Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
mxywHBknfo.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nuoe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\wwiqmn
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\32d8a5fc
|
PNG image data, 3648 x 956, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3387cd70
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\40d10350
|
PNG image data, 3648 x 956, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\41b2b71f
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dfumajfyesp
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed Oct 4 13:16:53
2023, mtime=Thu Nov 28 11:39:05 2024, atime=Thu Nov 28 11:39:02 2024, length=10115160, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp136D.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp1750.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp194D.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp1AD8.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp1BDF.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp2964.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp2B74.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp2D5B.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp2E59.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp3A18.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp3E8.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp4023.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp403E.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp4483.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp4494.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp45B1.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp47FE.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp49BF.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp5187.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp544B.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp5923.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp5ABB.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp5D2D.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp60A0.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp65AE.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp6AA3.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp6F3B.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp7151.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp765E.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp78D7.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp8500.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp92F8.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp93CE.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp9FCD.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpAAAD.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpAC3E.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpAC75.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpAF08.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpBB53.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC0E0.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC55C.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC5BE.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC9D9.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpCD6.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpD156.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpDCD5.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpE4C8.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpFA59.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
There are 47 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\mxywHBknfo.exe
|
"C:\Users\user\Desktop\mxywHBknfo.exe"
|
|
|
|
C:\Windows\SysWOW64\more.com
|
C:\Windows\SysWOW64\more.com
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
|
|
|
C:\Users\user\AppData\Roaming\sto\coml.exe
|
"C:\Users\user\AppData\Roaming\sto\coml.exe"
|
|
|
|
C:\Windows\SysWOW64\more.com
|
C:\Windows\SysWOW64\more.com
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://45.141.84.168:9000/wbinjget?q=9F196B497BDFD0CED832D4AB8AAC3B4F
|
45.141.84.168
|
|
|
|
http://vovsoft.comopen
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://www.vmware.com/0
|
unknown
|
||
|
http://vovsoft.com
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://pastebin.com/raw/cLika3dtPO
|
unknown
|
||
|
https://vovsoft.com/translation/
|
unknown
|
||
|
http://vovsoft.com/blog/how-to-uninstall-vovsoft-software/
|
unknown
|
||
|
http://www.vmware.com/0/
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://45.141.84.168:9000
|
unknown
|
||
|
https://www.karenware.com/powertools/ptwhois0
|
unknown
|
||
|
http://vovsoft.com/help/
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://vovsoft.com/blog/how-to-activate-using-license-key/open
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
https://pastebin.com/raw/cLika3dt
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://45.141.84.168:9000/wbinjget?q=9F196B497BDFD0CED832D4AB8AAC3B4FP
|
unknown
|
||
|
http://vovsoft.com/
|
unknown
|
||
|
https://vovsoft.com/blog/credits-and-acknowledgements/H
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://45.141.84.168
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://www.info-zip.org/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 21 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0035.t-0009.t-msedge.net
|
13.107.246.63
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.141.84.168
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5C20000
|
direct allocation
|
page read and write
|
|
|
|
5AA0000
|
direct allocation
|
page read and write
|
|
|
|
D02000
|
unkown
|
page readonly
|
|
|
|
12E5000
|
unkown
|
page readonly
|
||
|
56E1000
|
unkown
|
page read and write
|
||
|
1143000
|
unkown
|
page readonly
|
||
|
2A534FA2000
|
heap
|
page read and write
|
||
|
E0C000
|
unkown
|
page execute read
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
EBE4FFE000
|
stack
|
page read and write
|
||
|
E77000
|
unkown
|
page execute read
|
||
|
F84000
|
trusted library allocation
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
4C16000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F3DD37D000
|
direct allocation
|
page read and write
|
||
|
1176000
|
unkown
|
page execute read
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
2A530866000
|
direct allocation
|
page read and write
|
||
|
129E000
|
unkown
|
page write copy
|
||
|
2A534051000
|
direct allocation
|
page read and write
|
||
|
4E70000
|
unkown
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
1F3DB9F0000
|
heap
|
page read and write
|
||
|
2894000
|
trusted library allocation
|
page read and write
|
||
|
10AC000
|
unkown
|
page read and write
|
||
|
6CD9000
|
stack
|
page read and write
|
||
|
2A530878000
|
direct allocation
|
page read and write
|
||
|
117F000
|
unkown
|
page execute read
|
||
|
D8D000
|
unkown
|
page execute read
|
||
|
5325000
|
trusted library allocation
|
page read and write
|
||
|
125E000
|
unkown
|
page read and write
|
||
|
4D71000
|
unkown
|
page read and write
|
||
|
10DC000
|
unkown
|
page read and write
|
||
|
C5A000
|
unkown
|
page execute read
|
||
|
2BE2000
|
trusted library allocation
|
page read and write
|
||
|
1088000
|
unkown
|
page read and write
|
||
|
2A534D9B000
|
heap
|
page read and write
|
||
|
1224000
|
unkown
|
page read and write
|
||
|
10D2000
|
unkown
|
page execute read
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
C7F000
|
unkown
|
page execute read
|
||
|
1116000
|
unkown
|
page read and write
|
||
|
57E0000
|
unkown
|
page read and write
|
||
|
840000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A5308C2000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2A533E37000
|
heap
|
page read and write
|
||
|
8F0000
|
trusted library allocation
|
page read and write
|
||
|
13F9000
|
unkown
|
page readonly
|
||
|
5CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB8000
|
unkown
|
page execute read
|
||
|
FC2000
|
unkown
|
page execute read
|
||
|
4F7A000
|
heap
|
page read and write
|
||
|
DAC000
|
stack
|
page read and write
|
||
|
106A000
|
unkown
|
page execute read
|
||
|
2A5308E8000
|
direct allocation
|
page read and write
|
||
|
1242000
|
unkown
|
page write copy
|
||
|
E8B000
|
unkown
|
page execute read
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
483D000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
trusted library allocation
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
CD6000
|
unkown
|
page execute read
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
4B5E000
|
direct allocation
|
page read and write
|
||
|
90A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F3D9A31000
|
heap
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
2981000
|
trusted library allocation
|
page read and write
|
||
|
10D7000
|
unkown
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F3DB3CD000
|
direct allocation
|
page read and write
|
||
|
E4F000
|
unkown
|
page execute read
|
||
|
137B000
|
unkown
|
page readonly
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
ED5000
|
unkown
|
page execute read
|
||
|
F7C000
|
unkown
|
page execute read
|
||
|
DC9000
|
unkown
|
page execute read
|
||
|
2A53514E000
|
heap
|
page read and write
|
||
|
2A530928000
|
direct allocation
|
page read and write
|
||
|
4CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D34FD000
|
stack
|
page read and write
|
||
|
2A534D53000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
DCB000
|
trusted library allocation
|
page read and write
|
||
|
8ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
E7F000
|
unkown
|
page execute read
|
||
|
1F3DB421000
|
direct allocation
|
page read and write
|
||
|
1207000
|
unkown
|
page execute read
|
||
|
1F3D9B63000
|
heap
|
page read and write
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
2871000
|
trusted library allocation
|
page read and write
|
||
|
1195000
|
unkown
|
page execute read
|
||
|
111C000
|
unkown
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2AE5000
|
trusted library allocation
|
page read and write
|
||
|
11B8000
|
unkown
|
page execute read
|
||
|
2A530835000
|
direct allocation
|
page read and write
|
||
|
CE3000
|
unkown
|
page execute read
|
||
|
27E5000
|
trusted library allocation
|
page read and write
|
||
|
D72000
|
unkown
|
page execute read
|
||
|
BF9000
|
stack
|
page read and write
|
||
|
2A530730000
|
heap
|
page read and write
|
||
|
2B04000
|
trusted library allocation
|
page read and write
|
||
|
2BA1000
|
trusted library allocation
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
1F3D99EB000
|
heap
|
page read and write
|
||
|
2AC3000
|
trusted library allocation
|
page read and write
|
||
|
124A000
|
unkown
|
page write copy
|
||
|
1172000
|
unkown
|
page execute read
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
1253000
|
unkown
|
page write copy
|
||
|
5330000
|
heap
|
page read and write
|
||
|
2A2F000
|
trusted library allocation
|
page read and write
|
||
|
2A530843000
|
direct allocation
|
page read and write
|
||
|
F79000
|
unkown
|
page execute read
|
||
|
C42000
|
unkown
|
page execute read
|
||
|
2A532680000
|
heap
|
page read and write
|
||
|
1223000
|
unkown
|
page write copy
|
||
|
1056000
|
unkown
|
page execute read
|
||
|
7D33FE000
|
stack
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
1F3D9B60000
|
heap
|
page read and write
|
||
|
1275000
|
unkown
|
page write copy
|
||
|
773E000
|
stack
|
page read and write
|
||
|
E8E000
|
unkown
|
page execute read
|
||
|
1247000
|
unkown
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
51BC000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
CDA000
|
unkown
|
page execute read
|
||
|
2B21000
|
trusted library allocation
|
page read and write
|
||
|
1228000
|
unkown
|
page read and write
|
||
|
906000
|
trusted library allocation
|
page execute and read and write
|
||
|
1051000
|
unkown
|
page execute read
|
||
|
12B6000
|
unkown
|
page read and write
|
||
|
388E000
|
trusted library allocation
|
page read and write
|
||
|
1F3D99D5000
|
heap
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
69C000
|
stack
|
page read and write
|
||
|
EBE50FE000
|
stack
|
page read and write
|
||
|
1F3DF052000
|
unkown
|
page read and write
|
||
|
554E000
|
stack
|
page read and write
|
||
|
2A53088D000
|
direct allocation
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
2A530779000
|
heap
|
page read and write
|
||
|
10F1000
|
unkown
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
EE4000
|
unkown
|
page execute read
|
||
|
EBA000
|
unkown
|
page execute read
|
||
|
2A53090F000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page read and write
|
||
|
1221000
|
unkown
|
page read and write
|
||
|
2AD8000
|
trusted library allocation
|
page read and write
|
||
|
2AF2000
|
trusted library allocation
|
page read and write
|
||
|
294E000
|
trusted library allocation
|
page read and write
|
||
|
4C2B000
|
trusted library allocation
|
page read and write
|
||
|
5309000
|
trusted library allocation
|
page read and write
|
||
|
1275000
|
unkown
|
page read and write
|
||
|
2A53087C000
|
direct allocation
|
page read and write
|
||
|
EB7000
|
unkown
|
page execute read
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
2A530630000
|
heap
|
page read and write
|
||
|
5DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
382E000
|
trusted library allocation
|
page read and write
|
||
|
1432000
|
unkown
|
page readonly
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
4E57000
|
heap
|
page read and write
|
||
|
2A534DA2000
|
heap
|
page read and write
|
||
|
2A535E90000
|
trusted library allocation
|
page read and write
|
||
|
8E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F3DB476000
|
direct allocation
|
page read and write
|
||
|
292D000
|
trusted library allocation
|
page read and write
|
||
|
EBE51FE000
|
stack
|
page read and write
|
||
|
66F6000
|
heap
|
page read and write
|
||
|
2BC9000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
E1F000
|
unkown
|
page execute read
|
||
|
2A53087A000
|
direct allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
2A530868000
|
direct allocation
|
page read and write
|
||
|
2711000
|
trusted library allocation
|
page read and write
|
||
|
2B16000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
2A53077B000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F3DD755000
|
heap
|
page read and write
|
||
|
28D7000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB41A000
|
direct allocation
|
page read and write
|
||
|
290E000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2A534F66000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
1F3DD361000
|
direct allocation
|
page read and write
|
||
|
2A53086E000
|
direct allocation
|
page read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
136F000
|
stack
|
page read and write
|
||
|
115B000
|
unkown
|
page execute read
|
||
|
126F000
|
unkown
|
page write copy
|
||
|
FCF000
|
unkown
|
page execute read
|
||
|
C3F000
|
stack
|
page read and write
|
||
|
1F3DB468000
|
direct allocation
|
page read and write
|
||
|
1136000
|
unkown
|
page execute read
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
107D000
|
unkown
|
page write copy
|
||
|
2857000
|
trusted library allocation
|
page read and write
|
||
|
2947000
|
trusted library allocation
|
page read and write
|
||
|
688D000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1028000
|
heap
|
page read and write
|
||
|
97B000
|
stack
|
page read and write
|
||
|
5318000
|
trusted library allocation
|
page read and write
|
||
|
124F000
|
unkown
|
page write copy
|
||
|
12B3000
|
unkown
|
page write copy
|
||
|
107D000
|
unkown
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
2A530880000
|
direct allocation
|
page read and write
|
||
|
2A53086C000
|
direct allocation
|
page read and write
|
||
|
C46000
|
unkown
|
page execute read
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
2A536172000
|
trusted library allocation
|
page read and write
|
||
|
E1B000
|
unkown
|
page execute read
|
||
|
2A53088B000
|
direct allocation
|
page read and write
|
||
|
35BC000
|
heap
|
page read and write
|
||
|
2C0F000
|
stack
|
page read and write
|
||
|
2A530650000
|
heap
|
page read and write
|
||
|
2A53092F000
|
direct allocation
|
page read and write
|
||
|
12C0000
|
unkown
|
page read and write
|
||
|
2A53403D000
|
direct allocation
|
page read and write
|
||
|
12BC000
|
unkown
|
page read and write
|
||
|
2A53093D000
|
direct allocation
|
page read and write
|
||
|
296A000
|
trusted library allocation
|
page read and write
|
||
|
1226000
|
unkown
|
page write copy
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
2A5356B7000
|
heap
|
page read and write
|
||
|
66F0000
|
heap
|
page read and write
|
||
|
2A5308F7000
|
direct allocation
|
page read and write
|
||
|
7080000
|
heap
|
page read and write
|
||
|
34A0000
|
direct allocation
|
page read and write
|
||
|
8E4000
|
trusted library allocation
|
page read and write
|
||
|
E26000
|
trusted library allocation
|
page read and write
|
||
|
143F000
|
unkown
|
page readonly
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
2A53402D000
|
direct allocation
|
page read and write
|
||
|
CEA000
|
unkown
|
page execute read
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
5A2F000
|
stack
|
page read and write
|
||
|
2ACB000
|
trusted library allocation
|
page read and write
|
||
|
2BA3000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB45E000
|
direct allocation
|
page read and write
|
||
|
2A4B000
|
trusted library allocation
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page execute and read and write
|
||
|
2A5306C3000
|
heap
|
page read and write
|
||
|
1141000
|
unkown
|
page read and write
|
||
|
D6C000
|
unkown
|
page execute read
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
2A53405E000
|
direct allocation
|
page read and write
|
||
|
DA8000
|
unkown
|
page execute read
|
||
|
1F3D9BC5000
|
heap
|
page read and write
|
||
|
1F3DB428000
|
direct allocation
|
page read and write
|
||
|
669A000
|
heap
|
page read and write
|
||
|
FF3000
|
unkown
|
page execute read
|
||
|
1F3D99EB000
|
heap
|
page read and write
|
||
|
1F3DB48C000
|
direct allocation
|
page read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
10C2000
|
unkown
|
page execute read
|
||
|
10DA000
|
unkown
|
page read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
736D000
|
stack
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
1F3D99E5000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
532F000
|
trusted library allocation
|
page read and write
|
||
|
5CB1000
|
trusted library allocation
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
EAD000
|
unkown
|
page execute read
|
||
|
C8D000
|
unkown
|
page execute read
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
2A530761000
|
heap
|
page read and write
|
||
|
2A53084B000
|
direct allocation
|
page read and write
|
||
|
10F7000
|
unkown
|
page read and write
|
||
|
E5F000
|
unkown
|
page execute read
|
||
|
66F8000
|
heap
|
page read and write
|
||
|
2A534E00000
|
trusted library allocation
|
page read and write
|
||
|
1297000
|
unkown
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
FF050000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A36000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
1F3D9B10000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
281D000
|
trusted library allocation
|
page read and write
|
||
|
C67000
|
unkown
|
page execute read
|
||
|
C6C000
|
unkown
|
page execute read
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
103B000
|
unkown
|
page execute read
|
||
|
531F000
|
trusted library allocation
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
||
|
DAB000
|
unkown
|
page execute read
|
||
|
2A83000
|
trusted library allocation
|
page read and write
|
||
|
6F5D000
|
stack
|
page read and write
|
||
|
F73000
|
trusted library allocation
|
page execute and read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
10CF000
|
unkown
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2A530916000
|
direct allocation
|
page read and write
|
||
|
126F000
|
unkown
|
page read and write
|
||
|
126A000
|
unkown
|
page write copy
|
||
|
A30000
|
heap
|
page read and write
|
||
|
C78000
|
unkown
|
page execute read
|
||
|
FD7000
|
unkown
|
page execute read
|
||
|
2A535009000
|
unkown
|
page read and write
|
||
|
DF3000
|
unkown
|
page execute read
|
||
|
293A000
|
trusted library allocation
|
page read and write
|
||
|
2CB8000
|
trusted library allocation
|
page read and write
|
||
|
FBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
2BBC000
|
trusted library allocation
|
page read and write
|
||
|
121D000
|
unkown
|
page write copy
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
1F3DD1EE000
|
heap
|
page read and write
|
||
|
380D000
|
trusted library allocation
|
page read and write
|
||
|
2A532786000
|
heap
|
page read and write
|
||
|
10D5000
|
unkown
|
page read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
11CA000
|
unkown
|
page execute read
|
||
|
509E000
|
stack
|
page read and write
|
||
|
E58000
|
trusted library allocation
|
page read and write
|
||
|
127A000
|
unkown
|
page read and write
|
||
|
2A530870000
|
direct allocation
|
page read and write
|
||
|
FC7000
|
unkown
|
page execute read
|
||
|
ED3000
|
unkown
|
page execute read
|
||
|
2A56000
|
trusted library allocation
|
page read and write
|
||
|
2A5308A2000
|
direct allocation
|
page read and write
|
||
|
2A02000
|
trusted library allocation
|
page read and write
|
||
|
3836000
|
trusted library allocation
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
6E21000
|
heap
|
page read and write
|
||
|
2E4B000
|
trusted library allocation
|
page read and write
|
||
|
10B6000
|
unkown
|
page read and write
|
||
|
E49000
|
trusted library allocation
|
page read and write
|
||
|
2A533E41000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
915000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
1026000
|
unkown
|
page execute read
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2A530906000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
902000
|
trusted library allocation
|
page read and write
|
||
|
123C000
|
unkown
|
page write copy
|
||
|
6D9000
|
stack
|
page read and write
|
||
|
2A530765000
|
heap
|
page read and write
|
||
|
1F3DB46F000
|
direct allocation
|
page read and write
|
||
|
117B000
|
unkown
|
page execute read
|
||
|
66D2000
|
heap
|
page read and write
|
||
|
E07000
|
unkown
|
page execute read
|
||
|
2A530884000
|
direct allocation
|
page read and write
|
||
|
2883000
|
trusted library allocation
|
page read and write
|
||
|
2A53403B000
|
direct allocation
|
page read and write
|
||
|
DBC000
|
unkown
|
page execute read
|
||
|
DDA000
|
unkown
|
page execute read
|
||
|
2A53089B000
|
direct allocation
|
page read and write
|
||
|
2A530889000
|
direct allocation
|
page read and write
|
||
|
49C0000
|
direct allocation
|
page read and write
|
||
|
6D1D000
|
stack
|
page read and write
|
||
|
1F3DB3D4000
|
direct allocation
|
page read and write
|
||
|
2975000
|
trusted library allocation
|
page read and write
|
||
|
2A53091E000
|
direct allocation
|
page read and write
|
||
|
113D000
|
unkown
|
page read and write
|
||
|
2C79000
|
trusted library allocation
|
page read and write
|
||
|
2A530882000
|
direct allocation
|
page read and write
|
||
|
1F3DB3F2000
|
direct allocation
|
page read and write
|
||
|
2A53548E000
|
heap
|
page read and write
|
||
|
109A000
|
unkown
|
page execute read
|
||
|
48AD000
|
stack
|
page read and write
|
||
|
2A53403F000
|
direct allocation
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
125F000
|
unkown
|
page write copy
|
||
|
2A534FF7000
|
trusted library allocation
|
page read and write
|
||
|
D63000
|
unkown
|
page execute read
|
||
|
1F3DB430000
|
direct allocation
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF7000
|
unkown
|
page execute read
|
||
|
7A0000
|
direct allocation
|
page read and write
|
||
|
1448000
|
unkown
|
page readonly
|
||
|
2BF7000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
F6D000
|
unkown
|
page execute read
|
||
|
7B3E000
|
stack
|
page read and write
|
||
|
540D000
|
stack
|
page read and write
|
||
|
2C66000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
DAE000
|
unkown
|
page execute read
|
||
|
2A5328FE000
|
heap
|
page read and write
|
||
|
FFB000
|
heap
|
page read and write
|
||
|
3BB000
|
stack
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
91B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27AF000
|
trusted library allocation
|
page read and write
|
||
|
3EB5000
|
trusted library allocation
|
page read and write
|
||
|
35A0000
|
heap
|
page read and write
|
||
|
E64000
|
unkown
|
page execute read
|
||
|
C4B000
|
unkown
|
page execute read
|
||
|
ED8000
|
unkown
|
page execute read
|
||
|
E0B000
|
trusted library allocation
|
page read and write
|
||
|
C4F000
|
unkown
|
page execute read
|
||
|
95C000
|
heap
|
page read and write
|
||
|
2864000
|
trusted library allocation
|
page read and write
|
||
|
2A53077B000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
783F000
|
stack
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
6B9D000
|
stack
|
page read and write
|
||
|
2878000
|
trusted library allocation
|
page read and write
|
||
|
2FEC000
|
stack
|
page read and write
|
||
|
2A5309A5000
|
heap
|
page read and write
|
||
|
4AE9000
|
direct allocation
|
page read and write
|
||
|
604B000
|
stack
|
page read and write
|
||
|
763E000
|
stack
|
page read and write
|
||
|
2A534055000
|
direct allocation
|
page read and write
|
||
|
11AB000
|
unkown
|
page execute read
|
||
|
1F3DB456000
|
direct allocation
|
page read and write
|
||
|
4C35000
|
trusted library allocation
|
page read and write
|
||
|
4D71000
|
unkown
|
page read and write
|
||
|
27BA000
|
trusted library allocation
|
page read and write
|
||
|
2A24000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB40A000
|
direct allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
2A5308F0000
|
direct allocation
|
page read and write
|
||
|
6A30000
|
heap
|
page read and write
|
||
|
1145000
|
unkown
|
page readonly
|
||
|
1441000
|
unkown
|
page readonly
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2849000
|
trusted library allocation
|
page read and write
|
||
|
11F9000
|
unkown
|
page execute read
|
||
|
4AED000
|
direct allocation
|
page read and write
|
||
|
1F3DD1D4000
|
heap
|
page read and write
|
||
|
CBB000
|
unkown
|
page execute read
|
||
|
1120000
|
unkown
|
page read and write
|
||
|
29E4000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB370000
|
direct allocation
|
page read and write
|
||
|
EC2000
|
unkown
|
page execute read
|
||
|
1F3DB3E2000
|
direct allocation
|
page read and write
|
||
|
2835000
|
trusted library allocation
|
page read and write
|
||
|
2A530953000
|
direct allocation
|
page read and write
|
||
|
54CE000
|
direct allocation
|
page read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
1F3D99A9000
|
heap
|
page read and write
|
||
|
2A534D99000
|
heap
|
page read and write
|
||
|
2A534415000
|
heap
|
page read and write
|
||
|
2FAC000
|
stack
|
page read and write
|
||
|
2A53534A000
|
unkown
|
page read and write
|
||
|
2E06000
|
trusted library allocation
|
page read and write
|
||
|
2BDB000
|
trusted library allocation
|
page read and write
|
||
|
11ED000
|
unkown
|
page execute read
|
||
|
E0E000
|
trusted library allocation
|
page read and write
|
||
|
7D32FE000
|
stack
|
page read and write
|
||
|
122E000
|
unkown
|
page write copy
|
||
|
1389000
|
unkown
|
page readonly
|
||
|
2E35000
|
trusted library allocation
|
page read and write
|
||
|
7D2FEA000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
8D0000
|
trusted library allocation
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
BE2000
|
unkown
|
page execute read
|
||
|
1295000
|
unkown
|
page write copy
|
||
|
E21000
|
trusted library allocation
|
page read and write
|
||
|
E32000
|
unkown
|
page execute read
|
||
|
114D000
|
unkown
|
page execute read
|
||
|
283E000
|
trusted library allocation
|
page read and write
|
||
|
2A5309A0000
|
heap
|
page read and write
|
||
|
5CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
128E000
|
unkown
|
page read and write
|
||
|
122E000
|
unkown
|
page read and write
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
E67000
|
heap
|
page read and write
|
||
|
2A534D8C000
|
heap
|
page read and write
|
||
|
103C000
|
heap
|
page read and write
|
||
|
72F0000
|
heap
|
page read and write
|
||
|
1F3DB3D2000
|
direct allocation
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
5480000
|
unkown
|
page read and write
|
||
|
1F3DBA00000
|
unkown
|
page read and write
|
||
|
2B11000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB47D000
|
direct allocation
|
page read and write
|
||
|
1271000
|
unkown
|
page write copy
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2A533E87000
|
heap
|
page read and write
|
||
|
113C000
|
unkown
|
page write copy
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
291F000
|
trusted library allocation
|
page read and write
|
||
|
2A5308CA000
|
direct allocation
|
page read and write
|
||
|
6A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C92000
|
trusted library allocation
|
page read and write
|
||
|
1F3D99EA000
|
heap
|
page read and write
|
||
|
2A53084E000
|
direct allocation
|
page read and write
|
||
|
2E1E000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB44F000
|
direct allocation
|
page read and write
|
||
|
1F3DE10A000
|
heap
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
35B7000
|
heap
|
page read and write
|
||
|
2B0B000
|
trusted library allocation
|
page read and write
|
||
|
2A530841000
|
direct allocation
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
2A5308B2000
|
direct allocation
|
page read and write
|
||
|
6E1C000
|
stack
|
page read and write
|
||
|
2A530890000
|
direct allocation
|
page read and write
|
||
|
10F4000
|
unkown
|
page read and write
|
||
|
2A534CD5000
|
heap
|
page read and write
|
||
|
11A3000
|
unkown
|
page execute read
|
||
|
2917000
|
trusted library allocation
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
1F3DB39C000
|
direct allocation
|
page read and write
|
||
|
56E0000
|
unkown
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
68B0000
|
trusted library section
|
page read and write
|
||
|
1105000
|
unkown
|
page execute read
|
||
|
1126000
|
unkown
|
page execute read
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
545D000
|
direct allocation
|
page read and write
|
||
|
1F3DD3AB000
|
direct allocation
|
page read and write
|
||
|
1F3DE44D000
|
heap
|
page read and write
|
||
|
127D000
|
unkown
|
page write copy
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
10EE000
|
unkown
|
page read and write
|
||
|
2A534CE3000
|
heap
|
page read and write
|
||
|
121D000
|
unkown
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2A530776000
|
heap
|
page read and write
|
||
|
1F3DB379000
|
direct allocation
|
page read and write
|
||
|
2965000
|
trusted library allocation
|
page read and write
|
||
|
2E21000
|
trusted library allocation
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
73F0000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
E2D000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
FFF000
|
unkown
|
page execute read
|
||
|
53CE000
|
stack
|
page read and write
|
||
|
2E58000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F3DBBAE000
|
heap
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
5C60000
|
trusted library allocation
|
page read and write
|
||
|
29AD000
|
trusted library allocation
|
page read and write
|
||
|
2A530847000
|
direct allocation
|
page read and write
|
||
|
66B0000
|
heap
|
page read and write
|
||
|
2A535276000
|
unkown
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
1248000
|
unkown
|
page write copy
|
||
|
DED000
|
unkown
|
page execute read
|
||
|
2A534D87000
|
heap
|
page read and write
|
||
|
2A53401F000
|
direct allocation
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page read and write
|
||
|
4C7B000
|
trusted library allocation
|
page read and write
|
||
|
538E000
|
stack
|
page read and write
|
||
|
E12000
|
unkown
|
page execute read
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
100C000
|
unkown
|
page execute read
|
||
|
104A000
|
unkown
|
page execute read
|
||
|
E1E000
|
trusted library allocation
|
page read and write
|
||
|
EC8000
|
unkown
|
page execute read
|
||
|
534F000
|
stack
|
page read and write
|
||
|
4D71000
|
unkown
|
page read and write
|
||
|
4D70000
|
unkown
|
page read and write
|
||
|
1168000
|
unkown
|
page execute read
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
1291000
|
unkown
|
page read and write
|
||
|
126B000
|
unkown
|
page read and write
|
||
|
288A000
|
trusted library allocation
|
page read and write
|
||
|
2A53404F000
|
direct allocation
|
page read and write
|
||
|
2BAF000
|
trusted library allocation
|
page read and write
|
||
|
12BA000
|
unkown
|
page read and write
|
||
|
11BE000
|
unkown
|
page execute read
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2A530830000
|
direct allocation
|
page read and write
|
||
|
3711000
|
trusted library allocation
|
page read and write
|
||
|
2A530872000
|
direct allocation
|
page read and write
|
||
|
2A530833000
|
direct allocation
|
page read and write
|
||
|
10AF000
|
unkown
|
page read and write
|
||
|
F74000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
124C000
|
unkown
|
page read and write
|
||
|
550E000
|
stack
|
page read and write
|
||
|
D5E000
|
unkown
|
page execute read
|
||
|
1F3D99A0000
|
heap
|
page read and write
|
||
|
2BE7000
|
trusted library allocation
|
page read and write
|
||
|
2A530850000
|
direct allocation
|
page read and write
|
||
|
2A530944000
|
direct allocation
|
page read and write
|
||
|
C53000
|
unkown
|
page execute read
|
||
|
2E14000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
6E31000
|
heap
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
66D4000
|
heap
|
page read and write
|
||
|
2A53077B000
|
heap
|
page read and write
|
||
|
10CB000
|
unkown
|
page read and write
|
||
|
2CBE000
|
trusted library allocation
|
page read and write
|
||
|
11FC000
|
unkown
|
page execute read
|
||
|
10B4000
|
unkown
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
E94000
|
unkown
|
page execute read
|
||
|
2A5306C0000
|
heap
|
page read and write
|
||
|
2A534DF6000
|
heap
|
page read and write
|
||
|
2A5308DA000
|
direct allocation
|
page read and write
|
||
|
1F3D99E8000
|
heap
|
page read and write
|
||
|
EBE52FD000
|
stack
|
page read and write
|
||
|
12E1000
|
unkown
|
page write copy
|
||
|
8FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
10AD000
|
unkown
|
page execute read
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
1081000
|
unkown
|
page read and write
|
||
|
5459000
|
direct allocation
|
page read and write
|
||
|
111A000
|
unkown
|
page read and write
|
||
|
1F3D9AA0000
|
heap
|
page read and write
|
||
|
1238000
|
unkown
|
page write copy
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
6050000
|
trusted library allocation
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
4F50000
|
heap
|
page execute and read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
2A534011000
|
direct allocation
|
page read and write
|
||
|
1F3DBCAB000
|
heap
|
page read and write
|
||
|
D3A000
|
unkown
|
page execute read
|
||
|
28AB000
|
trusted library allocation
|
page read and write
|
||
|
2CC2000
|
trusted library allocation
|
page read and write
|
||
|
1254000
|
unkown
|
page read and write
|
||
|
2A533E84000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
29F5000
|
trusted library allocation
|
page read and write
|
||
|
142D000
|
unkown
|
page readonly
|
||
|
83C000
|
stack
|
page read and write
|
||
|
2C85000
|
trusted library allocation
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
917000
|
trusted library allocation
|
page execute and read and write
|
||
|
66E5000
|
heap
|
page read and write
|
||
|
A37000
|
heap
|
page read and write
|
||
|
11F0000
|
unkown
|
page execute read
|
||
|
2A534F72000
|
trusted library allocation
|
page read and write
|
||
|
2A530864000
|
direct allocation
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
532A000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
direct allocation
|
page read and write
|
||
|
2B2C000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB484000
|
direct allocation
|
page read and write
|
||
|
4C10000
|
trusted library allocation
|
page read and write
|
||
|
4E8D000
|
stack
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
2A530845000
|
direct allocation
|
page read and write
|
||
|
1F3DB49A000
|
direct allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page execute and read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
EBD000
|
unkown
|
page execute read
|
||
|
4885000
|
trusted library allocation
|
page read and write
|
||
|
2C77000
|
trusted library allocation
|
page read and write
|
||
|
2A530874000
|
direct allocation
|
page read and write
|
||
|
1F3DB3DB000
|
direct allocation
|
page read and write
|
||
|
705D000
|
stack
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
33AF000
|
stack
|
page read and write
|
||
|
2A53086A000
|
direct allocation
|
page read and write
|
||
|
912000
|
trusted library allocation
|
page read and write
|
||
|
2A533E20000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C5000
|
trusted library allocation
|
page read and write
|
||
|
FB1000
|
unkown
|
page execute read
|
||
|
A91000
|
unkown
|
page execute read
|
||
|
1F3DF251000
|
unkown
|
page read and write
|
||
|
4C13000
|
trusted library allocation
|
page read and write
|
||
|
2A530892000
|
direct allocation
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
1152000
|
unkown
|
page execute read
|
||
|
2A534DF6000
|
heap
|
page read and write
|
||
|
2B59000
|
trusted library allocation
|
page read and write
|
||
|
F14000
|
unkown
|
page execute read
|
||
|
27FB000
|
trusted library allocation
|
page read and write
|
||
|
2A53087E000
|
direct allocation
|
page read and write
|
||
|
56E1000
|
unkown
|
page read and write
|
||
|
4710000
|
trusted library allocation
|
page read and write
|
||
|
F7E000
|
unkown
|
page execute read
|
||
|
1F3DB38B000
|
direct allocation
|
page read and write
|
||
|
27BE000
|
trusted library allocation
|
page read and write
|
||
|
28A0000
|
trusted library allocation
|
page read and write
|
||
|
5305000
|
trusted library allocation
|
page read and write
|
||
|
121F000
|
unkown
|
page write copy
|
||
|
1F3DBA77000
|
unkown
|
page read and write
|
||
|
2A530739000
|
heap
|
page read and write
|
||
|
1299000
|
unkown
|
page write copy
|
||
|
2B99000
|
trusted library allocation
|
page read and write
|
||
|
73AE000
|
stack
|
page read and write
|
||
|
2A53095A000
|
direct allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A5308E1000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
2A530550000
|
heap
|
page read and write
|
||
|
D1D000
|
unkown
|
page execute read
|
||
|
1F3DB437000
|
direct allocation
|
page read and write
|
||
|
E1A000
|
trusted library allocation
|
page read and write
|
||
|
27B2000
|
trusted library allocation
|
page read and write
|
||
|
2CA6000
|
trusted library allocation
|
page read and write
|
||
|
CEF000
|
unkown
|
page execute read
|
||
|
1F3DB402000
|
direct allocation
|
page read and write
|
||
|
2E49000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
C27000
|
heap
|
page read and write
|
||
|
2A533E79000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
EBE4EFA000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2A5307C1000
|
heap
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
2A535200000
|
unkown
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
1F3DD1C9000
|
heap
|
page read and write
|
||
|
1033000
|
unkown
|
page execute read
|
||
|
D53000
|
unkown
|
page execute read
|
||
|
1F3D9B30000
|
direct allocation
|
page execute and read and write
|
||
|
2AB9000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB3C6000
|
direct allocation
|
page read and write
|
||
|
2CCE000
|
trusted library allocation
|
page read and write
|
||
|
2A1D000
|
trusted library allocation
|
page read and write
|
||
|
5302000
|
trusted library allocation
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
1F3D99D1000
|
heap
|
page read and write
|
||
|
115E000
|
unkown
|
page execute read
|
||
|
1294000
|
unkown
|
page read and write
|
||
|
1299000
|
unkown
|
page read and write
|
||
|
3881000
|
trusted library allocation
|
page read and write
|
||
|
1113000
|
unkown
|
page execute read
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
2959000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
57E1000
|
unkown
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
11AD000
|
unkown
|
page execute read
|
||
|
1260000
|
heap
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
1013000
|
unkown
|
page execute read
|
||
|
2C9F000
|
trusted library allocation
|
page read and write
|
||
|
71DD000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F3DD38F000
|
direct allocation
|
page read and write
|
||
|
1F3D99EB000
|
heap
|
page read and write
|
||
|
E21000
|
unkown
|
page execute read
|
||
|
2D1F000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
unkown
|
page write copy
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1007000
|
unkown
|
page execute read
|
||
|
530E000
|
stack
|
page read and write
|
||
|
53CF000
|
stack
|
page read and write
|
||
|
1084000
|
unkown
|
page read and write
|
||
|
6690000
|
heap
|
page read and write
|
||
|
2D0A000
|
trusted library allocation
|
page read and write
|
||
|
4D7E000
|
unkown
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
2A530876000
|
direct allocation
|
page read and write
|
||
|
70DD000
|
stack
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
1F3DD170000
|
heap
|
page read and write
|
||
|
6709000
|
heap
|
page read and write
|
||
|
27CA000
|
trusted library allocation
|
page read and write
|
||
|
2A534F86000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
unkown
|
page execute read
|
||
|
2A53083D000
|
direct allocation
|
page read and write
|
||
|
2AF9000
|
trusted library allocation
|
page read and write
|
||
|
280F000
|
trusted library allocation
|
page read and write
|
||
|
2A530700000
|
direct allocation
|
page execute and read and write
|
||
|
2A535302000
|
unkown
|
page read and write
|
||
|
27B8000
|
trusted library allocation
|
page read and write
|
||
|
2A530936000
|
direct allocation
|
page read and write
|
||
|
EAA000
|
unkown
|
page execute read
|
||
|
4C64000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
1F3DB493000
|
direct allocation
|
page read and write
|
||
|
2A534DF0000
|
heap
|
page read and write
|
||
|
108E000
|
unkown
|
page read and write
|
||
|
5CD0000
|
trusted library allocation
|
page read and write
|
||
|
1F3D9BC0000
|
heap
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
2CD9000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
1F3DE62E000
|
heap
|
page read and write
|
||
|
12DE000
|
unkown
|
page read and write
|
||
|
57E1000
|
unkown
|
page read and write
|
||
|
4C83000
|
heap
|
page read and write
|
||
|
11F4000
|
unkown
|
page execute read
|
||
|
10BE000
|
unkown
|
page read and write
|
||
|
D00000
|
unkown
|
page readonly
|
||
|
96A000
|
heap
|
page read and write
|
||
|
5CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
125B000
|
unkown
|
page write copy
|
||
|
3EB1000
|
trusted library allocation
|
page read and write
|
||
|
1F3DB446000
|
direct allocation
|
page read and write
|
||
|
FFA000
|
unkown
|
page execute read
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
44DD000
|
heap
|
page read and write
|
||
|
12E1000
|
unkown
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
2C03000
|
trusted library allocation
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
1277000
|
unkown
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
1291000
|
unkown
|
page write copy
|
||
|
124F000
|
unkown
|
page read and write
|
||
|
2A530886000
|
direct allocation
|
page read and write
|
||
|
2A5307FD000
|
heap
|
page read and write
|
||
|
3815000
|
trusted library allocation
|
page read and write
|
||
|
127C000
|
unkown
|
page read and write
|
||
|
C72000
|
unkown
|
page execute read
|
||
|
2A530839000
|
direct allocation
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
C6F000
|
unkown
|
page execute read
|
||
|
4718000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
unkown
|
page read and write
|
||
|
6BDA000
|
stack
|
page read and write
|
||
|
10F9000
|
unkown
|
page read and write
|
||
|
2BEC000
|
trusted library allocation
|
page read and write
|
||
|
27D3000
|
trusted library allocation
|
page read and write
|
||
|
2A53094C000
|
direct allocation
|
page read and write
|
||
|
10A7000
|
unkown
|
page read and write
|
||
|
4600000
|
heap
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
6F8000
|
stack
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
DA6000
|
unkown
|
page execute read
|
||
|
5204000
|
trusted library allocation
|
page read and write
|
||
|
3875000
|
trusted library allocation
|
page read and write
|
||
|
2A5306E0000
|
heap
|
page read and write
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page read and write
|
||
|
2A53083F000
|
direct allocation
|
page read and write
|
||
|
5FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F47000
|
unkown
|
page execute read
|
||
|
669E000
|
heap
|
page read and write
|
||
|
C31000
|
unkown
|
page execute read
|
||
|
6731000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
2DDB000
|
trusted library allocation
|
page read and write
|
||
|
2921000
|
trusted library allocation
|
page read and write
|
||
|
2CB1000
|
trusted library allocation
|
page read and write
|
||
|
4D22000
|
trusted library allocation
|
page read and write
|
||
|
2A0F000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
E5A000
|
unkown
|
page execute read
|
||
|
1F3D9890000
|
heap
|
page read and write
|
||
|
1F3D9970000
|
heap
|
page read and write
|
||
|
2A3B000
|
trusted library allocation
|
page read and write
|
||
|
68E0000
|
trusted library allocation
|
page read and write
|
There are 886 hidden memdumps, click here to show them.