Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
TwrhjEKqxk.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Google\Chrome\updater.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\drivers\etc\hosts
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Temp\mnidgyzvuran.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3dlabkv3.k15.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bno5m1rc.e3z.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xnjqdz52.4gw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yhock3g5.mv0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_ftoykijx.mdk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_u2zbqt4a.veq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_vdzhsi1o.bak.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_xfvot4ly.d1u.ps1
|
ASCII text, with no line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\TwrhjEKqxk.exe
|
"C:\Users\user\Desktop\TwrhjEKqxk.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData)
-ExclusionExtension '.exe' -Force
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop UsoSvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop WaaSMedicSvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop wuauserv
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop bits
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop dosvc
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe delete "GoogleUpdateTaskMachineQC"
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe create "GoogleUpdateTaskMachineQC" binpath= "C:\ProgramData\Google\Chrome\updater.exe" start= "auto"
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop eventlog
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe start "GoogleUpdateTaskMachineQC"
|
|
|
|
C:\ProgramData\Google\Chrome\updater.exe
|
C:\ProgramData\Google\Chrome\updater.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData)
-ExclusionExtension '.exe' -Force
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop UsoSvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop WaaSMedicSvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop wuauserv
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop bits
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop dosvc
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
|
|
|
|
C:\Windows\explorer.exe
|
explorer.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wusa.exe
|
wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wusa.exe
|
wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
There are 49 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.cloudflare.com/origin_ca.crl0
|
unknown
|
||
|
http://ocsp.cloudflare.com/origin_ca
|
unknown
|
||
|
http://crl.cloudflare.com/origin_ca.crln
|
unknown
|
||
|
http://ocsp.cloudflare.com/origin_ca0
|
unknown
|
||
|
http://crl.cloudflare.com/origin_ca.crl
|
unknown
|
||
|
https://xmrig.com/docs/algorithms
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xmr-eu1.nanopool.org
|
54.37.137.114
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.19.224.121
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT
|
DontOfferThroughWUAU
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1118000
|
heap
|
page read and write
|
|
|
|
2166EE40000
|
unkown
|
page read and write
|
|
|
|
1109000
|
heap
|
page read and write
|
|
|
|
117A000
|
heap
|
page read and write
|
|
|
|
1118000
|
heap
|
page read and write
|
|
|
|
10FE000
|
heap
|
page read and write
|
|
|
|
1118000
|
heap
|
page read and write
|
|
|
|
10A9000
|
heap
|
page read and write
|
|
|
|
117A000
|
heap
|
page read and write
|
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
140007000
|
unkown
|
page readonly
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
111B000
|
heap
|
page read and write
|
||
|
2307DF70000
|
heap
|
page read and write
|
||
|
7FF7DA2D7000
|
unkown
|
page execute and read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1113000
|
heap
|
page read and write
|
||
|
2519FD60000
|
heap
|
page read and write
|
||
|
7FF7DA338000
|
unkown
|
page execute and read and write
|
||
|
624574F000
|
stack
|
page read and write
|
||
|
1ECF74D0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1B4FE130000
|
heap
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
37E6FF000
|
stack
|
page read and write
|
||
|
7FF79FE41000
|
unkown
|
page readonly
|
||
|
F06EE7D000
|
stack
|
page read and write
|
||
|
24D297A9000
|
heap
|
page read and write
|
||
|
2DD0FDE000
|
stack
|
page read and write
|
||
|
17C53990000
|
heap
|
page read and write
|
||
|
2307DF10000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2519FC40000
|
heap
|
page read and write
|
||
|
7FF7DA016000
|
unkown
|
page execute and read and write
|
||
|
17C521A0000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
265EC960000
|
heap
|
page read and write
|
||
|
153C8F25000
|
heap
|
page read and write
|
||
|
24D29A95000
|
heap
|
page read and write
|
||
|
1F00000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
BE3BBE000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2166E765000
|
heap
|
page read and write
|
||
|
4800000
|
direct allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
CFB507E000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
17497050000
|
heap
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF7D9942000
|
unkown
|
page readonly
|
||
|
A7A147D000
|
stack
|
page read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
FD245FE000
|
unkown
|
page readonly
|
||
|
1ADD2DC0000
|
heap
|
page read and write
|
||
|
1B0A9AC5000
|
heap
|
page read and write
|
||
|
7FF79F772000
|
unkown
|
page readonly
|
||
|
7FF7DA013000
|
unkown
|
page read and write
|
||
|
CFB4D4D000
|
stack
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
28FA9135000
|
heap
|
page read and write
|
||
|
39DC57F000
|
stack
|
page read and write
|
||
|
C63B3FE000
|
unkown
|
page readonly
|
||
|
7FF7A016C000
|
unkown
|
page execute and read and write
|
||
|
AFED1FF000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF7D9945000
|
unkown
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
20D25525000
|
heap
|
page read and write
|
||
|
89A257F000
|
stack
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
21D0E075000
|
heap
|
page read and write
|
||
|
7FF7A038C000
|
unkown
|
page execute read
|
||
|
23945550000
|
heap
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
5C00000
|
direct allocation
|
page read and write
|
||
|
7FF7DA348000
|
unkown
|
page execute and read and write
|
||
|
7ED92FF000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
17497355000
|
heap
|
page read and write
|
||
|
239479D4000
|
unkown
|
page read and write
|
||
|
7FF7A0161000
|
unkown
|
page execute and read and write
|
||
|
17C53D50000
|
unkown
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
2166E4D0000
|
heap
|
page read and write
|
||
|
C63B0FD000
|
stack
|
page read and write
|
||
|
22395702000
|
heap
|
page read and write
|
||
|
1F40000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
2239563D000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
223955E0000
|
heap
|
page read and write
|
||
|
153C8C40000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
192A94D8000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
17C523D0000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1BA0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
202A4810000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2DD12FE000
|
stack
|
page read and write
|
||
|
7FF7DA00E000
|
unkown
|
page readonly
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
E08CB7D000
|
stack
|
page read and write
|
||
|
BFC17F000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
1B0A9950000
|
heap
|
page read and write
|
||
|
194D000
|
stack
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
153C8C98000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
F06EF7F000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
2166E4F0000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
7FF79FE46000
|
unkown
|
page execute and read and write
|
||
|
20D252C9000
|
heap
|
page read and write
|
||
|
880927F000
|
stack
|
page read and write
|
||
|
1BDB000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1B0A9760000
|
heap
|
page read and write
|
||
|
28FA9050000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
CFB517E000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
23AC5850000
|
heap
|
page read and write
|
||
|
AFED0ED000
|
stack
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
1E6052C000
|
stack
|
page read and write
|
||
|
1F00000
|
trusted library allocation
|
page read and write
|
||
|
1AC4D7F0000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
17C523D5000
|
heap
|
page read and write
|
||
|
6600000
|
direct allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
22395628000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
265EC750000
|
heap
|
page read and write
|
||
|
89A25FF000
|
stack
|
page read and write
|
||
|
177CF049000
|
heap
|
page read and write
|
||
|
23AC5870000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
2166E710000
|
unkown
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF79F772000
|
unkown
|
page readonly
|
||
|
1D00EFD0000
|
heap
|
page read and write
|
||
|
22395800000
|
heap
|
page read and write
|
||
|
2F37A750000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1189000
|
heap
|
page read and write
|
||
|
50DA4BD000
|
stack
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
177CF160000
|
heap
|
page read and write
|
||
|
2307DF75000
|
heap
|
page read and write
|
||
|
1ADD30A0000
|
heap
|
page read and write
|
||
|
24D29A90000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
7FF7DA340000
|
unkown
|
page execute and read and write
|
||
|
7FF79FE3E000
|
unkown
|
page readonly
|
||
|
69A587E000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1B0A9970000
|
heap
|
page read and write
|
||
|
1ECF7780000
|
heap
|
page read and write
|
||
|
2166E52C000
|
heap
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
5EC82FE000
|
stack
|
page read and write
|
||
|
AA2F37E000
|
stack
|
page read and write
|
||
|
110E000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
F06EEFF000
|
stack
|
page read and write
|
||
|
7FF7A018A000
|
unkown
|
page execute and read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
2F37A6B0000
|
heap
|
page read and write
|
||
|
202A4730000
|
heap
|
page read and write
|
||
|
2394559C000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
202A4818000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
111B000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
23945530000
|
heap
|
page read and write
|
||
|
1F00000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
28FA8E60000
|
heap
|
page read and write
|
||
|
17C53D45000
|
heap
|
page read and write
|
||
|
2239562B000
|
heap
|
page read and write
|
||
|
7FF79FE43000
|
unkown
|
page write copy
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF79F761000
|
unkown
|
page execute read
|
||
|
22395D70000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1D8F2110000
|
heap
|
page read and write
|
||
|
17496FD0000
|
heap
|
page read and write
|
||
|
265EC940000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
17C521B0000
|
heap
|
page read and write
|
||
|
23945590000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
7FF79FE43000
|
unkown
|
page read and write
|
||
|
239471B0000
|
direct allocation
|
page read and write
|
||
|
2307DE10000
|
heap
|
page read and write
|
||
|
177CF265000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1AC4D919000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
28FA9070000
|
heap
|
page read and write
|
||
|
2166EE40000
|
direct allocation
|
page read and write
|
||
|
D032A7E000
|
stack
|
page read and write
|
||
|
7FF7DA38D000
|
unkown
|
page execute and read and write
|
||
|
7A00000
|
direct allocation
|
page read and write
|
||
|
1AC4D910000
|
heap
|
page read and write
|
||
|
7FF7DA015000
|
unkown
|
page readonly
|
||
|
8808FBD000
|
stack
|
page read and write
|
||
|
24D297A0000
|
heap
|
page read and write
|
||
|
7FF7DA858000
|
unkown
|
page readonly
|
||
|
22395613000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1FBF000
|
stack
|
page read and write
|
||
|
239C607F000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
7FF7DA331000
|
unkown
|
page execute and read and write
|
||
|
7FF7DA011000
|
unkown
|
page readonly
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
17C539E0000
|
heap
|
page read and write
|
||
|
1186000
|
heap
|
page read and write
|
||
|
D73B16F000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
5F9451D000
|
stack
|
page read and write
|
||
|
118B000
|
heap
|
page read and write
|
||
|
7ED8EDD000
|
stack
|
page read and write
|
||
|
1F00000
|
direct allocation
|
page execute and read and write
|
||
|
1B0A9768000
|
heap
|
page read and write
|
||
|
AA2F47E000
|
stack
|
page read and write
|
||
|
2F37A6E0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2F37A747000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
37E3EC000
|
stack
|
page read and write
|
||
|
DCDF47E000
|
stack
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
7FF7DA55C000
|
unkown
|
page execute read
|
||
|
2DD0EDC000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1B0A9870000
|
heap
|
page read and write
|
||
|
1B4FE135000
|
heap
|
page read and write
|
||
|
1B4FDFF0000
|
heap
|
page read and write
|
||
|
2166E700000
|
unkown
|
page read and write
|
||
|
DCDF12C000
|
stack
|
page read and write
|
||
|
7FF7A0176000
|
unkown
|
page execute and read and write
|
||
|
7FF79FE45000
|
unkown
|
page readonly
|
||
|
2307DD00000
|
heap
|
page read and write
|
||
|
23AC58A0000
|
heap
|
page read and write
|
||
|
7FF7D9945000
|
unkown
|
page write copy
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
BFBD6D000
|
stack
|
page read and write
|
||
|
1AC4DA95000
|
heap
|
page read and write
|
||
|
89A24FD000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
C63B1FE000
|
unkown
|
page readonly
|
||
|
23945840000
|
unkown
|
page read and write
|
||
|
23AC58A9000
|
heap
|
page read and write
|
||
|
112D000
|
heap
|
page read and write
|
||
|
1D8F2560000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
265EC770000
|
heap
|
page read and write
|
||
|
7FF79FE45000
|
unkown
|
page readonly
|
||
|
5200000
|
direct allocation
|
page read and write
|
||
|
1D8F2210000
|
heap
|
page read and write
|
||
|
21D0E020000
|
heap
|
page read and write
|
||
|
DCDF57F000
|
stack
|
page read and write
|
||
|
17496FA0000
|
heap
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
7FF7DA55C000
|
unkown
|
page execute read
|
||
|
BFC07F000
|
stack
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
8400000
|
direct allocation
|
page read and write
|
||
|
153C8C10000
|
heap
|
page read and write
|
||
|
5F9487F000
|
stack
|
page read and write
|
||
|
21D0E030000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
14000A000
|
unkown
|
page readonly
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
223958E0000
|
heap
|
page read and write
|
||
|
1B4FE1D0000
|
heap
|
page read and write
|
||
|
5EC7FAF000
|
stack
|
page read and write
|
||
|
1ECF7785000
|
heap
|
page read and write
|
||
|
28FA8E80000
|
heap
|
page read and write
|
||
|
7FF79FE41000
|
unkown
|
page readonly
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
D03297E000
|
stack
|
page read and write
|
||
|
7FF7DA346000
|
unkown
|
page execute and read and write
|
||
|
7000000
|
direct allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
2609EEC000
|
stack
|
page read and write
|
||
|
17C521D0000
|
heap
|
page read and write
|
||
|
23AC5B45000
|
heap
|
page read and write
|
||
|
1B4FE1D8000
|
heap
|
page read and write
|
||
|
7FF7D9930000
|
unkown
|
page readonly
|
||
|
7FF7D9931000
|
unkown
|
page execute read
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF7A0107000
|
unkown
|
page execute and read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
20D25520000
|
heap
|
page read and write
|
||
|
A7A14FF000
|
stack
|
page read and write
|
||
|
37E67F000
|
stack
|
page read and write
|
||
|
1AC4D8F0000
|
heap
|
page read and write
|
||
|
1ADD2DF0000
|
heap
|
page read and write
|
||
|
2000000
|
direct allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page readonly
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
2A6E9C20000
|
heap
|
page read and write
|
||
|
1125000
|
heap
|
page read and write
|
||
|
2166E533000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
23945830000
|
unkown
|
page read and write
|
||
|
2A00000
|
direct allocation
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
239C5FE0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
260A2FF000
|
stack
|
page read and write
|
||
|
19CB000
|
stack
|
page read and write
|
||
|
1ADD2E37000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
50EC96D000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF7A0688000
|
unkown
|
page readonly
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
10FF000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
24D29730000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
BFC0FE000
|
unkown
|
page readonly
|
||
|
7FF7DA33C000
|
unkown
|
page execute and read and write
|
||
|
177CF040000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1ECF76D0000
|
heap
|
page read and write
|
||
|
C63AFFE000
|
unkown
|
page readonly
|
||
|
50ECDFE000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
3238BBD000
|
stack
|
page read and write
|
||
|
22395E02000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1B4FE0D0000
|
heap
|
page read and write
|
||
|
1BEB000
|
heap
|
page read and write
|
||
|
7FF7D9942000
|
unkown
|
page readonly
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
153C8F20000
|
heap
|
page read and write
|
||
|
239C6255000
|
heap
|
page read and write
|
||
|
2A6E9D20000
|
heap
|
page read and write
|
||
|
22395600000
|
heap
|
page read and write
|
||
|
20D25250000
|
heap
|
page read and write
|
||
|
202A4710000
|
heap
|
page read and write
|
||
|
265ECAF0000
|
heap
|
page read and write
|
||
|
17497058000
|
heap
|
page read and write
|
||
|
21D0E050000
|
heap
|
page read and write
|
||
|
69A567D000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
239C6078000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
7FF79F760000
|
unkown
|
page readonly
|
||
|
2307DE18000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
202A4630000
|
heap
|
page read and write
|
||
|
2519FD70000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
7FF7D9930000
|
unkown
|
page readonly
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
23AC5B40000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
2166E53E000
|
heap
|
page read and write
|
||
|
2A6E9FE0000
|
heap
|
page read and write
|
||
|
2A6E9D80000
|
heap
|
page read and write
|
||
|
1FE1000
|
direct allocation
|
page execute and read and write
|
||
|
1FD0000
|
direct allocation
|
page execute and read and write
|
||
|
1ADE000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
17C523A0000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
1BE3000
|
heap
|
page read and write
|
||
|
50ECEFF000
|
stack
|
page read and write
|
||
|
2A6E9FE5000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
17C539A0000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1FC0000
|
direct allocation
|
page execute and read and write
|
||
|
1FF1000
|
direct allocation
|
page execute and read and write
|
||
|
3400000
|
direct allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF79F775000
|
unkown
|
page write copy
|
||
|
2166E710000
|
unkown
|
page read and write
|
||
|
2166E760000
|
heap
|
page read and write
|
||
|
AA2F27D000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF7A0168000
|
unkown
|
page execute and read and write
|
||
|
7FF7DA386000
|
unkown
|
page execute and read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2166E520000
|
heap
|
page read and write
|
||
|
7FF7DA858000
|
unkown
|
page readonly
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
23945850000
|
heap
|
page read and write
|
||
|
1D00EFA0000
|
heap
|
page read and write
|
||
|
2F37AAF0000
|
heap
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
192A9435000
|
heap
|
page read and write
|
||
|
7FF7A038C000
|
unkown
|
page execute read
|
||
|
1ADD2E30000
|
heap
|
page read and write
|
||
|
1ECF75B0000
|
heap
|
page read and write
|
||
|
1BBB000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
21D0E070000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
23AC5840000
|
heap
|
page read and write
|
||
|
1B60000
|
heap
|
page read and write
|
||
|
BE3EFE000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
20D25270000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
20D252C0000
|
heap
|
page read and write
|
||
|
7FF7A0170000
|
unkown
|
page execute and read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
88092FF000
|
stack
|
page read and write
|
||
|
7FF79F761000
|
unkown
|
page execute read
|
||
|
2166F280000
|
unkown
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
23945855000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
1ECF75B8000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
177CF260000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
7FF7A01BD000
|
unkown
|
page execute and read and write
|
||
|
1B0A9AC0000
|
heap
|
page read and write
|
||
|
2A6E9D88000
|
heap
|
page read and write
|
||
|
153C8C20000
|
heap
|
page read and write
|
||
|
1BD3000
|
heap
|
page read and write
|
||
|
202A4740000
|
heap
|
page read and write
|
||
|
2239563F000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
3238FFE000
|
stack
|
page read and write
|
||
|
7FF7DA356000
|
unkown
|
page execute and read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
17497350000
|
heap
|
page read and write
|
||
|
1D8F2298000
|
heap
|
page read and write
|
||
|
2519FD65000
|
heap
|
page read and write
|
||
|
19D0000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
C63AB2B000
|
stack
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
AFED0FD000
|
stack
|
page read and write
|
||
|
7ED8FDF000
|
stack
|
page read and write
|
||
|
1D00EEC0000
|
heap
|
page read and write
|
||
|
50DA5BF000
|
stack
|
page read and write
|
||
|
D73B1EF000
|
stack
|
page read and write
|
||
|
177CF140000
|
heap
|
page read and write
|
||
|
7FF79FE3E000
|
unkown
|
page readonly
|
||
|
1A5E000
|
stack
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
FD2457F000
|
stack
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
C63AEFD000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF7A0186000
|
unkown
|
page execute and read and write
|
||
|
7FF7A0178000
|
unkown
|
page execute and read and write
|
||
|
140000000
|
unkown
|
page read and write
|
||
|
192A9350000
|
heap
|
page read and write
|
||
|
3E00000
|
direct allocation
|
page read and write
|
||
|
2519FC49000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FF7D9931000
|
unkown
|
page execute read
|
||
|
1B4FE0F0000
|
heap
|
page read and write
|
||
|
1181000
|
heap
|
page read and write
|
||
|
7FF7DA011000
|
unkown
|
page readonly
|
||
|
177CEF60000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
39DC4FF000
|
stack
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1ADD30A5000
|
heap
|
page read and write
|
||
|
2166E700000
|
unkown
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1D00F0D0000
|
heap
|
page read and write
|
||
|
111C000
|
heap
|
page read and write
|
||
|
20D25170000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
FD2447D000
|
stack
|
page read and write
|
||
|
1AC4D8D0000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
22395602000
|
heap
|
page read and write
|
||
|
C63B2FE000
|
stack
|
page read and write
|
||
|
24D29750000
|
heap
|
page read and write
|
||
|
50DA53F000
|
stack
|
page read and write
|
||
|
1B5E000
|
stack
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
24D297A7000
|
heap
|
page read and write
|
||
|
2307DDE0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2F37A6C0000
|
heap
|
page read and write
|
||
|
2F37A740000
|
heap
|
page read and write
|
||
|
118B000
|
heap
|
page read and write
|
||
|
265ECAF5000
|
heap
|
page read and write
|
||
|
23945599000
|
heap
|
page read and write
|
||
|
7FF7DA013000
|
unkown
|
page write copy
|
||
|
2166E3F0000
|
heap
|
page read and write
|
||
|
192A9440000
|
heap
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
21D0E0D0000
|
heap
|
page read and write
|
||
|
17496FB0000
|
heap
|
page read and write
|
||
|
192A94D0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2519FB60000
|
heap
|
page read and write
|
||
|
112D000
|
heap
|
page read and write
|
||
|
D03287C000
|
stack
|
page read and write
|
||
|
239C6250000
|
heap
|
page read and write
|
||
|
5EC827E000
|
stack
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
118B000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
23945580000
|
direct allocation
|
page read and write
|
||
|
1D8F2290000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
BE3ABD000
|
stack
|
page read and write
|
||
|
7FF7DA35A000
|
unkown
|
page execute and read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
239C5FC0000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
1030000
|
direct allocation
|
page execute read
|
||
|
192A9430000
|
heap
|
page read and write
|
||
|
239C5EE0000
|
heap
|
page read and write
|
||
|
19D5000
|
heap
|
page read and write
|
||
|
3238EFE000
|
stack
|
page read and write
|
||
|
17C53D40000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
2609FEE000
|
stack
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF7A01B6000
|
unkown
|
page execute and read and write
|
||
|
50EC95D000
|
stack
|
page read and write
|
||
|
7FF7A0688000
|
unkown
|
page readonly
|
||
|
7FF79F760000
|
unkown
|
page readonly
|
||
|
28FA9130000
|
heap
|
page read and write
|
||
|
D73B0ED000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1ECF76B0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
5EC7F2D000
|
stack
|
page read and write
|
||
|
1ADD2DD0000
|
heap
|
page read and write
|
||
|
2519FD40000
|
heap
|
page read and write
|
||
|
1D8F3C20000
|
heap
|
page read and write
|
||
|
21D0E0D8000
|
heap
|
page read and write
|
||
|
7FF79F775000
|
unkown
|
page read and write
|
||
|
23945820000
|
direct allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
7FF7DA00E000
|
unkown
|
page readonly
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
AA2F4FE000
|
unkown
|
page readonly
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
2DD127E000
|
unkown
|
page readonly
|
||
|
24D29720000
|
heap
|
page read and write
|
||
|
239C6070000
|
heap
|
page read and write
|
||
|
1AC4DA90000
|
heap
|
page read and write
|
||
|
2166E71B000
|
unkown
|
page read and write
|
||
|
1189000
|
heap
|
page read and write
|
||
|
AFED2FF000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
2A6E9D00000
|
heap
|
page read and write
|
||
|
153C8C90000
|
heap
|
page read and write
|
||
|
265EC778000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
111B000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
7FF7DA015000
|
unkown
|
page readonly
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
50ECCFF000
|
stack
|
page read and write
|
||
|
1D8F21F0000
|
heap
|
page read and write
|
||
|
A7A157F000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
28FA8E88000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
17C521D8000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
AFED3FF000
|
stack
|
page read and write
|
||
|
1D00EFD7000
|
heap
|
page read and write
|
||
|
140009000
|
unkown
|
page read and write
|
||
|
1D8F2565000
|
heap
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
FD2467F000
|
stack
|
page read and write
|
||
|
1D00F2C0000
|
heap
|
page read and write
|
||
|
1189000
|
heap
|
page read and write
|
||
|
62456CD000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
1F40000
|
trusted library allocation
|
page read and write
|
||
|
5F9497F000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
2166E710000
|
unkown
|
page read and write
|
||
|
1D00F2C5000
|
heap
|
page read and write
|
||
|
12080000
|
trusted library allocation
|
page read and write
|
||
|
192A9460000
|
heap
|
page read and write
|
||
|
1BCB000
|
heap
|
page read and write
|
||
|
39DC47D000
|
stack
|
page read and write
|
||
|
69A577E000
|
stack
|
page read and write
|
||
|
DBB000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
23945450000
|
heap
|
page read and write
|
||
|
202A4735000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2166E6F0000
|
direct allocation
|
page read and write
|
||
|
2F37AAF5000
|
heap
|
page read and write
|
||
|
239471B0000
|
unkown
|
page read and write
|
||
|
1BC3000
|
heap
|
page read and write
|
There are 678 hidden memdumps, click here to show them.