Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RqYh.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RqYh.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpA5C1.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\oJSnAkAh.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\oJSnAkAh.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Remcos\remcos.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\oJSnAkAh.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\remcos.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_emxqh424.uri.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fgw3qlex.q24.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g4wdaghu.jfz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g5ms1lao.ow3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ku2od1u1.3xp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lbxoog1k.h0o.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uagmzbfa.igw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ulrbyhwc.m1d.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpB8EC.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Remcos\remcos.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RqYh.exe
|
"C:\Users\user\Desktop\RqYh.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\RqYh.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\oJSnAkAh.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\oJSnAkAh" /XML "C:\Users\user\AppData\Local\Temp\tmpA5C1.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\ProgramData\Remcos\remcos.exe
|
"C:\ProgramData\Remcos\remcos.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\oJSnAkAh.exe
|
C:\Users\user\AppData\Roaming\oJSnAkAh.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\oJSnAkAh" /XML "C:\Users\user\AppData\Local\Temp\tmpB8EC.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Remcos\remcos.exe
|
"C:\Users\user\AppData\Roaming\Remcos\remcos.exe"
|
|
|
|
C:\ProgramData\Remcos\remcos.exe
|
"C:\ProgramData\Remcos\remcos.exe"
|
|
|
|
C:\ProgramData\Remcos\remcos.exe
|
"C:\ProgramData\Remcos\remcos.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Remcos\remcos.exe
|
"C:\Users\user\AppData\Roaming\Remcos\remcos.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 13 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
rodri.selfip.net
|
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://go.microsoft.c
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 20 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Rmc-B6J50C
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Rmc-B6J50C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
Rmc-B6J50C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
Rmc-B6J50C
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4E45000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
446C000
|
trusted library allocation
|
page read and write
|
|
|
|
D80000
|
heap
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
5C10000
|
heap
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
5210000
|
heap
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
304D000
|
heap
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
95C000
|
stack
|
page read and write
|
||
|
1438000
|
heap
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
1830000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
14D6000
|
trusted library allocation
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
435D000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
C37E000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
F0F000
|
stack
|
page read and write
|
||
|
16E5000
|
trusted library allocation
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page execute and read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
30D0000
|
heap
|
page execute and read and write
|
||
|
8BEE000
|
stack
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
59C0000
|
trusted library allocation
|
page read and write
|
||
|
BB3E000
|
stack
|
page read and write
|
||
|
537E000
|
stack
|
page read and write
|
||
|
BCDE000
|
stack
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
C5FE000
|
stack
|
page read and write
|
||
|
344D000
|
trusted library allocation
|
page read and write
|
||
|
27E6000
|
heap
|
page read and write
|
||
|
7C50000
|
heap
|
page read and write
|
||
|
44FE000
|
trusted library allocation
|
page read and write
|
||
|
793E000
|
stack
|
page read and write
|
||
|
1830000
|
trusted library allocation
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5800000
|
heap
|
page execute and read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
C27E000
|
stack
|
page read and write
|
||
|
161B000
|
trusted library allocation
|
page execute and read and write
|
||
|
42F9000
|
trusted library allocation
|
page read and write
|
||
|
78B6000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
D17000
|
heap
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
5880000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC9C000
|
stack
|
page read and write
|
||
|
12F8000
|
stack
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
1269000
|
trusted library allocation
|
page read and write
|
||
|
2443000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
14D4000
|
trusted library allocation
|
page read and write
|
||
|
5C20000
|
heap
|
page read and write
|
||
|
D72000
|
heap
|
page read and write
|
||
|
13F3000
|
heap
|
page read and write
|
||
|
43B3000
|
trusted library allocation
|
page read and write
|
||
|
32C1000
|
trusted library allocation
|
page read and write
|
||
|
1253000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
935E000
|
stack
|
page read and write
|
||
|
2F43000
|
trusted library allocation
|
page read and write
|
||
|
44E6000
|
trusted library allocation
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C05000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
2C5E000
|
unkown
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
4DAD000
|
trusted library allocation
|
page read and write
|
||
|
9BC000
|
stack
|
page read and write
|
||
|
2450000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
25F0000
|
trusted library allocation
|
page read and write
|
||
|
168E000
|
stack
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
heap
|
page execute and read and write
|
||
|
C610000
|
trusted library allocation
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
33E2000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
7F0F000
|
heap
|
page read and write
|
||
|
144B000
|
trusted library allocation
|
page execute and read and write
|
||
|
11EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EFA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
738000
|
stack
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
5C62000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
17BE000
|
stack
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
23AA000
|
stack
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page read and write
|
||
|
59B4000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
96DE000
|
stack
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
A9E000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
178B000
|
trusted library allocation
|
page read and write
|
||
|
91D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
1585000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page execute and read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
2E2B000
|
stack
|
page read and write
|
||
|
7E74000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
1A87000
|
heap
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
4429000
|
trusted library allocation
|
page read and write
|
||
|
2D6C000
|
stack
|
page read and write
|
||
|
7C4D000
|
stack
|
page read and write
|
||
|
3337000
|
trusted library allocation
|
page read and write
|
||
|
8E2E000
|
stack
|
page read and write
|
||
|
16CB000
|
stack
|
page read and write
|
||
|
D29000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
4329000
|
trusted library allocation
|
page read and write
|
||
|
175E000
|
stack
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
D61000
|
heap
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
15DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
4281000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
trusted library allocation
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
15ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
246B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D35000
|
trusted library allocation
|
page read and write
|
||
|
11C3000
|
trusted library allocation
|
page read and write
|
||
|
1864000
|
heap
|
page read and write
|
||
|
BE1E000
|
stack
|
page read and write
|
||
|
128B000
|
trusted library allocation
|
page execute and read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1760000
|
trusted library allocation
|
page read and write
|
||
|
1617000
|
trusted library allocation
|
page execute and read and write
|
||
|
5980000
|
trusted library allocation
|
page execute and read and write
|
||
|
F8C000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
1724000
|
heap
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
2449000
|
trusted library allocation
|
page read and write
|
||
|
15D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
5328000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page execute and read and write
|
||
|
7EF8000
|
heap
|
page read and write
|
||
|
3163000
|
trusted library allocation
|
page read and write
|
||
|
5BF0000
|
heap
|
page read and write
|
||
|
8E6E000
|
stack
|
page read and write
|
||
|
17C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
446D000
|
trusted library allocation
|
page read and write
|
||
|
4319000
|
trusted library allocation
|
page read and write
|
||
|
1367000
|
stack
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
17CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5872000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
EE2000
|
unkown
|
page readonly
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page read and write
|
||
|
4D4E000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30AB000
|
trusted library allocation
|
page read and write
|
||
|
5C4E000
|
heap
|
page read and write
|
||
|
959E000
|
stack
|
page read and write
|
||
|
7854000
|
heap
|
page read and write
|
||
|
7E8C000
|
heap
|
page read and write
|
||
|
78D6000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
14FF000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
13E8000
|
heap
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB5000
|
heap
|
page read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
11DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1732000
|
heap
|
page read and write
|
||
|
3058000
|
heap
|
page read and write
|
||
|
17FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3BC000
|
stack
|
page read and write
|
||
|
15EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
483E000
|
stack
|
page read and write
|
||
|
296D000
|
stack
|
page read and write
|
||
|
95DD000
|
stack
|
page read and write
|
||
|
97C0000
|
trusted library section
|
page read and write
|
||
|
785C000
|
heap
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
51BD000
|
stack
|
page read and write
|
||
|
972E000
|
stack
|
page read and write
|
||
|
5BD0000
|
trusted library section
|
page readonly
|
||
|
E0F000
|
heap
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
3068000
|
heap
|
page read and write
|
||
|
D36000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page execute and read and write
|
||
|
7482000
|
trusted library allocation
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
heap
|
page execute and read and write
|
||
|
2480000
|
trusted library allocation
|
page read and write
|
||
|
14EE000
|
heap
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
D62000
|
heap
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
141A000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
32AB000
|
trusted library allocation
|
page read and write
|
||
|
32BE000
|
trusted library allocation
|
page read and write
|
||
|
2897000
|
heap
|
page read and write
|
||
|
1522000
|
heap
|
page read and write
|
||
|
333C000
|
stack
|
page read and write
|
||
|
C20E000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
16F8000
|
heap
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
15F9000
|
trusted library allocation
|
page read and write
|
||
|
312B000
|
stack
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page execute and read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
15B4000
|
trusted library allocation
|
page read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
750E000
|
stack
|
page read and write
|
||
|
30A8000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2DD3000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
4232000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
1788000
|
trusted library allocation
|
page read and write
|
||
|
30E1000
|
trusted library allocation
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
58D0000
|
trusted library allocation
|
page read and write
|
||
|
E62000
|
heap
|
page read and write
|
||
|
725E000
|
heap
|
page read and write
|
||
|
32C6000
|
trusted library allocation
|
page read and write
|
||
|
7EE6000
|
heap
|
page read and write
|
||
|
BF1F000
|
stack
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
576C000
|
stack
|
page read and write
|
||
|
1455000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
B69000
|
stack
|
page read and write
|
||
|
949E000
|
stack
|
page read and write
|
||
|
8CEE000
|
stack
|
page read and write
|
||
|
90DE000
|
stack
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
E9C000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
11E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1770000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
1820000
|
trusted library allocation
|
page execute and read and write
|
||
|
138E000
|
stack
|
page read and write
|
||
|
24CE000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
2D7F000
|
unkown
|
page read and write
|
||
|
2467000
|
trusted library allocation
|
page execute and read and write
|
||
|
14EA000
|
heap
|
page read and write
|
||
|
125D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A76000
|
heap
|
page read and write
|
||
|
1413000
|
trusted library allocation
|
page execute and read and write
|
||
|
322C000
|
stack
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
1254000
|
trusted library allocation
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
3C11000
|
trusted library allocation
|
page read and write
|
||
|
77CD000
|
stack
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
17D1000
|
heap
|
page read and write
|
||
|
3741000
|
trusted library allocation
|
page read and write
|
||
|
D23000
|
heap
|
page read and write
|
||
|
A63000
|
heap
|
page read and write
|
||
|
2946000
|
heap
|
page read and write
|
||
|
5218000
|
trusted library allocation
|
page read and write
|
||
|
40E1000
|
trusted library allocation
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
C05000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
CEE000
|
heap
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
3281000
|
trusted library allocation
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
15C3000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
32D2000
|
trusted library allocation
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
4C4D000
|
stack
|
page read and write
|
||
|
17A1000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
C8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
30A6000
|
trusted library allocation
|
page read and write
|
||
|
CF1000
|
heap
|
page read and write
|
||
|
1436000
|
trusted library allocation
|
page execute and read and write
|
||
|
2630000
|
heap
|
page execute and read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
25F8000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
143A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B30000
|
heap
|
page execute and read and write
|
||
|
FD7000
|
stack
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
2440000
|
trusted library allocation
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
7E80000
|
heap
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
16AE000
|
stack
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7670000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1575000
|
heap
|
page read and write
|
||
|
58F3000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
F98000
|
stack
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page execute and read and write
|
||
|
997E000
|
stack
|
page read and write
|
||
|
160A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D51000
|
heap
|
page read and write
|
||
|
5ACB000
|
stack
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
78E6000
|
heap
|
page read and write
|
||
|
8D2E000
|
stack
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
18EE000
|
stack
|
page read and write
|
||
|
1452000
|
heap
|
page read and write
|
||
|
54BC000
|
stack
|
page read and write
|
||
|
1A80000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
2741000
|
trusted library allocation
|
page read and write
|
||
|
1853000
|
heap
|
page read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
CF8000
|
stack
|
page read and write
|
||
|
890000
|
unkown
|
page readonly
|
||
|
31C2000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
1718000
|
heap
|
page read and write
|
||
|
7868000
|
heap
|
page read and write
|
||
|
2D9A000
|
heap
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
13F9000
|
heap
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
4535000
|
trusted library allocation
|
page read and write
|
||
|
17D3000
|
trusted library allocation
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
31C9000
|
trusted library allocation
|
page read and write
|
||
|
126A000
|
stack
|
page read and write
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
5934000
|
trusted library section
|
page readonly
|
||
|
31CF000
|
trusted library allocation
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
2BE0000
|
trusted library allocation
|
page read and write
|
||
|
2BE8000
|
trusted library allocation
|
page read and write
|
||
|
7EF80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
13FF000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
7250000
|
heap
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
2DAD000
|
stack
|
page read and write
|
||
|
AC3000
|
heap
|
page read and write
|
||
|
15E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1263000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
trusted library section
|
page readonly
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
BB9B000
|
stack
|
page read and write
|
||
|
C4BC000
|
stack
|
page read and write
|
||
|
892000
|
unkown
|
page readonly
|
||
|
5C64000
|
heap
|
page read and write
|
||
|
1417000
|
heap
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
15CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
7EB2000
|
heap
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
C4FE000
|
stack
|
page read and write
|
||
|
17D9000
|
trusted library allocation
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
5870000
|
trusted library allocation
|
page read and write
|
||
|
236D000
|
stack
|
page read and write
|
||
|
4321000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
931F000
|
stack
|
page read and write
|
||
|
57B0000
|
heap
|
page execute and read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
53AC000
|
stack
|
page read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
2603000
|
trusted library allocation
|
page read and write
|
||
|
7E70000
|
heap
|
page read and write
|
||
|
245A000
|
trusted library allocation
|
page execute and read and write
|
||
|
C83000
|
trusted library allocation
|
page execute and read and write
|
||
|
78AC000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
1423000
|
trusted library allocation
|
page read and write
|
||
|
15B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
2BF3000
|
trusted library allocation
|
page read and write
|
||
|
1860000
|
heap
|
page read and write
|
||
|
276F000
|
unkown
|
page read and write
|
||
|
5EA0000
|
trusted library allocation
|
page read and write
|
||
|
A69000
|
heap
|
page read and write
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
127A000
|
trusted library allocation
|
page execute and read and write
|
||
|
E1B000
|
heap
|
page read and write
|
||
|
BDDE000
|
stack
|
page read and write
|
||
|
31E0000
|
trusted library allocation
|
page read and write
|
||
|
E6D000
|
stack
|
page read and write
|
||
|
5C90000
|
trusted library allocation
|
page read and write
|
||
|
2510000
|
trusted library allocation
|
page execute and read and write
|
||
|
3281000
|
trusted library allocation
|
page read and write
|
||
|
31CB000
|
trusted library allocation
|
page read and write
|
||
|
119F000
|
stack
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
5C60000
|
heap
|
page read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
D08000
|
heap
|
page read and write
|
||
|
33FB000
|
trusted library allocation
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
7A3E000
|
stack
|
page read and write
|
||
|
16DE000
|
stack
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
756D000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
15E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
15E4000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
7B4D000
|
stack
|
page read and write
|
||
|
D2A000
|
heap
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1405000
|
heap
|
page read and write
|
||
|
587B000
|
trusted library allocation
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
312E000
|
trusted library allocation
|
page read and write
|
||
|
DE4000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
2520000
|
trusted library allocation
|
page read and write
|
||
|
7515000
|
trusted library allocation
|
page read and write
|
||
|
15F3000
|
trusted library allocation
|
page read and write
|
||
|
3E71000
|
trusted library allocation
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
181B000
|
stack
|
page read and write
|
||
|
2C11000
|
trusted library allocation
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
7864000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
2BEB000
|
trusted library allocation
|
page read and write
|
||
|
A6B000
|
stack
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
3136000
|
trusted library allocation
|
page read and write
|
||
|
C84000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
17F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
272D000
|
unkown
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page execute and read and write
|
||
|
7AEE000
|
stack
|
page read and write
|
||
|
2DAD000
|
heap
|
page read and write
|
||
|
1287000
|
trusted library allocation
|
page execute and read and write
|
||
|
25FB000
|
trusted library allocation
|
page read and write
|
||
|
32CD000
|
trusted library allocation
|
page read and write
|
||
|
2DCB000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
2C7D000
|
stack
|
page read and write
|
||
|
313D000
|
trusted library allocation
|
page read and write
|
||
|
945E000
|
stack
|
page read and write
|
||
|
76B000
|
stack
|
page read and write
|
||
|
5879000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
29AA000
|
stack
|
page read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
154F000
|
heap
|
page read and write
|
||
|
15BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
911E000
|
stack
|
page read and write
|
||
|
17F0000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
58C0000
|
trusted library allocation
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
1414000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
25F6000
|
trusted library allocation
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
12ED000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
15D2000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
921E000
|
stack
|
page read and write
|
||
|
2C6C000
|
stack
|
page read and write
|
||
|
1820000
|
trusted library allocation
|
page read and write
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
1447000
|
trusted library allocation
|
page execute and read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page execute and read and write
|
||
|
52BD000
|
stack
|
page read and write
|
||
|
7A60000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
30EF000
|
stack
|
page read and write
|
||
|
5D90000
|
heap
|
page read and write
|
||
|
92FF000
|
stack
|
page read and write
|
||
|
344B000
|
trusted library allocation
|
page read and write
|
||
|
7E7C000
|
heap
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
3391000
|
trusted library allocation
|
page read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
15A2000
|
heap
|
page read and write
|
||
|
1514000
|
heap
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
heap
|
page execute and read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
17C4000
|
trusted library allocation
|
page read and write
|
||
|
5AF0000
|
heap
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
7D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
5770000
|
heap
|
page execute and read and write
|
||
|
13AF000
|
stack
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
1786000
|
trusted library allocation
|
page read and write
|
||
|
1453000
|
heap
|
page read and write
|
||
|
2E71000
|
trusted library allocation
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
766D000
|
stack
|
page read and write
|
||
|
15E2000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page execute and read and write
|
||
|
16FE000
|
heap
|
page read and write
|
||
|
7892000
|
heap
|
page read and write
|
||
|
17EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
1404000
|
heap
|
page read and write
|
||
|
13EE000
|
heap
|
page read and write
|
||
|
EDA000
|
stack
|
page read and write
|
||
|
8F6E000
|
stack
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
5C00000
|
heap
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
CF8000
|
stack
|
page read and write
|
||
|
1835000
|
trusted library allocation
|
page read and write
|
||
|
7A40000
|
trusted library section
|
page read and write
|
||
|
59E0000
|
heap
|
page read and write
|
||
|
178F000
|
heap
|
page read and write
|
||
|
E14000
|
heap
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
63C000
|
stack
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
2DC8000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
311B000
|
trusted library allocation
|
page read and write
|
There are 647 hidden memdumps, click here to show them.