Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
5daucomrx8.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\LinkGuard Dynamics\SecureHawk.js
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\LinkGuard Dynamics\SecureHawk.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\LinkGuard Dynamics\r
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\369580\Origin.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\369580\Z
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Bdsm
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Convenience
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Dental
|
OpenPGP Public Key
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Falls
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fight
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Fighting
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Joke
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\June
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Mask
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Massachusetts
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Outreach
|
hp200 (68010) BSD
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Radius
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Severe
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Sig
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Stockings
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Vendor
|
data
|
dropped
|
|
|
|
C:\Windows\System32\GroupPolicy\GPT.INI
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Alot
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Beginning
|
DOS executable (COM)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Buck
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Chad
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Consecutive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Creator
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Cruises
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Double
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Emotions
|
ASCII text, with very long lines (1341), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Emotions.cmd
|
ASCII text, with very long lines (1341), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Favourite
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Genre
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Hay
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Instance
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Kde
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Lcd
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Older
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Opposition
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Participants
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Portraits
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Quebec
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Race
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Referring
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Richmond
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Seek
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Sn
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Studios
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Tags
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Thereof
|
Matlab v4 mat-file (little endian) , numeric, rows 0, columns 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Things
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Tokyo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Violence
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\GroupPolicy\gpt.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\GroupPolicy\Machine\Registry.pol
|
RAGE Package Format (RPF),
|
dropped
|
There are 47 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\5daucomrx8.exe
|
"C:\Users\user\Desktop\5daucomrx8.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k copy Emotions Emotions.cmd & Emotions.cmd & exit
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "wrsa.exe opssvc.exe"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "avastui.exe avgui.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c md 369580
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /V "MaskBathroomsCompoundInjection" Participants
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b Massachusetts + Radius + Dental + Vendor + Fighting + June + Stockings + Convenience + Falls + Joke + Mask
+ Severe + Outreach + Sig + Bdsm 369580\Z
|
|
|
|
C:\Users\user\AppData\Local\Temp\369580\Origin.pif
|
369580\Origin.pif 369580\Z
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks.exe /create /tn "SecureHawk" /tr "wscript //B 'C:\Users\user\AppData\Local\LinkGuard Dynamics\SecureHawk.js'" /sc
onlogon /F /RL HIGHEST
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\LinkGuard Dynamics\SecureHawk.js"
|
|
|
|
C:\Users\user\AppData\Local\LinkGuard Dynamics\SecureHawk.pif
|
"C:\Users\user\AppData\Local\LinkGuard Dynamics\SecureHawk.pif" "C:\Users\user\AppData\Local\LinkGuard Dynamics\r"
|
|
|
|
C:\Users\user\AppData\Local\Temp\369580\Origin.pif
|
C:\Users\user\AppData\Local\Temp\369580\Origin.pif
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\timeout.exe
|
timeout 15
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
https://t.me/RiseProSUPPORT
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://ipinfo.io/
|
unknown
|
||
|
https://www.maxmind.com/en/locate-my-ip-address
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
jZFqZYoOtpryMyRHD.jZFqZYoOtpryMyRHD
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
3.36.173.8
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions
|
Exclusions_Extensions
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions\Extensions
|
exe
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableAntiSpyware
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableRoutinelyTakingAction
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableBehaviorMonitoring
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableOnAccessProtection
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableScanOnRealtimeEnable
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRealtimeMonitoring
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableIOAVProtection
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{52D21685-6F41-4E1C-A1BC-43C6191BF968}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRawWriteNotification
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
There are 1 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6A2000
|
heap
|
page read and write
|
||
|
526000
|
heap
|
page read and write
|
||
|
1826000
|
trusted library allocation
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
1821000
|
trusted library allocation
|
page read and write
|
||
|
1787000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
28F1000
|
heap
|
page read and write
|
||
|
328E000
|
heap
|
page read and write
|
||
|
3AC0000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
47AB000
|
trusted library allocation
|
page read and write
|
||
|
185A000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
182B000
|
trusted library allocation
|
page read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
1784000
|
trusted library allocation
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
28F2000
|
heap
|
page read and write
|
||
|
B0C000
|
stack
|
page read and write
|
||
|
47B9000
|
trusted library allocation
|
page read and write
|
||
|
184D000
|
trusted library allocation
|
page read and write
|
||
|
178E000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
2D05000
|
heap
|
page read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3A9E000
|
heap
|
page read and write
|
||
|
178C000
|
trusted library allocation
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
182A000
|
trusted library allocation
|
page read and write
|
||
|
183C000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
28F6000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
2D0C3AAF000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
AA1000
|
unkown
|
page execute read
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
28FC000
|
heap
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
28FC000
|
heap
|
page read and write
|
||
|
1822000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
28FF000
|
heap
|
page read and write
|
||
|
B68000
|
unkown
|
page readonly
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
E2B04FF000
|
stack
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
178B000
|
trusted library allocation
|
page read and write
|
||
|
3E00000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3ADD000
|
heap
|
page read and write
|
||
|
28FE000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
598000
|
heap
|
page read and write
|
||
|
178C000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1781000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
AA0000
|
unkown
|
page readonly
|
||
|
182B000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
14ED000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
2D0C3AD2000
|
heap
|
page read and write
|
||
|
185C000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1782000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3A00000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
86E000
|
stack
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
3D00000
|
heap
|
page read and write
|
||
|
2D0C39D0000
|
heap
|
page read and write
|
||
|
425F000
|
heap
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
B68000
|
unkown
|
page readonly
|
||
|
2D0C3AD5000
|
heap
|
page read and write
|
||
|
3912000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1859000
|
trusted library allocation
|
page read and write
|
||
|
38D0000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
28FB000
|
heap
|
page read and write
|
||
|
13B5000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
28FD000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
2D0C3AA6000
|
heap
|
page read and write
|
||
|
1789000
|
trusted library allocation
|
page read and write
|
||
|
1243000
|
heap
|
page read and write
|
||
|
1785000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3AA6000
|
heap
|
page read and write
|
||
|
2D0C3AA6000
|
heap
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
47D9000
|
trusted library allocation
|
page read and write
|
||
|
148B000
|
heap
|
page read and write
|
||
|
1429000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
178A000
|
trusted library allocation
|
page read and write
|
||
|
28F6000
|
heap
|
page read and write
|
||
|
178F000
|
trusted library allocation
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
1615000
|
heap
|
page read and write
|
||
|
B55000
|
unkown
|
page readonly
|
||
|
1848000
|
trusted library allocation
|
page read and write
|
||
|
183B000
|
trusted library allocation
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
1786000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1837000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
28FF000
|
heap
|
page read and write
|
||
|
46F1000
|
trusted library allocation
|
page read and write
|
||
|
1839000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
1784000
|
trusted library allocation
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
8F9000
|
stack
|
page read and write
|
||
|
178E000
|
trusted library allocation
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
28F3000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
3B3000
|
unkown
|
page write copy
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
1789000
|
trusted library allocation
|
page read and write
|
||
|
1846000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
3844000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
36C0000
|
heap
|
page read and write
|
||
|
E2B05FE000
|
stack
|
page read and write
|
||
|
41D4000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
2D0C3ADD000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
1818000
|
trusted library allocation
|
page read and write
|
||
|
1789000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
AA0000
|
unkown
|
page readonly
|
||
|
1288000
|
heap
|
page read and write
|
||
|
1783000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
4660000
|
heap
|
page read and write
|
||
|
2D0C3A91000
|
heap
|
page read and write
|
||
|
28F4000
|
heap
|
page read and write
|
||
|
588F000
|
stack
|
page read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
184F000
|
trusted library allocation
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
28F5000
|
heap
|
page read and write
|
||
|
31CF000
|
stack
|
page read and write
|
||
|
182F000
|
trusted library allocation
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
3FD7000
|
heap
|
page read and write
|
||
|
1592000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2D0C3ADD000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
FFC000
|
stack
|
page read and write
|
||
|
46F1000
|
trusted library allocation
|
page read and write
|
||
|
18AD000
|
trusted library allocation
|
page read and write
|
||
|
E2B06FE000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
41D4000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
1784000
|
trusted library allocation
|
page read and write
|
||
|
79F000
|
stack
|
page read and write
|
||
|
185A000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
18F9000
|
trusted library allocation
|
page read and write
|
||
|
178C000
|
trusted library allocation
|
page read and write
|
||
|
1789000
|
trusted library allocation
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
13A4000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
E2B07FE000
|
stack
|
page read and write
|
||
|
1781000
|
trusted library allocation
|
page read and write
|
||
|
AA1000
|
unkown
|
page execute read
|
||
|
1782000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
E2B01FD000
|
stack
|
page read and write
|
||
|
1134000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
6E3000
|
heap
|
page read and write
|
||
|
28F4000
|
heap
|
page read and write
|
||
|
B63000
|
unkown
|
page write copy
|
||
|
4441000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
3FD0000
|
heap
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
1784000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
4E7D000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
190C000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
1826000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
1819000
|
trusted library allocation
|
page read and write
|
||
|
5DB000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
B55000
|
unkown
|
page readonly
|
||
|
E70000
|
heap
|
page read and write
|
||
|
182C000
|
trusted library allocation
|
page read and write
|
||
|
1828000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
4108000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
28F7000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1813000
|
trusted library allocation
|
page read and write
|
||
|
178A000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
185C000
|
trusted library allocation
|
page read and write
|
||
|
41D4000
|
heap
|
page read and write
|
||
|
46F1000
|
trusted library allocation
|
page read and write
|
||
|
190C000
|
trusted library allocation
|
page read and write
|
||
|
46F8000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
183E000
|
trusted library allocation
|
page read and write
|
||
|
28F2000
|
heap
|
page read and write
|
||
|
5AE000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1788000
|
trusted library allocation
|
page read and write
|
||
|
1292000
|
heap
|
page read and write
|
||
|
1833000
|
trusted library allocation
|
page read and write
|
||
|
28F1000
|
heap
|
page read and write
|
||
|
183B000
|
trusted library allocation
|
page read and write
|
||
|
AA1000
|
unkown
|
page execute read
|
||
|
1783000
|
trusted library allocation
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
454E000
|
stack
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
1524000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
2D0C3ADA000
|
heap
|
page read and write
|
||
|
3E00000
|
trusted library allocation
|
page read and write
|
||
|
E2B00FA000
|
stack
|
page read and write
|
||
|
30B9000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
B5F000
|
unkown
|
page write copy
|
||
|
37C0000
|
heap
|
page read and write
|
||
|
18AB000
|
trusted library allocation
|
page read and write
|
||
|
497000
|
unkown
|
page read and write
|
||
|
2D0C3A78000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
2D0C3DA5000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1788000
|
trusted library allocation
|
page read and write
|
||
|
12B9000
|
heap
|
page read and write
|
||
|
1827000
|
trusted library allocation
|
page read and write
|
||
|
1782000
|
trusted library allocation
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
1785000
|
trusted library allocation
|
page read and write
|
||
|
178A000
|
trusted library allocation
|
page read and write
|
||
|
1832000
|
trusted library allocation
|
page read and write
|
||
|
1785000
|
trusted library allocation
|
page read and write
|
||
|
BBC000
|
stack
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
182D000
|
trusted library allocation
|
page read and write
|
||
|
FDD000
|
stack
|
page read and write
|
||
|
1783000
|
trusted library allocation
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
2D0C3AC9000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
220E000
|
stack
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
2D0C3ADD000
|
heap
|
page read and write
|
||
|
28F8000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
6CE000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
4630000
|
heap
|
page read and write
|
||
|
18B3000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
2D0C3AC7000
|
heap
|
page read and write
|
||
|
184E000
|
trusted library allocation
|
page read and write
|
||
|
183A000
|
trusted library allocation
|
page read and write
|
||
|
178D000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
41D4000
|
heap
|
page read and write
|
||
|
3E00000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3AD4000
|
heap
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3ADB000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
34DC000
|
stack
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
2D0C3AD9000
|
heap
|
page read and write
|
||
|
1782000
|
trusted library allocation
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
159C000
|
heap
|
page read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
E2B09FE000
|
stack
|
page read and write
|
||
|
2F1000
|
unkown
|
page execute read
|
||
|
4441000
|
heap
|
page read and write
|
||
|
4012000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
1786000
|
trusted library allocation
|
page read and write
|
||
|
126F000
|
heap
|
page read and write
|
||
|
460F000
|
stack
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
14C3000
|
heap
|
page read and write
|
||
|
46F1000
|
trusted library allocation
|
page read and write
|
||
|
412C000
|
heap
|
page read and write
|
||
|
B63000
|
unkown
|
page write copy
|
||
|
13B5000
|
heap
|
page read and write
|
||
|
28F3000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
1781000
|
trusted library allocation
|
page read and write
|
||
|
18EF000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
1786000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
28FD000
|
heap
|
page read and write
|
||
|
4B10000
|
heap
|
page read and write
|
||
|
3D42000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
1273000
|
heap
|
page read and write
|
||
|
18CE000
|
trusted library allocation
|
page read and write
|
||
|
1865000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3A98000
|
heap
|
page read and write
|
||
|
1845000
|
trusted library allocation
|
page read and write
|
||
|
1841000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
37AA000
|
heap
|
page read and write
|
||
|
4323000
|
heap
|
page read and write
|
||
|
28FE000
|
heap
|
page read and write
|
||
|
178B000
|
trusted library allocation
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
3954000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
127D000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1789000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
1787000
|
trusted library allocation
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
1822000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
181D000
|
trusted library allocation
|
page read and write
|
||
|
40EA000
|
heap
|
page read and write
|
||
|
178E000
|
trusted library allocation
|
page read and write
|
||
|
1831000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3ACC000
|
heap
|
page read and write
|
||
|
4054000
|
heap
|
page read and write
|
||
|
B5F000
|
unkown
|
page write copy
|
||
|
2D0C3AD6000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
1788000
|
trusted library allocation
|
page read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
B55000
|
unkown
|
page readonly
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1789000
|
trusted library allocation
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
178F000
|
trusted library allocation
|
page read and write
|
||
|
182A000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3AD4000
|
heap
|
page read and write
|
||
|
1845000
|
trusted library allocation
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
2D0C3ACE000
|
heap
|
page read and write
|
||
|
2D0C3D60000
|
heap
|
page read and write
|
||
|
33DC000
|
stack
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
B5F000
|
unkown
|
page write copy
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
28F7000
|
heap
|
page read and write
|
||
|
2D0C3A9E000
|
heap
|
page read and write
|
||
|
1786000
|
trusted library allocation
|
page read and write
|
||
|
28F8000
|
heap
|
page read and write
|
||
|
B4C000
|
stack
|
page read and write
|
||
|
46F1000
|
trusted library allocation
|
page read and write
|
||
|
181E000
|
trusted library allocation
|
page read and write
|
||
|
1294000
|
heap
|
page read and write
|
||
|
178C000
|
trusted library allocation
|
page read and write
|
||
|
49C4000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
178F000
|
trusted library allocation
|
page read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
2D0C3ABC000
|
heap
|
page read and write
|
||
|
32AB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1831000
|
trusted library allocation
|
page read and write
|
||
|
5CA000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
B63000
|
unkown
|
page write copy
|
||
|
1781000
|
trusted library allocation
|
page read and write
|
||
|
47E1000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3A91000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
1786000
|
trusted library allocation
|
page read and write
|
||
|
184B000
|
trusted library allocation
|
page read and write
|
||
|
28F3000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
1847000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
2D0C3A9D000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
2D0C3A8C000
|
heap
|
page read and write
|
||
|
18DD000
|
trusted library allocation
|
page read and write
|
||
|
183A000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
4096000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
3AF000
|
unkown
|
page write copy
|
||
|
32BC000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
3837000
|
heap
|
page read and write
|
||
|
1787000
|
trusted library allocation
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
178E000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1273000
|
heap
|
page read and write
|
||
|
3186000
|
heap
|
page read and write
|
||
|
AA0000
|
unkown
|
page readonly
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
18D8000
|
trusted library allocation
|
page read and write
|
||
|
49C000
|
stack
|
page read and write
|
||
|
192F000
|
trusted library allocation
|
page read and write
|
||
|
1257000
|
heap
|
page read and write
|
||
|
1845000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
1846000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
192D000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
F90000
|
remote allocation
|
page execute and read and write
|
||
|
2D0C3A70000
|
heap
|
page read and write
|
||
|
40A8000
|
heap
|
page read and write
|
||
|
28FE000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
28FA000
|
heap
|
page read and write
|
||
|
2D0C3ABC000
|
heap
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
41D4000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
1787000
|
trusted library allocation
|
page read and write
|
||
|
1849000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1546000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1814000
|
trusted library allocation
|
page read and write
|
||
|
1784000
|
trusted library allocation
|
page read and write
|
||
|
183D000
|
trusted library allocation
|
page read and write
|
||
|
1789000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
E2B08FE000
|
stack
|
page read and write
|
||
|
3B8000
|
unkown
|
page readonly
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1859000
|
trusted library allocation
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
12AC000
|
heap
|
page read and write
|
||
|
183D000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
307F000
|
stack
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
1508000
|
heap
|
page read and write
|
||
|
41F000
|
unkown
|
page read and write
|
||
|
184C000
|
trusted library allocation
|
page read and write
|
||
|
178B000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
339F000
|
stack
|
page read and write
|
||
|
18BE000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
2D0C3AD6000
|
heap
|
page read and write
|
||
|
B68000
|
unkown
|
page readonly
|
||
|
3278000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
28F6000
|
heap
|
page read and write
|
||
|
1784000
|
trusted library allocation
|
page read and write
|
||
|
3A5000
|
unkown
|
page readonly
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
48A2000
|
trusted library allocation
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3AC6000
|
heap
|
page read and write
|
||
|
2D0C3A98000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1788000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
28F8000
|
heap
|
page read and write
|
||
|
28F6000
|
heap
|
page read and write
|
||
|
39BD000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
178F000
|
trusted library allocation
|
page read and write
|
||
|
47CD000
|
trusted library allocation
|
page read and write
|
||
|
E2B02FE000
|
stack
|
page read and write
|
||
|
48AF000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
28FA000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
28FF000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
1849000
|
trusted library allocation
|
page read and write
|
||
|
28F1000
|
heap
|
page read and write
|
||
|
182D000
|
trusted library allocation
|
page read and write
|
||
|
178B000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3A97000
|
heap
|
page read and write
|
||
|
1846000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
2F0000
|
unkown
|
page readonly
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1785000
|
trusted library allocation
|
page read and write
|
||
|
429B000
|
heap
|
page read and write
|
||
|
4FAF000
|
stack
|
page read and write
|
||
|
75B000
|
stack
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
12B9000
|
heap
|
page read and write
|
||
|
18DC000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
28F4000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
FCD000
|
stack
|
page read and write
|
||
|
1855000
|
trusted library allocation
|
page read and write
|
||
|
14B9000
|
heap
|
page read and write
|
||
|
4DBC000
|
heap
|
page read and write
|
||
|
2D0C3AD6000
|
heap
|
page read and write
|
||
|
2D0C3AA6000
|
heap
|
page read and write
|
||
|
1F10000
|
heap
|
page read and write
|
||
|
4894000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3DA0000
|
heap
|
page read and write
|
||
|
1828000
|
trusted library allocation
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
1348000
|
heap
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
149E000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
2D0C3AA6000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
3A5000
|
unkown
|
page readonly
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
28FE000
|
heap
|
page read and write
|
||
|
192D000
|
trusted library allocation
|
page read and write
|
||
|
28F6000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
1830000
|
trusted library allocation
|
page read and write
|
||
|
178B000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3DAD000
|
heap
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
||
|
28FD000
|
heap
|
page read and write
|
||
|
2F0000
|
unkown
|
page readonly
|
||
|
2D0C5890000
|
heap
|
page read and write
|
||
|
28F3000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
12AF000
|
heap
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
48C9000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
161D000
|
heap
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
BFC000
|
stack
|
page read and write
|
||
|
F8B000
|
stack
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
461000
|
unkown
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
1823000
|
trusted library allocation
|
page read and write
|
||
|
3E00000
|
trusted library allocation
|
page read and write
|
||
|
1786000
|
trusted library allocation
|
page read and write
|
||
|
1784000
|
trusted library allocation
|
page read and write
|
||
|
3AF000
|
unkown
|
page read and write
|
||
|
178C000
|
trusted library allocation
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
3802000
|
heap
|
page read and write
|
||
|
18AE000
|
trusted library allocation
|
page read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
1841000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
2D0C3AC7000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
2F1000
|
unkown
|
page execute read
|
||
|
28EF000
|
stack
|
page read and write
|
||
|
28FB000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
28FE000
|
heap
|
page read and write
|
||
|
2D0C3ABE000
|
heap
|
page read and write
|
||
|
429E000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
413E000
|
heap
|
page read and write
|
||
|
184B000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
28F6000
|
heap
|
page read and write
|
||
|
534D000
|
stack
|
page read and write
|
||
|
308F000
|
stack
|
page read and write
|
||
|
2D0C3A98000
|
heap
|
page read and write
|
||
|
178F000
|
trusted library allocation
|
page read and write
|
||
|
1850000
|
trusted library allocation
|
page read and write
|
||
|
28F5000
|
heap
|
page read and write
|
||
|
30B7000
|
heap
|
page read and write
|
||
|
3B8000
|
unkown
|
page readonly
|
||
|
1816000
|
trusted library allocation
|
page read and write
|
||
|
2D0C3A9E000
|
heap
|
page read and write
|
||
|
4E6F000
|
heap
|
page read and write
|
||
|
15DA000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
1252000
|
heap
|
page read and write
|
||
|
4441000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
5DF000
|
heap
|
page read and write
|
||
|
183A000
|
trusted library allocation
|
page read and write
|
||
|
15BA000
|
heap
|
page read and write
|
||
|
1309000
|
heap
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
3886000
|
heap
|
page read and write
|
||
|
1273000
|
heap
|
page read and write
|
||
|
28F5000
|
heap
|
page read and write
|
||
|
45C000
|
stack
|
page read and write
|
||
|
A3D000
|
stack
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
2D0C39E0000
|
heap
|
page read and write
|
||
|
2D0C3AAE000
|
heap
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
39A6000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
There are 710 hidden memdumps, click here to show them.