Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
WIpGif4IRrFfamQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\WIpGif4IRrFfamQ.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp5423.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\AcEnrS.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\AcEnrS.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_AcEnrS.exe_2dc6f3615384b0b820f49419bdfb62c78a16395_3aa1fe28_e2f6bfb4-8e3b-4930-9192-70b04bf6ea22\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7D66.tmp.dmp
|
Mini DuMP crash report, 15 streams, Tue Oct 1 08:55:19 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7EDE.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7F2D.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AcEnrS.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_141esvdq.2sr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3mslla4e.bun.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_axf4oqit.uho.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jsfpo23f.5dm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lpnetthu.zlr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mlfkkmvf.l5m.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tbtjyv2p.3cq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wqeusgs0.ea2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp6B55.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\WIpGif4IRrFfamQ.exe
|
"C:\Users\user\Desktop\WIpGif4IRrFfamQ.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\WIpGif4IRrFfamQ.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\AcEnrS.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\AcEnrS" /XML "C:\Users\user\AppData\Local\Temp\tmp5423.tmp"
|
|
|
|
C:\Users\user\Desktop\WIpGif4IRrFfamQ.exe
|
"C:\Users\user\Desktop\WIpGif4IRrFfamQ.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\AcEnrS.exe
|
C:\Users\user\AppData\Roaming\AcEnrS.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\AcEnrS" /XML "C:\Users\user\AppData\Local\Temp\tmp6B55.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\AcEnrS.exe
|
"C:\Users\user\AppData\Roaming\AcEnrS.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7708 -s 1500
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://aborters.duckdns.org:8081
|
unknown
|
|
|
|
http://anotherarmy.dns.army:8081
|
unknown
|
|
|
|
https://www.office.com/
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:065367%0D%0ADate%20a
|
unknown
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:065367%0D%0ADate%20and%20Time:%2002/10/2024%20/%2021:40:19%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20065367%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://r10.o.lencr.org0#
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enx
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://mail.pymetal.net
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://www.office.com/x
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
http://51.38.247.67:8081/_send_.php?L
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlB
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://r10.i.lencr.org/0
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 29 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
mail.pymetal.net
|
75.102.58.14
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.6.168
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
75.102.58.14
|
mail.pymetal.net
|
United States
|
|
|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\WIpGif4IRrFfamQ_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\AcEnrS_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4087000
|
trusted library allocation
|
page read and write
|
|
|
|
2E11000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
4C66000
|
trusted library allocation
|
page read and write
|
|
|
|
2A71000
|
trusted library allocation
|
page read and write
|
|
|
|
BD2000
|
unkown
|
page readonly
|
||
|
D51E000
|
stack
|
page read and write
|
||
|
2DB8000
|
trusted library allocation
|
page read and write
|
||
|
3E9A000
|
trusted library allocation
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
49D1000
|
trusted library allocation
|
page read and write
|
||
|
30FD000
|
trusted library allocation
|
page read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
7140000
|
heap
|
page read and write
|
||
|
EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DCC000
|
stack
|
page read and write
|
||
|
5F9E000
|
stack
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
1414000
|
trusted library allocation
|
page read and write
|
||
|
DEFB000
|
stack
|
page read and write
|
||
|
C8BD000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
4168000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
trusted library allocation
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
49B0000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
D4F000
|
heap
|
page read and write
|
||
|
CEEC000
|
stack
|
page read and write
|
||
|
2EF7000
|
trusted library allocation
|
page read and write
|
||
|
D72000
|
heap
|
page read and write
|
||
|
69EE000
|
stack
|
page read and write
|
||
|
3A99000
|
trusted library allocation
|
page read and write
|
||
|
6C94000
|
trusted library allocation
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
54FE000
|
stack
|
page read and write
|
||
|
7340000
|
heap
|
page read and write
|
||
|
2D4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
735D000
|
heap
|
page read and write
|
||
|
EFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3091000
|
trusted library allocation
|
page read and write
|
||
|
9FF5000
|
trusted library allocation
|
page read and write
|
||
|
4B6E000
|
stack
|
page read and write
|
||
|
419A000
|
trusted library allocation
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D9F000
|
heap
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page read and write
|
||
|
2FC4000
|
trusted library allocation
|
page read and write
|
||
|
6B44000
|
trusted library allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
646E000
|
stack
|
page read and write
|
||
|
40F0000
|
trusted library allocation
|
page read and write
|
||
|
69B000
|
stack
|
page read and write
|
||
|
864000
|
heap
|
page read and write
|
||
|
30CD000
|
trusted library allocation
|
page read and write
|
||
|
CA0E000
|
stack
|
page read and write
|
||
|
66B0000
|
heap
|
page read and write
|
||
|
609E000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
70D000
|
stack
|
page read and write
|
||
|
16FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
49BE000
|
trusted library allocation
|
page read and write
|
||
|
D06E000
|
stack
|
page read and write
|
||
|
6B4A000
|
trusted library allocation
|
page read and write
|
||
|
2A2D000
|
stack
|
page read and write
|
||
|
57E0000
|
heap
|
page execute and read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
||
|
DB1E000
|
stack
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page read and write
|
||
|
2F1A000
|
trusted library allocation
|
page read and write
|
||
|
D2A000
|
stack
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
49D6000
|
trusted library allocation
|
page read and write
|
||
|
125D000
|
trusted library allocation
|
page execute and read and write
|
||
|
ACD000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E5000
|
heap
|
page read and write
|
||
|
DC5E000
|
stack
|
page read and write
|
||
|
7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
4FA2000
|
trusted library allocation
|
page read and write
|
||
|
4B00000
|
trusted library section
|
page readonly
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
3E11000
|
trusted library allocation
|
page read and write
|
||
|
299B000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
3E9D000
|
trusted library allocation
|
page read and write
|
||
|
AE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
41B7000
|
trusted library allocation
|
page read and write
|
||
|
D75E000
|
stack
|
page read and write
|
||
|
30C7000
|
trusted library allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
310E000
|
trusted library allocation
|
page read and write
|
||
|
413A000
|
trusted library allocation
|
page read and write
|
||
|
6B30000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
heap
|
page execute and read and write
|
||
|
1376000
|
trusted library allocation
|
page execute and read and write
|
||
|
29C0000
|
heap
|
page execute and read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
C38E000
|
stack
|
page read and write
|
||
|
4C24000
|
trusted library allocation
|
page read and write
|
||
|
682F000
|
stack
|
page read and write
|
||
|
308D000
|
trusted library allocation
|
page read and write
|
||
|
7B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
577000
|
stack
|
page read and write
|
||
|
9BF000
|
stack
|
page read and write
|
||
|
11B2000
|
heap
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
C7BD000
|
stack
|
page read and write
|
||
|
16F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A70000
|
heap
|
page read and write
|
||
|
3FFA000
|
trusted library allocation
|
page read and write
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
5296000
|
trusted library allocation
|
page read and write
|
||
|
136F000
|
stack
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page read and write
|
||
|
2F76000
|
trusted library allocation
|
page read and write
|
||
|
52BD000
|
trusted library allocation
|
page read and write
|
||
|
41B1000
|
trusted library allocation
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
40E1000
|
trusted library allocation
|
page read and write
|
||
|
7842000
|
trusted library allocation
|
page read and write
|
||
|
34D1000
|
trusted library allocation
|
page read and write
|
||
|
34B9000
|
trusted library allocation
|
page read and write
|
||
|
4FAD000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
56B2000
|
trusted library allocation
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
trusted library allocation
|
page read and write
|
||
|
1703000
|
trusted library allocation
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
CCAE000
|
stack
|
page read and write
|
||
|
D8A0000
|
heap
|
page read and write
|
||
|
2EBB000
|
stack
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
2BD8000
|
trusted library allocation
|
page read and write
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
6CF0000
|
trusted library allocation
|
page read and write
|
||
|
4184000
|
trusted library allocation
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
400D000
|
trusted library allocation
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
DFFC000
|
stack
|
page read and write
|
||
|
AC3000
|
trusted library allocation
|
page read and write
|
||
|
3096000
|
trusted library allocation
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2B24000
|
trusted library allocation
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
2B2A000
|
trusted library allocation
|
page read and write
|
||
|
52C2000
|
trusted library allocation
|
page read and write
|
||
|
C53E000
|
stack
|
page read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
2D2D000
|
stack
|
page read and write
|
||
|
CDAE000
|
stack
|
page read and write
|
||
|
700E000
|
stack
|
page read and write
|
||
|
2FCC000
|
trusted library allocation
|
page read and write
|
||
|
3499000
|
trusted library allocation
|
page read and write
|
||
|
30B9000
|
trusted library allocation
|
page read and write
|
||
|
2EB9000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
3E24000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page execute and read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
2B2D000
|
trusted library allocation
|
page read and write
|
||
|
DD5F000
|
stack
|
page read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
AD6000
|
trusted library allocation
|
page execute and read and write
|
||
|
126B000
|
heap
|
page read and write
|
||
|
2756000
|
trusted library allocation
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
3E2B000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
3F26000
|
trusted library allocation
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
FEA000
|
heap
|
page read and write
|
||
|
507E000
|
stack
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
A250000
|
trusted library section
|
page read and write
|
||
|
ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F0000
|
trusted library allocation
|
page read and write
|
||
|
3119000
|
trusted library allocation
|
page read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F68000
|
trusted library allocation
|
page read and write
|
||
|
456B000
|
stack
|
page read and write
|
||
|
2985000
|
trusted library allocation
|
page read and write
|
||
|
3A75000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
1042000
|
heap
|
page read and write
|
||
|
6B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4236000
|
trusted library allocation
|
page read and write
|
||
|
F37000
|
stack
|
page read and write
|
||
|
52B1000
|
trusted library allocation
|
page read and write
|
||
|
9FF0000
|
trusted library allocation
|
page read and write
|
||
|
1243000
|
trusted library allocation
|
page execute and read and write
|
||
|
50BE000
|
stack
|
page read and write
|
||
|
D89D000
|
stack
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
1244000
|
trusted library allocation
|
page read and write
|
||
|
6719000
|
heap
|
page read and write
|
||
|
49CE000
|
trusted library allocation
|
page read and write
|
||
|
7DF000
|
heap
|
page read and write
|
||
|
3F9E000
|
trusted library allocation
|
page read and write
|
||
|
CD9000
|
heap
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
52B0000
|
heap
|
page execute and read and write
|
||
|
2990000
|
trusted library allocation
|
page read and write
|
||
|
2FF3000
|
trusted library allocation
|
page read and write
|
||
|
2F4B000
|
trusted library allocation
|
page read and write
|
||
|
308B000
|
trusted library allocation
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
41BC000
|
trusted library allocation
|
page read and write
|
||
|
58FF000
|
stack
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
797000
|
stack
|
page read and write
|
||
|
4A73000
|
heap
|
page read and write
|
||
|
DC1E000
|
stack
|
page read and write
|
||
|
6B46000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
113D000
|
stack
|
page read and write
|
||
|
3F88000
|
trusted library allocation
|
page read and write
|
||
|
6BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4024000
|
trusted library allocation
|
page read and write
|
||
|
2534000
|
trusted library allocation
|
page read and write
|
||
|
3E92000
|
trusted library allocation
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
C63E000
|
stack
|
page read and write
|
||
|
3E7D000
|
trusted library allocation
|
page read and write
|
||
|
3F72000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
3117000
|
trusted library allocation
|
page read and write
|
||
|
5995000
|
heap
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
138B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2491000
|
trusted library allocation
|
page read and write
|
||
|
B1D000
|
stack
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
5740000
|
trusted library section
|
page readonly
|
||
|
6B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page execute and read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
11A5000
|
heap
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
52AE000
|
trusted library allocation
|
page read and write
|
||
|
3E0C000
|
trusted library allocation
|
page read and write
|
||
|
1387000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
65AE000
|
stack
|
page read and write
|
||
|
306F000
|
stack
|
page read and write
|
||
|
2ECA000
|
trusted library allocation
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
107D000
|
heap
|
page read and write
|
||
|
5C9F000
|
stack
|
page read and write
|
||
|
310B000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
B77000
|
heap
|
page read and write
|
||
|
4037000
|
trusted library allocation
|
page read and write
|
||
|
3F52000
|
trusted library allocation
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
85E000
|
heap
|
page read and write
|
||
|
4057000
|
trusted library allocation
|
page read and write
|
||
|
3394000
|
trusted library allocation
|
page read and write
|
||
|
4AFB000
|
stack
|
page read and write
|
||
|
1700000
|
trusted library allocation
|
page read and write
|
||
|
4112000
|
trusted library allocation
|
page read and write
|
||
|
2E62000
|
trusted library allocation
|
page read and write
|
||
|
7FD000
|
stack
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
AEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
2F01000
|
trusted library allocation
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
3D7B000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page execute and read and write
|
||
|
6D07000
|
trusted library allocation
|
page read and write
|
||
|
6B5D000
|
trusted library allocation
|
page read and write
|
||
|
5AC1000
|
trusted library allocation
|
page read and write
|
||
|
48CA000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
B66000
|
trusted library allocation
|
page read and write
|
||
|
ADA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page read and write
|
||
|
AE2000
|
trusted library allocation
|
page read and write
|
||
|
EEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
3CEA000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
3E8A000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
757E000
|
stack
|
page read and write
|
||
|
5E9E000
|
stack
|
page read and write
|
||
|
4E35000
|
heap
|
page read and write
|
||
|
6C80000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
6CE2000
|
trusted library allocation
|
page read and write
|
||
|
6CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E84000
|
trusted library allocation
|
page read and write
|
||
|
67ED000
|
stack
|
page read and write
|
||
|
2FD1000
|
trusted library allocation
|
page read and write
|
||
|
4165000
|
trusted library allocation
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
AEE000
|
unkown
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
52AA000
|
trusted library allocation
|
page read and write
|
||
|
66E0000
|
heap
|
page read and write
|
||
|
41AA000
|
trusted library allocation
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page read and write
|
||
|
66AE000
|
stack
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
3062000
|
trusted library allocation
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
3338000
|
trusted library allocation
|
page read and write
|
||
|
4A62000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
4128000
|
trusted library allocation
|
page read and write
|
||
|
6D20000
|
trusted library allocation
|
page read and write
|
||
|
E13E000
|
stack
|
page read and write
|
||
|
2B3A000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page execute and read and write
|
||
|
3082000
|
trusted library allocation
|
page read and write
|
||
|
10B7000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
2FF5000
|
trusted library allocation
|
page read and write
|
||
|
B64000
|
trusted library allocation
|
page read and write
|
||
|
3EA3000
|
trusted library allocation
|
page read and write
|
||
|
1717000
|
heap
|
page read and write
|
||
|
D35E000
|
stack
|
page read and write
|
||
|
479000
|
stack
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
2C5F000
|
unkown
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
2B36000
|
trusted library allocation
|
page read and write
|
||
|
528D000
|
stack
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
406C000
|
trusted library allocation
|
page read and write
|
||
|
2EBD000
|
trusted library allocation
|
page read and write
|
||
|
C30F000
|
trusted library allocation
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
6BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CE5000
|
trusted library allocation
|
page read and write
|
||
|
3F18000
|
trusted library allocation
|
page read and write
|
||
|
170D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C34E000
|
stack
|
page read and write
|
||
|
49B4000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
2470000
|
trusted library allocation
|
page read and write
|
||
|
7080000
|
heap
|
page read and write
|
||
|
68F0000
|
heap
|
page read and write
|
||
|
516C000
|
stack
|
page read and write
|
||
|
2E7B000
|
trusted library allocation
|
page read and write
|
||
|
3346000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
2B1C000
|
trusted library allocation
|
page read and write
|
||
|
3EA0000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
6902000
|
heap
|
page read and write
|
||
|
6A2E000
|
stack
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
1211000
|
heap
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ECE000
|
trusted library allocation
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
6B70000
|
trusted library allocation
|
page read and write
|
||
|
CF2D000
|
stack
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
unkown
|
page read and write
|
||
|
EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6725000
|
heap
|
page read and write
|
||
|
3E39000
|
trusted library allocation
|
page read and write
|
||
|
311D000
|
trusted library allocation
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
C305000
|
trusted library allocation
|
page read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
6C30000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
8BA000
|
heap
|
page read and write
|
||
|
D31E000
|
stack
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
2EC6000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
6CB6000
|
trusted library allocation
|
page read and write
|
||
|
49DD000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
3E94000
|
trusted library allocation
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
1382000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F4000
|
trusted library allocation
|
page read and write
|
||
|
6B50000
|
trusted library allocation
|
page read and write
|
||
|
CDEB000
|
stack
|
page read and write
|
||
|
D79D000
|
stack
|
page read and write
|
||
|
529B000
|
trusted library allocation
|
page read and write
|
||
|
68E0000
|
heap
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
2D32000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
D8B0000
|
heap
|
page read and write
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
C300000
|
trusted library allocation
|
page read and write
|
||
|
41D4000
|
trusted library allocation
|
page read and write
|
||
|
1385000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EA8000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
2EB5000
|
trusted library allocation
|
page read and write
|
||
|
4200000
|
trusted library allocation
|
page read and write
|
||
|
3114000
|
trusted library allocation
|
page read and write
|
||
|
5B50000
|
trusted library allocation
|
page read and write
|
||
|
7B4000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
55D3000
|
heap
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
5383000
|
heap
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
3491000
|
trusted library allocation
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
6B90000
|
trusted library allocation
|
page read and write
|
||
|
235E000
|
stack
|
page read and write
|
||
|
2FC6000
|
trusted library allocation
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
36AF000
|
stack
|
page read and write
|
||
|
2EFE000
|
trusted library allocation
|
page read and write
|
||
|
3EFD000
|
trusted library allocation
|
page read and write
|
||
|
AD2000
|
trusted library allocation
|
page read and write
|
||
|
2E6E000
|
trusted library allocation
|
page read and write
|
||
|
D9DE000
|
stack
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
4498000
|
trusted library allocation
|
page read and write
|
||
|
573B000
|
stack
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
DADE000
|
stack
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
D02F000
|
stack
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
2EC2000
|
trusted library allocation
|
page read and write
|
||
|
7381000
|
heap
|
page read and write
|
||
|
49E2000
|
trusted library allocation
|
page read and write
|
||
|
10A3000
|
heap
|
page read and write
|
||
|
532D000
|
stack
|
page read and write
|
||
|
4079000
|
trusted library allocation
|
page read and write
|
||
|
3FE5000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
4B10000
|
heap
|
page read and write
|
||
|
2F45000
|
trusted library allocation
|
page read and write
|
||
|
4F3D000
|
stack
|
page read and write
|
||
|
117A000
|
heap
|
page read and write
|
||
|
10B1000
|
heap
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
E3A000
|
stack
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
C67E000
|
stack
|
page read and write
|
||
|
C77F000
|
stack
|
page read and write
|
||
|
2701000
|
trusted library allocation
|
page read and write
|
||
|
40CB000
|
trusted library allocation
|
page read and write
|
||
|
2EEB000
|
heap
|
page read and write
|
||
|
7030000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
1275000
|
heap
|
page read and write
|
||
|
5B30000
|
trusted library section
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
301A000
|
heap
|
page read and write
|
||
|
466C000
|
stack
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
13EE000
|
stack
|
page read and write
|
||
|
C8C0000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
4D30000
|
heap
|
page execute and read and write
|
||
|
403B000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
2F0D000
|
trusted library allocation
|
page read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
2D6A000
|
stack
|
page read and write
|
||
|
30C2000
|
trusted library allocation
|
page read and write
|
||
|
D61E000
|
stack
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
E03E000
|
stack
|
page read and write
|
||
|
49BB000
|
trusted library allocation
|
page read and write
|
||
|
2D47000
|
trusted library allocation
|
page execute and read and write
|
||
|
1372000
|
trusted library allocation
|
page read and write
|
||
|
CB0E000
|
stack
|
page read and write
|
||
|
124D000
|
trusted library allocation
|
page execute and read and write
|
||
|
696F000
|
stack
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
9010000
|
trusted library allocation
|
page execute and read and write
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
41C7000
|
trusted library allocation
|
page read and write
|
||
|
EF2000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page read and write
|
||
|
5D9E000
|
stack
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
10B4000
|
trusted library allocation
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
6743000
|
heap
|
page read and write
|
||
|
529E000
|
trusted library allocation
|
page read and write
|
||
|
3F13000
|
trusted library allocation
|
page read and write
|
||
|
137A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
2FF7000
|
trusted library allocation
|
page read and write
|
||
|
3113000
|
trusted library allocation
|
page read and write
|
||
|
52B6000
|
trusted library allocation
|
page read and write
|
||
|
EC4000
|
trusted library allocation
|
page read and write
|
||
|
2475000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
314E000
|
unkown
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
D65E000
|
stack
|
page read and write
|
||
|
2EF9000
|
trusted library allocation
|
page read and write
|
||
|
3E84000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
D16E000
|
stack
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page execute and read and write
|
||
|
6CE0000
|
trusted library allocation
|
page read and write
|
||
|
6C7E000
|
stack
|
page read and write
|
||
|
2E79000
|
trusted library allocation
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
2D42000
|
trusted library allocation
|
page read and write
|
||
|
2D36000
|
trusted library allocation
|
page execute and read and write
|
There are 580 hidden memdumps, click here to show them.