Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
5tqXx7iu9m.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Defender\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Adobe\Acrobat DC\Resource\TypeSupport\csrss.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Adobe\Acrobat DC\Resource\TypeSupport\csrss.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files\Microsoft\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Microsoft\RuntimeBroker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files\Microsoft\fontdrvhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Microsoft\fontdrvhost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files\Mozilla Firefox\fonts\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Photo Viewer\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\System.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\System.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Recovery\backgroundTaskHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\backgroundTaskHost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Recovery\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\dllhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\dllhost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\5tqXx7iu9m.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Performance\WinSAT\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\TAPI\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Tasks\sqPKQawpTnLujfRgyPwI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\95aaaff3431df3
|
ASCII text, with very long lines (933), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\95aaaff3431df3
|
ASCII text, with very long lines (363), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Windows Defender\95aaaff3431df3
|
ASCII text, with very long lines (501), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Windows Defender\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Adobe\Acrobat DC\Resource\TypeSupport\886983d96e3d3e
|
ASCII text, with very long lines (564), with no line terminators
|
dropped
|
||
|
C:\Program Files\Microsoft\5b884080fd4f94
|
ASCII text, with very long lines (790), with no line terminators
|
dropped
|
||
|
C:\Program Files\Microsoft\9e8d7a4ca61bd9
|
ASCII text, with very long lines (654), with no line terminators
|
dropped
|
||
|
C:\Program Files\Mozilla Firefox\fonts\95aaaff3431df3
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Mozilla Firefox\fonts\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows Photo Viewer\95aaaff3431df3
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Photo Viewer\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\27d1bcfc3c54e0
|
ASCII text, with very long lines (617), with no line terminators
|
dropped
|
||
|
C:\Recovery\95aaaff3431df3
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\eddb19405b7ce1
|
ASCII text, with very long lines (703), with no line terminators
|
dropped
|
||
|
C:\Recovery\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\5940a34987c991
|
ASCII text, with very long lines (344), with no line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\95aaaff3431df3
|
ASCII text, with very long lines (848), with no line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\95aaaff3431df3
|
ASCII text, with very long lines (964), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\backgroundTaskHost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\dllhost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\fontdrvhost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Performance\WinSAT\95aaaff3431df3
|
ASCII text, with very long lines (910), with no line terminators
|
dropped
|
||
|
C:\Windows\Performance\WinSAT\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\TAPI\95aaaff3431df3
|
ASCII text, with very long lines (921), with no line terminators
|
dropped
|
||
|
C:\Windows\TAPI\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Tasks\95aaaff3431df3
|
ASCII text, with very long lines (943), with no line terminators
|
dropped
|
||
|
C:\Windows\Tasks\sqPKQawpTnLujfRgyPwI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 46 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\5tqXx7iu9m.exe
|
"C:\Users\user\Desktop\5tqXx7iu9m.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 14 /tr "'C:\Program Files (x86)\msbuild\Microsoft\Windows
Workflow Foundation\sqPKQawpTnLujfRgyPwI.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwI" /sc ONLOGON /tr "'C:\Program Files (x86)\msbuild\Microsoft\Windows Workflow
Foundation\sqPKQawpTnLujfRgyPwI.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 8 /tr "'C:\Program Files (x86)\msbuild\Microsoft\Windows Workflow
Foundation\sqPKQawpTnLujfRgyPwI.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 12 /tr "'C:\Users\Default\Application Data\Microsoft\dllhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhost" /sc ONLOGON /tr "'C:\Users\Default\Application Data\Microsoft\dllhost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 10 /tr "'C:\Users\Default\Application Data\Microsoft\dllhost.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 8 /tr "'C:\Program Files\Microsoft\fontdrvhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhost" /sc ONLOGON /tr "'C:\Program Files\Microsoft\fontdrvhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 9 /tr "'C:\Program Files\Microsoft\fontdrvhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 5 /tr "'C:\Recovery\sqPKQawpTnLujfRgyPwI.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwI" /sc ONLOGON /tr "'C:\Recovery\sqPKQawpTnLujfRgyPwI.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 6 /tr "'C:\Recovery\sqPKQawpTnLujfRgyPwI.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 13 /tr "'C:\Program Files\Windows Photo Viewer\sqPKQawpTnLujfRgyPwI.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwI" /sc ONLOGON /tr "'C:\Program Files\Windows Photo Viewer\sqPKQawpTnLujfRgyPwI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 12 /tr "'C:\Program Files\Windows Photo Viewer\sqPKQawpTnLujfRgyPwI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SystemS" /sc MINUTE /mo 11 /tr "'C:\Recovery\System.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "System" /sc ONLOGON /tr "'C:\Recovery\System.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SystemS" /sc MINUTE /mo 13 /tr "'C:\Recovery\System.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 13 /tr "'C:\Windows\TAPI\sqPKQawpTnLujfRgyPwI.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwI" /sc ONLOGON /tr "'C:\Windows\TAPI\sqPKQawpTnLujfRgyPwI.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 8 /tr "'C:\Windows\TAPI\sqPKQawpTnLujfRgyPwI.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 12 /tr "'C:\Program Files (x86)\windows defender\sqPKQawpTnLujfRgyPwI.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwI" /sc ONLOGON /tr "'C:\Program Files (x86)\windows defender\sqPKQawpTnLujfRgyPwI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 14 /tr "'C:\Program Files (x86)\windows defender\sqPKQawpTnLujfRgyPwI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "backgroundTaskHostb" /sc MINUTE /mo 7 /tr "'C:\Recovery\backgroundTaskHost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "backgroundTaskHost" /sc ONLOGON /tr "'C:\Recovery\backgroundTaskHost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "backgroundTaskHostb" /sc MINUTE /mo 5 /tr "'C:\Recovery\backgroundTaskHost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 8 /tr "'C:\Windows\Performance\WinSAT\sqPKQawpTnLujfRgyPwI.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwI" /sc ONLOGON /tr "'C:\Windows\Performance\WinSAT\sqPKQawpTnLujfRgyPwI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Recovery\backgroundTaskHost.exe
|
C:\Recovery\backgroundTaskHost.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 6 /tr "'C:\Windows\Performance\WinSAT\sqPKQawpTnLujfRgyPwI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Recovery\backgroundTaskHost.exe
|
C:\Recovery\backgroundTaskHost.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 13 /tr "'C:\Users\user\sqPKQawpTnLujfRgyPwI.exe'" /f
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\dllhost.exe
|
"C:\Users\Default\Application Data\Microsoft\dllhost.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwI" /sc ONLOGON /tr "'C:\Users\user\sqPKQawpTnLujfRgyPwI.exe'" /rl HIGHEST /f
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\dllhost.exe
|
"C:\Users\Default\Application Data\Microsoft\dllhost.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "sqPKQawpTnLujfRgyPwIs" /sc MINUTE /mo 8 /tr "'C:\Users\user\sqPKQawpTnLujfRgyPwI.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Program Files\Microsoft\fontdrvhost.exe
|
"C:\Program Files\Microsoft\fontdrvhost.exe"
|
|
|
|
C:\Program Files\Microsoft\fontdrvhost.exe
|
"C:\Program Files\Microsoft\fontdrvhost.exe"
|
|
There are 30 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\c69b63fac4e8a0b12160f0984b8e15328c0f4fff
|
ffe2312fa0077c9633bb70107b1a4bac63d3d372
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2BB1000
|
trusted library allocation
|
page read and write
|
|
|
|
26D1000
|
trusted library allocation
|
page read and write
|
|
|
|
26F1000
|
trusted library allocation
|
page read and write
|
|
|
|
31E1000
|
trusted library allocation
|
page read and write
|
|
|
|
37D8000
|
trusted library allocation
|
page read and write
|
|
|
|
2719000
|
trusted library allocation
|
page read and write
|
|
|
|
2541000
|
trusted library allocation
|
page read and write
|
|
|
|
2737000
|
trusted library allocation
|
page read and write
|
|
|
|
2B01000
|
trusted library allocation
|
page read and write
|
|
|
|
2D51000
|
trusted library allocation
|
page read and write
|
|
|
|
2592000
|
trusted library allocation
|
page read and write
|
|
|
|
2B48000
|
trusted library allocation
|
page read and write
|
|
|
|
2BF7000
|
trusted library allocation
|
page read and write
|
|
|
|
7FFD9B776000
|
trusted library allocation
|
page read and write
|
||
|
33CB000
|
trusted library allocation
|
page read and write
|
||
|
1B08D000
|
stack
|
page read and write
|
||
|
1B13E000
|
stack
|
page read and write
|
||
|
7FFD9B8A5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page read and write
|
||
|
1C4CD000
|
heap
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
7FFD9B6D6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B893000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B86C000
|
trusted library allocation
|
page read and write
|
||
|
BF2000
|
unkown
|
page readonly
|
||
|
27B7000
|
trusted library allocation
|
page read and write
|
||
|
132D000
|
heap
|
page read and write
|
||
|
7FFD9B7F1000
|
trusted library allocation
|
page execute and read and write
|
||
|
253F000
|
stack
|
page read and write
|
||
|
7FFD9B7E8000
|
trusted library allocation
|
page execute and read and write
|
||
|
E8D000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C092000
|
heap
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
128F000
|
stack
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F0000
|
trusted library allocation
|
page read and write
|
||
|
E53000
|
heap
|
page read and write
|
||
|
120F000
|
stack
|
page read and write
|
||
|
1C054000
|
heap
|
page read and write
|
||
|
67F000
|
heap
|
page read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3249000
|
trusted library allocation
|
page read and write
|
||
|
132F000
|
heap
|
page read and write
|
||
|
12D53000
|
trusted library allocation
|
page read and write
|
||
|
1159000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
7FFD9B873000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B86E000
|
trusted library allocation
|
page read and write
|
||
|
2C77000
|
trusted library allocation
|
page read and write
|
||
|
1BEE0000
|
heap
|
page read and write
|
||
|
3445000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
10AB000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBB3000
|
stack
|
page read and write
|
||
|
3794000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
7FFD9B8A2000
|
trusted library allocation
|
page read and write
|
||
|
1B090000
|
heap
|
page execute and read and write
|
||
|
1C03A000
|
heap
|
page read and write
|
||
|
9CB000
|
heap
|
page read and write
|
||
|
7FFD9B70C000
|
trusted library allocation
|
page execute and read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
1B423000
|
stack
|
page read and write
|
||
|
1C21F000
|
heap
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6D7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B86B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
7FFD9B873000
|
trusted library allocation
|
page read and write
|
||
|
3752000
|
trusted library allocation
|
page read and write
|
||
|
2A2E000
|
stack
|
page read and write
|
||
|
7FFD9B776000
|
trusted library allocation
|
page read and write
|
||
|
2C7A000
|
trusted library allocation
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
A58000
|
heap
|
page read and write
|
||
|
7FFD9B7EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BFF9000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
7FFD9B71C000
|
trusted library allocation
|
page execute and read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
A76000
|
heap
|
page read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
E4B000
|
heap
|
page read and write
|
||
|
99F000
|
stack
|
page read and write
|
||
|
7FFD9B87B000
|
trusted library allocation
|
page read and write
|
||
|
3538000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A5000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page execute and read and write
|
||
|
1304000
|
heap
|
page read and write
|
||
|
12B0D000
|
trusted library allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
7FFD9B7E8000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBAE000
|
stack
|
page read and write
|
||
|
A4D000
|
heap
|
page read and write
|
||
|
1B120000
|
heap
|
page read and write
|
||
|
1B44E000
|
stack
|
page read and write
|
||
|
1C5B6000
|
heap
|
page read and write
|
||
|
E2C000
|
heap
|
page read and write
|
||
|
85C000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
3233000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C83000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B796000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6D2000
|
trusted library allocation
|
page read and write
|
||
|
1BFDE000
|
heap
|
page read and write
|
||
|
1B24E000
|
stack
|
page read and write
|
||
|
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
|
2D4F000
|
stack
|
page read and write
|
||
|
2240000
|
trusted library allocation
|
page read and write
|
||
|
8C1000
|
heap
|
page read and write
|
||
|
1C029000
|
heap
|
page read and write
|
||
|
882000
|
heap
|
page read and write
|
||
|
7FFD9B8C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B801000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6CC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7F8000
|
trusted library allocation
|
page execute and read and write
|
||
|
68C000
|
heap
|
page read and write
|
||
|
1BEDE000
|
stack
|
page read and write
|
||
|
7FFD9B6EC000
|
trusted library allocation
|
page read and write
|
||
|
1C1F3000
|
heap
|
page read and write
|
||
|
DEB000
|
heap
|
page read and write
|
||
|
B4F000
|
stack
|
page read and write
|
||
|
7FFD9B883000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
1C3DB000
|
heap
|
page read and write
|
||
|
126D3000
|
trusted library allocation
|
page read and write
|
||
|
1C5C1000
|
heap
|
page read and write
|
||
|
1BEA4000
|
stack
|
page read and write
|
||
|
1C281000
|
heap
|
page read and write
|
||
|
1B2ED000
|
stack
|
page read and write
|
||
|
1C48C000
|
heap
|
page read and write
|
||
|
7FFD9B883000
|
trusted library allocation
|
page read and write
|
||
|
2C7D000
|
trusted library allocation
|
page read and write
|
||
|
1301000
|
heap
|
page read and write
|
||
|
7FFD9B87C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B87E000
|
trusted library allocation
|
page read and write
|
||
|
C6F000
|
stack
|
page read and write
|
||
|
12541000
|
trusted library allocation
|
page read and write
|
||
|
12D58000
|
trusted library allocation
|
page read and write
|
||
|
1BFB0000
|
heap
|
page read and write
|
||
|
1B76D000
|
stack
|
page read and write
|
||
|
27B4000
|
trusted library allocation
|
page read and write
|
||
|
3344000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C2000
|
trusted library allocation
|
page read and write
|
||
|
126FD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B776000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7F1000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EF000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
heap
|
page read and write
|
||
|
7FFD9B6F4000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
1C51F000
|
heap
|
page read and write
|
||
|
10CD000
|
heap
|
page read and write
|
||
|
1B210000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
274A000
|
trusted library allocation
|
page read and write
|
||
|
2270000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1BABB000
|
stack
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
272C000
|
trusted library allocation
|
page read and write
|
||
|
1B64E000
|
stack
|
page read and write
|
||
|
2330000
|
heap
|
page execute and read and write
|
||
|
1C3E6000
|
heap
|
page read and write
|
||
|
7FFD9B776000
|
trusted library allocation
|
page read and write
|
||
|
1A570000
|
trusted library allocation
|
page read and write
|
||
|
131E1000
|
trusted library allocation
|
page read and write
|
||
|
1C5D0000
|
heap
|
page read and write
|
||
|
33FC000
|
trusted library allocation
|
page read and write
|
||
|
18B0000
|
heap
|
page read and write
|
||
|
1C273000
|
heap
|
page read and write
|
||
|
2606000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C8EE000
|
stack
|
page read and write
|
||
|
1B204000
|
stack
|
page read and write
|
||
|
7FFD9B8A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B871000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B84E000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
1B9DF000
|
stack
|
page read and write
|
||
|
1C537000
|
heap
|
page read and write
|
||
|
1B32E000
|
stack
|
page read and write
|
||
|
1C32D000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A5000
|
trusted library allocation
|
page read and write
|
||
|
27AE000
|
trusted library allocation
|
page read and write
|
||
|
1C486000
|
heap
|
page read and write
|
||
|
E26000
|
heap
|
page read and write
|
||
|
1B8D0000
|
heap
|
page execute and read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
1B8B4000
|
stack
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
1B72E000
|
stack
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
22D0000
|
heap
|
page execute and read and write
|
||
|
668000
|
heap
|
page read and write
|
||
|
69C000
|
heap
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
1B57E000
|
stack
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
2C14000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1C4EB000
|
heap
|
page read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
12548000
|
trusted library allocation
|
page read and write
|
||
|
1C286000
|
heap
|
page read and write
|
||
|
18B5000
|
heap
|
page read and write
|
||
|
1C3BA000
|
heap
|
page read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
7FFD9B7EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B22E000
|
stack
|
page read and write
|
||
|
31D0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page read and write
|
||
|
1BCD3000
|
stack
|
page read and write
|
||
|
7FFD9B6FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
359A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B86E000
|
trusted library allocation
|
page read and write
|
||
|
1C001000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
E7A000
|
heap
|
page read and write
|
||
|
1C5D6000
|
heap
|
page read and write
|
||
|
1375000
|
heap
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
1AD80000
|
trusted library allocation
|
page read and write
|
||
|
8BE000
|
heap
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page read and write
|
||
|
1B8BB000
|
stack
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B86E000
|
trusted library allocation
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E7000
|
trusted library allocation
|
page read and write
|
||
|
1C3F0000
|
heap
|
page read and write
|
||
|
1C1F5000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
1B140000
|
heap
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
12EB000
|
heap
|
page read and write
|
||
|
1BBBE000
|
stack
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
1BADE000
|
stack
|
page read and write
|
||
|
1C5BF000
|
heap
|
page read and write
|
||
|
138E000
|
stack
|
page read and write
|
||
|
7FFD9B6DC000
|
trusted library allocation
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
1C54E000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
223F000
|
stack
|
page read and write
|
||
|
1C562000
|
heap
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
339D000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
2797000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B5000
|
trusted library allocation
|
page read and write
|
||
|
108F000
|
stack
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
2600000
|
trusted library allocation
|
page read and write
|
||
|
1C35B000
|
heap
|
page read and write
|
||
|
1C575000
|
heap
|
page read and write
|
||
|
892000
|
heap
|
page read and write
|
||
|
1AACD000
|
stack
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
1BDAE000
|
stack
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
7FFD9B87A000
|
trusted library allocation
|
page read and write
|
||
|
1C4C6000
|
heap
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9BE000
|
stack
|
page read and write
|
||
|
7FFD9B7FF000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
2B4F000
|
stack
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C07B000
|
heap
|
page read and write
|
||
|
7FFD9B6DC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
12B03000
|
trusted library allocation
|
page read and write
|
||
|
1C386000
|
heap
|
page read and write
|
||
|
10CA000
|
heap
|
page read and write
|
||
|
24B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B897000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B74F000
|
stack
|
page read and write
|
||
|
1AB30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C86000
|
trusted library allocation
|
page read and write
|
||
|
1C294000
|
heap
|
page read and write
|
||
|
131F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page read and write
|
||
|
1BFD2000
|
heap
|
page read and write
|
||
|
2C0B000
|
trusted library allocation
|
page read and write
|
||
|
1C259000
|
heap
|
page read and write
|
||
|
1B6BE000
|
stack
|
page read and write
|
||
|
12D5D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
5F6000
|
stack
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
1C3C7000
|
heap
|
page read and write
|
||
|
7FFD9B6C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AF0E000
|
stack
|
page read and write
|
||
|
1CCEB000
|
stack
|
page read and write
|
||
|
12CC000
|
heap
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
7FFD9B6E7000
|
trusted library allocation
|
page read and write
|
||
|
1A720000
|
trusted library allocation
|
page read and write
|
||
|
1B530000
|
heap
|
page execute and read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED7000
|
heap
|
page read and write
|
||
|
118F000
|
stack
|
page read and write
|
||
|
1BFA3000
|
stack
|
page read and write
|
||
|
7FFD9B6C3000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
12BB8000
|
trusted library allocation
|
page read and write
|
||
|
1C4EE000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
1C030000
|
heap
|
page read and write
|
||
|
7FFD9B7B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
1C0AA000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
DDB000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
27A6000
|
trusted library allocation
|
page read and write
|
||
|
1BCAE000
|
stack
|
page read and write
|
||
|
126F8000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
7FFD9B766000
|
trusted library allocation
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
126F3000
|
trusted library allocation
|
page read and write
|
||
|
1C50B000
|
heap
|
page read and write
|
||
|
7FFD9B871000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
heap
|
page execute and read and write
|
||
|
1CAED000
|
stack
|
page read and write
|
||
|
7FFD9B7EF000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6F4000
|
trusted library allocation
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1B52E000
|
stack
|
page read and write
|
||
|
7FFD9B883000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B886000
|
trusted library allocation
|
page read and write
|
||
|
DC8000
|
heap
|
page read and write
|
||
|
2793000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C4000
|
trusted library allocation
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
27BA000
|
trusted library allocation
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
7FFD9B786000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
2609000
|
trusted library allocation
|
page read and write
|
||
|
12C6000
|
heap
|
page read and write
|
||
|
7FFD9B893000
|
trusted library allocation
|
page read and write
|
||
|
1C545000
|
heap
|
page read and write
|
||
|
1C33F000
|
heap
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page execute and read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page execute and read and write
|
||
|
1C3FB000
|
heap
|
page read and write
|
||
|
7FFD9B86C000
|
trusted library allocation
|
page read and write
|
||
|
37BF000
|
trusted library allocation
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
7FFD9B77C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B6BE000
|
stack
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B871000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
7FFD9B86C000
|
trusted library allocation
|
page read and write
|
||
|
2603000
|
trusted library allocation
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
7FFD9B6FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
131E8000
|
trusted library allocation
|
page read and write
|
||
|
10D2000
|
heap
|
page read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B85C000
|
trusted library allocation
|
page read and write
|
||
|
36A7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7E8000
|
trusted library allocation
|
page execute and read and write
|
||
|
68E000
|
heap
|
page read and write
|
||
|
7FFD9B7F4000
|
trusted library allocation
|
page execute and read and write
|
||
|
37AB000
|
trusted library allocation
|
page read and write
|
||
|
1C312000
|
heap
|
page read and write
|
||
|
7FFD9B71C000
|
trusted library allocation
|
page execute and read and write
|
||
|
D7F000
|
stack
|
page read and write
|
||
|
1C394000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
35FA000
|
trusted library allocation
|
page read and write
|
||
|
1B09E000
|
stack
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C2CC000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
EF8000
|
heap
|
page read and write
|
||
|
7FFD9B6B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BB1000
|
trusted library allocation
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
12543000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B85A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6B2000
|
trusted library allocation
|
page read and write
|
||
|
1C011000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
1B7BF000
|
stack
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
1A700000
|
trusted library allocation
|
page read and write
|
||
|
10FC000
|
heap
|
page read and write
|
||
|
1C45C000
|
heap
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
1C4E4000
|
heap
|
page read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page execute and read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
1B9B4000
|
stack
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7BF000
|
stack
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
DFC000
|
heap
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
7FFD9B786000
|
trusted library allocation
|
page read and write
|
||
|
126D1000
|
trusted library allocation
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
CC2000
|
unkown
|
page readonly
|
||
|
7FFD9B87C000
|
trusted library allocation
|
page read and write
|
||
|
1B40E000
|
stack
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
1B50E000
|
stack
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
9D3000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
1B5B0000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
1B303000
|
stack
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1C005000
|
heap
|
page read and write
|
||
|
126DD000
|
trusted library allocation
|
page read and write
|
||
|
1C42E000
|
heap
|
page read and write
|
||
|
A0C000
|
heap
|
page read and write
|
||
|
1B6D0000
|
heap
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
12D51000
|
trusted library allocation
|
page read and write
|
||
|
1AC7C000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7FFD9B6D7000
|
trusted library allocation
|
page read and write
|
||
|
16BE000
|
stack
|
page read and write
|
||
|
259C000
|
trusted library allocation
|
page read and write
|
||
|
1C047000
|
heap
|
page read and write
|
||
|
7FFD9B6D7000
|
trusted library allocation
|
page read and write
|
||
|
1AC5D000
|
stack
|
page read and write
|
||
|
126F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6DC000
|
trusted library allocation
|
page read and write
|
||
|
DFE000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
12BBD000
|
trusted library allocation
|
page read and write
|
||
|
2B5C000
|
trusted library allocation
|
page read and write
|
||
|
27B1000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
1BAB3000
|
stack
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B8000
|
trusted library allocation
|
page read and write
|
||
|
2615000
|
trusted library allocation
|
page read and write
|
||
|
1C050000
|
heap
|
page read and write
|
||
|
7FFD9B86C000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
1C2B7000
|
heap
|
page read and write
|
||
|
E9E000
|
heap
|
page read and write
|
||
|
12BB3000
|
trusted library allocation
|
page read and write
|
||
|
1C096000
|
heap
|
page read and write
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
1254D000
|
trusted library allocation
|
page read and write
|
||
|
1B7DE000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page execute and read and write
|
||
|
1CBEE000
|
stack
|
page read and write
|
||
|
7FFD9B6E3000
|
trusted library allocation
|
page read and write
|
||
|
E34000
|
heap
|
page read and write
|
||
|
1BDDE000
|
stack
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1142000
|
heap
|
page read and write
|
||
|
87A000
|
heap
|
page read and write
|
||
|
2E1E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B89B000
|
trusted library allocation
|
page read and write
|
||
|
101F000
|
stack
|
page read and write
|
||
|
26EE000
|
stack
|
page read and write
|
||
|
7FFD9B7A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBD4000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
12B08000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
1B543000
|
stack
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78C000
|
trusted library allocation
|
page execute and read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
370D000
|
trusted library allocation
|
page read and write
|
||
|
1C37B000
|
heap
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
9DF000
|
heap
|
page read and write
|
||
|
126D8000
|
trusted library allocation
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
34EB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B72C000
|
trusted library allocation
|
page execute and read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page read and write
|
||
|
2510000
|
heap
|
page execute and read and write
|
||
|
2AF0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B883000
|
trusted library allocation
|
page read and write
|
||
|
330B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7F4000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DA6000
|
trusted library allocation
|
page read and write
|
||
|
1ABE0000
|
trusted library allocation
|
page read and write
|
||
|
1C237000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6E4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
279A000
|
trusted library allocation
|
page read and write
|
||
|
2DAC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6EC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A2000
|
trusted library allocation
|
page read and write
|
||
|
1C266000
|
heap
|
page read and write
|
||
|
7FFD9B6C4000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6DC000
|
trusted library allocation
|
page read and write
|
||
|
1C4F6000
|
heap
|
page read and write
|
||
|
1C00C000
|
heap
|
page read and write
|
||
|
37BD000
|
trusted library allocation
|
page read and write
|
||
|
27BD000
|
trusted library allocation
|
page read and write
|
||
|
1C429000
|
heap
|
page read and write
|
||
|
1B34E000
|
stack
|
page read and write
|
||
|
27C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7F1000
|
trusted library allocation
|
page execute and read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C498000
|
heap
|
page read and write
|
||
|
7FFD9B71C000
|
trusted library allocation
|
page execute and read and write
|
||
|
17BE000
|
stack
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B72C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6D7000
|
trusted library allocation
|
page read and write
|
||
|
2C71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B853000
|
trusted library allocation
|
page read and write
|
||
|
1C2A7000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page execute and read and write
|
||
|
1B4CE000
|
stack
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C46D000
|
heap
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
34AC000
|
trusted library allocation
|
page read and write
|
||
|
1099000
|
heap
|
page read and write
|
||
|
7FFD9B6BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B71C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1337000
|
heap
|
page read and write
|
||
|
7FFD9B7EF000
|
trusted library allocation
|
page execute and read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
1B62E000
|
stack
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
131ED000
|
trusted library allocation
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
EC9000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
7FFD9B6E3000
|
trusted library allocation
|
page read and write
|
||
|
1C5BA000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
1B00F000
|
stack
|
page read and write
|
||
|
1B5B0000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
1B10E000
|
stack
|
page read and write
|
||
|
1C57C000
|
heap
|
page read and write
|
||
|
248F000
|
stack
|
page read and write
|
||
|
7FFD9B7B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B6000
|
stack
|
page read and write
|
||
|
7FFD9B6C7000
|
trusted library allocation
|
page read and write
|
||
|
7FF4B8AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1F0000
|
heap
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
12B01000
|
trusted library allocation
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
7FFD9B6E4000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
7FFD9B7F4000
|
trusted library allocation
|
page execute and read and write
|
There are 652 hidden memdumps, click here to show them.