Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
WiJVUxlOHs.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files\Reference Assemblies\Microsoft\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Reference Assemblies\Microsoft\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files\Windows Media Player\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows NT\TableTextService\en-US\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows NT\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files\Windows Sidebar\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\spoolsv.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\spoolsv.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\dllhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\dllhost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\WiJVUxlOHs.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Fonts\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Provisioning\hVZrtkHODdjkrqRpmkkd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Reference Assemblies\Microsoft\13a54417f66e9d
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Media Player\13a54417f66e9d
|
ASCII text, with very long lines (440), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Media Player\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows NT\13a54417f66e9d
|
ASCII text, with very long lines (628), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows NT\TableTextService\en-US\13a54417f66e9d
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows NT\TableTextService\en-US\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows NT\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows Portable Devices\eddb19405b7ce1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Sidebar\13a54417f66e9d
|
ASCII text, with very long lines (617), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Sidebar\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\13a54417f66e9d
|
ASCII text, with very long lines (861), with no line terminators
|
dropped
|
||
|
C:\ProgramData\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\13a54417f66e9d
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\f3b6ecef712a24
|
ASCII text, with very long lines (552), with no line terminators
|
dropped
|
||
|
C:\Recovery\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\5940a34987c991
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\backgroundTaskHost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\dllhost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Windows\Fonts\13a54417f66e9d
|
ASCII text, with very long lines (789), with no line terminators
|
dropped
|
||
|
C:\Windows\Fonts\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\13a54417f66e9d
|
ASCII text, with very long lines (379), with no line terminators
|
dropped
|
||
|
C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Provisioning\13a54417f66e9d
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Provisioning\hVZrtkHODdjkrqRpmkkd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 33 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\WiJVUxlOHs.exe
|
"C:\Users\user\Desktop\WiJVUxlOHs.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "backgroundTaskHostb" /sc MINUTE /mo 12 /tr "'C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "backgroundTaskHost" /sc ONLOGON /tr "'C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "backgroundTaskHostb" /sc MINUTE /mo 10 /tr "'C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 8 /tr "'C:\Windows\Fonts\hVZrtkHODdjkrqRpmkkd.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkd" /sc ONLOGON /tr "'C:\Windows\Fonts\hVZrtkHODdjkrqRpmkkd.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe
|
"C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 9 /tr "'C:\Windows\Fonts\hVZrtkHODdjkrqRpmkkd.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe
|
"C:\Program Files\Windows Portable Devices\backgroundTaskHost.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 6 /tr "'C:\Recovery\hVZrtkHODdjkrqRpmkkd.exe'" /f
|
|
|
|
C:\Windows\Fonts\hVZrtkHODdjkrqRpmkkd.exe
|
C:\Windows\Fonts\hVZrtkHODdjkrqRpmkkd.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkd" /sc ONLOGON /tr "'C:\Recovery\hVZrtkHODdjkrqRpmkkd.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 13 /tr "'C:\Recovery\hVZrtkHODdjkrqRpmkkd.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 11 /tr "'C:\Windows\Provisioning\hVZrtkHODdjkrqRpmkkd.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkd" /sc ONLOGON /tr "'C:\Windows\Provisioning\hVZrtkHODdjkrqRpmkkd.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 8 /tr "'C:\Windows\Provisioning\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 11 /tr "'C:\Program Files\Windows NT\TableTextService\en-US\hVZrtkHODdjkrqRpmkkd.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkd" /sc ONLOGON /tr "'C:\Program Files\Windows NT\TableTextService\en-US\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 6 /tr "'C:\Program Files\Windows NT\TableTextService\en-US\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 13 /tr "'C:\Users\Default\PrintHood\dllhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhost" /sc ONLOGON /tr "'C:\Users\Default\PrintHood\dllhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 7 /tr "'C:\Users\Default\PrintHood\dllhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 9 /tr "'C:\Program Files\Windows NT\hVZrtkHODdjkrqRpmkkd.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkd" /sc ONLOGON /tr "'C:\Program Files\Windows NT\hVZrtkHODdjkrqRpmkkd.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 6 /tr "'C:\Program Files\Windows NT\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 5 /tr "'C:\Program Files\Windows Media Player\hVZrtkHODdjkrqRpmkkd.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkd" /sc ONLOGON /tr "'C:\Program Files\Windows Media Player\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 11 /tr "'C:\Program Files\Windows Media Player\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 5 /tr "'C:\Users\All Users\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\hVZrtkHODdjkrqRpmkkd.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkd" /sc ONLOGON /tr "'C:\Users\All Users\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 8 /tr "'C:\Users\All Users\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "spoolsvs" /sc MINUTE /mo 9 /tr "'C:\Recovery\spoolsv.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "spoolsv" /sc ONLOGON /tr "'C:\Recovery\spoolsv.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "spoolsvs" /sc MINUTE /mo 7 /tr "'C:\Recovery\spoolsv.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 12 /tr "'C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\hVZrtkHODdjkrqRpmkkd.exe'"
/f
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\dllhost.exe
|
C:\Users\Default\PrintHood\dllhost.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkd" /sc ONLOGON /tr "'C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\dllhost.exe
|
C:\Users\Default\PrintHood\dllhost.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "hVZrtkHODdjkrqRpmkkdh" /sc MINUTE /mo 11 /tr "'C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\hVZrtkHODdjkrqRpmkkd.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\hVZrtkHODdjkrqRpmkkd.exe
|
C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\hVZrtkHODdjkrqRpmkkd.exe
|
|
There are 30 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\e2090904578e07786fe1690fea28168af64e4c9c
|
edf35b04f27bd8b08b57f5a78fd52874b579ece1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2CBF000
|
trusted library allocation
|
page read and write
|
|
|
|
2AE1000
|
trusted library allocation
|
page read and write
|
|
|
|
32F1000
|
trusted library allocation
|
page read and write
|
|
|
|
2C71000
|
trusted library allocation
|
page read and write
|
|
|
|
2551000
|
trusted library allocation
|
page read and write
|
|
|
|
25E1000
|
trusted library allocation
|
page read and write
|
|
|
|
2C81000
|
trusted library allocation
|
page read and write
|
|
|
|
296D000
|
trusted library allocation
|
page read and write
|
|
|
|
2B21000
|
trusted library allocation
|
page read and write
|
|
|
|
2620000
|
trusted library allocation
|
page read and write
|
|
|
|
2591000
|
trusted library allocation
|
page read and write
|
|
|
|
1255F000
|
trusted library allocation
|
page read and write
|
|
|
|
132F1000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
unkown
|
page readonly
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2896000
|
trusted library allocation
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
1B0CE000
|
stack
|
page read and write
|
||
|
7CC000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
1B86E000
|
stack
|
page read and write
|
||
|
15CB000
|
heap
|
page read and write
|
||
|
1B964000
|
stack
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B943000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
1B87D000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
690000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
33A6000
|
trusted library allocation
|
page read and write
|
||
|
105A000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
14F6000
|
stack
|
page read and write
|
||
|
1B514000
|
heap
|
page read and write
|
||
|
1AFB0000
|
trusted library section
|
page read and write
|
||
|
1265A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
132F3000
|
trusted library allocation
|
page read and write
|
||
|
1AADD000
|
stack
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
1BD63000
|
stack
|
page read and write
|
||
|
1AFAE000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
1BA77000
|
heap
|
page read and write
|
||
|
12AE1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AF1000
|
trusted library allocation
|
page read and write
|
||
|
1BA8F000
|
heap
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
1B814000
|
heap
|
page read and write
|
||
|
1B87D000
|
heap
|
page read and write
|
||
|
1B865000
|
heap
|
page read and write
|
||
|
10EA000
|
heap
|
page read and write
|
||
|
1BC90000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B8B0000
|
heap
|
page read and write
|
||
|
33B2000
|
trusted library allocation
|
page read and write
|
||
|
1BB2C000
|
heap
|
page read and write
|
||
|
1BC6E000
|
stack
|
page read and write
|
||
|
12AE3000
|
trusted library allocation
|
page read and write
|
||
|
1BC6E000
|
stack
|
page read and write
|
||
|
12558000
|
trusted library allocation
|
page read and write
|
||
|
1B9FD000
|
heap
|
page read and write
|
||
|
7FFD9B94B000
|
trusted library allocation
|
page read and write
|
||
|
1B593000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
1B511000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B986000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
7FFD9B93E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B767000
|
trusted library allocation
|
page read and write
|
||
|
1602000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
291B000
|
trusted library allocation
|
page read and write
|
||
|
1BB47000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
2D27000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C9000
|
heap
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
1BB26000
|
heap
|
page read and write
|
||
|
1BA4D000
|
heap
|
page read and write
|
||
|
1B660000
|
heap
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
13301000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
D8C000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF5000
|
heap
|
page read and write
|
||
|
843000
|
heap
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1FE000
|
stack
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
665000
|
heap
|
page read and write
|
||
|
7FFD9B941000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1AFEE000
|
stack
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
26A1000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
10EF000
|
heap
|
page read and write
|
||
|
7FFD9B93C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1BD90000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
1260A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
1B59B000
|
heap
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
1AE4E000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1B8A8000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
1BA7E000
|
stack
|
page read and write
|
||
|
7FFD9B806000
|
trusted library allocation
|
page read and write
|
||
|
1B5FF000
|
stack
|
page read and write
|
||
|
1B800000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
1AFC0000
|
heap
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
12591000
|
trusted library allocation
|
page read and write
|
||
|
1B63F000
|
stack
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
28D1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B1000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page read and write
|
||
|
125F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B947000
|
trusted library allocation
|
page read and write
|
||
|
82A000
|
heap
|
page read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCE000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B906000
|
trusted library allocation
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
1BAD9000
|
heap
|
page read and write
|
||
|
12C88000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8C1000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B2EE000
|
stack
|
page read and write
|
||
|
1B52F000
|
heap
|
page read and write
|
||
|
33A3000
|
trusted library allocation
|
page read and write
|
||
|
1566000
|
heap
|
page read and write
|
||
|
12C81000
|
trusted library allocation
|
page read and write
|
||
|
1B3EE000
|
stack
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
1B4C0000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
1B8DC000
|
heap
|
page read and write
|
||
|
2D23000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
1BA23000
|
heap
|
page read and write
|
||
|
1B818000
|
heap
|
page read and write
|
||
|
1BAE3000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
FFC000
|
heap
|
page read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
806000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
1C09F000
|
stack
|
page read and write
|
||
|
125ED000
|
trusted library allocation
|
page read and write
|
||
|
2727000
|
trusted library allocation
|
page read and write
|
||
|
1B9A9000
|
heap
|
page read and write
|
||
|
125E3000
|
trusted library allocation
|
page read and write
|
||
|
3F6000
|
stack
|
page read and write
|
||
|
7FFD9B903000
|
trusted library allocation
|
page read and write
|
||
|
1B841000
|
heap
|
page read and write
|
||
|
12A3B000
|
trusted library allocation
|
page read and write
|
||
|
1B899000
|
heap
|
page read and write
|
||
|
7FFD9B8FE000
|
trusted library allocation
|
page read and write
|
||
|
1595000
|
heap
|
page read and write
|
||
|
1AF1F000
|
stack
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
1BB01000
|
heap
|
page read and write
|
||
|
1BA64000
|
stack
|
page read and write
|
||
|
1B06D000
|
stack
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
1AF80000
|
trusted library section
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
D87000
|
heap
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
10AD000
|
heap
|
page read and write
|
||
|
2540000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
1B2F3000
|
stack
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF4016F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAC7000
|
heap
|
page read and write
|
||
|
789000
|
heap
|
page read and write
|
||
|
D3B000
|
heap
|
page read and write
|
||
|
D29000
|
heap
|
page read and write
|
||
|
12598000
|
trusted library allocation
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B968000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
1BA63000
|
stack
|
page read and write
|
||
|
1B874000
|
stack
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
7FFD9B806000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8FC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
1B936000
|
heap
|
page read and write
|
||
|
12C73000
|
trusted library allocation
|
page read and write
|
||
|
1AB6D000
|
stack
|
page read and write
|
||
|
1086000
|
heap
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
1B96E000
|
stack
|
page read and write
|
||
|
156C000
|
heap
|
page read and write
|
||
|
105C000
|
heap
|
page read and write
|
||
|
15CD000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2606000
|
trusted library allocation
|
page read and write
|
||
|
1A5C0000
|
trusted library allocation
|
page read and write
|
||
|
1BD70000
|
heap
|
page read and write
|
||
|
1B8C6000
|
heap
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B754000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
1B77F000
|
stack
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page execute and read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
77B000
|
heap
|
page read and write
|
||
|
1B82B000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12CEA000
|
trusted library allocation
|
page read and write
|
||
|
1B86F000
|
stack
|
page read and write
|
||
|
7FFD9B767000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B913000
|
trusted library allocation
|
page read and write
|
||
|
276A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1FE000
|
stack
|
page read and write
|
||
|
7FFD9B777000
|
trusted library allocation
|
page read and write
|
||
|
1B9B6000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
27F4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B943000
|
trusted library allocation
|
page read and write
|
||
|
1C293000
|
stack
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
7FFD9B797000
|
trusted library allocation
|
page read and write
|
||
|
1B920000
|
heap
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
26E4000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
9A0000
|
trusted library allocation
|
page read and write
|
||
|
33AC000
|
trusted library allocation
|
page read and write
|
||
|
D5C000
|
heap
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B8C4000
|
trusted library allocation
|
page execute and read and write
|
||
|
26AC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D39000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1B67E000
|
stack
|
page read and write
|
||
|
125A1000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B946000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8FC000
|
trusted library allocation
|
page read and write
|
||
|
1B5BA000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1BAAD000
|
heap
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
1B526000
|
heap
|
page read and write
|
||
|
1B30F000
|
stack
|
page read and write
|
||
|
1AB10000
|
trusted library allocation
|
page read and write
|
||
|
12CFA000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
1BA81000
|
heap
|
page read and write
|
||
|
102F000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
107F000
|
stack
|
page read and write
|
||
|
BBF000
|
stack
|
page read and write
|
||
|
7FFD9B752000
|
trusted library allocation
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B8BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2851000
|
trusted library allocation
|
page read and write
|
||
|
1B9C7000
|
heap
|
page read and write
|
||
|
1B3FE000
|
stack
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
1B570000
|
heap
|
page read and write
|
||
|
1B0EE000
|
stack
|
page read and write
|
||
|
2D33000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1ACA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
||
|
1C49E000
|
stack
|
page read and write
|
||
|
1259D000
|
trusted library allocation
|
page read and write
|
||
|
293C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
2704000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B991000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
1B0CE000
|
stack
|
page read and write
|
||
|
1C194000
|
stack
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
1B4FE000
|
stack
|
page read and write
|
||
|
192F000
|
stack
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
7FFD9B7A7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B901000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
12AED000
|
trusted library allocation
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
1C0FE000
|
stack
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B76F000
|
stack
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB7E000
|
stack
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
trusted library allocation
|
page read and write
|
||
|
78B000
|
heap
|
page read and write
|
||
|
2627000
|
trusted library allocation
|
page read and write
|
||
|
25F2000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
unkown
|
page readonly
|
||
|
D4B000
|
heap
|
page read and write
|
||
|
1C2FB000
|
stack
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
125E8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
7FFD9B92C000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
3338000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1B4E0000
|
heap
|
page execute and read and write
|
||
|
1BAD1000
|
heap
|
page read and write
|
||
|
1BB16000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
132F8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
2AC000
|
unkown
|
page readonly
|
||
|
1B1FD000
|
stack
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B87A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AEE0000
|
heap
|
page read and write
|
||
|
1BB42000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
1BAFB000
|
heap
|
page read and write
|
||
|
7FFD9B91B000
|
trusted library allocation
|
page read and write
|
||
|
112B000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page execute and read and write
|
||
|
71A000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
10EC000
|
heap
|
page read and write
|
||
|
7FFD9B754000
|
trusted library allocation
|
page read and write
|
||
|
1608000
|
heap
|
page read and write
|
||
|
1BF9E000
|
stack
|
page read and write
|
||
|
6D9000
|
heap
|
page read and write
|
||
|
1B55D000
|
heap
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
7FFD9B92C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page read and write
|
||
|
1AF5E000
|
stack
|
page read and write
|
||
|
182F000
|
stack
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
12593000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B94B000
|
trusted library allocation
|
page read and write
|
||
|
1B1E3000
|
stack
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
115D000
|
heap
|
page read and write
|
||
|
25D0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
12C78000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAA6000
|
heap
|
page read and write
|
||
|
81F000
|
heap
|
page read and write
|
||
|
2CB8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
1031000
|
heap
|
page read and write
|
||
|
10BF000
|
heap
|
page read and write
|
||
|
19A0000
|
heap
|
page read and write
|
||
|
6EF000
|
heap
|
page read and write
|
||
|
1B8C0000
|
heap
|
page read and write
|
||
|
2724000
|
trusted library allocation
|
page read and write
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
132FD000
|
trusted library allocation
|
page read and write
|
||
|
1AF60000
|
trusted library section
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
heap
|
page execute and read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
10C1000
|
heap
|
page read and write
|
||
|
1B7FD000
|
stack
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1ACB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
1BA6D000
|
heap
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
1AFA0000
|
trusted library section
|
page read and write
|
||
|
22FF000
|
stack
|
page read and write
|
||
|
31E0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B8AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B943000
|
trusted library allocation
|
page read and write
|
||
|
12C7D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B97D000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
1B4D3000
|
heap
|
page read and write
|
||
|
7FFD9B884000
|
trusted library allocation
|
page execute and read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
268F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B93A000
|
trusted library allocation
|
page read and write
|
||
|
298F000
|
trusted library allocation
|
page read and write
|
||
|
1B503000
|
heap
|
page read and write
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page read and write
|
||
|
1B5AA000
|
heap
|
page read and write
|
||
|
1BE9E000
|
stack
|
page read and write
|
||
|
2695000
|
trusted library allocation
|
page read and write
|
||
|
1B96A000
|
heap
|
page read and write
|
||
|
7FFD9B913000
|
trusted library allocation
|
page read and write
|
||
|
10B4000
|
heap
|
page read and write
|
||
|
1B3B4000
|
stack
|
page read and write
|
||
|
6DD000
|
heap
|
page read and write
|
||
|
12672000
|
trusted library allocation
|
page read and write
|
||
|
1B20C000
|
stack
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B953000
|
trusted library allocation
|
page read and write
|
||
|
1255D000
|
trusted library allocation
|
page read and write
|
||
|
253E000
|
stack
|
page read and write
|
||
|
105F000
|
heap
|
page read and write
|
||
|
1B4B3000
|
stack
|
page read and write
|
||
|
1B555000
|
heap
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AFC0000
|
heap
|
page read and write
|
||
|
12C83000
|
trusted library allocation
|
page read and write
|
||
|
1BA44000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
12C8D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B971000
|
trusted library allocation
|
page read and write
|
||
|
125E1000
|
trusted library allocation
|
page read and write
|
||
|
2B0000
|
unkown
|
page readonly
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page execute and read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2692000
|
trusted library allocation
|
page read and write
|
||
|
C65000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
120F000
|
stack
|
page read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
1B320000
|
trusted library allocation
|
page read and write
|
||
|
6B6000
|
heap
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2625000
|
trusted library allocation
|
page read and write
|
||
|
19A5000
|
heap
|
page read and write
|
||
|
2748000
|
trusted library allocation
|
page read and write
|
||
|
108C000
|
heap
|
page read and write
|
||
|
79C000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page execute and read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
7FFD9B953000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B786000
|
trusted library allocation
|
page read and write
|
||
|
1B903000
|
heap
|
page read and write
|
||
|
12C71000
|
trusted library allocation
|
page read and write
|
||
|
1B984000
|
heap
|
page read and write
|
||
|
1C39E000
|
stack
|
page read and write
|
||
|
7FFD9B90B000
|
trusted library allocation
|
page read and write
|
||
|
1B1B0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
33AF000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B93C000
|
trusted library allocation
|
page read and write
|
||
|
12551000
|
trusted library allocation
|
page read and write
|
||
|
86B000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
D89000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
871000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
3336000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
6DF000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B4AF000
|
stack
|
page read and write
|
||
|
1B538000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
1BB19000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
1BA00000
|
heap
|
page read and write
|
||
|
12B5A000
|
trusted library allocation
|
page read and write
|
||
|
15A2000
|
heap
|
page read and write
|
||
|
7FFD9B936000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page execute and read and write
|
||
|
268C000
|
trusted library allocation
|
page read and write
|
||
|
12EF000
|
stack
|
page read and write
|
||
|
1BA38000
|
heap
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
1099000
|
heap
|
page read and write
|
||
|
1B996000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
7FFD9B7A7000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page execute and read and write
|
||
|
1B5A3000
|
heap
|
page read and write
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
1B56F000
|
heap
|
page read and write
|
||
|
1B74E000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
1185000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B973000
|
stack
|
page read and write
|
||
|
12C91000
|
trusted library allocation
|
page read and write
|
||
|
1B956000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
2580000
|
heap
|
page execute and read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
182000
|
unkown
|
page readonly
|
||
|
1B58F000
|
heap
|
page read and write
|
||
|
27B7000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
1B2BE000
|
stack
|
page read and write
|
||
|
BB6000
|
stack
|
page read and write
|
||
|
1B760000
|
heap
|
page execute and read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1096000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
1B8AA000
|
heap
|
page read and write
|
||
|
7FFD9B9B2000
|
trusted library allocation
|
page read and write
|
||
|
1BB6E000
|
stack
|
page read and write
|
||
|
A5F000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
12AE8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B797000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
1BA48000
|
heap
|
page read and write
|
||
|
1A580000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
1336A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
1AA0D000
|
stack
|
page read and write
|
||
|
1B4EF000
|
stack
|
page read and write
|
||
|
12C81000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB6E000
|
stack
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
1A610000
|
trusted library allocation
|
page read and write
|
||
|
1B0F0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B881000
|
trusted library allocation
|
page execute and read and write
|
There are 645 hidden memdumps, click here to show them.