Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
T52Z708x2p.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\pei[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\nxmr[1].exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\newtpp[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\1332331323.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1378231302.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\158238779.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1706633239.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\193938922.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2311326414.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\236013504.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2448028260.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\281653412.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\446629599.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\65841553.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\70AF.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\jacrzswcvuml.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\Google\Libs\WR64.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Users\user\sysppvrdnvs.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\sysppvrdnvs.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\158238779.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\193938922.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\1[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\3[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\5[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\dwntbl[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\1[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\2[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\4[1]
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1121631426.exe
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2234110106.exe
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\251299760.exe
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\565511239.exe
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0qtays2e.bdz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_14skrpgj.cfx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4btjyfkd.zju.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4knadsoy.dxy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cpgu24i2.flo.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e3zl1imx.vwg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_enuk0itu.als.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hq3y3e1r.4vl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_i1utyppo.eom.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jtbtzrp1.izy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lb3cibbb.vie.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lekqp2gf.iw2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lxboixww.31a.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mbgx5jol.ejt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nkfsxg5o.wry.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nxmr3u4p.l4y.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rznazit5.3kq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_su2fkzki.exz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t05t35es.gjp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z5yemxwm.3ve.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\tbtcmds.dat
|
data
|
dropped
|
||
|
C:\Users\user\tbtnds.dat
|
OpenPGP Public Key
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 48 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\T52Z708x2p.exe
|
"C:\Users\user\Desktop\T52Z708x2p.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Users\user\AppData\Local\Temp\70AF.exe
|
"C:\Users\user~1\AppData\Local\Temp\70AF.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\1706633239.exe
|
C:\Users\user~1\AppData\Local\Temp\1706633239.exe
|
|
|
|
C:\Windows\sysppvrdnvs.exe
|
C:\Windows\sysppvrdnvs.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c powershell -Command "Add-MpPreference -ExclusionPath $env:windir; Add-MpPreference -ExclusionPath
$env:TEMP; Add-MpPreference -ExclusionPath $env:USERPROFILE"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop DoSvc & sc stop BITS /wait
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "Add-MpPreference -ExclusionPath $env:windir; Add-MpPreference -ExclusionPath $env:TEMP; Add-MpPreference
-ExclusionPath $env:USERPROFILE"
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop UsoSvc
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop WaaSMedicSvc
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop wuauserv
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop DoSvc
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop BITS /wait
|
|
|
|
C:\Windows\sysppvrdnvs.exe
|
"C:\Windows\sysppvrdnvs.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\158238779.exe
|
C:\Users\user~1\AppData\Local\Temp\158238779.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Windows Upgrade Manager"
/f
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c schtasks /delete /f /tn "Windows Upgrade Manager"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\reg.exe
|
reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Windows Upgrade Manager" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /delete /f /tn "Windows Upgrade Manager"
|
|
|
|
C:\Users\user\AppData\Local\Temp\281653412.exe
|
C:\Users\user~1\AppData\Local\Temp\281653412.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\1332331323.exe
|
C:\Users\user~1\AppData\Local\Temp\1332331323.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\2311326414.exe
|
C:\Users\user~1\AppData\Local\Temp\2311326414.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\446629599.exe
|
C:\Users\user~1\AppData\Local\Temp\446629599.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\2448028260.exe
|
C:\Users\user~1\AppData\Local\Temp\2448028260.exe
|
|
|
|
C:\Users\user\sysppvrdnvs.exe
|
C:\Users\user\sysppvrdnvs.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c powershell -Command "Add-MpPreference -ExclusionPath $env:windir; Add-MpPreference -ExclusionPath
$env:TEMP; Add-MpPreference -ExclusionPath $env:USERPROFILE"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop DoSvc & sc stop BITS /wait
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "Add-MpPreference -ExclusionPath $env:windir; Add-MpPreference -ExclusionPath $env:TEMP; Add-MpPreference
-ExclusionPath $env:USERPROFILE"
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop UsoSvc
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop WaaSMedicSvc
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop wuauserv
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop DoSvc
|
|
|
|
C:\Windows\SysWOW64\sc.exe
|
sc stop BITS /wait
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#evrkcgqew#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /tn 'Microsoft Windows Security' /tr '''C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe'''
} Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe')
-Trigger (New-ScheduledTaskTrigger -AtLogOn) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate
-DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'Microsoft Windows
Security' -RunLevel 'Highest' -Force; }
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Users\user\sysppvrdnvs.exe
|
"C:\Users\user\sysppvrdnvs.exe"
|
|
|
|
C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe
|
"C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe"
|
|
|
|
C:\Users\user\sysppvrdnvs.exe
|
"C:\Users\user\sysppvrdnvs.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\193938922.exe
|
C:\Users\user~1\AppData\Local\Temp\193938922.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Windows Upgrade Manager"
/f
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c schtasks /delete /f /tn "Windows Upgrade Manager"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\reg.exe
|
reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Windows Upgrade Manager" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /delete /f /tn "Windows Upgrade Manager"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#evrkcgqew#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /tn 'Microsoft Windows Security' /tr '''C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe'''
} Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe')
-Trigger (New-ScheduledTaskTrigger -AtLogOn) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate
-DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'Microsoft Windows
Security' -RunLevel 'Highest' -Force; }
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Users\user\AppData\Local\Temp\236013504.exe
|
C:\Users\user~1\AppData\Local\Temp\236013504.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\System32\conhost.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#ydcfdz#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /tn 'Microsoft Windows Security' /tr '''C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe'''
} Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Users\user\Microsoft Windows Security\winupsecvmgr.exe')
-Trigger (New-ScheduledTaskTrigger -AtLogOn) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate
-DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'Microsoft Windows
Security' -RunLevel 'Highest' -Force; }
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\dwm.exe
|
C:\Windows\System32\dwm.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\65841553.exe
|
C:\Users\user~1\AppData\Local\Temp\65841553.exe
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
There are 50 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://185.215.113.66/pei.exe
|
185.215.113.66
|
|
|
|
http://twizt.net/
|
unknown
|
|
|
|
http://twizt.net/.C
|
unknown
|
|
|
|
http://twizt.net/peinstall.php6R
|
unknown
|
|
|
|
http://twizt.net/peinstall.php%temp%%s
|
unknown
|
|
|
|
http://twizt.net/newtpp.exe
|
unknown
|
|
|
|
http://twizt.net/peinstall.php
|
unknown
|
|
|
|
http://91.202.233.141/
|
unknown
|
|
|
|
http://twizt.net/peinstall.php/peinstall.phpshqos.dll.mui
|
unknown
|
|
|
|
http://twizt.net/peinstall.phpCx
|
unknown
|
|
|
|
http://twizt.net/newtpp.exel
|
unknown
|
|
|
|
http://185.215.113.66/
|
unknown
|
|
|
|
http://twizt.net/peinstall.phpBU
|
unknown
|
|
|
|
http://twizt.net/peinstall.phpoU_
|
unknown
|
|
|
|
http://twizt.net/newtpp.exeP0
|
unknown
|
|
|
|
http://185.215.113.66/reg.php?s=%s
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASDMozilla/5.0
|
unknown
|
||
|
http://185.215.113.66/4e
|
unknown
|
||
|
http://91.202.233.141/1(
|
unknown
|
||
|
http://185.215.113.66/5H
|
unknown
|
||
|
http://91.202.233.141/2
|
unknown
|
||
|
http://185.215.113.66/4T
|
unknown
|
||
|
http://91.202.233.141/dwntblli
|
unknown
|
||
|
http://185.215.113.66/4S
|
unknown
|
||
|
http://91.202.233.141/8
|
unknown
|
||
|
http://91.202.233.141/5
|
unknown
|
||
|
http://91.202.233.141/3
|
unknown
|
||
|
http://91.202.233.141/4
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASD
|
unknown
|
||
|
http://91.202.233.141/dwntbl
|
unknown
|
||
|
http://91.202.233.141/TLOADEDBROMozilla/5.0
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://185.215.113.66/5S
|
unknown
|
||
|
http://185.215.113.66/1rosoft
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASD&
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://185.215.113.66/4&
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://185.215.113.66/5
|
unknown
|
||
|
http://185.215.113.66/4
|
unknown
|
||
|
http://185.215.113.66/3
|
unknown
|
||
|
http://185.215.113.66/2
|
unknown
|
||
|
http://185.215.113.66/1m
|
unknown
|
||
|
http://91.202.233.141/4y
|
unknown
|
||
|
http://185.215.113.66/pei.exeDl
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://185.215.113.66/1
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASD7s&
|
unknown
|
||
|
http://185.215.113.66/reg.php?s=%sMozilla/5.0
|
unknown
|
||
|
http://185.215.113.84/nxmr.exeystem32
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASD00
|
unknown
|
||
|
http://185.215.113.66/pei.exeumpe
|
unknown
|
||
|
http://185.215.113.66/5&
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://185.215.113.66/S
|
unknown
|
||
|
http://91.202.233.141/tography
|
unknown
|
||
|
http://185.215.113.66/41
|
unknown
|
||
|
http://91.202.233.141/ALLBSTATAASASD/sN
|
unknown
|
||
|
http://185.215.113.66/1:
|
unknown
|
||
|
http://185.215.113.84/nxmr.exe
|
unknown
|
||
|
http://185.215.113.66/pei.exeTTC:
|
unknown
|
||
|
http://185.215.113.66/1A
|
unknown
|
||
|
http://185.215.113.66/1B
|
unknown
|
||
|
http://185.215.113.66/1C
|
unknown
|
||
|
http://91.202.233.141/der
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://185.215.113.84/nxmr.exeP0
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://185.215.113.66/11
|
unknown
|
||
|
http://185.215.113.66/2:
|
unknown
|
||
|
http://185.215.113.66/1a
|
unknown
|
||
|
http://185.215.113.66/1e
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
http://185.215.113.66/1LMEM08
|
unknown
|
||
|
http://91.202.233.141/4&
|
unknown
|
||
|
http://185.215.113.66/1L
|
unknown
|
||
|
http://185.215.113.84/nxmr.exeOE
|
unknown
|
||
|
http://185.215.113.66/21
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://91.202.233.141/dwntblk
|
unknown
|
||
|
http://185.215.113.66/46/4sysmain.sdp
|
unknown
|
||
|
http://185.215.113.66/http://91.202.233.141/12345%s%s%s:Zone.Identifier%userprofile%%windir%%s
|
unknown
|
||
|
http://91.202.233.141/dwntblONTD~1
|
unknown
|
||
|
http://185.215.113.66/1NNC:
|
unknown
|
||
|
http://91.202.233.141/1e
|
unknown
|
||
|
http://91.202.233.141/sg
|
unknown
|
||
|
http://185.215.113.66/1C:
|
unknown
|
||
|
http://185.215.113.66/1dler
|
unknown
|
||
|
http://185.215.113.66/tdrp.exe%s:Zone.Identifier/c
|
unknown
|
||
|
http://185.215.113.66/5C:
|
unknown
|
||
|
https://xmrig.com/docs/algorithms
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://185.215.113.66/tdrp.exe
|
unknown
|
There are 87 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
twizt.net
|
185.215.113.66
|
|
|
|
twizthash.net
|
185.215.113.66
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.215.113.66
|
twizt.net
|
Portugal
|
|
|
|
87.237.236.86
|
unknown
|
Uzbekistan
|
|
|
|
109.165.55.243
|
unknown
|
Russian Federation
|
|
|
|
88.204.217.130
|
unknown
|
Kazakhstan
|
|
|
|
195.158.16.52
|
unknown
|
Uzbekistan
|
|
|
|
213.206.50.15
|
unknown
|
Uzbekistan
|
|
|
|
175.107.23.112
|
unknown
|
Pakistan
|
|
|
|
91.202.233.141
|
unknown
|
Russian Federation
|
|
|
|
195.190.112.66
|
unknown
|
Russian Federation
|
|
|
|
90.156.162.79
|
unknown
|
Russian Federation
|
|
|
|
175.106.46.94
|
unknown
|
Afghanistan
|
|
|
|
185.71.152.222
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
2.179.178.50
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
5.234.49.217
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
217.24.149.46
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
146.70.53.161
|
unknown
|
United Kingdom
|
|
|
|
185.203.237.213
|
unknown
|
Russian Federation
|
|
|
|
124.109.48.132
|
unknown
|
Pakistan
|
|
|
|
198.163.200.67
|
unknown
|
United States
|
||
|
213.230.124.7
|
unknown
|
Uzbekistan
|
||
|
95.59.62.94
|
unknown
|
Kazakhstan
|
||
|
213.230.67.151
|
unknown
|
Uzbekistan
|
||
|
5.235.173.196
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
185.215.113.84
|
unknown
|
Portugal
|
||
|
95.188.243.246
|
unknown
|
Russian Federation
|
||
|
198.163.193.12
|
unknown
|
United States
|
||
|
77.240.41.3
|
unknown
|
Kazakhstan
|
||
|
94.230.237.65
|
unknown
|
Uzbekistan
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
178.71.163.141
|
unknown
|
Russian Federation
|
||
|
78.39.226.153
|
unknown
|
Iran (ISLAMIC Republic Of)
|
There are 21 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
FirewallOverride
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
FirewallDisableNotify
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
AntiSpywareOverride
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
AntiVirusOverride
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
AntiVirusDisableNotify
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
UpdatesOverride
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center
|
UpdatesDisableNotify
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
Windows Settings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
|
DisableWindowsUpdate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
|
AlwaysAutoUpdate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
|
OverrideNotice
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS
|
Start
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Windows Settings
|
There are 3 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
53E000
|
heap
|
page read and write
|
|
|
|
18B41702000
|
heap
|
page read and write
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
5B70000
|
heap
|
page read and write
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
7FF75CFDB000
|
unkown
|
page read and write
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
410000
|
unkown
|
page readonly
|
|
|
|
57E000
|
heap
|
page read and write
|
|
|
|
33C0000
|
heap
|
page read and write
|
||
|
3548000
|
heap
|
page read and write
|
||
|
7FFAAC0B0000
|
trusted library allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
7FFAAC4D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC0CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
51A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FFAAC3F5000
|
trusted library allocation
|
page read and write
|
||
|
385C000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
7DF44D510000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D2AD41000
|
trusted library allocation
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
1AB000
|
stack
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
7FFAAC240000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D43340000
|
heap
|
page read and write
|
||
|
3548000
|
heap
|
page read and write
|
||
|
3675000
|
heap
|
page read and write
|
||
|
19888C45000
|
heap
|
page read and write
|
||
|
21D433C6000
|
heap
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
7FFAAC262000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
415F000
|
stack
|
page read and write
|
||
|
1B8D2C67000
|
heap
|
page read and write
|
||
|
60C000
|
heap
|
page read and write
|
||
|
1CE7E000
|
stack
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
93DCFFF000
|
stack
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
18B43135000
|
heap
|
page read and write
|
||
|
294A10AE000
|
trusted library allocation
|
page read and write
|
||
|
E84000
|
unkown
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
7FFAAC267000
|
trusted library allocation
|
page read and write
|
||
|
815000
|
stack
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
38CD000
|
stack
|
page read and write
|
||
|
2D10000
|
heap
|
page execute and read and write
|
||
|
4DD65CB000
|
stack
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
F3979FA000
|
stack
|
page read and write
|
||
|
7FFAAC3B0000
|
trusted library allocation
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
1B8D5A4F000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
7FFAAC0D0000
|
trusted library allocation
|
page read and write
|
||
|
3F7B776000
|
stack
|
page read and write
|
||
|
3F7B67D000
|
stack
|
page read and write
|
||
|
19888C02000
|
heap
|
page read and write
|
||
|
3668000
|
heap
|
page read and write
|
||
|
7FFAAC3E4000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC0A4000
|
trusted library allocation
|
page read and write
|
||
|
2949DCF0000
|
heap
|
page execute and read and write
|
||
|
18B49A6D000
|
heap
|
page read and write
|
||
|
93DCDED000
|
stack
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
366C000
|
heap
|
page read and write
|
||
|
7FFAAC420000
|
trusted library allocation
|
page read and write
|
||
|
609000
|
heap
|
page read and write
|
||
|
21D43230000
|
heap
|
page execute and read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
1B8D6690000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4B0000
|
trusted library allocation
|
page read and write
|
||
|
13199000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
34CE000
|
stack
|
page read and write
|
||
|
1CE7D000
|
stack
|
page read and write
|
||
|
7FFAAC130000
|
trusted library allocation
|
page read and write
|
||
|
548000
|
heap
|
page read and write
|
||
|
7FFAAC292000
|
trusted library allocation
|
page read and write
|
||
|
7FFB227E6000
|
unkown
|
page readonly
|
||
|
7FFAAC3C0000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
7FF6E1E51000
|
unkown
|
page execute read
|
||
|
21D29127000
|
heap
|
page read and write
|
||
|
4DD50A3000
|
stack
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
1B8D46A0000
|
trusted library allocation
|
page read and write
|
||
|
2AB349D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21D43750000
|
heap
|
page read and write
|
||
|
7FFAAC330000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
357D000
|
heap
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
1B8D4610000
|
trusted library allocation
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
1BA1D000
|
stack
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
21D3AD50000
|
trusted library allocation
|
page read and write
|
||
|
6FA000
|
stack
|
page read and write
|
||
|
3F7B7F9000
|
stack
|
page read and write
|
||
|
3EDF000
|
stack
|
page read and write
|
||
|
3683000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
482000
|
heap
|
page read and write
|
||
|
375E000
|
stack
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
5E7000
|
heap
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
294A030F000
|
trusted library allocation
|
page read and write
|
||
|
9EF000
|
heap
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
18B4726D000
|
heap
|
page read and write
|
||
|
21D2AA20000
|
heap
|
page readonly
|
||
|
21D4351E000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
7FFAAC23A000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC360000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
7FFAAC49C000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
7DF46FF50000
|
trusted library allocation
|
page execute and read and write
|
||
|
18B4546D000
|
heap
|
page read and write
|
||
|
F45000
|
unkown
|
page readonly
|
||
|
21D2C826000
|
trusted library allocation
|
page read and write
|
||
|
1B8D470A000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
3567000
|
heap
|
page read and write
|
||
|
1B8ECFD7000
|
heap
|
page read and write
|
||
|
5B6000
|
heap
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
4DD56F9000
|
stack
|
page read and write
|
||
|
7FFAAC3A0000
|
trusted library allocation
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
7FFAAC12C000
|
trusted library allocation
|
page execute and read and write
|
||
|
294AF822000
|
trusted library allocation
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
F613BED000
|
stack
|
page read and write
|
||
|
7DBBB7E000
|
stack
|
page read and write
|
||
|
1B8D4620000
|
heap
|
page readonly
|
||
|
7FFAAC3F3000
|
trusted library allocation
|
page read and write
|
||
|
21D43367000
|
heap
|
page read and write
|
||
|
FC6000
|
stack
|
page read and write
|
||
|
7FFAAC522000
|
trusted library allocation
|
page read and write
|
||
|
7DF46FF60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC083000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B8E4DC2000
|
trusted library allocation
|
page read and write
|
||
|
426E000
|
stack
|
page read and write
|
||
|
389F000
|
stack
|
page read and write
|
||
|
177E000
|
stack
|
page read and write
|
||
|
7FFAAC380000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC0DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC3B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC320000
|
trusted library allocation
|
page read and write
|
||
|
1D67C000
|
stack
|
page read and write
|
||
|
3670000
|
heap
|
page read and write
|
||
|
369C000
|
heap
|
page read and write
|
||
|
7FFAAC231000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
21D43236000
|
heap
|
page execute and read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
19888C40000
|
heap
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
3533000
|
heap
|
page read and write
|
||
|
7FFAAC166000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC166000
|
trusted library allocation
|
page execute and read and write
|
||
|
21A57D40000
|
heap
|
page read and write
|
||
|
7FFAAC080000
|
trusted library allocation
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
294A0255000
|
trusted library allocation
|
page read and write
|
||
|
294AF531000
|
trusted library allocation
|
page read and write
|
||
|
4A5000
|
heap
|
page read and write
|
||
|
294A080F000
|
trusted library allocation
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
F397CB7000
|
stack
|
page read and write
|
||
|
18B4AE6D000
|
heap
|
page read and write
|
||
|
7FFAAC430000
|
trusted library allocation
|
page read and write
|
||
|
3675000
|
heap
|
page read and write
|
||
|
3F7C4CC000
|
stack
|
page read and write
|
||
|
7A3000
|
unkown
|
page write copy
|
||
|
49E000
|
heap
|
page read and write
|
||
|
E82000
|
unkown
|
page readonly
|
||
|
419E000
|
stack
|
page read and write
|
||
|
D3D186E000
|
stack
|
page read and write
|
||
|
7FFAAC3F2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC280000
|
trusted library allocation
|
page read and write
|
||
|
3535000
|
heap
|
page read and write
|
||
|
7FFAAC350000
|
trusted library allocation
|
page read and write
|
||
|
1B8D4B66000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3F8000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4AE1000
|
trusted library allocation
|
page read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
7FF6E1E6C000
|
unkown
|
page write copy
|
||
|
3665000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
21D3B041000
|
trusted library allocation
|
page read and write
|
||
|
C7F000
|
stack
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
7FFAAC4A0000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
21D2AA10000
|
trusted library allocation
|
page read and write
|
||
|
3F7B8FF000
|
stack
|
page read and write
|
||
|
2949F759000
|
trusted library allocation
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
952000
|
unkown
|
page readonly
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
E32000
|
unkown
|
page readonly
|
||
|
7FFAAC320000
|
trusted library allocation
|
page read and write
|
||
|
21D434E4000
|
heap
|
page read and write
|
||
|
5FF000
|
stack
|
page read and write
|
||
|
294AF815000
|
trusted library allocation
|
page read and write
|
||
|
BD9000
|
heap
|
page read and write
|
||
|
175F000
|
stack
|
page read and write
|
||
|
2AA11FD000
|
stack
|
page read and write
|
||
|
ECC000
|
stack
|
page read and write
|
||
|
AF19DED000
|
stack
|
page read and write
|
||
|
7FFAAC0DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ACF000
|
stack
|
page read and write
|
||
|
7FFAAC09D000
|
trusted library allocation
|
page execute and read and write
|
||
|
18B47C6D000
|
heap
|
page read and write
|
||
|
46E000
|
stack
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
7FFAAC23A000
|
trusted library allocation
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
3568000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
2BCD000
|
stack
|
page read and write
|
||
|
441E000
|
stack
|
page read and write
|
||
|
7FFAAC073000
|
trusted library allocation
|
page execute and read and write
|
||
|
3668000
|
heap
|
page read and write
|
||
|
2E9C000
|
stack
|
page read and write
|
||
|
18B41737000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
140098000
|
unkown
|
page readonly
|
||
|
7FFAAC140000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
7FF6E23E5000
|
unkown
|
page write copy
|
||
|
7FFAAC4E6000
|
trusted library allocation
|
page read and write
|
||
|
294B81C0000
|
heap
|
page read and write
|
||
|
18B41751000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
21D43080000
|
heap
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
F41000
|
unkown
|
page execute read
|
||
|
294A00BE000
|
trusted library allocation
|
page read and write
|
||
|
18B42F90000
|
direct allocation
|
page execute read
|
||
|
7FF45CC20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC310000
|
trusted library allocation
|
page read and write
|
||
|
294B7B30000
|
heap
|
page execute and read and write
|
||
|
138E000
|
stack
|
page read and write
|
||
|
3D9E000
|
stack
|
page read and write
|
||
|
F43000
|
unkown
|
page write copy
|
||
|
500000
|
heap
|
page read and write
|
||
|
21D2AF69000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7FF75CFC1000
|
unkown
|
page execute read
|
||
|
7FFAAC270000
|
trusted library allocation
|
page execute and read and write
|
||
|
294A10E9000
|
trusted library allocation
|
page read and write
|
||
|
1B8ED0E3000
|
heap
|
page read and write
|
||
|
83F000
|
stack
|
page read and write
|
||
|
9FC000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
7FF75D556000
|
unkown
|
page readonly
|
||
|
2949DBA0000
|
heap
|
page read and write
|
||
|
7FFAAC380000
|
trusted library allocation
|
page read and write
|
||
|
5A2000
|
heap
|
page read and write
|
||
|
1B8ED11B000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7FFAAC428000
|
trusted library allocation
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
3C9E000
|
stack
|
page read and write
|
||
|
7FFAAC090000
|
trusted library allocation
|
page read and write
|
||
|
140076000
|
unkown
|
page readonly
|
||
|
1469000
|
heap
|
page read and write
|
||
|
294B7F42000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
1BEF0000
|
heap
|
page execute and read and write
|
||
|
F3978FE000
|
stack
|
page read and write
|
||
|
45EF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FFAAC084000
|
trusted library allocation
|
page read and write
|
||
|
63C000
|
heap
|
page read and write
|
||
|
3665000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
E82000
|
unkown
|
page readonly
|
||
|
D3D187E000
|
stack
|
page read and write
|
||
|
7FFAAC4F0000
|
trusted library allocation
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
2949DD80000
|
heap
|
page read and write
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
21D43394000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
7DBB9FE000
|
stack
|
page read and write
|
||
|
7FFAAC130000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC4ED000
|
trusted library allocation
|
page read and write
|
||
|
2949DC27000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
18B4906D000
|
heap
|
page read and write
|
||
|
118B000
|
stack
|
page read and write
|
||
|
7FFAAC300000
|
trusted library allocation
|
page read and write
|
||
|
58D000
|
stack
|
page read and write
|
||
|
3F7B47E000
|
stack
|
page read and write
|
||
|
14DE000
|
stack
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
AF19FFF000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
294A082B000
|
trusted library allocation
|
page read and write
|
||
|
140000000
|
unkown
|
page readonly
|
||
|
7FFAAC330000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC350000
|
trusted library allocation
|
page read and write
|
||
|
1B8ED095000
|
heap
|
page read and write
|
||
|
F398A0E000
|
stack
|
page read and write
|
||
|
7FF6E1E6B000
|
unkown
|
page read and write
|
||
|
3F1E000
|
stack
|
page read and write
|
||
|
1B8D2BF4000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
7FFAAC3E9000
|
trusted library allocation
|
page read and write
|
||
|
255D000
|
stack
|
page read and write
|
||
|
1B8ED0BD000
|
heap
|
page read and write
|
||
|
1B8D4700000
|
heap
|
page read and write
|
||
|
1B8D4A70000
|
trusted library allocation
|
page read and write
|
||
|
3F7C44F000
|
stack
|
page read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
7FFAAC280000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC340000
|
trusted library allocation
|
page read and write
|
||
|
18B4A46D000
|
heap
|
page read and write
|
||
|
3552000
|
heap
|
page read and write
|
||
|
7FFAAC2A0000
|
trusted library allocation
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
16FF000
|
stack
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
294B7EF6000
|
heap
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
7FFAAC080000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC220000
|
trusted library allocation
|
page read and write
|
||
|
294B7F46000
|
heap
|
page read and write
|
||
|
4DD54F9000
|
stack
|
page read and write
|
||
|
7FFAAC261000
|
trusted library allocation
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
19888C2B000
|
heap
|
page read and write
|
||
|
18B4172F000
|
heap
|
page read and write
|
||
|
7FFAAC480000
|
trusted library allocation
|
page read and write
|
||
|
362E000
|
stack
|
page read and write
|
||
|
71C000
|
stack
|
page read and write
|
||
|
1C140000
|
heap
|
page execute and read and write
|
||
|
7FFAAC220000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC410000
|
trusted library allocation
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
3676000
|
heap
|
page read and write
|
||
|
7FFAAC4B3000
|
trusted library allocation
|
page read and write
|
||
|
7DBB8FD000
|
stack
|
page read and write
|
||
|
18B43130000
|
heap
|
page read and write
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
15BE000
|
heap
|
page read and write
|
||
|
4CD000
|
stack
|
page read and write
|
||
|
3672000
|
heap
|
page read and write
|
||
|
1186000
|
stack
|
page read and write
|
||
|
2F78000
|
heap
|
page read and write
|
||
|
7FFB227F0000
|
unkown
|
page read and write
|
||
|
65F000
|
stack
|
page read and write
|
||
|
7FFAAC0A4000
|
trusted library allocation
|
page read and write
|
||
|
5A2000
|
heap
|
page read and write
|
||
|
369A000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
7FFAAC390000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
3567000
|
heap
|
page read and write
|
||
|
18B4366D000
|
heap
|
page read and write
|
||
|
451F000
|
stack
|
page read and write
|
||
|
5CC000
|
heap
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
1B8D4A00000
|
heap
|
page execute and read and write
|
||
|
7A2000
|
unkown
|
page readonly
|
||
|
2040000
|
heap
|
page read and write
|
||
|
AF2000
|
unkown
|
page readonly
|
||
|
2BD000
|
stack
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
18B416A0000
|
heap
|
page read and write
|
||
|
422F000
|
stack
|
page read and write
|
||
|
21D43398000
|
heap
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
F397563000
|
stack
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
3672000
|
heap
|
page read and write
|
||
|
25787910000
|
heap
|
page read and write
|
||
|
7FFAAC092000
|
trusted library allocation
|
page read and write
|
||
|
405E000
|
stack
|
page read and write
|
||
|
7FFAAC09B000
|
trusted library allocation
|
page read and write
|
||
|
60C000
|
heap
|
page read and write
|
||
|
1B8ED0A5000
|
heap
|
page read and write
|
||
|
7FFAAC360000
|
trusted library allocation
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
1419000
|
heap
|
page read and write
|
||
|
F398A8E000
|
stack
|
page read and write
|
||
|
7FFAAC250000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
7FFAAC0B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
7FFAAC414000
|
trusted library allocation
|
page read and write
|
||
|
2949DBE9000
|
heap
|
page read and write
|
||
|
596000
|
heap
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
7FF6E1E50000
|
unkown
|
page readonly
|
||
|
3672000
|
heap
|
page read and write
|
||
|
7FFAAC320000
|
trusted library allocation
|
page read and write
|
||
|
1B8D2DD0000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
294B7F3E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
589000
|
heap
|
page read and write
|
||
|
21D430BA000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
7FFAAC417000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
E32000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
294B7F14000
|
heap
|
page read and write
|
||
|
7FFAAC310000
|
trusted library allocation
|
page read and write
|
||
|
3FEE000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
35F0000
|
heap
|
page read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
7FFAAC0DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
E85000
|
unkown
|
page readonly
|
||
|
1B8ED059000
|
heap
|
page read and write
|
||
|
25787710000
|
heap
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
7FFAAC48A000
|
trusted library allocation
|
page read and write
|
||
|
3FAF000
|
stack
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
140096000
|
unkown
|
page read and write
|
||
|
2D7B000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
7FFAAC090000
|
trusted library allocation
|
page read and write
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
7FFAAC3D0000
|
trusted library allocation
|
page read and write
|
||
|
BEE000
|
heap
|
page read and write
|
||
|
632000
|
heap
|
page read and write
|
||
|
38C000
|
stack
|
page read and write
|
||
|
7FFB227F2000
|
unkown
|
page readonly
|
||
|
E83000
|
unkown
|
page write copy
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
5E1000
|
heap
|
page read and write
|
||
|
49D000
|
stack
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1B8D2C29000
|
heap
|
page read and write
|
||
|
1B8D6655000
|
trusted library allocation
|
page read and write
|
||
|
21A57C60000
|
heap
|
page read and write
|
||
|
294A081E000
|
trusted library allocation
|
page read and write
|
||
|
7FF75D549000
|
unkown
|
page readonly
|
||
|
7FFAAC410000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B6F28000
|
unkown
|
page readonly
|
||
|
1B8D2C69000
|
heap
|
page read and write
|
||
|
A28000
|
heap
|
page read and write
|
||
|
19888C00000
|
heap
|
page read and write
|
||
|
95F000
|
stack
|
page read and write
|
||
|
35EE000
|
stack
|
page read and write
|
||
|
7FFAAC166000
|
trusted library allocation
|
page read and write
|
||
|
18B415C0000
|
heap
|
page read and write
|
||
|
BE1000
|
heap
|
page read and write
|
||
|
3691000
|
heap
|
page read and write
|
||
|
389D000
|
stack
|
page read and write
|
||
|
7FFAAC0D4000
|
trusted library allocation
|
page read and write
|
||
|
2CCD000
|
stack
|
page read and write
|
||
|
7FFAAC08D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FA0000
|
heap
|
page execute and read and write
|
||
|
BCB000
|
heap
|
page read and write
|
||
|
17BE000
|
stack
|
page read and write
|
||
|
2949DB40000
|
heap
|
page read and write
|
||
|
2B804628000
|
heap
|
page read and write
|
||
|
21D3B029000
|
trusted library allocation
|
page read and write
|
||
|
3674000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
21D2AA30000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
7FF6E23E6000
|
unkown
|
page readonly
|
||
|
7DF4166B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FAF000
|
stack
|
page read and write
|
||
|
7A2000
|
unkown
|
page readonly
|
||
|
2949F531000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3C0000
|
trusted library allocation
|
page read and write
|
||
|
94F000
|
stack
|
page read and write
|
||
|
7FFAAC4A6000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC136000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC270000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D2C7F7000
|
trusted library allocation
|
page read and write
|
||
|
7FF75D555000
|
unkown
|
page write copy
|
||
|
294A076F000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC450000
|
trusted library allocation
|
page read and write
|
||
|
4DD644E000
|
stack
|
page read and write
|
||
|
7FF75CFC1000
|
unkown
|
page execute read
|
||
|
1A0000
|
heap
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
878000
|
heap
|
page read and write
|
||
|
369D000
|
heap
|
page read and write
|
||
|
3EAE000
|
stack
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
1B8D6642000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
7FF6E23D9000
|
unkown
|
page readonly
|
||
|
25787A30000
|
unkown
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
1DA7B000
|
stack
|
page read and write
|
||
|
7FFAAC4C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18B41737000
|
heap
|
page read and write
|
||
|
7FF6B6F01000
|
unkown
|
page execute read
|
||
|
2949DBA9000
|
heap
|
page read and write
|
||
|
294B7BB0000
|
heap
|
page read and write
|
||
|
F3975EE000
|
stack
|
page read and write
|
||
|
39DF000
|
stack
|
page read and write
|
||
|
140094000
|
unkown
|
page read and write
|
||
|
7FFAAC3FC000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC370000
|
trusted library allocation
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
294B7FB9000
|
heap
|
page read and write
|
||
|
1B8ECFF9000
|
heap
|
page read and write
|
||
|
21D2C022000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2F0000
|
trusted library allocation
|
page read and write
|
||
|
294B7F74000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
18B4866D000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1B8D2C25000
|
heap
|
page read and write
|
||
|
21D2AA90000
|
heap
|
page read and write
|
||
|
1B8ECFD2000
|
heap
|
page read and write
|
||
|
3539000
|
heap
|
page read and write
|
||
|
21D2BA59000
|
trusted library allocation
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
2D2C000
|
stack
|
page read and write
|
||
|
21D4339C000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7DBBC7F000
|
stack
|
page read and write
|
||
|
7FFAAC0CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
33AF000
|
stack
|
page read and write
|
||
|
7FFB227F0000
|
unkown
|
page read and write
|
||
|
438000
|
heap
|
page read and write
|
||
|
7FFAAC280000
|
trusted library allocation
|
page read and write
|
||
|
49D000
|
stack
|
page read and write
|
||
|
146000
|
stack
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
369D000
|
heap
|
page read and write
|
||
|
B7E000
|
heap
|
page read and write
|
||
|
54D000
|
stack
|
page read and write
|
||
|
17FE000
|
stack
|
page read and write
|
||
|
4DD567D000
|
stack
|
page read and write
|
||
|
7FFAAC290000
|
trusted library allocation
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
45D000
|
stack
|
page read and write
|
||
|
62C000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
135E000
|
stack
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
57E000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
18B4173B000
|
heap
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
5CC000
|
heap
|
page read and write
|
||
|
4A5E000
|
stack
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
7DBBAFF000
|
stack
|
page read and write
|
||
|
4DD597E000
|
stack
|
page read and write
|
||
|
7FFAAC0B2000
|
trusted library allocation
|
page read and write
|
||
|
40EF000
|
stack
|
page read and write
|
||
|
3669000
|
heap
|
page read and write
|
||
|
21D28FD0000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
2A4F000
|
stack
|
page read and write
|
||
|
632000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
7FFAAC136000
|
trusted library allocation
|
page read and write
|
||
|
379E000
|
stack
|
page read and write
|
||
|
353C000
|
heap
|
page read and write
|
||
|
7FFAAC084000
|
trusted library allocation
|
page read and write
|
||
|
4DD587B000
|
stack
|
page read and write
|
||
|
7FFAAC270000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF6E23D7000
|
unkown
|
page read and write
|
||
|
18B43070000
|
heap
|
page read and write
|
||
|
353F000
|
heap
|
page read and write
|
||
|
F397AFA000
|
stack
|
page read and write
|
||
|
54E000
|
heap
|
page read and write
|
||
|
21D29043000
|
heap
|
page read and write
|
||
|
3669000
|
heap
|
page read and write
|
||
|
7FFAAC4C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F5000
|
stack
|
page read and write
|
||
|
49D000
|
stack
|
page read and write
|
||
|
436F000
|
stack
|
page read and write
|
||
|
1B8D567A000
|
trusted library allocation
|
page read and write
|
||
|
7FF75CFC0000
|
unkown
|
page readonly
|
||
|
52E000
|
stack
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
2AA13FE000
|
stack
|
page read and write
|
||
|
4A1F000
|
stack
|
page read and write
|
||
|
5D4000
|
heap
|
page read and write
|
||
|
1B8D5C85000
|
trusted library allocation
|
page read and write
|
||
|
F397BF8000
|
stack
|
page read and write
|
||
|
21D29030000
|
heap
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
7FFAAC07D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF44D520000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B8D2BC0000
|
heap
|
page read and write
|
||
|
7FFAAC310000
|
trusted library allocation
|
page read and write
|
||
|
21A57FD5000
|
heap
|
page read and write
|
||
|
2F3D000
|
stack
|
page read and write
|
||
|
7DBBD7E000
|
stack
|
page read and write
|
||
|
18B41751000
|
heap
|
page read and write
|
||
|
7FFAAC120000
|
trusted library allocation
|
page read and write
|
||
|
18B42FE0000
|
heap
|
page readonly
|
||
|
7FFAAC3E4000
|
trusted library allocation
|
page read and write
|
||
|
21D4341D000
|
heap
|
page read and write
|
||
|
21D43388000
|
heap
|
page read and write
|
||
|
7FF6E23D9000
|
unkown
|
page readonly
|
||
|
960000
|
heap
|
page read and write
|
||
|
1D680000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
21D3AD41000
|
trusted library allocation
|
page read and write
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
7FFAAC400000
|
trusted library allocation
|
page read and write
|
||
|
837000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
3F7B13D000
|
stack
|
page read and write
|
||
|
21D2AAA0000
|
trusted library allocation
|
page read and write
|
||
|
3F7B4F9000
|
stack
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
5F9000
|
heap
|
page read and write
|
||
|
353C000
|
heap
|
page read and write
|
||
|
7FF6E23E6000
|
unkown
|
page readonly
|
||
|
1B8D4660000
|
trusted library allocation
|
page read and write
|
||
|
1BB000
|
stack
|
page read and write
|
||
|
1B8D48E0000
|
heap
|
page read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
F397A7E000
|
stack
|
page read and write
|
||
|
629000
|
heap
|
page read and write
|
||
|
18B4174B000
|
heap
|
page read and write
|
||
|
7FFAAC156000
|
trusted library allocation
|
page execute and read and write
|
||
|
3542000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
34CA000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FFAAC160000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC330000
|
trusted library allocation
|
page read and write
|
||
|
1B8D2E15000
|
heap
|
page read and write
|
||
|
7FFAAC0C0000
|
trusted library allocation
|
page read and write
|
||
|
ADE000
|
stack
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
4AE000
|
stack
|
page read and write
|
||
|
7FFAAC520000
|
trusted library allocation
|
page read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FFAAC1D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC080000
|
trusted library allocation
|
page read and write
|
||
|
18B416E7000
|
heap
|
page read and write
|
||
|
13197000
|
trusted library allocation
|
page read and write
|
||
|
1602000
|
heap
|
page read and write
|
||
|
1B8D2C21000
|
heap
|
page read and write
|
||
|
472F000
|
stack
|
page read and write
|
||
|
21D43784000
|
heap
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
18B4686D000
|
heap
|
page read and write
|
||
|
1B8E4B11000
|
trusted library allocation
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
AF19DFD000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1B8D658D000
|
trusted library allocation
|
page read and write
|
||
|
F43000
|
unkown
|
page write copy
|
||
|
25788010000
|
unkown
|
page read and write
|
||
|
636000
|
heap
|
page read and write
|
||
|
19888A10000
|
heap
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
1B8D4AD0000
|
heap
|
page execute and read and write
|
||
|
7FFAAC4A0000
|
trusted library allocation
|
page read and write
|
||
|
1B8D4A26000
|
heap
|
page execute and read and write
|
||
|
5D1000
|
heap
|
page read and write
|
||
|
5F9000
|
heap
|
page read and write
|
||
|
3661000
|
heap
|
page read and write
|
||
|
14009F000
|
unkown
|
page readonly
|
||
|
3F7B1FF000
|
stack
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
7FFAAC0AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
F397B7E000
|
stack
|
page read and write
|
||
|
2A4F000
|
stack
|
page read and write
|
||
|
21D2BF8E000
|
trusted library allocation
|
page read and write
|
||
|
7FF6E1E51000
|
unkown
|
page execute read
|
||
|
386E000
|
stack
|
page read and write
|
||
|
7FF6B6F25000
|
unkown
|
page read and write
|
||
|
21D2AB9D000
|
heap
|
page read and write
|
||
|
7FFAAC2A0000
|
trusted library allocation
|
page read and write
|
||
|
368C000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
21D3B027000
|
trusted library allocation
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
AF4000
|
unkown
|
page readonly
|
||
|
3E6F000
|
stack
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
7FFAAC420000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC535000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
368C000
|
heap
|
page read and write
|
||
|
BC000
|
stack
|
page read and write
|
||
|
51E000
|
heap
|
page read and write
|
||
|
21D2AD30000
|
heap
|
page execute and read and write
|
||
|
951000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
159E000
|
stack
|
page read and write
|
||
|
2949DCC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC527000
|
trusted library allocation
|
page read and write
|
||
|
69E000
|
stack
|
page read and write
|
||
|
21D3B023000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
462E000
|
stack
|
page read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
7FFAAC094000
|
trusted library allocation
|
page read and write
|
||
|
294A077D000
|
trusted library allocation
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
21D2BC94000
|
trusted library allocation
|
page read and write
|
||
|
294B7A39000
|
heap
|
page read and write
|
||
|
21D434DE000
|
heap
|
page read and write
|
||
|
1B8D5804000
|
trusted library allocation
|
page read and write
|
||
|
3F7B0B3000
|
stack
|
page read and write
|
||
|
5E3000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
53A000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
7FFAAC262000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
7FFAAC3F2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
3F7C5CA000
|
stack
|
page read and write
|
||
|
1950000
|
heap
|
page read and write
|
||
|
1B8ED111000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
5B73000
|
heap
|
page read and write
|
||
|
21D29260000
|
heap
|
page read and write
|
||
|
162A000
|
heap
|
page read and write
|
||
|
3660000
|
heap
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
3663000
|
heap
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
401F000
|
stack
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
7FFAAC130000
|
trusted library allocation
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
7FFAAC350000
|
trusted library allocation
|
page read and write
|
||
|
294AF561000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
7FFAAC16C000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
F41000
|
unkown
|
page execute read
|
||
|
3665000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
A2A000
|
heap
|
page read and write
|
||
|
F45000
|
unkown
|
page readonly
|
||
|
87F000
|
stack
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
21D2C02B000
|
trusted library allocation
|
page read and write
|
||
|
221DCA00000
|
heap
|
page read and write
|
||
|
AC000
|
stack
|
page read and write
|
||
|
A9D000
|
stack
|
page read and write
|
||
|
2949DCA0000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4DCF000
|
trusted library allocation
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
7FFAAC3E0000
|
trusted library allocation
|
page read and write
|
||
|
E3F000
|
stack
|
page read and write
|
||
|
27FF000
|
stack
|
page read and write
|
||
|
2E38000
|
heap
|
page read and write
|
||
|
294A1374000
|
trusted library allocation
|
page read and write
|
||
|
47DE000
|
stack
|
page read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
3691000
|
heap
|
page read and write
|
||
|
173E000
|
stack
|
page read and write
|
||
|
354F000
|
heap
|
page read and write
|
||
|
609000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
294B7530000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC370000
|
trusted library allocation
|
page read and write
|
||
|
1B8D4630000
|
trusted library allocation
|
page read and write
|
||
|
629000
|
heap
|
page read and write
|
||
|
108C000
|
stack
|
page read and write
|
||
|
418000
|
heap
|
page read and write
|
||
|
1B8E4DE1000
|
trusted library allocation
|
page read and write
|
||
|
1B8D6546000
|
trusted library allocation
|
page read and write
|
||
|
294B7F9C000
|
heap
|
page read and write
|
||
|
588000
|
heap
|
page read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
2B804620000
|
heap
|
page read and write
|
||
|
E31000
|
unkown
|
page execute read
|
||
|
1B8ED01C000
|
heap
|
page read and write
|
||
|
353A000
|
heap
|
page read and write
|
||
|
1400A2000
|
unkown
|
page execute read
|
||
|
140091000
|
unkown
|
page read and write
|
||
|
1B8D2BE0000
|
heap
|
page read and write
|
||
|
21D43502000
|
heap
|
page read and write
|
||
|
144F000
|
heap
|
page read and write
|
||
|
E80000
|
unkown
|
page readonly
|
||
|
530000
|
heap
|
page read and write
|
||
|
465F000
|
stack
|
page read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
60C000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
952000
|
unkown
|
page readonly
|
||
|
420000
|
heap
|
page read and write
|
||
|
62C000
|
heap
|
page read and write
|
||
|
7FFAAC084000
|
trusted library allocation
|
page read and write
|
||
|
50E000
|
stack
|
page read and write
|
||
|
577000
|
heap
|
page read and write
|
||
|
21A57FD0000
|
heap
|
page read and write
|
||
|
5FD000
|
heap
|
page read and write
|
||
|
7FFAAC360000
|
trusted library allocation
|
page read and write
|
||
|
3248000
|
heap
|
page read and write
|
||
|
1B8ECFC0000
|
heap
|
page read and write
|
||
|
21D2C01D000
|
trusted library allocation
|
page read and write
|
||
|
19C0000
|
heap
|
page read and write
|
||
|
294A04A0000
|
trusted library allocation
|
page read and write
|
||
|
E83000
|
unkown
|
page write copy
|
||
|
18B4173B000
|
heap
|
page read and write
|
||
|
1CA7E000
|
stack
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
1B8D4958000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
5CF000
|
stack
|
page read and write
|
||
|
21D290B6000
|
heap
|
page read and write
|
||
|
21D28FF0000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
140000000
|
unkown
|
page readonly
|
||
|
2949FF31000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
21A57DB0000
|
heap
|
page read and write
|
||
|
2949DBED000
|
heap
|
page read and write
|
||
|
1B8ECF32000
|
heap
|
page read and write
|
||
|
7FFAAC49C000
|
trusted library allocation
|
page read and write
|
||
|
366B000
|
heap
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
1B8D64E7000
|
trusted library allocation
|
page read and write
|
||
|
7DBB87E000
|
stack
|
page read and write
|
||
|
F42000
|
unkown
|
page readonly
|
||
|
7FFAAC4D0000
|
trusted library allocation
|
page read and write
|
||
|
F39797E000
|
stack
|
page read and write
|
||
|
21A57D60000
|
heap
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
372E000
|
stack
|
page read and write
|
||
|
3D2F000
|
stack
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
3691000
|
heap
|
page read and write
|
||
|
7FFAAC525000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4B6000
|
trusted library allocation
|
page read and write
|
||
|
7FF6E23E5000
|
unkown
|
page write copy
|
||
|
E81000
|
unkown
|
page execute read
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
2949DD60000
|
heap
|
page read and write
|
||
|
412E000
|
stack
|
page read and write
|
||
|
7FF75D556000
|
unkown
|
page readonly
|
||
|
2D9E000
|
heap
|
page read and write
|
||
|
21D431B0000
|
trusted library allocation
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
294B7BD0000
|
heap
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
7FF75CFC0000
|
unkown
|
page readonly
|
||
|
570000
|
heap
|
page read and write
|
||
|
7A3000
|
unkown
|
page write copy
|
||
|
4DD57F8000
|
stack
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
53E000
|
stack
|
page read and write
|
||
|
21D2B8D3000
|
trusted library allocation
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
5F9000
|
heap
|
page read and write
|
||
|
21D43260000
|
heap
|
page read and write
|
||
|
3569000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
21D2AAD0000
|
trusted library allocation
|
page read and write
|
||
|
421000
|
heap
|
page read and write
|
||
|
294AF551000
|
trusted library allocation
|
page read and write
|
||
|
294A0782000
|
trusted library allocation
|
page read and write
|
||
|
19888A30000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
7FFAAC2F0000
|
trusted library allocation
|
page read and write
|
||
|
7DBBA7F000
|
stack
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
5E7000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
7FFAAC3E9000
|
trusted library allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1BD4C000
|
stack
|
page read and write
|
||
|
18B4174B000
|
heap
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
CFF000
|
stack
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
21D2C026000
|
trusted library allocation
|
page read and write
|
||
|
3F5000
|
heap
|
page read and write
|
||
|
21D29038000
|
heap
|
page read and write
|
||
|
198891A0000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
3696000
|
heap
|
page read and write
|
||
|
2949DAF0000
|
heap
|
page read and write
|
||
|
7FFB227F0000
|
unkown
|
page read and write
|
||
|
353E000
|
heap
|
page read and write
|
||
|
221DCD65000
|
heap
|
page read and write
|
||
|
272D000
|
stack
|
page read and write
|
||
|
7FF75D552000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
3D6E000
|
stack
|
page read and write
|
||
|
19888D02000
|
heap
|
page read and write
|
||
|
469E000
|
stack
|
page read and write
|
||
|
BDF000
|
heap
|
page read and write
|
||
|
1B8D54E1000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
43AE000
|
stack
|
page read and write
|
||
|
2949DB45000
|
heap
|
page read and write
|
||
|
140076000
|
unkown
|
page readonly
|
||
|
3669000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
F398B0A000
|
stack
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
21D43179000
|
heap
|
page read and write
|
||
|
F397EBF000
|
stack
|
page read and write
|
||
|
21D3AD71000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC250000
|
trusted library allocation
|
page read and write
|
||
|
294B7AA5000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
1B8ED10B000
|
heap
|
page read and write
|
||
|
478000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
294B7F4A000
|
heap
|
page read and write
|
||
|
1B8D4904000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
39CC000
|
stack
|
page read and write
|
||
|
3663000
|
heap
|
page read and write
|
||
|
7FFAAC0BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC419000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
21D2C8FA000
|
trusted library allocation
|
page read and write
|
||
|
18B42F70000
|
heap
|
page read and write
|
||
|
E31000
|
unkown
|
page execute read
|
||
|
AF1000
|
unkown
|
page execute read
|
||
|
7FFAAC084000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
7FFAAC0B4000
|
trusted library allocation
|
page read and write
|
||
|
60C000
|
heap
|
page read and write
|
||
|
7FFAAC390000
|
trusted library allocation
|
page read and write
|
||
|
7FFB227D0000
|
unkown
|
page readonly
|
||
|
21D2BF86000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3AEE000
|
stack
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
7FF75D555000
|
unkown
|
page write copy
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
486F000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
21D2AA95000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
7FFAAC390000
|
trusted library allocation
|
page read and write
|
||
|
319A000
|
trusted library allocation
|
page read and write
|
||
|
7DF4166C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D2C83C000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2E0000
|
trusted library allocation
|
page read and write
|
||
|
3C5F000
|
stack
|
page read and write
|
||
|
4DD512E000
|
stack
|
page read and write
|
||
|
1B8D2DB0000
|
heap
|
page read and write
|
||
|
366B000
|
heap
|
page read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
18B43140000
|
direct allocation
|
page execute and read and write
|
||
|
1B8D4A20000
|
heap
|
page execute and read and write
|
||
|
4DD557F000
|
stack
|
page read and write
|
||
|
2B804580000
|
heap
|
page read and write
|
||
|
19888C13000
|
heap
|
page read and write
|
||
|
294B7B37000
|
heap
|
page execute and read and write
|
||
|
E81000
|
unkown
|
page execute read
|
||
|
790000
|
heap
|
page read and write
|
||
|
366D000
|
heap
|
page read and write
|
||
|
1D5000
|
heap
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
259E000
|
stack
|
page read and write
|
||
|
1C670000
|
heap
|
page read and write
|
||
|
629000
|
heap
|
page read and write
|
||
|
134C3000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
4DD55F9000
|
stack
|
page read and write
|
||
|
F397FBE000
|
stack
|
page read and write
|
||
|
2949DB50000
|
heap
|
page read and write
|
||
|
371F000
|
stack
|
page read and write
|
||
|
368C000
|
heap
|
page read and write
|
||
|
7FF75CFDB000
|
unkown
|
page write copy
|
||
|
63E000
|
heap
|
page read and write
|
||
|
21D2C013000
|
trusted library allocation
|
page read and write
|
||
|
633000
|
heap
|
page read and write
|
||
|
2FD000
|
stack
|
page read and write
|
||
|
434000
|
heap
|
page read and write
|
||
|
201EECB0000
|
unkown
|
page read and write
|
||
|
1B8D2C6C000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
7FFAAC196000
|
trusted library allocation
|
page execute and read and write
|
||
|
505000
|
heap
|
page read and write
|
||
|
7FFAAC424000
|
trusted library allocation
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
3577000
|
heap
|
page read and write
|
||
|
221DCCD0000
|
unkown
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page read and write
|
||
|
1B8ED408000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
294A1446000
|
trusted library allocation
|
page read and write
|
||
|
596000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
3683000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
2949DAD0000
|
heap
|
page read and write
|
||
|
F40000
|
unkown
|
page readonly
|
||
|
479F000
|
stack
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
1B8D45C0000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
93DCDFE000
|
stack
|
page read and write
|
||
|
3542000
|
heap
|
page read and write
|
||
|
1B8ED07B000
|
heap
|
page read and write
|
||
|
7FF6E23E2000
|
unkown
|
page write copy
|
||
|
294AF81A000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC520000
|
trusted library allocation
|
page read and write
|
||
|
221DCD70000
|
unkown
|
page read and write
|
||
|
7FF6B6F1C000
|
unkown
|
page readonly
|
||
|
13193000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC522000
|
trusted library allocation
|
page read and write
|
||
|
7A1000
|
unkown
|
page execute read
|
||
|
638000
|
heap
|
page read and write
|
||
|
7FFAAC166000
|
trusted library allocation
|
page execute and read and write
|
||
|
18B41751000
|
heap
|
page read and write
|
||
|
74D000
|
stack
|
page read and write
|
||
|
134C7000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
7FFAAC370000
|
trusted library allocation
|
page read and write
|
||
|
294B7BDC000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1B8D4710000
|
heap
|
page read and write
|
||
|
5D1000
|
heap
|
page read and write
|
||
|
1B8ED260000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
1B8ED40A000
|
heap
|
page read and write
|
||
|
54A000
|
heap
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
34C1000
|
trusted library allocation
|
page read and write
|
||
|
294B7CF0000
|
trusted library allocation
|
page read and write
|
||
|
3F7B97E000
|
stack
|
page read and write
|
||
|
7FFAAC267000
|
trusted library allocation
|
page read and write
|
||
|
15FD000
|
stack
|
page read and write
|
||
|
294B7E4C000
|
heap
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
7A1000
|
unkown
|
page execute read
|
||
|
E85000
|
unkown
|
page readonly
|
||
|
21D2CB85000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
1B8D2E10000
|
heap
|
page read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
134C9000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
1A6000
|
stack
|
page read and write
|
||
|
21D434B4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FFAAC0AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC210000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
7A0000
|
unkown
|
page readonly
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
7FFAAC3E0000
|
trusted library allocation
|
page read and write
|
||
|
3191000
|
trusted library allocation
|
page read and write
|
||
|
1B8D691B000
|
trusted library allocation
|
page read and write
|
||
|
294B7AC1000
|
heap
|
page read and write
|
||
|
7FFAAC2C0000
|
trusted library allocation
|
page read and write
|
||
|
5D1000
|
heap
|
page read and write
|
||
|
2D9E000
|
heap
|
page read and write
|
||
|
2949D9F0000
|
heap
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
7FFAAC08D000
|
trusted library allocation
|
page execute and read and write
|
||
|
34EE000
|
stack
|
page read and write
|
||
|
294A13D2000
|
trusted library allocation
|
page read and write
|
||
|
21D2ADC6000
|
trusted library allocation
|
page read and write
|
||
|
294B7ABC000
|
heap
|
page read and write
|
||
|
7FFAAC0AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC3F0000
|
trusted library allocation
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
18B43020000
|
heap
|
page read and write
|
||
|
2F7D000
|
stack
|
page read and write
|
||
|
3BEF000
|
stack
|
page read and write
|
||
|
21D2BCA8000
|
trusted library allocation
|
page read and write
|
||
|
294B7AE9000
|
heap
|
page read and write
|
||
|
63C000
|
heap
|
page read and write
|
||
|
25FC000
|
stack
|
page read and write
|
||
|
4DD664A000
|
stack
|
page read and write
|
||
|
18B416A7000
|
heap
|
page read and write
|
||
|
294A0F9F000
|
trusted library allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
201EEF60000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
ABB000
|
heap
|
page read and write
|
||
|
2D93000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
201EEC50000
|
heap
|
page read and write
|
||
|
21D2C7B0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1345000
|
heap
|
page read and write
|
||
|
7FFAAC08D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D27E000
|
stack
|
page read and write
|
||
|
1B6000
|
stack
|
page read and write
|
||
|
269E000
|
stack
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
362E000
|
stack
|
page read and write
|
||
|
1B8E4DD1000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC48D000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
7FFAAC083000
|
trusted library allocation
|
page execute and read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
294B75A1000
|
heap
|
page read and write
|
||
|
7FFAAC2C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2D0000
|
trusted library allocation
|
page read and write
|
||
|
20DF000
|
stack
|
page read and write
|
||
|
7FFAAC222000
|
trusted library allocation
|
page read and write
|
||
|
1B8D48F0000
|
heap
|
page read and write
|
||
|
F397E3E000
|
stack
|
page read and write
|
||
|
21D29265000
|
heap
|
page read and write
|
||
|
F39803C000
|
stack
|
page read and write
|
||
|
5F2000
|
heap
|
page read and write
|
||
|
1B8ED0B5000
|
heap
|
page read and write
|
||
|
7FFAAC380000
|
trusted library allocation
|
page read and write
|
||
|
3691000
|
heap
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
5FA000
|
heap
|
page read and write
|
||
|
7DBB97C000
|
stack
|
page read and write
|
||
|
7FFAAC0A0000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
1B8D498D000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
2D9D000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
248E000
|
stack
|
page read and write
|
||
|
7FFAAC300000
|
trusted library allocation
|
page read and write
|
||
|
1B8D5ACE000
|
trusted library allocation
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
FCA000
|
stack
|
page read and write
|
||
|
21D29073000
|
heap
|
page read and write
|
||
|
294A0815000
|
trusted library allocation
|
page read and write
|
||
|
353E000
|
heap
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
E80000
|
unkown
|
page readonly
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
294B7ECE000
|
heap
|
page read and write
|
||
|
5D4000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
7FFAAC297000
|
trusted library allocation
|
page read and write
|
||
|
1B8D4705000
|
heap
|
page read and write
|
||
|
4DD64CD000
|
stack
|
page read and write
|
||
|
369D000
|
heap
|
page read and write
|
||
|
7FFAAC4E0000
|
trusted library allocation
|
page read and write
|
||
|
1B8D2CD3000
|
heap
|
page read and write
|
||
|
628000
|
heap
|
page read and write
|
||
|
21D2AD10000
|
heap
|
page execute and read and write
|
||
|
3696000
|
heap
|
page read and write
|
||
|
1618000
|
heap
|
page read and write
|
||
|
3661000
|
heap
|
page read and write
|
||
|
2949F5B8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC264000
|
trusted library allocation
|
page read and write
|
||
|
1C270000
|
heap
|
page read and write
|
||
|
7FFAAC2E0000
|
trusted library allocation
|
page read and write
|
||
|
21D43600000
|
heap
|
page read and write
|
||
|
455E000
|
stack
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
7FFAAC3B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF6E1E50000
|
unkown
|
page readonly
|
||
|
21D4352B000
|
heap
|
page read and write
|
||
|
1C491000
|
heap
|
page read and write
|
||
|
1B8ED3B0000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
294A06D8000
|
trusted library allocation
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
1B8ED079000
|
heap
|
page read and write
|
||
|
201EEC70000
|
unkown
|
page read and write
|
||
|
39DE000
|
stack
|
page read and write
|
||
|
1D27E000
|
stack
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
21D28FC0000
|
heap
|
page read and write
|
||
|
2B8044A0000
|
heap
|
page read and write
|
||
|
18B4406D000
|
heap
|
page read and write
|
||
|
2B8045A0000
|
heap
|
page read and write
|
||
|
7FFAAC090000
|
trusted library allocation
|
page read and write
|
||
|
3F7B1BE000
|
stack
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
F39787E000
|
stack
|
page read and write
|
||
|
2949DBE1000
|
heap
|
page read and write
|
||
|
F397DB9000
|
stack
|
page read and write
|
||
|
25787720000
|
heap
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
954000
|
unkown
|
page readonly
|
||
|
1340000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
17AF000
|
stack
|
page read and write
|
||
|
7FFAAC26A000
|
trusted library allocation
|
page read and write
|
||
|
2AA0E7C000
|
stack
|
page read and write
|
||
|
262D000
|
stack
|
page read and write
|
||
|
4AEF000
|
stack
|
page read and write
|
||
|
7DF4166D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
21D430DE000
|
heap
|
page read and write
|
||
|
3F7B878000
|
stack
|
page read and write
|
||
|
7FFAAC083000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC53F000
|
trusted library allocation
|
page read and write
|
||
|
F397C3E000
|
stack
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
7FFAAC250000
|
trusted library allocation
|
page execute and read and write
|
||
|
18B44A6D000
|
heap
|
page read and write
|
||
|
5B71000
|
heap
|
page read and write
|
||
|
950000
|
unkown
|
page readonly
|
||
|
323E000
|
stack
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
1B8ED083000
|
heap
|
page read and write
|
||
|
294B7F3A000
|
heap
|
page read and write
|
||
|
7FFAAC2B0000
|
trusted library allocation
|
page read and write
|
||
|
4B5F000
|
stack
|
page read and write
|
||
|
7AF000
|
stack
|
page read and write
|
||
|
140E000
|
heap
|
page read and write
|
||
|
7FFAAC550000
|
trusted library allocation
|
page read and write
|
||
|
221DCD60000
|
heap
|
page read and write
|
||
|
7FFAAC10C000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D2C8BF000
|
trusted library allocation
|
page read and write
|
||
|
3F7B57F000
|
stack
|
page read and write
|
||
|
7FFAAC400000
|
trusted library allocation
|
page read and write
|
||
|
21D2C03F000
|
trusted library allocation
|
page read and write
|
||
|
388E000
|
stack
|
page read and write
|
||
|
F44000
|
unkown
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
432000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
952000
|
heap
|
page read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
294B7EFC000
|
heap
|
page read and write
|
||
|
950000
|
unkown
|
page readonly
|
||
|
1B8D65D2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4B0000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
21D43357000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
2B804870000
|
heap
|
page read and write
|
||
|
954000
|
unkown
|
page readonly
|
||
|
3683000
|
heap
|
page read and write
|
||
|
7FFAAC3F0000
|
trusted library allocation
|
page read and write
|
||
|
294B7CB0000
|
heap
|
page execute and read and write
|
||
|
7FFAAC1A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC4F0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FF6B6F23000
|
unkown
|
page read and write
|
||
|
18B43060000
|
heap
|
page read and write
|
||
|
BFF000
|
stack
|
page read and write
|
||
|
140091000
|
unkown
|
page write copy
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
221DCD10000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4DD51EE000
|
stack
|
page read and write
|
||
|
21D29050000
|
heap
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
7FFAAC1A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E34000
|
unkown
|
page readonly
|
||
|
35CF000
|
stack
|
page read and write
|
||
|
3576000
|
heap
|
page read and write
|
||
|
1B8D4937000
|
heap
|
page read and write
|
||
|
3553000
|
heap
|
page read and write
|
||
|
294B7F10000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
18B417A0000
|
heap
|
page read and write
|
||
|
60C000
|
heap
|
page read and write
|
||
|
7FFAAC074000
|
trusted library allocation
|
page read and write
|
||
|
42DE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21D2B740000
|
trusted library allocation
|
page read and write
|
||
|
1B8ED0AD000
|
heap
|
page read and write
|
||
|
3F7B9FF000
|
stack
|
page read and write
|
||
|
21D43390000
|
heap
|
page read and write
|
||
|
7FFAAC490000
|
trusted library allocation
|
page read and write
|
||
|
1B8ECE40000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
21D29077000
|
heap
|
page read and write
|
||
|
382F000
|
stack
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
1B8D4AE1000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B6F00000
|
unkown
|
page readonly
|
||
|
3C2E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
F40000
|
unkown
|
page readonly
|
||
|
1B8E4B01000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
21D29200000
|
heap
|
page read and write
|
||
|
7FFAAC0A0000
|
trusted library allocation
|
page read and write
|
||
|
294A102A000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2C0000
|
trusted library allocation
|
page read and write
|
||
|
92A000
|
heap
|
page read and write
|
||
|
7FF6B6F1A000
|
unkown
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
7FFAAC2B0000
|
trusted library allocation
|
page read and write
|
||
|
2949DD85000
|
heap
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
7FFAAC420000
|
trusted library allocation
|
page read and write
|
||
|
353E000
|
heap
|
page read and write
|
||
|
44AF000
|
stack
|
page read and write
|
||
|
2D7B000
|
stack
|
page read and write
|
||
|
2949DBDF000
|
heap
|
page read and write
|
||
|
7FFAAC2D0000
|
trusted library allocation
|
page read and write
|
||
|
294B7E96000
|
heap
|
page read and write
|
||
|
7FFAAC4E0000
|
trusted library allocation
|
page read and write
|
||
|
3648000
|
heap
|
page read and write
|
||
|
1B8E4DC7000
|
trusted library allocation
|
page read and write
|
||
|
294A0FE6000
|
trusted library allocation
|
page read and write
|
||
|
3F7C54B000
|
stack
|
page read and write
|
||
|
7FFAAC2B0000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
19888C56000
|
heap
|
page read and write
|
||
|
AF2000
|
unkown
|
page readonly
|
||
|
21D2C019000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
294AF81C000
|
trusted library allocation
|
page read and write
|
||
|
3B1F000
|
stack
|
page read and write
|
||
|
21D3ADAA000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC082000
|
trusted library allocation
|
page read and write
|
||
|
19888B10000
|
heap
|
page read and write
|
||
|
201EEF50000
|
heap
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
1B8ED052000
|
heap
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
7FFB227F5000
|
unkown
|
page readonly
|
||
|
9E7000
|
heap
|
page read and write
|
||
|
294B7BF7000
|
heap
|
page read and write
|
||
|
7FF6E1E6B000
|
unkown
|
page write copy
|
||
|
2D8D000
|
stack
|
page read and write
|
||
|
399F000
|
stack
|
page read and write
|
||
|
4DD547E000
|
stack
|
page read and write
|
||
|
2E27000
|
heap
|
page read and write
|
||
|
294B79F0000
|
heap
|
page read and write
|
||
|
2B0E000
|
stack
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2949DC2A000
|
heap
|
page read and write
|
||
|
7FFAAC2F0000
|
trusted library allocation
|
page read and write
|
||
|
80E000
|
stack
|
page read and write
|
||
|
353B000
|
heap
|
page read and write
|
||
|
1B8D2C41000
|
heap
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
3576000
|
heap
|
page read and write
|
||
|
357B000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
7FFAAC1A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF1000
|
unkown
|
page execute read
|
||
|
248F000
|
stack
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
76F000
|
stack
|
page read and write
|
||
|
294A0844000
|
trusted library allocation
|
page read and write
|
||
|
2949DCB0000
|
heap
|
page readonly
|
||
|
7FFAAC0DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
632000
|
heap
|
page read and write
|
||
|
F397F3D000
|
stack
|
page read and write
|
||
|
5A2000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
21D2BEDE000
|
trusted library allocation
|
page read and write
|
||
|
3EF000
|
stack
|
page read and write
|
||
|
7A5000
|
unkown
|
page readonly
|
||
|
7FFAAC510000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3F8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4C0000
|
trusted library allocation
|
page read and write
|
||
|
2045000
|
heap
|
page read and write
|
||
|
294B7DB0000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
36A2000
|
heap
|
page read and write
|
||
|
2AA19FE000
|
stack
|
page read and write
|
||
|
21D2CCF4000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
7FFAAC560000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC294000
|
trusted library allocation
|
page read and write
|
||
|
2AA1AFE000
|
unkown
|
page readonly
|
||
|
43DF000
|
stack
|
page read and write
|
||
|
21D2907B000
|
heap
|
page read and write
|
||
|
25787A80000
|
unkown
|
page read and write
|
||
|
48DF000
|
stack
|
page read and write
|
||
|
3665000
|
heap
|
page read and write
|
||
|
21D43150000
|
heap
|
page read and write
|
||
|
3B5E000
|
stack
|
page read and write
|
||
|
3F7B5F9000
|
stack
|
page read and write
|
||
|
67F000
|
stack
|
page read and write
|
||
|
21D2AB80000
|
heap
|
page read and write
|
||
|
294B7DC0000
|
heap
|
page read and write
|
||
|
204F000
|
stack
|
page read and write
|
||
|
632000
|
heap
|
page read and write
|
||
|
1B8E4B49000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4DC9000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
unkown
|
page readonly
|
||
|
21D2C047000
|
trusted library allocation
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
478000
|
heap
|
page read and write
|
||
|
7FF75D552000
|
unkown
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
AED000
|
stack
|
page read and write
|
||
|
21D3B031000
|
trusted library allocation
|
page read and write
|
||
|
2949DBFF000
|
heap
|
page read and write
|
||
|
14009F000
|
unkown
|
page readonly
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
AF4000
|
unkown
|
page readonly
|
||
|
294AF59C000
|
trusted library allocation
|
page read and write
|
||
|
5B6000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
4DD5A7B000
|
stack
|
page read and write
|
||
|
7FFAAC3A0000
|
trusted library allocation
|
page read and write
|
||
|
2F9F000
|
stack
|
page read and write
|
||
|
7FF75D549000
|
unkown
|
page readonly
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
3A1E000
|
stack
|
page read and write
|
||
|
21A57DB8000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
140A000
|
heap
|
page read and write
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
2E7D000
|
stack
|
page read and write
|
||
|
7FFAAC4E7000
|
trusted library allocation
|
page read and write
|
||
|
338E000
|
stack
|
page read and write
|
||
|
201EED40000
|
heap
|
page read and write
|
||
|
4DE000
|
stack
|
page read and write
|
||
|
140098000
|
unkown
|
page readonly
|
||
|
7FFAAC340000
|
trusted library allocation
|
page read and write
|
||
|
5B73000
|
heap
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
21D2C049000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC290000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4FA000
|
trusted library allocation
|
page read and write
|
||
|
25787A70000
|
heap
|
page read and write
|
||
|
7FFAAC4F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B73000
|
heap
|
page read and write
|
||
|
7FFAAC09D000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BA000
|
heap
|
page read and write
|
||
|
361F000
|
stack
|
page read and write
|
||
|
36A4000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
7DBB77F000
|
stack
|
page read and write
|
||
|
294B7560000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
2949DC9B000
|
heap
|
page read and write
|
||
|
4DD59FE000
|
stack
|
page read and write
|
||
|
BB9000
|
heap
|
page read and write
|
||
|
366B000
|
heap
|
page read and write
|
||
|
1C2000
|
unkown
|
page readonly
|
||
|
414000
|
unkown
|
page write copy
|
||
|
3540000
|
heap
|
page read and write
|
||
|
201EEB70000
|
heap
|
page read and write
|
||
|
7A5000
|
unkown
|
page readonly
|
||
|
1B8D4D09000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
25787740000
|
heap
|
page read and write
|
||
|
353E000
|
heap
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
49AF000
|
stack
|
page read and write
|
||
|
2D9E000
|
heap
|
page read and write
|
||
|
294AF824000
|
trusted library allocation
|
page read and write
|
||
|
18B41712000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
378E000
|
stack
|
page read and write
|
||
|
3DDE000
|
stack
|
page read and write
|
||
|
C39000
|
heap
|
page read and write
|
||
|
21D2C752000
|
trusted library allocation
|
page read and write
|
||
|
2B804875000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
F397D3C000
|
stack
|
page read and write
|
||
|
7FFAAC3C3000
|
trusted library allocation
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
2949DB80000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
18B45E6D000
|
heap
|
page read and write
|
||
|
7FFAAC440000
|
trusted library allocation
|
page read and write
|
||
|
2F2C000
|
stack
|
page read and write
|
||
|
62B000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
3683000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
3533000
|
heap
|
page read and write
|
||
|
294B7A37000
|
heap
|
page read and write
|
||
|
429F000
|
stack
|
page read and write
|
||
|
3F7B6F9000
|
stack
|
page read and write
|
||
|
7FFAAC222000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC264000
|
trusted library allocation
|
page read and write
|
||
|
49E000
|
heap
|
page read and write
|
||
|
45D000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FFAAC231000
|
trusted library allocation
|
page read and write
|
||
|
294AF834000
|
trusted library allocation
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
294B7A5E000
|
heap
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
221DC9D0000
|
heap
|
page read and write
|
||
|
6DF000
|
stack
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
7A4000
|
unkown
|
page read and write
|
||
|
4DD5777000
|
stack
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
5DF000
|
heap
|
page read and write
|
||
|
38DE000
|
stack
|
page read and write
|
||
|
13191000
|
trusted library allocation
|
page read and write
|
||
|
18B41734000
|
heap
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
21D43769000
|
heap
|
page read and write
|
||
|
7FFAAC13C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B8ED0A9000
|
heap
|
page read and write
|
||
|
2D18000
|
heap
|
page read and write
|
||
|
4DD58FE000
|
stack
|
page read and write
|
||
|
7FFAAC08D000
|
trusted library allocation
|
page execute and read and write
|
||
|
134C1000
|
trusted library allocation
|
page read and write
|
||
|
7DBB67A000
|
stack
|
page read and write
|
||
|
294B81F3000
|
heap
|
page read and write
|
||
|
7FFAAC42C000
|
trusted library allocation
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
7FFAAC3C3000
|
trusted library allocation
|
page read and write
|
||
|
B7A000
|
heap
|
page read and write
|
||
|
7FFAAC082000
|
trusted library allocation
|
page read and write
|
||
|
221DC9E0000
|
heap
|
page read and write
|
||
|
7FFAAC130000
|
trusted library allocation
|
page read and write
|
||
|
F8F000
|
stack
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
294A0819000
|
trusted library allocation
|
page read and write
|
||
|
3F7BA7B000
|
stack
|
page read and write
|
||
|
629000
|
heap
|
page read and write
|
||
|
7FFAAC3FC000
|
trusted library allocation
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
7FFAAC3B0000
|
trusted library allocation
|
page read and write
|
||
|
1B8ECF20000
|
heap
|
page read and write
|
||
|
7FFAAC2D0000
|
trusted library allocation
|
page read and write
|
||
|
4B64000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
21D29240000
|
trusted library allocation
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
7FFAAC3C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC340000
|
trusted library allocation
|
page read and write
|
||
|
36A2000
|
heap
|
page read and write
|
||
|
21D3AD61000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC0CB000
|
trusted library allocation
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
E34000
|
unkown
|
page readonly
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
21D2906F000
|
heap
|
page read and write
|
||
|
368C000
|
heap
|
page read and write
|
||
|
2AA14FE000
|
unkown
|
page readonly
|
||
|
A79000
|
heap
|
page read and write
|
||
|
3AE000
|
stack
|
page read and write
|
||
|
294B7A8E000
|
heap
|
page read and write
|
||
|
2D2C000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
1B8D45F0000
|
trusted library allocation
|
page read and write
|
||
|
F42000
|
unkown
|
page readonly
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
1D67E000
|
stack
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
1400A2000
|
unkown
|
page execute read
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
294B7E6B000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
48AE000
|
stack
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
396F000
|
stack
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
21D2908F000
|
heap
|
page read and write
|
||
|
7FFAAC13C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC3FA000
|
trusted library allocation
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
294A051E000
|
trusted library allocation
|
page read and write
|
||
|
5D4000
|
heap
|
page read and write
|
||
|
6DF000
|
stack
|
page read and write
|
||
|
B4F000
|
stack
|
page read and write
|
||
|
21D2C02F000
|
trusted library allocation
|
page read and write
|
||
|
19889202000
|
trusted library allocation
|
page read and write
|
||
|
1B8D697D000
|
trusted library allocation
|
page read and write
|
||
|
18B43310000
|
heap
|
page read and write
|
||
|
1B8ED11E000
|
heap
|
page read and write
|
||
|
A5D000
|
stack
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
21D43350000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
951000
|
unkown
|
page execute read
|
||
|
3553000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
7FFAAC240000
|
trusted library allocation
|
page execute and read and write
|
||
|
294A0F40000
|
trusted library allocation
|
page read and write
|
||
|
2AA12FE000
|
unkown
|
page readonly
|
||
|
7FFAAC3A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC090000
|
trusted library allocation
|
page read and write
|
||
|
7FF6E23E2000
|
unkown
|
page read and write
|
||
|
7FFAAC190000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC300000
|
trusted library allocation
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
366F000
|
stack
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
3ADE000
|
stack
|
page read and write
|
||
|
BEB000
|
heap
|
page read and write
|
||
|
7FFB227D1000
|
unkown
|
page execute read
|
||
|
3691000
|
heap
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
2D9E000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
294B7E53000
|
heap
|
page read and write
|
||
|
7FFAAC0DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC537000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
7FFAAC13C000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DD51AE000
|
stack
|
page read and write
|
||
|
368C000
|
heap
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page read and write
|
||
|
2E8D000
|
stack
|
page read and write
|
||
|
294B7E4E000
|
heap
|
page read and write
|
||
|
294A0822000
|
trusted library allocation
|
page read and write
|
||
|
4DD654E000
|
stack
|
page read and write
|
||
|
1B8ECFDF000
|
heap
|
page read and write
|
||
|
7FFAAC410000
|
trusted library allocation
|
page read and write
|
There are 1717 hidden memdumps, click here to show them.