Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
3u8A2xjbBT.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\OneDrive\autoit3.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\autoit3.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\common files.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\common files.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\OneDrive\google.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\google.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\OneDrive\internet explorer.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\internet explorer.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\java.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\java.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\jdownloader.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\jdownloader.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\microsoft office.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\microsoft office.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\microsoft.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\microsoft.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\microsoft.net.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\microsoft.net.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\mozilla maintenance service.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\mozilla maintenance service.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\msbuild.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\msbuild.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\msecache.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\msecache.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\reference assemblies.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\reference assemblies.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\uyihfjjsbovlcbxlcojsmqtzznevrdoctnxfvfrajmemtqlbiqoohtfay.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\uyihfjjsbovlcbxlcojsmqtzznevrdoctnxfvfrajmemtqlbiqoohtfay.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows defender.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows defender.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows mail.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows mail.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows media player.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows multimedia platform.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows nt.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows photo viewer.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows portable devices.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windows sidebar.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\OneDrive\windowspowershell.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3u8A2xjbBT.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Thu Oct 5 06:54:39 2023, mtime=Wed Oct 30 10:22:06 2024, atime=Wed Oct 30 10:22:02 2024, length=213832, window=hide
|
dropped
|
||
|
C:\Users\user\OneDrive\windows media player.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\OneDrive\windows multimedia platform.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\OneDrive\windows nt.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\OneDrive\windows photo viewer.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\OneDrive\windows portable devices.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\OneDrive\windows sidebar.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\OneDrive\windowspowershell.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
There are 38 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\3u8A2xjbBT.exe
|
"C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"schtasks" /Query /TN "3u8A2xjbBT"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /sc onlogon /tn "3u8A2xjbBT" /tr "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Users\user\Desktop\3u8A2xjbBT.exe
|
C:\Users\user\Desktop\3u8A2xjbBT.exe
|
|
|
|
C:\Users\user\Desktop\3u8A2xjbBT.exe
|
"C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"schtasks" /Query /TN "3u8A2xjbBT"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"schtasks" /Query /TN "3u8A2xjbBT"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
"attrib.exe" +h +s "C:\Users\user\Desktop\3u8A2xjbBT.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 39 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://87.120.126.5/VmCetSC7/page.php
|
87.120.126.5
|
|
|
|
http://87.120.126.5
|
unknown
|
||
|
http://87.120.126.5/VmCetSC7/page.phpy
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://87.120.126.5/VmCetSC7/page.phpP
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
87.120.126.5
|
unknown
|
Bulgaria
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\3u8A2xjbBT_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3638000
|
trusted library allocation
|
page read and write
|
|
|
|
3524000
|
trusted library allocation
|
page read and write
|
|
|
|
2D3A000
|
trusted library allocation
|
page read and write
|
|
|
|
3536000
|
trusted library allocation
|
page read and write
|
|
|
|
2D22000
|
trusted library allocation
|
page read and write
|
|
|
|
34F1000
|
trusted library allocation
|
page read and write
|
|
|
|
3037000
|
trusted library allocation
|
page read and write
|
|
|
|
3660000
|
trusted library allocation
|
page read and write
|
|
|
|
33B3000
|
trusted library allocation
|
page read and write
|
|
|
|
347E000
|
trusted library allocation
|
page read and write
|
|
|
|
3554000
|
trusted library allocation
|
page read and write
|
|
|
|
316D000
|
trusted library allocation
|
page read and write
|
|
|
|
3089000
|
trusted library allocation
|
page read and write
|
|
|
|
2D0A000
|
trusted library allocation
|
page read and write
|
|
|
|
3688000
|
trusted library allocation
|
page read and write
|
|
|
|
3132000
|
trusted library allocation
|
page read and write
|
|
|
|
36B2000
|
trusted library allocation
|
page read and write
|
|
|
|
2C11000
|
trusted library allocation
|
page read and write
|
|
|
|
2D72000
|
trusted library allocation
|
page read and write
|
|
|
|
15A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
BB9A000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
2D1A000
|
trusted library allocation
|
page read and write
|
||
|
2D68000
|
trusted library allocation
|
page read and write
|
||
|
27CD000
|
stack
|
page read and write
|
||
|
2AFF000
|
unkown
|
page read and write
|
||
|
2E5D000
|
unkown
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
43A1000
|
trusted library allocation
|
page read and write
|
||
|
B07E000
|
stack
|
page read and write
|
||
|
32CD000
|
unkown
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
F82000
|
unkown
|
page readonly
|
||
|
23EF000
|
unkown
|
page read and write
|
||
|
62DD000
|
stack
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
36AB000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
2BBC000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
7F5E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1423000
|
trusted library allocation
|
page execute and read and write
|
||
|
196E000
|
stack
|
page read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
A4B0000
|
trusted library allocation
|
page read and write
|
||
|
6F50000
|
heap
|
page read and write
|
||
|
303A000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
19E0000
|
trusted library allocation
|
page read and write
|
||
|
2F6C000
|
stack
|
page read and write
|
||
|
668E000
|
stack
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
9FAE000
|
stack
|
page read and write
|
||
|
29CD000
|
stack
|
page read and write
|
||
|
A529000
|
stack
|
page read and write
|
||
|
29FE000
|
unkown
|
page read and write
|
||
|
A43B000
|
stack
|
page read and write
|
||
|
2D5A000
|
trusted library allocation
|
page read and write
|
||
|
506E000
|
stack
|
page read and write
|
||
|
2CAC000
|
stack
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
A207000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
5560000
|
heap
|
page execute and read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
A28E000
|
heap
|
page read and write
|
||
|
BA50000
|
heap
|
page read and write
|
||
|
AABB000
|
stack
|
page read and write
|
||
|
9AC000
|
stack
|
page read and write
|
||
|
1458000
|
heap
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
14AD000
|
heap
|
page read and write
|
||
|
1830000
|
heap
|
page read and write
|
||
|
2A67000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
1EA000
|
heap
|
page read and write
|
||
|
1424000
|
trusted library allocation
|
page read and write
|
||
|
611E000
|
stack
|
page read and write
|
||
|
5149000
|
stack
|
page read and write
|
||
|
A271000
|
heap
|
page read and write
|
||
|
CC1D000
|
stack
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
BB0D000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
CD9D000
|
stack
|
page read and write
|
||
|
35E000
|
unkown
|
page read and write
|
||
|
A14B000
|
stack
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
9E6E000
|
stack
|
page read and write
|
||
|
23EE000
|
stack
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
19E4000
|
trusted library allocation
|
page read and write
|
||
|
2B2A000
|
heap
|
page read and write
|
||
|
B0BE000
|
stack
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
301F000
|
stack
|
page read and write
|
||
|
586D000
|
stack
|
page read and write
|
||
|
29CA000
|
heap
|
page read and write
|
||
|
28ED000
|
stack
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
2C6D000
|
stack
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
5919000
|
stack
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
1165000
|
trusted library allocation
|
page execute and read and write
|
||
|
293E000
|
unkown
|
page read and write
|
||
|
1479000
|
heap
|
page read and write
|
||
|
3246000
|
trusted library allocation
|
page read and write
|
||
|
5C9D000
|
stack
|
page read and write
|
||
|
5FC0000
|
trusted library allocation
|
page read and write
|
||
|
5FD0000
|
trusted library allocation
|
page read and write
|
||
|
56AC000
|
stack
|
page read and write
|
||
|
338E000
|
stack
|
page read and write
|
||
|
2A37000
|
heap
|
page read and write
|
||
|
311D000
|
trusted library allocation
|
page read and write
|
||
|
3106000
|
trusted library allocation
|
page read and write
|
||
|
A298000
|
heap
|
page read and write
|
||
|
3031000
|
trusted library allocation
|
page read and write
|
||
|
2E67000
|
heap
|
page read and write
|
||
|
1837000
|
heap
|
page read and write
|
||
|
34CC000
|
trusted library allocation
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
5BB0000
|
heap
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
C9DE000
|
stack
|
page read and write
|
||
|
10D000
|
stack
|
page read and write
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
151E000
|
heap
|
page read and write
|
||
|
3487000
|
heap
|
page read and write
|
||
|
8AC000
|
stack
|
page read and write
|
||
|
26AD000
|
stack
|
page read and write
|
||
|
605E000
|
stack
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
3112000
|
trusted library allocation
|
page read and write
|
||
|
A1F2000
|
heap
|
page read and write
|
||
|
B1FE000
|
stack
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
2BBD000
|
unkown
|
page read and write
|
||
|
296E000
|
stack
|
page read and write
|
||
|
615E000
|
stack
|
page read and write
|
||
|
27FD000
|
stack
|
page read and write
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
2D5C000
|
trusted library allocation
|
page read and write
|
||
|
A150000
|
trusted library allocation
|
page read and write
|
||
|
7F9D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
255D000
|
stack
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
5B9D000
|
stack
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
15A2000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A159000
|
trusted library allocation
|
page read and write
|
||
|
1167000
|
trusted library allocation
|
page execute and read and write
|
||
|
330D000
|
unkown
|
page read and write
|
||
|
2F2D000
|
stack
|
page read and write
|
||
|
116B000
|
trusted library allocation
|
page execute and read and write
|
||
|
14C000
|
stack
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
2EB7000
|
heap
|
page read and write
|
||
|
4BA5000
|
trusted library allocation
|
page read and write
|
||
|
A810000
|
heap
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
61DD000
|
stack
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
2B2F000
|
stack
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
33EF000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
stack
|
page read and write
|
||
|
CB1E000
|
stack
|
page read and write
|
||
|
2CE6000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
143D000
|
trusted library allocation
|
page execute and read and write
|
||
|
B9A0000
|
trusted library allocation
|
page read and write
|
||
|
ED7000
|
heap
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
29FA000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
1574000
|
trusted library allocation
|
page read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
704A0000
|
unkown
|
page readonly
|
||
|
BB8B000
|
unkown
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
5A5E000
|
stack
|
page read and write
|
||
|
BDC0000
|
heap
|
page read and write
|
||
|
2D4E000
|
trusted library allocation
|
page read and write
|
||
|
991F000
|
stack
|
page read and write
|
||
|
159A000
|
trusted library allocation
|
page execute and read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
2A3C000
|
stack
|
page read and write
|
||
|
33E6000
|
trusted library allocation
|
page read and write
|
||
|
343D000
|
unkown
|
page read and write
|
||
|
B94E000
|
stack
|
page read and write
|
||
|
7C6E000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
167E000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
2C3C000
|
stack
|
page read and write
|
||
|
96D000
|
stack
|
page read and write
|
||
|
96DD000
|
stack
|
page read and write
|
||
|
2D6A000
|
trusted library allocation
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
33A1000
|
trusted library allocation
|
page read and write
|
||
|
15D000
|
stack
|
page read and write
|
||
|
2D58000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
334E000
|
unkown
|
page read and write
|
||
|
2D77000
|
heap
|
page read and write
|
||
|
7CFE000
|
stack
|
page read and write
|
||
|
A100000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
14B1000
|
heap
|
page read and write
|
||
|
A5FC000
|
stack
|
page read and write
|
||
|
1162000
|
trusted library allocation
|
page read and write
|
||
|
5F1C000
|
stack
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
9B9E000
|
stack
|
page read and write
|
||
|
2C1E000
|
unkown
|
page read and write
|
||
|
6D0E000
|
stack
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
31D000
|
unkown
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
B90C000
|
stack
|
page read and write
|
||
|
6E0E000
|
stack
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
5514000
|
trusted library allocation
|
page read and write
|
||
|
1A17000
|
heap
|
page read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
2BDF000
|
unkown
|
page read and write
|
||
|
A86C000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF3D000
|
stack
|
page read and write
|
||
|
FB8000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
66CE000
|
stack
|
page read and write
|
||
|
9A9E000
|
stack
|
page read and write
|
||
|
1573000
|
trusted library allocation
|
page execute and read and write
|
||
|
B8B000
|
stack
|
page read and write
|
||
|
1177000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page execute and read and write
|
||
|
BBA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CDA000
|
heap
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
A3E000
|
unkown
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B6E000
|
stack
|
page read and write
|
||
|
B8CD000
|
unkown
|
page read and write
|
||
|
25BD000
|
stack
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
19B0000
|
trusted library section
|
page read and write
|
||
|
86D000
|
stack
|
page read and write
|
||
|
37B0000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
2EBA000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
158D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
2CF7000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
33EF000
|
stack
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
257D000
|
stack
|
page read and write
|
||
|
7DFE000
|
stack
|
page read and write
|
||
|
2D64000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
29DA000
|
heap
|
page read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
2A7C000
|
stack
|
page read and write
|
||
|
A440000
|
trusted library allocation
|
page read and write
|
||
|
B4CD000
|
stack
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
BA67000
|
heap
|
page read and write
|
||
|
2FDC000
|
stack
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
B2FE000
|
stack
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
39E000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page execute and read and write
|
||
|
27AE000
|
unkown
|
page read and write
|
||
|
362A000
|
heap
|
page read and write
|
||
|
157D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D57000
|
heap
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
60DE000
|
stack
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
2B74000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
348A000
|
heap
|
page read and write
|
||
|
3242000
|
trusted library allocation
|
page read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
165B000
|
trusted library allocation
|
page execute and read and write
|
||
|
581C000
|
stack
|
page read and write
|
||
|
CADC000
|
stack
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
2F8E000
|
unkown
|
page read and write
|
||
|
1617000
|
heap
|
page read and write
|
||
|
165D000
|
stack
|
page read and write
|
||
|
B1BE000
|
stack
|
page read and write
|
||
|
AF7E000
|
stack
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
F8E000
|
heap
|
page read and write
|
||
|
2CF2000
|
trusted library allocation
|
page read and write
|
||
|
16A5000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
ABB9000
|
stack
|
page read and write
|
||
|
981E000
|
stack
|
page read and write
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
AE3E000
|
stack
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
D93000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CE3000
|
trusted library allocation
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
D9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
16DC000
|
heap
|
page read and write
|
||
|
2B37000
|
heap
|
page read and write
|
||
|
9D6E000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
5F5E000
|
stack
|
page read and write
|
||
|
2CD7000
|
heap
|
page read and write
|
||
|
2B27000
|
heap
|
page read and write
|
||
|
A9F000
|
unkown
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
32BC000
|
stack
|
page read and write
|
||
|
1532000
|
heap
|
page read and write
|
||
|
4D0E000
|
stack
|
page read and write
|
||
|
1446000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FFD000
|
stack
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
A4FD000
|
stack
|
page read and write
|
||
|
2D06000
|
trusted library allocation
|
page read and write
|
||
|
34DB000
|
trusted library allocation
|
page read and write
|
||
|
19C0000
|
heap
|
page execute and read and write
|
||
|
9C2D000
|
stack
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
2E6F000
|
stack
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
9C6F000
|
stack
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
33E9000
|
trusted library allocation
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
1820000
|
trusted library allocation
|
page execute and read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
358F000
|
stack
|
page read and write
|
||
|
A1F0000
|
heap
|
page read and write
|
||
|
A282000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
3658000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
2A3C000
|
stack
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
619D000
|
stack
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
3590000
|
heap
|
page read and write
|
||
|
6A4E000
|
stack
|
page read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page read and write
|
||
|
23EF000
|
stack
|
page read and write
|
||
|
EF9000
|
heap
|
page read and write
|
||
|
A8C000
|
stack
|
page read and write
|
||
|
B690000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
347E000
|
unkown
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
3238000
|
trusted library allocation
|
page read and write
|
||
|
AD50000
|
heap
|
page read and write
|
||
|
250D000
|
stack
|
page read and write
|
||
|
BA62000
|
heap
|
page read and write
|
||
|
A700000
|
heap
|
page read and write
|
||
|
1990000
|
trusted library allocation
|
page read and write
|
||
|
3037000
|
heap
|
page read and write
|
||
|
350F000
|
unkown
|
page read and write
|
||
|
16B5000
|
heap
|
page read and write
|
||
|
34E000
|
unkown
|
page read and write
|
||
|
5150000
|
heap
|
page execute and read and write
|
||
|
CC5D000
|
stack
|
page read and write
|
||
|
658E000
|
stack
|
page read and write
|
||
|
A803000
|
heap
|
page read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
A2AB000
|
heap
|
page read and write
|
||
|
15D000
|
stack
|
page read and write
|
||
|
1652000
|
trusted library allocation
|
page read and write
|
||
|
1764000
|
heap
|
page read and write
|
||
|
C6DD000
|
stack
|
page read and write
|
||
|
34D8000
|
trusted library allocation
|
page read and write
|
||
|
5FBE000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
144A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D3E000
|
unkown
|
page read and write
|
||
|
9E20000
|
trusted library allocation
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
A0EE000
|
stack
|
page read and write
|
||
|
2BBD000
|
unkown
|
page read and write
|
||
|
F07000
|
heap
|
page read and write
|
||
|
B6A0000
|
trusted library allocation
|
page read and write
|
||
|
5EBE000
|
stack
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
135B000
|
stack
|
page read and write
|
||
|
2CEF000
|
trusted library allocation
|
page read and write
|
||
|
582F000
|
stack
|
page read and write
|
||
|
3810000
|
heap
|
page read and write
|
||
|
6B8D000
|
stack
|
page read and write
|
||
|
A5E000
|
unkown
|
page read and write
|
||
|
6F4C000
|
stack
|
page read and write
|
||
|
2A6A000
|
heap
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
BF10000
|
heap
|
page read and write
|
||
|
2CDE000
|
unkown
|
page read and write
|
||
|
58F0000
|
trusted library allocation
|
page read and write
|
||
|
A800000
|
heap
|
page read and write
|
||
|
292E000
|
stack
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
2E6A000
|
heap
|
page read and write
|
||
|
125C000
|
stack
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
292C000
|
stack
|
page read and write
|
||
|
57A9000
|
stack
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
704BD000
|
unkown
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
609D000
|
stack
|
page read and write
|
||
|
BC2E000
|
stack
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
2D7E000
|
unkown
|
page read and write
|
||
|
27EE000
|
unkown
|
page read and write
|
||
|
2BDC000
|
stack
|
page read and write
|
||
|
C120000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page execute and read and write
|
||
|
15A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
32E000
|
unkown
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
172C000
|
heap
|
page read and write
|
||
|
2D1D000
|
stack
|
page read and write
|
||
|
FA4000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
34CF000
|
trusted library allocation
|
page read and write
|
||
|
704BD000
|
unkown
|
page read and write
|
||
|
A490000
|
trusted library allocation
|
page execute and read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
32BF000
|
stack
|
page read and write
|
||
|
C5D9000
|
stack
|
page read and write
|
||
|
1592000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
2D7A000
|
heap
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
167A000
|
heap
|
page read and write
|
||
|
33EC000
|
trusted library allocation
|
page read and write
|
||
|
F1C000
|
stack
|
page read and write
|
||
|
52B9000
|
trusted library allocation
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
1E7000
|
heap
|
page read and write
|
||
|
297F000
|
unkown
|
page read and write
|
||
|
A33C000
|
stack
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
2D5C000
|
stack
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2D8E000
|
unkown
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
32B7000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
704BD000
|
unkown
|
page read and write
|
||
|
323E000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
352F000
|
stack
|
page read and write
|
||
|
321E000
|
unkown
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
529F000
|
stack
|
page read and write
|
||
|
14DE000
|
stack
|
page read and write
|
||
|
2E90000
|
heap
|
page execute and read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
325F000
|
unkown
|
page read and write
|
||
|
63DD000
|
stack
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
EED000
|
heap
|
page read and write
|
||
|
34D7000
|
heap
|
page read and write
|
||
|
312E000
|
trusted library allocation
|
page read and write
|
||
|
301B000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
26EC000
|
stack
|
page read and write
|
||
|
75DE000
|
stack
|
page read and write
|
||
|
EC2000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
1A10000
|
heap
|
page read and write
|
||
|
4031000
|
trusted library allocation
|
page read and write
|
||
|
5D7D000
|
stack
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
A690000
|
heap
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
34CE000
|
unkown
|
page read and write
|
||
|
A222000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
A2FF000
|
stack
|
page read and write
|
||
|
2B9D000
|
stack
|
page read and write
|
||
|
330E000
|
unkown
|
page read and write
|
||
|
117C000
|
heap
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
2B3A000
|
heap
|
page read and write
|
||
|
1657000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB5000
|
heap
|
page read and write
|
||
|
1485000
|
heap
|
page read and write
|
||
|
BF20000
|
heap
|
page read and write
|
||
|
B990000
|
trusted library allocation
|
page execute and read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
1746000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
4835000
|
trusted library allocation
|
page read and write
|
||
|
BB90000
|
trusted library allocation
|
page read and write
|
||
|
12FB000
|
stack
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
704BF000
|
unkown
|
page readonly
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
3C11000
|
trusted library allocation
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
36F000
|
unkown
|
page read and write
|
||
|
D94000
|
trusted library allocation
|
page read and write
|
||
|
2E0F000
|
unkown
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
3627000
|
heap
|
page read and write
|
||
|
BBE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE9D000
|
stack
|
page read and write
|
||
|
34C9000
|
trusted library allocation
|
page read and write
|
||
|
B989000
|
trusted library allocation
|
page read and write
|
||
|
1E7000
|
heap
|
page read and write
|
||
|
2FCF000
|
unkown
|
page read and write
|
||
|
A44B000
|
trusted library allocation
|
page read and write
|
||
|
32BA000
|
heap
|
page read and write
|
||
|
A268000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
3114000
|
trusted library allocation
|
page read and write
|
||
|
259C000
|
stack
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
5B5E000
|
stack
|
page read and write
|
||
|
25FC000
|
stack
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
327D000
|
stack
|
page read and write
|
||
|
97DE000
|
stack
|
page read and write
|
||
|
274F000
|
stack
|
page read and write
|
||
|
186E000
|
stack
|
page read and write
|
||
|
2B0E000
|
stack
|
page read and write
|
||
|
146D000
|
heap
|
page read and write
|
||
|
298F000
|
unkown
|
page read and write
|
||
|
33A7000
|
trusted library allocation
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
323C000
|
stack
|
page read and write
|
||
|
294E000
|
unkown
|
page read and write
|
||
|
6CCE000
|
stack
|
page read and write
|
||
|
2BA7000
|
heap
|
page read and write
|
||
|
25BC000
|
stack
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
270F000
|
stack
|
page read and write
|
||
|
2E38000
|
heap
|
page read and write
|
||
|
5E1E000
|
stack
|
page read and write
|
||
|
A2BE000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
33B8000
|
trusted library allocation
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
B980000
|
trusted library allocation
|
page read and write
|
||
|
2D4C000
|
trusted library allocation
|
page read and write
|
||
|
2A3A000
|
heap
|
page read and write
|
||
|
1EA000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
2FDD000
|
stack
|
page read and write
|
||
|
7F170000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
34DA000
|
heap
|
page read and write
|
||
|
9FEE000
|
stack
|
page read and write
|
||
|
2A0C000
|
stack
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
1677000
|
heap
|
page read and write
|
||
|
9EAE000
|
stack
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
704B6000
|
unkown
|
page readonly
|
||
|
25FD000
|
unkown
|
page read and write
|
||
|
1515000
|
heap
|
page read and write
|
||
|
5930000
|
heap
|
page execute and read and write
|
||
|
29F7000
|
heap
|
page read and write
|
||
|
5DDE000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
3370000
|
trusted library allocation
|
page read and write
|
||
|
704A1000
|
unkown
|
page execute read
|
||
|
1655000
|
trusted library allocation
|
page execute and read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
2F9E000
|
unkown
|
page read and write
|
||
|
A295000
|
heap
|
page read and write
|
||
|
CD5C000
|
stack
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
200000
|
heap
|
page read and write
|
||
|
323C000
|
stack
|
page read and write
|
||
|
B50E000
|
stack
|
page read and write
|
||
|
2D48000
|
trusted library allocation
|
page read and write
|
||
|
1596000
|
trusted library allocation
|
page execute and read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
B6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
50AE000
|
stack
|
page read and write
|
||
|
19F0000
|
trusted library allocation
|
page read and write
|
||
|
B68D000
|
stack
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
298E000
|
unkown
|
page read and write
|
||
|
2BAA000
|
heap
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
2DCF000
|
unkown
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
34D5000
|
trusted library allocation
|
page read and write
|
||
|
A856000
|
heap
|
page read and write
|
||
|
254C000
|
stack
|
page read and write
|
||
|
290F000
|
unkown
|
page read and write
|
||
|
DAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
ECA000
|
trusted library allocation
|
page execute and read and write
|
||
|
15AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3109000
|
trusted library allocation
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
There are 695 hidden memdumps, click here to show them.