Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Duq6x6p2Pd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Microsoft Office\JjUyoQCSby.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft Office\JjUyoQCSby.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Portable Devices\services.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Portable Devices\services.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Recovery\JjUyoQCSby.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\SgrmBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\SgrmBroker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Recovery\StartMenuExperienceHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\StartMenuExperienceHost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\Default\JjUyoQCSby.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Desktop\JjUyoQCSby.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Duq6x6p2Pd.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Windows\Vss\JjUyoQCSby.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft Office\a010d8a77ca910
|
ASCII text, with very long lines (457), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Windows Portable Devices\c5b4cb5e9653cc
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\55b276f4edf653
|
ASCII text, with very long lines (464), with no line terminators
|
dropped
|
||
|
C:\Recovery\91e168f4ec1147
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\JjUyoQCSby.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\a010d8a77ca910
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Default\JjUyoQCSby.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\a010d8a77ca910
|
ASCII text, with very long lines (463), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Desktop\JjUyoQCSby.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Desktop\a010d8a77ca910
|
ASCII text, with very long lines (549), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\JjUyoQCSby.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\SgrmBroker.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\StartMenuExperienceHost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\services.exe.log
|
CSV text
|
dropped
|
||
|
C:\Windows\Vss\JjUyoQCSby.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Vss\a010d8a77ca910
|
ASCII text, with very long lines (600), with no line terminators
|
dropped
|
There are 20 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Duq6x6p2Pd.exe
|
"C:\Users\user\Desktop\Duq6x6p2Pd.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHostS" /sc MINUTE /mo 13 /tr "'C:\Recovery\StartMenuExperienceHost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHost" /sc ONLOGON /tr "'C:\Recovery\StartMenuExperienceHost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHostS" /sc MINUTE /mo 8 /tr "'C:\Recovery\StartMenuExperienceHost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 6 /tr "'C:\Users\Public\Desktop\JjUyoQCSby.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSby" /sc ONLOGON /tr "'C:\Users\Public\Desktop\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 14 /tr "'C:\Users\Public\Desktop\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 10 /tr "'C:\Recovery\JjUyoQCSby.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSby" /sc ONLOGON /tr "'C:\Recovery\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 9 /tr "'C:\Recovery\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 11 /tr "'C:\Users\Default User\JjUyoQCSby.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSby" /sc ONLOGON /tr "'C:\Users\Default User\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 8 /tr "'C:\Users\Default User\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SgrmBrokerS" /sc MINUTE /mo 8 /tr "'C:\Recovery\SgrmBroker.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SgrmBroker" /sc ONLOGON /tr "'C:\Recovery\SgrmBroker.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SgrmBrokerS" /sc MINUTE /mo 11 /tr "'C:\Recovery\SgrmBroker.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 7 /tr "'C:\Recovery\JjUyoQCSby.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSby" /sc ONLOGON /tr "'C:\Recovery\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 14 /tr "'C:\Recovery\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHostS" /sc MINUTE /mo 11 /tr "'C:\Recovery\StartMenuExperienceHost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHost" /sc ONLOGON /tr "'C:\Recovery\StartMenuExperienceHost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHostS" /sc MINUTE /mo 7 /tr "'C:\Recovery\StartMenuExperienceHost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Recovery\JjUyoQCSby.exe
|
C:\Recovery\JjUyoQCSby.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 14 /tr "'C:\Program Files (x86)\microsoft office\JjUyoQCSby.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSby" /sc ONLOGON /tr "'C:\Program Files (x86)\microsoft office\JjUyoQCSby.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Program Files (x86)\Microsoft Office\JjUyoQCSby.exe
|
"C:\Program Files (x86)\microsoft office\JjUyoQCSby.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 5 /tr "'C:\Program Files (x86)\microsoft office\JjUyoQCSby.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Recovery\SgrmBroker.exe
|
C:\Recovery\SgrmBroker.exe
|
|
|
|
C:\Recovery\SgrmBroker.exe
|
C:\Recovery\SgrmBroker.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "servicess" /sc MINUTE /mo 5 /tr "'C:\Program Files (x86)\windows portable devices\services.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "services" /sc ONLOGON /tr "'C:\Program Files (x86)\windows portable devices\services.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Recovery\StartMenuExperienceHost.exe
|
C:\Recovery\StartMenuExperienceHost.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "servicess" /sc MINUTE /mo 13 /tr "'C:\Program Files (x86)\windows portable devices\services.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Recovery\StartMenuExperienceHost.exe
|
C:\Recovery\StartMenuExperienceHost.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 9 /tr "'C:\Windows\Vss\JjUyoQCSby.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSby" /sc ONLOGON /tr "'C:\Windows\Vss\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "JjUyoQCSbyJ" /sc MINUTE /mo 11 /tr "'C:\Windows\Vss\JjUyoQCSby.exe'" /rl HIGHEST /f
|
|
|
|
C:\Program Files (x86)\Windows Portable Devices\services.exe
|
"C:\Program Files (x86)\windows portable devices\services.exe"
|
|
|
|
C:\Program Files (x86)\Windows Portable Devices\services.exe
|
"C:\Program Files (x86)\windows portable devices\services.exe"
|
|
|
|
C:\Program Files (x86)\Windows Portable Devices\services.exe
|
"C:\Program Files (x86)\windows portable devices\services.exe"
|
|
There are 30 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
18.31.95.13.in-addr.arpa
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\9b907f80cd69887d3eeac095e871e633e539fd4a
|
986e8bfed6153e47f34fb4e5fe37bbef5708d125
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C70000
|
trusted library allocation
|
page read and write
|
|
|
|
2C41000
|
trusted library allocation
|
page read and write
|
|
|
|
277C000
|
trusted library allocation
|
page read and write
|
|
|
|
2AA1000
|
trusted library allocation
|
page read and write
|
|
|
|
3026000
|
trusted library allocation
|
page read and write
|
|
|
|
2B71000
|
trusted library allocation
|
page read and write
|
|
|
|
12C51000
|
trusted library allocation
|
page read and write
|
|
|
|
27A1000
|
trusted library allocation
|
page read and write
|
|
|
|
2F41000
|
trusted library allocation
|
page read and write
|
|
|
|
30AD000
|
trusted library allocation
|
page read and write
|
|
|
|
2C9D000
|
trusted library allocation
|
page read and write
|
|
|
|
2750000
|
trusted library allocation
|
page read and write
|
|
|
|
2C41000
|
trusted library allocation
|
page read and write
|
|
|
|
1385000
|
heap
|
page read and write
|
||
|
12B73000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
1B634000
|
stack
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76E000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
7FFD9B6B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F4D000
|
trusted library allocation
|
page read and write
|
||
|
30E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5B4000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1BC4A000
|
heap
|
page read and write
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA5000
|
heap
|
page read and write
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
1C002000
|
heap
|
page read and write
|
||
|
12AA8000
|
trusted library allocation
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
1ABA0000
|
trusted library allocation
|
page read and write
|
||
|
1C3AB000
|
stack
|
page read and write
|
||
|
7FFD9B5B4000
|
trusted library allocation
|
page read and write
|
||
|
12F1000
|
heap
|
page read and write
|
||
|
7FFD9B5BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
1BABE000
|
stack
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
127A1000
|
trusted library allocation
|
page read and write
|
||
|
1B5D0000
|
heap
|
page read and write
|
||
|
7FFD9B74C000
|
trusted library allocation
|
page read and write
|
||
|
12C4D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B594000
|
trusted library allocation
|
page read and write
|
||
|
1B833000
|
stack
|
page read and write
|
||
|
7FFD9B660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5A7000
|
trusted library allocation
|
page read and write
|
||
|
1B590000
|
heap
|
page execute and read and write
|
||
|
CCF000
|
stack
|
page read and write
|
||
|
12EF000
|
stack
|
page read and write
|
||
|
7FFD9B64C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC3A000
|
heap
|
page read and write
|
||
|
102A000
|
heap
|
page read and write
|
||
|
DBC000
|
heap
|
page read and write
|
||
|
12C41000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B686000
|
trusted library allocation
|
page execute and read and write
|
||
|
27FD000
|
trusted library allocation
|
page read and write
|
||
|
1B51E000
|
stack
|
page read and write
|
||
|
7FFD9B696000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ACCD000
|
stack
|
page read and write
|
||
|
7FFD9B5B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
100B000
|
heap
|
page read and write
|
||
|
12743000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D4000
|
trusted library allocation
|
page read and write
|
||
|
EAC000
|
heap
|
page read and write
|
||
|
7FFD9B73E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5BC000
|
trusted library allocation
|
page read and write
|
||
|
1BD46000
|
heap
|
page read and write
|
||
|
C4F000
|
heap
|
page read and write
|
||
|
7FFD9B5AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AF1D000
|
stack
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
1B7BE000
|
stack
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
||
|
12F51000
|
trusted library allocation
|
page read and write
|
||
|
1BDD1000
|
heap
|
page read and write
|
||
|
862000
|
unkown
|
page readonly
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B676000
|
trusted library allocation
|
page execute and read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
7FFD9B6D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B38E000
|
stack
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
1D0F3000
|
stack
|
page read and write
|
||
|
12B9C000
|
trusted library allocation
|
page read and write
|
||
|
1BECA000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
7FFD9B5B4000
|
trusted library allocation
|
page read and write
|
||
|
1BDC1000
|
heap
|
page read and write
|
||
|
1241000
|
heap
|
page read and write
|
||
|
7FFD9B5D3000
|
trusted library allocation
|
page read and write
|
||
|
E5A000
|
heap
|
page read and write
|
||
|
7FFD9B5ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page execute and read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
7FFD9B5EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
127B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B757000
|
trusted library allocation
|
page read and write
|
||
|
12AB1000
|
trusted library allocation
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
7FFD9B6B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B61C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F5000
|
heap
|
page read and write
|
||
|
7FFD9B5A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
1C5F4000
|
stack
|
page read and write
|
||
|
1C73B000
|
stack
|
page read and write
|
||
|
7FFD9B650000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5AC000
|
trusted library allocation
|
page read and write
|
||
|
E3A000
|
heap
|
page read and write
|
||
|
7FFD9B670000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5DC000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
7FFD9B65C000
|
trusted library allocation
|
page execute and read and write
|
||
|
130A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
DA3000
|
heap
|
page read and write
|
||
|
2B10000
|
trusted library section
|
page read and write
|
||
|
1BD31000
|
heap
|
page read and write
|
||
|
7FFD9B5CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
7FFD9B5C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
27FA000
|
trusted library allocation
|
page read and write
|
||
|
12C87000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
7FFD9B5C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
1BC64000
|
heap
|
page read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
8AF000
|
heap
|
page read and write
|
||
|
1BC8C000
|
heap
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
||
|
1B8DE000
|
stack
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
1BFFB000
|
stack
|
page read and write
|
||
|
7FFD9B5E4000
|
trusted library allocation
|
page read and write
|
||
|
1B73B000
|
stack
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
121A000
|
heap
|
page read and write
|
||
|
7FFD9B5CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5E4000
|
trusted library allocation
|
page read and write
|
||
|
1BEB3000
|
heap
|
page read and write
|
||
|
865000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
2CFE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B590000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B593000
|
trusted library allocation
|
page execute and read and write
|
||
|
102E000
|
heap
|
page read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
10A6000
|
heap
|
page read and write
|
||
|
1C53E000
|
stack
|
page read and write
|
||
|
7FFD9B5CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
315A000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5DC000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
C33000
|
heap
|
page read and write
|
||
|
C44000
|
heap
|
page read and write
|
||
|
2BED000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
1C2FF000
|
stack
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
12F6C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D4000
|
trusted library allocation
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
F5E000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
1BCE0000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
7FFD9B5FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3BE000
|
stack
|
page read and write
|
||
|
274D000
|
trusted library allocation
|
page read and write
|
||
|
1BEC8000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
7FFD9B5DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5B2000
|
trusted library allocation
|
page read and write
|
||
|
1BD8E000
|
heap
|
page read and write
|
||
|
E1D000
|
heap
|
page read and write
|
||
|
1B60E000
|
stack
|
page read and write
|
||
|
2AFE000
|
stack
|
page read and write
|
||
|
1602000
|
heap
|
page read and write
|
||
|
12C48000
|
trusted library allocation
|
page read and write
|
||
|
1BE13000
|
heap
|
page read and write
|
||
|
1BCBF000
|
heap
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
1275000
|
heap
|
page read and write
|
||
|
7FFD9B61C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
942000
|
unkown
|
page readonly
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
7FFD9B6E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C102000
|
heap
|
page execute and read and write
|
||
|
7FFD9B75C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5A7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B740000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
7FFD9B73A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5A4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B590000
|
trusted library allocation
|
page read and write
|
||
|
14D5000
|
heap
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
1D1FE000
|
stack
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
1B8B4000
|
stack
|
page read and write
|
||
|
7FFD9B5C3000
|
trusted library allocation
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
1B8F0000
|
heap
|
page execute and read and write
|
||
|
786000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
80B000
|
heap
|
page read and write
|
||
|
12F43000
|
trusted library allocation
|
page read and write
|
||
|
2855000
|
trusted library allocation
|
page read and write
|
||
|
1B1CD000
|
stack
|
page read and write
|
||
|
7FFD9B666000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
130CC000
|
trusted library allocation
|
page read and write
|
||
|
1BC0A000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
1B7BE000
|
stack
|
page read and write
|
||
|
12C41000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B61C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B59D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
DAA000
|
heap
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B5B0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
12C61000
|
trusted library allocation
|
page read and write
|
||
|
12B7D000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1CBFA000
|
stack
|
page read and write
|
||
|
E1B000
|
heap
|
page read and write
|
||
|
130AD000
|
trusted library allocation
|
page read and write
|
||
|
B66000
|
heap
|
page read and write
|
||
|
1B7DF000
|
stack
|
page read and write
|
||
|
2BEB000
|
trusted library allocation
|
page read and write
|
||
|
1AC90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5AC000
|
trusted library allocation
|
page read and write
|
||
|
1C1AE000
|
stack
|
page read and write
|
||
|
1C933000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page execute and read and write
|
||
|
7FFD9B73C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E55000
|
trusted library allocation
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
127AD000
|
trusted library allocation
|
page read and write
|
||
|
1C4FE000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page read and write
|
||
|
127A3000
|
trusted library allocation
|
page read and write
|
||
|
1BAD3000
|
stack
|
page read and write
|
||
|
10D2000
|
heap
|
page read and write
|
||
|
1BD08000
|
heap
|
page read and write
|
||
|
13FF000
|
stack
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
1BE54000
|
heap
|
page read and write
|
||
|
1B0D0000
|
trusted library allocation
|
page read and write
|
||
|
835000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
1CA02000
|
heap
|
page read and write
|
||
|
1BAFE000
|
stack
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B67C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B640000
|
trusted library allocation
|
page read and write
|
||
|
1C3B0000
|
heap
|
page read and write
|
||
|
7FFD9B76E000
|
trusted library allocation
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
2D87000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A1000
|
trusted library allocation
|
page read and write
|
||
|
12C8C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
7FFD9B6EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B730000
|
trusted library allocation
|
page read and write
|
||
|
10E3000
|
heap
|
page read and write
|
||
|
AF9000
|
heap
|
page read and write
|
||
|
7FFD9B5CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3B000
|
heap
|
page read and write
|
||
|
1BEF4000
|
stack
|
page read and write
|
||
|
12B71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B646000
|
trusted library allocation
|
page read and write
|
||
|
1D202000
|
heap
|
page read and write
|
||
|
7FFD9B75B000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
1B69F000
|
stack
|
page read and write
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
1BC2A000
|
heap
|
page read and write
|
||
|
1BDE5000
|
heap
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
130A8000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page execute and read and write
|
||
|
7FFD9B5C2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C4D000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9FF000
|
stack
|
page read and write
|
||
|
1B6DF000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
127A8000
|
trusted library allocation
|
page read and write
|
||
|
1B6BE000
|
stack
|
page read and write
|
||
|
12748000
|
trusted library allocation
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
2BEF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1274D000
|
trusted library allocation
|
page read and write
|
||
|
1B6D0000
|
heap
|
page read and write
|
||
|
7FFD9B5EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
7FFD9B5A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D3000
|
trusted library allocation
|
page read and write
|
||
|
284F000
|
trusted library allocation
|
page read and write
|
||
|
109D000
|
heap
|
page read and write
|
||
|
2B51000
|
trusted library allocation
|
page read and write
|
||
|
2C1F000
|
trusted library allocation
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7FFD9B676000
|
trusted library allocation
|
page execute and read and write
|
||
|
1360000
|
heap
|
page execute and read and write
|
||
|
7FFD9B5DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
EDF000
|
heap
|
page read and write
|
||
|
7FFD9B5DC000
|
trusted library allocation
|
page read and write
|
||
|
C13000
|
heap
|
page read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B791000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CF8000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
12C51000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B75C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B776000
|
trusted library allocation
|
page read and write
|
||
|
1BC36000
|
heap
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
ECA000
|
heap
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
7FFD9B696000
|
trusted library allocation
|
page execute and read and write
|
||
|
107F000
|
stack
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
A80000
|
trusted library allocation
|
page read and write
|
||
|
1BD1A000
|
heap
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
1B6B0000
|
heap
|
page read and write
|
||
|
2861000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
1B1CD000
|
stack
|
page read and write
|
||
|
EA6000
|
heap
|
page read and write
|
||
|
1C83E000
|
stack
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
7FFD9B761000
|
trusted library allocation
|
page read and write
|
||
|
1BBB3000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
1BCDE000
|
stack
|
page read and write
|
||
|
2CFB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
851000
|
heap
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
12C71000
|
trusted library allocation
|
page read and write
|
||
|
2F0C000
|
trusted library allocation
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
7FFD9B75B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B666000
|
trusted library allocation
|
page read and write
|
||
|
1BBB3000
|
stack
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
110D000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
7FFD9B5BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C61000
|
trusted library allocation
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
7FFD9B5DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F41000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
7FFD9B5DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BCE0000
|
heap
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
1BC1C000
|
heap
|
page read and write
|
||
|
1A7D0000
|
trusted library allocation
|
page read and write
|
||
|
3047000
|
trusted library allocation
|
page read and write
|
||
|
27BE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B676000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
DB6000
|
heap
|
page read and write
|
||
|
1B9DA000
|
stack
|
page read and write
|
||
|
1AF70000
|
trusted library allocation
|
page read and write
|
||
|
12C48000
|
trusted library allocation
|
page read and write
|
||
|
1BE1F000
|
heap
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
7FFD9B5BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B746000
|
trusted library allocation
|
page read and write
|
||
|
2852000
|
trusted library allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
1002000
|
heap
|
page read and write
|
||
|
27BC000
|
trusted library allocation
|
page read and write
|
||
|
1B95F000
|
stack
|
page read and write
|
||
|
127CC000
|
trusted library allocation
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
E02000
|
heap
|
page read and write
|
||
|
7FFD9B5A0000
|
trusted library allocation
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
7FFD9B5AC000
|
trusted library allocation
|
page read and write
|
||
|
2B4E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC20000
|
heap
|
page read and write
|
||
|
1B9BE000
|
stack
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page read and write
|
||
|
1C2AF000
|
stack
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
284C000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
trusted library allocation
|
page read and write
|
||
|
1AFA0000
|
trusted library allocation
|
page read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
1B9D4000
|
stack
|
page read and write
|
||
|
1BBFA000
|
heap
|
page read and write
|
||
|
12AAD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
7FFD9B6D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C31000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD9000
|
heap
|
page read and write
|
||
|
F02000
|
heap
|
page read and write
|
||
|
EE1000
|
heap
|
page read and write
|
||
|
C3F000
|
heap
|
page read and write
|
||
|
1AF80000
|
heap
|
page execute and read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
D02000
|
heap
|
page read and write
|
||
|
7FFD9B6B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
1BBD3000
|
stack
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
2C25000
|
trusted library allocation
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
7FFD9B592000
|
trusted library allocation
|
page read and write
|
||
|
1094000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
10CA000
|
heap
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
7FFD9B6E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
12741000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page execute and read and write
|
||
|
1BCCF000
|
heap
|
page read and write
|
||
|
30A1000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7FFD9B5C0000
|
trusted library allocation
|
page read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
ED2000
|
heap
|
page read and write
|
||
|
1B8BE000
|
stack
|
page read and write
|
||
|
7FFD9B6E5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B646000
|
trusted library allocation
|
page read and write
|
||
|
D86000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B680000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF1000
|
heap
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
CFC000
|
heap
|
page read and write
|
||
|
1BEDE000
|
heap
|
page read and write
|
||
|
1B430000
|
heap
|
page execute and read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
102C000
|
heap
|
page read and write
|
||
|
7FFD9B73E000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
B26000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
1B9B4000
|
stack
|
page read and write
|
||
|
7FFD9B676000
|
trusted library allocation
|
page read and write
|
||
|
1BBDE000
|
stack
|
page read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
DEF000
|
heap
|
page read and write
|
||
|
7FFD9B6BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE15000
|
heap
|
page read and write
|
||
|
1BCD7000
|
heap
|
page read and write
|
||
|
7FFD9B5CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
902000
|
heap
|
page read and write
|
||
|
7FFD9B650000
|
trusted library allocation
|
page execute and read and write
|
||
|
27F7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5C0000
|
trusted library allocation
|
page read and write
|
||
|
2C28000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5B3000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B73C000
|
trusted library allocation
|
page read and write
|
||
|
2B54000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
7FFD9B776000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAD4000
|
stack
|
page read and write
|
||
|
7FFD9B75E000
|
trusted library allocation
|
page read and write
|
||
|
1BE77000
|
heap
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1BCF1000
|
heap
|
page read and write
|
||
|
1BE80000
|
heap
|
page read and write
|
||
|
1BD51000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
1147000
|
heap
|
page read and write
|
||
|
1BCBE000
|
stack
|
page read and write
|
||
|
1C702000
|
heap
|
page execute and read and write
|
||
|
2B57000
|
trusted library allocation
|
page read and write
|
||
|
1B20E000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1BBE0000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
1BD74000
|
heap
|
page read and write
|
||
|
7FFD9B5C4000
|
trusted library allocation
|
page read and write
|
||
|
2EB4000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
124F000
|
heap
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5E4000
|
trusted library allocation
|
page read and write
|
||
|
2CF5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page read and write
|
||
|
130A3000
|
trusted library allocation
|
page read and write
|
||
|
B2A000
|
heap
|
page read and write
|
||
|
D8C000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page execute and read and write
|
||
|
7FFD9B64C000
|
trusted library allocation
|
page execute and read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
2C2E000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
C41000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
7FFD9B60C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1225000
|
heap
|
page read and write
|
||
|
2C1C000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
7FFD9B670000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B78000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
2B4B000
|
trusted library allocation
|
page read and write
|
||
|
1231000
|
heap
|
page read and write
|
||
|
12C68000
|
trusted library allocation
|
page read and write
|
||
|
2F72000
|
trusted library allocation
|
page read and write
|
||
|
DD6000
|
stack
|
page read and write
|
||
|
7FFD9B5BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B771000
|
trusted library allocation
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
1BDDC000
|
heap
|
page read and write
|
||
|
7FFD9B5B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B640000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
1BC6D000
|
heap
|
page read and write
|
||
|
C2C000
|
heap
|
page read and write
|
||
|
11EF000
|
stack
|
page read and write
|
||
|
1BD4E000
|
heap
|
page read and write
|
||
|
7FFD9B593000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B66C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B81000
|
trusted library allocation
|
page read and write
|
||
|
F0D000
|
heap
|
page read and write
|
||
|
7FFD9B5D7000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
1BE8F000
|
heap
|
page read and write
|
||
|
1102000
|
heap
|
page read and write
|
||
|
1C8FF000
|
stack
|
page read and write
|
||
|
BF6000
|
stack
|
page read and write
|
||
|
2B60000
|
heap
|
page execute and read and write
|
||
|
105B000
|
heap
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
7FFD9B766000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
1276C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D0000
|
trusted library allocation
|
page read and write
|
||
|
12ACC000
|
trusted library allocation
|
page read and write
|
||
|
10AC000
|
heap
|
page read and write
|
||
|
1AAD0000
|
trusted library allocation
|
page read and write
|
||
|
1B7DF000
|
stack
|
page read and write
|
||
|
FF8000
|
heap
|
page read and write
|
||
|
12AC000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
7FFD9B60C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7FF000
|
stack
|
page read and write
|
||
|
1B53E000
|
stack
|
page read and write
|
||
|
1BCF3000
|
stack
|
page read and write
|
||
|
7FFD9B656000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
7FFD9B59D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C3FE000
|
stack
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E5000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
1BEB9000
|
heap
|
page read and write
|
||
|
7FFD9B5A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5CC000
|
trusted library allocation
|
page read and write
|
||
|
1BBF4000
|
stack
|
page read and write
|
||
|
7FFD9B73C000
|
trusted library allocation
|
page read and write
|
||
|
2F36000
|
trusted library allocation
|
page read and write
|
||
|
2CB5000
|
trusted library allocation
|
page read and write
|
||
|
2B5D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
1B280000
|
heap
|
page read and write
|
||
|
130B1000
|
trusted library allocation
|
page read and write
|
||
|
12751000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B771000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B771000
|
trusted library allocation
|
page read and write
|
||
|
736000
|
stack
|
page read and write
|
||
|
7FFD9B741000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
heap
|
page execute and read and write
|
||
|
7FFD9B594000
|
trusted library allocation
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
||
|
1057000
|
heap
|
page read and write
|
||
|
1BB02000
|
heap
|
page execute and read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
1AC70000
|
trusted library allocation
|
page read and write
|
||
|
1CAF3000
|
stack
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
1C0FF000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B594000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
1B0FD000
|
stack
|
page read and write
|
||
|
7FFD9B593000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B8DE000
|
stack
|
page read and write
|
||
|
12AA3000
|
trusted library allocation
|
page read and write
|
||
|
C11000
|
heap
|
page read and write
|
||
|
D8F000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
1BC40000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
1AC70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
CAB000
|
heap
|
page read and write
|
||
|
1018000
|
heap
|
page read and write
|
||
|
1CCFE000
|
stack
|
page read and write
|
||
|
1233000
|
heap
|
page read and write
|
||
|
1B640000
|
heap
|
page execute and read and write
|
||
|
7FFD9B746000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
7FFD9B5CC000
|
trusted library allocation
|
page read and write
|
||
|
DDF000
|
heap
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B59D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
1AC1D000
|
stack
|
page read and write
|
||
|
1A770000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1C602000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
12C43000
|
trusted library allocation
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
2FD9000
|
trusted library allocation
|
page read and write
|
||
|
1BD78000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page execute and read and write
|
||
|
C31000
|
heap
|
page read and write
|
||
|
2D7E000
|
stack
|
page read and write
|
||
|
12C6D000
|
trusted library allocation
|
page read and write
|
||
|
15FF000
|
stack
|
page read and write
|
||
|
1BCB1000
|
heap
|
page read and write
|
||
|
7FFD9B660000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BABB000
|
stack
|
page read and write
|
||
|
1BEBC000
|
heap
|
page read and write
|
||
|
1BEA7000
|
heap
|
page read and write
|
||
|
1C9FF000
|
stack
|
page read and write
|
||
|
1BCBA000
|
heap
|
page read and write
|
||
|
7FFD9B676000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
2EEF000
|
trusted library allocation
|
page read and write
|
||
|
27C6000
|
trusted library allocation
|
page read and write
|
||
|
1BE08000
|
heap
|
page read and write
|
||
|
2FAE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B740000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B778000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B730000
|
trusted library allocation
|
page read and write
|
||
|
1B53F000
|
stack
|
page read and write
|
||
|
129F000
|
stack
|
page read and write
|
||
|
7FFD9B596000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B740000
|
trusted library allocation
|
page read and write
|
||
|
DC3000
|
heap
|
page read and write
|
||
|
1B93E000
|
stack
|
page read and write
|
||
|
7FF46B180000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F7000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page execute and read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
7FFD9B5D7000
|
trusted library allocation
|
page read and write
|
||
|
8C7000
|
heap
|
page read and write
|
||
|
1AF60000
|
heap
|
page read and write
|
||
|
B91000
|
heap
|
page read and write
|
||
|
2B5A000
|
trusted library allocation
|
page read and write
|
||
|
1BCFE000
|
heap
|
page read and write
|
||
|
14FF000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page execute and read and write
|
||
|
12C63000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B650000
|
trusted library allocation
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
1B10F000
|
stack
|
page read and write
|
||
|
7FFD9B5EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E5E000
|
trusted library allocation
|
page read and write
|
||
|
DDC000
|
heap
|
page read and write
|
||
|
7FFD9B5C4000
|
trusted library allocation
|
page read and write
|
||
|
12F48000
|
trusted library allocation
|
page read and write
|
||
|
1239000
|
heap
|
page read and write
|
||
|
7FFD9B76B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B646000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
278B000
|
trusted library allocation
|
page read and write
|
||
|
2C22000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
12AA1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B676000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B733000
|
trusted library allocation
|
page read and write
|
||
|
1B1ED000
|
stack
|
page read and write
|
||
|
1BA02000
|
heap
|
page read and write
|
||
|
7FFD9B5C7000
|
trusted library allocation
|
page read and write
|
||
|
2B48000
|
trusted library allocation
|
page read and write
|
||
|
AFB000
|
heap
|
page read and write
|
There are 785 hidden memdumps, click here to show them.