3192000
|
heap
|
page read and write
|
||
|
7FFD34746000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
2F4467F000
|
stack
|
page read and write
|
||
|
7FFD349CC000
|
trusted library allocation
|
page read and write
|
||
|
7FF690A85000
|
unkown
|
page write copy
|
||
|
3110000
|
heap
|
page read and write
|
||
|
CAC000
|
heap
|
page read and write
|
||
|
25E2675F000
|
heap
|
page read and write
|
||
|
7FFD3470C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DE79FE0000
|
heap
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
70C000
|
stack
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
15D902F1000
|
trusted library allocation
|
page read and write
|
||
|
25E0F23C000
|
trusted library allocation
|
page read and write
|
||
|
C92000
|
unkown
|
page readonly
|
||
|
7FFD34AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
79B000
|
heap
|
page read and write
|
||
|
7FFD34950000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
2521970A000
|
trusted library allocation
|
page read and write
|
||
|
1DE7A060000
|
heap
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
7FFD34990000
|
trusted library allocation
|
page read and write
|
||
|
15DF2AF7000
|
heap
|
page read and write
|
||
|
2641525C000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
387F000
|
stack
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
15DF319A000
|
heap
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
2AFD000
|
stack
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
7FFD34B00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E1DFBA000
|
trusted library allocation
|
page read and write
|
||
|
25219703000
|
trusted library allocation
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
F0AF28E000
|
stack
|
page read and write
|
||
|
321E000
|
stack
|
page read and write
|
||
|
D1C2DFD000
|
stack
|
page read and write
|
||
|
25221A00000
|
heap
|
page read and write
|
||
|
2520A13D000
|
trusted library allocation
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
1851D280000
|
heap
|
page read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
2520922B000
|
heap
|
page read and write
|
||
|
84EBFFE000
|
stack
|
page read and write
|
||
|
7FFD34AC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
2F447F9000
|
stack
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
7FFD34950000
|
trusted library allocation
|
page read and write
|
||
|
25221B60000
|
heap
|
page read and write
|
||
|
2520AF0C000
|
trusted library allocation
|
page read and write
|
||
|
875000
|
unkown
|
page readonly
|
||
|
15DF0D3F000
|
heap
|
page read and write
|
||
|
7FFD34AE0000
|
trusted library allocation
|
page read and write
|
||
|
4B0000
|
unkown
|
page readonly
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
15D80F53000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
7FF7AD745000
|
unkown
|
page write copy
|
||
|
D1C2FF8000
|
stack
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
C91000
|
unkown
|
page execute read
|
||
|
2BE4FF50000
|
unkown
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
7FFD349F0000
|
trusted library allocation
|
page read and write
|
||
|
25E266B7000
|
heap
|
page read and write
|
||
|
270D000
|
stack
|
page read and write
|
||
|
7FFD34663000
|
trusted library allocation
|
page execute and read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
2520785E000
|
heap
|
page read and write
|
||
|
25E0FAC3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3480A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348F0000
|
trusted library allocation
|
page read and write
|
||
|
25E0DA50000
|
trusted library allocation
|
page read and write
|
||
|
26411179000
|
heap
|
page read and write
|
||
|
74B000
|
heap
|
page read and write
|
||
|
7FF7AD745000
|
unkown
|
page write copy
|
||
|
7FFD34672000
|
trusted library allocation
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
252077F0000
|
trusted library section
|
page read and write
|
||
|
2F446FE000
|
stack
|
page read and write
|
||
|
25221992000
|
heap
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
2BE4FBC0000
|
heap
|
page read and write
|
||
|
7FFD34920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
139B9000
|
trusted library allocation
|
page read and write
|
||
|
2F44C7E000
|
stack
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
7FFD349F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF7AD746000
|
unkown
|
page readonly
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
26412A5C000
|
heap
|
page read and write
|
||
|
43FE000
|
stack
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
2B3D000
|
stack
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
15DF31C8000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
D1C2D7A000
|
stack
|
page read and write
|
||
|
38BE000
|
stack
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
2640F6F6000
|
heap
|
page read and write
|
||
|
3549000
|
heap
|
page read and write
|
||
|
3544000
|
heap
|
page read and write
|
||
|
25E268B0000
|
heap
|
page read and write
|
||
|
7FFD34A90000
|
trusted library allocation
|
page read and write
|
||
|
C94000
|
unkown
|
page read and write
|
||
|
25209E21000
|
trusted library allocation
|
page read and write
|
||
|
15DF3000000
|
heap
|
page read and write
|
||
|
25E2675A000
|
heap
|
page read and write
|
||
|
A6EAC7F000
|
stack
|
page read and write
|
||
|
7FFD349EC000
|
trusted library allocation
|
page read and write
|
||
|
477F000
|
stack
|
page read and write
|
||
|
2640F712000
|
heap
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
25221AF0000
|
heap
|
page read and write
|
||
|
25221E10000
|
heap
|
page read and write
|
||
|
7FF7AD1CB000
|
unkown
|
page read and write
|
||
|
7FFD349B0000
|
trusted library allocation
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
263F000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7FFD34842000
|
trusted library allocation
|
page read and write
|
||
|
2500000
|
heap
|
page read and write
|
||
|
25E0DDD9000
|
heap
|
page read and write
|
||
|
15DF0FA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
3545000
|
heap
|
page read and write
|
||
|
252219CE000
|
heap
|
page read and write
|
||
|
7FFD3472C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34837000
|
trusted library allocation
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
7FFD349E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A80000
|
trusted library allocation
|
page read and write
|
||
|
25207950000
|
trusted library allocation
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
25E1DF81000
|
trusted library allocation
|
page read and write
|
||
|
3AFF000
|
stack
|
page read and write
|
||
|
7FFD349C0000
|
trusted library allocation
|
page read and write
|
||
|
25207900000
|
trusted library section
|
page read and write
|
||
|
7FFD347F2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
25207940000
|
heap
|
page readonly
|
||
|
3DBE000
|
stack
|
page read and write
|
||
|
25207770000
|
heap
|
page read and write
|
||
|
377E000
|
stack
|
page read and write
|
||
|
EE71279000
|
stack
|
page read and write
|
||
|
719000
|
heap
|
page read and write
|
||
|
15D90301000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
74E000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
873000
|
unkown
|
page write copy
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
BC6000
|
heap
|
page read and write
|
||
|
7FF690A82000
|
unkown
|
page read and write
|
||
|
126A000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
30DF000
|
stack
|
page read and write
|
||
|
15DF317E000
|
heap
|
page read and write
|
||
|
15DF0D20000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
2521948A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AA0000
|
trusted library allocation
|
page read and write
|
||
|
C79000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2641115B000
|
heap
|
page read and write
|
||
|
1D4BF0F0000
|
heap
|
page read and write
|
||
|
7FFD34AD0000
|
trusted library allocation
|
page read and write
|
||
|
79B000
|
heap
|
page read and write
|
||
|
7DF4E0D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
26411070000
|
direct allocation
|
page execute and read and write
|
||
|
2F44D7B000
|
stack
|
page read and write
|
||
|
436F7ED000
|
stack
|
page read and write
|
||
|
15DF0D65000
|
heap
|
page read and write
|
||
|
2640F7A2000
|
heap
|
page read and write
|
||
|
3543000
|
heap
|
page read and write
|
||
|
26411105000
|
heap
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
360E000
|
stack
|
page read and write
|
||
|
C97000
|
heap
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
EE7147E000
|
stack
|
page read and write
|
||
|
7FFD34662000
|
trusted library allocation
|
page read and write
|
||
|
25E0DF51000
|
trusted library allocation
|
page read and write
|
||
|
2520AFCB000
|
trusted library allocation
|
page read and write
|
||
|
7FF7AD746000
|
unkown
|
page readonly
|
||
|
EE713FE000
|
stack
|
page read and write
|
||
|
15DF3136000
|
heap
|
page read and write
|
||
|
3549000
|
heap
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page execute and read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
7FF69050B000
|
unkown
|
page write copy
|
||
|
26411160000
|
heap
|
page read and write
|
||
|
25E265D7000
|
heap
|
page read and write
|
||
|
15D81AF4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34900000
|
trusted library allocation
|
page read and write
|
||
|
2F44BFE000
|
stack
|
page read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
7FF7AD739000
|
unkown
|
page readonly
|
||
|
78E000
|
heap
|
page read and write
|
||
|
D1C2F79000
|
stack
|
page read and write
|
||
|
2E5D000
|
stack
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2520AE22000
|
trusted library allocation
|
page read and write
|
||
|
25E0EADF000
|
trusted library allocation
|
page read and write
|
||
|
25E266DD000
|
heap
|
page read and write
|
||
|
7FF7B89BA000
|
unkown
|
page read and write
|
||
|
25221B24000
|
heap
|
page read and write
|
||
|
2520B258000
|
trusted library allocation
|
page read and write
|
||
|
15D90031000
|
trusted library allocation
|
page read and write
|
||
|
1238000
|
heap
|
page read and write
|
||
|
252093F0000
|
heap
|
page execute and read and write
|
||
|
2640F5C0000
|
heap
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0FA40000
|
trusted library allocation
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
15D81B39000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
31DB000
|
stack
|
page read and write
|
||
|
7FFD34AD0000
|
trusted library allocation
|
page read and write
|
||
|
25E0C18E000
|
heap
|
page read and write
|
||
|
25207690000
|
heap
|
page read and write
|
||
|
374E000
|
stack
|
page read and write
|
||
|
142000
|
unkown
|
page readonly
|
||
|
795000
|
heap
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
25E2673F000
|
heap
|
page read and write
|
||
|
18EE000
|
stack
|
page read and write
|
||
|
84EBCFF000
|
stack
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
39FE000
|
stack
|
page read and write
|
||
|
7FFD34720000
|
trusted library allocation
|
page read and write
|
||
|
7FF7B89C3000
|
unkown
|
page read and write
|
||
|
15D81DD7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34672000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AF2000
|
trusted library allocation
|
page read and write
|
||
|
453E000
|
stack
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
871000
|
unkown
|
page execute read
|
||
|
2E53000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
260D000
|
stack
|
page read and write
|
||
|
15D80DBE000
|
trusted library allocation
|
page read and write
|
||
|
413F000
|
stack
|
page read and write
|
||
|
BFD000
|
heap
|
page read and write
|
||
|
15DF0DA6000
|
heap
|
page read and write
|
||
|
7FFD34832000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
2641665C000
|
heap
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
25207990000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
2520784C000
|
heap
|
page read and write
|
||
|
C91000
|
unkown
|
page execute read
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
916000
|
heap
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
7FFD34920000
|
trusted library allocation
|
page read and write
|
||
|
2BE4FB90000
|
heap
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
D1C3CCA000
|
stack
|
page read and write
|
||
|
1D4BF110000
|
unkown
|
page read and write
|
||
|
25219722000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
7FFD34746000
|
trusted library allocation
|
page execute and read and write
|
||
|
25219712000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34684000
|
trusted library allocation
|
page read and write
|
||
|
26411160000
|
heap
|
page read and write
|
||
|
7FF7B89A1000
|
unkown
|
page execute read
|
||
|
7FFD34920000
|
trusted library allocation
|
page read and write
|
||
|
25E0DBD0000
|
heap
|
page read and write
|
||
|
144000
|
unkown
|
page readonly
|
||
|
25E0C161000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
D1C2B7E000
|
stack
|
page read and write
|
||
|
601000
|
unkown
|
page execute read
|
||
|
460000
|
heap
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
1D4BF490000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
7FF6904F0000
|
unkown
|
page readonly
|
||
|
78E000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page execute and read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
7FFD349C9000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FFD34653000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34AB0000
|
trusted library allocation
|
page read and write
|
||
|
25E266F1000
|
heap
|
page read and write
|
||
|
7FFD34A10000
|
trusted library allocation
|
page read and write
|
||
|
784000
|
heap
|
page read and write
|
||
|
1E7E0BB0000
|
heap
|
page read and write
|
||
|
25E0DA60000
|
heap
|
page readonly
|
||
|
7FFD34720000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BE4FB70000
|
heap
|
page read and write
|
||
|
15DF2F20000
|
heap
|
page read and write
|
||
|
7FFD34652000
|
trusted library allocation
|
page read and write
|
||
|
C9C000
|
heap
|
page read and write
|
||
|
3541000
|
heap
|
page read and write
|
||
|
C93000
|
unkown
|
page write copy
|
||
|
2520A38B000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
25E2668D000
|
heap
|
page read and write
|
||
|
25221A92000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
25E0ED18000
|
trusted library allocation
|
page read and write
|
||
|
2641118B000
|
heap
|
page read and write
|
||
|
7FF7AD739000
|
unkown
|
page readonly
|
||
|
4C21DFF000
|
stack
|
page read and write
|
||
|
252093E0000
|
heap
|
page execute and read and write
|
||
|
25E0EEBE000
|
trusted library allocation
|
page read and write
|
||
|
252219D6000
|
heap
|
page read and write
|
||
|
D1C27CE000
|
stack
|
page read and write
|
||
|
7FFD348F0000
|
trusted library allocation
|
page read and write
|
||
|
176E000
|
stack
|
page read and write
|
||
|
7FF69050C000
|
unkown
|
page write copy
|
||
|
7FFD349C8000
|
trusted library allocation
|
page read and write
|
||
|
30A8000
|
heap
|
page read and write
|
||
|
25E0C1C7000
|
heap
|
page read and write
|
||
|
4B3F000
|
stack
|
page read and write
|
||
|
602000
|
unkown
|
page readonly
|
||
|
767000
|
heap
|
page read and write
|
||
|
15D81AAF000
|
trusted library allocation
|
page read and write
|
||
|
2520AEC8000
|
trusted library allocation
|
page read and write
|
||
|
D1C2A73000
|
stack
|
page read and write
|
||
|
252093C7000
|
heap
|
page execute and read and write
|
||
|
7FFD349D9000
|
trusted library allocation
|
page read and write
|
||
|
CAE000
|
heap
|
page read and write
|
||
|
7FFD34980000
|
trusted library allocation
|
page read and write
|
||
|
25219710000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AF0000
|
trusted library allocation
|
page read and write
|
||
|
EE710FD000
|
stack
|
page read and write
|
||
|
7FFD34A70000
|
trusted library allocation
|
page read and write
|
||
|
2F7F000
|
stack
|
page read and write
|
||
|
7FFD34B20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34821000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
25221ACA000
|
heap
|
page read and write
|
||
|
7DF47B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348F0000
|
trusted library allocation
|
page read and write
|
||
|
2F44B79000
|
stack
|
page read and write
|
||
|
15D80DBC000
|
trusted library allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
28B8000
|
heap
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
782000
|
heap
|
page read and write
|
||
|
B9A000
|
heap
|
page read and write
|
||
|
7FFD34A80000
|
trusted library allocation
|
page read and write
|
||
|
15DF0D5F000
|
heap
|
page read and write
|
||
|
7FFD34A90000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2D7B000
|
stack
|
page read and write
|
||
|
6FA000
|
stack
|
page read and write
|
||
|
7FFD349C4000
|
trusted library allocation
|
page read and write
|
||
|
4C21BFE000
|
stack
|
page read and write
|
||
|
186E000
|
stack
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF7AD739000
|
unkown
|
page readonly
|
||
|
D1C2E79000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
15DF29D0000
|
heap
|
page read and write
|
||
|
15D81BB2000
|
trusted library allocation
|
page read and write
|
||
|
15D81B77000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AC6000
|
trusted library allocation
|
page read and write
|
||
|
15DF0FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349B4000
|
trusted library allocation
|
page read and write
|
||
|
2520AE81000
|
trusted library allocation
|
page read and write
|
||
|
15DF0D67000
|
heap
|
page read and write
|
||
|
D1C317C000
|
stack
|
page read and write
|
||
|
7FF6904F0000
|
unkown
|
page readonly
|
||
|
7FFD349B3000
|
trusted library allocation
|
page read and write
|
||
|
15D902E8000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
EE714FC000
|
stack
|
page read and write
|
||
|
15DF1090000
|
heap
|
page read and write
|
||
|
7FFD34900000
|
trusted library allocation
|
page read and write
|
||
|
7FF7AD1B0000
|
unkown
|
page readonly
|
||
|
26411179000
|
heap
|
page read and write
|
||
|
15DF2B90000
|
trusted library allocation
|
page read and write
|
||
|
26411179000
|
heap
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
25E0FAB0000
|
trusted library allocation
|
page read and write
|
||
|
25E262B0000
|
heap
|
page read and write
|
||
|
2E7D000
|
stack
|
page read and write
|
||
|
7FF7AD737000
|
unkown
|
page read and write
|
||
|
3C3F000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
39BA000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
7FFD34AB6000
|
trusted library allocation
|
page read and write
|
||
|
7FF7AD1CB000
|
unkown
|
page write copy
|
||
|
25219421000
|
trusted library allocation
|
page read and write
|
||
|
34BD000
|
stack
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
123E000
|
heap
|
page read and write
|
||
|
7FF7AD1B1000
|
unkown
|
page execute read
|
||
|
1E7E0BE0000
|
unkown
|
page read and write
|
||
|
2641165C000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
756000
|
stack
|
page read and write
|
||
|
7FFD34970000
|
trusted library allocation
|
page read and write
|
||
|
784000
|
heap
|
page read and write
|
||
|
84EC07F000
|
stack
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page read and write
|
||
|
874000
|
unkown
|
page read and write
|
||
|
EE70EFF000
|
stack
|
page read and write
|
||
|
84EB9ED000
|
stack
|
page read and write
|
||
|
25E0DDF6000
|
heap
|
page read and write
|
||
|
25221970000
|
heap
|
page read and write
|
||
|
2F6F000
|
stack
|
page read and write
|
||
|
15DF3003000
|
heap
|
page read and write
|
||
|
EE70B13000
|
stack
|
page read and write
|
||
|
252079A0000
|
trusted library allocation
|
page read and write
|
||
|
157F000
|
stack
|
page read and write
|
||
|
241E000
|
stack
|
page read and write
|
||
|
15DF0F80000
|
trusted library allocation
|
page read and write
|
||
|
25E0DA30000
|
trusted library allocation
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
25207846000
|
heap
|
page read and write
|
||
|
252219DA000
|
heap
|
page read and write
|
||
|
3EFE000
|
stack
|
page read and write
|
||
|
D1C327B000
|
stack
|
page read and write
|
||
|
25E1E251000
|
trusted library allocation
|
page read and write
|
||
|
39BF000
|
stack
|
page read and write
|
||
|
25E0C0E0000
|
heap
|
page read and write
|
||
|
7FFD349C2000
|
trusted library allocation
|
page read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
2F457CC000
|
stack
|
page read and write
|
||
|
26413E5C000
|
heap
|
page read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
25E266ED000
|
heap
|
page read and write
|
||
|
1D4BF495000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2EDB000
|
stack
|
page read and write
|
||
|
1D4BF4A0000
|
unkown
|
page read and write
|
||
|
116F000
|
stack
|
page read and write
|
||
|
7FFD34834000
|
trusted library allocation
|
page read and write
|
||
|
2F4487F000
|
stack
|
page read and write
|
||
|
25E0F0F6000
|
trusted library allocation
|
page read and write
|
||
|
2ED8000
|
heap
|
page read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
2F443EF000
|
stack
|
page read and write
|
||
|
1851CF70000
|
heap
|
page read and write
|
||
|
15DF0F20000
|
heap
|
page read and write
|
||
|
3EBF000
|
stack
|
page read and write
|
||
|
2F4574E000
|
stack
|
page read and write
|
||
|
EE70E7E000
|
stack
|
page read and write
|
||
|
1E7E0F90000
|
heap
|
page read and write
|
||
|
D1C2BFF000
|
stack
|
page read and write
|
||
|
25E0F9FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD349A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
6D9000
|
heap
|
page read and write
|
||
|
25207930000
|
trusted library allocation
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
2520B1F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
2D3E000
|
stack
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
7FF690A82000
|
unkown
|
page write copy
|
||
|
334E000
|
stack
|
page read and write
|
||
|
7FF7B89C5000
|
unkown
|
page read and write
|
||
|
3560000
|
heap
|
page execute and read and write
|
||
|
7FFD346BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1F000
|
stack
|
page read and write
|
||
|
25221E4C000
|
heap
|
page read and write
|
||
|
7FFD349D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF690A79000
|
unkown
|
page readonly
|
||
|
7FFD34AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15D80D19000
|
trusted library allocation
|
page read and write
|
||
|
784000
|
heap
|
page read and write
|
||
|
2BE4FF40000
|
heap
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
15DF29D5000
|
heap
|
page read and write
|
||
|
99F000
|
stack
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
8CA7DFF000
|
stack
|
page read and write
|
||
|
2E38000
|
heap
|
page read and write
|
||
|
25E26570000
|
heap
|
page read and write
|
||
|
25E0C169000
|
heap
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
7FFD34A5A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34B10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
25221760000
|
heap
|
page read and write
|
||
|
84EBEFC000
|
stack
|
page read and write
|
||
|
EE70B9E000
|
stack
|
page read and write
|
||
|
2F4477E000
|
stack
|
page read and write
|
||
|
3546000
|
heap
|
page read and write
|
||
|
7FFD34726000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
7FFD34980000
|
trusted library allocation
|
page read and write
|
||
|
370E000
|
stack
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
7FFD34993000
|
trusted library allocation
|
page read and write
|
||
|
7FF690A86000
|
unkown
|
page readonly
|
||
|
25E26725000
|
heap
|
page read and write
|
||
|
C90000
|
unkown
|
page readonly
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
25E268F4000
|
heap
|
page read and write
|
||
|
25E0FD89000
|
trusted library allocation
|
page read and write
|
||
|
25E0E950000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3468B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34B02000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
2520A141000
|
trusted library allocation
|
page read and write
|
||
|
1D1ED000
|
stack
|
page read and write
|
||
|
84EBF7F000
|
stack
|
page read and write
|
||
|
1851CF90000
|
unkown
|
page read and write
|
||
|
45E000
|
stack
|
page read and write
|
||
|
26411160000
|
heap
|
page read and write
|
||
|
7FFD34801000
|
trusted library allocation
|
page read and write
|
||
|
25E0C1CC000
|
heap
|
page read and write
|
||
|
3547000
|
heap
|
page read and write
|
||
|
A6EA98C000
|
stack
|
page read and write
|
||
|
7FF7AD742000
|
unkown
|
page write copy
|
||
|
2BE4FED0000
|
unkown
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
782000
|
heap
|
page read and write
|
||
|
7FFD34852000
|
trusted library allocation
|
page read and write
|
||
|
15DF0EF0000
|
heap
|
page read and write
|
||
|
252219D2000
|
heap
|
page read and write
|
||
|
25221BA0000
|
trusted library allocation
|
page read and write
|
||
|
EE70FFF000
|
stack
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
2640F73C000
|
heap
|
page read and write
|
||
|
25E1DF71000
|
trusted library allocation
|
page read and write
|
||
|
15DF1010000
|
trusted library allocation
|
page read and write
|
||
|
252077D0000
|
heap
|
page read and write
|
||
|
7FFD34A60000
|
trusted library allocation
|
page read and write
|
||
|
EE70F79000
|
stack
|
page read and write
|
||
|
7FFD349D4000
|
trusted library allocation
|
page read and write
|
||
|
15DF1095000
|
heap
|
page read and write
|
||
|
15DF2AD1000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
399C000
|
stack
|
page read and write
|
||
|
80E000
|
stack
|
page read and write
|
||
|
7DF49D860000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34900000
|
trusted library allocation
|
page read and write
|
||
|
140000
|
unkown
|
page readonly
|
||
|
7FF7AD742000
|
unkown
|
page read and write
|
||
|
1DDEB000
|
stack
|
page read and write
|
||
|
15DF34D0000
|
heap
|
page read and write
|
||
|
25E0E179000
|
trusted library allocation
|
page read and write
|
||
|
7FF7B89BC000
|
unkown
|
page readonly
|
||
|
15DF3186000
|
heap
|
page read and write
|
||
|
7FFD34811000
|
trusted library allocation
|
page read and write
|
||
|
436F7FE000
|
stack
|
page read and write
|
||
|
7FFD34802000
|
trusted library allocation
|
page read and write
|
||
|
7FF7AD745000
|
unkown
|
page write copy
|
||
|
2640F7B0000
|
heap
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A00000
|
trusted library allocation
|
page read and write
|
||
|
FEE000
|
stack
|
page read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
EE71F4D000
|
stack
|
page read and write
|
||
|
1851CF60000
|
heap
|
page read and write
|
||
|
D1C2FFE000
|
stack
|
page read and write
|
||
|
1851D000000
|
heap
|
page read and write
|
||
|
15DF2BB0000
|
heap
|
page read and write
|
||
|
15D80001000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
15DF2840000
|
heap
|
page read and write
|
||
|
BEB000
|
heap
|
page read and write
|
||
|
15DF3520000
|
heap
|
page read and write
|
||
|
139B1000
|
trusted library allocation
|
page read and write
|
||
|
25E1DF51000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3471C000
|
trusted library allocation
|
page execute and read and write
|
||
|
25207A70000
|
heap
|
page read and write
|
||
|
30ED000
|
stack
|
page read and write
|
||
|
78B000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
B9E000
|
heap
|
page read and write
|
||
|
25207A75000
|
heap
|
page read and write
|
||
|
D1C2EF6000
|
stack
|
page read and write
|
||
|
88F000
|
stack
|
page read and write
|
||
|
1D4BF150000
|
unkown
|
page read and write
|
||
|
26417A5C000
|
heap
|
page read and write
|
||
|
7FF7AD1B0000
|
unkown
|
page readonly
|
||
|
F0AF27E000
|
stack
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
1253000
|
heap
|
page read and write
|
||
|
C95000
|
unkown
|
page readonly
|
||
|
7DF47B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
384F000
|
stack
|
page read and write
|
||
|
7FFD3468B000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0C100000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page read and write
|
||
|
7FF690A77000
|
unkown
|
page read and write
|
||
|
2A4F000
|
stack
|
page read and write
|
||
|
25E0C233000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
EE71178000
|
stack
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
2ADE000
|
stack
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2F449F9000
|
stack
|
page read and write
|
||
|
7FFD34970000
|
trusted library allocation
|
page read and write
|
||
|
239E000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
141000
|
unkown
|
page execute read
|
||
|
275F000
|
stack
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
EE71079000
|
stack
|
page read and write
|
||
|
79A000
|
heap
|
page read and write
|
||
|
2640F722000
|
heap
|
page read and write
|
||
|
A6EACFF000
|
stack
|
page read and write
|
||
|
873000
|
unkown
|
page write copy
|
||
|
EE712F8000
|
stack
|
page read and write
|
||
|
2BE4FE90000
|
unkown
|
page read and write
|
||
|
D29000
|
heap
|
page read and write
|
||
|
25219708000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
25221845000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
25E0F9B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3468D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0DB77000
|
heap
|
page execute and read and write
|
||
|
7FFD349D0000
|
trusted library allocation
|
page read and write
|
||
|
417E000
|
stack
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
133D000
|
stack
|
page read and write
|
||
|
6F4000
|
heap
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page execute and read and write
|
||
|
48BF000
|
stack
|
page read and write
|
||
|
25207889000
|
heap
|
page read and write
|
||
|
1DE79FC0000
|
heap
|
page read and write
|
||
|
7FFD34857000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3467B000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DF0DAD000
|
heap
|
page read and write
|
||
|
872000
|
unkown
|
page readonly
|
||
|
7FFD349A3000
|
trusted library allocation
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
7FFD34980000
|
trusted library allocation
|
page read and write
|
||
|
25E266E1000
|
heap
|
page read and write
|
||
|
7FFD34A80000
|
trusted library allocation
|
page read and write
|
||
|
268E000
|
stack
|
page read and write
|
||
|
D1C2AFE000
|
stack
|
page read and write
|
||
|
78D000
|
heap
|
page read and write
|
||
|
7FFD34854000
|
trusted library allocation
|
page read and write
|
||
|
25E0C000000
|
heap
|
page read and write
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
120E000
|
heap
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
7FF7AD746000
|
unkown
|
page readonly
|
||
|
25E0C1A0000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7FFD349B9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
2F458CA000
|
stack
|
page read and write
|
||
|
140000
|
unkown
|
page readonly
|
||
|
4C21BED000
|
stack
|
page read and write
|
||
|
252094A8000
|
trusted library allocation
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page execute and read and write
|
||
|
15D81A09000
|
trusted library allocation
|
page read and write
|
||
|
15DF319E000
|
heap
|
page read and write
|
||
|
467E000
|
stack
|
page read and write
|
||
|
15D80A00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A70000
|
trusted library allocation
|
page read and write
|
||
|
6AE000
|
heap
|
page read and write
|
||
|
D1C307E000
|
stack
|
page read and write
|
||
|
25E0EAEB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349A0000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
26411150000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
15DF2B2A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
15DF2A70000
|
heap
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34B00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A7C000
|
trusted library allocation
|
page read and write
|
||
|
121D000
|
heap
|
page read and write
|
||
|
7FF7AD746000
|
unkown
|
page readonly
|
||
|
602000
|
unkown
|
page readonly
|
||
|
1D4BF0E0000
|
heap
|
page read and write
|
||
|
15D80087000
|
trusted library allocation
|
page read and write
|
||
|
252217AC000
|
heap
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
32DC000
|
stack
|
page read and write
|
||
|
35A0000
|
heap
|
page execute and read and write
|
||
|
7FF7AD742000
|
unkown
|
page write copy
|
||
|
25E0C18A000
|
heap
|
page read and write
|
||
|
EE71FCA000
|
stack
|
page read and write
|
||
|
2F4497D000
|
stack
|
page read and write
|
||
|
25209410000
|
heap
|
page read and write
|
||
|
310F000
|
stack
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
26415C5C000
|
heap
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
44FF000
|
stack
|
page read and write
|
||
|
1E7E0BC0000
|
heap
|
page read and write
|
||
|
427F000
|
stack
|
page read and write
|
||
|
2641705C000
|
heap
|
page read and write
|
||
|
25209415000
|
heap
|
page read and write
|
||
|
15DF2AAC000
|
heap
|
page read and write
|
||
|
25E0DFD6000
|
trusted library allocation
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
719000
|
heap
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
7FFD34844000
|
trusted library allocation
|
page read and write
|
||
|
1C12D000
|
stack
|
page read and write
|
||
|
8CA7BFD000
|
stack
|
page read and write
|
||
|
139B3000
|
trusted library allocation
|
page read and write
|
||
|
3541000
|
heap
|
page read and write
|
||
|
15DF3196000
|
heap
|
page read and write
|
||
|
C99000
|
heap
|
page read and write
|
||
|
C93000
|
unkown
|
page write copy
|
||
|
25E0EC75000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
15DF305A000
|
heap
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
15DF3158000
|
heap
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
2640F7A2000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page execute and read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
252093C0000
|
heap
|
page execute and read and write
|
||
|
15DF0F60000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34950000
|
trusted library allocation
|
page read and write
|
||
|
25221880000
|
heap
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
1DE7A068000
|
heap
|
page read and write
|
||
|
2641345C000
|
heap
|
page read and write
|
||
|
15D81E9C000
|
trusted library allocation
|
page read and write
|
||
|
26410F90000
|
direct allocation
|
page execute read
|
||
|
25E0C140000
|
heap
|
page read and write
|
||
|
7FFD34990000
|
trusted library allocation
|
page read and write
|
||
|
7FF7AD1B1000
|
unkown
|
page execute read
|
||
|
7FFD349B0000
|
trusted library allocation
|
page read and write
|
||
|
B3D000
|
stack
|
page read and write
|
||
|
25207800000
|
heap
|
page read and write
|
||
|
39B1000
|
trusted library allocation
|
page read and write
|
||
|
2640F6B0000
|
heap
|
page read and write
|
||
|
35AF000
|
stack
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
1D5EE000
|
stack
|
page read and write
|
||
|
26411153000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
25E1E240000
|
trusted library allocation
|
page read and write
|
||
|
25E26614000
|
heap
|
page read and write
|
||
|
7FFD34706000
|
trusted library allocation
|
page read and write
|
||
|
1DE79FB0000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
7FFD34AE0000
|
trusted library allocation
|
page read and write
|
||
|
463F000
|
stack
|
page read and write
|
||
|
25E0DAE0000
|
trusted library allocation
|
page read and write
|
||
|
1D9EE000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA1000
|
heap
|
page read and write
|
||
|
15D902E3000
|
trusted library allocation
|
page read and write
|
||
|
15D80B91000
|
trusted library allocation
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
25221AB2000
|
heap
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
7FFD34664000
|
trusted library allocation
|
page read and write
|
||
|
26418E5C000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
7FFD34A6C000
|
trusted library allocation
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
10FA000
|
stack
|
page read and write
|
||
|
3541000
|
heap
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
1DE7A355000
|
heap
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page read and write
|
||
|
7FF7AD1B1000
|
unkown
|
page execute read
|
||
|
15D80F67000
|
trusted library allocation
|
page read and write
|
||
|
25E0C3D0000
|
heap
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page read and write
|
||
|
322E000
|
stack
|
page read and write
|
||
|
7FFD346CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34AF0000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
79A000
|
heap
|
page read and write
|
||
|
8CA7BED000
|
stack
|
page read and write
|
||
|
7FF7B89A0000
|
unkown
|
page readonly
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
7FFD34A73000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DF2A60000
|
heap
|
page execute and read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
25E0C410000
|
heap
|
page read and write
|
||
|
15DF0D61000
|
heap
|
page read and write
|
||
|
84E000
|
stack
|
page read and write
|
||
|
25E266CE000
|
heap
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page read and write
|
||
|
15DF29DA000
|
heap
|
page read and write
|
||
|
D1C31FE000
|
stack
|
page read and write
|
||
|
3FFF000
|
stack
|
page read and write
|
||
|
7FFD3469D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E26717000
|
heap
|
page read and write
|
||
|
2520783D000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
2640F6B8000
|
heap
|
page read and write
|
||
|
25E266D9000
|
heap
|
page read and write
|
||
|
7FFD34AB0000
|
trusted library allocation
|
page read and write
|
||
|
25E0DAA0000
|
trusted library allocation
|
page read and write
|
||
|
EE70BDE000
|
stack
|
page read and write
|
||
|
25E0DBB0000
|
heap
|
page execute and read and write
|
||
|
7FFD34990000
|
trusted library allocation
|
page read and write
|
||
|
25209649000
|
trusted library allocation
|
page read and write
|
||
|
15DF3011000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
7FFD34ABD000
|
trusted library allocation
|
page read and write
|
||
|
142000
|
unkown
|
page readonly
|
||
|
26411100000
|
heap
|
page read and write
|
||
|
3B3E000
|
stack
|
page read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
15DF3380000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
25E0C415000
|
heap
|
page read and write
|
||
|
D1C30FE000
|
stack
|
page read and write
|
||
|
15D9006A000
|
trusted library allocation
|
page read and write
|
||
|
2BE4FB80000
|
heap
|
page readonly
|
||
|
25E1E21D000
|
trusted library allocation
|
page read and write
|
||
|
15D80DD4000
|
trusted library allocation
|
page read and write
|
||
|
84EC17E000
|
stack
|
page read and write
|
||
|
25E0EAE5000
|
trusted library allocation
|
page read and write
|
||
|
EE7204C000
|
stack
|
page read and write
|
||
|
2EBD000
|
stack
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
C95000
|
unkown
|
page readonly
|
||
|
D1C2CFF000
|
stack
|
page read and write
|
||
|
25221AF4000
|
heap
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
25E0DD60000
|
heap
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
4B2000
|
unkown
|
page readonly
|
||
|
15DF29B0000
|
heap
|
page execute and read and write
|
||
|
25E26560000
|
heap
|
page read and write
|
||
|
25E0F19A000
|
trusted library allocation
|
page read and write
|
||
|
15D81E3F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34B10000
|
trusted library allocation
|
page read and write
|
||
|
2E9C000
|
stack
|
page read and write
|
||
|
EE71ECE000
|
stack
|
page read and write
|
||
|
15DF318E000
|
heap
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
E6D000
|
stack
|
page read and write
|
||
|
7FFD34AC0000
|
trusted library allocation
|
page read and write
|
||
|
1715000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
7FFD349F0000
|
trusted library allocation
|
page read and write
|
||
|
7DF49D870000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0DD20000
|
trusted library allocation
|
page read and write
|
||
|
15DF2990000
|
heap
|
page execute and read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0DA70000
|
trusted library allocation
|
page read and write
|
||
|
3C7E000
|
stack
|
page read and write
|
||
|
25E1E233000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349D2000
|
trusted library allocation
|
page read and write
|
||
|
742000
|
heap
|
page read and write
|
||
|
7FFD34940000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page read and write
|
||
|
D1C2C7A000
|
stack
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
7FFD3469B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2641485C000
|
heap
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
7FFD3471C000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0F955000
|
trusted library allocation
|
page read and write
|
||
|
25207910000
|
trusted library allocation
|
page read and write
|
||
|
2F44CFE000
|
stack
|
page read and write
|
||
|
25E26652000
|
heap
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
252217FE000
|
heap
|
page read and write
|
||
|
7FFD34940000
|
trusted library allocation
|
page read and write
|
||
|
63F000
|
stack
|
page read and write
|
||
|
252079D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page execute and read and write
|
||
|
91E000
|
heap
|
page read and write
|
||
|
7FF7AD1B0000
|
unkown
|
page readonly
|
||
|
2FAF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3D7F000
|
stack
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
2641845C000
|
heap
|
page read and write
|
||
|
2F44AF9000
|
stack
|
page read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
15D90001000
|
trusted library allocation
|
page read and write
|
||
|
26411010000
|
heap
|
page readonly
|
||
|
23DF000
|
stack
|
page read and write
|
||
|
7FFD349E8000
|
trusted library allocation
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
7FF7AD739000
|
unkown
|
page readonly
|
||
|
15DF3020000
|
heap
|
page read and write
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
7FF690A86000
|
unkown
|
page readonly
|
||
|
144000
|
unkown
|
page readonly
|
||
|
7FFD34663000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DF0D7F000
|
heap
|
page read and write
|
||
|
26411060000
|
direct allocation
|
page execute and read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
22EE000
|
stack
|
page read and write
|
||
|
2520A414000
|
trusted library allocation
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
2640F742000
|
heap
|
page read and write
|
||
|
1851D390000
|
unkown
|
page read and write
|
||
|
7DF4E0D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C870000
|
heap
|
page read and write
|
||
|
604000
|
unkown
|
page readonly
|
||
|
25221B90000
|
heap
|
page read and write
|
||
|
84EC27F000
|
stack
|
page read and write
|
||
|
7FFD34673000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF6904F1000
|
unkown
|
page execute read
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F443A3000
|
stack
|
page read and write
|
||
|
D4C000
|
stack
|
page read and write
|
||
|
7FF7AD1B1000
|
unkown
|
page execute read
|
There are 1188 hidden memdumps, click here to show them.