Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BQ_PO#385995.exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BQ_PO#385995.exe_b974f67a2c796a6f9bd6ecce2de723dcbcdfac3_45f15e28_5f77f4b6-d5ff-4795-9efd-79a7e8533f98\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\qcbure.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF531.tmp.dmp
|
Mini DuMP crash report, 16 streams, Fri Dec 6 03:11:56 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF66A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF68B.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5yievlcq.wkx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a0kli2il.hnc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fb1aurkj.cm3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_igpuwiqf.szw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mk51wkjn.15f.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n1s5cd42.gfd.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_thahkatr.dzn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u10kdqfb.sxt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\BQ_PO#385995.exe
|
"C:\Users\user\Desktop\BQ_PO#385995.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'AddInProcess32.exe'
|
|
|
|
C:\Users\user\AppData\Local\Temp\qcbure.exe
|
"C:\Users\user\AppData\Local\Temp\qcbure.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7412 -s 1044
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
69.174.100.131
|
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
https://system.data.sqlite.org/X
|
unknown
|
||
|
https://www.newtonsoft.com/json
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.228$
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:287400%0D%0ADate%20and%20Time:%2007/12/2024%20/%2000:45:34%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20287400%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
https://urn.to/r/sds_seeaCould
|
unknown
|
||
|
https://api.telegram.org/bot7721085569:AAH1tkciy-nKykIEUNjOAUsItTcvNCVmFLo/sendDocument?chat_id=6236
|
unknown
|
||
|
https://api.telegram.org/bot7721085569:AAH1tkciy-nKykIEUNjOAUsItTcvNCVmFLo/sendDocument?chat_id=6236275763&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0ACookies%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:287400%0D%0ADate%20a
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.228
|
104.21.67.152
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
https://api.telegram.org/bot7721085569:AAH1tkciy-nKykIEUNjOAUsItTcvNCVmFLo/sendDocument?chat_id=6236275763&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0APW%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://james.newtonking.com/projects/json
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?L
|
unknown
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://www.newtonsoft.com/jsonschema
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://www.nuget.org/packages/Newtonsoft.Json.Bson
|
unknown
|
||
|
https://urn.to/r/sds_see
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
https://system.data.sqlite.org/
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
There are 42 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
104.21.67.152
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
checkip.dyndns.com
|
158.101.44.242
|
||
|
checkip.dyndns.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
69.174.100.131
|
unknown
|
United States
|
|
|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
104.21.67.152
|
reallyfreegeoip.org
|
United States
|
||
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\4890100B551F5792D1B3
|
97D084DBAF65E0395221928BE84907C5DFC51D8E0B9D8C8CAD659E49E821BD61
|
||
|
HKEY_CURRENT_USER\SOFTWARE\4890100B551F5792D1B3
|
97D084DBAF65E0395221928BE84907C5DFC51D8E0B9D8C8CAD659E49E821BD61
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
ProgramId
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
FileId
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
LongPathHash
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
Name
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
OriginalFileName
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
Publisher
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
Version
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
BinFileVersion
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
BinaryType
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
ProductName
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
ProductVersion
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
LinkDate
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
BinProductVersion
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
Size
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
Language
|
||
|
\REGISTRY\A\{76ab1394-9640-10f2-fe43-71849bedb5bf}\Root\InventoryApplicationFile\bq_po#385995.exe|152c3674fc32928e
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qcbure_RASMANCS
|
FileDirectory
|
There are 26 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
26761126000
|
trusted library allocation
|
page read and write
|
|
|
|
3475000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
6F80000
|
trusted library section
|
page read and write
|
|
|
|
30E1000
|
trusted library allocation
|
page read and write
|
|
|
|
26760E4C000
|
trusted library allocation
|
page read and write
|
|
|
|
FE2000
|
unkown
|
page readonly
|
|
|
|
32F1000
|
trusted library allocation
|
page read and write
|
|
|
|
42FE000
|
stack
|
page read and write
|
||
|
4E1A000
|
trusted library allocation
|
page read and write
|
||
|
7259000
|
heap
|
page read and write
|
||
|
57D6000
|
trusted library allocation
|
page read and write
|
||
|
8010000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F8D000
|
trusted library allocation
|
page read and write
|
||
|
6B77000
|
heap
|
page read and write
|
||
|
3506000
|
trusted library allocation
|
page read and write
|
||
|
4AEF000
|
trusted library allocation
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
2675F3F6000
|
heap
|
page read and write
|
||
|
42FB000
|
trusted library allocation
|
page read and write
|
||
|
85AE000
|
stack
|
page read and write
|
||
|
40E7000
|
trusted library allocation
|
page read and write
|
||
|
728000
|
stack
|
page read and write
|
||
|
7F80000
|
trusted library allocation
|
page read and write
|
||
|
750DBFE000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library section
|
page read and write
|
||
|
4420000
|
trusted library allocation
|
page read and write
|
||
|
57E2000
|
trusted library allocation
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
5631000
|
trusted library allocation
|
page read and write
|
||
|
7FBA8000
|
trusted library allocation
|
page execute and read and write
|
||
|
57D1000
|
trusted library allocation
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page read and write
|
||
|
378A000
|
trusted library allocation
|
page read and write
|
||
|
1476000
|
trusted library allocation
|
page execute and read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
827E000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
7170000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2675F510000
|
trusted library allocation
|
page read and write
|
||
|
26778E00000
|
trusted library allocation
|
page read and write
|
||
|
18F0000
|
heap
|
page execute and read and write
|
||
|
4427000
|
heap
|
page read and write
|
||
|
47B1000
|
trusted library allocation
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page read and write
|
||
|
6E9E000
|
stack
|
page read and write
|
||
|
8AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
83FF000
|
trusted library allocation
|
page read and write
|
||
|
7E34000
|
heap
|
page read and write
|
||
|
6BAD000
|
trusted library allocation
|
page read and write
|
||
|
4D67000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
7204000
|
heap
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DE1000
|
heap
|
page read and write
|
||
|
670D000
|
stack
|
page read and write
|
||
|
7106000
|
trusted library allocation
|
page read and write
|
||
|
7D22000
|
trusted library allocation
|
page read and write
|
||
|
7254000
|
heap
|
page read and write
|
||
|
31DC000
|
stack
|
page read and write
|
||
|
499000
|
stack
|
page read and write
|
||
|
46A0000
|
heap
|
page execute and read and write
|
||
|
D55000
|
trusted library allocation
|
page execute and read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
1910000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
7201000
|
heap
|
page read and write
|
||
|
45FD000
|
stack
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
741E000
|
stack
|
page read and write
|
||
|
57D9000
|
trusted library allocation
|
page read and write
|
||
|
4906000
|
trusted library allocation
|
page read and write
|
||
|
6C20000
|
heap
|
page read and write
|
||
|
45C6000
|
trusted library allocation
|
page read and write
|
||
|
335B000
|
trusted library allocation
|
page read and write
|
||
|
57DB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
85F3000
|
trusted library allocation
|
page read and write
|
||
|
1932000
|
trusted library allocation
|
page read and write
|
||
|
7132000
|
trusted library allocation
|
page read and write
|
||
|
1492000
|
trusted library allocation
|
page read and write
|
||
|
6B90000
|
trusted library allocation
|
page read and write
|
||
|
6BC0000
|
heap
|
page read and write
|
||
|
4638000
|
trusted library allocation
|
page read and write
|
||
|
834D000
|
stack
|
page read and write
|
||
|
6BF0000
|
trusted library allocation
|
page read and write
|
||
|
4D6F000
|
trusted library allocation
|
page read and write
|
||
|
7E2F000
|
heap
|
page read and write
|
||
|
6D5B000
|
heap
|
page read and write
|
||
|
4420000
|
heap
|
page read and write
|
||
|
6EC000
|
stack
|
page read and write
|
||
|
6CAE000
|
stack
|
page read and write
|
||
|
5659000
|
trusted library allocation
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2675F500000
|
trusted library allocation
|
page read and write
|
||
|
6F7F000
|
stack
|
page read and write
|
||
|
34D8000
|
trusted library allocation
|
page read and write
|
||
|
44D8000
|
trusted library allocation
|
page read and write
|
||
|
750D5FE000
|
stack
|
page read and write
|
||
|
7FFD9B934000
|
trusted library allocation
|
page read and write
|
||
|
4EC5000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
trusted library allocation
|
page read and write
|
||
|
D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4631000
|
trusted library allocation
|
page read and write
|
||
|
4319000
|
trusted library allocation
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
26760EB3000
|
trusted library allocation
|
page read and write
|
||
|
824A000
|
heap
|
page read and write
|
||
|
2675F45C000
|
heap
|
page read and write
|
||
|
95F000
|
stack
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
43F0000
|
heap
|
page execute and read and write
|
||
|
1937000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FB0000
|
trusted library allocation
|
page read and write
|
||
|
7170000
|
trusted library allocation
|
page read and write
|
||
|
6DC1000
|
heap
|
page read and write
|
||
|
18F0000
|
trusted library allocation
|
page read and write
|
||
|
8150000
|
trusted library allocation
|
page read and write
|
||
|
45E7000
|
trusted library allocation
|
page read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
43B3000
|
trusted library allocation
|
page read and write
|
||
|
6CD0000
|
heap
|
page execute and read and write
|
||
|
874B000
|
stack
|
page read and write
|
||
|
7D7C000
|
heap
|
page read and write
|
||
|
468A000
|
trusted library allocation
|
page read and write
|
||
|
83E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4447000
|
trusted library allocation
|
page read and write
|
||
|
7DB2000
|
heap
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
802D000
|
trusted library allocation
|
page read and write
|
||
|
474E000
|
stack
|
page read and write
|
||
|
2675F3A0000
|
heap
|
page read and write
|
||
|
6EAE000
|
stack
|
page read and write
|
||
|
1454000
|
trusted library allocation
|
page read and write
|
||
|
8266000
|
heap
|
page read and write
|
||
|
1485000
|
heap
|
page read and write
|
||
|
43DE000
|
trusted library allocation
|
page read and write
|
||
|
4660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B959000
|
trusted library allocation
|
page read and write
|
||
|
5969000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
16D1000
|
heap
|
page read and write
|
||
|
16C4000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
680C000
|
stack
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8040000
|
trusted library allocation
|
page read and write
|
||
|
720B000
|
heap
|
page read and write
|
||
|
57EA000
|
trusted library allocation
|
page read and write
|
||
|
7D74000
|
heap
|
page read and write
|
||
|
43E4000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
372E000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
6E2E000
|
heap
|
page read and write
|
||
|
6BAB000
|
trusted library allocation
|
page read and write
|
||
|
1784000
|
heap
|
page read and write
|
||
|
70E4000
|
trusted library allocation
|
page read and write
|
||
|
6139000
|
stack
|
page read and write
|
||
|
6B97000
|
trusted library allocation
|
page read and write
|
||
|
DBC000
|
stack
|
page read and write
|
||
|
6DA2000
|
heap
|
page read and write
|
||
|
6D3B000
|
heap
|
page read and write
|
||
|
6E1F000
|
heap
|
page read and write
|
||
|
6D99000
|
heap
|
page read and write
|
||
|
721F000
|
heap
|
page read and write
|
||
|
6BBE000
|
trusted library allocation
|
page read and write
|
||
|
69EE000
|
stack
|
page read and write
|
||
|
7CFA000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
6FC6000
|
trusted library allocation
|
page read and write
|
||
|
4EC7000
|
trusted library allocation
|
page read and write
|
||
|
7430000
|
trusted library allocation
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
8B0000
|
trusted library allocation
|
page read and write
|
||
|
49D000
|
stack
|
page read and write
|
||
|
6FAF000
|
stack
|
page read and write
|
||
|
7D60000
|
heap
|
page read and write
|
||
|
7B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7170000
|
trusted library allocation
|
page read and write
|
||
|
80EF000
|
stack
|
page read and write
|
||
|
75A3000
|
trusted library allocation
|
page read and write
|
||
|
883000
|
trusted library allocation
|
page execute and read and write
|
||
|
750D7FE000
|
stack
|
page read and write
|
||
|
2675F17A000
|
unkown
|
page readonly
|
||
|
7030000
|
trusted library allocation
|
page execute and read and write
|
||
|
2675F170000
|
unkown
|
page readonly
|
||
|
7130000
|
trusted library allocation
|
page read and write
|
||
|
462B000
|
trusted library allocation
|
page read and write
|
||
|
4655000
|
trusted library allocation
|
page read and write
|
||
|
85EE000
|
stack
|
page read and write
|
||
|
35DE000
|
trusted library allocation
|
page read and write
|
||
|
6280000
|
heap
|
page read and write
|
||
|
167F000
|
stack
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
D39000
|
trusted library allocation
|
page read and write
|
||
|
4D13000
|
trusted library allocation
|
page read and write
|
||
|
2675F41A000
|
heap
|
page read and write
|
||
|
453B000
|
stack
|
page read and write
|
||
|
6150000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
33A5000
|
trusted library allocation
|
page read and write
|
||
|
26770DD1000
|
trusted library allocation
|
page read and write
|
||
|
70DD000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page readonly
|
||
|
7140000
|
trusted library allocation
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
7C50000
|
heap
|
page read and write
|
||
|
45A6000
|
trusted library allocation
|
page read and write
|
||
|
8560000
|
trusted library allocation
|
page read and write
|
||
|
1026000
|
unkown
|
page readonly
|
||
|
26779670000
|
heap
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
4428000
|
trusted library allocation
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
6DE7000
|
heap
|
page read and write
|
||
|
884F000
|
stack
|
page read and write
|
||
|
191D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4410000
|
trusted library allocation
|
page read and write
|
||
|
57DC000
|
trusted library allocation
|
page read and write
|
||
|
7D70000
|
heap
|
page read and write
|
||
|
6D30000
|
heap
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
339D000
|
trusted library allocation
|
page read and write
|
||
|
6A8C000
|
stack
|
page read and write
|
||
|
6E1E000
|
stack
|
page read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
83CC000
|
stack
|
page read and write
|
||
|
7130000
|
trusted library allocation
|
page read and write
|
||
|
154C000
|
stack
|
page read and write
|
||
|
548D000
|
stack
|
page read and write
|
||
|
6160000
|
heap
|
page read and write
|
||
|
6E5C000
|
stack
|
page read and write
|
||
|
6CE6000
|
trusted library allocation
|
page read and write
|
||
|
6BF2000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
45E9000
|
trusted library allocation
|
page read and write
|
||
|
5C7E000
|
stack
|
page read and write
|
||
|
8229000
|
heap
|
page read and write
|
||
|
2675F395000
|
heap
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
17D7000
|
heap
|
page read and write
|
||
|
4DB6000
|
trusted library allocation
|
page read and write
|
||
|
52F8000
|
trusted library allocation
|
page read and write
|
||
|
72E1000
|
heap
|
page read and write
|
||
|
6CD5000
|
heap
|
page execute and read and write
|
||
|
6DDA000
|
stack
|
page read and write
|
||
|
7CF7000
|
trusted library allocation
|
page read and write
|
||
|
5FFD000
|
stack
|
page read and write
|
||
|
12F8000
|
stack
|
page read and write
|
||
|
4787000
|
trusted library allocation
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page read and write
|
||
|
33AD000
|
trusted library allocation
|
page read and write
|
||
|
4813000
|
trusted library allocation
|
page read and write
|
||
|
336C000
|
trusted library allocation
|
page read and write
|
||
|
464D000
|
trusted library allocation
|
page read and write
|
||
|
F5B000
|
stack
|
page read and write
|
||
|
468C000
|
stack
|
page read and write
|
||
|
81E0000
|
heap
|
page read and write
|
||
|
46F0000
|
trusted library allocation
|
page read and write
|
||
|
69AA000
|
stack
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
1904000
|
trusted library allocation
|
page read and write
|
||
|
80AD000
|
stack
|
page read and write
|
||
|
4647000
|
trusted library allocation
|
page read and write
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
595A000
|
trusted library allocation
|
page read and write
|
||
|
3677000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
trusted library allocation
|
page read and write
|
||
|
8400000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
trusted library allocation
|
page read and write
|
||
|
45BE000
|
stack
|
page read and write
|
||
|
6BB2000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page execute and read and write
|
||
|
57FD000
|
trusted library allocation
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
6DBD000
|
heap
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
43D6000
|
trusted library allocation
|
page read and write
|
||
|
7B9B000
|
trusted library allocation
|
page read and write
|
||
|
3395000
|
trusted library allocation
|
page read and write
|
||
|
7B90000
|
trusted library allocation
|
page read and write
|
||
|
11B7000
|
stack
|
page read and write
|
||
|
4582000
|
trusted library allocation
|
page read and write
|
||
|
4402000
|
trusted library allocation
|
page read and write
|
||
|
7D84000
|
heap
|
page read and write
|
||
|
6CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
443F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4551000
|
trusted library allocation
|
page read and write
|
||
|
813E000
|
stack
|
page read and write
|
||
|
4586000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
45B4000
|
trusted library allocation
|
page read and write
|
||
|
26760E32000
|
trusted library allocation
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page read and write
|
||
|
810E000
|
stack
|
page read and write
|
||
|
8000000
|
heap
|
page read and write
|
||
|
71FD000
|
heap
|
page read and write
|
||
|
81C2000
|
trusted library allocation
|
page read and write
|
||
|
33A1000
|
trusted library allocation
|
page read and write
|
||
|
176C000
|
stack
|
page read and write
|
||
|
1926000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
44A8000
|
trusted library allocation
|
page read and write
|
||
|
4557000
|
trusted library allocation
|
page read and write
|
||
|
7D8C000
|
heap
|
page read and write
|
||
|
4674000
|
trusted library allocation
|
page read and write
|
||
|
349A000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
1950000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
169E000
|
heap
|
page read and write
|
||
|
6E71000
|
heap
|
page read and write
|
||
|
40E1000
|
trusted library allocation
|
page read and write
|
||
|
6FDD000
|
trusted library allocation
|
page read and write
|
||
|
2675F390000
|
heap
|
page read and write
|
||
|
1903000
|
trusted library allocation
|
page execute and read and write
|
||
|
44FD000
|
stack
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
754D000
|
stack
|
page read and write
|
||
|
6CBB000
|
stack
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
7DD7000
|
heap
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
6C6D000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
26760DD1000
|
trusted library allocation
|
page read and write
|
||
|
5D2F000
|
stack
|
page read and write
|
||
|
7FFD9B954000
|
trusted library allocation
|
page read and write
|
||
|
46EC000
|
stack
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
DC7000
|
heap
|
page read and write
|
||
|
1960000
|
heap
|
page read and write
|
||
|
4109000
|
trusted library allocation
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
3649000
|
trusted library allocation
|
page read and write
|
||
|
6BEE000
|
stack
|
page read and write
|
||
|
1658000
|
heap
|
page read and write
|
||
|
7427000
|
trusted library allocation
|
page read and write
|
||
|
360E000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
CBD000
|
stack
|
page read and write
|
||
|
878E000
|
stack
|
page read and write
|
||
|
58AD000
|
stack
|
page read and write
|
||
|
40A000
|
remote allocation
|
page execute and read and write
|
||
|
3364000
|
trusted library allocation
|
page read and write
|
||
|
4124000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page read and write
|
||
|
457C000
|
trusted library allocation
|
page read and write
|
||
|
4EE7000
|
trusted library allocation
|
page read and write
|
||
|
43B1000
|
trusted library allocation
|
page read and write
|
||
|
190D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2675F3F0000
|
heap
|
page read and write
|
||
|
5961000
|
trusted library allocation
|
page read and write
|
||
|
6B80000
|
heap
|
page read and write
|
||
|
37E7000
|
trusted library allocation
|
page read and write
|
||
|
51A6000
|
trusted library allocation
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4699000
|
trusted library allocation
|
page read and write
|
||
|
4422000
|
trusted library allocation
|
page read and write
|
||
|
57E9000
|
trusted library allocation
|
page read and write
|
||
|
449F000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
7E46000
|
heap
|
page read and write
|
||
|
4DA1000
|
trusted library allocation
|
page read and write
|
||
|
26770DD7000
|
trusted library allocation
|
page read and write
|
||
|
2675F5B0000
|
heap
|
page execute and read and write
|
||
|
57E1000
|
trusted library allocation
|
page read and write
|
||
|
57B1000
|
trusted library allocation
|
page read and write
|
||
|
D7C000
|
stack
|
page read and write
|
||
|
36A4000
|
trusted library allocation
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
7F300000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EF8000
|
heap
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
7135000
|
trusted library allocation
|
page read and write
|
||
|
15D2000
|
heap
|
page read and write
|
||
|
5EFE000
|
stack
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page read and write
|
||
|
37B8000
|
trusted library allocation
|
page read and write
|
||
|
3368000
|
trusted library allocation
|
page read and write
|
||
|
86F000
|
stack
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
435D000
|
trusted library allocation
|
page read and write
|
||
|
6D2F000
|
stack
|
page read and write
|
||
|
2675F530000
|
heap
|
page execute and read and write
|
||
|
2675F360000
|
heap
|
page read and write
|
||
|
6B5E000
|
stack
|
page read and write
|
||
|
6E16000
|
heap
|
page read and write
|
||
|
D13000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BB4000
|
trusted library allocation
|
page read and write
|
||
|
43CA000
|
trusted library allocation
|
page read and write
|
||
|
15E3000
|
heap
|
page read and write
|
||
|
3700000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
1463000
|
trusted library allocation
|
page read and write
|
||
|
4F45000
|
trusted library allocation
|
page read and write
|
||
|
4D63000
|
trusted library allocation
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
4620000
|
heap
|
page read and write
|
||
|
8170000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
44E4000
|
trusted library allocation
|
page read and write
|
||
|
71C000
|
heap
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
heap
|
page execute and read and write
|
||
|
34D4000
|
trusted library allocation
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page read and write
|
||
|
D4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5215000
|
trusted library allocation
|
page read and write
|
||
|
4C51000
|
trusted library allocation
|
page read and write
|
||
|
47A0000
|
heap
|
page read and write
|
||
|
4FD7000
|
trusted library allocation
|
page read and write
|
||
|
6D70000
|
heap
|
page read and write
|
||
|
D52000
|
trusted library allocation
|
page read and write
|
||
|
7B9D000
|
trusted library allocation
|
page read and write
|
||
|
8163000
|
trusted library allocation
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
569D000
|
trusted library allocation
|
page read and write
|
||
|
8150000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
6BE5000
|
trusted library allocation
|
page read and write
|
||
|
7050000
|
trusted library allocation
|
page execute and read and write
|
||
|
70C0000
|
trusted library allocation
|
page read and write
|
||
|
32EF000
|
stack
|
page read and write
|
||
|
85F0000
|
trusted library allocation
|
page read and write
|
||
|
145D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5949000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
457E000
|
stack
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
581D000
|
trusted library allocation
|
page read and write
|
||
|
5AE0000
|
heap
|
page execute and read and write
|
||
|
18D0000
|
heap
|
page read and write
|
||
|
169A000
|
heap
|
page read and write
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
4D6B000
|
trusted library allocation
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
8274000
|
heap
|
page read and write
|
||
|
884000
|
trusted library allocation
|
page read and write
|
||
|
83CE000
|
stack
|
page read and write
|
||
|
7224000
|
heap
|
page read and write
|
||
|
356F000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
603C000
|
stack
|
page read and write
|
||
|
478E000
|
stack
|
page read and write
|
||
|
43E6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
15A7000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
4313000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BAD000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
724E000
|
heap
|
page read and write
|
||
|
D27000
|
heap
|
page read and write
|
||
|
1495000
|
trusted library allocation
|
page execute and read and write
|
||
|
2675F625000
|
heap
|
page read and write
|
||
|
6EDB000
|
stack
|
page read and write
|
||
|
334E000
|
trusted library allocation
|
page read and write
|
||
|
5D7F000
|
stack
|
page read and write
|
||
|
83F9000
|
trusted library allocation
|
page read and write
|
||
|
989000
|
heap
|
page read and write
|
||
|
72A0000
|
heap
|
page execute and read and write
|
||
|
814E000
|
stack
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
44AA000
|
trusted library allocation
|
page read and write
|
||
|
4567000
|
trusted library allocation
|
page read and write
|
||
|
4631000
|
trusted library allocation
|
page read and write
|
||
|
192A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B98B000
|
trusted library allocation
|
page read and write
|
||
|
1553000
|
heap
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
4D7C000
|
trusted library allocation
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
7E11000
|
heap
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
6F80000
|
trusted library allocation
|
page read and write
|
||
|
70DF000
|
stack
|
page read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
6B69000
|
stack
|
page read and write
|
||
|
74CF000
|
stack
|
page read and write
|
||
|
6CAE000
|
stack
|
page read and write
|
||
|
5843000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
8190000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DD2000
|
heap
|
page read and write
|
||
|
57DE000
|
trusted library allocation
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
56BD000
|
stack
|
page read and write
|
||
|
6377000
|
heap
|
page read and write
|
||
|
4555000
|
trusted library allocation
|
page read and write
|
||
|
6B70000
|
heap
|
page read and write
|
||
|
147A000
|
trusted library allocation
|
page execute and read and write
|
||
|
960000
|
heap
|
page readonly
|
||
|
6D9E000
|
heap
|
page read and write
|
||
|
742A000
|
trusted library allocation
|
page read and write
|
||
|
7C0D000
|
stack
|
page read and write
|
||
|
34DC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FCD8000
|
trusted library allocation
|
page execute and read and write
|
||
|
4690000
|
trusted library allocation
|
page execute and read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
57F6000
|
trusted library allocation
|
page read and write
|
||
|
7CAE000
|
stack
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page execute and read and write
|
||
|
2675F432000
|
heap
|
page read and write
|
||
|
4426000
|
trusted library allocation
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
6FCA000
|
trusted library allocation
|
page read and write
|
||
|
45C4000
|
trusted library allocation
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page execute and read and write
|
||
|
267795A0000
|
trusted library section
|
page read and write
|
||
|
8410000
|
trusted library allocation
|
page read and write
|
||
|
7FF423B50000
|
trusted library allocation
|
page execute and read and write
|
||
|
437C000
|
stack
|
page read and write
|
||
|
830E000
|
stack
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
8160000
|
trusted library allocation
|
page read and write
|
||
|
C06000
|
heap
|
page read and write
|
||
|
3342000
|
trusted library allocation
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page read and write
|
||
|
57C8000
|
trusted library allocation
|
page read and write
|
||
|
43AD000
|
trusted library allocation
|
page read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
7262000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
890000
|
trusted library allocation
|
page read and write
|
||
|
4617000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
1790000
|
trusted library allocation
|
page read and write
|
||
|
D28000
|
trusted library allocation
|
page read and write
|
||
|
6392000
|
heap
|
page read and write
|
||
|
2675F260000
|
heap
|
page read and write
|
||
|
870000
|
trusted library allocation
|
page read and write
|
||
|
BC7000
|
heap
|
page read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
B1F000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
6330000
|
heap
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
802B000
|
trusted library allocation
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
57D9000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
trusted library allocation
|
page read and write
|
||
|
7C4E000
|
stack
|
page read and write
|
||
|
149B000
|
trusted library allocation
|
page execute and read and write
|
||
|
71F9000
|
heap
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
36D2000
|
trusted library allocation
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
57EE000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
350F000
|
trusted library allocation
|
page read and write
|
||
|
6CE1000
|
trusted library allocation
|
page read and write
|
||
|
1900000
|
trusted library allocation
|
page read and write
|
||
|
457A000
|
trusted library allocation
|
page read and write
|
||
|
33FC000
|
trusted library allocation
|
page read and write
|
||
|
43D8000
|
trusted library allocation
|
page read and write
|
||
|
1936000
|
heap
|
page read and write
|
||
|
57F1000
|
trusted library allocation
|
page read and write
|
||
|
10B9000
|
stack
|
page read and write
|
||
|
45DE000
|
trusted library allocation
|
page read and write
|
||
|
2675F3FC000
|
heap
|
page read and write
|
||
|
353F000
|
trusted library allocation
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
2675F513000
|
trusted library allocation
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
7D78000
|
heap
|
page read and write
|
||
|
6A2E000
|
stack
|
page read and write
|
||
|
8D0000
|
trusted library allocation
|
page read and write
|
||
|
267795B7000
|
trusted library section
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
88D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7000000
|
trusted library allocation
|
page execute and read and write
|
||
|
7211000
|
heap
|
page read and write
|
||
|
1920000
|
trusted library allocation
|
page read and write
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
193B000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE0000
|
trusted library section
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
6E50000
|
trusted library allocation
|
page read and write
|
||
|
6CDE000
|
trusted library allocation
|
page read and write
|
||
|
2675F620000
|
heap
|
page read and write
|
||
|
491B000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
stack
|
page read and write
|
||
|
7CEE000
|
stack
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
7190000
|
trusted library allocation
|
page read and write
|
||
|
4E1C000
|
trusted library allocation
|
page read and write
|
||
|
1453000
|
trusted library allocation
|
page execute and read and write
|
||
|
18E0000
|
trusted library allocation
|
page read and write
|
||
|
7180000
|
trusted library allocation
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
750D9FF000
|
stack
|
page read and write
|
||
|
6BC0000
|
trusted library allocation
|
page read and write
|
||
|
456E000
|
trusted library allocation
|
page read and write
|
||
|
71CC000
|
heap
|
page read and write
|
||
|
D14000
|
trusted library allocation
|
page read and write
|
||
|
464A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1890000
|
heap
|
page read and write
|
||
|
6DBA000
|
heap
|
page read and write
|
||
|
7190000
|
heap
|
page read and write
|
||
|
2675F570000
|
heap
|
page read and write
|
||
|
42F1000
|
trusted library allocation
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D72000
|
heap
|
page read and write
|
||
|
8B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FCC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
750D1A3000
|
stack
|
page read and write
|
||
|
33D9000
|
trusted library allocation
|
page read and write
|
||
|
375C000
|
trusted library allocation
|
page read and write
|
||
|
7FB90000
|
trusted library allocation
|
page execute and read and write
|
||
|
4695000
|
trusted library allocation
|
page read and write
|
||
|
880E000
|
stack
|
page read and write
|
||
|
65CD000
|
stack
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
458A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
16EC000
|
stack
|
page read and write
|
||
|
80F0000
|
heap
|
page read and write
|
||
|
750D4FF000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
15EF000
|
heap
|
page read and write
|
||
|
7D88000
|
heap
|
page read and write
|
||
|
6B2D000
|
stack
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
1497000
|
trusted library allocation
|
page execute and read and write
|
||
|
750DAFF000
|
stack
|
page read and write
|
||
|
4400000
|
trusted library allocation
|
page read and write
|
||
|
7BA0000
|
trusted library allocation
|
page read and write
|
||
|
6C7D000
|
stack
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
7E44000
|
heap
|
page read and write
|
||
|
43C3000
|
trusted library allocation
|
page read and write
|
||
|
463C000
|
trusted library allocation
|
page read and write
|
||
|
6E6E000
|
stack
|
page read and write
|
||
|
7D00000
|
trusted library allocation
|
page read and write
|
||
|
6E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EE3000
|
trusted library allocation
|
page read and write
|
||
|
3399000
|
trusted library allocation
|
page read and write
|
||
|
6CD0000
|
trusted library allocation
|
page read and write
|
||
|
4610000
|
heap
|
page execute and read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
43E2000
|
trusted library allocation
|
page read and write
|
||
|
44FC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
5143000
|
trusted library allocation
|
page read and write
|
||
|
1922000
|
trusted library allocation
|
page read and write
|
||
|
2675F3E0000
|
trusted library allocation
|
page read and write
|
||
|
4576000
|
trusted library allocation
|
page read and write
|
||
|
6A2B000
|
stack
|
page read and write
|
||
|
8160000
|
trusted library allocation
|
page read and write
|
||
|
163C000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
FE0000
|
unkown
|
page readonly
|
||
|
73D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
34E2000
|
trusted library allocation
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
6B60000
|
heap
|
page execute and read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
81DD000
|
stack
|
page read and write
|
||
|
838E000
|
stack
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
433E000
|
stack
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
4487000
|
trusted library allocation
|
page read and write
|
||
|
17A7000
|
trusted library allocation
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
87CD000
|
stack
|
page read and write
|
||
|
7B70000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
70E0000
|
trusted library allocation
|
page read and write
|
||
|
4DB8000
|
trusted library allocation
|
page read and write
|
||
|
6EE0000
|
heap
|
page read and write
|
||
|
6FC4000
|
trusted library allocation
|
page read and write
|
||
|
34E7000
|
trusted library allocation
|
page read and write
|
||
|
6D1E000
|
stack
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
6D9D000
|
stack
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
4438000
|
trusted library allocation
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library section
|
page read and write
|
||
|
870D000
|
stack
|
page read and write
|
||
|
4678000
|
trusted library allocation
|
page read and write
|
||
|
33FE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
970000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B30000
|
heap
|
page read and write
|
||
|
6DA4000
|
heap
|
page read and write
|
||
|
2675F5C0000
|
trusted library section
|
page read and write
|
||
|
6AAD000
|
stack
|
page read and write
|
||
|
2675F172000
|
unkown
|
page readonly
|
||
|
1935000
|
trusted library allocation
|
page execute and read and write
|
||
|
2675F340000
|
heap
|
page read and write
|
||
|
43BE000
|
stack
|
page read and write
|
||
|
6BB7000
|
heap
|
page read and write
|
||
|
18DE000
|
stack
|
page read and write
|
||
|
146D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6908000
|
stack
|
page read and write
|
||
|
750E000
|
stack
|
page read and write
|
||
|
8230000
|
heap
|
page read and write
|
||
|
464F000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
750D6FE000
|
stack
|
page read and write
|
||
|
3359000
|
trusted library allocation
|
page read and write
|
||
|
34DA000
|
trusted library allocation
|
page read and write
|
||
|
8259000
|
heap
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
4D1D000
|
trusted library allocation
|
page read and write
|
||
|
6BD3000
|
heap
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
4588000
|
trusted library allocation
|
page read and write
|
||
|
8219000
|
heap
|
page read and write
|
||
|
2675F42F000
|
heap
|
page read and write
|
||
|
6E30000
|
trusted library allocation
|
page read and write
|
||
|
6B89000
|
stack
|
page read and write
|
||
|
B6C000
|
heap
|
page read and write
|
||
|
50FD000
|
trusted library allocation
|
page read and write
|
||
|
4691000
|
trusted library allocation
|
page read and write
|
||
|
6B65000
|
heap
|
page execute and read and write
|
||
|
82C9000
|
stack
|
page read and write
|
||
|
750D8FD000
|
stack
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
43D2000
|
trusted library allocation
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
50E8000
|
trusted library allocation
|
page read and write
|
||
|
51C8000
|
trusted library allocation
|
page read and write
|
||
|
8030000
|
heap
|
page read and write
|
||
|
899000
|
trusted library allocation
|
page read and write
|
||
|
34B6000
|
trusted library allocation
|
page read and write
|
||
|
2675F45A000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
71E7000
|
heap
|
page read and write
|
||
|
82E000
|
stack
|
page read and write
|
||
|
821E000
|
heap
|
page read and write
|
||
|
4BAB000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
7070000
|
trusted library section
|
page read and write
|
||
|
7DE8000
|
heap
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
6A6E000
|
stack
|
page read and write
|
||
|
715E000
|
stack
|
page read and write
|
||
|
8020000
|
trusted library allocation
|
page read and write
|
||
|
7150000
|
trusted library allocation
|
page read and write
|
There are 784 hidden memdumps, click here to show them.