Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RustStore_Setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Recovery\cmd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\7hM3IriNjv.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\hyperdriverIntoruntimeHost\BridgeSurrogatenet.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\hyperdriverIntoruntimeHost\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\hyperdriverIntoruntimeHost\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\hyperdriverIntoruntimeHost\RyNGDgfn2lqcEdmANFTv.vbe
|
data
|
dropped
|
|
|
|
C:\hyperdriverIntoruntimeHost\dllhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\ebf1f9fa8afd6d
|
ASCII text, with very long lines (481), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Desktop\c8b7bf62a6a3f6
|
ASCII text, with very long lines (938), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\BridgeSurrogatenet.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\cmd.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MvCJNUdD46
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\hyperdriverIntoruntimeHost\5940a34987c991
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\hyperdriverIntoruntimeHost\9e8d7a4ca61bd9
|
ASCII text, with very long lines (310), with no line terminators
|
dropped
|
||
|
C:\hyperdriverIntoruntimeHost\IP7oFx0Ch.bat
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\hyperdriverIntoruntimeHost\c8b7bf62a6a3f6
|
ASCII text, with no line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RustStore_Setup.exe
|
"C:\Users\user\Desktop\RustStore_Setup.exe"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\hyperdriverIntoruntimeHost\RyNGDgfn2lqcEdmANFTv.vbe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\hyperdriverIntoruntimeHost\IP7oFx0Ch.bat" "
|
|
|
|
C:\hyperdriverIntoruntimeHost\BridgeSurrogatenet.exe
|
"C:\hyperdriverIntoruntimeHost\BridgeSurrogatenet.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "LFLHWlcKpdKxiJMBhoVPGEPQyHcZL" /sc MINUTE /mo 8 /tr "'C:\hyperdriverIntoruntimeHost\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "LFLHWlcKpdKxiJMBhoVPGEPQyHcZ" /sc ONLOGON /tr "'C:\hyperdriverIntoruntimeHost\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "LFLHWlcKpdKxiJMBhoVPGEPQyHcZL" /sc MINUTE /mo 13 /tr "'C:\hyperdriverIntoruntimeHost\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "LFLHWlcKpdKxiJMBhoVPGEPQyHcZL" /sc MINUTE /mo 14 /tr "'C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "LFLHWlcKpdKxiJMBhoVPGEPQyHcZ" /sc ONLOGON /tr "'C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "LFLHWlcKpdKxiJMBhoVPGEPQyHcZL" /sc MINUTE /mo 13 /tr "'C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cmdc" /sc MINUTE /mo 13 /tr "'C:\Recovery\cmd.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cmd" /sc ONLOGON /tr "'C:\Recovery\cmd.exe'" /rl HIGHEST /f
|
|
|
|
C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe
|
C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cmdc" /sc MINUTE /mo 9 /tr "'C:\Recovery\cmd.exe'" /rl HIGHEST /f
|
|
|
|
C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe
|
C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 10 /tr "'C:\hyperdriverIntoruntimeHost\dllhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhost" /sc ONLOGON /tr "'C:\hyperdriverIntoruntimeHost\dllhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 10 /tr "'C:\hyperdriverIntoruntimeHost\dllhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 8 /tr "'C:\hyperdriverIntoruntimeHost\RuntimeBroker.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBroker" /sc ONLOGON /tr "'C:\hyperdriverIntoruntimeHost\RuntimeBroker.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 13 /tr "'C:\hyperdriverIntoruntimeHost\RuntimeBroker.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C "C:\Users\user\AppData\Local\Temp\7hM3IriNjv.bat"
|
|
|
|
C:\Recovery\cmd.exe
|
C:\Recovery\cmd.exe
|
|
|
|
C:\Recovery\cmd.exe
|
C:\Recovery\cmd.exe
|
|
|
|
C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe
|
"C:\Users\Public\Desktop\LFLHWlcKpdKxiJMBhoVPGEPQyHcZ.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\w32tm.exe
|
w32tm /stripchart /computer:localhost /period:5 /dataonly /samples:2
|
There are 18 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\ec1d18bd90516c1626fad7c3e8f1c60adfff7271
|
8a6b9d6fdf5024aa0b50779414daf9b72b8d8086
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2691000
|
trusted library allocation
|
page read and write
|
|
|
|
297D000
|
trusted library allocation
|
page read and write
|
|
|
|
30E1000
|
trusted library allocation
|
page read and write
|
|
|
|
2941000
|
trusted library allocation
|
page read and write
|
|
|
|
2C4D000
|
trusted library allocation
|
page read and write
|
|
|
|
130ED000
|
trusted library allocation
|
page read and write
|
|
|
|
33BC000
|
trusted library allocation
|
page read and write
|
|
|
|
2BF1000
|
trusted library allocation
|
page read and write
|
|
|
|
2AE1000
|
trusted library allocation
|
page read and write
|
|
|
|
2C11000
|
trusted library allocation
|
page read and write
|
|
|
|
26CC000
|
trusted library allocation
|
page read and write
|
|
|
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
7FF8491E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C7B000
|
trusted library allocation
|
page read and write
|
||
|
2F86000
|
heap
|
page read and write
|
||
|
12C18000
|
trusted library allocation
|
page read and write
|
||
|
72CF000
|
stack
|
page read and write
|
||
|
7FF848EF3000
|
trusted library allocation
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
6858000
|
heap
|
page read and write
|
||
|
1095000
|
heap
|
page read and write
|
||
|
2BE6000
|
stack
|
page read and write
|
||
|
1C481000
|
heap
|
page read and write
|
||
|
7FF848D34000
|
trusted library allocation
|
page read and write
|
||
|
1CD384C7000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
39FFFDE000
|
stack
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page read and write
|
||
|
1BA6F000
|
stack
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page execute and read and write
|
||
|
1B914000
|
stack
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
1BA90000
|
heap
|
page read and write
|
||
|
512E000
|
stack
|
page read and write
|
||
|
7FF848E1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848D43000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848D67000
|
trusted library allocation
|
page read and write
|
||
|
1C906000
|
heap
|
page read and write
|
||
|
12943000
|
trusted library allocation
|
page read and write
|
||
|
2CD1000
|
heap
|
page read and write
|
||
|
7FF848FA7000
|
trusted library allocation
|
page read and write
|
||
|
1C928000
|
heap
|
page read and write
|
||
|
D2E000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page execute read
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
7FF848D47000
|
trusted library allocation
|
page read and write
|
||
|
1CD38490000
|
heap
|
page read and write
|
||
|
302D000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
1C90D000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
33E8000
|
trusted library allocation
|
page read and write
|
||
|
1CD384B0000
|
heap
|
page read and write
|
||
|
3024000
|
heap
|
page read and write
|
||
|
7FF848D5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D14000
|
heap
|
page read and write
|
||
|
1CD38470000
|
heap
|
page read and write
|
||
|
4D31000
|
trusted library allocation
|
page read and write
|
||
|
67D0000
|
heap
|
page read and write
|
||
|
7FF848D9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E8F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848D77000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
4DA4000
|
heap
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD9000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
274E000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
1C83B000
|
heap
|
page read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
7FF848D64000
|
trusted library allocation
|
page read and write
|
||
|
12AE8000
|
trusted library allocation
|
page read and write
|
||
|
274B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EEC000
|
trusted library allocation
|
page read and write
|
||
|
1B71E000
|
stack
|
page read and write
|
||
|
2CBA000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
A63000
|
unkown
|
page readonly
|
||
|
7FF848E6F000
|
trusted library allocation
|
page execute and read and write
|
||
|
685A000
|
heap
|
page read and write
|
||
|
12AF1000
|
trusted library allocation
|
page read and write
|
||
|
71D1000
|
heap
|
page read and write
|
||
|
7FF848EEE000
|
trusted library allocation
|
page read and write
|
||
|
12C1D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
30BF000
|
stack
|
page read and write
|
||
|
575C000
|
stack
|
page read and write
|
||
|
1BA1E000
|
stack
|
page read and write
|
||
|
1350000
|
heap
|
page execute and read and write
|
||
|
A6E000
|
unkown
|
page read and write
|
||
|
2FC9000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
1BB53000
|
stack
|
page read and write
|
||
|
7FF848D84000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
2FC9000
|
heap
|
page read and write
|
||
|
1C895000
|
heap
|
page read and write
|
||
|
1B465000
|
heap
|
page read and write
|
||
|
2B16000
|
stack
|
page read and write
|
||
|
B92000
|
unkown
|
page readonly
|
||
|
E40000
|
heap
|
page read and write
|
||
|
1CC5E000
|
stack
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
2C19000
|
stack
|
page read and write
|
||
|
12B82000
|
trusted library allocation
|
page read and write
|
||
|
33E2000
|
trusted library allocation
|
page read and write
|
||
|
1C2AD000
|
stack
|
page read and write
|
||
|
7FF848D5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
135E000
|
heap
|
page read and write
|
||
|
1CD386A0000
|
heap
|
page read and write
|
||
|
8A2000
|
heap
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
2CF8000
|
heap
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
2F6F000
|
stack
|
page read and write
|
||
|
1B9BB000
|
stack
|
page read and write
|
||
|
7FF848D77000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D50000
|
trusted library allocation
|
page read and write
|
||
|
1C75A000
|
stack
|
page read and write
|
||
|
2CB6000
|
heap
|
page read and write
|
||
|
2CCA000
|
heap
|
page read and write
|
||
|
534D000
|
stack
|
page read and write
|
||
|
2CBF000
|
heap
|
page read and write
|
||
|
2F8D000
|
heap
|
page read and write
|
||
|
7FF848D6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BF8000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
trusted library section
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1C2D0000
|
trusted library section
|
page read and write
|
||
|
34C1000
|
trusted library allocation
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
7FF848D60000
|
trusted library allocation
|
page read and write
|
||
|
2CCD000
|
heap
|
page read and write
|
||
|
1C850000
|
heap
|
page read and write
|
||
|
12BF1000
|
trusted library allocation
|
page read and write
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
866000
|
heap
|
page read and write
|
||
|
2CB9000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
EC9000
|
heap
|
page read and write
|
||
|
1B370000
|
heap
|
page execute and read and write
|
||
|
1BB13000
|
stack
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
F35000
|
heap
|
page read and write
|
||
|
7FF848D44000
|
trusted library allocation
|
page read and write
|
||
|
1B110000
|
heap
|
page read and write
|
||
|
1BBC0000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
12AE3000
|
trusted library allocation
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
133E000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
2CC7000
|
heap
|
page read and write
|
||
|
7FF848D6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848D57000
|
trusted library allocation
|
page read and write
|
||
|
A63000
|
unkown
|
page readonly
|
||
|
4F50000
|
heap
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
3024000
|
heap
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
12B4000
|
heap
|
page read and write
|
||
|
302D000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
12F5000
|
heap
|
page read and write
|
||
|
A92000
|
unkown
|
page write copy
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
7250000
|
heap
|
page read and write
|
||
|
12951000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848D9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD4000
|
heap
|
page read and write
|
||
|
12FD000
|
heap
|
page read and write
|
||
|
7FF848D44000
|
trusted library allocation
|
page read and write
|
||
|
1D31E000
|
stack
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
1B51E000
|
stack
|
page read and write
|
||
|
12BFD000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D6C000
|
trusted library allocation
|
page read and write
|
||
|
736000
|
stack
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
1C8DB000
|
heap
|
page read and write
|
||
|
12E32000
|
trusted library allocation
|
page read and write
|
||
|
2CB5000
|
heap
|
page read and write
|
||
|
3388000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
273B000
|
stack
|
page read and write
|
||
|
1A970000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
2D15000
|
heap
|
page read and write
|
||
|
2D22000
|
heap
|
page read and write
|
||
|
7FF848E46000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C360000
|
trusted library section
|
page read and write
|
||
|
1B61E000
|
stack
|
page read and write
|
||
|
1B570000
|
heap
|
page read and write
|
||
|
3042000
|
heap
|
page read and write
|
||
|
12691000
|
trusted library allocation
|
page read and write
|
||
|
E2F000
|
heap
|
page read and write
|
||
|
565B000
|
stack
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
7FF848D6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDAF000
|
stack
|
page read and write
|
||
|
7FF848D33000
|
trusted library allocation
|
page execute and read and write
|
||
|
D8C000
|
heap
|
page read and write
|
||
|
7FF848E26000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F23000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
2F9F000
|
heap
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE6000
|
trusted library allocation
|
page read and write
|
||
|
1C7C0000
|
trusted library section
|
page read and write
|
||
|
9C6000
|
stack
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1342000
|
heap
|
page read and write
|
||
|
2CD6000
|
heap
|
page read and write
|
||
|
2748000
|
trusted library allocation
|
page read and write
|
||
|
2CBC000
|
heap
|
page read and write
|
||
|
7FF848F16000
|
trusted library allocation
|
page read and write
|
||
|
2ADE000
|
stack
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
1C91D000
|
heap
|
page read and write
|
||
|
1C8C8000
|
heap
|
page read and write
|
||
|
2BDC000
|
stack
|
page read and write
|
||
|
1C2B0000
|
trusted library section
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
1C840000
|
heap
|
page read and write
|
||
|
1BA70000
|
trusted library section
|
page read and write
|
||
|
7FF848EFB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
12AE1000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F21000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
126A1000
|
trusted library allocation
|
page read and write
|
||
|
1B5EE000
|
stack
|
page read and write
|
||
|
7FF848E06000
|
trusted library allocation
|
page read and write
|
||
|
3042000
|
heap
|
page read and write
|
||
|
2986000
|
trusted library allocation
|
page read and write
|
||
|
12F1000
|
heap
|
page read and write
|
||
|
7FF848D7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E16000
|
trusted library allocation
|
page read and write
|
||
|
2F91000
|
heap
|
page read and write
|
||
|
128D2000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
2CF8000
|
heap
|
page read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page execute and read and write
|
||
|
2FC9000
|
heap
|
page read and write
|
||
|
2740000
|
trusted library allocation
|
page read and write
|
||
|
2CC2000
|
heap
|
page read and write
|
||
|
7FF848D8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D15000
|
heap
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
AD7000
|
unkown
|
page readonly
|
||
|
1C2E0000
|
trusted library section
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page readonly
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
1C979000
|
heap
|
page read and write
|
||
|
5076000
|
heap
|
page read and write
|
||
|
2D15000
|
heap
|
page read and write
|
||
|
E6C000
|
heap
|
page read and write
|
||
|
7FF848F27000
|
trusted library allocation
|
page read and write
|
||
|
302D000
|
heap
|
page read and write
|
||
|
12D22000
|
trusted library allocation
|
page read and write
|
||
|
A91000
|
unkown
|
page read and write
|
||
|
2CA1000
|
heap
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
3009000
|
heap
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
1AC1D000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
E06000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E71000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F47000
|
trusted library allocation
|
page read and write
|
||
|
EA1000
|
heap
|
page read and write
|
||
|
E84000
|
unkown
|
page readonly
|
||
|
1B4AE000
|
stack
|
page read and write
|
||
|
111F000
|
stack
|
page read and write
|
||
|
DBA000
|
heap
|
page read and write
|
||
|
1B05E000
|
stack
|
page read and write
|
||
|
1BA5E000
|
stack
|
page read and write
|
||
|
1BAA0000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
3022000
|
heap
|
page read and write
|
||
|
1C8E8000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
7FF848F0C000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page read and write
|
||
|
1B1AC000
|
stack
|
page read and write
|
||
|
7FF848F2B000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
1BBAE000
|
stack
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
7FF848E68000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E16000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC6000
|
stack
|
page read and write
|
||
|
2C99000
|
heap
|
page read and write
|
||
|
D59000
|
heap
|
page read and write
|
||
|
1AECC000
|
stack
|
page read and write
|
||
|
258E000
|
stack
|
page read and write
|
||
|
1C451000
|
heap
|
page read and write
|
||
|
7FF848D84000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
1C350000
|
trusted library section
|
page read and write
|
||
|
12693000
|
trusted library allocation
|
page read and write
|
||
|
D65000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D43000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E52000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page execute and read and write
|
||
|
3024000
|
heap
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
7FF848F13000
|
trusted library allocation
|
page read and write
|
||
|
27A6000
|
heap
|
page read and write
|
||
|
3243000
|
trusted library allocation
|
page read and write
|
||
|
130E8000
|
trusted library allocation
|
page read and write
|
||
|
1B883000
|
stack
|
page read and write
|
||
|
7FF848D60000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D5000
|
trusted library allocation
|
page read and write
|
||
|
1B85E000
|
stack
|
page read and write
|
||
|
2A10000
|
heap
|
page execute and read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
1B4E0000
|
heap
|
page execute and read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
7FF848D53000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE3000
|
trusted library allocation
|
page read and write
|
||
|
1C8C2000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D53000
|
trusted library allocation
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
7FF848D4C000
|
trusted library allocation
|
page read and write
|
||
|
882000
|
heap
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
2C07000
|
stack
|
page read and write
|
||
|
12C11000
|
trusted library allocation
|
page read and write
|
||
|
1C494000
|
heap
|
page read and write
|
||
|
2FEE000
|
heap
|
page read and write
|
||
|
7FF848D64000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
heap
|
page execute and read and write
|
||
|
7FF848D8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D2E000
|
stack
|
page read and write
|
||
|
2CCB000
|
heap
|
page read and write
|
||
|
33F7000
|
trusted library allocation
|
page read and write
|
||
|
331B000
|
heap
|
page read and write
|
||
|
5079000
|
heap
|
page read and write
|
||
|
1BEA2000
|
stack
|
page read and write
|
||
|
1C447000
|
heap
|
page read and write
|
||
|
273D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
1C0A7000
|
stack
|
page read and write
|
||
|
1312000
|
heap
|
page read and write
|
||
|
29EA000
|
trusted library allocation
|
page read and write
|
||
|
1C8B0000
|
heap
|
page read and write
|
||
|
7FF848D7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
74CC000
|
stack
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
1C92B000
|
heap
|
page read and write
|
||
|
1B98E000
|
stack
|
page read and write
|
||
|
1B110000
|
trusted library allocation
|
page read and write
|
||
|
3024000
|
heap
|
page read and write
|
||
|
1BA20000
|
heap
|
page execute and read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
1294D000
|
trusted library allocation
|
page read and write
|
||
|
3A0027F000
|
stack
|
page read and write
|
||
|
7FF848F23000
|
trusted library allocation
|
page read and write
|
||
|
4D4A000
|
trusted library allocation
|
page read and write
|
||
|
2BEF000
|
stack
|
page read and write
|
||
|
CD6000
|
heap
|
page read and write
|
||
|
1C770000
|
trusted library section
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
2CC6000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page execute and read and write
|
||
|
CDA000
|
heap
|
page read and write
|
||
|
7FF8490C8000
|
trusted library allocation
|
page read and write
|
||
|
EEF000
|
stack
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
12AED000
|
trusted library allocation
|
page read and write
|
||
|
1BABE000
|
stack
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1065000
|
heap
|
page read and write
|
||
|
D7B000
|
heap
|
page read and write
|
||
|
2CAF000
|
heap
|
page read and write
|
||
|
D14000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page execute and read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
7FF849102000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
7FF848D54000
|
trusted library allocation
|
page read and write
|
||
|
E88000
|
unkown
|
page readonly
|
||
|
7FF848D54000
|
trusted library allocation
|
page read and write
|
||
|
2C12000
|
stack
|
page read and write
|
||
|
7FF848D6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F9A000
|
heap
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
A74000
|
unkown
|
page read and write
|
||
|
D5B000
|
heap
|
page read and write
|
||
|
E43000
|
heap
|
page read and write
|
||
|
2CC5000
|
trusted library allocation
|
page read and write
|
||
|
1B413000
|
stack
|
page read and write
|
||
|
7FF84906D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D7C000
|
trusted library allocation
|
page read and write
|
||
|
1BC5E000
|
stack
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
26DB000
|
trusted library allocation
|
page read and write
|
||
|
2CB5000
|
heap
|
page read and write
|
||
|
349D000
|
trusted library allocation
|
page read and write
|
||
|
2CD1000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
1BC1E000
|
stack
|
page read and write
|
||
|
12F52000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D63000
|
trusted library allocation
|
page execute and read and write
|
||
|
11B5000
|
heap
|
page read and write
|
||
|
4E2F000
|
stack
|
page read and write
|
||
|
2EBF000
|
stack
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
1AC40000
|
trusted library allocation
|
page read and write
|
||
|
12698000
|
trusted library allocation
|
page read and write
|
||
|
2FA9000
|
heap
|
page read and write
|
||
|
2CBD000
|
heap
|
page read and write
|
||
|
7FF848D63000
|
trusted library allocation
|
page read and write
|
||
|
2CB7000
|
heap
|
page read and write
|
||
|
7FF848EFC000
|
trusted library allocation
|
page read and write
|
||
|
12948000
|
trusted library allocation
|
page read and write
|
||
|
1B58E000
|
stack
|
page read and write
|
||
|
2CBF000
|
heap
|
page read and write
|
||
|
1B68E000
|
stack
|
page read and write
|
||
|
2AFB000
|
stack
|
page read and write
|
||
|
7FF848D73000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
7FF848D52000
|
trusted library allocation
|
page read and write
|
||
|
3042000
|
heap
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF4000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
2F97000
|
heap
|
page read and write
|
||
|
7FF848D74000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D64000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
4F7F000
|
stack
|
page read and write
|
||
|
3042000
|
heap
|
page read and write
|
||
|
5076000
|
heap
|
page read and write
|
||
|
7FF848DEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
B10000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
1B954000
|
stack
|
page read and write
|
||
|
3448000
|
trusted library allocation
|
page read and write
|
||
|
1C890000
|
heap
|
page read and write
|
||
|
1BA00000
|
trusted library section
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F5F000
|
trusted library allocation
|
page read and write
|
||
|
67D9000
|
heap
|
page read and write
|
||
|
1C820000
|
heap
|
page read and write
|
||
|
1C918000
|
heap
|
page read and write
|
||
|
7FF848D5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848D5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CC3000
|
heap
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
302D000
|
heap
|
page read and write
|
||
|
7FF848D70000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
3022000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
7FF848FB2000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
3024000
|
heap
|
page read and write
|
||
|
7FF848DF6000
|
trusted library allocation
|
page read and write
|
||
|
7252000
|
heap
|
page read and write
|
||
|
12C21000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D73000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
1CD384C8000
|
heap
|
page read and write
|
||
|
33DF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E16000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
73CF000
|
stack
|
page read and write
|
||
|
1C868000
|
heap
|
page read and write
|
||
|
1BA10000
|
trusted library section
|
page read and write
|
||
|
1D4DB000
|
stack
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
1C8AB000
|
heap
|
page read and write
|
||
|
2CB4000
|
heap
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C800000
|
trusted library section
|
page read and write
|
||
|
2FB4000
|
heap
|
page read and write
|
||
|
12C01000
|
trusted library allocation
|
page read and write
|
||
|
2D15000
|
heap
|
page read and write
|
||
|
561F000
|
stack
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
CAD000
|
heap
|
page read and write
|
||
|
7FF848F0E000
|
trusted library allocation
|
page read and write
|
||
|
1B650000
|
heap
|
page read and write
|
||
|
550B000
|
stack
|
page read and write
|
||
|
1C810000
|
trusted library section
|
page read and write
|
||
|
7FF848E36000
|
trusted library allocation
|
page execute and read and write
|
||
|
3306000
|
trusted library allocation
|
page read and write
|
||
|
1BA8E000
|
stack
|
page read and write
|
||
|
1C94D000
|
heap
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
2FC9000
|
heap
|
page read and write
|
||
|
1C3D8000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
7FF498940000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E91000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B873000
|
stack
|
page read and write
|
||
|
39FFF5B000
|
stack
|
page read and write
|
||
|
13C70000
|
trusted library allocation
|
page read and write
|
||
|
1A6C0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
stack
|
page read and write
|
||
|
1C760000
|
trusted library section
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2680000
|
heap
|
page read and write
|
||
|
7FF848F0C000
|
trusted library allocation
|
page read and write
|
||
|
2D15000
|
heap
|
page read and write
|
||
|
346F000
|
trusted library allocation
|
page read and write
|
||
|
1C8D1000
|
heap
|
page read and write
|
||
|
13AED000
|
trusted library allocation
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
2CD2000
|
heap
|
page read and write
|
||
|
1BA90000
|
trusted library section
|
page read and write
|
||
|
12C13000
|
trusted library allocation
|
page read and write
|
||
|
1B380000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D32000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1269D000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
1C8A6000
|
heap
|
page read and write
|
||
|
D6B000
|
heap
|
page read and write
|
||
|
1B77F000
|
stack
|
page read and write
|
||
|
7FF848D8C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C3FC000
|
heap
|
page read and write
|
||
|
1C3F1000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
7FF848D64000
|
trusted library allocation
|
page read and write
|
||
|
181E000
|
stack
|
page read and write
|
||
|
1C900000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849029000
|
trusted library allocation
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
29FC000
|
trusted library allocation
|
page read and write
|
||
|
1C780000
|
trusted library section
|
page read and write
|
||
|
9E0000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
980000
|
heap
|
page read and write
|
||
|
7FF848D42000
|
trusted library allocation
|
page read and write
|
||
|
2CE3000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
A93000
|
unkown
|
page readonly
|
||
|
7FF848D60000
|
trusted library allocation
|
page read and write
|
||
|
1B67E000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
1C7D0000
|
trusted library section
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
2CF8000
|
heap
|
page read and write
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
2FC7000
|
heap
|
page read and write
|
||
|
1C87D000
|
heap
|
page read and write
|
||
|
2DB5000
|
heap
|
page read and write
|
||
|
1C925000
|
heap
|
page read and write
|
||
|
1B81E000
|
stack
|
page read and write
|
||
|
7FF848D57000
|
trusted library allocation
|
page read and write
|
||
|
1365000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
7FF848DF6000
|
trusted library allocation
|
page read and write
|
||
|
2CB4000
|
heap
|
page read and write
|
||
|
12941000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D5C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
2CDB000
|
heap
|
page read and write
|
||
|
3042000
|
heap
|
page read and write
|
||
|
7FF848DBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
D7E000
|
heap
|
page read and write
|
||
|
2743000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
1B30F000
|
stack
|
page read and write
|
||
|
7FF848EEA000
|
trusted library allocation
|
page read and write
|
||
|
2C09000
|
stack
|
page read and write
|
||
|
7FF848D7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FC6000
|
heap
|
page read and write
|
||
|
2F9A000
|
heap
|
page read and write
|
||
|
2CDD000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EEB000
|
trusted library allocation
|
page read and write
|
||
|
2752000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3454000
|
trusted library allocation
|
page read and write
|
||
|
1C8F4000
|
heap
|
page read and write
|
||
|
1C1AE000
|
stack
|
page read and write
|
||
|
1C7E0000
|
trusted library section
|
page read and write
|
||
|
7FF848F0B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CBD000
|
heap
|
page read and write
|
||
|
1B75F000
|
stack
|
page read and write
|
||
|
3022000
|
heap
|
page read and write
|
||
|
CAB000
|
heap
|
page read and write
|
||
|
7FF848F44000
|
trusted library allocation
|
page read and write
|
||
|
2BF6000
|
stack
|
page read and write
|
||
|
2CDF000
|
heap
|
page read and write
|
||
|
1C876000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
70D0000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
C9C000
|
heap
|
page read and write
|
||
|
1C3B0000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
DA7000
|
heap
|
page read and write
|
||
|
2CCB000
|
trusted library allocation
|
page read and write
|
||
|
1B21E000
|
stack
|
page read and write
|
||
|
2F9A000
|
heap
|
page read and write
|
||
|
7FF848F0A000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
2CF8000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
130E1000
|
trusted library allocation
|
page read and write
|
||
|
2CE4000
|
heap
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D8E000
|
heap
|
page read and write
|
||
|
1316000
|
heap
|
page read and write
|
||
|
86C000
|
heap
|
page read and write
|
||
|
11F4000
|
heap
|
page read and write
|
||
|
1B48E000
|
stack
|
page read and write
|
||
|
7FF848E46000
|
trusted library allocation
|
page execute and read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
338A000
|
trusted library allocation
|
page read and write
|
||
|
2F68000
|
heap
|
page read and write
|
||
|
7FF848D4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
7FF848D4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
3317000
|
heap
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
7FF848F03000
|
trusted library allocation
|
page read and write
|
||
|
1C790000
|
trusted library section
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
AD7000
|
unkown
|
page readonly
|
||
|
147F000
|
stack
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
54CE000
|
stack
|
page read and write
|
||
|
7FF848F03000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
26D4000
|
trusted library allocation
|
page read and write
|
||
|
1B06E000
|
stack
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
1C93E000
|
heap
|
page read and write
|
||
|
1C2F0000
|
trusted library section
|
page read and write
|
||
|
1B31F000
|
stack
|
page read and write
|
||
|
7FF848E26000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CB4000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
7FF848E97000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CE3000
|
heap
|
page read and write
|
||
|
1CD384B9000
|
heap
|
page read and write
|
||
|
3022000
|
heap
|
page read and write
|
||
|
3022000
|
heap
|
page read and write
|
||
|
1C932000
|
heap
|
page read and write
|
||
|
3426000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E77000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E88000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CBA000
|
heap
|
page read and write
|
||
|
2CBA000
|
heap
|
page read and write
|
||
|
A6E000
|
unkown
|
page write copy
|
||
|
7FF848D63000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
1B17D000
|
stack
|
page read and write
|
||
|
8CE000
|
heap
|
page read and write
|
||
|
26D6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D50000
|
trusted library allocation
|
page read and write
|
||
|
DA9000
|
heap
|
page read and write
|
||
|
7FF8491D0000
|
trusted library allocation
|
page read and write
|
||
|
D8A000
|
heap
|
page read and write
|
||
|
CA9000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page execute read
|
||
|
1BBBE000
|
stack
|
page read and write
|
||
|
302D000
|
heap
|
page read and write
|
||
|
1B784000
|
stack
|
page read and write
|
||
|
1467B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D66000
|
trusted library allocation
|
page read and write
|
||
|
3414000
|
trusted library allocation
|
page read and write
|
||
|
1CD386A4000
|
heap
|
page read and write
|
||
|
1AB10000
|
trusted library allocation
|
page read and write
|
||
|
1BFA4000
|
stack
|
page read and write
|
||
|
12BF3000
|
trusted library allocation
|
page read and write
|
||
|
1C85A000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
7FF848F03000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
1BC20000
|
heap
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D7C000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
2F9A000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
7FF848D5C000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
F3F000
|
stack
|
page read and write
|
||
|
1C7F0000
|
trusted library section
|
page read and write
|
||
|
A92000
|
unkown
|
page readonly
|
||
|
1CD38460000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page execute and read and write
|
||
|
1B71E000
|
stack
|
page read and write
|
||
|
324E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D43000
|
trusted library allocation
|
page read and write
|
||
|
2C1D000
|
stack
|
page read and write
|
||
|
1AC20000
|
trusted library allocation
|
page read and write
|
||
|
2C03000
|
stack
|
page read and write
|
||
|
68CE000
|
stack
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
2CF8000
|
heap
|
page read and write
|
||
|
1BCAE000
|
stack
|
page read and write
|
||
|
7FF848F24000
|
trusted library allocation
|
page read and write
|
||
|
2DAD000
|
stack
|
page read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
DE8000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
1C938000
|
heap
|
page read and write
|
||
|
7FF848EF1000
|
trusted library allocation
|
page read and write
|
||
|
1B66C000
|
stack
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C78000
|
heap
|
page read and write
|
||
|
2CC9000
|
heap
|
page read and write
|
||
|
171F000
|
stack
|
page read and write
|
||
|
7FF848EEC000
|
trusted library allocation
|
page read and write
|
||
|
E0C000
|
heap
|
page read and write
|
||
|
1B610000
|
heap
|
page read and write
|
||
|
1B5BE000
|
stack
|
page read and write
|
||
|
2CD9000
|
heap
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
15C0000
|
heap
|
page execute and read and write
|
||
|
7FF848E6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F8A000
|
heap
|
page read and write
|
||
|
2746000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D53000
|
trusted library allocation
|
page execute and read and write
|
There are 819 hidden memdumps, click here to show them.