Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
9LrEuTWP8s.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Path1\To2\Save444\uh3ex1.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\9LrEuTWP8s.exe.log
|
CSV text
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\gdi32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\uh3ex1.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_itlscxdm.mn4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pfc4gg11.hld.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_podo2qxv.dbg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s2q4gvug.vuz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\9LrEuTWP8s.exe
|
"C:\Users\user\Desktop\9LrEuTWP8s.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" Add-MpPreference -ExclusionPath 'C:\Path1\To2\Save444'
|
|
|
|
C:\Path1\To2\Save444\uh3ex1.exe
|
"C:\Path1\To2\Save444\uh3ex1.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/faulth
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://objects.githubusercontent.com/github-production-release-asset-2e65be/882783246/b23a0dba-ce39
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/example/Field1Response
|
unknown
|
||
|
http://tempuri.org/example/Field1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
https://github.com/Xavieprowel/crispy-palm-tree/releases/download/1/uh3ex1.exe
|
140.82.121.4
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://tempuri.org/example/Field3ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://objects.githubusercontent.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
https://github.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://tempuri.org/example/Field1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://tempuri.org/example/Field2
|
unknown
|
||
|
http://tempuri.org/example/Field3
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
http://objects.githubusercontent.comd
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
|
unknown
|
||
|
http://tempuri.org/D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/06/addressingex
|
unknown
|
||
|
http://github.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Renew
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ1510
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ
|
unknown
|
||
|
http://www.w3.o
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentif
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Committed
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/example/Field3Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/fault
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/RegisterResponse
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
github.com
|
140.82.121.4
|
||
|
objects.githubusercontent.com
|
185.199.111.133
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
4.251.123.83
|
unknown
|
United States
|
|
|
|
140.82.121.4
|
github.com
|
United States
|
||
|
185.199.111.133
|
objects.githubusercontent.com
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\9LrEuTWP8s_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6D5AB000
|
unkown
|
page read and write
|
|
|
|
2EE1000
|
trusted library allocation
|
page read and write
|
|
|
|
F02000
|
remote allocation
|
page execute and read and write
|
|
|
|
66AC000
|
trusted library allocation
|
page read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
5D63000
|
trusted library allocation
|
page read and write
|
||
|
6C70000
|
heap
|
page read and write
|
||
|
322A000
|
trusted library allocation
|
page read and write
|
||
|
3F04000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
trusted library allocation
|
page read and write
|
||
|
3268000
|
trusted library allocation
|
page read and write
|
||
|
4056000
|
trusted library allocation
|
page read and write
|
||
|
33CF000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
F57000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B6C000
|
trusted library allocation
|
page read and write
|
||
|
308C000
|
trusted library allocation
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page read and write
|
||
|
3408000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
5AB0000
|
trusted library allocation
|
page read and write
|
||
|
3037000
|
trusted library allocation
|
page read and write
|
||
|
33CA000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
58E4000
|
trusted library allocation
|
page read and write
|
||
|
5AB5000
|
trusted library allocation
|
page read and write
|
||
|
80A0000
|
trusted library allocation
|
page read and write
|
||
|
537D000
|
trusted library allocation
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
5E75000
|
trusted library allocation
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
82DD000
|
stack
|
page read and write
|
||
|
1262000
|
trusted library allocation
|
page read and write
|
||
|
405F000
|
trusted library allocation
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
3045000
|
trusted library allocation
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page read and write
|
||
|
57B8000
|
trusted library allocation
|
page read and write
|
||
|
4533000
|
trusted library allocation
|
page execute and read and write
|
||
|
19D0000
|
heap
|
page read and write
|
||
|
D0E000
|
heap
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
10CD000
|
stack
|
page read and write
|
||
|
4E78000
|
trusted library allocation
|
page read and write
|
||
|
7225000
|
trusted library allocation
|
page read and write
|
||
|
831E000
|
heap
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
331A000
|
trusted library allocation
|
page read and write
|
||
|
6340000
|
heap
|
page read and write
|
||
|
3472000
|
trusted library allocation
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
32FB000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
7298000
|
heap
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
6190000
|
trusted library allocation
|
page read and write
|
||
|
3334000
|
trusted library allocation
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
32FD000
|
trusted library allocation
|
page read and write
|
||
|
3E81000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
13A5000
|
heap
|
page read and write
|
||
|
3E71000
|
trusted library allocation
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
3026000
|
trusted library allocation
|
page read and write
|
||
|
346A000
|
trusted library allocation
|
page read and write
|
||
|
5376000
|
trusted library allocation
|
page read and write
|
||
|
753E000
|
stack
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
469E000
|
stack
|
page read and write
|
||
|
3434000
|
trusted library allocation
|
page read and write
|
||
|
344D000
|
trusted library allocation
|
page read and write
|
||
|
5D5B000
|
trusted library allocation
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
641A000
|
heap
|
page read and write
|
||
|
43BA000
|
trusted library allocation
|
page read and write
|
||
|
6F6B000
|
stack
|
page read and write
|
||
|
5354000
|
trusted library allocation
|
page read and write
|
||
|
322C000
|
trusted library allocation
|
page read and write
|
||
|
723A000
|
trusted library allocation
|
page read and write
|
||
|
308A000
|
trusted library allocation
|
page read and write
|
||
|
32F7000
|
trusted library allocation
|
page read and write
|
||
|
45D0000
|
trusted library allocation
|
page read and write
|
||
|
3516000
|
trusted library allocation
|
page read and write
|
||
|
617E000
|
stack
|
page read and write
|
||
|
335B000
|
trusted library allocation
|
page read and write
|
||
|
4A3B000
|
trusted library allocation
|
page read and write
|
||
|
74FE000
|
stack
|
page read and write
|
||
|
4A1D000
|
trusted library allocation
|
page read and write
|
||
|
6B5F000
|
stack
|
page read and write
|
||
|
87C9000
|
stack
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
712000
|
unkown
|
page readonly
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
6526000
|
heap
|
page read and write
|
||
|
710000
|
unkown
|
page readonly
|
||
|
1390000
|
heap
|
page read and write
|
||
|
4751000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
A6CE000
|
stack
|
page read and write
|
||
|
3310000
|
heap
|
page execute and read and write
|
||
|
6540000
|
trusted library allocation
|
page read and write
|
||
|
2BBE000
|
unkown
|
page read and write
|
||
|
3039000
|
trusted library allocation
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
2F07000
|
heap
|
page read and write
|
||
|
306D000
|
trusted library allocation
|
page read and write
|
||
|
1634000
|
trusted library allocation
|
page read and write
|
||
|
152D000
|
heap
|
page read and write
|
||
|
6451000
|
trusted library allocation
|
page read and write
|
||
|
81E0000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
6B2F000
|
stack
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
349C000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
trusted library allocation
|
page read and write
|
||
|
325C000
|
trusted library allocation
|
page read and write
|
||
|
66D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
880E000
|
stack
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
4368000
|
trusted library allocation
|
page read and write
|
||
|
15C9000
|
heap
|
page read and write
|
||
|
1234000
|
trusted library allocation
|
page read and write
|
||
|
34EE000
|
trusted library allocation
|
page read and write
|
||
|
19D7000
|
heap
|
page read and write
|
||
|
3058000
|
trusted library allocation
|
page read and write
|
||
|
72A8000
|
heap
|
page read and write
|
||
|
3084000
|
trusted library allocation
|
page read and write
|
||
|
6D2D000
|
stack
|
page read and write
|
||
|
15C7000
|
heap
|
page read and write
|
||
|
3470000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
4E9A000
|
trusted library allocation
|
page read and write
|
||
|
6D662000
|
unkown
|
page readonly
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
74B0000
|
heap
|
page execute and read and write
|
||
|
5ABB000
|
trusted library allocation
|
page read and write
|
||
|
6480000
|
trusted library allocation
|
page read and write
|
||
|
815E000
|
stack
|
page read and write
|
||
|
4E8D000
|
trusted library allocation
|
page read and write
|
||
|
3374000
|
trusted library allocation
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
81C0000
|
trusted library allocation
|
page read and write
|
||
|
342E000
|
trusted library allocation
|
page read and write
|
||
|
31E3000
|
trusted library allocation
|
page read and write
|
||
|
7222000
|
trusted library allocation
|
page read and write
|
||
|
82FB000
|
heap
|
page read and write
|
||
|
465E000
|
stack
|
page read and write
|
||
|
2CCA000
|
heap
|
page read and write
|
||
|
3344000
|
trusted library allocation
|
page read and write
|
||
|
7230000
|
heap
|
page read and write
|
||
|
757E000
|
stack
|
page read and write
|
||
|
3EF9000
|
trusted library allocation
|
page read and write
|
||
|
748A000
|
trusted library allocation
|
page read and write
|
||
|
6356000
|
heap
|
page read and write
|
||
|
1633000
|
trusted library allocation
|
page execute and read and write
|
||
|
85F0000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page execute and read and write
|
||
|
68F0000
|
heap
|
page read and write
|
||
|
32B0000
|
trusted library allocation
|
page read and write
|
||
|
5DEE000
|
stack
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
8460000
|
trusted library allocation
|
page execute and read and write
|
||
|
3279000
|
trusted library allocation
|
page read and write
|
||
|
3445000
|
trusted library allocation
|
page read and write
|
||
|
5B1A000
|
trusted library allocation
|
page read and write
|
||
|
8090000
|
trusted library allocation
|
page execute and read and write
|
||
|
F51000
|
remote allocation
|
page execute and read and write
|
||
|
4049000
|
trusted library allocation
|
page read and write
|
||
|
81F0000
|
heap
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
163D000
|
trusted library allocation
|
page execute and read and write
|
||
|
346C000
|
trusted library allocation
|
page read and write
|
||
|
49B3000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
327F000
|
trusted library allocation
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page read and write
|
||
|
3264000
|
trusted library allocation
|
page read and write
|
||
|
81D0000
|
trusted library allocation
|
page read and write
|
||
|
8470000
|
trusted library allocation
|
page read and write
|
||
|
5ABE000
|
trusted library allocation
|
page read and write
|
||
|
34CA000
|
trusted library allocation
|
page read and write
|
||
|
6180000
|
trusted library allocation
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
3447000
|
trusted library allocation
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
15CD000
|
heap
|
page read and write
|
||
|
802B000
|
heap
|
page read and write
|
||
|
3512000
|
trusted library allocation
|
page read and write
|
||
|
6362000
|
heap
|
page read and write
|
||
|
6C90000
|
heap
|
page execute and read and write
|
||
|
31E5000
|
trusted library allocation
|
page read and write
|
||
|
1373000
|
heap
|
page read and write
|
||
|
331E000
|
trusted library allocation
|
page read and write
|
||
|
12D8000
|
heap
|
page read and write
|
||
|
6F2D000
|
stack
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
F00000
|
remote allocation
|
page execute and read and write
|
||
|
7660000
|
trusted library allocation
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
33FC000
|
trusted library allocation
|
page read and write
|
||
|
8248000
|
heap
|
page read and write
|
||
|
2E71000
|
trusted library allocation
|
page read and write
|
||
|
1252000
|
trusted library allocation
|
page read and write
|
||
|
8490000
|
trusted library allocation
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
348D000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
heap
|
page execute and read and write
|
||
|
3506000
|
trusted library allocation
|
page read and write
|
||
|
2A82000
|
trusted library allocation
|
page read and write
|
||
|
596C000
|
trusted library allocation
|
page read and write
|
||
|
4A08000
|
trusted library allocation
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
4A05000
|
trusted library allocation
|
page read and write
|
||
|
33B9000
|
trusted library allocation
|
page read and write
|
||
|
349A000
|
trusted library allocation
|
page read and write
|
||
|
2C58000
|
heap
|
page read and write
|
||
|
126B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1339000
|
stack
|
page read and write
|
||
|
34B3000
|
trusted library allocation
|
page read and write
|
||
|
5E37000
|
trusted library allocation
|
page read and write
|
||
|
8740000
|
trusted library allocation
|
page execute and read and write
|
||
|
307E000
|
trusted library allocation
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
64F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3504000
|
trusted library allocation
|
page read and write
|
||
|
34B1000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
646E000
|
trusted library allocation
|
page read and write
|
||
|
332D000
|
trusted library allocation
|
page read and write
|
||
|
4534000
|
trusted library allocation
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
633E000
|
stack
|
page read and write
|
||
|
3EF5000
|
trusted library allocation
|
page read and write
|
||
|
4730000
|
trusted library allocation
|
page read and write
|
||
|
6D637000
|
unkown
|
page read and write
|
||
|
33AE000
|
trusted library allocation
|
page read and write
|
||
|
72BE000
|
heap
|
page read and write
|
||
|
4740000
|
heap
|
page read and write
|
||
|
A58E000
|
stack
|
page read and write
|
||
|
327D000
|
trusted library allocation
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
7240000
|
trusted library allocation
|
page read and write
|
||
|
45D9000
|
trusted library allocation
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
3F02000
|
trusted library allocation
|
page read and write
|
||
|
6490000
|
trusted library allocation
|
page read and write
|
||
|
3EFE000
|
trusted library allocation
|
page read and write
|
||
|
5CB9000
|
trusted library allocation
|
page read and write
|
||
|
1243000
|
trusted library allocation
|
page read and write
|
||
|
3365000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
31A2000
|
trusted library allocation
|
page read and write
|
||
|
298F000
|
stack
|
page read and write
|
||
|
4018000
|
trusted library allocation
|
page read and write
|
||
|
327B000
|
trusted library allocation
|
page read and write
|
||
|
6030000
|
trusted library allocation
|
page read and write
|
||
|
678C000
|
stack
|
page read and write
|
||
|
3245000
|
trusted library allocation
|
page read and write
|
||
|
54F5000
|
trusted library allocation
|
page read and write
|
||
|
623E000
|
stack
|
page read and write
|
||
|
3436000
|
trusted library allocation
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
33F2000
|
trusted library allocation
|
page read and write
|
||
|
32C2000
|
trusted library allocation
|
page read and write
|
||
|
6B6C000
|
stack
|
page read and write
|
||
|
7FE2000
|
heap
|
page read and write
|
||
|
46C0000
|
heap
|
page execute and read and write
|
||
|
3097000
|
trusted library allocation
|
page read and write
|
||
|
303F000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
658C000
|
stack
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
31C2000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
8906000
|
heap
|
page read and write
|
||
|
341F000
|
trusted library allocation
|
page read and write
|
||
|
2A78000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
5D8B000
|
trusted library allocation
|
page read and write
|
||
|
7238000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
heap
|
page read and write
|
||
|
4547000
|
heap
|
page read and write
|
||
|
7480000
|
trusted library allocation
|
page read and write
|
||
|
19CC000
|
stack
|
page read and write
|
||
|
47DC000
|
trusted library allocation
|
page read and write
|
||
|
3419000
|
trusted library allocation
|
page read and write
|
||
|
D2D000
|
heap
|
page read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
6C95000
|
heap
|
page execute and read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
6440000
|
trusted library allocation
|
page read and write
|
||
|
555E000
|
stack
|
page read and write
|
||
|
29B0000
|
trusted library allocation
|
page read and write
|
||
|
325A000
|
trusted library allocation
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
6427000
|
heap
|
page read and write
|
||
|
3468000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page execute and read and write
|
||
|
1690000
|
heap
|
page execute and read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
124D000
|
trusted library allocation
|
page execute and read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
811D000
|
stack
|
page read and write
|
||
|
31C4000
|
trusted library allocation
|
page read and write
|
||
|
4ED4000
|
trusted library allocation
|
page read and write
|
||
|
3226000
|
trusted library allocation
|
page read and write
|
||
|
6520000
|
heap
|
page execute and read and write
|
||
|
591A000
|
trusted library allocation
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
2B75000
|
heap
|
page read and write
|
||
|
18EE000
|
stack
|
page read and write
|
||
|
31DB000
|
trusted library allocation
|
page read and write
|
||
|
72B6000
|
heap
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
4ED6000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
34A2000
|
trusted library allocation
|
page read and write
|
||
|
27DC000
|
stack
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
3284000
|
trusted library allocation
|
page read and write
|
||
|
4275000
|
trusted library allocation
|
page read and write
|
||
|
1667000
|
trusted library allocation
|
page execute and read and write
|
||
|
72EE000
|
stack
|
page read and write
|
||
|
6BDB000
|
stack
|
page read and write
|
||
|
1267000
|
trusted library allocation
|
page execute and read and write
|
||
|
33CE000
|
trusted library allocation
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
82CA000
|
heap
|
page read and write
|
||
|
1491000
|
heap
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
3388000
|
trusted library allocation
|
page read and write
|
||
|
3EE8000
|
trusted library allocation
|
page read and write
|
||
|
6510000
|
trusted library allocation
|
page read and write
|
||
|
329A000
|
trusted library allocation
|
page read and write
|
||
|
4508000
|
trusted library allocation
|
page read and write
|
||
|
824C000
|
heap
|
page read and write
|
||
|
CF4000
|
trusted library allocation
|
page read and write
|
||
|
3296000
|
trusted library allocation
|
page read and write
|
||
|
617D000
|
stack
|
page read and write
|
||
|
47D5000
|
trusted library allocation
|
page read and write
|
||
|
45DA000
|
trusted library allocation
|
page read and write
|
||
|
647A000
|
trusted library allocation
|
page read and write
|
||
|
80AD000
|
trusted library allocation
|
page read and write
|
||
|
54FA000
|
trusted library allocation
|
page read and write
|
||
|
33D7000
|
trusted library allocation
|
page read and write
|
||
|
32CA000
|
trusted library allocation
|
page read and write
|
||
|
34D2000
|
trusted library allocation
|
page read and write
|
||
|
16DE000
|
stack
|
page read and write
|
||
|
32BE000
|
trusted library allocation
|
page read and write
|
||
|
3359000
|
trusted library allocation
|
page read and write
|
||
|
64D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7250000
|
trusted library allocation
|
page read and write
|
||
|
80AB000
|
trusted library allocation
|
page read and write
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
4063000
|
trusted library allocation
|
page read and write
|
||
|
741E000
|
stack
|
page read and write
|
||
|
45B2000
|
trusted library allocation
|
page read and write
|
||
|
31AC000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library section
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page execute and read and write
|
||
|
29C0000
|
heap
|
page execute and read and write
|
||
|
773E000
|
stack
|
page read and write
|
||
|
3F07000
|
trusted library allocation
|
page read and write
|
||
|
4540000
|
heap
|
page read and write
|
||
|
55C0000
|
heap
|
page read and write
|
||
|
88F0000
|
heap
|
page read and write
|
||
|
61CE000
|
stack
|
page read and write
|
||
|
81AE000
|
stack
|
page read and write
|
||
|
4733000
|
trusted library allocation
|
page read and write
|
||
|
A7CE000
|
stack
|
page read and write
|
||
|
828D000
|
heap
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
6D5F9000
|
unkown
|
page read and write
|
||
|
339B000
|
trusted library allocation
|
page read and write
|
||
|
3500000
|
trusted library allocation
|
page read and write
|
||
|
75FA000
|
trusted library allocation
|
page read and write
|
||
|
166B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3404000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
32D7000
|
trusted library allocation
|
page read and write
|
||
|
5904000
|
trusted library allocation
|
page read and write
|
||
|
5371000
|
trusted library allocation
|
page read and write
|
||
|
8901000
|
heap
|
page read and write
|
||
|
12FA000
|
heap
|
page read and write
|
||
|
88CF000
|
stack
|
page read and write
|
||
|
123D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
332F000
|
trusted library allocation
|
page read and write
|
||
|
5DAE000
|
stack
|
page read and write
|
||
|
3024000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
458E000
|
stack
|
page read and write
|
||
|
A68D000
|
stack
|
page read and write
|
||
|
4331000
|
trusted library allocation
|
page read and write
|
||
|
33F1000
|
trusted library allocation
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
5AC0000
|
trusted library allocation
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
3266000
|
trusted library allocation
|
page read and write
|
||
|
347F000
|
trusted library allocation
|
page read and write
|
||
|
341B000
|
trusted library allocation
|
page read and write
|
||
|
32A7000
|
trusted library allocation
|
page read and write
|
||
|
3402000
|
trusted library allocation
|
page read and write
|
||
|
63F8000
|
heap
|
page read and write
|
||
|
DAB000
|
heap
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
46A0000
|
heap
|
page readonly
|
||
|
137B000
|
heap
|
page read and write
|
||
|
3018000
|
trusted library allocation
|
page read and write
|
||
|
3485000
|
trusted library allocation
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
33E7000
|
trusted library allocation
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
334C000
|
trusted library allocation
|
page read and write
|
||
|
33B7000
|
trusted library allocation
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page read and write
|
||
|
33CB000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7487000
|
trusted library allocation
|
page read and write
|
||
|
31E8000
|
trusted library allocation
|
page read and write
|
||
|
141E000
|
stack
|
page read and write
|
||
|
61A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A2D000
|
stack
|
page read and write
|
||
|
7272000
|
heap
|
page read and write
|
||
|
6908000
|
heap
|
page read and write
|
||
|
346E000
|
trusted library allocation
|
page read and write
|
||
|
5A91000
|
trusted library allocation
|
page read and write
|
||
|
45E0000
|
trusted library allocation
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
165A000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C1000
|
trusted library allocation
|
page read and write
|
||
|
607E000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
34EA000
|
trusted library allocation
|
page read and write
|
||
|
45EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
345B000
|
trusted library allocation
|
page read and write
|
||
|
62CF000
|
stack
|
page read and write
|
||
|
890C000
|
heap
|
page read and write
|
||
|
320D000
|
trusted library allocation
|
page read and write
|
||
|
867E000
|
stack
|
page read and write
|
||
|
150C000
|
stack
|
page read and write
|
||
|
7480000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
405A000
|
trusted library allocation
|
page read and write
|
||
|
324B000
|
trusted library allocation
|
page read and write
|
||
|
12EE000
|
heap
|
page read and write
|
||
|
3376000
|
trusted library allocation
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page read and write
|
||
|
32F5000
|
trusted library allocation
|
page read and write
|
||
|
500B000
|
stack
|
page read and write
|
||
|
82F7000
|
heap
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
6A2E000
|
stack
|
page read and write
|
||
|
32B2000
|
trusted library allocation
|
page read and write
|
||
|
34B7000
|
trusted library allocation
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
3396000
|
trusted library allocation
|
page read and write
|
||
|
32C8000
|
trusted library allocation
|
page read and write
|
||
|
158E000
|
trusted library allocation
|
page read and write
|
||
|
320F000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
825C000
|
heap
|
page read and write
|
||
|
6C6C000
|
stack
|
page read and write
|
||
|
8080000
|
heap
|
page read and write
|
||
|
5B6D000
|
stack
|
page read and write
|
||
|
306B000
|
trusted library allocation
|
page read and write
|
||
|
1539000
|
heap
|
page read and write
|
||
|
30B8000
|
trusted library allocation
|
page read and write
|
||
|
32AF000
|
trusted library allocation
|
page read and write
|
||
|
750D000
|
stack
|
page read and write
|
||
|
2A30000
|
heap
|
page execute and read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
715E000
|
stack
|
page read and write
|
||
|
7EC000
|
stack
|
page read and write
|
||
|
1484000
|
heap
|
page read and write
|
||
|
3393000
|
trusted library allocation
|
page read and write
|
||
|
32F9000
|
trusted library allocation
|
page read and write
|
||
|
884D000
|
stack
|
page read and write
|
||
|
6416000
|
heap
|
page read and write
|
||
|
CE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3054000
|
trusted library allocation
|
page read and write
|
||
|
1256000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EEA000
|
stack
|
page read and write
|
||
|
40A3000
|
trusted library allocation
|
page read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
5F2E000
|
stack
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
724F000
|
trusted library allocation
|
page read and write
|
||
|
6D6B000
|
stack
|
page read and write
|
||
|
D43000
|
heap
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
644B000
|
trusted library allocation
|
page read and write
|
||
|
8011000
|
heap
|
page read and write
|
||
|
602F000
|
stack
|
page read and write
|
||
|
34A5000
|
trusted library allocation
|
page read and write
|
||
|
4065000
|
trusted library allocation
|
page read and write
|
||
|
2A38000
|
stack
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
4016000
|
trusted library allocation
|
page read and write
|
||
|
3072000
|
trusted library allocation
|
page read and write
|
||
|
D08000
|
heap
|
page read and write
|
||
|
34BB000
|
trusted library allocation
|
page read and write
|
||
|
508F000
|
stack
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
305A000
|
trusted library allocation
|
page read and write
|
||
|
82D7000
|
heap
|
page read and write
|
||
|
6D590000
|
unkown
|
page readonly
|
||
|
348B000
|
trusted library allocation
|
page read and write
|
||
|
4530000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
47B2000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
17EE000
|
stack
|
page read and write
|
||
|
8282000
|
heap
|
page read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
535B000
|
trusted library allocation
|
page read and write
|
||
|
736F000
|
stack
|
page read and write
|
||
|
5B6F000
|
trusted library allocation
|
page read and write
|
||
|
1458000
|
heap
|
page read and write
|
||
|
2C7B000
|
heap
|
page read and write
|
||
|
5751000
|
trusted library allocation
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page execute and read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
45F5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
344A000
|
trusted library allocation
|
page read and write
|
||
|
70C0000
|
trusted library allocation
|
page read and write
|
||
|
2BFF000
|
unkown
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
7FE0000
|
heap
|
page read and write
|
||
|
3453000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
3318000
|
trusted library allocation
|
page read and write
|
||
|
33C7000
|
trusted library allocation
|
page read and write
|
||
|
33B5000
|
trusted library allocation
|
page read and write
|
||
|
4CD1000
|
trusted library allocation
|
page read and write
|
||
|
7790000
|
heap
|
page read and write
|
||
|
7270000
|
trusted library allocation
|
page execute and read and write
|
||
|
67DC000
|
stack
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
3406000
|
trusted library allocation
|
page read and write
|
||
|
5DA5000
|
trusted library allocation
|
page read and write
|
||
|
729B000
|
heap
|
page read and write
|
||
|
453D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3455000
|
trusted library allocation
|
page read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
64DE000
|
stack
|
page read and write
|
||
|
8240000
|
heap
|
page read and write
|
||
|
3F0C000
|
trusted library allocation
|
page read and write
|
||
|
C85000
|
heap
|
page read and write
|
||
|
D28000
|
heap
|
page read and write
|
||
|
3056000
|
trusted library allocation
|
page read and write
|
||
|
1657000
|
trusted library allocation
|
page execute and read and write
|
||
|
3498000
|
trusted library allocation
|
page read and write
|
||
|
33EF000
|
trusted library allocation
|
page read and write
|
||
|
6830000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page execute and read and write
|
||
|
33D0000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
13C4000
|
heap
|
page read and write
|
||
|
34B9000
|
trusted library allocation
|
page read and write
|
||
|
3378000
|
trusted library allocation
|
page read and write
|
||
|
72AF000
|
heap
|
page read and write
|
||
|
13CB000
|
heap
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
33BB000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
7341000
|
heap
|
page read and write
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
472C000
|
stack
|
page read and write
|
||
|
335F000
|
trusted library allocation
|
page read and write
|
||
|
745B000
|
stack
|
page read and write
|
||
|
31C8000
|
trusted library allocation
|
page read and write
|
||
|
691C000
|
stack
|
page read and write
|
||
|
72EF000
|
heap
|
page read and write
|
||
|
331C000
|
trusted library allocation
|
page read and write
|
||
|
15A5000
|
trusted library allocation
|
page read and write
|
||
|
7254000
|
trusted library allocation
|
page read and write
|
||
|
5C6E000
|
stack
|
page read and write
|
||
|
F74000
|
unkown
|
page readonly
|
||
|
3466000
|
trusted library allocation
|
page read and write
|
||
|
74CE000
|
stack
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
8300000
|
heap
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
3432000
|
trusted library allocation
|
page read and write
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
6456000
|
trusted library allocation
|
page read and write
|
||
|
303B000
|
trusted library allocation
|
page read and write
|
||
|
31CD000
|
trusted library allocation
|
page read and write
|
||
|
323F000
|
trusted library allocation
|
page read and write
|
||
|
3086000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
335D000
|
trusted library allocation
|
page read and write
|
||
|
727E000
|
heap
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
7218000
|
trusted library allocation
|
page read and write
|
||
|
45AA000
|
trusted library allocation
|
page read and write
|
||
|
3438000
|
trusted library allocation
|
page read and write
|
||
|
325E000
|
trusted library allocation
|
page read and write
|
||
|
4E89000
|
trusted library allocation
|
page read and write
|
||
|
32DB000
|
trusted library allocation
|
page read and write
|
||
|
34F1000
|
trusted library allocation
|
page read and write
|
||
|
4025000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
33E5000
|
trusted library allocation
|
page read and write
|
||
|
8244000
|
heap
|
page read and write
|
||
|
33D4000
|
trusted library allocation
|
page read and write
|
||
|
800C000
|
heap
|
page read and write
|
||
|
803A000
|
heap
|
page read and write
|
||
|
8250000
|
heap
|
page read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
6EAE000
|
stack
|
page read and write
|
||
|
3099000
|
trusted library allocation
|
page read and write
|
||
|
71DE000
|
stack
|
page read and write
|
||
|
3067000
|
trusted library allocation
|
page read and write
|
||
|
3451000
|
trusted library allocation
|
page read and write
|
||
|
7264000
|
heap
|
page read and write
|
||
|
7200000
|
trusted library allocation
|
page read and write
|
||
|
5703000
|
heap
|
page execute and read and write
|
||
|
1530000
|
trusted library allocation
|
page execute and read and write
|
||
|
888E000
|
stack
|
page read and write
|
||
|
4805000
|
trusted library allocation
|
page read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
43D2000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
FF7B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B84000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
6434000
|
heap
|
page read and write
|
||
|
4520000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
5891000
|
trusted library allocation
|
page read and write
|
||
|
3EEF000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
64E0000
|
trusted library allocation
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
34A0000
|
trusted library allocation
|
page read and write
|
||
|
763A000
|
heap
|
page read and write
|
||
|
32CD000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
48A6000
|
trusted library allocation
|
page read and write
|
||
|
31FF000
|
trusted library allocation
|
page read and write
|
||
|
3EA3000
|
trusted library allocation
|
page read and write
|
||
|
40B4000
|
trusted library allocation
|
page read and write
|
||
|
33D2000
|
trusted library allocation
|
page read and write
|
||
|
58F5000
|
trusted library allocation
|
page read and write
|
||
|
3F11000
|
trusted library allocation
|
page read and write
|
||
|
6520000
|
heap
|
page read and write
|
||
|
730D000
|
heap
|
page read and write
|
||
|
338D000
|
trusted library allocation
|
page read and write
|
||
|
3052000
|
trusted library allocation
|
page read and write
|
||
|
32C4000
|
trusted library allocation
|
page read and write
|
||
|
7F5F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C0E000
|
stack
|
page read and write
|
||
|
72C5000
|
heap
|
page read and write
|
||
|
7245000
|
trusted library allocation
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
34CC000
|
trusted library allocation
|
page read and write
|
||
|
7521000
|
trusted library allocation
|
page read and write
|
||
|
31C6000
|
trusted library allocation
|
page read and write
|
||
|
45F2000
|
trusted library allocation
|
page read and write
|
||
|
6D5A4000
|
unkown
|
page readonly
|
||
|
7430000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E92000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
59EF000
|
stack
|
page read and write
|
||
|
46D8000
|
trusted library allocation
|
page read and write
|
||
|
863E000
|
stack
|
page read and write
|
||
|
55B1000
|
trusted library allocation
|
page read and write
|
||
|
724A000
|
trusted library allocation
|
page read and write
|
||
|
33ED000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7323000
|
heap
|
page read and write
|
||
|
F5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
F72000
|
unkown
|
page readonly
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
6D591000
|
unkown
|
page execute read
|
||
|
34EC000
|
trusted library allocation
|
page read and write
|
||
|
75B0000
|
heap
|
page read and write
|
||
|
8312000
|
heap
|
page read and write
|
||
|
4012000
|
trusted library allocation
|
page read and write
|
||
|
8254000
|
heap
|
page read and write
|
||
|
304E000
|
trusted library allocation
|
page read and write
|
||
|
406D000
|
trusted library allocation
|
page read and write
|
||
|
34CE000
|
trusted library allocation
|
page read and write
|
||
|
797E000
|
stack
|
page read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
34D4000
|
trusted library allocation
|
page read and write
|
||
|
3487000
|
trusted library allocation
|
page read and write
|
||
|
B39000
|
stack
|
page read and write
|
||
|
123C000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
31FA000
|
trusted library allocation
|
page read and write
|
||
|
3298000
|
trusted library allocation
|
page read and write
|
||
|
45F4000
|
trusted library allocation
|
page read and write
|
||
|
4E96000
|
trusted library allocation
|
page read and write
|
||
|
85F3000
|
trusted library allocation
|
page read and write
|
||
|
5984000
|
trusted library allocation
|
page read and write
|
||
|
33BC000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
350F000
|
trusted library allocation
|
page read and write
|
||
|
73AE000
|
stack
|
page read and write
|
||
|
3043000
|
trusted library allocation
|
page read and write
|
||
|
33E9000
|
trusted library allocation
|
page read and write
|
||
|
133A000
|
heap
|
page read and write
|
||
|
5513000
|
heap
|
page read and write
|
||
|
337A000
|
trusted library allocation
|
page read and write
|
||
|
1233000
|
trusted library allocation
|
page execute and read and write
|
||
|
6500000
|
trusted library allocation
|
page read and write
|
||
|
F8E000
|
remote allocation
|
page execute and read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
DA9000
|
heap
|
page read and write
|
||
|
3462000
|
trusted library allocation
|
page read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
145E000
|
heap
|
page read and write
|
||
|
46B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
13DE000
|
stack
|
page read and write
|
||
|
635E000
|
heap
|
page read and write
|
||
|
3028000
|
trusted library allocation
|
page read and write
|
||
|
3292000
|
trusted library allocation
|
page read and write
|
||
|
61B0000
|
trusted library allocation
|
page read and write
|
||
|
8442000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
323D000
|
trusted library allocation
|
page read and write
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
6B9D000
|
stack
|
page read and write
|
||
|
8160000
|
heap
|
page read and write
|
||
|
75F8000
|
trusted library allocation
|
page read and write
|
||
|
3514000
|
trusted library allocation
|
page read and write
|
||
|
3228000
|
trusted library allocation
|
page read and write
|
||
|
6E6A000
|
stack
|
page read and write
|
||
|
1265000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A71000
|
trusted library allocation
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
878E000
|
stack
|
page read and write
|
||
|
536E000
|
trusted library allocation
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page execute and read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
404F000
|
trusted library allocation
|
page read and write
|
||
|
75BD000
|
stack
|
page read and write
|
||
|
3316000
|
trusted library allocation
|
page read and write
|
||
|
82CD000
|
heap
|
page read and write
|
||
|
3385000
|
trusted library allocation
|
page read and write
|
||
|
4021000
|
trusted library allocation
|
page read and write
|
||
|
4072000
|
trusted library allocation
|
page read and write
|
||
|
7229000
|
trusted library allocation
|
page read and write
|
||
|
3303000
|
trusted library allocation
|
page read and write
|
||
|
34FC000
|
trusted library allocation
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
343A000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
3464000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
trusted library allocation
|
page read and write
|
||
|
344F000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
301C000
|
trusted library allocation
|
page read and write
|
||
|
1662000
|
trusted library allocation
|
page read and write
|
||
|
4610000
|
trusted library allocation
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
3243000
|
trusted library allocation
|
page read and write
|
||
|
85E0000
|
trusted library allocation
|
page read and write
|
||
|
3EE2000
|
trusted library allocation
|
page read and write
|
||
|
6462000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page read and write
|
||
|
636A000
|
heap
|
page read and write
|
||
|
33EF000
|
trusted library allocation
|
page read and write
|
||
|
3409000
|
trusted library allocation
|
page read and write
|
||
|
349E000
|
trusted library allocation
|
page read and write
|
||
|
58FB000
|
trusted library allocation
|
page read and write
|
||
|
401B000
|
trusted library allocation
|
page read and write
|
||
|
596F000
|
trusted library allocation
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
3446000
|
trusted library allocation
|
page read and write
|
||
|
8258000
|
heap
|
page read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
2C87000
|
heap
|
page read and write
|
||
|
4068000
|
trusted library allocation
|
page read and write
|
||
|
7780000
|
heap
|
page read and write
|
||
|
5EEF000
|
stack
|
page read and write
|
||
|
3230000
|
trusted library allocation
|
page read and write
|
||
|
630D000
|
stack
|
page read and write
|
||
|
6381000
|
heap
|
page read and write
|
||
|
CE4000
|
trusted library allocation
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
3367000
|
trusted library allocation
|
page read and write
|
||
|
5779000
|
trusted library allocation
|
page read and write
|
||
|
7470000
|
trusted library allocation
|
page execute and read and write
|
||
|
804C000
|
heap
|
page read and write
|
||
|
8018000
|
heap
|
page read and write
|
||
|
7F608000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A86000
|
trusted library allocation
|
page read and write
|
||
|
7690000
|
trusted library allocation
|
page read and write
|
||
|
33A8000
|
trusted library allocation
|
page read and write
|
||
|
46D0000
|
trusted library allocation
|
page read and write
|
||
|
64A0000
|
trusted library allocation
|
page read and write
|
||
|
4C0F000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
trusted library allocation
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
There are 833 hidden memdumps, click here to show them.