Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Wire slip account payable.pif.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Wire slip account payable.pif.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp14C9.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\EQVRGq.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\EQVRGq.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\EQVRGq.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1ypxrbms.yze.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5lv25mif.uv5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5njz4ciw.ht5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_adexolz3.0ml.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_li32tpuz.cnu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_njlbv4uw.ugk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pwi1m25g.lp3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qemwcahn.ude.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp25B1.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Wire slip account payable.pif.exe
|
"C:\Users\user\Desktop\Wire slip account payable.pif.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Wire slip
account payable.pif.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\EQVRGq.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\EQVRGq" /XML "C:\Users\user\AppData\Local\Temp\tmp14C9.tmp"
|
|
|
|
C:\Users\user\Desktop\Wire slip account payable.pif.exe
|
"C:\Users\user\Desktop\Wire slip account payable.pif.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\EQVRGq.exe
|
C:\Users\user\AppData\Roaming\EQVRGq.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\EQVRGq" /XML "C:\Users\user\AppData\Local\Temp\tmp25B1.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\EQVRGq.exe
|
"C:\Users\user\AppData\Roaming\EQVRGq.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\EQVRGq.exe
|
"C:\Users\user\AppData\Roaming\EQVRGq.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
https://api.telegram.org/bot7180778750:AAGcpZL53RI1C6DEr2Yp4lM3UKxKArXTZ4I/sendDocument
|
149.154.167.220
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
https://api.telegram.org/bot7180778750:AAGcpZL53RI1C6DEr2Yp4lM3UKxKArXTZ4I/
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 24 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
||
|
api.telegram.org
|
149.154.167.220
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Wire slip account payable_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EQVRGq_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
30E7000
|
trusted library allocation
|
page read and write
|
|
|
|
3D39000
|
trusted library allocation
|
page read and write
|
|
|
|
3061000
|
trusted library allocation
|
page read and write
|
|
|
|
2C67000
|
trusted library allocation
|
page read and write
|
|
|
|
2BE1000
|
trusted library allocation
|
page read and write
|
|
|
|
30BD000
|
trusted library allocation
|
page read and write
|
|
|
|
433000
|
remote allocation
|
page execute and read and write
|
|
|
|
30C5000
|
trusted library allocation
|
page read and write
|
|
|
|
E64000
|
trusted library allocation
|
page read and write
|
||
|
6CAE000
|
stack
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A73000
|
trusted library allocation
|
page execute and read and write
|
||
|
7020000
|
heap
|
page read and write
|
||
|
6ABF000
|
stack
|
page read and write
|
||
|
5650000
|
heap
|
page execute and read and write
|
||
|
31D6000
|
trusted library allocation
|
page read and write
|
||
|
CAA000
|
heap
|
page read and write
|
||
|
306E000
|
stack
|
page read and write
|
||
|
FB6000
|
trusted library allocation
|
page read and write
|
||
|
64A3000
|
heap
|
page read and write
|
||
|
99BE000
|
stack
|
page read and write
|
||
|
6430000
|
heap
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
648A000
|
heap
|
page read and write
|
||
|
A9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC7000
|
heap
|
page read and write
|
||
|
6F2E000
|
stack
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
heap
|
page execute and read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
1493000
|
heap
|
page read and write
|
||
|
67B2000
|
heap
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
5276000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
3A9E000
|
trusted library allocation
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
2C62000
|
trusted library allocation
|
page read and write
|
||
|
A01B000
|
stack
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
2A5E000
|
trusted library allocation
|
page read and write
|
||
|
31DC000
|
trusted library allocation
|
page read and write
|
||
|
3C4C000
|
trusted library allocation
|
page read and write
|
||
|
1162000
|
trusted library allocation
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
77C0000
|
trusted library section
|
page read and write
|
||
|
AED1000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
127C000
|
stack
|
page read and write
|
||
|
6444000
|
heap
|
page read and write
|
||
|
522D000
|
stack
|
page read and write
|
||
|
10F2000
|
heap
|
page read and write
|
||
|
520C000
|
stack
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
701C000
|
heap
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
1489000
|
heap
|
page read and write
|
||
|
423000
|
remote allocation
|
page execute and read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
BB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
A96000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D7000
|
heap
|
page read and write
|
||
|
7030000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
C45000
|
heap
|
page read and write
|
||
|
6A10000
|
heap
|
page read and write
|
||
|
54A6000
|
trusted library allocation
|
page read and write
|
||
|
5254000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
1167000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
5440000
|
heap
|
page execute and read and write
|
||
|
7008000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
A92000
|
trusted library allocation
|
page read and write
|
||
|
30E2000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
1146000
|
heap
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page read and write
|
||
|
116B000
|
trusted library allocation
|
page execute and read and write
|
||
|
977E000
|
stack
|
page read and write
|
||
|
568C000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
9C3E000
|
stack
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FD9000
|
trusted library allocation
|
page read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
4C9B000
|
trusted library allocation
|
page read and write
|
||
|
40CC000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
527D000
|
trusted library allocation
|
page read and write
|
||
|
2D56000
|
trusted library allocation
|
page read and write
|
||
|
6FDF000
|
heap
|
page read and write
|
||
|
78CD000
|
stack
|
page read and write
|
||
|
4061000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page execute and read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page execute and read and write
|
||
|
62EE000
|
stack
|
page read and write
|
||
|
2BA1000
|
trusted library allocation
|
page read and write
|
||
|
4BE8000
|
trusted library allocation
|
page read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
AC3E000
|
stack
|
page read and write
|
||
|
539B000
|
stack
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page read and write
|
||
|
6AEE000
|
stack
|
page read and write
|
||
|
13AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
2B8B000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
1092000
|
trusted library allocation
|
page read and write
|
||
|
13A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
D58000
|
stack
|
page read and write
|
||
|
13CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
1156000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D52000
|
trusted library allocation
|
page read and write
|
||
|
2E3C000
|
trusted library allocation
|
page read and write
|
||
|
54C6000
|
trusted library allocation
|
page read and write
|
||
|
A9AE000
|
stack
|
page read and write
|
||
|
692E000
|
stack
|
page read and write
|
||
|
1617000
|
heap
|
page read and write
|
||
|
A46E000
|
stack
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
A8AD000
|
stack
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
6980000
|
heap
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
A80000
|
trusted library allocation
|
page read and write
|
||
|
3A23000
|
trusted library allocation
|
page read and write
|
||
|
6B17000
|
trusted library allocation
|
page read and write
|
||
|
4DF4000
|
trusted library section
|
page readonly
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
1423000
|
heap
|
page read and write
|
||
|
3951000
|
trusted library allocation
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
6E7F000
|
stack
|
page read and write
|
||
|
EFF000
|
heap
|
page read and write
|
||
|
6B6F000
|
stack
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
682D000
|
stack
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
C5A000
|
stack
|
page read and write
|
||
|
525B000
|
trusted library allocation
|
page read and write
|
||
|
3AF4000
|
trusted library allocation
|
page read and write
|
||
|
6E50000
|
heap
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CB6000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
54BE000
|
trusted library allocation
|
page read and write
|
||
|
515D000
|
stack
|
page read and write
|
||
|
12C4000
|
trusted library allocation
|
page read and write
|
||
|
E35000
|
heap
|
page read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
54B2000
|
trusted library allocation
|
page read and write
|
||
|
6930000
|
trusted library allocation
|
page read and write
|
||
|
148F000
|
heap
|
page read and write
|
||
|
318E000
|
trusted library allocation
|
page read and write
|
||
|
C1A000
|
heap
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
6DFE000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
1086000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B96000
|
trusted library allocation
|
page read and write
|
||
|
2B9E000
|
trusted library allocation
|
page read and write
|
||
|
2E3C000
|
stack
|
page read and write
|
||
|
1073000
|
trusted library allocation
|
page read and write
|
||
|
69AD000
|
trusted library allocation
|
page read and write
|
||
|
564D000
|
stack
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
7440000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
C55000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
A56E000
|
stack
|
page read and write
|
||
|
107D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
4089000
|
trusted library allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
4F0C000
|
stack
|
page read and write
|
||
|
69A7000
|
trusted library allocation
|
page read and write
|
||
|
275B000
|
stack
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
A3A1000
|
trusted library allocation
|
page read and write
|
||
|
A83000
|
trusted library allocation
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FD2000
|
trusted library allocation
|
page read and write
|
||
|
54D2000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
58A0000
|
heap
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
6740000
|
heap
|
page read and write
|
||
|
41C000
|
remote allocation
|
page execute and read and write
|
||
|
4E0B000
|
stack
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FD000
|
stack
|
page read and write
|
||
|
13A4000
|
trusted library allocation
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
4DEC000
|
stack
|
page read and write
|
||
|
5640000
|
heap
|
page execute and read and write
|
||
|
74EE000
|
stack
|
page read and write
|
||
|
291C000
|
stack
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
67B0000
|
heap
|
page read and write
|
||
|
1597000
|
heap
|
page read and write
|
||
|
AB3D000
|
stack
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
6FD6000
|
trusted library allocation
|
page read and write
|
||
|
2760000
|
trusted library allocation
|
page read and write
|
||
|
2951000
|
trusted library allocation
|
page read and write
|
||
|
A39E000
|
stack
|
page read and write
|
||
|
6DF9000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page execute and read and write
|
||
|
7A3E000
|
stack
|
page read and write
|
||
|
A11C000
|
stack
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
1CE000
|
unkown
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
6FDE000
|
trusted library allocation
|
page read and write
|
||
|
C1E000
|
heap
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
9E7E000
|
stack
|
page read and write
|
||
|
2788000
|
trusted library allocation
|
page read and write
|
||
|
67E9000
|
heap
|
page read and write
|
||
|
AD7C000
|
stack
|
page read and write
|
||
|
2E78000
|
heap
|
page read and write
|
||
|
EE2000
|
heap
|
page read and write
|
||
|
68F000
|
stack
|
page read and write
|
||
|
67E7000
|
trusted library allocation
|
page read and write
|
||
|
6840000
|
heap
|
page read and write
|
||
|
2D8B000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
69B0000
|
trusted library allocation
|
page read and write
|
||
|
39E5000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
6E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
3188000
|
trusted library allocation
|
page read and write
|
||
|
54AB000
|
trusted library allocation
|
page read and write
|
||
|
6990000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
1149000
|
heap
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
5235000
|
heap
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
6FD0000
|
heap
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
B0A000
|
stack
|
page read and write
|
||
|
EFC000
|
heap
|
page read and write
|
||
|
7B5F000
|
heap
|
page read and write
|
||
|
13BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
1064000
|
trusted library allocation
|
page read and write
|
||
|
2D31000
|
trusted library allocation
|
page read and write
|
||
|
4CAE000
|
trusted library allocation
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
2E3E000
|
unkown
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
5805000
|
heap
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
71CF000
|
stack
|
page read and write
|
||
|
4D38000
|
trusted library allocation
|
page read and write
|
||
|
9C2000
|
unkown
|
page readonly
|
||
|
4D10000
|
heap
|
page execute and read and write
|
||
|
10D7000
|
heap
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
790E000
|
stack
|
page read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
13E2000
|
trusted library allocation
|
page read and write
|
||
|
2D5C000
|
trusted library allocation
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page read and write
|
||
|
7D3F000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
13C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
67B4000
|
heap
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
2D6C000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
2C71000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page execute and read and write
|
||
|
3050000
|
heap
|
page execute and read and write
|
||
|
3B76000
|
trusted library allocation
|
page read and write
|
||
|
69B7000
|
trusted library allocation
|
page read and write
|
||
|
3140000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
9AFD000
|
stack
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
10BA000
|
heap
|
page read and write
|
||
|
2D5E000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page read and write
|
||
|
6794000
|
heap
|
page read and write
|
||
|
69A0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
A74000
|
trusted library allocation
|
page read and write
|
||
|
67C0000
|
trusted library allocation
|
page read and write
|
||
|
60F000
|
unkown
|
page read and write
|
||
|
12D7000
|
heap
|
page read and write
|
||
|
A66D000
|
stack
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
69A3000
|
trusted library allocation
|
page read and write
|
||
|
67DD000
|
trusted library allocation
|
page read and write
|
||
|
30DE000
|
trusted library allocation
|
page read and write
|
||
|
2C55000
|
trusted library allocation
|
page read and write
|
||
|
7B73000
|
heap
|
page read and write
|
||
|
51BF000
|
stack
|
page read and write
|
||
|
2D12000
|
trusted library allocation
|
page read and write
|
||
|
1082000
|
trusted library allocation
|
page read and write
|
||
|
54C1000
|
trusted library allocation
|
page read and write
|
||
|
261E000
|
stack
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
7320000
|
heap
|
page read and write
|
||
|
3C7A000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page read and write
|
||
|
5C0D000
|
stack
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
6E60000
|
heap
|
page read and write
|
||
|
CB9000
|
heap
|
page read and write
|
||
|
AC7C000
|
stack
|
page read and write
|
||
|
4D7D000
|
stack
|
page read and write
|
||
|
109B000
|
trusted library allocation
|
page execute and read and write
|
||
|
98BE000
|
stack
|
page read and write
|
||
|
2FAE000
|
unkown
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
7430000
|
trusted library allocation
|
page read and write
|
||
|
E6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
6ECE000
|
stack
|
page read and write
|
||
|
2BC5000
|
trusted library allocation
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
30AF000
|
stack
|
page read and write
|
||
|
7450000
|
trusted library allocation
|
page read and write
|
||
|
149C000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
5960000
|
trusted library section
|
page read and write
|
||
|
411000
|
remote allocation
|
page execute and read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
6EEE000
|
stack
|
page read and write
|
||
|
3959000
|
trusted library allocation
|
page read and write
|
||
|
1419000
|
heap
|
page read and write
|
||
|
6B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C2E000
|
stack
|
page read and write
|
||
|
6DF6000
|
trusted library allocation
|
page read and write
|
||
|
3F76000
|
trusted library allocation
|
page read and write
|
||
|
6998000
|
trusted library allocation
|
page read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
4D7B000
|
trusted library allocation
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
9B00000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
13C2000
|
trusted library allocation
|
page read and write
|
||
|
3C09000
|
trusted library allocation
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page execute and read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
11F7000
|
heap
|
page read and write
|
||
|
ADBE000
|
stack
|
page read and write
|
||
|
A15E000
|
stack
|
page read and write
|
||
|
115A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
5280000
|
heap
|
page read and write
|
||
|
6BC0000
|
trusted library allocation
|
page read and write
|
||
|
1426000
|
heap
|
page read and write
|
||
|
3024000
|
trusted library allocation
|
page read and write
|
||
|
C57000
|
heap
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
6BC2000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
heap
|
page read and write
|
||
|
4CB1000
|
trusted library allocation
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
3192000
|
trusted library allocation
|
page read and write
|
||
|
E63000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
108A000
|
trusted library allocation
|
page execute and read and write
|
||
|
11AC000
|
heap
|
page read and write
|
||
|
4CBD000
|
trusted library allocation
|
page read and write
|
||
|
2DEE000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
54AE000
|
trusted library allocation
|
page read and write
|
||
|
A8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD000
|
stack
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
53B3000
|
heap
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
6479000
|
heap
|
page read and write
|
||
|
675B000
|
heap
|
page read and write
|
||
|
1165000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
CFE000
|
heap
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
13E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
526E000
|
trusted library allocation
|
page read and write
|
||
|
4D53000
|
heap
|
page read and write
|
||
|
AEBE000
|
stack
|
page read and write
|
||
|
3D31000
|
trusted library allocation
|
page read and write
|
||
|
561C000
|
stack
|
page read and write
|
||
|
6CED000
|
stack
|
page read and write
|
||
|
9B10000
|
heap
|
page read and write
|
||
|
6E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BAD000
|
trusted library allocation
|
page read and write
|
||
|
4C94000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
1097000
|
trusted library allocation
|
page execute and read and write
|
||
|
573E000
|
heap
|
page read and write
|
||
|
58D0000
|
heap
|
page read and write
|
||
|
30C1000
|
trusted library allocation
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
10E4000
|
heap
|
page read and write
|
||
|
6F42000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
30D5000
|
trusted library allocation
|
page read and write
|
||
|
54BA000
|
trusted library allocation
|
page read and write
|
||
|
5890000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
A25E000
|
stack
|
page read and write
|
||
|
31DE000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
heap
|
page read and write
|
||
|
69C0000
|
heap
|
page read and write
|
||
|
2C5E000
|
trusted library allocation
|
page read and write
|
||
|
9D3E000
|
stack
|
page read and write
|
||
|
3026000
|
trusted library allocation
|
page read and write
|
||
|
987E000
|
stack
|
page read and write
|
||
|
1153000
|
heap
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
53A0000
|
trusted library section
|
page readonly
|
||
|
788E000
|
stack
|
page read and write
|
||
|
7B40000
|
heap
|
page read and write
|
||
|
29AB000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
6BBF000
|
stack
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
A86E000
|
stack
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
30BB000
|
trusted library allocation
|
page read and write
|
||
|
7B3F000
|
stack
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
3BE1000
|
trusted library allocation
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
6DF2000
|
trusted library allocation
|
page read and write
|
||
|
6FCE000
|
stack
|
page read and write
|
||
|
FB4000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
A670000
|
heap
|
page read and write
|
||
|
2A5C000
|
trusted library allocation
|
page read and write
|
||
|
271E000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
4CE0000
|
trusted library allocation
|
page read and write
|
||
|
5693000
|
heap
|
page read and write
|
||
|
4D42000
|
trusted library allocation
|
page read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
3FB8000
|
trusted library allocation
|
page read and write
|
||
|
BBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
58DC000
|
stack
|
page read and write
|
||
|
412000
|
remote allocation
|
page execute and read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
2B92000
|
trusted library allocation
|
page read and write
|
||
|
2B9A000
|
trusted library allocation
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
9D7D000
|
stack
|
page read and write
|
||
|
BB2000
|
trusted library allocation
|
page read and write
|
||
|
5302000
|
trusted library allocation
|
page read and write
|
||
|
2E3E000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
99FD000
|
stack
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
11A000
|
stack
|
page read and write
|
||
|
4DF0000
|
trusted library section
|
page readonly
|
||
|
114D000
|
trusted library allocation
|
page execute and read and write
|
||
|
31D2000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
68EE000
|
stack
|
page read and write
|
||
|
54A000
|
stack
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
6850000
|
trusted library allocation
|
page execute and read and write
|
||
|
732E000
|
heap
|
page read and write
|
||
|
7EE40000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
5273000
|
heap
|
page read and write
|
||
|
1152000
|
trusted library allocation
|
page read and write
|
||
|
13E5000
|
trusted library allocation
|
page execute and read and write
|
||
|
69FD000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
D5A000
|
stack
|
page read and write
|
||
|
7F010000
|
trusted library allocation
|
page execute and read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DB000
|
heap
|
page read and write
|
||
|
6C6E000
|
stack
|
page read and write
|
||
|
6BCA000
|
trusted library allocation
|
page read and write
|
||
|
A36E000
|
stack
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page execute and read and write
|
||
|
13EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2925000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
30F1000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
3A61000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
6C20000
|
trusted library allocation
|
page read and write
|
||
|
2B8E000
|
trusted library allocation
|
page read and write
|
||
|
67C8000
|
trusted library allocation
|
page read and write
|
||
|
3BDA000
|
trusted library allocation
|
page read and write
|
||
|
EA6000
|
heap
|
page read and write
|
||
|
1063000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
3BF8000
|
trusted library allocation
|
page read and write
|
||
|
61ED000
|
stack
|
page read and write
|
||
|
2D08000
|
trusted library allocation
|
page read and write
|
||
|
54CD000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
6481000
|
heap
|
page read and write
|
||
|
2D0E000
|
trusted library allocation
|
page read and write
|
||
|
5271000
|
trusted library allocation
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
2BA6000
|
trusted library allocation
|
page read and write
|
There are 570 hidden memdumps, click here to show them.